background preloader

EFF Surveillance Self-Defense Project

EFF Surveillance Self-Defense Project

Some Facts About Carrier IQ There has been a rolling scandal about the Carrier IQ software installed by cell phone companies on 150 million phones, mostly within the United States. Subjects of outright disagreement have included the nature of the program, what information it actually collects, and under what circumstances. This post will attempt to explain Carrier IQ's architecture, and why apparently conflicting statements about it are in some instances simultaneously correct. The information in this post has been synthesised from sources including Trevor Eckhart, Ashkan Soltani, Dan Rosenberg, and Carrier IQ itself. First, when people talk about "Carrier IQ," they can be referring to several different things. There is consensus agreement that layers 2–4 collect information that can include location, browsing history (including HTTPS URLs), application use, battery use, and data about the phone's radio activity.

anonabox Are You Being Tracked? 8 Ways Your Privacy Is Being Eroded Online and Off | Media December 28, 2011 | Like this article? Join our email list: Stay up to date with the latest headlines via email. In a recent hearing before the Senate Judiciary Committee, Sen. Al Franken reminded his fellow Americans, “People have a fundamental right to control their private information.” Few people have ever heard about CIQ. Carrier IQ, located in Mountain View, CA, was founded in 2005 and is backed by a group of venture capitalists. At the hearing, Sen. Following Muller’s Senate testimony, Andrew Coward, Carrier IQ’s VP of marketing, told the Associated Press that the FBI is the only law enforcement agency to contact them for data. CIQ is emblematic of a growing number of ongoing battles that delineate the boundary of what, in the digital age, is personal, private life and information. 1. Sen. According to the company, its software is designed to improve mobile communications. Carrier IQ is not the only company being challenged over alleged tracking.

RetroShare Web Browsers Web browsers are software on your machine that communicate with servers or hosts on the Internet. Using a web browser causes data to be stored on your computer and logs to be stored on the web servers you visit, and frequently transmits unencrypted information. Until you have understood the mechanisms by which this occurs — and taken steps to prevent them — it is best to assume that anything you do with a web browser could be recorded by your own machine, by the web servers you're communicating with, or by any adversary that is able to monitor your network connection. Controlling and Limiting the Logs Kept by Your Browser Web browsers often retain a large amount of information about the way they are used. For example, here are the stored data privacy settings pages for Firefox, the free web browser: Apple’s Safari browser also has an easy one-click option to clear everything. Controlling and Limiting the Logs Kept By Web Servers Web Privacy is Hard Cookies Managing Adobe Flash Privacy.

The internet is our social network | friendica Hundreds of websites share usernames sans permission High performance access to file storage Home Depot, The Wall Street Journal, Photobucket, and hundreds of other websites share visitor's names, usernames, or other personal information with advertisers or other third parties, often without disclosing the practice in privacy policies, academic researchers said. Sixty-one percent of websites tested by researchers from Stanford Law School's Center for Internet and Society leaked the personal information, sometimes to dozens of third-party partners. The report comes as US officials have proposed a mandatory Do Not Track option for all websites. In the report, Jonathan Mayer, a Stanford graduate student who led the study, argued against the claim that the online tracking is anonymous. “We believe there is now overwhelming evidence that third-party web tracking is not anonymous,” he wrote. The report cited privacy policies of many of the websites that appeared to make no mention of the practice.

The Freenet Project - /index Tracking the Trackers: Where Everybody Knows Your Username Click the local Home Depot ad and your email address gets handed to a dozen companies monitoring you. Your web browsing, past, present, and future, is now associated with your identity. Swap photos with friends on Photobucket and clue a couple dozen more into your username. Keep tabs on your favorite teams with Bleacher Report and you pass your full name to a dozen again. [Update 10/11: Since several readers have asked – this study was funded exclusively by Stanford University and research grants to the Stanford Security Lab. Background on Third-Party Web Tracking and Anonymity In a post on the Stanford CIS blog two months ago, Arvind Narayanan explained how third-party web tracking is not at all anonymous. In the language of computer science, clickstreams – browsing histories that companies collect – are not anonymous at all; rather, they are pseudonymous. Arvind noted five ways in which a user's identity may be associated with third-party web tracking data. Web Information Leakage

Tails 1.1.2 is out Tails, The Amnesic Incognito Live System, version 1.1.2, is out. This release fixes numerous security issues and all users must upgrade as soon as possible. We prepared this release mainly to fix a serious flaw in the Network Security Services (NSS) library used by Firefox and other products allows attackers to create forged RSA certificates. Before this release, users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for legitimate sites. Notable user-visible changes include: Security fixes Upgrade the web browser to 24.8.0esr-0+tails3~bpo70+1Install Linux 3.16-1Numerous other software upgrades that fix security issues: GnuPG, APT, DBus, Bash, and packages built from the bind9 and libav source packages See the online Changelog for technical details. The version of tor shipped in Tails 1.1.2 really is 0.2.4.24, not 0.2.4.21 as reported in the logs and by tor --version. Go to the download page. Do you want to help?

Stealing Your Address Book by Dustin Curtis It’s not really a secret, per se, but there’s a quiet understanding among many iOS app developers that it is acceptable to send a user’s entire address book, without their permission, to remote servers and then store it for future reference. It’s common practice, and many companies likely have your address book stored in their database. Obviously, there are lots of awesome things apps can do with this data to vastly improve user experience. But it is also a breach of trust and an invasion of privacy. I did a quick survey of 15 developers of popular iOS apps, and 13 of them told me they have a contacts database with millons of records. There are two major questions to ask about this behavior: First, why does Apple allow iOS apps to access a user’s entire address book, at any time, without permission? Yesterday, it was revealed that the private social network app Path practices this behavior. There was similar outrage last year, when Kik was outed. Apple’s Failure

Is your online personal data up for sale? - Inside Story Americas Facebook is likely to smash Wall Street records when it floats on the NASDAQ stock exchange this week. But in an age when we increasingly live our lives online, how worried should we be about what companies and governments do with our personal data? When Facebook begins issuing shares on Friday, it is expected that the company will be valued at $100bn, three times the GDP of Kenya - a remarkable rise for a company that was started in a Harvard dorm room. The company, started eight years ago by Mark Zuckerberg, has raised share prices and the number of shares available on the IPO, making it the third-largest initial share sale in the US. It claims to have made $3.7bn in revenue in 2011. The site has 900 million users who post photos, connect with friends and share information about their lives. The stated aim of the law is to help the US government investigate cyber threats and protect the security of networks against attack. WHAT IS CISPA?

Related: