draft-dukhovni-opportunistic-security-01 - Opportunistic Security: some protection most of the time
Opportunistic Security: some protection most of the time
security  privacy 
ongoing by Tim Bray · Privacy Economics
It’s like this. If there’s da­ta flow­ing over the Net that the in­tel­li­gence com­mu­ni­ty can scoop up for free, they will, and they’ll store it forever. Crim­i­nals and stalk­ers will scoop too, look­ing for credit-card num­bers and home ad­dress­es and so on. ¶

But the In­ter­net vol­ume is so high that if it pro­cess­ing a con­ver­sa­tion takes any non-zero in­vest­ment of ef­fort or mon­ey, then spooks and crooks won’t both­er (un­less you’re a re­al tar­get); no­body can af­ford X times bil­lion­s/­day, no mat­ter how small X is.

Thus ev­ery time you turn the pri­va­cy di­al up, even just a lit­tle, you make cer­tain class­es of surveil­lance and of crime un­eco­nomic. This is a good thing.
tbray  privacy  security 
The Internet of Things Will Ruin Birthdays — The Message — Medium
RT : "The Internet of Things Will Ruin Birthdays" — my latest for the Message
from twitter
RT : Really enjoying 's Robot Rothko. Just letting it play on my projector
from twitter_favs
3 days ago
medium.com – what is public f33b16d780f9 #3a56dea9b5ce5e8becf166bf5a749d34
The phenomenon of doxxing (revealing personal information about a person online) has made clear that public information exists in a context of power and consent, and we must construct our ethics in that context.
anildash  highlights  from:dogeared  url:b2a5b2bc6e40bd36ef0928026ed7c40e  dt:year=2014  dt:month=07  dt:day=26  dt:timestamp=1406386609 
4 days ago
www.vice.com – sderot cinema twisted conflict spectatorship in israel and palestine 721 #49432f7faf7ac74b67a3662889e56552
That’s part of what makes the scene so chilling. Sørensen, a veteran Middle East correspondent, points out that the sort of callous enmity on display at the “Sderot cinema” can be seen amongst Palestinians as well. “On both sides, there's a total lack of empathy that I've never seen before.”
highlights  from:dogeared  url:0f88a1207bd009bb80d695e98a9a1e88  dt:year=2014  dt:month=07  dt:day=26  dt:timestamp=1406383165 
4 days ago
medium.com – the secret of minecraft 97dfacb05a3c #8f6597b3a8969a23bef3f7119493ceb2
The true Minecraft is the oral tradition: secrets and rumors shared in chat rooms, across cafeteria tables, between block-faced players inside the game itself.
highlights  from:dogeared  url:0e7c43c731898fdf21c18dfe9346d21e  dt:year=2014  dt:month=07  dt:day=26  dt:timestamp=1406382515 
4 days ago
pando.com – tor spooks #ea9464b097dcecef96278f014c64cd42
This choice goes back to the original discussion that Mike Perry and I were wrestling with a few years ago… if we want to end up with a fast safe network, do we get there by having a slow safe network and hoping it’ll get faster, or by having a fast less-safe network and hoping it’ll get safer? We opted for the “if we don’t stay relevant to the world, Tor will never grow enough” route.
tor  security  highlights  from:dogeared  url:f0477eabdd2ed0929656cd0bbd63b258  dt:year=2014  dt:month=07  dt:day=20  dt:timestamp=1405890047 
9 days ago
pando.com – tor spooks #9b4c693c6bcae5eac1820a01f0e7ec48
Back in 2007, a Swedish hacker/researcher named Dan Egerstad showed that just by running a Tor node, he could siphon and read all the unencrypted traffic that went through his chunk of the Tor network. He was able to access logins and passwords to accounts of NGOs, companies, and the embassies of India and Iran. Egerstad thought at first that embassy staff were just being careless with their info, but quickly realized that he had actually stumbled on a hack/surveillance operation in which Tor was being used to covertly access these accounts.
tor  surveillance  highlights  from:dogeared  url:f0477eabdd2ed0929656cd0bbd63b258  dt:year=2014  dt:month=07  dt:day=20  dt:timestamp=1405889908 
9 days ago
pando.com – tor spooks #8db75adec55bdc9ad03af2dbb52cca5f
To avoid taking a final exam he wasn’t prepared for, Kim hit up on the idea of sending in a fake bomb threat. То cover his tracks, he used Tor, supposedly the best anonymity service the web had to offer. But it did little mask his identity from a determined Uncle Sam. A joint investigation, which involved the FBI, the Secret Service and local police, was able to track the fake bomb threat right back to Kim — in less than 24 hours. As the FBI complaint explained, “Harvard University was able to determine that, in the several hours leading up to the receipt of the e-mail messages described above, ELDO KIM accessed TOR using Harvard’s wireless network.” All that Tor did was make the cops jump a few extra steps. But it wasn’t hard, nothing that a bit of manpower with full legal authority to access network records couldn’t solve. It helped that Harvard’s network logging all metadata access on the network — sorta like the NSA.
tor  surveillance  motive  highlights  from:dogeared  url:f0477eabdd2ed0929656cd0bbd63b258  dt:year=2014  dt:month=07  dt:day=20  dt:timestamp=1405889841 
9 days ago
pando.com – tor spooks #7101af1cca234b4b26d18121e0afc8ce
In the 90s, as public Internet use and infrastructure grew and multiplied, spooks needed to figure out a way to hide their identity in plain sight online. An undercover spook sitting in a hotel room in a hostile country somewhere couldn’t simply dial up CIA.gov on his browser and log in — anyone sniffing his connection would know who he was. Nor could a military intel agent infiltrate a potential terrorist group masquerading as an online animal rights forum if he had to create an account and log in from an army base IP address. That’s where onion routing came in. As Michael Reed, one of the inventors of onion routing, explained : providing cover for military and intelligence operations online was their primary objective; everything else was secondary:
tor  network  motive  highlights  from:dogeared  url:f0477eabdd2ed0929656cd0bbd63b258  dt:year=2014  dt:month=07  dt:day=20  dt:timestamp=1405841277 
10 days ago
www.washingtonpost.com – 93d2ac22 0b93 11e4 b8e5 d0de80767fc2 story #50b1f9d66f410411bb2579858c095c10
When I started at the State Department, I took an oath to protect the Constitution of the United States. I don’t believe that there is any valid interpretation of the Fourth Amendment that could permit the government to collect and store a large portion of U.S. citizens’ online communications, without any court or congressional oversight, and without any suspicion of wrongdoing. Such a legal regime risks abuse in the long run, regardless of whether one trusts the individuals in office at a particular moment.
nsa  surveillance  law  highlights  from:dogeared  url:59e8b7fa596d91e1ed5c0a3b4909322a  dt:year=2014  dt:month=07  dt:day=20  dt:timestamp=1405841001 
10 days ago
www.washingtonpost.com – 93d2ac22 0b93 11e4 b8e5 d0de80767fc2 story #b0b1da2a69ec45e7607539b6251233b9
Executive Order 12333 contains no such protections for U.S. persons if the collection occurs outside U.S. borders. Issued by President Ronald Reagan in 1981 to authorize foreign intelligence investigations, 12333 is not a statute and has never been subject to meaningful oversight from Congress or any court. Sen. Dianne Feinstein (D-Calif.), chairman of the Senate Select Committee on Intelligence, has said that the committee has not been able to “sufficiently” oversee activities conducted under 12333. Unlike Section 215, the executive order authorizes collection of the content of communications, not just metadata, even for U.S. persons. Such persons cannot be individually targeted under 12333 without a court order. However, if the contents of a U.S. person’s communications are “incidentally” collected (an NSA term of art ) in the course of a lawful overseas foreign intelligence investigation, then Section 2.3(c) of the executive order explicitly authorizes their retention. It does not require that the affected U.S. persons be suspected of wrongdoing and places no limits on the volume of communications by U.S. persons that may be collected and retained.
nsa  surveillance  law  highlights  from:dogeared  url:59e8b7fa596d91e1ed5c0a3b4909322a  dt:year=2014  dt:month=07  dt:day=19  dt:timestamp=1405838768 
10 days ago
Twitter / thisisaaronland: am I the only one who can’t ...
am I the only one who can’t help but see the spinny balls…
from twitter
10 days ago
Untitled (https://spacetimeid.appspot.com/)
I should update to support OSM nodes based on creation date...
from twitter
12 days ago
Untitled (https://lists.openstreetmap.org/pipermail/talk/2011-August/059715.html)
see also: / I sent a similar suggestion once but can’t find it and never did anything about it…
from twitter
12 days ago
Colonising the Clouds  — Medium
Government cyber commands seem to hold a non digital-dualist view. They would claim that cyber is a theatre, not a territory. This is demonstrated in their understandings of servers on sovereign territory, and the legalities of cyber-espionage
network  politics 
19 days ago
A new app turns a design museum’s collection into digital Rothkos – Quartz
RT : Nice piece by on our latest toy "A new app turns a design museum’s collection into digital Rothkos"
from twitter
19 days ago
rhizome.org – forgetting #0f23f23b64dbaeb7f8c44e813a7a69c9
I tried to stave off the threats to my digital reputation long enough; I defended my relevance at all cost. But said cost turned into debt, and those debts are all that has been remembered
archive  highlights  from:dogeared  url:eb1849dc1be8f5f68178ab3fbd91677f  dt:year=2014  dt:month=07  dt:day=09  dt:timestamp=1404916342 
21 days ago
New America New York City: The Future of Getting Lost
"In this era of near constant tracking and data gathering by cellphones, sensors, CCTV cameras, or even social media, it feels as if anyone, anywhere, should be easily findable at any moment. But as Malaysia Airlines Flight 370 has demonstrated, it is still possible for significant, and tragic, disappearances to occur. What is the future of finding lost people in this time of exponentially increasing data? What can data offer us in terms of anticipatory and real-time disaster relief? And can we balance this measurable need—one that saves lives—with our desire to sometimes stray and purposefully lose ourselves"
21 days ago
nybooks.com – awlaki secret drone memo #f42b18e78eede85ed6852c74c1632fa0
In an editorial today, The New York Times condemns the memo for relying on arcane notions of emergency “public authority,” but that criticism misunderstands the memo’s argument. It simply maintains that while private parties are rarely, if ever, authorized to kill another, government authorities may well be—especially when the victim is an enemy fighter in an armed conflict. The memo concludes that al-Awlaki fit that bill, and that his citizenship status did not protect him from being treated like other enemy fighters
law  highlights  from:dogeared  url:e081fe0bcb2d43dc479173f7cbb46af0  dt:year=2014  dt:month=07  dt:day=09  dt:timestamp=1404900559 
21 days ago
aeon.co – what tech offices tell us about the future of work #fb4ffe574a19888fbd8980e923694bd1
And so, the white-collar work-life blend reaches its logical conclusion with the transformation of modern luxury spaces such as airport lounges into spaces that look much like the offices from which the technocrat has arrived
airports  architecturehighlights  from:dogeared  url:b64cf85db302550f0c7152e1cadf7cdd  dt:year=2014  dt:month=07  dt:day=09  dt:timestamp=1404900559 
21 days ago
writings.quilt.org – distributed systems and the end of the api #bfb256764faf50497718e087beff9937
When people started hooking up computers over networks, it was natural to want to carry along this notion of using language as a way of naming things we interact with programmatically.  Of course, assigning names is not an issue; doing so is essential to being able to talk about them at all. The problem is that APIs are fundamentally only nominal descriptions. We assign names to the data and operations and objects our programs manipulate, but there is nothing in such a shorthand that talks about the semantics or limits or capabilities of those things. To abuse a Perlisism , the name of a thing is a perfect vehicle for hiding information
api  network  highlights  from:dogeared  url:58daec021ab3c92fb1d963b1225ac068  dt:year=2014  dt:month=07  dt:day=08  dt:timestamp=1404828483 
22 days ago
arstechnica.com – airbus submits patent application for windowless jet cockpit #5307aa0253bfccc8606e8225af7acf03
According to the application, the non-windows cockpit would contain "a screen and associated means for projection (including back-projection)" of various "scenes," including the environment immediately forward of the aircraft, and also "a device with lasers for forming a holographic image" to display items like "a 3D mesh of the earth’s surface," "a hologram representing for example an assistant pilot on the ground," or "a holographic representation…of one or more flight instruments
airplanes  notifications  design  highlights  from:dogeared  url:5d185daa08129ec712907e406c557d2f  dt:year=2014  dt:month=07  dt:day=07  dt:timestamp=1404780655 
22 days ago
Ice Cold [Ballistic] (Manhattan bound C; Clinton-Washington) | Flickr - Photo Sharing!
McDonalds adhack: Ice Cold [Ballistic] (Manhattan bound C; Clinton-Washington)
from twitter_favs
22 days ago
Robot Rothko | Cooper Hewitt Labs
"And of course it works with our recently announced support for DSON as a response format." –
aa:post=robot-rothko  aa:ima=link  aa:year=2014  from twitter
22 days ago
idlewords.com – sana a #77c26bf1219e3daf1fde26fd70870507
As the plane dips a wing to begin its final approach, I notice that the monochrome ground becomes boxy and pixellated out towards the horizon, where thousands and thousands of tiny cubes seem to rise out of the desert, as if the Yemeni landscape had a bug in its loader
glitch  highlights  from:dogeared  url:887ac55daddb49562ef0a00fca0da7d1  dt:year=2014  dt:month=07  dt:day=07  dt:timestamp=1404742715 
23 days ago
www.washingtonpost.com – 8139adf8 045a 11e4 8572 4b1b969b6322 story #cf1b44e77610cf5faa18243bb4a29e5f
Apart from the fact that tens of millions of Americans live and travel overseas, additional millions use simple tools called proxies to redirect their data traffic around the world, for business or pleasure. World Cup fans this month have been using a browser extension called Hola to watch live-streamed games that are unavailable from their own countries. The same trick is routinely used by Americans who want to watch BBC video. The NSA also relies routinely on locations embedded in Yahoo tracking cookies, which are widely regarded by online advertisers as unreliable.
nsa  surveillance  yahoo  highlights  from:dogeared  url:a38f8d565a1044aedadceb87d60594e7  dt:year=2014  dt:month=07  dt:day=05  dt:timestamp=1404611184 
24 days ago
www.washingtonpost.com – 8139adf8 045a 11e4 8572 4b1b969b6322 story #790fbba105988a7f9ea107f1f7f4b483
The NSA treats all content intercepted incidentally from third parties as permissible to retain, store, search and distribute to its government customers. Raj De, the agency’s general counsel, has testified that the NSA does not generally attempt to remove irrelevant personal content, because it is difficult for one analyst to know what might become relevant to another.
motive  nsa  surveillance  highlights  from:dogeared  url:a38f8d565a1044aedadceb87d60594e7  dt:year=2014  dt:month=07  dt:day=05  dt:timestamp=1404610960 
24 days ago
www.washingtonpost.com – 8139adf8 045a 11e4 8572 4b1b969b6322 story #43876981d1fd6357cf9b3aa0f3f10de3
The surveillance files highlight a policy dilemma that has been aired only abstractly in public. There are discoveries of considerable intelligence value in the intercepted messages — and collateral harm to privacy on a scale that the Obama administration has not been willing to address.
nsa  surveillance  highlights  from:dogeared  url:a38f8d565a1044aedadceb87d60594e7  dt:year=2014  dt:month=07  dt:day=05  dt:timestamp=1404610769 
24 days ago
« earlier      
/ 3d aa:ima=link aa:ima=post aa:post=10days aa:post=agency aa:post=airportcity aa:post=anti-aliasing aa:post=barcode aa:post=beta aa:post=bwr aa:post=connected aa:post=delmaps aa:post=delmaps_02 aa:post=dogeared aa:post=donut-hole aa:post=dragons aa:post=enplacify aa:post=face aa:post=filtr03 aa:post=firedopplr aa:post=hills aa:post=historybox aa:post=mw09 aa:post=mw2010 aa:post=mw2011 aa:post=mw2012 aa:post=nearby aa:post=objects aa:post=otaku aa:post=py-wsclustr-php aa:post=question aa:post=robot-rothko aa:post=spacemountain aa:post=things aa:post=turkishmmap aa:post=wall aa:post=woelr aa:post=ws-decode aa:post=ws-modestmaps aa:post=youarehere aa:post=zomg aa:year=2005 aa:year=2006 aa:year=2007 aa:year=2008 aa:year=2009 aa:year=2010 aa:year=2011 aa:year=2012 aa:year=2013 aa:year=2014 aaronland airplanes airports americaland android api appengine architecture archive arduino artisyourfriend aws barcode bonus bwr camera canvas capacityplanning cats cli cloudcastles clustr colour communitiesofsuggestion community computervision cooperhewitt crouching crypto css d3 data database delicious design devel dotspotting drones dt:day=05 dt:day=07 dt:day=08 dt:day=12 dt:day=13 dt:day=16 dt:day=19 dt:day=20 dt:day=21 dt:day=26 dt:day=28 dt:day=30 dt:month=01 dt:month=02 dt:month=03 dt:month=04 dt:month=05 dt:month=06 dt:month=07 dt:month=08 dt:month=09 dt:month=10 dt:month=11 dt:month=12 dt:year=2013 dt:year=2014 ec2 email etsy facebook finance flickr food foursquare from:dogeared from:instapaper galleries geo git github google hardware hidden highlights history historyboxes http instagram ios iphone java javascript jquery keyboard language law london machinetags magicwords maps mobile montreal motive mozilla museum museums-and-the-network must namingthings network newaesthetic nodejs notifications nsa nyc ohyeahthat osm osx painting papernet perl photography php pinboard play prettymaps privacy publicspaces publictransportation python raspberrypi readme redacted roboteyes robots s3 search security semweb sfba solr spacetime stamen stml surveillance sysadmin tagging travel twitter typos unfinishedhistory unicode unix video visualization voicefromabove whosonfirst wifi wikipedia yahoo

Copy this bookmark: