Ars tests Internet surveillance—by spying on an NPR reporter | Ars Technica

in

Selfiehenn 300x400

Ars technica in conjunction with NPR conducted an excellent experiment showing how much and what kind of information can be obtained through capture off the wire. This is the type of information that a national intelligence service would see by tapping into ISPs.

They simulated this by using a penetration testing device installed at NPR reporter Steve Henn’s house (with his cooperation).

The amount of information is amazing. Even seemingly inactive devices are constantly making requests and connecting to services.

While many connections to key services like email and banking are encrypted, most others are not, revealing a great deal about Steve’s research activities.

It is absolutely worth a read.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

A tiny change in iOS 8 prevents WiFi tracking of iOS devices

in , , ,

IOS8 MAC Randomization

News just broke of a new feature in iOS 8 announced at Apple’s WWDC which was not covered in the big keynote. Advertisers and retail outlets have been using Wi-Fi to track mobile devices for some time. I talked about a network of Wi-Fi tracking trashcans last year in the podcast.

This works because, by default, most mobile devices are constantly on the lookout for Wi-Fi networks. The device communicates with visible base stations to see if they are known, if they are secure, and what they are called. That communication reveals the MAC address of the device’s Wi-Fi.

Like the address on your house, your phone number, or IP addresses, MAC addresses are globally unique identifiers. Everything that can speak Wi-Fi has its own individual MAC address. This makes it a great hook for tracking. If someone sets up a bunch of Wi-Fi base stations, most mobile devices going by will try to connect, giving it their MAC address. By looking at the pattern of those connections, the device can be tracked. 

More sophisticated solutions have even used signal strength to triangulate the location of devices within a small area.

The big news is that Apple is going to randomize the MAC addresses of iOS 8 devices when they are probing for networks. If the device were to probe network base stations A, B, and C they would all see different MAC addresses and think that they were tracking different devices. The iPhone or iPad would still use its real MAC when establishing a full connection, but would not provide it to all of the networks it only probes but never actually uses.

This is a really small change which provides significant privacy gains. It is similar to the decision Apple made to use randomized IPv6 addresses by default, rather than ones which uniquely identify the computer or mobile device.

Of course, Apple is also working hard to track us all with iBeacons at the same time….

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

Vodafone shows global scope of surveillance

in ,

Vodafone logo

Vodafone Lays Bare Scale of Phone Tapping - WSJ

Vodafone recently released a "Law Enforcement Disclosure Report”. Because Vodafone provides services in so many countries, this provides a unique  insight into the range of surveillance capabilities and requirements across a spectrum of nations. In six countries they are required to provide direct connections to their network for the local government. This allows those governments to capture content and meta-data without making individual requests to Vodafone. They are not saying which 6 countries those are out of fear of penalties or retaliation.

In Albania, Egypt, Hungary, India, Malta, Qatar, Romania, South Africa and Turkey it is illegal to reveal information about various kinds of intercepts, so the report does not provide information on those countries.

The report also provides good information on the frequency of requests for information from various countries.

One lesson from this is, despite the impression one might have gotten from the Snowden leaks, the US is far from the only country doing this kind of surveillance. 

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

The Privacy Blog Podcast - Ep. 20: Censorship, passwords, NSLs and cash

in

Standard-Profile-Picture.jpgIn episode 20 of our podcast for May I talk about:

  • The need to target your privacy efforts
  • Why your secrets may not be safe with secrecy apps
  • The possibility of more light shining on National Security Letters
  • Conflicted feelings about censorship in the Russian government
  • Google and the right to be forgotten
  • What you need to do to deal with all these password breaches
  • A demonstration of a stealthy camera snooping app for Android
  • and a quick announcement about Anonymizer

YouTube unblocked by Turkey

in ,

Turkey-map-flag.jpgTurkey lifts its ban on YouTube-agency | Reuters Several days after the Turkish Constitutional Court ruled the blocking of YouTube to be unconstitutional, it looks like the block has been removed.

YouTube said that they are getting reports from users that they are once again able to access the site. YouTube was blocked since May 2008.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

More thoughts on TrueCrypt, with archives, from GRC

in

Truecrypt flurry icon by flakshack d4jjwdo

GRC's | TrueCrypt, the final release, archive

Steve Gibson shares recent messages exchanges with some of the developers of TrueCrypt. These further suggest a boring explanation of the shutdown, as opposed to more nefarious explanations.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

China celebrates 25th anniversary of Tiananmen with censorship.

in , ,

Google IllegalFlowerTribute1

In anticipation of possible protests in memory of the Tiananmen Square massacre 25 years ago, China has blocked access to Google search and Gmail. The censorship has been in place for a few days now, suggesting that this may be more than a short term action.

China has long blocked access to YouTube, Twitter, Facebook, and services which would circumvent the blocking, like Anonymizer.

Google search, and Gmail are both popular in China. It will be interesting to see if this actually draws attention to the anniversary, rather than diffusing it.

The image with this post is from 2010 when Google moved out of their China offices to avoid government control. (via Wikipedia)

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

What you never create can't leak

in

Shhh finger to lips man

The latest leaked messages to blow up in someone’s face are some emails from Evan Spiegel, the CEO of Snapchat. These were incredibly sexist emails sent while he was in college at Stanford organizing fraternity parties.

These emails are like racist rants, homophobic tweets, and pictures of your “junk”. They are all trouble waiting to happen, and there is always a risk that they will crop up and bite you when you least expect it. If you have ever shared any potentially damaging messages, documents, photos, or whatever then you are at risk if anyone in possession of them is angry, board, or in search of attention.

Even if it only ever lives on your computer, you are vulnerable to hackers breaking in and stealing it, or to someone getting your old poorly erased second hand computer.

This falls in to the “if it exists it will leak” rant that I seem to be having to repeat a lot lately. The first rule of privacy is: think before you write (or talk, or take a picture, or do something stupid). Always assume that anything will leak, will be kept, will be recorded, will be shared. Even when you are “young and stupid” try to keep a thought for how that thing would be seen in ten years when you are in a very different position. Of course, ideally you are not sexist, racist, homophobic, or stupid in the first place.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

Turkish top court rules blocking of YouTube unconstitutional

in ,

Boltcutter and chain

Turkey's Top Court Rules YouTube Ban is Unconstitutional - WSJ

Long after the blocking of Twitter was ruled unconstitutional, they have similarly ruled that blocking YouTube over the last two months was similarly unconstitutional. The formal ruling and orders to remove the blocking should be forthcoming soon.

This decision by the country’s top court bolsters rulings by lower courts which have been ignored by the government of Prime Minister Erdogan.

All this censorship is an attempt to suppress criticism of the government generally and Erdogan and his allies specifically.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

How to be forgotten (if you are in the EU)

in

Do forget note

Earlier this month I talked about the ECJ ruling against Google on the “right to be forgotten."

Google has now set up a web form and process for making these requests. You need to provide your name, the URLs you want hidden, and an explanation of why the URL is "irrelevant, outdated, or otherwise inappropriate”.

Google will then make the call about whether your request will be honored. They will "assess each individual request and attempt to balance the privacy rights of the individual with the public’s right to know and distribute information. When evaluating your request, we will look at whether the results include outdated information about you, as well as whether there’s a public interest in the information—for example, information about financial scams, professional malpractice, criminal convictions, or public conduct of government officials."

Remember, this only removes that URL from Google searches for your name, not from other searches, other search engines, or from the underlying website.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

Evading post coup Thai Internet censorship

in

Mouth with tape BW

In the wake of the recent coup in Thailand, the new government is taking steps to suppress dissent. In addition to curfews, banning unauthorized gatherings / protests, and instructing the media not to criticize the new government, they have taken initial steps towards Internet censorship.

Facebook was blocked briefly on Wednesday by order of the Information Communications Technology Ministry. A senior ministry confirmed that the blocking was intentional, not an outage, and it had been done to slow online criticism and make it more difficult to organize and coordinate protests.

The typical pattern with censorship is for it to get stronger over time. I encourage anyone in Thailand to download the Anonymizer Universal free trial, to ensure you have a way around any of the new blocks that are likely to appear in the coming weeks.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on FacebookTwitter, and Google+.

Is your Android watching you?

in

Android-phone-with-android-guy.jpgYour smartphone's camera might be spying on you Researcher Syzmon Sidor has created an app that will stealthily activate the camera on an Android phone. The trick is bypassing the requirement in Android to have a preview window open any time the camera is active. Syzmon’s solution was to make the preview window only a single pixel.

From there, one can use the typical methods to hide the application and have it run in the background. Of course, the attacker still needs to get the app on the phone. Hiding this functionality in some useful app on the Android app store is probably the most likely course.

This would be a good argument for keeping your phone in your pocket or purse, rather than sitting on a table with an interesting view.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

Do you need to replace TrueCrypt immediately?

in

Truecrypt flurry icon by flakshack d4jjwdo

For years, TrueCrypt has been the gold standard open source whole disk encryption solution. Now there is a disturbing announcement on the TrueCrypt website. Right at the top it says "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues”.

The rest of the page has been changed to a notice that development on TrueCrypt stopped this May, and directions for migrating from TrueCrypt to BitLocker, the disk encryption tool built in to Windows. Of course, this is of little help to anyone using TrueCrypt on Mac or Linux. It is still possible to download TrueCrypt from the site, but the code now will not create new vaults, and warns users to migrate to a new platform.

There are certainly alternatives, but this is a real shock. On Mac, one could always use the built in FileVault tool. Linux users may have a harder time finding a good replacement. 

The big question is, what the heck is actually going on here. This is all far too cryptic, with no where near enough actual information to draw intelligent conclusions.

A recent independent audit of TrueCrypt discovered “no evidence of backdoors or otherwise intentionally malicious code in the assessed areas.”

There are a number of theories about what is going on ranging from credulous to paranoid.

  • Like Lavabit, they received a National Security Letter requiring compromise of the code. This is their way of resisting without violating the gag order.
  • They have been taken over by the government, and they are trying to force everyone to move to a less secure / more compromised solution.
  • There really is a gigantic hole in the code. Releasing a fix would tell attackers the exact nature of the vulnerability, which most people would take a very long time to address. Having everyone migrate is the safest solution.
  • Some personal conflict within the TrueCrypt developers is leading to a “take my ball and go home” action.
  • The developers only cared about protecting windows users with XP or earlier, which did not have the built in disk encryption. Now that XP support has ended, they don’t feel it is valuable any more. This is suggested by the full wording of the announcement.
  • The website or one of the developer’s computers was compromised, and this is a hack / hoax.

The whole thing is really odd, and it is not yet obvious what the best course of action might be.

The safest option appears to be to remove TrueCrypt, and replace it with some other solution, either one that is built in to the OS, or from a third party.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

7 Conundrums of the Right to be Forgotten

in ,

Digital Eraser

The recent ruling by the European Court of Justice (ECJ) has re-ignited debate about the “right to be forgotten”, or perhaps more accurately the right to have certain information purged from the Internet. While this right provides some real privacy benefits, it runs up against free speech and jurisdictional problems.

Here are seven conundrums around the right to be forgotten and the recent ECJ ruling:

  1. The ECJ ruling provides for removing search results, but not for removing the underlying web page. In the case in question, a newspaper article is allowed to stay on-line, but a search on the plaintiff's name must not return a link to that page.
  2. While the search result would be removed when the search is the person’s name, other searches for the information would show that link.
  3. The ECJ does not give you a right to remove anything harmful or embarrassing to you, only information “inadequate, irrelevant or no longer relevant, excessive in relation to the purposes of the processing”
  4. You don’t have a right to have certain information forgotten if that is newsworthy and noteworthy. In other words, if this was likely to be searched for by a lot of people, then you can’t remove it.
  5. The ECJ ruling only applies to EU residents . If you are outside the EU, or using a search engine outside the EU then you don’t have this right.
  6. The ECJ ruling only applies to search engines operating in the EU. If the search engine is exclusively operating outside the EU, or is being accessed from outside the EU, then the search results would still be visible. This means that you would get the search results if you were using Anonymizer Universal from within the EU.
  7. The tools and laws used to enforce the right to be forgotten are very similar to the techniques used for censorship by repressive regimes. Once in place, the urge to use the power more broadly has been irresistible to governments that obtain it.


Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me onFacebookTwitter, and Google+.

The one thing you need to do about password breaches

in

Password Sticky Note

The recent Ebay password compromise is just the latest in a string of similar attacks. Each time we hear a call for people to change their passwords. Sometimes the attacked company will require password changes, but more often it is just a suggestion; a suggestion that a majority choose to ignore.

Further exacerbating the problem is the tendency of people to use the same username and password across many different websites. Even if a compromised website does require a password change on that site, it has no way of forcing users to change their passwords on any other sites where the same password was used. This matters because a smart attacker will try any username / password pairs he discovers against a range of interesting websites of value, like banks. Even though the compromise may have been on an unimportant website, it could give access to your most valuable accounts if you re-used the password.

The burden on the user can also be significant. If a password is used on 20 websites, then after a compromise it should be changed on all 20 (ideally to 20 different passwords this time). People who maintain good password discipline only need to change the one password on the single compromised website.

Trying to remember a large number of strong passwords is impossible for most of us. Some common results are that the the passwords are too simple,  the passwords all follow a simple and predictable pattern, passwords are re-used, or some or all of these at once.

Many companies and standards organizations are working hard to replace the password with a stronger alternative. Apple is using fingerprint scanners in its latest phones, and tools like OAUTH keep the actual password (or password hash) off the website entirely. Two factor authentication adds a hardware device to the mix making compromise of a password less damaging. So far many of these approaches have shown promise, but all have some disadvantages or vulnerabilities, and none appear to be a silver bullet.

 

For now, best practice is to use a password vault. I use 1Password but LastPassDashlane, and others are also well regarded. Create unique long random passwords for every website (since you no longer need to actually remember any of them). Don’t wait. If you are not using one of these tools, get it and start using it now.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me onFacebookTwitter, and Google+.

Russia: To block Twitter, or not to block Twitter

in , , ,

Russia Map with Twitter Bird

Russia seems to have a conflicted relationship with Twitter and Internet censorship in general.

While trying to portray themselves as open and democratic, they clearly have a real problem with the radical openness of social media like Twitter.

Maxim Ksenzov, deputy head of Roscomnadzor (Russia’s censorship agency), said Twitter is a “global instrument for promoting political information” and that they could block Twitter or Facebook in minutes.

Prime Minister Dimitri Medvedev responded on his Facebook account, saying that state officials “sometimes need to turn on their brains” rather than "announcing in interviews the shutdown of social networks.” Which is not quite the same as saying that they would not do so.

The primary desire in Russia is for Twitter and all other social networks to open offices in Russia. That would smooth communications, but also provide leverage to push for censorship or access to data as needed.

Microsoft successfully challenges national security letter against enterprise customer

in ,

Tape on mouth

Microsoft challenged an FBI National Security Letter, and won | ZDNet

Recently unsealed documents show that Microsoft was able to beat back a National Security Letter (NSL) from the FBI.

NSL are like subpoenas but go through a different, and secret, process that bypasses the courts. NSL also include a gag order forbidding the recipient from revealing the existence of the letter to anyone.

Microsoft fought the NSL in question because it violated their policy of notifying all enterprise customers when they receive any "legal order related to data”. The FBI withdrew it without any rulings on the legality or appropriateness of the NSL.

This may indicate a move towards some limitations of the gag order attached to NSLs, which would be very valuable for transparency in the whole process.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

Cash for Anonymity shows serious intent

in ,

AU Icon Paying for anonymity is a tricky thing, mostly because on-line payments are strikingly non-anonymous. The default payment mechanism on the Internet is the Credit Card, which generally requires hard identification. There are anonymous pre-paid cards, but they are getting harder to find, and most pre-paid cards are requiring registration with real name and (in the US) social security number.

We are working on supporting Bitcoin which provides some anonymity, but not as much as you might think. New tools for Bitcoin anonymity are being developed, so this situation may improve, and other crypto currencies are gaining traction as well.

When it comes to anonymity, cash is still king. Random small US bills are truly anonymous, and widely available (1996 study showed over half of all physical US currency circulates outside the country). While non-anonymous payments only allow Anonymizer to know who its customers are, not what they are doing, that information might be sensitive and important to protect for some people.

That is why Anonymizer accepts cash payments for its services. Obviously it is slower and more cumbersome, but for those who need it, we feel it is important to provide the ultimate anonymous payment option. If you are looking at a privacy provider, even if you don’t plan to pay with cash, take a look at whether it is an option. It could tell you something about how seriously they take protecting your privacy overall.

Secret apps that have access to your message are not so secret.

in

Whisper

Whistleblowers Beware: Apps Like Whisper and Secret Will Rat You Out | Business | WIRED

Here is more evidence that, if a service has access to your information, that it can get out. In this case the privacy services Whisper and Secret have privacy policies that say they will release messages tied to your identity if presented with a court order, but also to enforce their terms of service and even in response to a simple claim of “wrongdoing” (whatever that might mean).

Anonymizer has no logs connecting user activity to user identity, thus we don’t have these problems.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+
.

The Privacy Blog Podcast - Ep. 19: Heartbleed, IE, and Internet Sovereignty.

in

Standard-Profile-Picture.jpgIn episode 19 of The Privacy Blog Podcast, recorded for April 2014, I  talk about:

  • The Heartbleed bug, and why it is such a big deal.
  • A major vulnerability in Internet Explorer, and why we are focusing on the wrong thing.
  • The reasons behind recent pushes for national Internet sovereignty.
  • and finally about the increasingly international reach of US search warrants.