Facebook Won’t Say If It Will Use Your Brain Activity for Advertisements

“We have taken a distinctly different, non-invasive and deeply scientific approach to building a brain-computer speech-to-text interface,” the company says, describing the project as “a silent speech interface with the speed and flexibility of voice and the privacy of text,” with a stated goal of allowing “100 words per minute, straight from the speech center of your brain.” This process will be executed “via non-invasive sensors that can be shipped at scale” using “optical imaging” that can poll “brain activity hundreds of times per second.”

Fuente: Facebook Won’t Say If It Will Use Your Brain Activity for Advertisements


I invented the web. Here are three things we need to change to save it | Tim Berners-Lee | Technology | The Guardian

It has taken all of us to build the web we have, and now it is up to all of us to build the web we want – for everyone

Fuente: I invented the web. Here are three things we need to change to save it | Tim Berners-Lee | Technology | The Guardian


Internet or Splinternet? by Joseph S. Nye – Project Syndicate

The Internet is a network of networks. Each of the separate networks belongs to different companies and organizations, and they rely on physical servers in different countries with varying laws and regulations. But without some common rules and norms, these networks cannot be linked effectively. Fragmentation – meaning the end of the Internet – is a real threat.

Fuente: Internet or Splinternet? by Joseph S. Nye – Project Syndicate


¿Hasta qué punto son seguras las telecomunicaciones cifradas? – El Mostrador

Con la mirada puesta en la anhelada meta de la privacidad, la universalización del cifrado para la seguridad de las telecomunicaciones en internet se perfila ya como un camino sin retorno, avalado por los últimos movimientos de populares plataformas en el sector, aunque teñido de sombras.

Fuente: ¿Hasta qué punto son seguras las telecomunicaciones cifradas? – El Mostrador


The hype over metadata is a dangerous myth – FT.com

Communications data — and the government’s powers to collect them — are at the heart of the draft Investigatory Powers Bill introduced by Theresa May, UK home secretary, which is currently under scrutiny. Such metadata are the digital exhaust of our

Fuente: The hype over metadata is a dangerous myth – FT.com


How Big Business Is Helping Expand NSA Surveillance, Snowden Be Damned – The Intercept

How Big Business Is Helping Expand NSA Surveillance, Snowden Be Damned – The Intercept.

Featured photo - How Big Business Is Helping Expand NSA Surveillance, Snowden Be Damned

Since November 11, 2011, with the introduction of the Cyber Intelligence Sharing and Protection Act, American spy agencies have been pushing laws to encourage corporations to share more customer information. They repeatedly failed, thanks in part to NSA contractor Edward Snowden’s revelations of mass government surveillance. Then came Republican victories in last year’s midterm Congressional elections and a major push by corporate interests in favor of the legislation.

Today, the bill is back, largely unchanged, and if congressional insiders and the bill’s sponsors are to believed, the legislation could end up on President Obama’s desk as soon as this month. In another boon to the legislation, Obama is expected to reverse his past opposition and sign it, albeit in an amended and renamed form (CISPA is now CISA, the “Cybersecurity Information Sharing Act”). The reversal comes in the wake of high-profile hacks on JPMorgan Chase and Sony Pictures Entertainment. The bill has also benefitted greatly from lobbying by big business, which sees it as a way to cut costs and to shift some anti-hacking defenses onto the government.

For all its appeal to corporations, CISA represents a major new privacy threat to individual citizens. It lays the groundwork for corporations to feed massive amounts of communications to private consortiums and the federal government, a scale of cooperation even greater than that revealed by Snowden. The law also breaks new ground in suppressing pushback against privacy invasions; in exchange for channeling data to the government, businesses are granted broad legal immunity from privacy lawsuits — potentially leaving consumers without protection if companies break privacy promises that would otherwise keep information out of the hands of authorities.

Ostensibly, CISA is supposed to help businesses guard against cyberattacks by sharing information on threats with one another and with the government. Attempts must be made to filter personal information out of the pool of data that is shared. But the legislation — at least as marked up by the Senate Intelligence Committee — provides an expansive definition of what can be construed as a cybersecurity threat, including any information for responding to or mitigating “an imminent threat of death, serious bodily harm, or serious economic harm,” or information that is potentially related to threats relating to weapons of mass destruction, threats to minors, identity theft, espionage, protection of trade secrets, and other possible offenses. Asked at a hearing in February how quickly such information could be shared with the FBI, CIA, or NSA, Deputy Undersecretary for Cybersecurity Phyllis Schneck replied, “fractions of a second.”

Questions persist on how to more narrowly define a cybersecurity threat, what type of personal data is shared, and which government agencies would retain and store this data. Sen. Ron Wyden, D-Ore., who cast the lone dissenting vote against CISA on the Senate Intelligence Committee, declared the legislation “a surveillance bill by another name.” Privacy advocates agree. “The lack of use limitations creates yet another loophole for law enforcement to conduct backdoor searches on Americans,” argues aletter sent by a coalition of privacy organizations, including Free Press Action Fund and New America’s Open Technology Institute. Critics also argue that CISA would not have prevented the recent spate of high-profile hacking incidents. As the Electronic Frontier Foundation’s Mark Jaycox noted in a blog post, the JPMorgan hack occurred because of an “un-updated server” and prevailing evidence about the Sony breach is “increasingly pointing to an inside job.”

But the intelligence community and corporate America have this year unified behind the bill. For a look into the breadth of the corporate advocacy campaign to pass CISA, see this letter cosigned by many of the most powerful corporate interests in America and sent to legislators earlier this year. Or another letter, reported in the Wall Street Journal, signed by “general counsels of more than 30 different firms, including 3M and Lockheed Martin Corp.”


Internet of things: Connect your TV, home, even your body, to the internet. But beware hackers | Technology | The Guardian

Internet of things: Connect your TV, home, even your body, to the internet. But beware hackers | Technology | The Guardian.

Electrolux smart fridge

 An Electrolux internet-connected fridge. Many firms are developing similar ‘smart’ appliances. Photograph: Martin Argles for the Observer

You may have noticed that there’s a lot of talk about the “internet of things” – things that aren’t computers but with connectivity, such as appliances and sensors. Think of an internet-connected lightbulb, thermostat, door lock, washing machine or oven you can control from inside or outside your house. Think of a bridge that can communicate when its concrete structure is starting to show signs of ageing in places that can’t be reached by normal inspection. Think of a car that communicates with other cars about traffic and road conditions.

It’s a thrilling concept if you believe in the power of the internet to transform our lives, and connectivity and intelligent (or at least constantly monitoring) systems to improve our wellbeing. And that’s before you get into the question of how many of the “things” might be objects that you swallow or have otherwise inserted into your system, temporarily or longer term. There’s already a system for rotating computer hard drives called Smart that often gives you a warning if your drive is ill (drives can fail without Smart warning you, but a warning ahead of time should be taken seriously). What if you could have a similar warning for your boiler, or oven, or your heart?

That’s the sort of promise that the internet of things holds, which is why lots of companies are putting serious money into it. Samsung is investing $100m. Meanwhile, UK telecommunications regulator Ofcom has set out plans “to ensure the UK plays a leading role”, noting that there are already 40m devices connected via the IoT in the UK, and that is expected to grow eightfold by 2022.

However, while I like the possibilities, I worry just a bit about the implementation. Remember the denial-of-service attacks that took Sony’s PlayStation network and Microsoft’s Xbox Live networks offline at Christmas? Security experts reckon the source was largely reliant on home routers – yes, those things that pipe the internet into your house – which had been subverted because they all used the same factory-default password, and all accepted direct logins. At which point everyone slaps their forehead and says, really? Did millions of routers ship with a simple default login user and password (say, “admin” and “password”) that people weren’t encouraged to change, or perhaps couldn’t change? And the answer is yes: pretty much all of them do, and you’ll find them listed at Routerpasswords.com, which ought to scare you. (BT’s Home Hub, which is used by millions, is manufactured by Huawei; however, they come preconfigured with a non-default password and internet administration turned off.)


Fightback against internet giants’ stranglehold on personal data starts here | Technology | The Guardian

Fightback against internet giants’ stranglehold on personal data starts here | Technology | The Guardian.

Data transactions have been weighted heavily in favour of the internet companies.
 Data transactions have been weighted heavily in favour of the internet companies. Photograph: Maksim Kabakou/Alamy

Whenever regulators gather to discuss market failures, the cliche “level playing field” eventually surfaces. When regulators finally get around to thinking about what happens in the online world, especially in the area of personal data, then they will have to come to terms with the fact that the playing field is not just tilted in favour of the online giants, but is as vertical as that rockface in Yosemite that two Americans have finally managed to free climb.

The mechanism for rotating the playing field is our old friend, the terms and conditions agreement, usually called the “end user licence agreement” (EULA) in cyberspace. This invariably consists of three coats of prime legal verbiage distributed over 32 pages, which basically comes down to this: “If you want to do business with us, then you will do it entirely on our terms; click here to agree, otherwise go screw yourself. Oh, and by the way, all of your personal data revealed in your interactions with us belongs to us.”

The strange thing is that this formula applies regardless of whether you are actually trying to purchase something from the author of the EULA or merely trying to avail yourself of its “free” services.

When the history of this period comes to be written, our great-grandchildren will marvel at the fact that billions of apparently sane individuals passively accepted this grotesquely asymmetrical deal. (They may also wonder why our governments have shown so little interest in the matter.) And future historians, diligently hunting through digital archives, will discover that there were only a few voices crying in the wilderness at the time.


Así protegen los ‘hackers’ sus datos en la nube | Tecnología | EL PAÍS

Así protegen los ‘hackers’ sus datos en la nube | Tecnología | EL PAÍS.


Algunos servicios de Internet son gratuitos a costa de hacer negocio con los datos de los usuarios

Existen alternativas seguras para alojar datos en la nube, mandar mensajes y gestionar contraseñas

JOHN FEDELE (GETTY IMAGES)

Enviar a LinkedIn346
Enviar a TuentiEnviar a Eskup

EnviarImprimirGuardar

Hace pocos días se conocía que 200.000 fotos y vídeos compartidos a través del servicio de mensajería Snapchat habían sido robados. Cualquiera puede hoy descargar esas imágenes. El caso no es uno más entre la montaña de informaciones sobre violaciones de la privacidad en Internet, pues en algunas de estas imágenes se ven escenas de sexo captadas por los usuarios. Además, el número de archivos filtrados es muy superior al del celebgate, un caso que tuvo mucho más repercusión porque las fotos robadas de las cuentas del servicio iCloud de Apple pertenecían a famosas actrices, cantantes y modelos.

El anonimato de las víctimas del snappening, que es como se ha llamado a este robo de datos, demuestra que no solo un personaje famoso puede ser víctima de una grave intromisión en su privacidad. También siembra dudas sobre servicios que son percibidos por el usuario como seguros, pues Snapchat debe su éxito a una función creada para evitar que el destinatario de una imagen pueda almacenarla y difundirla: la foto o el vídeo sólo aparece en la pantalla del móvil un máximo de 10 segundos.

Los responsables de Snapchat derivaron toda la responsabilidad en los creadores de la desaparecida web snapsaved.com, que permitía realizar copias de las fotos y vídeos enviados con la aplicación de mensajería. Ciertamente Snapchat no había proporcionado ninguna herramienta para que los creadores de esa web hackeada pudiesen usar su información, pero el caso demuestra lo frágiles que son los cimientos de algunas de estas aplicaciones tan populares.

Edward Snowden desaconseja el uso de Facebook, Dropbox y las diferentes herramientas de Google

De hecho, expertos en seguridad comoAdam Caudill ya habían advertido de que era relativamente sencillo usar la tecnología de Snapchat sin el consentimiento de sus responsables. Por eso en las tiendas de software de Apple, Google y Microsoft hay numerosas aplicaciones que explotan la fragilidad del código de Snapchat para ofrecer distintos servicios. Algunas de ellas comprometen la seguridad del usuario.

¿Estamos condenados a vivir en un estado de inseguridad permanente al usar servicios de Internet? La respuesta a esta duda que algunos se plantean parece ser negativa. Al menos si hacemos caso a lo que contaba Edward Snowden en una entrevista publicada por New Yorker. En ella, este antiguo empleado de la CIA desaconsejaba el uso de Facebook, Dropbox y las diferentes herramientas de Google. También señaló que la última versión del sistema operativo móvil de Apple, iOS 8, no es inmune a las intrusiones a pesar de que ha aumentado su seguridad.


Facebook’s outage exposes our digital fragility | Simon Jenkins | Comment is free | theguardian.com

Facebook’s outage exposes our digital fragility | Simon Jenkins | Comment is free | theguardian.com.

Today’s Facebook suspension shows how vulnerable digital information is – penetrable by hackers, governments or subject to random failures
Facebook logo as seen on its website
‘Any electronic device is subject to failure. Any locked door invites trespass.’ Photograph: Alamy

OMG Facebook is down! Down too went Instagram. It was just for an hour this morning, but the tweets screamed “Do I have to talk to someone real?”

In a manner of speaking, yes. Despite the hackers of Lizard Squad claiming credit, it is now clear that an outage at Facebook’s HQ was responsible. But the confusion was understandable after Lizard Squad had in recent weeks variously hit Sony executives and Microsoft products. It brought down PlayStation and Xbox platforms over Christmas.

Others such as Anonymous and LulSec have hit the FBI, the CIA, Britain’s NHS and the Australian government. North Korea appears to have hacked Hollywood and American security has hacked North Korea. Similar attacks are reported between Russia and Ukraine. Cyberwar is clearly in its infancy.

Admittedly, most such attacks are through denial of service rather than data theft, but as Wikileaks and Snowden showed, the thief is always a step ahead of the cop. Digital is inherently insecure. Anyone who claims otherwise is lying. Last year the NHS sought permission to store the personal data of every patient. It promised total security and guaranteed that any patient could opt out. Nothing would pass to insurers or drugs companies.

We now know it was not secure and that requests to opt out were simply disregarded. The NHS had lied.

The same must go for the Home Office’s desire to hoover up internet and phone records for “national security”, with the material going “only to the security services and the police”. What goes to the police goes to the public.


“Nuestra privacidad se ha terminado y es casi imposible recuperarla” | Tecnología | EL PAÍS

“Nuestra privacidad se ha terminado y es casi imposible recuperarla” | Tecnología | EL PAÍS.

Leonard Kleinrock gana el Premio Fundación BBVA Fronteras del Conocimiento

Leonard Kleinroc, uno de los padres fundadores de Internet. / FBBVA

El lado oscuro de Internet. No es metáfora periodística, sino cómo define uno de los padres de la red, el ingeniero estadounidense Leonard Kleinroc, la cara más amarga de la globalización digital que vivimos. El ataque de ayer a las redes sociales del Comando Central de Estados Unidos o la ciberguerra entre Estados Unidos y Corea del Norte son dos de los últimos ejemplos de una tendencia creciente: “Muestran ese lado oscuro de Internet que ha emergido últimamente y que crecerá en el futuro”.

La felicidad por haber ganado hoy el Premio Fundación BBVA Fronteras del Conocimiento —que considera “un galardón a todos los pioneros que contribuyeron a la creación de Internet”— no es óbice para que hable sobre los nubarrones en la era digital sin tapujos. Especialmente en si esa esfera privada que creemos tener existe ya: “En su mayor parte, nuestra privacidad se ha terminado y es casi imposible recuperarla”, sentencia Kleinroc. Es más, cree que los culpables en realidad somos todos: “La dimos voluntariamente, al menos en pequeñas fracciones, a lo largo del camino”. Kleinroc cree además que la gente es “inconsciente de hasta que punto organizaciones y grupos de individuos explotan sus datos para sus intereses”.


Encriptación punto-a-punto: de la oscuridad al mainstream | Manzana Mecánica

Encriptación punto-a-punto: de la oscuridad al mainstream | Manzana Mecánica.

Lunes 5 Ene 2015

Carlos Castillo

En pocos días he llegado a un punto de saturación respecto a leer predicciones para el 2015. Muchas de las predicciones son, fundamentalmente, cosas que ya están sucediendo y que al autor de la predicción le gustaría que continuaran sucediendo. Eso no tiene nada de malo, pero no estaría mal llamar a las cosas por su nombre.

En ese espíritu, creo que hay algo muy importante que sucedió a fines del 2014 y que estaría muy bien que continuara sucediendo el 2015. Me refiero a la transición que están experimentando las tecnologías de nube con conocimiento cero, en particular la encriptación punto-a-punto.

Conocimiento cero = bueno

Almacenar cosas en la “nube” es valioso por varios motivos. Primero, poder acceder a tus propios archivos desde cualquier dispositivo (móvil, tabletlaptop, etc.) es muy conveniente. Segundo, un efecto secundario positivo es que tienes un respaldo de estos archivos. Tercero, es más fácil compartir un archivo con otra persona si tu archivo ya está en la “nube”.

Para muchas personas, resulta obvio que si, por ejemplo, subes algunas fotos a un sistema de almacenamiento, entonces tus fotos quedan a disposición de la gente que opera esa nube. La gente que trabaja para esa empresa puede ver tus fotos, y si los hackean a ellos, o si adivinan tu clave sin necesidad de tener acceso a tu dispositivo, entonces tus fotos pueden acabar en cientos de sitios en Internet.

Para un cliente corporativo, el problema de almacenar secretos de negocio en la nube es mucho más serio, sobre todo si se trata de un negocio del sector tecnológico (posible competidor del proveedor de nube) o que compite con alguna empresa estadounidense, como le sucedió a Petrobras.

Un proveedor de almacenamiento remoto no necesita tener acceso al contenido de tus archivos para poder almacenarlos.

Resulta obvio para casi todo el mundo que esta desventaja es una consecuencia inevitable de subir un archivo a Internet, pero no tiene por qué ser así. Desde hace décadas que existe tecnología para encriptar un archivo antes de subirlo, y decriptarlo después de bajarlo. En otras palabras, para que, sin necesidad de que tú tengas que hace nada ni siquiera preocuparte de lo que está sucediendo, un sistema de almacenamiento pueda funcionar con conocimiento cero.

En algunos casos, el proveedor de almacenamiento ofrece esta característica como una de sus cualidades principales, como es el caso de SpiderOak. En otros casos (e.g. Dropbox), es el mismo usuario el que debe configurar su computador para que utilice cero-conocimiento, como explicamos en un artículo anterior.


No, no puedes rechazar las nuevas condiciones de Facebook poniendo este mensaje en tu muro >> Verne >> EL PAÍS

No, no puedes rechazar las nuevas condiciones de Facebook poniendo este mensaje en tu muro >> Verne >> EL PAÍS.

Desde hace unos días, Facebook está enviando a sus usuarios un mensaje en el que les comunica que va a actualizar sus condiciones, política de datos y política de cookies a partir del 1 de enero. Como muestra de su oposición, muchos usuarios han compartido una actualización de estado en la que rechazan los cambios e intentan anular la validez de las nuevas políticas de la compañía. Si eres uno de ellos, sentimos decepcionarte: no, legalmente no sirve para nada.

Desde 2015, si sigues usando Facebook estarás aceptando las nuevas condiciones de uso y sus políticas de privacidad aunque hayas publicado ese texto en tu perfil. Esta es una de las versiones del mensaje que se ha compartido durante los últimos días de muro en muro:

Condiciones

 

“Facebook es como un club. Tú te apuntas pero ellos ponen las normas que, en este caso, tú aceptas al seguir utilizando el servicio. Lo que pongas en el muro no tiene ninguna validez legal. La única manera de no aceptar las normas de uso es dejando de utilizar Facebook”, explica a Verne  Jorge Morell Ramos, jurista especializado en nuevas tecnologías y responsable de la web Términos y Condiciones.


Edward Snowden to speak at Observer Ideas festival | US news | theguardian.com

Edward Snowden to speak at Observer Ideas festival | US news | theguardian.com.

NSA whistleblower Snowden will talk via videolink from Moscow this weekend about the future of privacy, surveillance technology and democratic oversight

Edward Snowden in Moscow, filmed by Laura Poitras in her documentary Citizen Four
Edward Snowden in Moscow, filmed by Laura Poitras in her documentary CITIZENFOUR.

Edward Snowden will make his first UK public appearance via satellite link this weekend more than one year since the Guardian published his revelations about mass surveillance and the NSA.

Appearing via video link from Moscow, Snowden will be speaking as part of the Observer Ideas festival on Sunday, being held at London’s Barbican Theatre.

His appearance will come two days after the world premiere of Laura Poitras’s documentary about the whistleblower’s revelations, CITIZENFOUR, at the New York Film Festival.

Snowden is also being tipped as one of the favourites to win the Nobel Peace Prize, which is also being announced tomorrow.

Although he has appeared by video at a small number of public events abroad, the Observer Ideas festival will be the first time he’s appeared in Britain. He will answer questions posed by Observer technology columnist John Naughton.

Naughton, who is also the professor of the public understanding of technology at the Open University, has been a keen observer of the impact of Snowden’s revelations said: “I’m tired of people endlessly rehashing the history of Mr Snowden’s revelations, and I’m sure he is too. What matters now is what happens next. He has performed a great service in revealing the astonishing extent and ambition of the national security state.”

“We need to figure out how (and whether) societies can reassert effective democratic control over our security agencies; whether the technology that has enabled comprehensive surveillance can be re-engineered to protect privacy; how our law-making in these areas could be improved, and whether citizens can be persuaded to take an interest in these matters before it’s too late.


The Internet With A Human Face – Beyond Tellerrand 2014 Conference Talk

The Internet With A Human Face – Beyond Tellerrand 2014 Conference Talk.

by

maciej-ceglowskil

Maciej Cegłowski

This is the text version of a talk I gave on May 20, 2014, at Beyond Tellerrand in Düsseldorf, Germany.

  1. INTRODUCTION
  2. THE INTERNET REMEMBERS TOO MUCH
  3. THE WEB HAS A CENTER
  4. EVERYONE IS SPYING
  5. THE FOUNDATIONS ARE ROTTEN
  6. REGULATE
  7. DECENTRALIZE
  8. DE-AMERICANIZE
  9. CONCLUSION

INTRODUCTION

Marc [Thiele] emailed me a few weeks ago to ask if I thought my talk would be appropriate to close the conference.

“Marc,” I told him, “my talk is perfect for closing the conference! The first half is this incredibly dark rant about how the Internet is alienating and inhuman, how it’s turning us all into lonely monsters.”

“But in the second half, I’ll turn it around and present my vision of an alternative future. I’ll get the audience fired up like a proper American motivational speaker. After the big finish, we’ll burst out of the conference hall into the streets of Düsseldorf, hoist the black flag, and change the world.”

Marc said that sounded fine.

As I was preparing this talk, however, I found it getting longer and longer. In the interests of time, I’m afraid I’m only going to be able to present the first half of it today.

This leaves me with a problem of tone.

To fix it, I’ve gone through the slides and put in a number of animal pictures. If at any point in the talk you find yourself getting blue, just tune out what I’m saying and wait for one of the animal slides, and you’ll feel better. I’ve tried to put in more animals during the darkest parts of the talk.Look at this guy! Isn’t he great?