« June 2008 | Main | August 2008 »
July 30, 2008
Privacy for Thee, But Not for Me
Sam Brownback is deeply unsettled by China’s Internet monitoring:
“Brownback, who staged an unsuccessful campaign for president this year, released documents that he said were notices to the hotels on Internet security. The authenticity of the documents could not be checked and portions were redacted.
“One document said: ‘In order to ensure the smooth opening of Olympics in Beijing and the Expo in Shanghai in 2010, safeguard the security of Internet network and the information thereon in the hotels … it is required that your company install and run the Security Management System.’
“Brownback said the hotels ‘have invested millions of dollars in their Chinese properties’ and ‘could face severe retaliation from the Chinese government’ if they refused to comply.
“The senator called on China to reverse its policy, but said the hotels are advising guests that ‘your communications and Web site activity are not private’ and that e-mails and Web sites being visited are accessible to local law enforcement.”
(MSNBC/Reuters: “Senator: China will spy on Olympics tourists”)
Yes, that Sam Brownback.
Posted by mhall at 11:34 AM | Add Comment
July 28, 2008
Secrecy About the Next iPod? Fine. A Major Vulnerability? No. - heise Security UK
No patch from Apple for that DNS vulnerability just yet:
“On July 8, Microsoft, Cisco, ISC, Red Hat, Ubuntu and many other vendors, for the first time, released simultaneous updates to make it more difficult to exploit the DNS hole and urged users to install the updates immediately. At the time, the vulnerability details were still being kept under cover to allow users and especially server operators, enough time to install and test the patches.
“Now, however, the cat is out of the bag; the nature of the vulnerability has been revealed and the first tools already demonstrate how little effort is required to compromise the name translation of a DNS server and redirect web pages. First exploits have already appeared.
“We have no explanation why Apple hasn’t yet released any relevant security alerts and updates. After all, OS X servers use BIND, which is one of the most popular DNS server implementations and BIND is also affected by this problem. However, early on, the BIND developers themselves did release an update which is said to be portable to the UNIX-like OS X without much effort. According to Mogull, as with the other operating systems, in principle the client implementations of the DNS are also vulnerable. There should be no need to panic just yet because attacks are currently focusing on servers.”
The article suggests that Apple is “perhaps distracted” by recent product launches.
I suppose if Apple were a small team of developers hanging out in its rented offices I could accept the idea that it is “distracted” by other parts of the business. It’s not, though, and there’s not much excuse for failing to at least issue an advisory and a timeframe for a patch. That’s not exactly Apple’s way, though.
When it comes to things like “What color will the new iPods be?” or “Is Apple secretly working on a white Newton that folds out to a 24” all-in-one Mac?” I find Apple’s secrecy almost charming. The company’s habit of uncommunicativeness doesn’t have any place in security matters.
(Link)
Posted by mhall at 12:20 PM | Add Comment
July 25, 2008
A User Study of Off-the-Record Messaging
Interesting summary of a user study on Off-the-Record (OTR) messaging security:
“By default OTR initiates encryption automatically, so nobody had problems getting the crypto going. Participants did, however, have trouble authenticating one another. The most common first attempt was to press the OTR button, but this does not actually authenticate a session (it actually rekeys the session). The next step was commonly to click the injected ‘authenticate’ link provided in the IM window, which brings the user to a help page. Unfortunately, this did not actually help any participants because it did not say to ‘right-click’. Many users just looked at the images on the help page, which unfortunately lead to authentication errors because there is an image of ‘how not to authenticate’ pictured before one describing how to do it properly.
“Two participants tried to perform the ‘old style’ authentication, which lead to much confusion as one buddy had thought they were verified while the other was not because the fingerprint verification method is one-way and must be performed on each side of the connection.”
I like reading things like this because they help me understand what I take for granted when I’m explaining things to people struggling with some technical issue. I’ve internalized Phil Agre’s dictum “if it’s not obvious to them, it’s not obvious,” but it isn’t always easy to discern how non-obvious something is, especially in a lopsided “help somebody fix a problem” conversation.
I’m particularly interested in this one because OTR is a promising form of IM security that doesn’t seem to have gotten its due yet. Or maybe it is getting its due if it’s as opaque to “normal users” as this study would indicate, in which case its implementations need to be fixed so it can earn more attention.
I was also mildly amused by the bit about how “there is an image of ‘how not to authenticate’ pictured before one describing how to do it properly.”
Of course there is. Geeks of any sort exist in the grip of two conflicting urges: To share what they know about their passions with everybody else; and to dread what will happen when Everybody Else gets its hands on the object of the geek’s passion.
Maybe the person who prepared the documentation has never had a four-year-old around. My son has taught me to never begin a sentence with what I don’t want him to do.
(Link) (There’s a link to the full study at the top of that page.)
Posted by mhall at 6:40 PM | Add Comment
DNS Exploit "Weaponized," Major ISPs Still Flapping
“Nearly two weeks ago security researcher Dan Kaminsky, in coordination with US-CERT, announced a critical vulnerability in DNS (define) that could cripple parts of the Internet. At the time of disclosure, Kaminsky refused to provide full details of the vulnerability in hopes that users of DNS would have 30 days to patch their servers. As it turns out, they only got 13 days.
“Kaminsky admitted today on a Black Hat webcast that there is now a valid attack in the wild that exploits the DNS vulnerability. The attack is now available as a module for the point and click Metasploit framework making exploitation simple for script kiddies to try and execute.
“With the attack in the wild, millions of recursive DNS servers that have not yet been patched for the flaw could be at risk from the cache poisoning attack.
“‘It doesn’t matter who leaked the exploit, we have an actual extant threat to the network and it’s a big deal,’ Kaminsky said. ‘I don’t care who said what when. Now it doesn’t matter, what matters is people need to patch. We’re in a lot of trouble. This attack is being weaponized out in the field.’”
(Link)
“According to an informal survey of Register readers, 15 ISPs failed the ‘Check my DNS’ test (see button to the right) on the website of researcher Dan Kaminsky, who discovered the bug. Now that attack code exploiting the vulnerability has been leaked into the wild, millions of subscribers are at risk of being silently redirected to impostor sites that try to install malware or steal sensitive information. Comcast and Plusnet were the only two ISPs we found that weren’t vulnerable.
“The lack of action comes after Kaminsky, domain name resolution guru Paul Vixie and others have repeatedly warned that the vulnerability has the potential to wreak havoc on the net. Their advisories became more urgent following the leaking of the vulnerability details, which Kaminsky intended to keep private until next month’s Black Hat conference in Las Vegas.
“‘It’s obviously not a high enough priority in the minds of large companies yet,’ said Tom Parker, manager of security consulting at Mu Dynamics, a seller of security products. ‘It is concerning that there are lots of people out there that haven’t done anything about it yet.’”
(Link)
Kaminsky and the Register both plug OpenDNS, which is perfectly easy to set up for the average home user. If you visit Kaminsky’s site and his vulnerability tester says you’re using a vulnerable DNS server, OpenDNS is a safe haven until your ISP gets its act together.
Posted by mhall at 12:07 AM | Add Comment
July 23, 2008
Zero-Knowledge Password Management
Ed showed me Clipperz a few weeks ago. It’s a Web password management app that purports to allow you to store all your passwords up in the cloud, with encryption done on the client end (in your browser), so even if your clipperz.com account is compromised, your passwords are secure:
“A web-based password manager seems insanely insecure, but not so if you implement it as a zero-knowledge web app. It’s basically like keeping a local HTML with all your passwords and javascript which allows you to click on those passwords and have it launch the appropriate page and log in to the service in question (Google, Facebook, whatever) — except that instead of keeping it locally you’re keeping an encrypted version of it on clipperz.com’s servers.
“As far as usage goes, it’s pretty simple, but unusual. In a normal web app, you log in once, after which you are recognized by cookies until some timeout period. That’s because you’re logging in to an app running on the server, and cookies help maintain the illusion of a persistent connection. In clipperz, the app is running in your browser. So if you close the page and come back to it, you have to log in again. But you can leave that page open forever and it never times out, because there’s a real connection between you and the app (an open browser window) so there’s no need for the whole cookie deal.
“Adding logins to the app is an unusual process but easy once you get used to it. When you’re on the login page to the service in question (myspace, yahoo, whatever) with your username and password typed in the blanks, you can click on a bookmarklet you’ve previously saved from clipperz, and it will extract a chunk of JSON data from the page you’re on, representing the login form, your username, and password. You cut and paste that into your running clipperz session in another tab or window, and it takes that JSON chunk and adds that to its data store, and now you have a clickable link on your clipperz page which will log you in to that service.”
I want to give it a try, if only because it sounds interesting. My password manager of choice is 1Password, which continues to get better. Once it has a site memorized, signing in is just a cmd-\ away. It provides a little extra control where keychain management is concerned, too, so it can require a password after a set period of inactivity. Oh … I guess I wrote it up for PracNet. I wondered why this paragraph sounded familiar.
Ed attracted a little attention from a Clipperz rival, too. You’ll see that in the comments.
Posted by mhall at 5:32 PM | Add Comment
July 22, 2008
For Teacher, All's Not Well Because It Hasn't Ended
Remember that substitute teacher who had the misfortune of using a malware-infected PC in front of her students? The one who was charged with exposing kids to porn? And how the conviction was thrown out and we all said “woot!” because her nightmare was over?
“Unbelievably, more than 13 months after [Judge Hillary B.] Strackbein set aside Amero’s conviction on charges that she allowed seventh-graders to view pornography in her classroom, the state is apparently still planning to bring Amero back to trial.
“Which means that as long as Amero is on the trial list, she must live with this hanging over her head.
“Why? Perhaps overworked state prosecutors are too busy to file the paperwork to abandon the case. It’s more likely that this is all an elaborate face-saving maneuver that must slowly unwind so that nobody will ever look bad.
“There is no indication that state investigators are taking another look at the now discredited work done by the Norwich Police Department, which concluded that Amero was responsible for the storm of porn pop-up messages that took over her classroom computer on Oct. 19, 2004.”
This is a column, not a news report, so the bias is evident. But some facts remain, and they’re not very nice.
As a non-lawyer, I can understand keeping the option to reopen a case if it involves a murder or something where someone was done lasting harm. In this case, it seems like Ms. Amero has suffered far worse than any of the students who were exposed to a fleeting glimpse of pornography on a computer.
On the other hand, if you go read the comments on that column, you’ll see a few founts of human compassion:
“Yeah, it’d have been real diffuclt for Amero to have thrown a sweater or something over the offensive screen rather than having kids see it.”
I’d propose that any harm one could mitigate by throwing a sweater over it shouldn’t be used as the foundation of four years of legal harassment.
(Link)
Posted by mhall at 6:48 PM | Add Comment
July 18, 2008
NebuAd: Like Galileo, Only More Put Upon
I think I have a new favorite CEO:
“NebuAd CEO Bob Dykes took another shellacking on Capitol Hill this morning, as lawmakers probed into his company’s controversial plan to target ads to Internet users by intercepting their Web activities from broadband service providers.
“Appearing before the House Subcommittee on Telecommunications and the Internet, Dykes reprised his testimony at a Senate hearing last week, defending his company against charges that NebuAd’s technology runs roughshod over consumer privacy.
“‘In many ways I feel like Galileo when he was viewed with skepticism for demonstrating that the Earth revolved around the sun,’ Dykes said, emphatically claiming that NebuAd only collects nonsensitive information on an anonymous basis. ‘No one, not even the government, can determine the identity of our users.’”
Also:
“The matter of consent was central to the hearing. Ed Markey, the Massachusetts Democrat who chairs the subcommittee, pressed Dykes on whether he would be willing to alter NebuAd’s policy so that consumers would have to proactively consent to having their browsing histories tracked, rather than the current model, which sets tracking as the default but allows people to opt out.
“Dykes did not answer the question directly, instead saying that it is important for the ISPs to give their subscribers ‘robust notice’ — a phrase he repeated more than half a dozen times throughout the hearing. Visibly frustrated, Markey tried again.
“‘Should you get permission from the consumer first, Mr. Dykes?’
“Again Dykes protested and said he felt like he was being bullied, like a man facing the hopelessly loaded question, ‘Have you stopped beating your wife?’”
As much as I wish Google wasn’t so gosh-darned sunny about the privacy issues its business model raises, it has been up front about key services where behavioral observation matters, like Gmail. When you’re dealing with Google, you understand you’re involved in a transaction: You get to have nice Google things by giving up some information about yourself. Google itself frames things differently, but the mechanism is obvious and Google provides a service beyond “you get nicer ads.” And even if you block cookies, you can still at least use a pretty good search engine.
NebuAd? You get nicer ads, and the occasional spectacle of its CEO veering between self-aggrandizement and self-pity in front of Congress.
(Link)
Posted by mhall at 6:24 PM | Add Comment
July 17, 2008
The "Post-Private" Society
Neel at Unqualified Offerings says most of us don’t have privacy anymore, so the best remaining option is to make sure The Man doesn’t either:
“Basically, since we can’t take computers away from the government, the only thing I can see is to open those computers up to the public. Take things like FOIA and put it on steroids — the presumption should be that documents are not revealed on request, but that they are made publicly electronically available and searchable by default. Give every cop a camera that runs continuously while they’re on duty, and presume that whoever is suing the police is correct if the police manage to somehow lose the footage.”
I’ve got The Transparent Society on my list of things to re-read, and this argument is (as Jim Henley points out in the comments) a paragraph summary of key ideas found there.
That book also happens to have been written in 1998, three years before you-know-when and at a point where Ruby Ridge and Waco were what people thought about when they thought about government overkill. A lot of the same people who were outraged by those incidents would now argue that everyday citizens shouldn’t be bothering themselves with the internal workings of a Gitmo, and they’re much less amenable to arguments in favor of anything that might cause the average prole to lose his or her stomach for extreme state-sanctioned violence in the name of stopping terror.
I suppose I’m saying that part of why I want to re-read The Transparent Society is because I last read it not long after it came out, and things have changed a lot since then. Arguments against transparency on the part of the state are coming from places they wouldn’t have a decade ago, and they seem to be more sophisticated, to the extent some of the people making them have had to go through serious contortions to maintain whatever ideological label they had before they became fans of a secretive surveillance state that periodically disappears suspected enemies into backwards hellholes where they’ll be tortured.
This was also food for thought:
“Saying that teenagers and twenty-somethings are oblivious to privacy concerns is to misunderstand what they’re doing: they are adapting to reality rather than decrying it. If you live in a fishbowl and curtains are impossible, the only sane response is to stop feeling shame when people stare at you.”
I think a lot of them are oblivious and are not making some rational choice to adapt to changing circumstance. I also suspect we’ve got a few years before a balance is struck, and I think that balance will tilt toward public privacy (meaning you get better control of who can see what that you do online) and against market privacy (meaning social networking sites will do whatever it takes to make providing demographic data palatable to you, as long as you’re still providing it). Handing a marketing firm a few subconscious emotional levers and a bunch of data that allows it to intuit a few more such levers strikes at a more core value buttressed by privacy, which is your ownership of self.
If you put someone in a position to manipulate you, haven’t you ceded a little of that self ownership?
(Link)
Posted by mhall at 12:15 AM | Add Comment
July 15, 2008
Court Approves Anonymization of YouTube Logs in Viacom Case
“Defendants and plaintiffs in two related copyright infringement lawsuits against YouTube have reached a deal to protect the privacy of millions of YouTube watchers during evidence discovery, a spokesman for Google said on Monday.
“Earlier in July, a New York federal judge ordered Google to turn over YouTube user data to Viacom and other plaintiffs to help them prepare a confidential study of what they argue are vast piracy violations on the video-sharing site.
“Google said it had now agreed to provide plaintiffs’ attorneys for Viacom (NYSE: VIA) and a class action group led by the Football Association of England a version of a massive viewership database that blanks out YouTube username and Internet address data that could be used to identify individual video watchers.
More accurately, Google will be providing the database, only with IP addresses and usernames replaced by “unique values.” Here’s the agreement direct from the court papers:
“When producing data from the Logging Database pursuant to the Order, Defendants shall substitute values while preserving uniqueness for entries in the following fields: User ID, IP Address and Visitor ID. The parties shall agree as promptly as feasible on a specific protocol to govern this substitution whereby each unique value contained in these fields shall be assigned a correlative unique substituted value, and preexisting interdependencies shall be retained in the version of the data produced.”
The EFF has greeted the agreement with appropriate caution, reminding us all of AOL’s disastrous log dump:
“As we know from the AOL search history debacle, this alone is not enough to ensure privacy. However, the stipulation also provides that the parties ‘shall not engage in any efforts to circumvent the encryption’ — that is, they are not allowed to try and reverse-engineer real identities from the unique identifiers — which should be sufficient if the parties abide by this promise.”
(Link)
Posted by mhall at 3:38 PM | Add Comment
More Address Book Shenanigans From Yet Another Social Networking Service
“Tell you what: I’ll email YOU to remove my phone number from your database; then you can email ME to remove this fondue fork from your eye.”
— Merlin Mann on loopt
The “social networking” category at the App Store has 22 apps. There are several Twitter apps, AOL’s “gee, we can’t wait ‘til push services are enabled” IM client, Facebook and MySpace apps, and a number of others.
The location-finding functionality of the iPhone, which has GPS built in, is a big piece of several apps. Even if you have an iPod Touch, which doesn’t have GPS, the device can figure some things out from the WiFi access point you happen to be using. I got a very close fix on my location out on the far east side of town a few weeks ago, and I was connected to a WAP in somebody’s house … not a commercial one at a Starbucks or something like that.
Loopt is one such app. Here’s how it describes itself:
“Loopt shows users where friends are located and what they are doing via detailed, interactive maps on their mobile phones. Loopt helps friends connect on the fly and navigate their social lives by orienting them to people, places and events. Users can also share location updates, geo-tagged photos and comments with friends in their mobile address book or on online social networks, communities and blogs. Loopt was designed with user privacy at its core and offers a variety of effective and intuitive privacy controls.”
Unfortunately, Loopt also likes to invite your friends to play, in what Merlin Mann calls:
“… a very confusing piece of GUI in the Loopt iPhone app which apparently makes it trivially — even accidentally — easy to send SMS invitation spam to multiples of people whose mobile numbers live in your Address Book. At the recipient’s expense. And without prior permission. And, apparently, without user confirmation. [This is Bad.]”
He then offers the basic ingredients for a privacy nightmare scenario:
“Here’s one anecdote for you. Justine Ezarik — who’s had the bad fortune to have to change her phone number numerous times owing to creeps — is just one of the folks who unknowingly sent her phone number and exact location to ‘a large portion of [her] contact list’.
“I’ll give you a minute for that to sink in, because if you’re a connected person, you may want to ponder the consequences of unintentionally sending creepy bullshit to colleagues and business contacts who are too busy to care what you’re ‘geo-tagging’ at a given time. I know, because I’m one of them. Hi.”
There’s more, including an excerpt of Loopt’s privacy policy that managed to make me reparse the phrase “Loopt was designed with user privacy at its core” several times before giving up in disgust.
I am glad he seems to be agitated about this, though, because I’m sort of over the whole “only provincials and newbies end up spamming every single contact they have with an overzealous social networking recruitment tool” attitude. Merlin’s opinion matters to a layer of end user that thinks of itself as an opinion leader, and which is frequently found assuming that if something bad happens to you on the Internet, you probably had it coming.
Also, points for introducing me to the term “polo-shirting,” as in “if Loopt has something substantial to say about all this (beyond the solicitous spin mode they’re polo-shirting around in right now).”
Merlin has taken up the cause on Loopt’s Get Satisfaction board. Loopt’s responses are not particularly satisfactory.
Previously:
- Man Uses Facebook Address Book Tool, Goes to Jail
- Resolved: Feeding Your Address Book to Social Networking Sites Is Stupid and Rude
- Social Networking Site Quechup Makes No Friends
Posted by mhall at 3:12 PM | Add Comment
FTP Client Developer: " I want you to stop using FTP."
Steven Frank works at Panic, which produces Transmit, a very nice ftp/sftp/WebDAV/Amazon S3 client I use daily. He wants people to stop using ftp and start using sftp:
“I’ve talked to a lot of people who didn’t even realize their host supported SFTP. If your hosting service supports SFTP, you usually don’t have to change anything except for switching your client protocol from FTP to SFTP. If it doesn’t work, you should ask your host if there’s anything else you have to do (such as use a different port number).
“If your host doesn’t support SFTP, you should find a different host. It’s not hard to support, and it’s ridiculous to force people into using insecure protocols in the year 2008. Ask them, for example, why they don’t support telnet. FTP is no better.
“FTP has served us well, but it’s time to move on. You wouldn’t use a 23 year old computer to do your work, so don’t use a protocol from the same vintage. Demand modern transfer protocols from your host.”
I recently dealt with a hosting provider that provided either ftp or an absurd bundled-up DAV “application” unless something else was specifically requested, at which point it was made clear that ssh/sftp access was granted by special one-time dispensation.
If we assume, as I tend to, that end users will find the easiest way to do something, then the provider was making a horrible mistake. The DAV file manager was irritating, took forever to launch, and was slow. ftp to that provider was pretty fast and worked from client software I had on hand and was familiar with.
Which one is more likely to be used on someone’s laptop from a free Wi-Fi access point in some coffee shop somewhere?
(Link)
Posted by mhall at 2:52 PM | Add Comment
July 11, 2008
We'll Keep Some Tranya Chilled
Today’s Brian Proffitt’s last day at LinuxToday.
I’ve known very few people as long as I’ve known Brian, and I’ve had the added good luck of working with him close by in a college paper newsroom, a small-town newspaper, Web sites, and on a book we co-authored.
Linux Today occupies a special place in the Linux community, and it’s never been possible for me to think of it as just another Web site. It is home to a vibrant, engaged community of readers, some of whom I recognize from a time when I had no more connection to the site than as a daily reader, and whom I grew to know better during my relatively brief tenure there first as a part-time editor, then as its managing editor.
When Brian stepped in to the editorship there, he understood that he would be managing a site important to the broader Linux community, but that served as a home to its own community. There are lots of deep-rooted, engaging enclaves like that on the ‘net, and Brian approached his job the way anyone who “runs” such an enclave must, aware that he was both occupying an editorial position and assuming a stewardship. The company had entrusted the editorship of a valuable site to him, and the people in the community there trusted him to respect their values and acknowledge the stake each of them held in something they had built over the years, regardless of who happened to own the servers on which it resided.
Sometimes it can be hard to reconcile the role of editor and steward, but Brian has managed it, striking a balance none of us who managed the site before him had ever worked out quite so well and repaying everybody’s trust. To the extent one can ever be proud of someone else’s accomplishments, I’m very proud of Brian.
As sorry as I am that he won’t be down the virtual hall from me in the same company, I’m very excited to see my friend move on to another chance to do something great.
Posted by mhall at 1:53 PM | Add Comment
July 10, 2008
A Few Collected Thoughts on Obama and Immunity
I don’t want to go too far afield into election politics, but Larry Lessig’s post on the reaction to Obama’s FISA vote is worth noting, even if I’m not fond of the tone:
“As he has consistently indicated, he opposes immunity. He voted to strip immunity from the FISA compromise. He has promised to repeal the immunity as president. His vote for the FISA compromise is thus not a vote for immunity. It is a vote that reflects the judgment that securing the amendments to FISA was more important than denying immunity to telcos. Whether you agree with that judgment or not, we should at least recognize (hysteria notwithstanding) what kind of judgment it was. The amendments to FISA were good. Getting a regime that requires the executive to obey the law is important. Whether it is more important than telco immunity is a question upon which sensible people might well differ. And critically, the job of a Senator is to weigh the importance of these different issues and decide, on balance, which outweighs the other.
“This is not an easy task. I don’t know, for example, how I personally would have made the call. I certainly think immunity for telcos is wrong. I especially think it wrong to forgive campaign contributing telco companies for violating the law while sending soldiers to jail for violating the law. But I also think the FISA bill (excepting the immunity provision) was progress. So whether that progress was more important than the immunity is, I think, a hard question. And I can well understand those (including some friends) who weigh the two together, and come down as Obama did (voting in favor).”
A lot of people upset about immunity in general are upset with Obama in particular because he promised, as the link above notes, to filibuster against telecom immunity; then voted for cloture, effectively ending any chance of a filibuster. Lessig’s response to that:
“First, and most obviously, that promise was a stupid promise. However important holding telcos responsible is, certainly there is something more important that Congress could have done. E.g., if telco immunity were tied to a bill requiring a 70% reduction in green house gases by 2015, would it make sense to filibuster that bill?”
I think what I’m hearing is the end of the liberaltarian coalition, at least if Thoreau’s entry at Unqualified Offerings is any indication. (Hint: it’s profane and succinct)
Posted by mhall at 3:42 PM | Add Comment
July 9, 2008
There Are Some Boxes You Can't Think Outside Of
I’m with Ars Technica’s Nate Anderson on NebuAd’s (pending) retooled opt-out policy:
“a real ‘breakthrough’ would be making the service completely opt-in.”
(Link)
Previously:
- NebuAd Announces (Eventual) Change to Opt-Out Mechanism
- Charter Halts NebuAd Trial
- NebuAd Opt-Out Promises Are Nebu-Lous
- Charter Officially Speaks on NebuAd
- Shorter Charter: We’d Rather You Just Not Read the Privacy Advisory in the First Place
Posted by mhall at 4:41 PM | Add Comment
Telco Spying Approved for Memory Hole
Today the Senate voted to end the warrantless wiretapping scandal in the most expeditious fashion possible: Making sure it doesn’t see the inside of a courtroom.
Glenn Greenwald, as usual, for the summary, along with an excerpt Obama supporters might as well use to begin whatever recalibration process they’re going to require:
“The Senators then voted for ‘cloture’ on the underlying FISA bill — the procedure that allows the Senate to overcome any filibusters — and it passed by a vote of 72-26. Obama voted along with all Republicans for cloture. Hillary Clinton voted with 25 other Democrats against cloture (strangely, Clinton originally voted AYE on cloture, and then changed her vote to NAY; I’m trying to find out what explains that).
“With cloture approved, the bill itself then proceeded to pass by a vote of 69-28 (roll call vote here), thereby immunizing telecoms and legalizing warrantless eavesdropping. Again, while Obama voted with all Republicans to pass the bill, Sen. Clinton voted against it.
“Obama’s vote in favor of cloture, in particular, cemented the complete betrayal of the commitment he made back in October when seeking the Democratic nomination. Back then, Obama’s spokesman — in response to demands for a clear statement of Obama’s views on the spying controversy after he had previously given a vague and noncommittal statement — issued this emphatic vow:
“‘To be clear: Barack will support a filibuster of any bill that includes retroactive immunity for telecommunications companies.’
“But the bill today does include retroactive immunity for telecommunications companies. Nonetheless, Obama voted for cloture on the bill — the exact opposition of supporting a filibuster — and then voted for the bill itself. A more complete abandonment of an unambiguous campaign promise is difficult of imagine.”
(Link)
Posted by mhall at 4:38 PM | Add Comment
July 8, 2008
Gmail Harnesses Paranoia Power to Solve PR Poser
Google’s mail service will provide users with feedback about their account activity and provide a way to sign out remote instances of the Web client. Looks interesting:
“At the bottom of your inbox, you’ll see information about the time of the last activity on your account and whether it’s still open in another location:
“Using the above example, a quick glance at the footer while I’m at work shows that my account is indeed open in one other location. But I recognize the IP address - it’s my computer at home. Turns out I left my Gmail account open when I left home in a hurry this morning.
“Your IP address, or Internet Protocol address, is a number associated with your computer when you connect to the Internet. Some of you might want to know your IP address numbers (more info on finding out your IP address below) for an extra layer of control. For others who don’t want to think about IP information, you don’t need to.”
Behind one of the links in the activity report is a more detailed report showing the IP addresses, dates/times and type of access (POP, browser, IMAP).
As if someone at Google is saying “See? If we didn’t store that kind of information, you’d be less secure and your privacy would be more at risk.”
Creating a feature like that, dependent on the data it is to work, and aiming it squarely at the paranoiac segment of its userbase is, well, an elegant solution to a spin management problem. One the great James T. Kirk himself could be expected to come up with.
(Link)
Posted by mhall at 2:27 PM | Add Comment
NebuAd Announces (Eventual) Change to Opt-Out Mechanism
NebuAd, as you’ll recall, partners with ISPs to do behavioral tracking and ad targeting based on data collected by appliances ISPs install on their networks. The company rose to attention when ISP Charter started a trial of NebuAd and users learned the only way to opt out was to get a cookie set.
Cookies are a terrible way to opt out of anything. They don’t move from computer to computer, they don’t survive periodic (and recommended) flushes of personal data, and if you block them as a matter of course they can’t do any good anyhow.
So NebuAd says it is improving notifications and “developing” an alternative opt-out mechanism:
“NebuAd has developed a means to offer consumers direct, initial online notification and periodic reminders - thereby equipping users with more opportunities to make informed decisions about their web experience. While current mail and email notification practices remain the most reliable and acceptable means of ensuring consumer awareness for many companies, the ability to offer online notice adds another method of direct communication that NebuAd’s partners may find appropriate in a variety of circumstances.
“In addition to its new direct online notification system, NebuAd is also developing a network-based opt-out mechanism that is not reliant on web browser cookies. Leveraging this advanced technology, ISP partners can offer this to their subscribers in order to honor their opt-out choices in a more persistent manner than current systems widely used today.
The reminders are a good step forward. I’m curious about just what the “network-based opt-out” mechanism is, and whether its provision will be optional for ISPs. I also wonder what incentives/disincentives will be in place for ISPs to offer a better opt-out mechanism if it is, indeed, optional.
(Link)
PC World notes the excellent timing:
“Efforts to reach NebuAd CEO Bob Dykes were unsuccessful on Tuesday. Dykes is scheduled to testify Wednesday before the Senate Commerce, Science and Transportation Committee, which will examine privacy issues around online advertising.”
Previously:
- Charter Halts NebuAd Trial
- NebuAd Opt-Out Promises Are Nebu-Lous
- Charter Officially Speaks on NebuAd
- Shorter Charter: We’d Rather You Just Not Read the Privacy Advisory in the First Place
Posted by mhall at 1:29 PM | Add Comment
July 7, 2008
UPDATED: Viacom: YouTube Data for Use Against Google Only
This item is from last Thursday, but it’s worth noting because a scan of the blogospheric headlines on the broader story show a lot of people think Viacom wants YouTube logs so it can launch an RIAA-style assault on people who posted infringing material:
“Mr. Fricklas [Viacom’s general counsel] said Viacom would not have direct access to the data, and that its use would be strictly limited by the court order. Viacom would not, for example, chase down users who had illegally posted clips from ‘The Colbert Report.’
“‘The information that is produced by Google is going to be limited to outside advisers who can use it solely for the purpose of enforcing our rights against YouTube and Google,’ Mr. Fricklas said.”
(Link)
That link is via EFF’s Kurt Opsahl, who had an excerpt from the Times’ report that indicated it once included this immediately after the last sentence of the excerpt above:
“‘I can unequivocally state that we will not use any of this information to enforce rights against end users.’”
I assume it was dropped because an editor somewhere decided it didn’t add anything that hadn’t already been said. If I’d been editing it, I would have preferred the strong quote over the cute paraphrase at the end of the first graf above. I wrote the Times reporter, we’ll see if he responds.
Update: Miguel Heft, the NYT reporter, did respond. He said the quote was “dropped for space reasons” as the story was being prepared for the print edition of the paper, since it repeated the information in the paraphrase.
Previously
Posted by mhall at 12:50 PM | Add Comment
July 3, 2008
Google Stays Classy in "Privacy" Backpedal
There’s a post up on Google’s official blog regarding a small cosmetic change to the search engine’s front page.
In late May there was a scuffle between Google and a trade group over whether or not California law compels Google to include a link to its privacy policy on its front page. Google was resistant to the idea because adding the word “privacy” would represent an intolerable level of clutter, and there the matter rested until today.
Google VP Marissa Mayer explained the change in a blog post this afternoon:
“Trust is the basis of everything we do, so we want you to be familiar and comfortable with the integrity and care we give your personal data. We added this link both to our homepage and to our results page to make it easier for you to find information about our privacy principles. The new ‘Privacy’ link goes to our Privacy Center, which was revamped earlier this year to be more straightforward and approachable, with videos and a non-legalese overview to make sure you understand in basic terms what Google does, does not, will, and won’t, do in regard to your personal information.
“How does privacy relate to homepage word count? Larry and Sergey told me we could only add this to the homepage if we took a word away - keeping the ‘weight’ of the homepage unchanged at 28 [total words]. Given that the new Privacy link fit best with legal disclaimers on the page, I looked to the copyright line. There, we dropped the word ‘Google’ (realizing it was implied, obviously) and added the new privacy link alongside it.”
Mayer did not, as near as I can tell, also post a YouTube video featuring her sneering into the camera and muttering “Whatever, losers.”
YouTube is, of course, a touchy subject right now, so it was probably best to leave physical displays of Google’s disdain to our imaginations.
(Link)
Posted by mhall at 8:57 PM | Add Comment
More on Google/YouTube/Viacom
Search Engine Land on the Google/YouTube/Viacom ruling:
“Last year, Microsoft and Ask called for some industry standards (a call that would have been better if they’d involved Yahoo and Google beforehand). Google also called for a global privacy standard last year, then this year said it would back a national law, in response to the latest letter over privacy issues from US representative Joe Barton. Microsoft also pushed for a privacy framework this year.”
“We need it. And we need it without political grandstanding, without the privacy advocates arguing that it will water down US state laws (as EPIC did in response to Google saying they’d back a national law). We need protection, and we need various groups to diligently work together to make that happen.
“I remain amazed that after the AOL data leak in 2006, little has happened since then to proect us. But when lawmakers start to understand that the porn and other embarrassing material some of them have watched on YouTube is to be handed over to Viacom, maybe they’ll finally wake up. Remember, lawmakers, even those now deleted videos are fair game.”
I agree with the last sentiment in that excerpt. In the absence of a personal angle, most people are stubbornly resistant to what they consider privacy paranoia.
I don’t much like the idea that “the privacy advocates” should stop talking back to Google when it says next to nothing, which was most certainly the case when the company floated its headline-spinning “support” of legislation nobody’s even drawn up yet.
(Link)