Always Providing You With Ongoing Information

Posts tagged ‘Privacy’

Elimination Of Internet Privacy Rules

Snapshotlilac3_002

The United States Senate is planning to start the process Today to eliminate rules that would prevent broadband internet providers from collecting sensitive data from subscribers. A vote is expected to take place on Thursday.

The expected vote was confirmed to International Business Times by a spokesperson for Florida Democratic Senator Bill Nelson, who will speak in opposition of the measure on Wednesday, and open internet advocacy group Public Knowledge.

FCC’s Privacy Rules

Stingray Cell Trackers & Warrants

dress2_001

 

Cute Toys Are Being Pulled From The Shelves

 

Norwegian consumer council Forbrukerrådet, says some high-tech toys created by U.S.-based manufacturer Genesis Toys are hazardous to children’s privacy and warranted a complaint to the Federal Trade Commission and the European Union.

The toys in question are My Friend Cayla and i-Que, they both have— a smartphone app that allows kids to talk to their toy and have it respond to what they say. Even though it appears that all communication stays between the app and the product, it actually gets sent to a remote server in the United States, without asking for the user’s permission first.

Parents setting up the product aren’t informed that their kids’ voices are sent to a server called Nuance, which is then free to use the recordings. According to Nuance’s Terms of Service, the data can be used for advertising and marketing and shared to third parties.

New Firefox Exploit Can Expose Tor Users

coco3_001

The exploit was delivered through a Tor mailing list that when opened could unveil the MAC address and possibly even the IP address of a user running Tor Browser on Firefox. Researcher Joshua Yabut said it is “100 percent effective for remote code execution on Windows systems, versions 41 to 50 of Firefox are reportedly affected.”

A representative of Mozilla said officials are aware of the vulnerability and are working on a fix. While the vulnerability was already being actively exploited, the publication of the complete source code now puts it in the hands of a much wider base of people. Until a patch is available, Firefox users should use an alternate browser whenever possible, or disable JavaScript on as many sites as possible. People should avoid relying on Tor in cases where deanonymizing attacks could pose a significant threat. Tor users can also disable JavaScript, but turning it off goes against the official Tor recommendations.

Facial Recognition & Police

A new study published Tuesday by researchers at Georgetown University’s Center on Privacy and Technology.

The study reveals:

  • Around 117 million American adults are already in a facial recognition network.
  • The FBI runs searches of face recognition databases more often than wiretaps.
  • About 25 percent of police departments across the country have access to facial recognition networks. Those networks are often cross-referenced with databases of ID photos such as driver’s licenses.

According to the report. law enforcement can do almost whatever they want with this technology, including scanning the photos of people who have never committed a crime. No state legislature “has passed a law comprehensively regulating police face recognition,”

Riffle- More Secure Anonymity Than TOR

Snapshotpurple_001

A team of researchers led by MIT grad student Albert Kwon (with help from EPFL) aims to leapfrog Tor’s anonymizing technique with a brand new platform called Riffle.

Tor — has prompted computer scientists to try to come up with more secure anonymity schemes. At the Privacy Enhancing Technologies Symposium in July, researchers at MIT’s Computer Science and Artificial Intelligence Laboratory and the École Polytechnique Fédérale de Lausanne will present a new anonymity scheme that provides strong security guarantees but uses bandwidth much more efficiently than its predecessors.

The system is devised by Albert Kwon and his coauthors — his advisor, Srini Devadas, the Edwin Sibley Webster Professor of Electrical Engineering and Computer Science at MIT; David Lazar, also a graduate student in electrical engineering and computer science; and Bryan Ford SM ’02 PhD ’08, an associate professor of computer and communication sciences at the École Polytechnique Fédérale de Lausanne — employs several existing cryptographic techniques but combines them in a novel manner.

The system is a series of servers called a mixnet. Each server permutes the order in which it receives messages before passing them on to the next. If, for instance, messages from senders Alice, Bob, and Carol reach the first server in the order A, B, C, that server would send them to the second server in a different order — say, C, B, A. The second server would permute them before sending them to the third, and so on. An adversary that had tracked the messages’ points of origin would have no idea which was which by the time they exited the last server. It’s this reshuffling of the messages that gives the new system its name: Riffle. Riffle also uses a technique known as onion encryption; “Tor,” for instance, is an acronym for “the onion router.” With onion encryption, the sending computer wraps each message in several layers of encryption, using a public-key encryption system like those that safeguard most financial transactions online. Each server in the mixnet removes only one layer of encryption, so that only the last server knows a message’s ultimate destination.

To thwart message tampering, Riffle uses a technique called a verifiable shuffle. Because of the onion encryption, the messages that each server forwards look nothing like the ones it receives; it has peeled off a layer of encryption. But the encryption can be done in such a way that the server can generate a mathematical proof that the messages it sends are valid manipulations of the ones it receives. Mixnets has been around for awhile, but unfortunately it’s always relied on public-key cryptography and on public-key techniques, and has been expensive. Whats different about this research is that it reveals how to  use more efficient symmetric-key techniques to accomplish the same thing. They do one expensive shuffle using known protocols, but then they bootstrap off of that to enable many subsequent shufflings.

 

There’s no plan to commercialize Riffle, either, nor will it be a replacement for Tor, even though it does some things vastly better.

Tag Cloud

%d bloggers like this: