Saturday, February 16, 2013

Government/Political Parties Keeping Tabs on What Moves You

The Obama campaign greatly amplified the collection of digital information on voters, resulting in an enormous database of highly specific behavioral and motivational factors for all U.S. citizens.

Slashdot: Pols Blur Line Between Data Mining, Cyberstalking

Mother Jones: Inside the Obama Campaign's Hard Drive

Technology Review: How President Obama’s campaign used big data to rally individual voters

"Analysts identified their attributes and made them the core of a persuasion model that predicted, on a scale of 0 to 10..."

 "...as campaigns developed deep portraits of the voters in their databases, it became possible to measure the attributes of the people who were actually moved by an experiment’s impact..."

 Although the database was used during the campaign to elect Obama, the party has subsequently decided to keep it alive and growing in preparation for future uses (Sun Sentinel: Dems plan to tap voter database).

"...what you buy, what you read, where you browse and maybe even what kind of political message might prompt you..."
Posted by at No comments:

Favorite Sources

We can't keep up with everything. When you need a fix of security, privacy, and surveillance news, and we're behind or having published recently, here are a few worthy sources:

Slashdot, especially look at articles tagged yro or securityNetwork World is a good source of real IT security news, but for the more outlandish stuff, you should check Ms. Smith, the Privacy Fanatic. Some of the best and scariest news about exploits and malware come from KrebsOnSecurityBruce Schneier's site has blog entries about security and privacy on a wide variety of topics, and extensive reader commentary. TechNewsWorld  ArsTechnica  CNET's Politics and Law and Technically Incorrect section are good. (Technically Incorrect wins our praise and admiration for best apropos name for online news or commentary.)
Posted by at No comments:

Monday, February 11, 2013

Various Privacy, ID Theft, Hacks, and Other Stories

Ars Technica has a lot of stuff worth pointing out, so I will.

A hacker, now the subject of a criminal investigation, hacked AOL and/or Yahoo email accounts to expose a lot of what amounts to "aww shucks" stuff, potentially generating a lot of sympathy for the Bush family.
Bush family privacy shattered after e-mails, photos exposed online

I'd never heard of this type of cat before: Porn troll. Porn troll? I presume someone who hounds downloaders of porn for payment for violating copyright laws. The porn trolls sound like they are missing a few screws, because they keep breaking laws and violating decorum of the court in pursuit of their cases.
Judge hints at jail time for porn troll Prenda Law over identity theft
Man charges porn trolling firm Prenda Law with identity theft
Porn trolling case thrown out for "attempted fraud on the court"

The story of Aaron Swartz' attempt at liberating public court system documents from the PACER system is described here. A copy of his FBI file resulting from his actions is posted on his personal web site here.

On the more practical side, if you are concerned about malevolent criminals and hackers stealing your accounts and compromising your computer, and you need to know more about how to protect yourself read Keep it secret, keep it safe: A beginner's guide to Web safety.

Bank executives in the Midwest need to change their passwords.
Data siphoned in Fed reserve hack a “bonanza” for spear phishers

A disgraced scientist had hired a reputation management company to boost his standing in search engines, and minimize the number of articles appearing that described his retracted scientific papers. So someone then made DMCA copyright takedown complaints on the original articles after stealing the text and posting it on their own web site.
Site plagiarizes blog posts, then files DMCA takedown on originals

Posted by at No comments:

Revenge Porn Purveyor Doesn't See it Coming

Ars Technica reports on a web site operator who makes his money by extorting money from the women posted on his web site. Officially, there is no connection between Craig Brittain, proprietor of IsAnybodyDown, and the "takedown lawyer" who received $250 from each woman who wants her information removed from the site, but one expert says that emails from the supposed lawyer appear to be from Brittain's computer.

What Brittain doesn't see coming are the copyright lawsuits, and possibly invasion of privacy torts, and portrayal in a false light torts. Since some of the women depicted were their own photographers, they own the copyright to the films on the web site. Willful infringement penalties will quickly add up to the hundreds of thousands of dollars.

Another danger that Brittain faces is that some of the women may have been under age.

His rationale:  "When asked whether he thought what he was doing was "really sleazy," Brittain offered this: “We live in a really sleazy society.”"
Posted by at No comments:

China Hacks the United States

Red alert:

China hacked the New York Times.

China hacked the Wall Street Journal.

China hacked the Washington Post.

China hacked U.S. universities.

China hacked Twitter.

China hacked individual accounts of U.S. citizens and in order to extort money.

China is hacking all of the United States, including you.

In the past, China denied that it was doing any hacking at all. Recently its objections have become much lamer, and they have said something like "Well the U.S. is probably doing it too. So there!" The usual paranoid propaganda has been published in retaliation:  "Recently foreign media have been hyping up "cyber attack from China" and the talk of a "Chinese hacking threat" is in the air." As though the U.S. media were controlled by a single organization, or were making it up, or were all moving together, like a herd of like-minded animals. It just drips with disrespect for the individual.

China is a leader in corruption measures.

China is a leader in global warming contributions.

If this persists, Facebook and China will be racing neck and neck to be the first organization to gather all of the world's information, information that I own. Hurry up, guys. It will be so much cheaper if you do all the work for me, and I can't wait forever.

Posted by at No comments:

Facebook Control and Envy, Predicting the Future, etc.


I have a lot of links to pass on to you. The stack of pending items is so big that if I try to try an article on each topic I'll never get through it all. Instead, I'm going to try to clear the backlog by introducing each link briefly and then moving on.

"On Facebook, People Own and Control Their Information"
This blog posting by Zuckerberg isn't really new. I bumped into it while looking at something else more recent. Upon seeing the title, it struck me just how disingenuous it was. Then, deep in the article, Zuckerberg contradicts himself. Sorry buddy, you can't say that "people own and control their information" when in reality "There is no system today that enables me to share my email address with you and then simultaneously lets me control who you share it with and also lets you control what services you share it with." Both of those sentences are in the same article written by Zuckerberg. You can see what he wants, which is credit for trying to help keep control of your information, but he knows that reality is different. How deceptive.
http://blog.facebook.com/blog.php?post=54434097130

"Is Facebook envy making you miserable?"
German researchers have found that Facebook users are miserable. The problem? Everyone is envious of others' vacation pictures. Women are envious of friends' physical attractiveness. Men are envious of others' accomplishments and status.
http://www.reuters.com/article/2013/01/22/us-facebook-envy-idUSBRE90L0N220130122?feedType=RSS&feedName=lifestyleMolt

“Witnessing friends' vacations, love lives and work successes on Facebook can cause envy and trigger feelings of misery and loneliness…” “…unprecedented platform for social comparison.” Researchers from Humboldt University and from Darmstadt's Technical University found vacation photos were the biggest cause of resentment with more than half of envy incidents triggered by holiday snaps on Facebook.”

“It’s now possible to predict the future." 
"Not surprisingly, no one in the intelligence business is eager to talk about this.” With ubiquitous sensors, huge databases, and data mining algorithms, intelligence agencies either have or will soon have the ability to predict what each of us will do next. (If they do, can't they at least email us a to-do list each day? I'd hate not living up to the predictions others make of me.)
http://www.strategypage.com/htmw/htintel/articles/20130122.aspx

"Student Expelled from Dawson College in Montreal for Finding Sloppy Coding"
In the no-good-deed-goes-unpunished department, a Dawson College student discovered a security flaw, reported it fully, then when he went later to test that the exploit had been fixed, was accused of hacking. The professors at the school fully supported expulsion, despite the student's critical role in finding the flaw. Was Dawson attempting a cover-up? Slashdot suggests that the Dawson faculty are stuck in the past, pre-Internet.
http://news.slashdot.org/story/13/01/21/1244225/student-expelled-from-montreal-college-for-finding-sloppy-coding

http://news.nationalpost.com/2013/01/20/youth-expelled-from-montreal-college-after-finding-sloppy-coding-that-compromised-security-of-250000-students-personal-data/

http://news.slashdot.org/story/13/01/23/2347231/cto-says-al-khabaz-expulsion-shows-cs-departments-stuck-in-pre-internet-era

Dawson College defends its actions:
http://o.canada.com/2013/01/22/dawson-defends-students-expulsion/
"We have to abide by this legal requirement not to divulge any personal information of any student..."

"Researchers Achieve Storage Density of 2.2 Petabytes Per Gram of DNA"
Suppose you wanted to leave a message for future generations? Instead of printing hardcopy and storing it on acid-free paper, or chiseling it out on a piece of stone, could the perfect storage place be inside your DNA? I'm sure the science fiction story has already been written (please leave a comment if you know of such a story) about leaving messages for future generations in DNA itself.
http://hardware.slashdot.org/story/13/01/23/1927221/researchers-achieve-storage-density-of-22-petabytes-per-gram-of-dna

Uncle Sam wants you
to be a white hat hacker! In this bizarre development, it seems that the U.S. Government wants to encourage community hacking groups to sprout up all over America. Apple pie, baseball, and nmap. They go together likes peas and carrots. Bake sales and Metasploit, down on the corner at church!
http://yro.slashdot.org/story/13/01/23/1823208/us-government-announces-national-day-of-civic-hacking

"Google Report Shows Governments Want More Private Data"
Google continues to report on requests by governments to disclose private information and remove search results. As you would expect, the number of requests is rising.
http://tech.slashdot.org/story/13/01/23/1712213/google-report-shows-governments-want-more-private-data
Posted by at No comments:

Wednesday, February 6, 2013

Employers Give Away Employee Salary Information, Secretly

Equifax (EFX-NYSE) collects your detailed salary and paycheck data, period by period, from employers and sell it to financial companies and debt collectors. NBC broke this story first:
http://redtape.nbcnews.com/_news/2013/01/30/16762661-exclusive-your-employer-may-share-your-salary-and-equifax-might-sell-that-data

One practical use to make of this news is that when you apply for a loan, you may want to consider just telling the lender that your current salary is "exactly what The Working Number tells you." If the lender asks you separately for this information, they could be attempting to administer a kind of truth-telling test. If there is a discrepancy, they may conclude that you are lying and therefore less trustworthy. Since you may not know exactly what your income is anyway (net? gross? monthly? biweekly? it is easy to get a wrong number), you reduce your risk of being falsely accused by refusing to estimate or report a number. Or you might report all of your income, which won't match their number, which doesn't include dividends and interest.

A few choice quotes from NBC's article: "Equifax brags that The Work Number makes debt collectors' jobs easier." "...there are no special restrictions on how employment reports (such as salary information) is used for non-employment purposes..." "Its database is so detailed that it contains week-by-week paystub information dating back years for many individuals, as well as other kinds of human resources-related information, such as health care provider, whether someone has dental insurance and if they’ve ever filed an unemployment claim."

Not every employer sends in their information. As of 2009, the Equifax database covered only 30 percent of the U.S. working population. So if you do use the aforementioned trick, be sure first that your salary data is indeed in the Equifax database.
Posted by at No comments:
Subscribe to: Posts (Atom)