Apple vs the FBI: Go on, Apple!

February 18, 2016

At the FBI’s urging, a federal magistrate has ordered Apple to create a program that will allow the FBI to get into an iPhone belonging to one of the San Bernardino shooters.  They claim this a one-off thing; they just want to gain access to the shooter’s phone.  On the radio I heard a federal justice spokesman explain it like this:  “If the FBI had a warrant to enter and search a house, but the house had a combination lock that would permanently lock the door if the wrong combination was entered a few times, the FBI would knock the door in using a tank.  All we want is for Apple to supply us with the tank.”

But that is nonsense.  If the locked-door scenario happened, the FBI would bring their own tank to knock the door in.  They wouldn’t ask a lock manufacturer to build the tank for them.

The US government have wanted a back-door into Apple’s iPhones for a while now. This has especially been the case since September 2014, when Apple introduced new encryption into its iPhone operating system that would make it mathematically impossible for the company to unlock them for investigators. This was a departure from the past, when investigators could get access to a device if they sent it to Apple headquarters with a search warrant.

The US authorities are painting this as strictly an anti-terrorism move, and that it would apply only to the iPhone in question.  But that is plain wrong.  Ever since the Ed Snowden revelations, FBI director James Comey has been trying to figure out a way around the software as he and Apple’s Tim Cook have traded barbs publicly and privately.  And now he and his colleagues are using thie San Bernadino murders as a way to create case law that could force tech companies to provide back doors into their products.  The FBI claim they want Apple to create a master key just for the one iPhone; but once the precedence had been set, the authorities would use the Apple master key whenever they felt like it, and would be on sure ground to insist other Silicon Valley companies do the same.

Security professionals have pointed out that back doors are not the way to carry out investigations: see here and here for just a couple of examples.  The tragic San Bernadino shootings are, I’m sorry to say, just a way for the US authorities to get the back doors they want on faulty reasoning.  I’m happy Apple have contested this court order.  I don’t like Apple products or their propriety approach, but I’m at one with them that individual freedom is paramount.  After all, isn’t individual freedom what we are trying to defend from people like ISIS?

In addition to that: criminals might get hold of back door tools and use them to steal identities, bank details etc; and oppressive foreign governments might use them to persecute pro-democracy activists.  The authorities will obviously claim that no one will be able to access these master keys.  But the US government, among others, have suffered theft of data frequently; and foreign governments have spies, whose job is to steal secret tools and information.

To go back to the locked door and tank scenario: in this case the US authorities should bring their own tank – the NSA.  Or do they really expect us to believe that the NSA couldn’t crack this one phone?

Apple-Logo

Apple: doing the right thing


Apple is going to kill the world! Panic!

January 6, 2016

I got a stupid email today from campaigning group SumOfUs.org, asking me to sign a petition… about iphone headsets!
Here’s a taste:

“Apple is about to rip off every one of its customers. Again.

If the rumours are true, the new iPhone 7 will have a non-standard, proprietary headphone jack — making every pair of headphones on earth useless. Not only will this force iPhone users to dole out additional cash to replace their hi-fi headphones, it will singlehandedly create mountains of electronic waste — that likely won’t get recycled.

There’s only one reason for this change: to leverage Apple’s market share in order to extract even more profit from its customers. With virtually no third-party manufacturers ready to fill the new market gap, Apple stands to make a killing while we — and our planet — pay the price.”

evil_apple_by_perishhaspower-d379wwn

“Evil Apple” image by perish_is_power, on that deviantart site (said theft aided and abetted by Google – thanks, evil corporation, where would we be without you?

SumOfUs.org has sent me some pretty daft petitions in the past year or so, but this is just too much. So Apple are going to rip off its idiot “loyal customers” by adopting a proprietary technology… so what? This is what Apple does: it makes stuff that will only work with its stuff, and rips off anyone gullible enough to fall for the con.

The eco-spin on the petition – that Apple’s evil plans “will singlehandedly create mountains of electronic waste — that likely won’t get recycled” – is an extra dollop of pathetic. Land-fills all round the world are already full of Apple’s crap because if your i-thing breaks down, all the peripherals are useless and get chucked. Will the headphones scandal be the tipping point? Oh no, call 007 to save us from Apple’s satanic actions!

Sorry, SumOfUs.org, but I’m leaving your mail list (should be called a “spam list” you  jerks).  I’ve suffered a load of shite from you being put in my email inbox without a complaint, because occasionally you brought something important to my attention.  But the important issues have dwindled, and meaningless kibble has taken its place.  And this one – Oh, Apple are selling proprietary, non-reusable crap – hell, it’s not new or surprising.  If you don’t like what Apple does, don’t buy Apple.  I never have.  I’ve got a perfectly fine Sony phone, and I can use any headphones with it.  Stop buying into the con – stop buying Apple.  That will get their attention a lot more effectively than a sad petition.

 


#Vodafone #EE and 3 (#ThreeUK) give police mobile call records at click of a mouse

October 10, 2014
Shush!  They can hear you!

Shush! They can hear you!

Mobile phones outnumber land-lines massively. In the UK, there are 82.7m mobile subscriptions in the UK; compare that to 24.4m home landlines and a total of 33.1m fixed landlines (including landlines used for broadband connections). In the UK, 15% of people live in mobile-only households. And that’s the UK, a developed world nation where substantial land-line infrastructure already exists. Think about developing world countries where low rural population concentration and large distances make mobile networks a necessity. An awful lot of business is being carried out on these mobile networks: both private and commercial, on phones or online. You’d think all this communication would be protected by law, right? Duh! wrong answer. According to The Guardian:

Three of the UK’s four big mobile phone networks have made customers’ call records available at the click of a mouse to police forces through automated systems, a Guardian investigation has revealed.

EE, Vodafone and Three operate automated systems that hand over customer data “like a cash machine”,as one phone company employee described it.

Of the 4 big mobile networks, only O2 manually reviews Ripa requests (Ripa is the Regulation of Investigatory Powers Act, which governs who can access systems like the phone networks). EE (the UK’s largest network, consisting of Orange and T-Mobile), Vodafone, and 3, all use systems that largely bypass any need for human intervention, basically meaning that access to these sensitive records is automated. With no manual oversight, mistakes or loopholes in the automated systems will not be detected, and can be misused deliberately.

Privacy advocates are also concerned that the staff within phone companies who deal with Ripa and other requests are often in effect paid by the Home Office – a fact confirmed by several networks – and so may, in turn, be less willing to challenge use of surveillance powers.

According to the Guardian article:

Several mobile phone networks confirmed the bulk of their queries were handled without human intervention. “We do have an automated system,” said a spokesman for EE, the UK’s largest network, which also operates Orange and T-Mobile. “[T]he vast majority of Ripa requests are handled through the automated system.” The spokesman added the system was subject to oversight, with monthly reports being sent to the law enforcement agency requesting the data, and annual reports going to the interception commissioner and the Home Office.

A spokesman for Vodafone said the company processed requests in a similar way. “The overwhelming majority of the Ripa notices we receive are processed automatically in accordance with the strict framework set out by Ripa and underpinned by the code of practice,” he said. “Even with a manual process, we cannot look behind the demand to determine whether it is properly authorised.”

A spokesman for Three, which is also understood to use a largely automated system, said the company was simply complying with legal requirements. “We take both our legal obligations and customer privacy seriously,” he said. “Three works with the government and does no more or less than is required or allowed under the established legal framework.

Only O2 said it manually reviews all of its Ripa requests. “We have a request management system with which the law enforcement agencies can make their requests to us,” said the O2 spokeswoman. “All O2 responses are validated by the disclosure team to ensure that each request is lawful and the data provided is commensurate with the request.”

Mike Harris, director of the Don’t Spy On Us campaign, said the automated systems posed a serious threat to UK freedom of expression. “How do we know that the police through new Home Office systems aren’t making automated requests that reveal journalist’s sources or even the private contacts of politicians?” he said.

“Edward Snowden showed that both the NSA and GCHQ had backdoor access to our private information stored on servers. Now potentially the police have access too, when will Parliament stand up and protect our fundamental civil liberties?”

So much information goes over mobile networks nowadays. Not just phone calls and text messages – there’s also the high volume of data transfer over mobile broadband systems. All this information is available to “investigators” who can interrogate the computer systems directly, with no need to go through a middle-man.

If you use a trustworthy VPN service, and encryption, you may be able to keep the data traffic somewhat more private. But the very action of encrypting your traffic attracts investigators’ attention. And voice and text message data does not even have that limited protection.

A solution, so far as computer and smart phone data is concerned, is available, at least in theory. If we all opted for mobile mesh networking, we could cut out the mobile networks entirely. And it wouldn’t be hard to include traditional speech (and sms) in such a system. And the software is already out there – for example Open Garden. These enmeshed systems are probably the future of mobile connectivity. The only question is: when will mobile users take to it by default? Most people don’t think the government snooping into our communications is a major problem (The “if you’ve done nothing wrong you have nothing to worry about” min-set). Will this apathy win out? I hope not. When I use a 3G modem or tethered smartphone I generally use a VPN. But I haven’t fully checked out the various solutions available – or their pitfalls. And I’m more aware of these issues than average. There’s a good chance we’re trying to tackle a problem that’s already out of control. Do yourself – andf everyone else – a favour. Do a web search for “mesh networks” and the other subjects I’ve mentioned here. Did you know that when you send an email, the message is only as secure as what you might write on a postcard? And things can only get worse.

Locations of visitors to this page


free web stat


18 January – Internet Freedom Day!! Hip Hip Hooray!!

January 18, 2013

I got an email today from the nice people at Fight for the Future, reminding me that a year ago today, “you, me, and 24 million people defeated SOPA and Internet censorship. It was the largest online protest ever.” SOPA was the Stop Online Piracy Act, a proposed US law that would have impacted horribly on all our freedoms online. But it was stomped, one year ago today, and now many people are calling for 18 January to be known as Internet Freedom Day.

The email suggested one way we can celebrate Internet Freedom Day:

How is Fight for the Future participating? Since Dr. Martin Luther King Jr. Day is coming up, we’re reminded that Dr. King’s “I Have a Dream” speech is copyrighted, and often censored on sites like Youtube. We realized that watching and sharing this speech (which could be considered illegal) to celebrate Dr. King’s work and the freedom we fought for is exactly what needs to happen.

To honor Dr. King’s legacy of nonviolent civil disobedience and to celebrate our historic defeat of SOPA, we made this video that contains the entire 17 minute speech.

Join us in a small act of civil disobedience to remember what we fight for. Watch and share this video.

If SOPA had passed, you could have gone to jail for sharing a video of it, and entire websites could have been shut down for linking to it.

But even more than that, there’s a bigger question: Are you okay with a world where when someone just learning about race and civil rights goes to the web to see MLK’s “I Have a Dream” speech and is confronted with a notice that says “this video has been removed”? It isn’t until 2038, when the copyright on this speech is over, that you’re even allowed to share this video.

If you haven’t done so already, send this video to a friend, tweet it, talk to your friends about it, and celebrate MLK’s work and our ability to fight back online censorship that can keep the things we love and need from us.

Nice sentiment. And if you click that link to see the Martin Luther King “I Have a Dream” speech, you will see that there’s still a lot to fight for.

The email also said:

Last, but not least, our friend and Center for Rights board member, Marvin Ammori, just wrote a book called On Internet Freedom that you can download *for free* today. He describes it as “a sort of love song to the First Amendment and the Internet.” (You can download the Kindle app for free to read on your computer, phone, or anything else, and we think he’d approve if you removed the DRM to read it on other devices.)

But anyway: 18 January as Internet Freedom Day? Hell yeah, I’m up for it.

Let’s try and make sure the Internet is, and remains, Free.

HAPPY INTERNET FREEDOM DAY!!!

Locations of visitors to this page


free web stat


Megaupload.com shut down by USA… even though it’s run from New Zealand

January 21, 2012

Just in case you’ve been living under a rock somewhere the past few days, I thought I’d fill you in: the popular “internet locker” storage site Megaupload.com has been closed down by the USA because of charges of alleged “piracy”. Apparently:

Shotguns, a Rolls Royce Phantom and millions of dollars were seized from properties linked to Megaupload on Friday, as the US sought to extradite the file-sharing firm’s founders over online piracy claims

and it seems that our of the seven Megaupload executives arrested, including founder Kim Dotcom, appeared in a New Zealand courtroom for a first appearance in what is likely to be a lengthy extradition process. USA authorities, clearly following orders from the vested interests in the SOPA/PIPA controversy, the US wants to put Megaupload bosses on trial for charges including accusing them of racketeering, money laundering and copyright infringement. It’s widely reported (even by the Guardian, damn their eyes!) that Aukland police seized luxury cars, firearms and millions of dollars in cash. As if ownership of nice legal stuff somehow makes these people guilty.

When Kim Dotcom spoke to press, apparently unfazed, he said he has “nothing to hide”

I really don’t get this raid at all. Megaupload.com is an online locker service, where the pubic can buy storage space for files. Megaupload does not examine all these files, but if someone reports that their intellectual rights are being infringed, Megaupload immediately take down the content in question. This all suggests to me that Megaupload is exactly the lawful, prudent service that should be protected under “safe harbor” laws. Ad I certainly don’t get where the US authorities are involved. As the EFF put it: “If the United States can seize a Dutch citizen in New Zealand over a copyright claim, what is next?”.

This is all clearly meant to bolster the case of those who back the draconian SOPA/PIPA laws being considered in the USA. SOPA/PIPA garnered a lot of bad press on “black-out Wednesday” and President Obama’s stated intent to veto the ridiculous laws.

One more interesting factoid: The Pirate Bay was nearly wrecked by Swedish authorities following US orders. And now New Zealand has done the same. So tell me something: when did the entire world become USA juridiction? And WTF are we going to do about it?

Go to Megaupload.com and you get to see this

Locations of visitors to this page


free web stat


Wednesday 18 January 2012… The Day The (Online) World Stood Still

January 19, 2012

Thursday, 19 Jan 2012

Well, what a to-do “Blackout Wednesday” caused! A world of students couldn’t do their homework because Wikipedia went offline (Does serve em right though…students should not be using Wikipedia as the basis of their online research/plagiarism. Google and Bing were still working, as were most other websites; and in a worst-case scenario they could still haul ass to the local library and, you know, look at an actual book!. In fact, all sorts of stuff happened (or didn’t happen) during Black-out Wednesday – far too much for me to catalogue here – so here’s a link to a Guardian webpage that handily links on to lots of news and comment on the momentous day and its meanings and effects.

I’m not an American, and, like most people (including Americans FFS!), I don’t know much about the proposed SOPA and PIPA laws. But I do know this: SOPA/PIPA will enable intellectual property owners (mostly media, movie and music corporations) to block access to any websites the corporations claim are infringing their intellectual property rights – without any judicial or statuary oversight. And Americans won’t be the only victims of this censorship. As a lot of the internet’s infrastructure goes through the USA or US-related systems, online users everywhere will be affected. SOPA/PIPA isn’t just an American problem: its tendrils reach out everywhere. So come on, American action heroes – it’s time for you to save the world again!

I already said I’m not a PIPA/SOPA expert. But these guys are. So click that link (here it is again), find out what SOPA and PIPA would actually mean to your life, and learn what you can do to stop it. There’s some pretty simple action you can do to help, without even leaving your seat – but, because PIPA and SOPA are US legal proposals, only Americans can do them. So go on, USA, do the right thing – cos if you don’t, it might end up that no one anywhere will be able to do their homework from the comfort of their basement!!! :p

Locations of visitors to this page


free web stat


Question: Who is/are “Anonymous”? Answer: No one/everyone.

March 15, 2011

Just read about the “hacker group” Anonymous’ release of apparently incriminating emails from the Bank of America. This story really annoys me. Not because I’m a Bank of America fan – I’m pissed off with the Guardian for describing Anonymous as a “hacker group”.

The Wikipedia article on Anonymous. describes it well – it says:

is an Internet meme originating 2003 on the imageboard 4chan, representing the concept of many on-line community users simultaneously existing as an anarchic, digitized global brain.[1] It is also generally considered to be a blanket term for members of certain Internet subcultures, a way to refer to the actions of people in an environment where their actual identities are not known.

Anonymous is not a hacker group in the sense you’d usually expect: there’s no organization, no hierarchy, no agreed agenda. Anyone with the required know-how and/or tools can do some cyber-vandalism or cut-and-paste someone’s email, then say it was done by Anonymous.

So who is Anonymous? Everyone. No one. Me. You. Anyone. Please bear that in mind next time you see a report that “Anonymous” did something.

_gos=’c4.gostats.com’;_goa=354450;
_got=2;_goi=2;_goz=0;_gol=’Free hit counter’;_GoStatsRun();
Free hit counter
Free hit counter


%d bloggers like this: