The Privacy BlogPrivacy, Security, Cryptography, and Anonymity

Archive for May 2010

John Gruber at Daring Fireball posted this interesting article on the growing practice of websites intercepting your attempts to copy text from their pages. They are actually modifying the contents of your clipboard and tracking the fact that you have clipped the information.

The referenced cases seem to be doing it for marketing and informational purposes, but there are many ways this could be used in more aggressive ways.

Imagine a site with sample code which (when copied) inserted some damaging code in to the middle of a large block.

I am worried that this capability exists at all within browsers. It seems like a major security vulnerability to me.

No tags

Apparently the legislators in Louisiana feel that crimes committed with an electronic map are much more serious than those committed with the aid of paper maps. Not just some of them, the vote in the Louisiana House approved it unanimously (89-0).

If a “virtual street-level map” is used in the commission of ordinary crimes, a mandatory additional year must be added to the sentence. In cases of terrorism, the penalty is 10 years.

This should prove a boon to the sellers of Thomas Bros. high resolution map books.

The unanimous nature of this decision makes it clear the degree to which our leaders lack any political spine. They are obviously concerned that voting against this will appear “soft on crime” despite the fact that this will have no real impact at all, and is trivial to circumvent. It is a waste of time and attention on what Bruce Schneier calls “Security Theater”.

No tags

On May 26th Facebook announced new privacy controls. The EFF has a nice tutorial on how to properly configure these new settings to best protect your privacy.

Unfortunately these new settings options are being rolled out slowly. At this point I still don’t have the ability to use the new settings at all. If you are lucky enough to have been moved to the new system, update those settings ASAP.

No tags

US Apologizes to Billionaire Added to Terror No-fly List – ABC News

It looks like there is a process for dealing with inaccurate No-Fly List information after all. You just need to become a billionaire and develop some very high level political connections.

No tags

I am very excited to be organizing a couple of panels at this year’s “Computers Freedom and Privacy” (CFP) Conference in San Jose June 15-18.

Historically the conference has focused on personal privacy / freedom issues, technologies, and policies. That was certainly my focus as well when I started Anonymizer. Over time I have become aware of some other aspects to the privacy issue that I have not seen discussed. In addition to corporations impacting privacy of their customers, users, employees, etc. they also have issues and needs for privacy themselves.

Companies activities are monitored, analyzed, blocked, misinformed, and censored. While these have analogs in the personal privacy world, the details, impacts and scale, and solutions to the problems are often very different.

I am organizing a panel to discuss these issues at the conference and would love to hear from others who may have experienced these kinds of issues and would be willing and able to share them at this conference.

No tags

This year the “Computers Freedom and Privacy” (CFP) conference is taking place in San Jose from June 15-18. This year is the 20th anniversary of the conference which helped shape my thinking about Internet Privacy and introduced me to many of the key players in this space.

Around the same time in 1992 an email mailing list started called “Cypherpunks”. Members were devoted discussions of Internet freedom and to creating and distributing privacy and security tools. Best known of these are the various flavors of Anonymous Remailers following the original

This seems like a good time to stop and take stock of what has been achieved, lost, and abandoned in the evolution of privacy and anonymity on the Internet. I have organized a panel at CFP of some of the key Cypherpunks from the early days to talk about those early days, and share their vision and insight about where we are and where we should / are likely to end up.

I hope I will see many of you there.

No tags