eff   5667

« earlier    

All of my Deeplinks blog posts – parker higgins dot net
Parker Higgins is an artist and activist based in Brooklyn, New York. He writes about computers, creativity, and the law, and works as the Director of Special Projects at the Freedom of the Press Foundation. Previously, he was the Director of Copyright Activism at the Electronic Frontier Foundation.
eff  deeplink  post 
5 days ago by gdw
Let's Encryptからワイルドカード証明書を取得する
ssl  certificate  letsencrypt  eff 
5 days ago by lilili
A Privacy-Focused Facebook? We'll Believe It When We See It. | Electronic Frontier Foundation
In his latest announcement, Facebook CEO Mark Zuckerberg embraces privacy and security fundamentals like end-to-end encrypted messaging. But announcing a plan is one thing. Implementing it is entirely another. And for those reading between the lines of Zuckerberg’s pivot-to-privacy manifesto, it’s clear that this isn’t just about privacy. It’s also about competition.
The Proof is in the Pudding
At the core of Zuckerberg’s announcement is Facebook’s plan to merge its three messaging platforms: Facebook’s Messenger, Instagram’s Direct, and WhatsApp. The announcement promises security and privacy features across the board, including end-to-end encryption, ephemerality, reduced data retention, and a commitment to not store data in countries with poor human rights records. This would mean that your messages on any of these platforms would be unreadable to anyone but you and your recipients; could be set to disappear at certain intervals; and would not be stored indefinitely or in countries that are likely to attempt to improperly access your data. Even better, the announcement promises that Facebook will not store your encryption keys for any of these services, as is already the case with WhatsApp.
This all sounds great, in theory. But secure messaging is not easy to get right at either the technical or policy level.
privacy  facebook  EFF 
7 days ago by rgl7194
Facebook Doubles Down On Misusing Your Phone Number | Electronic Frontier Foundation
When we publicly demanded that Facebook stop messing with users’ phone numbers last week, we weren’t expecting the social network to double down quite like this: By default, anyone can use the phone number that a user provides for two-factor authentication (2FA) to find that user’s profile. For people who need 2FA to protect their account and stay safe, Facebook is forcing them into unnecessarily choosing between security and privacy.
While settings are available to choose whether “everyone,” “friends of friends,” or “friends” can use your phone number this way, there is no way to opt out completely.
The problems with Facebook’s phone number look-up feature are not entirely new. Facebook even promised to disable the functionality last April in the wake of the Cambridge Analytica scandal. Now, others can no longer enter your phone number directly into the Facebook search bar to find your profile. Instead, they can still use your phone number “in other ways, such as when someone uploads your contact info to Facebook from their mobile phone,” a Facebook spokesperson told USA Today. Those "other ways" are what the settings shown above control. But whether they have to type it into Facebook’s search bar or into their phone contacts, the result is the same: others can use your phone number to find your Facebook profile.
facebook  privacy  security  telephone  2FA  search  EFF 
7 days ago by rgl7194
Stupid Patent Of The Month: Veripath Patents Following Privacy Laws | Techdirt
They have a US patent on offering features to customers who agree to share data. There are laws specifically requiring that kind of behavior.
law  privacy  patent  patentabuse  ip-law  techdirt  via:Techdirt  eff 
15 days ago by mcherm
ETS Isn't TLS and You Shouldn't Use It | Electronic Frontier Foundation
"The good news: TLS 1.3 is available, and the protocol, which powers HTTPS and many other encrypted communications, is better and more secure than its predecessors (including SSL).

The bad news: Thanks to a financial industry group called BITS, there’s a look-alike protocol brewing called called ETS (or eTLS) that intentionally disables important security measures in TLS 1.3. If someone suggests that you should deploy ETS instead of TLS 1.3, they are selling you snake oil and you should run in the other direction as fast as you can."
eff  tls  crypto  security  privacy 
20 days ago by abclex
Governments Must Face the Facts about Face Surveillance, and Stop Using It | Electronic Frontier Foundation
It’s important to consider all of these problems with face surveillance now. Once government builds this spying infrastructure, and starts harvesting and stockpiling a record of where we have been and who we were with, there is the inherent risk that thieves will steal this sensitive data, employees will misuse it, and policymakers will redeploy it in new unforeseen manners.

For all of these reasons, companies shouldn’t sell face surveillance technology to governments. EFF supports the effort, led by ACLU, to persuade companies to stop doing so.

Face surveillance erodes everyone’s privacy, chills free speech, and has an outsized negative impact on minority communities. So governments should not use these tools. Rather, they must face the facts about how damaging this surveillance technology is to the people they have a duty to protect.
surveillance  facial-recognition  faces  eff  government 
21 days ago by jm
The Final Version of the EU's Copyright Directive Is the Worst One Yet | Electronic Frontier Foundation
The final text clarifies that any link that contains more than "single words or very short extracts" from a news story must be licensed, with no exceptions for noncommercial users, nonprofit projects, or even personal websites with ads or other income sources, no matter how small // what is this 2002? Link policy?
copyright  europe  eff 
25 days ago by yorksranter
The Public Deserves a Return to the 2015 Open Internet Order | Electronic Frontier Foundation
Congress is actively debating how to fix the FCC’s repeal of the net neutrality rules. But the first bills offered (H.R. 1101 (Walden), H.R. 1006 (Latta), and H.R. 1096 (McMorris Rodgers) focus narrowly on the “bright line” rules of no blocking, no throttling, and no paid prioritization. A major problem with this approach is that the public supported the 2015 Open Internet Order and a huge array of parties (with the exception of basically just AT&T, Comcast, and Verizon) supported Title II reclassification because of what else was protected. Privacy, competition, and public safety are all worse off when all you do is ban three basic tactics.
Restoring the entirety of the 2015 Open Internet Order means protecting the vital components to keeping the Internet a free and open platform. If Congress decides to act, it should not shortchange the American public. Unfortunately, that appears to be where the House of Representatives is heading right now.
internet  open  net_neutrality  gov2.0  politics  privacy  competition  EFF 
27 days ago by rgl7194
7 Things You Should Know About Tor | Electronic Frontier Foundation
We posted last week about the Tor Challenge and why everyone should use Tor. Since we started our Tor Challenge two weeks ago we have signed up over 1000 new Tor relays. But it appears that there are still some popular misconceptions about Tor. We would like to take this opportunity to dispel some of these common myths and misconceptions.
privacy  security  tor  eff 
28 days ago by bouvin

« earlier    

related tags

"expanding  2018  2019  2fa  8  a13  according  aclu  activism  advertising  advice  advocacy  against  agriculture  algorithm  amazon  and  anonymity  application  apps  archive  artificialintelligence  aws  battideas  battle  bias  biometrics  book  books  breach  browser  bug  business  california  camera  cars  cdt  cellphones  censorship  certbot  certificate  certificates  china  clear  cli  clothing  code  coders-rights  company  competition  computersecurity  computervision  computing  conference  conspiracy  contacts  copyright  counterexample  creative  crime  crypto  cryptography  culture  cyber-spectrum  cyber  cybersecurity  cypherpunk  dark  data  dataprotection  debian  december  deeplink  deletefacebook  dhs  digital_rights  dmca  dns  do_not_track  download  driving  drm  education  email  emergency  encryption  engaged  essays  eu  europe  face  facebook  faces  facial-recognition  facial  facialrecognition  fast  fauxtomation  fcc  fiduciary  firefox  fix  freespeech  fsf  giants  github  gnu  google  gov2.0  government  gpu  grait  hack  holes  homepage  howto  html5  https  ibm  ifttt  image  in  information  informationfiduciary  infosec  internet  internetjk-tools  interview  interviews  ip-law  iris  iris_recognition  isp  jk-infosec  keepassxc  labor  lambda  law  legal  letsencrypt  libertarian  linode  linux  logo  mashups  mechanicalturk  media  messaging  metrics  microsoft  mistakesweremade  mobile  moderation  mongodb  mt  mtl  mystery  need  net_neutrality  netflix  netneutrality  netpolicynotes  nginx  ngo  now  nyt  nytimes  of  ojlj  online  op-ed  open  opensource  opinion  oti  outsourcing  password_managers  passwords  patent  patentabuse  patternrecognition  patterns  people  pgp  phishing  phones  pirvacy  pocket  podcast  poland  police  policing  politics  porn  post  potus  practical  prediction  principles  privacy  programming  proliferation  propaganda  public  public_media  puzzle  python  raykurzweil  realtime  recognition  reference  regualation  rekognition  repo  resource  responsibility  right  rights  robocalls  santaclara  scandal  schools  script  search  security  security_plan  senior  sensenet  sharing  smart_home  smartphone  social_media  socialmedia  sp_issues  spotify  ssd  ssl  state  street  surveillance"  surveillance  surveillanceself-defense  sysadmin  tagless-final  tech  tech:  techdirt  technology  telephone  the  they  threat_model  tips  title_ii  tls  to-read  to  tool  tools  tor  trackers  tracking  training  travel  trust  tsa  tutorial  tutorials  twitter  ubuntu  uighur  uk  unix  url  victorgevers  visualcommonsense  volunteer  vr  vs  w3c  want  warelogging  weapon  web  whistleblower  wtf  xinjiang  yasha_levine  yro 

Copy this bookmark: