When it comes to mass spying, the best game in town is not CIA or any of the alphabet soup agencies. Private companies and data brokers have been doing data collection on a massive scale, and given their advanced statistical methods, this information can say a lot about a person. In fact, I’d say that what they have is better than what the alphabet soup has, and their data has a lot of implications.
This started when companies like Amazon realized that they can make a profit every step of the way: sell items to customers, sell customers’ data to data brokers. Data brokering has since become much bigger, and so the data collection methods have also become much more extensive. There are many ways to gather mass data, and these are just the ones I can think of off the top of my head: first, many websites straight up sell their data to brokers. This includes many online vendors, all kinds of popular sites (not all of them, but some of them), adult entertainment sites, you name it. If those sites do not sell data, dishonest brokers can and do embed tracking ads on sites that accept them, revealing a user’s entire browsing history. Then of course there are companies like Google, that sell user search histories.
Continue reading “Facebook gathers data for data mining operations used by data brokers”
With so much recent concern about how the NSA and GCHQ (and, likely, others) basically look at unencrypted traffic as an easy way to hack into your data, it’s becoming increasingly important for the big companies which manage tremendous amounts of the public’s personal data to encrypt as much as possible. The folks over at the EFF have now put together a sort of crypto report card on which major companies are actually encrypting everything they can.
The results are a little disappointing. Only four companies. Dropbox, Google, SpiderOak and Sonic.net got a perfect score on the five categories measured. Twitter is pretty close (and the only thing it’s missing, STARTTLS, really would only matter if it were offering email, which it doesn’t, other than to employees) while the rest still have a fair bit of work to do.For the die hard Cloud users & Faacebook fanatics it involves you taking responsibility for your own security and crypto keys, which maybe is too much to ask. That’s why Encrypting Facebook as a start.or Encrypting cloud storage.. The incumbent access providers AT&T, Verizon and Comcast don’t appear to care nearly enough about security at all. And lots of free apps and cloud services started appearing, some with CIA funding (InQTel) offering storage of business data, video, IP surveillance, exactly the sort of thing the NSA wants to grab in a 5 eyes jurisdiction with a cooperative management. That’s why it’s little surprise that the NSA’s deals with at least AT&T and Verizon are a major source of information.
Hopefully this effort (and the ongoing concerns about the NSA, as well as outside hacking) lead more companies to upping their encryption game.
CISPA v3 is back!
We had believed, along with a number of others, that the Snowden leaks showing how the NSA was spying on pretty much everyone would likely kill CISPA dead. After all, the key component to CISPA was basically a method for encouraging companies to have total immunity from sharing information with the NSA. And while CISPA supporters pretended this was to help protect those companies and others from online attacks, the Snowden leaks have reinforced the idea (that many of us had been pointing out from the beginning) that it was really about making it easier for the NSA to rope in companies to help them spy on people.
Also, if you don’t remember, while CISPA had passed the House, the Senate had shown little appetite for it. Last year, the Senate had approved a very different cybersecurity bill, and had expressed very little interest in taking up that fight again this year. Except now, in an unexpected move, Senate Intelligence Committee boss, and chief NSA defender because of reasons that are top secret, has now announced that she’s been writing a Senate counterpart to CISPA and is prepared to “move it forward.”
Continue reading “CISPA: Who’s For It And Who’s Against It And Much More…”