Privacy / Security

Your RSS reader doesn't (necessarily) have an algorithm. By default, you'll get everything as it appears, in reverse-chronological order.

Does that remind you of anything? Right: this is how social media used to work, before it was enshittified. You can single-handedly disenshittify your experience of virtually the entire web, just by switching to RSS, traveling back in time to the days when Facebook and Twitter were more interested in showing you the things you asked to see, rather than the ads and boosted content someone else would pay to cram into your eyeballs.

[…] 

RSS basically works like social media should work. Using RSS is a chance to visit a utopian future in which the platforms have no power, and all power is vested in publishers, who get to decide what to publish, and in readers, who have total control over what they read and how, without leaking any personal information through the simple act of reading.

And here's the best part: every time you use RSS, you bring that world closer into being! The collective action problem that the publishers and friends and politicians and businesses you care about is caused by the fact that everyone they want to reach is on a platform, so if they leave the platform, they'll lose that community. But the more people who use RSS to follow them, the less they'll depend on the platform

Cybernews researchers analyzed the new Pixel 9 Pro XL smartphone’s web traffic, focusing on what a new smartphone sends to Google.

“Every 15 minutes, Google Pixel 9 Pro XL sends a data packet to Google. The device shares location, email address, phone number, network status, and other telemetry. Even more concerning, the phone periodically attempts to download and run new code, potentially opening up security risks,” said Aras Nazarovas, a security researcher at Cybernews.

[…]

Key takeaways

• Private information was repeatedly sent in the background, including the user’s email address, phone number, location, app list, and other telemetry and statistics.
• The phone constantly requests new “experiments and configurations,” tries accessing the staging environment, and connects to device management and policy enforcement endpoints, suggesting Google’s remote control capabilities.
• The Pixel device connected to services that were not used, nor explicit consent was given, such as Face Grouping endpoints, causing privacy and ownership concerns.
• The calculator app, in some conditions, leaks calculations history to unauthenticated users with physical access.

The controversial virtual manager service invites real estate agents who have signed up for membership to enter the details of tenants they wish to keep tabs on.

In the future, when a tenant applies for another property and the other real estate agent searches for their details in TICA's main database, the original property manager receives a notification that includes the name and contact details of the agent who conducted the search.

[…]

When virtual manager launched in 2010 it was met with backlash from tenants' advocates, who described it as "a gross invasion of privacy". At the same time, a TICA spokesperson said its main purpose was to monitor the movement of tenants while they are still renting the property, so landlords could guard against "the dreaded midnight skip".

In the 14 years since, little information has been published about how the secretive service — which is only available for an additional fee to TICA's "gold members" — operates.

"There's just something incredibly creepy and invasive about the fact that a property manager can put a little alert in the system, and seven years later [in this case] know that you're trying to apply for a property and basically go and put a spanner in the works and make it so you can't get a home," Mr Dignam said. 

Today, the fine-graining of data and the isolation of consumers has changed the game. The old idiom is that every man has his price. But that’s literally true now, much more than you know, and it’s certainly the plan for the future.

“The idea of being able to charge every individual person based on their individual willingness to pay has for the most part been a thought experiment,” said Lina Khan, chairwoman of the Federal Trade Commission. “And now … through the enormous amount of behavioral and individualized data that these data brokers and other firms have been collecting, we’re now in an environment that technologically it actually is much more possible to be serving every individual person an individual price based on everything they know about you.”

Economists soft-pedal this emerging trend by calling it “personalized” pricing, which reflects their view that tying price to individual characteristics adds value for consumers. But Zephyr Teachout, who helped write anti-price-gouging rules in the New York attorney general’s office, has a different name for it: surveillance pricing.

“I think public pricing is foundational to economic liberty,” said Teachout, now a law professor at Fordham University. “Now we need to lock it down with rules.”

First to the lectern was Mike Burgess, director general of the Australian Security and Intelligence Organisation, who opened by saying “The internet is a transformative information source… and the world’s most potent incubator of extremism.”

As he outlined an argument that a dynamic tension exists between security and technology, Burgess added “encryption protects our privacy and enables our economy…and creates safe spaces for violent extremists to operate, network and recruit.”

[…]

“But even when the warrant allows us to lawfully intercept an encrypted communication, we cannot actually read it without the assistance of the company that owns and operates the app,” he said. “The company has to be willing and able to give effect to our warrant.”

[…]

ASIO boss Burgess also discussed AI, a technology he said is “ equal parts hype, opportunity, and threat”

[…]

“Finding a critical piece of intelligence is less like looking for a needle in a haystack than looking for a needle in a field of haystacks,” he said. “AI makes that process easier and faster; it can identify worrying patterns and relationships in minutes and hours rather than weeks and months.”

But only if the data it’s working on isn’t encrypted.

There's the sleight of hand; start out talking about executing warrants, and while people are nodding, slip ever-so-gradually into advocating for carte blanche to conduct limitless, methodologically dubious, extrajudicial fishing expeditions.

Acceptance speech upon receiving the 2024 Helmut Schmidt Future Prize:

Make no mistake – I am optimistic – but my optimism is an invitation to analysis and action, not a ticket to complacency.

With that in mind, I want to start with some definitions to make sure we’re all reading from the same score. Because so often, in this hype-based discourse, we are not. And too rarely do we make time for the fundamental questions – whose answers, we shall see, fundamentally shift our perspective. Questions like, what is AI? Where did it come from? And why is it everywhere, guaranteeing promises of omniscience, automated consciousness, and what can only be described as magic?

Well, first answer first: AI is a marketing term, not a technical term of art. The term “artificial intelligence” was coined in 1956 by cognitive and computer scientist John McCarthy – about a decade after the first proto-neural network architectures were created. In subsequent interviews McCarthy is very clear about why he invented the term. First, he didn’t want to include the mathematician and philosopher Norbert Wiener in a workshop he was hosting that summer. You see, Wiener had already coined the term “cybernetics,” under whose umbrella the field was then organized. McCarthy wanted to create his own field, not to contribute to Norbert’s – which is how you become the “father” instead of a dutiful disciple. This is a familiar dynamic for those of us familiar with “name and claim” academic politics. Secondly, McCarthy wanted grant money. And he thought the phrase “artificial intelligence” was catchy enough to attract such funding from the US government, who at the time was pouring significant resources into technical research in service of post-WWII cold war dominance.

Now, in the course of the term’s over 70 year history, “artificial intelligence” has been applied to a vast and heterogeneous array of technologies that bear little resemblance to each other. Today, and throughout, it connotes more aspiration and marketing than coherent technical approach. And its use has gone in and out of fashion, in time with funding prerogatives and the hype-to-disappointment cycle.

So why, then, is AI everywhere now? Or, why did it crop up in the last decade as the big new thing?

The answer to that question is to face the toxic surveillance business model – and the big tech monopolies that built their empires on top of this model.

This keynote will look at the connections between where we are now and how we got here. Connecting the “Crypto Wars”, the role of encryption and privacy, and ultimately the hype of AI… all through the lens of Signal.

Full text of Meredith's talk: https://signal.org/blog/pdfs/ndss-key...

 A couple of weeks ago, I gave a talk in Austria on smartphones and cybersecurity.

“Put up your hand if you like or maybe even love your smartphone,” I asked the audience of policymakers, industrialists and students.

Nearly every hand in the room shot up.

“Now, please put up your hand if you trust your smartphone.”

One young guy at the back put his hand in the air, then faltered as it became obvious he was alone. I thanked him for his honesty and paused before saying,“We love our phones, but we do not trust them. And love without trust is the definition of an abusive relationship.”

The participation of the internet companies in Prism will add to the debate, ignited by the Verizon revelation, about the scale of surveillance by the intelligence services. Unlike the collection of those call records, this surveillance can include the content of communications and not just the metadata.

Some of the world's largest internet brands are claimed to be part of the information-sharing program since its introduction in 2007. Microsoft – which is currently running an advertising campaign with the slogan "Your privacy is our priority" – was the first, with collection beginning in December 2007.

It was followed by Yahoo in 2008; Google, Facebook and PalTalk in 2009; YouTube in 2010; Skype and AOL in 2011; and finally Apple, which joined the program in 2012. The program is continuing to expand, with other providers due to come online.

Collectively, the companies cover the vast majority of online email, search, video and communications networks.

Bert's idea appears simple:

   What if your computer made a little noise each time it sends data to Google?

So this is what he did. A piece of software dubbed googerteller designed for his Linux computer that emits a scratchy beep when the computer detects information flowing out from his computer to one of Google's computers.

[…]

After announcing the tool in a tweet the video quickly received over a million views. Spurred by this attention Bert decided to develop his tool further and include trackers not only from Google but also Facebook and dozens of other trackers.