Tag: privacy

Weird New Tricks for Browser Fingerprinting

I’ve given up on privacy and security a long time ago.  So I don’t really care much.  But every time when my position is reinforced with things like “Weird New Tricks for Browser Fingerprinting“, I still lose some sleep for some reason.  And she is on the good side too …

Alex Stamos : AppSec is Eating Security

I’m throwing this into the pile of arguments for “security and privacy are little but myths” discussions.  If top of the top companies, with multi-million budgets and hundreds or thousands of top security professionals get compromised, how realistic is it for the average Joe to protect his business?  I say – not very.

I think 80% of problems can be prevented with the 20% time and effort investment: minimize attack surface by removing and disabling everything you don’t need or use and limiting access to everything else, use layered defense where possible, use encryption where possible and strong passwords if you have to, don’t rely on security through obscurity, have log analyzers and/or intrusion detection system installed, etc.  But most importantly, make peace with the fact that being compromised is not the question of “if”, but “when”.  Prepare yourself.  Have an offsite backup and know how to restore your services in a completely new environment, if necessary.

And as far as your privacy goes, if you put anything private on the Internet, as well, prepare for it to be stolen and leaked.  If it never happens, consider yourself lucky.  Otherwise, just learn to deal with it.  It’s very unpleasant in a variety of ways, but seldom deadly.

Via EtherealMind.

10 Conspiracy Theories That Turned Out To Be True

10 Conspiracy Theories That Turned Out To Be True – some I’ve heard about before, some are new to me.  I’ll keep the list here for further reading and research.

  1. The Gulf of Tonkin Incident
  2. Tuskegee Syphilis Experiment
  3. Project MKUltra
  4. Operation Northwoods
  5. CIA Drug Trafficking
  6. Operation Mockingbird
  7. COINTELPRO
  8. Operation Snow White
  9. Secret Global Economic Policies
  10. The US Government Illegally Spies On Its Own Citizens

Citizenfour

citizenfour

It’s been a long while (almost two years in fact), since I posted a movie review.  It’s not that I haven’t seen any good movies in this period, but more of the fact that I tend to sound repetitive when I write these.  Watch that, this one is awesome, etc.

Last night I’ve watched “Citizenfour“, and I have to say I’m shaken by that documentary.   And I’m not a privacy or security freak, and I was somewhat familiar with Edward Snowden’s story.  This film, while portraying his personality, is not so much about him, as it is about the state of affairs.

As a non-US citizen, I have very little interest in what the US government is doing.  I don’t particularly care if someone is recording my Internet traffic, Google searches, or the phone calls I make.  I’m not worried about ending up “on the list”, or anything like that.

But not everyone is like that.  I do understand how government surveillance can be used, how data can be analyzed, and how pressure can be applied.  And I do share the point of view that the balance of power between the government and the people is way off (and not only in the US), and that we are beyond the point of any meaningful individual resistance.  It’s just that I don’t do anything about it, and Edward Snowden did.

For me personally, quite a few things were new in this film.  It was interesting to learn about the variety of NSA and CIA programs, the depth of their rich, and the technology that is in place already.  Some of it does sound like science fiction future, but is in fact very possible.   The stuff about security access in the NSA, drone video feeds, data gathering, analysis and search, with real time notifications, etc – all that was insightful.

The other side to the movie that I found interesting was the whole process that was used to expose these documents.  There is in fact no framework as to how such things can be done, what should and shouldn’t be published, how things can be verified, etc.  The move to remove his own bias and pass on the responsibility onto the journalists was interesting.

Overall, I think that the more people see this movie, the better.  The issues raised are very important and we should know about them.  It doesn’t only affect criminals or terrorists or Americans.  It affects everyone.  In particular everyone who has a phone, or a computer with an Internet connection, or a credit card.  After all, there are 1,200,000 people on the US watch lists, and from what I understand, this list is growing fast.