EFF
Latest
The CIA is giving its surveillance tech to US law enforcement
The Justice Department's newest electronic dragnet--plane-mounted "dirtboxes" that can slurp thousands of cellular phone ID's from the air -- was originally developed by the CIA to hunt terrorists in the Middle East, The Wall Street Journal reports. Now however, it's being used domestically to track American citizens. That's not good.
'Canary Watch' legally reveals when sites get national security requests
Internet service companies like Reddit and Tumblr want to be transparent about user privacy. The problem is, they're sometimes forced by law to clam up when they receive specific national security data requests from agencies like the NSA or FBI. But there's nothing stopping them from saying they haven't received such requests, and that's where a new website called Canary Watch comes in. Like the birds that show a mine is safe by not being dead, the site tracks statements by websites like Pinterest saying they haven't received national security requests. If such "warrant canaries" suddenly disappear, Canary Watch will flag that fact, revealing that the site actually has received a request without breaking any laws.
Healthcare.gov stops passing private details on to advertisers
A few days ago an Associated Press report revealed that the US Government's affordable care portal Healthcare.gov was passing detailed information on to third parties. Now the AP tests reveal those links have been scaled back. Previously, the Eelectronic Freedom Foundation discovered that the site was passing on details like age, pregnancy status, smoking status and more via the URL, which would bypass even protections like enabling Do Not Track in your browser. The data that embedded services like DoubleClick, ChartBeat, Google or Twitter received was apparently anonymous and supposedly barred from use for business interests, but it theoretically could be matched up with other information to identify and target users with ads. The Obama Administration responded to the initial complaints by saying the data was intended for use to improve the website itself, but so far hasn't commented on the changes. For concerned users, the EFF recommends using a tool like its Privacy Badger to block websites from sending your personal information on to third parties.
America's healthcare portal is sharing your personal data with ad agencies
Enabling millions of people to access vital healthcare services they otherwise couldn't have afforded is a very noble cause, but it looks as if those behind the service haven't been playing fair with your private information. A report by the AP has revealed that Healthcare.gov, the Government's affordable care portal, shares some of your personal data with a whole raft of marketing agencies. The action has been independently verified by the Electronic Frontier Foundation, which has found that a person's location, annual income and smoking habits are all being freely distributed.
Humble Bundle milestones: $50M to charity, $100M to devs
Humble Bundle has raised more than $50 million for charity since launching its first sale in May 2010 – the Humble Indie Bundle, as it was called back then. That bundle introduced the idea of "pay what you want" pricing and offered customers power over the allocation of their payments, plus the chance to do something good for charity. Specifically for that first promotion, it was the Electronic Frontier Foundation and Child's Play Charity. "When my co-founder Jeff [Rosen] first contacted the Electronic Frontier Foundation and Child's Play for our first promotion, no one knew who we were," Humble co-founder John Graham tells Joystiq. "After pitching the confusing idea, in probably too much detail, he was cut off: 'So let me get this straight, you are basically asking if you can give us money? Sure!'" Humble Bundle now supports a roster of more than 50 charitable organizations and has expanded with weekly bundles, ebook bundles, mobile bundles and the Humble Store, which by itself raised $1 million for charity by June 2014. That very first Humble Bundle raised roughly $400,000 for charity – $200,000 each for EFF and Child's Play – at the time an "incomprehensible" amount to John Graham. "It produced a lot of pressure to keep going," he says. "Our potential to raise another $400,000 for charity felt like a moral obligation. Raising more than two orders of magnitude beyond that goal was not something we ever considered."
Digital copyright issues are affecting car modifications
Tinkering to get better performance out of your ride is one of the more rewarding aspects of vehicle ownership. The thing is, as cars have become more and more computer-dependent, getting a horsepower boost or better gas mileage by swapping exhaust systems or air filters is just the beginning. Sometimes to hit the level you'd want, tweaking the engine control or primary control module by aftermarket means is necessary. Thanks to the Digital Millenium Copyright Act, however, that puts wrenching on your vehicle into murky legal territory. The folks at the Electronic Frontier Foundation (PDF) have your back and are hoping to keep the DMCA out from under your hood, though. As Autoblog notes, the EFF is hoping its petition to the federal copyright office will result in removing some of the legal issues that can arise from futzing with your car's electronic brain-box.
Amnesty International wants to help you avoid government surveillance
It is a truth, universally acknowledged, that we're all being spied upon, either by the NSA, GCHQ or some scammer trying to get our credit card details. For journalists and political activists in countries without some respect for due process or democracy, being spied upon can have some terrifying consequences. That's why Amnesty International is throwing its weight behind a new tool that scans your computer and smartphone specifically on the hunt for the sort of spyware that's commonly used by governments.
Tech companies want you to have free web encryption
Ideally, you'd encrypt everything you do on the web to keep it away from spies and thieves. However, getting a security certificate to enable that encryption on your own site can be both costly and difficult -- many people don't even bother. That's not good enough for the Electronic Frontier Foundation, so it's partnering with Mozilla, Cisco and other tech firms to launch Let's Encrypt, an authority that will hand out and manage free certificates for anyone that wants them. Besides eliminating the cost barrier, the effort will also scrap a lot of the bureaucracy and hard work that's normally involved -- all you'll have to do is run a program, which should take seconds.
Digital liberty advocates want the right to resurrect old online games
It's great that many games have strong online components, but there's a dark side to that connectedness: if the developers (or their partners) shut down necessary servers, those titles are likely to break. You won't have to worry about your favorite game going dark if the Electronic Frontier Foundation has its way, however. The liberty-minded advocacy group has filed a Digital Millennium Copyright Act exemption request with the Library of Congress that would give Americans the right to keep online play alive in old, abandoned games by modifying the code to point to unofficial services. While the request wouldn't cover games where most of the content is stored online, it would address single-player releases that demand internet-based activation just to run.
Just how secure are your messaging apps? The EFF knows.
Like it or not, your messages -- those funny, tragic, productive, intensely personal missives you fire off without a second thought -- aren't nearly as safe as we all thought. That's why the Electronic Frontier Foundation decided to do a bit of digging into how secure all those messaging apps we use actually are, and it threw its results into this handsome little scorecard. Unsurprisingly, few entrants (like the security-minded calling and texting apps from outfits like Whisper Systems and Silent Circle) scored full marks on the EFF's rubric. What's even less of a surprise is how many well-known services - services we probably all use everyday - don't fare particularly well by the EFF's standards.
EFF petitions US government to resurrect abandoned games
The Electronic Frontier Foundation filed a petition to the Library of Congress and the United States Copyright Office this week over the modification of abandoned games, particularly those that require an online connection to prevent piracy. The EFF is seeking a change to current laws that would deem mods that strip out authentication checks as fair use of the software after developers take those servers offline. The foundation noted Civilization 5 and Mario Kart Wii as examples in its petition, though the list of eligible abandoned games goes back many years. Should the Library of Congress approve the request, legally-acquired copies of many of those games would be open to modification so players can enjoy them on third-party servers. The petition does note that MMOs and "persistent world" games would be exempt from the change, as their "audiovisual content is primarily stored on the developer's server and not in the client." [Image: Electronic Frontier Foundation]
EFF wants to legalize tinkering with shuttered online games
The Electronic Frontier Foundation is seeking six exemptions to the Digital Millennium Copyright Act, one of which may affect your enjoyment of video games and possibly MMOs at some point in the future. In a nutshell, the EFF wants to legalize tinkering with titles which have had their online functions terminated. "The fair use doctrine enables the manipulation and copying of software code in order to gain access to the ideas and functions embedded within it that are not protected by copyright, including server communication protocols," the EFF says. Unfortunately for MMO emulator fans, the petition doesn't apply to "persistent world" titles at present.
Anti-surveillance advocates want you to run an open, secure WiFi router
Plenty of WiFi routers have guest modes for visitors; some companies base their entire business models around them. Many of these devices are full of security holes, however, and the Electronic Frontier Foundation doesn't see that as acceptable in an era where widespread government surveillance is a fact of life. To fix this, it has posted a very early version of custom-built open router firmware that promises both easy access and security. While there is a guest mode, the new firmware (based on the existing CenoWRT) should patch common exploits that leave your home network vulnerable. It will even fetch signatures for updates through the anonymizing Tor network to prevent rogue code from posing as a necessary upgrade.
How to Disappear (almost) Completely: the illusion of privacy
Can anyone ever really leave the internet? And if you had the choice, is that something that you'd want to do? After all, abandoning the connected world might help you reclaim some privacy, but even if you smashed your PC, burned your tablet and tossed your smartphone, you might still not be able to escape constant surveillance. In our three-part series How To Disappear, we're going to look at why you'd think about going offline, what you can do to tidy up your digital footprint and what happens to those who have made the leap into the darkness.
Twitter's blocking of 'blasphemous' content raises questions over its censorship policy
At first glance, Twitter's international policy on censorship seems reasonable. If the laws of a particular country require content to be locally blocked, then Twitter will adhere to that, deeming it to be a lesser evil than having the social network blocked in its entirety. This is what's just happened in Pakistan, where five requests from a government office have, for the first time, resulted in "blasphemous" and "unethical" tweets being blocked to Pakistani users -- including crude drawings of the Prophet Muhammad. This successfully avoided a repetition of what happened two years ago, when similar content temporarily led Pakistan to deploy a site-wan ban against twitter.com. However, critics say that, in practice, Twitter's policy isn't working fairly, because it's giving too much power to would-be censors who, even within their own countries, don't actually have any authority to block or delete content.
The TUAW Daily Update Podcast for May 16, 2014
It's the TUAW Daily Update, your source for Apple news in a convenient audio format. You'll get some the top Apple stories of the day in three to five minutes for a quick review of what's happening in the Apple world. You can listen to today's Apple stories by clicking the player at the top of the page. The Daily Update has been moved to a new podcast host in the past few days. Current listeners should delete the old podcast subscription and subscribe to the new feed in the iTunes Store here.
EFF heaps praise on Apple for protecting customer data
A new and extensive report from the Electronic Frontier Foundation (EFF) details which of the major Internet companies "have your back" when it comes to protecting user data from Government requests. When the dust settled, Apple was one of only a few companies to earn six stars across the board. The worst performer, without question, was Snapchat -- which earned just a lone star. In compiling the results, EFF looked at six distinct company practices and policies. 1. Require a warrant for content of communications 2. Tell users about government data requests 3. Publish transparency reports 4. Publish law enforcement guidelines 5. Fight for users' privacy rights in courts 6. Publicly oppose mass surveillance. Apple in particular was singled out for making tremendous strides regarding its efforts at protecting customer data. The report highlights Apple this year earned a perfect six out of six stars, a huge improvement from previous years when the company earned only one star. Apple earned credit in all 6 categories in this year's Who Has Your Back report. Apple's rating is particularly striking because it had lagged behind industry competitors in prior years, earning just one star in 2011, 2012, and 2013. Apple shows remarkable improvement in its commitments to transparency and privacy. Other companies who earned six out of six stars include CREDO Mobile, Dropbox, Facebook, Google, Microsoft, Sonic, Twitter, and Yahoo. The entire report is thorough and well worth a read for anyone curious about which companies are doing the most to protect their from government requests.
EFF praises major tech companies for doing more to protect your data
The jury (or rather, congress) is still out on how Snowden's now-legendary leaks will effect the NSA, but it's certainly changed how companies handle user data. According to the Electronic Frontier Foundation's latest "Who Has Your Back?" transparency report, 2014 is a landmark year for user privacy -- Apple, Dropbox, Facebook, Google, Microsoft, Yahoo and Twitter all earned perfect scores in the report's six-point evaluation. The scoring metric awards stars for companies that require the government to get a warrant before collecting user data, or to firms that publish their own transparency reports. Overall, the report shows a marked improvement over last year, but the EFF still highlights other big companies that could do a lot more to protect and reassure their users.
The EFF wants your help testing a browser add-on that blocks spying ads
Like many privacy advocates, the Electronic Frontier Foundation isn't a big fan of advertisers and sites following you around the web. So, it's doing something about this nosy behavior -- it's launching a browser add-on, Privacy Badger, that lets Chrome and Firefox users limit site tracking. The tool automatically stops sites' attempts to shadow your surfing activity and lets you selectively grant permission when you're not worried. To get on the Badger's good side, a web host has to honor Do Not Track requests -- a not-so-subtle dig at Facebook, Google, Yahoo and others that so far insist on tracking visitors.
Contact-Congress simplifies the act of, well, contacting congress
If you've never contacted your congress person then you might not realize how difficult our politicians have made it to get a hold of them. There are 535 members of the House and Senate all whom have some arcane contact form on their websites that obscure their direct email address. It's inconvenient for a single person to write a letter to all their elected representatives. But for organizations looking drive letter writing campaigns it's a nightmare. Individuals won't want to visit three separate sites as part of a push to pass or block a piece of legislation. And while there are services out there that can automate part of the work by routing messages to the right email addresses, they charge thousands of dollars a year for access to their tools and databases.
