Las 25 noticias más censuradas 2015-2016 (04): ¿Cómo controlar las máquinas electrónicas de votación? | Resumen

Desde los algoritmos de motor de búsqueda (search engine) a las máquinas electrónica de votación, la tecnología ofrece oportunidades para la manipulación de votantes y de los sufragios de maneras que podrían afectar profundamente los resultados de una elección.

Fuente: Las 25 noticias más censuradas 2015-2016 (04): ¿Cómo controlar las máquinas electrónicas de votación? | Resumen


How old do you look? I wouldn’t ask the internet | Tim Dowling | Opinion | The Guardian

The how-old.net website – which uses photos to judge your age – didn’t work for me. For women and refugees, of course, there’s the Daily Mail

Fuente: How old do you look? I wouldn’t ask the internet | Tim Dowling | Opinion | The Guardian


Facebook’s satellite went up in smoke, but its developing world land grab goes on | Emily Reynolds | Opinion | The Guardian

I’m sure Mark Zuckerberg has noble intentions in democratising the web, but we should still be wary of private companies controlling the internet’s infrastructure

Fuente: Facebook’s satellite went up in smoke, but its developing world land grab goes on | Emily Reynolds | Opinion | The Guardian


Bulk data collection vital to prevent terrorism in UK, report finds | World news | The Guardian

The bulk collection of personal data by British spy agencies is vital in preventing terrorist attacks, an independent review of draft security legislation has found.David Anderson QC, the independent reviewer of terrorism legislation, concluded that laws giving MI5, MI6 and GCHQ the right to gather large volumes of data from members of the public had a “clear operational purpose”.

Fuente: Bulk data collection vital to prevent terrorism in UK, report finds | World news | The Guardian


Unicef propone usar WhatsApp para identificar fácilmente a los refugiados

La idea es tener acceso a los números de teléfono con los que se registraron en la aplicación, considerando que es el sistema que todos utilizan para seguir en contacto con sus familiares y amigos en sus países de origen.

Fuente: Unicef propone usar WhatsApp para identificar fácilmente a los refugiados


Russia’s chief internet censor enlists China’s know-how — FT.com

For an authoritarian government looking to tighten control of an unruly internet, who better to call than the architect of China’s “great firewall”? That was the thinking of Konstantin Malofeev, a multimillionaire with close links to the Kremlin and Russian Orthodox Church, who has become a key player in Moscow’s drive to tame the web and limit America’s digital influence.

Fuente: Russia’s chief internet censor enlists China’s know-how — FT.com


Paraguay y Uruguay en polémica por adquirir software espía

Paraguay y Uruguay están inmersos en la polémica tras haber adquirido distintos software avanzados para intervenir comunicaciones como parte de su estrategia nacional de seguridad, un tema que se debate entre la defensa de la privacidad de los ciudadanos y las tácticas para identificar a posibles cibercriminales. Lo anterior pone en duda ¿hasta dónde es válida la vigilancia de comunicaciones privadas por parte de los Estados?

Fuente: Paraguay y Uruguay en polémica por adquirir software espía


China instala un gran cañón en su cibermuralla | Tecnología | EL PAÍS

China instala un gran cañón en su cibermuralla | Tecnología | EL PAÍS.


La estrategia de la censura da un vuelco y pasa de la defensa al ataque.

Para algunos es el comienzo de la primera guerra en el ciberespacio

Una internauta navega utlizando los diferentes servicios de empresas exclusivamente chinas. / Z. A.

“Debido a la interrupción del servicio que Google prestaba en China, le recomendamos que provea otra dirección de correo electrónico”. Ese es el mensaje que aparece de forma automática en la página web de la aerolínea Hainan Airlines cuando el usuario introduce una cuenta de Gmail para que se le notifique sobre posibles incidencias en su vuelo doméstico. Es solo un ejemplo de los mil obstáculos a los que se enfrenta el internauta que navega por la Red en el gigante asiático, donde la Gran Cibermuralla que el Partido Comunista ha construido para evitar cualquier tipo de contaminación ideológica de la población ha reducido el vasto ciberespacio chino a una intranet cada vez más aislada del mundo: las búsquedas no se hacen con Google, bloqueado paulatinamente desde que decidió dejar de censurar los resultados en 2010, sino con Baidu; Twitter y Facebook son inaccesibles, pero están las alternativas locales Weibo y Renren; lo mismo sucede con YouTube, que se convierte en Youku; WhatsApp funciona con intermitencias, pero WeChat va como la seda; y para el correo electrónico nada mejor que una de las características direcciones numéricas que proporciona QQ.

Hasta hace poco, la estrategia de China en Internet era meramente defensiva: la Gran Cibermuralla impide el acceso a páginas en las que el Gobierno considera que se almacena contenido inadecuado, un cajón de sastre en el que caben desde periódicos de información general como EL PAÍS hasta portales de pornografía, y filtra el resto de webs en busca de palabras clave y de direcciones IP prohibidas para determinar si existe peligro. En caso afirmativo, rompe la conexión del usuario con la página web. Es un sistema muy efectivo para mantener a la población china libre de cualquier influencia política o social procedente del exterior, y también ha propiciado el auge de empresas de Internet chinas en detrimento de las extranjeras a las que han copiado en muchas ocasiones. Pero el muro no está exento de fisuras.

Una amplia comunidad de expatriados, empresarios, e incluso académicos paga por saltar la Cibermuralla

La más grande es la que abren las redes virtuales privadas (VPN en sus siglas en inglés), que se crean gracias a una tecnología que permite conectarse a servidores fuera de China para acceder a la Red sin las restricciones que impone Pekín. Además, este sistema, que también utilizan muchas empresas de todo el mundo por razones de seguridad, enmascara la dirección IP del usuario y hace que sea más complicado seguirle el rastro por el ciberespacio. Diferentes empresas ofrecen este tipo de servicios en China, donde una amplia comunidad de expatriados, empresarios, e incluso académicos pagan por saltar la Cibermuralla.

No obstante, después de haber hecho la vista gorda durante años, en 2014 Pekín advirtió de que este software es ilegal y comenzó a bloquear los servidores de las VPN, una medida que no solo dificulta el establecimiento de las redes privadas sino que complica también transacciones empresariales legítimas. Y ahora ha decidido atajar también otro de los grandes quebraderos de cabeza de los censores: las páginas que sirven de espejo para otras que están bloqueadas. Reproducen el contenido de las primeras y lo alojan en dominios que no están vetados por las Autoridades, de forma que los internautas chinos pueden acceder a ellas sin problema. O, mejor dicho, podían. Porque, según el detallado informe publicado el pasado día 10 por Citizen Lab, un instituto de la Universidad de Toronto, China ha desarrollado durante el último año un sistema ofensivo que puede cambiar por completo el funcionamiento de la Red en el mundo: es el Gran Cañón.

El sistema sirve para atacar a páginas web, independiente de dónde estén alojadas, y lograr así que dejen de reflejar aquellas que incomodan al gobierno chino

Se trata de un arma que sirve para atacar a páginas web, independiente de dónde estén alojadas, y lograr así que dejen de reflejar aquellas que incomodan al gobierno chino. Buen ejemplo de cómo funciona el sistema es la ofensiva que lanzó a finales de marzo contra GitHub, una biblioteca de código para programadores en la que GreatFire, una organización de expatriados chinos contra la censura, alojó varias webs espejo de medios de comunicación bloqueados en China. En un principio se creyó que se trataba de un ataque de negación de servicio (DDoS) al uso, pero el detallado análisis de Citizen Lab ha demostrado que fue algo diferente, mucho más sofisticado. El Gran Cañón se descubrió a sí mismo cuando interceptó una pequeña parte del tráfico que se genera el extranjero con destino al buscador Baidu -en torno al 1,7%- y lo redirigió a GitHub cargado con código malicioso. “Aunque la infraestructura del ataque es adyacente a la Cibermuralla china, el ataque fue lanzado desde un sistema ofensivo separado, con diferentes capacidades y diseño”, concluyen los investigadores de Citizen Lab.

Según explicó en una entrevista concedida a CNN uno de los autores del estudio, Bill Marczak, el Gran Cañón no sólo puede atacar páginas web con código maligno e incluso poner en la diana las direcciones IP de usuarios individuales; con pequeñas modificaciones, también sirve para espiar fuera de las fronteras del gigante asiático: “Cualquier petición que un ordenador haga a un servidor en China, aunque sea simplemente a través de una página que muestra publicidad que se carga desde allí, puede ser secuestrada para espiar a los usuarios si no está completamente encriptada”, dijo. El informe concluye que el Gran Cañón, similar al sistema QUANTUM de la Agencia de Seguridad Nacional estadounidense, “representa una notable escalada en el control de la información a nivel del Estado”, y añade que “supone la normalización del uso generalizado de un sistema de ataque para imponer la censura” en Internet y es “un precedente peligroso”.


'Great Cannon of China' turns internet users into weapon of cyberwar | Technology | The Guardian

‘Great Cannon of China’ turns internet users into weapon of cyberwar | Technology | The Guardian.

Researchers identify new tool in Chinese internet censorship, first used in late March against free-speech activists GreatFire.org

A receptionist works behind the logo for Baidu.com, the Chinese search engine whose customers were hijacked by the first firing of the Great Cannon.
A receptionist works behind the logo for Baidu.com, the Chinese search engine whose customers were hijacked by the first firing of the Great Cannon. Photograph: NG HAN GUAN/AP

The “Great Cannon” has entered the cyberwar lexicon alongside the “Great Firewall of China” after a new tool for censorship in the nation was named and described by researchers from the University of Toronto.

The first use of the Great Cannon came in late March, when the coding site GitHub was flooded by traffic leaving it intermittently unresponsive for multiple days. The attack, using a method called “distributed denial of service” or DDoS, appeared to be targeting two specific users of the site: the New York Times’ Chinese mirror, and anti-censorship organisation GreatFire.org.

Both users focus their efforts on allowing Chinese residents to bypass the country’s Great Firewall – the system China uses to restrict access to parts of the internet.

The attack, which continued for almost two weeks, was observed by researchers led by the University of Toronto’s Bill Marczak. They concluded that it provides evidence of a new censorship tool above and beyond the Great Firewall.

“While the attack infrastructure is co-located with the Great Firewall, the attack was carried out by a separate offensive system, with different capabilities and design, that we term the ‘Great Cannon’,” the researchers write.

“The Great Cannon is not simply an extension of the Great Firewall, but a distinct attack tool that hijacks traffic to (or presumably from) individual IP addresses, and can arbitrarily replace unencrypted content as a man-in-the-middle.”

Where the Great Firewall was a tool for largely passive censorship – preventing access to material and providing the Chinese state with the ability to spy on its residents – the Great Cannon provides the ability to effectively rewrite the internet on the fly.


La CIA intenta hace años descifrar los aparatos Apple – BioBioChile

La CIA intenta hace años descifrar los aparatos Apple – BioBioChile.


AFP Photo

AFP Photo

Publicado por Eduardo Woo | La Información es de Agencia AFP
La CIA trabaja desde hace años en descifrar la encriptación de los aparatos Apple a fin de poder espiar las comunicaciones realizadas desde los iPhones y iPads, afirma una investigación publicada el martes por un diario estadounidense.

The Intercept, diario en línea dirigido por Glenn Greenwald, se sustenta en documentos secretos develados por Edward Snowden para afirmar que la Agencia Central de Inteligencia (CIA) intenta desde 2006, es decir un año antes del lanzamiento del iPhone, penetrar las claves cifradas de los aparatos Apple.


CIA 'tried to crack security of Apple devices' | Technology | The Guardian

CIA ‘tried to crack security of Apple devices’ | Technology | The Guardian.

 

The Apple logoThe revelations, published by the Intercept online news organisation, are likely to further strain the relationship between Apple and the US government. Photograph: Yuya Shino/Reuters

The CIA led sophisticated intelligence agency efforts to undermine the encryption used in Apple phones, as well as insert secret surveillance back doors into apps, top-secret documents published by the Intercept online news site have revealed.

The newly disclosed documents from the National Security Agency’s internal systems show surveillance methods were presented at its secret annual conference, known as the “jamboree”.

The most serious of the various attacks disclosed at the event was the creation of a dummy version of Apple’s development software Xcode, which is used by developers to create apps for iOS devices.

The modified version of Xcode would allow the CIA, NSA or other agencies to insert surveillance backdoors into any app created using the compromised development software. The revelation has already provoked a strong backlash among security researchers on Twitter and elsewhere, and is likely to prompt security audits among Apple developers.

The latest revelations of sustained hacking efforts against Apple devices are set to further strain already difficult relations between the technology company and the US government.

Apple had previously been a partner in the Prism programme, in effect a legal backdoor to obtain user information by the NSA and its allies, but in the wake of the Snowden revelations it has stepped up efforts to protect user privacy, including introducing end-to-end encryption on iMessages.


iSpy: The CIA Campaign to Steal Apple's Secrets

iSpy: The CIA Campaign to Steal Apple’s Secrets.

 

 

RESEARCHERS WORKING with the Central Intelligence Agency have conducted a multi-year, sustained effort to break the security of Apple’s iPhones and iPads, according to top-secret documents obtained by The Intercept.

 

The security researchers presented their latest tactics and achievements at a secret annual gathering, called the “Jamboree,” where attendees discussed strategies for exploiting security flaws in household and commercial electronics. The conferences have spanned nearly a decade, with the first CIA-sponsored meeting taking place a year before the first iPhone was released.

 

By targeting essential security keys used to encrypt data stored on Apple’s devices, the researchers have sought to thwart the company’s attempts to provide mobile security to hundreds of millions of Apple customers across the globe. Studying both “physical” and “non-invasive” techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.


Apple and Google 'FREAK attack' leaves millions of users vulnerable to hackers | Technology | The Guardian

Apple and Google ‘FREAK attack’ leaves millions of users vulnerable to hackers | Technology | The Guardian.

The Apple logo inside an Apple store in Tokyo. The company is working to fix a potential security issue which could leave devices vulnerable to hackers. The Apple logo inside an Apple store in Tokyo. The company is working to fix a potential security issue which could leave devices vulnerable to hackers. Photograph: Yuya Shino/Reuters

Millions of people may have been left vulnerable to hackers while surfing the web on Apple and Google devices, thanks to a newly discovered security flaw known as “FREAK attack.”

There’s no evidence so far that any hackers have exploited the weakness, which companies are now moving to repair. Researchers blame the problem on an old government policy, abandoned over a decade ago, which required US software makers to use weaker security in encryption programs sold overseas due to national security concerns.

Many popular websites and some internet browsers continued to accept the weaker software, or can be tricked into using it, according to experts at several research institutions who reported their findings Tuesday.

They said that could make it easier for hackers to break the encryption that’s supposed to prevent digital eavesdropping when a visitor types sensitive information into a website.

About a third of all encrypted websites were vulnerable as of Tuesday, including sites operated by American Express, Groupon, Kohl’s, Marriott and some government agencies, the researchers said.


Samsung rejects concern over 'Orwellian' privacy policy | Technology | The Guardian

Samsung rejects concern over ‘Orwellian’ privacy policy | Technology | The Guardian.

A Samsung Electronics SUHD smart TV at its launch event in Seoul, February 5, 2015.

 A Samsung Electronics SUHD smart TV at its launch event in Seoul, February 5, 2015. Photograph: Kim Hong-Ji/Reuters

Users of Samsung’s Smart TV devices have raised concerns over the device’s privacy policy, which seems to suggest that they should not discuss any sensitive topics in their living room while the television is plugged in.

The warning relates to the product line’s voice recognition services, which lets users control their television with voice commands input through a microphone on the set’s remote control.

Samsung privacy policy warns: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of voice recognition.”

The third-party mentioned is thought to be Massachusetts-based voice recognition company Nuance, which provides the technology to Samsung as a white-label service.

Parker Higgins, an activist for San Francisco-based advocacy group Electronic Frontier Foundation who brought the privacy policy to light, compared the feature to the telescreens in George Orwell’s dystopian novel 1984.


Apple deleted music from users’ iPods purchased from rivals, court told | Technology | The Guardian

Apple deleted music from users’ iPods purchased from rivals, court told | Technology | The Guardian.

Apple scanned for music purchased from rival services such as Amazon and forced users to delete all music from their iPods, it is claimed

steve jobs with iPod
Apple deliberately forced users to delete music from their iPods if it was bought from rival music services, a court has been told. Photograph: Paul Sakuma/AP

Apple intentionally deleted music not bought from iTunes from users’ iPods between 2007 and 2009, a court was told in a antitrust suit against Apple.

Attorneys representing the plaintiffs in a potentially billion dollar antitrust class-action lawsuit against Apple for abuse of its iTunes Music Store dominance told the jury that the Californian electronics company scanned for music not bought from iTunes, and forced a factory reset of the iPod if any was detected.

“You guys decided to give them the worst possible experience and blow up” a user’s iPod music, attorney Patrick Coughlin told the US District Court in Oakland, California.

‘Very paranoid’

Users who tried to sync and update an iPod with music from the likes of Amazon or 7Digital were told there was an error with their iPod that could only be solved with a factory restore through iTunes, which completely wiped the iPod.

Restoring the iPod from iTunes would not restore music from rival services. Apple decided to “not to tell users the problem” Coughlin explained.

Apple security director Augustin Farrugia told the court that the music was deleted for security reasons and that hackers including Jon Lech Johansen also known as “DVD Jon” and software such as the digital rights management removal tool Requiem had made Apple “very paranoid.”

“Someone is breaking into our house,” Apple’s founder and chief executive Steve Jobs wrote at the time, according to an email exhibited by Apple software head Eddy Cue.

“The system was totally hacked,” said Farrugia and that the music was deleted for security reasons, saying that “we don’t need to give users too much information” because “we don’t want to confuse users.”

Apple declined to comment further.


Cómo es el 'Google' secreto de la NSA y cuáles son sus peligros

Cómo es el ‘Google’ secreto de la NSA y cuáles son sus peligros.


La última filtración de los “papeles de Snowden” revela la creación del buscador ICREACH para rastrear entre los metadatos espiados

La herramienta pudo servir para detenciones e interrogatorios de sospechosos

El anterior director de la NSA, Keith Alexander, ahora consultor privado, fue su promotor

Cárcel de Guantánamo. Foto: EFE

Aunque hace más de un año empezaron a salir a la luz las prácticas de espionaje masivo de la NSA con la publicación del rastreo de las llamadas de los usuarios de Verizon, el caso está lejos de cerrarse.

El último de los programas conocidos, revelado por “The Intercept” la semana pasada, es “ICREACH”, un buscador que la NSA habría desarrollado en secreto para rastrear entre miles de millones de metadatos obtenidos en sus actividades de espionaje indiscriminado.

Se trata, entre los sistemas de espionaje hasta ahora desvelados, de uno de los más graves por la cesión de millones de datos registrados a otras agencias como la CIA, el FBI o la DEA (que carecen del control y autorización excepcional con que supuestamente contaría la NSA), porquehabría servido para detenciones e interrogatorios a quienes se consideraban sospechosos “a la luz” del tratamiento de dichos metadatos.

Estas prácticas vulnerarían, tal como apuntaron enseguida las primeras reacciones, la Cuarta Enmienda de la Constitución norteamericana que establece que solo se podrá ser objeto de investigación o detención por causas “razonables”:

“El derecho de los habitantes de que sus personas, domicilios, papeles y efectos se hallen a salvo de pesquisas y aprehensiones arbitrarias, será inviolable, y no se expedirán al efecto mandamientos que no se apoyen en un motivo verosímil…”


Twister: la primera red social completamente descentralizada | Manzana Mecánica

Twister: la primera red social completamente descentralizada | Manzana Mecánica.

Para ser un medio que promete darle más poder a los ciudadanos permitiéndoles intercambiar información libremente, los medios sociales que usamos hoy son sistemas altamente centralizados. Tanto las redes de contactos como los mensajes en sí mismos son intermediados por entidades que tienen la capacidad, y a veces la obligación legal, de interceptar, retener, o borrar mensajes, o incluso de hacer desaparecer complemente a un usuario.

El sistema Diaspora introduce un nivel de descentralización al dividir un sitio en pods, cada uno encargado de mantener la información acerca de un subconjunto de usuarios. Actualmente hay decenas de pods, lo que hace a Diaspora más resistente que Twitter o Facebook, pero de todas formas cada pod constituye un punto posible de control y de ataque.

Twister lleva esta descentralización un paso más allá, permitiendo que cada computador sea un nodo de una red social totalmente distribuida.

¿Cómo funciona?

Twister utiliza 3 tecnologías P2P, como se detalla en este artículo:

Identidades. Las identidades de los usuarios (nombre, clave pública y clave privada) son almacenadas en un ledger (libro de registros distribuido) idéntico al usado en Bitcoin. Cada usuario puede crear una o varias identidades y registrarlas en la red, pagando con una pequeña computación que toma unos pocos minutos.

Perfiles. Los perfiles de cada usuario (nombre, biografía, foto, etc.) son almacenadas en una tabla de hashing distribuida (DHT). Esta tabla contiene una copia de algunos de los últimos posts de cada usuario e información requerida para la distribución de los mensajes a los seguidores de cada usuario.

Mensajes. Los mensajes de cada usuario son diseminados utilizando una variante de BitTorrent. Cada usuario de la red se constituye en una semilla (seed), y seguir a un usuario significa unirse a ese torrent y esperar que llegue un nuevo mensaje. Esto permite recibir mensajes en forma instantánea, sin necesidad de que cada usuario esté permanentemente consultando a la DHT si hay mensajes nuevos. Para enviar un mensaje privado, simplemente el mensaje es primero encriptado usando la llave pública del usuario de destino.


ICREACH: How the NSA Built Its Own Secret Google -The Intercept

ICREACH: How the NSA Built Its Own Secret Google -The Intercept.

 

architecture
By 200

The National Security Agency is secretly providing data to nearly two dozen U.S. government agencies with a “Google-like” search engine built to share more than 850 billion records about phone calls, emails, cellphone locations, and internet chats, according to classified documents obtained by The Intercept.

The documents provide the first definitive evidence that the NSA has for years made massive amounts of surveillance data directly accessible to domestic law enforcement agencies. Planning documents for ICREACH, as the search engine is called, cite the Federal Bureau of Investigation and the Drug Enforcement Administration as key participants.

ICREACH contains information on the private communications of foreigners and, it appears, millions of records on American citizens who have not been accused of any wrongdoing. Details about its existence are contained in the archive of materials provided to The Intercept by NSA whistleblower Edward Snowden.

Earlier revelations sourced to the Snowden documents have exposed a multitude of NSA programs for collecting large volumes of communications. The NSA has acknowledged that it shares some of its collected data with domestic agencies like the FBI, but details about the method and scope of its sharing have remained shrouded in secrecy.


The Insidiousness of Facebook Messenger's Mobile App Terms of Service | Sam Fiorella

The Insidiousness of Facebook Messenger’s Mobile App Terms of Service | Sam Fiorella.

Sam Fiorella

 

How much access to your (and your friends’) personal data are you prepared to share for access to free mobile apps? I suspect the amount is significantly less than that which you actually agreed to share when blindly accepting the Terms of Service.

Case in point: Facebook’s Messenger App, which boasts over 1,000,000,000 downloads, requires the acceptance of an alarming amount of personal data and, even more startling, direct control over your mobile device. I’m willing to bet that few, if any, of those who downloaded this app read the full Terms of Service before accepting them and downloading the app.

2013-11-30-Messenger.jpg

The Facebook Messenger app is a standalone version of the instant chat feature within the social network. You can easily access this within the Facebook app on your mobile device, but opening the full application also requires more memory, bandwidth, and battery life. As a result, Facebook offers this one feature as a standalone app in which you can instantly chat with your Facebook friends without having to launch the full Facebook app.

If you’re one of those 1,000,000,000 people who have downloaded this app, take a moment to read the following. I’ve posted, word for word, a few of the most aggressive app permission you’ve accepted.

    • Allows the app to change the state of network connectivity


  • Allows the app to call phone numbers without your intervention. This may result in unexpected charges or calls. Malicious apps may cost you money by making calls without your confirmation.


  • Allows the app to send SMS messages. This may result in unexpected charges. Malicious apps may cost you money by sending messages without your confirmation.


  • Allows the app to record audio with microphone. This permission allows the app to record audio at any time without your confirmation.


  • Allows the app to take pictures and videos with the camera. This permission allows the app to use the camera at any time without your confirmation.


  • Allows the app to read you phone’s call log, including data about incoming and outgoing calls. This permission allows apps to save your call log data, and malicious apps may share call log data without your knowledge.


  • Allows the app to read data about your contacts stored on your phone, including the frequency with which you’ve called, emailed, or communicated in other ways with specific individuals.


  • Allows the app to read personal profile information stored on your device, such as your name and contact information. This means the app can identify you and may send your profile information to others.


  • Allows the app to access the phone features of the device. This permission allows the app to determine the phone number and device IDs, whether a call is active, and the remote number connected by a call.


  • Allows the app to get a list of accounts known by the phone. This may include any accounts created by applications you have installed.


Innovación a cambio de jugar con sentimientos | Tecnología | EL PAÍS

Innovación a cambio de jugar con sentimientos | Tecnología | EL PAÍS.

Facebook seguirá haciendo experimentos con los usuarios

 

San Francisco 3 JUL 2014 – 11:25 CET

 

Sheryl Sandberg, número dos de Facebook, ayer durante una conferencia en Nueva Delhi. / Kuni Takahashi (Bloomberg)

Cobayas sin saberlo, Facebook jugó con las emociones de 689.000 usuarios sin previo aviso para un estudio académico dando por hecho que entra dentro de los ambiguos e interminables términos de uso de la red social. A la disculpa inicial de Adam Kramer, analista de datos y responsable del estudio, se han sumado dos voces que dejan claro que no es un error y Facebook pretende seguir por esa misma senda.

Mientras que Kramer insistió en que no se quería crear malestar, sino dar con las claves para saber cómo reaccionan sus suscriptores según lo que le leen, Sheryl Sandberg, la número dos de la red social, ha sido mucho más suave. Achaca el revuelo a un error de comunicación: “Forma parte de la investigación habitual en este tipo de compañías para probar diferentes productos y nada más. Lo hemos contado muy mal. Nos disculpamos por la comunicación porque no queríamos enfadar a nadie”. Su aclaración ha sido desde Nueva Delhi, en una conferencia donde ha anunciado que ya superan 100 millones de usuarios en India.

Monika Bickert, responsable de políticas públicas en la empresa de Mark Zuckerberg, es todavía más laxa: “En el futuro tenemos que asegurarnos de que somos transparentes, tanto con los organismos reguladores como con los que usan nuestro producto. Que sepan exactamente qué estamos haciendo”.

Las respuestas, tanto de Sandberg como de Bickbert, denotan que Facebook piensa seguir explorando el comportamiento de sus usuarios para analizar su posterior reacción. James Grimmelman, profesor de la Universidad de Maryland, mantiene una posición intermedia: “Cuando se hace una investigación, se avisa. Facebook lo pone en los términos de uso, pero no avisó de que alteraría el funcionamiento que hasta entonces era normal solo a algunos usuarios”.


Facebook apologises for psychological experiments on users | Technology | theguardian.com

Facebook apologises for psychological experiments on users | Technology | theguardian.com.

The second most powerful executive at the company, Sheryl Sandberg, says experiments were ‘poorly communicated’

 

 

Sheryl Sandberg
Facebook’s Sheryl Sandberg apologises for poor communication over psychological experiments. Photograph: Money Sharma/EPA

 

Facebook’s second most powerful executive, Sheryl Sandberg, has apologised for the conduct of secret psychological tests on nearly 700,000 users in 2012, which prompted outrage from users and experts alike.

The experiment, revealed by a scientific paper published in the March issue of Proceedings of National Academy of Sciences, hid “a small percentage” of emotional words from peoples’ news feeds, without their knowledge, to test what effect that had on the statuses or “likes” that they then posted or reacted to.

“This was part of ongoing research companies do to test different products, and that was what it was; it was poorly communicated,” said Sandberg, Facebook’s chief operating officer while in New Delhi. “And for that communication we apologise. We never meant to upset you.”

The statement by Sandberg, deputy to chief executive Mark Zuckerberg, is a marked climbdown from its insistence on Tuesday that the experiment was covered by its terms of service. The secret tests mean that the company faces an inquiry from the UK’s information commissioner, while the publishers of the paper have said they will investigate whether any ethics breach took place. Psychological tests on human subjects have to have “informed consent” from participants – but independent researchers and Facebook have disagreed on whether its terms of service implicitly cover such use.


How does Facebook decide what to show in my news feed? | Technology | theguardian.com

How does Facebook decide what to show in my news feed? | Technology | theguardian.com.

Controversial emotion study is a reminder that the social network’s filters are constantly at work in the background

Facebook study breached ethical guidelines – researchers

How does Facebook filter my news feed?

 

 

The average Facebook user sees 300 updates a day out of a possible 1,500.
The average Facebook user sees 300 updates a day out of a possible 1,500. Photograph: DADO RUVIC/REUTERS

 

Facebook is secretly filtering my news feed? I’m outraged!

Not so secretly, actually. There is controversy this week over the social network’s research project manipulating nearly 700,000 users’ news feeds to understand whether it could affect their emotions.

But Facebook has been much more open about its general practice of filtering the status updates and page posts that you see in your feed when logging on from your various devices. In fact, it argues that these filters are essential.

Essential? Why can’t Facebook just show me an unfiltered feed?

Because, it argues, the results would be overwhelming. “Every time someone visits news feed there are on average 1,500 potential stories from friends, people they follow and pages for them to see, and most people don’t have enough time to see them all,” wrote Facebook engineer Lars Backstrom in a blog post in August 2013.

“With so many stories, there is a good chance people would miss something they wanted to see if we displayed a continuous, unranked stream of information.”

Bear in mind that this is just an average. In another blog post, by Facebook advertising executive Brian Boland in June 2014, he explained that for more intensive users, the risk of story overload is greater.


Google compra Dropcam, dedicada a vigilar hogares | Tecnología | EL PAÍS

Google compra Dropcam, dedicada a vigilar hogares | Tecnología | EL PAÍS.


Dropcam almacena un mes completo de vídeo en sus servidores.

Enviar a LinkedIn29
Enviar a TuentiEnviar a MenéameEnviar a Eskup

EnviarImprimirGuardar

Saber qué pasa en casa sin estar en casa, ése es el valor que aportaDropcam, la última empresa que pasa a formar parte del imperio Google por 555 millones de dólares (unos 408 millones de euros). Se integrará dentro de Nest, conocida por sus termostatos y alarmas de incendios, compañía que compró el año pasado por 3.200 millones de dólares.

Dropcam, que nació en 2009, ofrece cámaras, muy parecidas a la que se usan para saber si el bebé duerme, pero utilizando Internet como medio de gestión de la cámara en lugar de un circuito cerrado y el móvil, tableta u ordenador, en lugar de un monitor al efecto. Esto hace posible que se pueda ver si realmente la canguro tiene los niños bajo control o si algún intruso está husmeando en las habitaciones con abrir una aplicación compatible con iPhone y Android.


How Secret Partners Expand NSA’s Surveillance Dragnet – The Intercept

How Secret Partners Expand NSA’s Surveillance Dragnet – The Intercept.

By 
Featured photo - How Secret Partners Expand NSA’s Surveillance DragnetTop-secret documents reveal how the NSA has established secret partnerships to spy on huge flows of private data.

Huge volumes of private emails, phone calls, and internet chats are being intercepted by the National Security Agency with the secret cooperation of more foreign governments than previously known, according to newly disclosed documents from whistleblower Edward Snowden.

The classified files, revealed today by the Danish newspaper Dagbladet Information in a reporting collaboration with The Intercept, shed light on how the NSA’s surveillance of global communications has expanded under a clandestine program, known as RAMPART-A, that depends on the participation of a growing network of intelligence agencies.

It has already been widely reported that the NSA works closely with eavesdropping agencies in the United Kingdom, Canada, New Zealand, and Australia as part of the so-called Five Eyes surveillance alliance. But the latest Snowden documents show that a number of other countries, described by the NSA as “third-party partners,” are playing an increasingly important role – by secretly allowing the NSA to install surveillance equipment on their fiber-optic cables.

The NSA documents state that under RAMPART-A, foreign partners “provide access to cables and host U.S. equipment.” This allows the agency to covertly tap into “congestion points around the world” where it says it can intercept the content of phone calls, faxes, e-mails, internet chats, data from virtual private networks, and calls made using Voice over IP software like Skype.

The program, which the secret files show cost U.S. taxpayers about $170 million between 2011 and 2013, sweeps up a vast amount of communications at lightning speed. According to the intelligence community’s classified “Black Budget” for 2013, RAMPART-A enables the NSA to tap into three terabits of data every second as the data flows across the compromised cables – the equivalent of being able to download about 5,400 uncompressed high-definition movies every minute.


The Internet With A Human Face – Beyond Tellerrand 2014 Conference Talk

The Internet With A Human Face – Beyond Tellerrand 2014 Conference Talk.

by

maciej-ceglowskil

Maciej Cegłowski

This is the text version of a talk I gave on May 20, 2014, at Beyond Tellerrand in Düsseldorf, Germany.

  1. INTRODUCTION
  2. THE INTERNET REMEMBERS TOO MUCH
  3. THE WEB HAS A CENTER
  4. EVERYONE IS SPYING
  5. THE FOUNDATIONS ARE ROTTEN
  6. REGULATE
  7. DECENTRALIZE
  8. DE-AMERICANIZE
  9. CONCLUSION

INTRODUCTION

Marc [Thiele] emailed me a few weeks ago to ask if I thought my talk would be appropriate to close the conference.

“Marc,” I told him, “my talk is perfect for closing the conference! The first half is this incredibly dark rant about how the Internet is alienating and inhuman, how it’s turning us all into lonely monsters.”

“But in the second half, I’ll turn it around and present my vision of an alternative future. I’ll get the audience fired up like a proper American motivational speaker. After the big finish, we’ll burst out of the conference hall into the streets of Düsseldorf, hoist the black flag, and change the world.”

Marc said that sounded fine.

As I was preparing this talk, however, I found it getting longer and longer. In the interests of time, I’m afraid I’m only going to be able to present the first half of it today.

This leaves me with a problem of tone.

To fix it, I’ve gone through the slides and put in a number of animal pictures. If at any point in the talk you find yourself getting blue, just tune out what I’m saying and wait for one of the animal slides, and you’ll feel better. I’ve tried to put in more animals during the darkest parts of the talk.Look at this guy! Isn’t he great?

Global police operation disrupts aggressive Cryptolocker virus | Technology | theguardian.com

Global police operation disrupts aggressive Cryptolocker virus | Technology | theguardian.com.

UK botnet victims have two weeks to escape clutches of invasive ransomware after global cybercrime operation

 

 

Cryptolocker will encrypt files with a public key that is widely seen as unbreakable.
Cryptolocker will encrypt files with a public key that is widely seen as unbreakable.

 

The FBI and crime agencies from across the globe have temporarily disrupted one of the most aggressive computer viruses ever seen, but are warning victims they have two weeks to protect their computers before the hackers seize it back.

Digital police from across the globe have claimed success in disrupting the criminal operation behind the ransomware, known as Cryptolocker.

The UK’s National Crime Agency (NCA) has told British victims that they have a two-week window to protect themselves, after working with the FBI, Europol and other law enforcement bodies to temporarily seize control of the global network of infected computers.

Cryptolocker is now disabled, but the NCA said it was a race against time before the hackers circumvent their block on it.

It follows one of the biggest ever international collaborations between the major crime agencies to prevent a virus of this magnitude.

The Cryptolocker software locked PC users out of their machines, encrypting all their files and demanding payment of one Bitcoin (currently worth around £300) for decryption.

The FBI estimates that the virus has already acquired $27m (£17m) in ransom payments in just the first two months of its life, and that it has infected more than 234,000 machines.


Privacy under attack: the NSA files revealed new threats to democracy | Technology | The Guardian

Privacy under attack: the NSA files revealed new threats to democracy | Technology | The Guardian.

Thanks to Edward Snowden, we know the apparatus of repression has been covertly attached to the democratic state. However, our struggle to retain privacy is far from hopeless

US National Security Agency
The US National Security Agency threat operations centre in Fort Meade, Maryland, in 2006. Photograph: Paul Richards/AFP/Getty Images

In the third chapter of his History of the Decline and Fall of the Roman Empire, Edward Gibbon gave two reasons why the slavery into which the Romans had tumbled under Augustus and his successors left them more wretched than any previous human slavery. In the first place, Gibbon said, the Romans had carried with them into slavery the culture of a free people: their language and their conception of themselves as human beings presupposed freedom. And thus, says Gibbon, for a long time the Romans preserved the sentiments – or at least the ideas – of a freeborn people. In the second place, the empire of the Romans filled all the world, and when that empire fell into the hands of a single person, the world was a safe and dreary prison for his enemies. As Gibbon wrote, to resist was fatal, and it was impossible to fly.

The power of that Roman empire rested in its leaders’ control of communications. The Mediterranean was their lake. Across their European empire, from Scotland to Syria, they pushed roads that 15 centuries later were still primary arteries of European transportation. Down those roads the emperor marched his armies. Up those roads he gathered his intelligence. The emperors invented the posts to move couriers and messages at the fastest possible speed.

Using that infrastructure, with respect to everything that involved the administration of power, the emperor made himself the best-informed person in the history of the world.

That power eradicated human freedom. “Remember,” said Cicero to Marcellus in exile, “wherever you are, you are equally within the power of the conqueror.”

The empire of the United States after the second world war also depended upon control of communications. This was more evident when, a mere 20 years later, the United States was locked in a confrontation of nuclear annihilation with the Soviet Union. In a war of submarines hidden in the dark below the continents, capable of eradicating human civilisation in less than an hour, the rule of engagement was “launch on warning”. Thus the United States valued control of communications as highly as the Emperor Augustus. Its listeners too aspired to know everything.

We all know that the United States has for decades spent as much on its military might as all other powers in the world combined. Americans are now realising what it means that we applied to the stealing of signals and the breaking of codes a similar proportion of our resources in relation to the rest of the world.

The US system of listening comprises a military command controlling a large civilian workforce. That structure presupposes the foreign intelligence nature of listening activities. Military control was a symbol and guarantee of the nature of the activity being pursued. Wide-scale domestic surveillance under military command would have violated the fundamental principle of civilian control.

Instead what it had was a foreign intelligence service responsible to the president as military commander-in-chief. The chain of military command absolutely ensured respect for the fundamental principle “no listening here”. The boundary between home and away distinguished the permissible from the unconstitutional.

The distinction between home and away was at least technically credible, given the reality of 20th-century communications media, which were hierarchically organised and very often state-controlled.

When the US government chose to listen to other governments abroad – to their militaries, to their diplomatic communications, to their policymakers where possible – they were listening in a world of defined targets. The basic principle was: hack, tap, steal. We listened, we hacked in, we traded, we stole.

In the beginning we listened to militaries and their governments. Later we monitored the flow of international trade as far as it engaged American national security interests.


Meet the seven people who hold the keys to worldwide internet security | Technology | The Guardian

Meet the seven people who hold the keys to worldwide internet security | Technology | The Guardian

It sounds like the stuff of science fiction: seven keys, held by individuals from all over the world, that together control security at the core of the web. The reality is rather closer to The Office than The Matrix

In a nondescript industrial estate in El Segundo, a boxy suburb in south-west Los Angeles just a mile or two from LAX international airport, 20 people wait in a windowless canteen for a ceremony to begin. Outside, the sun is shining on an unseasonably warm February day; inside, the only light comes from the glare of halogen bulbs.

There is a strange mix of accents – predominantly American, but smatterings of Swedish, Russian, Spanish and Portuguese can be heard around the room, as men and women (but mostly men) chat over pepperoni pizza and 75-cent vending machine soda. In the corner, an Asteroids arcade machine blares out tinny music and flashing lights.

It might be a fairly typical office scene, were it not for the extraordinary security procedures that everyone in this room has had to complete just to get here, the sort of measures normally reserved for nuclear launch codes or presidential visits. The reason we are all here sounds like the stuff of science fiction, or the plot of a new Tom Cruise franchise: the ceremony we are about to witness sees the coming together of a group of people, from all over the world, who each hold a key to the internet. Together, their keys create a master key, which in turn controls one of the central security measures at the core of the web. Rumours about the power of these keyholders abound: could their key switch off the internet? Or, if someone somehow managed to bring the whole system down, could they turn it on again?

The keyholders have been meeting four times a year, twice on the east coast of the US and twice here on the west, since 2010. Gaining access to their inner sanctum isn’t easy, but last month I was invited along to watch the ceremony and meet some of the keyholders – a select group of security experts from around the world. All have long backgrounds in internet security and work for various international institutions. They were chosen for their geographical spread as well as their experience – no one country is allowed to have too many keyholders. They travel to the ceremony at their own, or their employer’s, expense.

What these men and women control is the system at the heart of the web: the domain name system, or DNS. This is the internet’s version of a telephone directory – a series of registers linking web addresses to a series of numbers, called IP addresses. Without these addresses, you would need to know a long sequence of numbers for every site you wanted to visit. To get to the Guardian, for instance, you’d have to enter “77.91.251.10” instead of theguardian.com.

A smartcard is handed over‘Each of the 14 primary keyholders owns a traditional metal key to a safety deposit box, which in turn contains a smartcard, which in turn activates a machine that creates a new master key.’ Photograph: Laurence Mathieu for the Guardian

The master key is part of a new global effort to make the whole domain name system secure and the internet safer: every time the keyholders meet, they are verifying that each entry in these online “phone books” is authentic. This prevents a proliferation of fake web addresses which could lead people to malicious sites, used to hack computers or steal credit card details.

The east and west coast ceremonies each have seven keyholders, with a further seven people around the world who could access a last-resort measure to reconstruct the system if something calamitous were to happen. Each of the 14 primary keyholders owns a traditional metal key to a safety deposit box, which in turn contains a smartcard, which in turn activates a machine that creates a new master key. The backup keyholders have something a bit different: smartcards that contain a fragment of code needed to build a replacement key-generating machine. Once a year, these shadow holders send the organisation that runs the system – the Internet Corporation for Assigned Names and Numbers (Icann) – a photograph of themselves with that day’s newspaper and their key, to verify that all is well.


Pirate Bay plans new 'anti-censorship' browser | Technology | theguardian.com

Pirate Bay plans new ‘anti-censorship’ browser | Technology | theguardian.com.

After 2.5m downloads of its first PirateBrowser, filesharing site still attacking ‘domain blocking, domain confiscation, IP-blocking’

The Pirate Bay
The Pirate Bay’s new web browser aims to help users get around ISP blocks

The Pirate Bay’s own PirateBrowser web browser has been downloaded more than 2.5m times since its launch in August 2013, but the filesharing site is already working on a successor.

PirateBrowser was designed to help people access The Pirate Bay and other torrent services even if they were blocked by their ISP, while also circumventing other kinds of internet censorship in countries including Iran and North Korea.

It reached 1m downloads by mid-October, and has added a further 1.5m since then, but it seems set to be replaced by a new client later in 2014 that will use peer-to-peer technology to evade ISP-level blocks on people’s online activities.

“The goal is to create a browser-like client to circumvent censorship, including domain blocking, domain confiscation, IP-blocking. This will be accomplished by sharing all of a site’s indexed data as P2P downloadable packages, that are then browsed/rendered locally,” anunnamed Pirate Bay “insider” told TorrentFreak.

“It’s basically a browser-like app that uses webkit to render pages, BitTorrent to download the content while storing everything locally.”


The US government has betrayed the internet. We need to take it back | Bruce Schneier | Comment is free | The Guardian

The US government has betrayed the internet. We need to take it back | Bruce Schneier | Comment is free | The Guardian.

The NSA has undermined a fundamental social contract. We engineers built the internet – and now we have to fix it

• Explaining the latest NSA revelations – Q&A

Internet business cables in California.

‘Dismantling the surveillance state won’t be easy. But whatever happens, we’re going to be breaking new ground.’ Photograph: Bob Sacha/Corbis

Government and industry have betrayed the internet, and us.

By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical internet stewards.

This is not the internet the world needs, or the internet its creators envisioned. We need to take it back.

And by we, I mean the engineering community.

Yes, this is primarily a political problem, a policy matter that requires political intervention.

But this is also an engineering problem, and there are several things engineers can – and should – do.