TAG | google
“In the latest security lapse involving the Internet’s widely used encryption system, Google said unauthorized digital certificates have been issued for several of its domains and warned misissued credentials may be impersonating other unnamed sites as well.” (more…)
Multiple sources are reporting that Google services are once again available in China. They had been blocked in the lead up to the 25th anniversary of Tiananmen Square protests.
- The need to target your privacy efforts
- Why your secrets may not be safe with secrecy apps
- The possibility of more light shining on National Security Letters
- Conflicted feelings about censorship in the Russian government
- Google and the right to be forgotten
- What you need to do to deal with all these password breaches
- A demonstration of a stealthy camera snooping app for Android
- and a quick announcement about Anonymizer
In anticipation of possible protests in memory of the Tiananmen Square massacre 25 years ago, China has blocked access to Google search and Gmail. The censorship has been in place for a few days now, suggesting that this may be more than a short term action.
China has long blocked access to YouTube, Twitter, Facebook, and services which would circumvent the blocking, like Anonymizer.
Google search, and Gmail are both popular in China. It will be interesting to see if this actually draws attention to the anniversary, rather than diffusing it.
The image with this post is from 2010 when Google moved out of their China offices to avoid government control. (via Wikipedia)
Earlier this month I talked about the ECJ ruling against Google on the “right to be forgotten.”
Google has now set up a web form and process for making these requests. You need to provide your name, the URLs you want hidden, and an explanation of why the URL is “irrelevant, outdated, or otherwise inappropriate”.
Google will then make the call about whether your request will be honored. They will “assess each individual request and attempt to balance the privacy rights of the individual with the public’s right to know and distribute information. When evaluating your request, we will look at whether the results include outdated information about you, as well as whether there’s a public interest in the information—for example, information about financial scams, professional malpractice, criminal convictions, or public conduct of government officials.”
Remember, this only removes that URL from Google searches for your name, not from other searches, other search engines, or from the underlying website.
Back in 2010 I blogged about Google’s legal troubles over capturing sensitive open Wi-Fi data with their Street View cars.
In a nutshell, Google was accused of violating the federal Wiretap Act when it intercepted the data on open Wi-Fi networks it passed. The purpose was to capture just the MAC addresses of the base stations to improve their enhanced location services. It appears that recording small amounts of data was accidental. Certainly if they were trying to collect data, they could easily have grabbed much more.
Google lost that case and is now appealing to the Supreme Court, hoping to overturn the decision.
Obviously it was inappropriate for a company like Google to drive around sniffing people’s Wi-Fi traffic, but they are not really the threat. What we all need to be worried about is hackers war driving our neighborhoods, either using our networks to hide their illegal activities, or capturing our personal information for their own purposes.
Whatever the legal outcome of whether it is “OK” to sniff someone’s open Wi-Fi traffic, the reality is that people do, and doing so is trivial. Anyone with a laptop can download free software and be sucking down all the Internet activity in their local coffee shop in just minutes. I think laws like this give a false sense of security. It is like saying that, as you walk down the sidewalk, you can not look in through your neighbor’s big picture window at night when they leave the curtains open.
Thinking that people are “not allowed” to sniff your open Wi-Fi just gives a false sense of security. What we need to do is make sure that ALL Wi-Fi is securely encrypted. Even public Wi-Fi should be encrypted, even if the password is “password” and is posted prominently on the wall. Using encryption changes the situation from looking though a window as you walk by to drilling a peep hole through the wall.
None of should be in denial about this. Open Wi-Fi is insecure. It will be sniffed.
If you find yourself in a situation where you have to use an open Wi-Fi hotspot, for whatever reason, make sure you immediately establish a VPN to protect yourself. I might be biased, but I use Anonymizer Universal for this purpose.
The ability to use remotely loaded images in HTML emails for tracking has been known for years, but perhaps not widely known.
The On The Media: TLDR podcast just re-surfaced the issue in the above article, where they talk about a free Gmail plugin called Streak, which provides this capability.
It automatically embeds the hidden images in emails you send, then lets you see when and even where the recipient opens them.
Because they appear to use IP address based locations, you can block the “where” part by using Anonymizer Universal.
You can block this tracking completely by turning off the loading of images in your emails. Of course, if you then choose to load images, know that you are also enabling tracking. If you block image loading you will also find that your email become much less attractive and significantly more difficult to read.
TechCrunch has a nice article on the location tracking of Android based devices.
It is an “opt in” thing, but I suspect that most people are robo-approving all the questions they are asked when they are trying to get their new phones or tablets set up for the first time.
In this case, you may have given Google permission to track and maintain high resolution location information on you. That information is used to discover where you live and work, to improve weather, travel, and traffic information.
If you follow this link, you can see a track of your activities for up to the last 30 days. Really cool in a very frightening way.
Welcome to episode 13 of our podcast for September, 2013.
In this episode I will talk about:
A major security breach at Adobe
How airplane mode can make your iPhone vulnerable to theft
Russian plans to spy on visitors and athletes at the winter Olympics
Whether you should move your cloud storage to the EU to avoid surveillance
Identity thieves buying your personal information from information brokers and credit bureaus
How to stop google using your picture in its ads
Why carelessness lead to the capture of the operator of the Silk Road
And how Browser Fingerprinting allows websites to track you without cookies.
Please let me know what you think, and leave suggestions for future content, in the comments.
Google is changing its terms of service to allow them to use your name and photo in advertisements to your friends. Most people seem to have been opted in to this by default, although some (including me) have found themselves defaulted out of the program.
If you are uncomfortable with your name, picture, and opinions appearing in ads from Google, just go to Google’s Shared Endorsements Settings page. The page describes the program. At the bottom you will find a checkbox. Uncheck it, and click “Save”.