Feeds:
Posts
Comments

Archive for the ‘Patents, IP, Privacy and More’ Category

As summarized by Cory Doctorow in “The EU hired a company that had been lobbying for the Copyright Directive to make a (completely batshit) video to sell the Copyright Directive“:

In other words, the Parliament gave public money to a corporation that stands to make millions from a piece of legislation, and then asked that corporation to make a video that used false statements and hysterical language to discredit the opposition to the law. It’s not even lobbying, where a corporation uses the promise of campaign cash and other incentives to get officials on-side: this is public officials paying lobbyists to sway public opinion to win a law that will vastly enrich the corporation the lobbyists represent.

Cory is a far better writer than me, so let me use his words to reiterate (and reinforce!) the point I tried to make two weeks ago:

If the Parliament gets its way, those Eurosceptic parties will go into the elections with a devastating piece of ammunition: if the European Parliament votes in a law in spite of the largest petition in the history of the human race opposing it; if it passes the law after being directly contacted by millions of concerned voters; if it passes the law after massive, continent-wide street demonstrations opposing it, then the Parliament will have proved Eurosceptics’ point for them.

I hope it does not have to get even worse than that before it can begin to get better with European politics.

Read Full Post »

When I first read these words (by Cory Doctorow), I was quite surprised. Could an executive entity be so… stupid… ?

The EU Commission has been forced to retract a Medium post in which it patronised and dismissed opponents of the controversial Article 13 proposal that will force platforms to surveil and censor users’ postings with copyright filters, calling them a “mob.”

The Commission characterised the opposition as being stooges for Google, hoodwinked by the company to carry water for it, despite the fact that Google has quietly supported the idea of filters as an acceptable alternative to other forms of regulation (Facebook, too, has supported the proposal).

The answer to my question above is: yes. And just to be clear: I oppose some of the Articles in the proposal, but no-one has paid me to do so!

If you want to read what the EU Commission published, head over to TorrentFreak – they have archived a copy of the text.

Does the text of the Commission in anyway address some of the critiques levelled at the current proposal? Not really. It tries to explain the rationale behind it, but hides that attempt between a number of fabrications that can only be classified as condescending, disrespectful and anti-democratic. How else can you interpret a text that says “Do Google, Facebook or others really need to pay to persuade?“, when you know that such companies are among the biggest lobbyists in Brussel (just check LobbyFacts.eu).

Anyway, let’s talk facts: if you want to know what’s wrong Article 13, head over to the EFF website and read “Artists Against Article 13: When Big Tech and Big Content Make a Meal of Creators, It Doesn’t Matter Who Gets the Bigger Piece“. In short: Article 13 is about filtering content, and no reasonably-size forum can do so without automation. Given that all pattern-recognition software (that’s what AI is about) is strongly dependent on the input used to train it, it’s more than likely that many errors will be made. Obliging the platforms to police the content of its users amounts to a form of privatisation of censorship – without much recourse to a fair trial to redress errors and fraud…

What worries me, as a longtime supporter of Europe, most about the EU Commission’s blog post is that incidents like this one are very likely to diminish enthusiasm for the European unification and for the upcoming European elections; it certainly does so for me. Two decades ago, being an elected official for Europe was an ambition for those with a genuine will to make the European Union a success. These days, it seems more like an extension of local and national politics: you try to be elected because one way or another there’s (big) money to be made there… I know this is a very cynical view – but I can’t help feeling that whoever wrote that EU Commission post as far more cynical about democracy than me!

Read Full Post »

TorrentFreak explains why and how a “Swedish ISP Protests ‘Site Blocking’ by Blocking Rightsholders Website Too“.

“Bahnhof has repeatedly demonstrated how copyright law is being abused and exploited by greedy opportunists [like Elsevier], and in the end it is always ordinary people who have to pay,” Bahnhof notes.

Thank you, Bahnhof, for speaking out against the abuse.

This is what you’ll see when surfing to Elsevier’s site as a Bahnhof customer. Don’t you love that modem sound?

The fight against copyright abuse: that’s exactly what Aaron Schwartz was a part of, and the case in Sweden, like others (check Australian law, for example), proves that the battles aren’t over. In fact, that is why the EU really needs to get rid of the current proposal for a Copyright Directive, and come up with something much better.

In the mean time, let Cory Doctorow explain why it is good that “Europe’s massive plan to require open access for all science gets two new backers: Wellcome Trust and the Gates Foundation“:

Now, Europe’s two largest science funders have joined the consortium: The Wellcome Trust and the Gates Foundation, and with these 15 funders backing Plan S, nearly all science research in Europe will be open access.

“Open Access” to scientific publications, that’s what this is all about.

Read Full Post »

Strange as it may seem, it does exist: an open-source motorcycle. At least, that’s what a company called Fictiv is telling us. Their name may not bode well in this context, but the company seems legit, going by their website. The blog post detailing their effort, “Open Source. Open road. Build your own fully customisable, street-legal motorcycle in a weekend“, is unfortunately rather skimpy on details.

The open-source bike on the open road

The bike does look good. I’m certainly not the only one who would like to know how it handles, what it costs, whether it can be done in a weekend, etc. If you have a more detailed report, let it know in the comments!

Read Full Post »

Aral Balkan wrote about “Schnail Mail: free real mail for life!” more than a year ago. Now he calls the “business practices ” behind Schnail Mail “http://aralbalkan.com/notes/spyware-2.0“. Whether you agree 100% with him is not essential; you can’t deny that his reasoning is out of place in a time when everyone is taking about the NSA and Snowden and …

While you’re at it, check out the ind.ie website, where the products of the Indienet, which is part of Aral Bakan’s vision, come to life. I’m reading the Pulse documentation; I can totally see myself using this tool for peer-to-peer copying of files.

Read Full Post »

Repost from Inessential.com:

” Were the National Security Agency an agency charged with the security of our nation, it would have reported the Heartbleed bug immediately instead of exploiting it.”

You may replace ‘NSA’ with another security service name if that suits you…

On a very, very,very related note,  Dave Winer writes:

“This is one of the reasons why the Internet of Things hype is so scary. Right now, in 2014, our entire financial system is accessible through a compromised system. That’s bad enough. But what happens when our bodies are wired to the net. And our cars, homes, everything. It’s great to think about when everything is working and everyone plays nice. But if you know anything about software and networks you know that’s a naive dream.”

Read Full Post »

If you still think that the patent system (be it in the US or in Europe) is benefitting society (or at least the economy), think again after reading this hard proof:

Turns out there is a very real, and very negative, correlation between patent troll lawsuits and the venture capital funding that startups rely on. A just-released study [PDF] by Catherine Tucker, a professor of marketing at MIT’s Sloan School of Business, finds that over the last five years, VC investment “would have likely been $21.772 billion higher… but for litigation brought by frequent litigators.”

patent-troll-graphic-final.png

Read Full Post »

Mat Honan is, as you all know (of course), the author whose online presence as well as a large part of his private digital assets were destroyed by hackers, just because they wanted his Twitter account and wreak havoc (he wrote about this in the article “How Apple and Amazon Security Flaws Led to My Epic Hacking“).

Click the image to see the complete "joke"...

Click the image to see the complete “joke”…

Six months later, Mat returned to the subject and asked us to “Kill the Password: Why a String of Characters Can’t Protect Us Anymore“. His conclusion then was very explicit: passwords are not a good way to protect your data.

We could ban dumb passwords and discourage reuse. We could train people to outsmart phishing attempts. (Just look closely at the URL of any site that asks for a password.) We could use antivirus software to root out malware.

But we’d be left with the weakest link of all: human memory. Passwords need to be hard in order not to be routinely cracked or guessed. So if your password is any good at all, there’s a very good chance you’ll forget it—especially if you follow the prevailing wisdom and don’t write it down. Because of that, every password-based system needs a mechanism to reset your account…

And that means:

The age of the password has come to an end; we just haven’t realized it yet. And no one has figured out what will take its place. What we can say for sure is this: Access to our data can no longer hinge on secrets—a string of characters, 10 strings of characters, the answers to 50 questions—that only we’re supposed to know.

I’m not so sure about his conclusion. After all, the real problem isn’t the form of the password or key. The core of the problem is man and her/his “gullibility”; “social engineering” is what the hackers are using as their main weapon. So the question is: how can we avoid that reliance on human memory, as long as we have no replacement for passwords?

Should the operating systems of our devices take a (much) larger share of the memory burden? Do we need small or big applications, in combination with some kind of hardware, to help us? Or perhaps we could use a standalone “passphrase device” with a standardized interface to any relevant device, like the remote “key” that operates almost any modern car? Or are biometric solutions the way of the future?

I’m guessing here, but I have a hunch that passwords aren’t exactly going away soon.

Read Full Post »

I’m not a mathematician, let alone a cryptographer, but I do care about cryptography as a tool. Cryptography – good cryptography – is a tool to help me keep my passwords private, a tool to protect my communications with my bank and other service providers on the Internet, a tool to secure my credit card, etc.

Source: Shutterstock

Source: Shutterstock

So from time to time I read a bit about the current state of the field, in an attempt to understand it better and to avoid making all too obvious mistakes. Here are a few of my latest reads (you’ll like them, even if you don’t know much about advanced math):

And while you’re at it, re-read Bruce Schneier’s advice on ‘Choosing Secure Passwords‘…

Read Full Post »

ReadWriteWeb says:

If you’re a WhatsApp user who wants to break up with Facebook, or someone looking for a great new messaging application, we’ve put together a list of mobile messaging apps you should try…

Photo by Ian Broyles (Flickr)

Photo by Ian Broyles (Flickr)

They mention the following apps/systems: Telegram, Wickr, Line, Kik and Tango. “All these applications provide messaging services that rival WhatsApp, without the commitment to Facebook services, meaning you’re not turning over your mobile phone book and payment information to the social network in exchange for an efficient messaging service…” – and on top of that, the first two offer serious encryption of your messages. Wickr especially prides itself on its capacity to allow its users to “communicate safely, securely, anonymously — and easily“.

I’m sure there are more options to be found – try ’em out and tell the world what you think about them!

Read Full Post »

From the EFF Deeplinks blog, in an open letter detailing “10 Principles to Protect Users From NSA Sabotage“:

In the past nine months, our trust in technology companies has been badly shaken. Today, in collaboration with prominent security researchers and technologists, EFF presents an open letter to technology companies, urging them to protect users from NSA backdoors and earn back the trust that has been lost.

eff.png

In some cases, I would be happy if software companies would apply just a single appropriate principle from that list! Take for example the Android antivirus tools: according to the German magazine C’T (Computer und Technik), many of the biggest suppliers send user data (URLs and FORM data, possibly even containing passwords etc.) to the supplier without any form of encryption to protect those data from prying eyes.

So I uninstalled AVG Antivirus; for the time being I’ll rely on Eset Mobile Security to help fight off the baddies.

Read Full Post »

As Christopher Soghoian tweets: “The WhisperSystem TextSecure app supports federation. Please, every other text messaging app, interoperate w/ this. https://whispersystems.org/blog/the-new-textsecure/“.

@csoghoian tweets about security

@csoghoian tweets about security

What more can I say? That I have installed TextSecure? Of course! What about you?

Read Full Post »

In 2010 The Economist wrote: “After land, sea, air and space, warfare has entered the fifth domain: cyberspace“. The stories about cyber-espionage and tampering with systems from a distance seemed a little far-fetched then.

cyber-weapon.jpg

But the weapons of the Internet arsenal are not science-fiction! Wired has a neat overview of how you can wage war on the web: “Our Government Has Weaponized the Internet. Here’s How They Did It“. The conclusion of the author is sobering:

The only self defense from all of the above is universal encryption. Universal encryption is difficult and expensive, but unfortunately necessary.

Encryption doesn’t just keep our traffic safe from eavesdroppers, it protects us from attack. DNSSEC validation protects DNS from tampering, while SSL armors both email and web traffic.

There are many engineering and logistic difficulties involved in encrypting all traffic on the internet, but its one we must overcome if we are to defend ourselves from the entities that have weaponized the backbone.

The Guardian recently added: “Revelations show transatlantic intelligence pact started in second world war is expanding beyond states’ ability to control it

For the truly paranoid, here’s the advice from Osama Bin Laden and Bruce Schneier: use an air gap computer. And be aware that even that solution is not 100% secure.

Read Full Post »

If you care about your online privacy, then you have to know a little bit about cryptography. You’ve probably heard about RSA and AES – or at least you should have seen these abbreviations show up on your screen when dealing with SSL. But:

…RSA is not the ideal system for the future of cryptography. In an ideal trapdoor function, the easy way and the hard way get harder at the same rate with respect to the size of the numbers in question. So we need a public key system based on a better trapdoor.

elliptic-curve-crypt-image00.png

Here’s “A (relatively easy to understand) primer on elliptic curve cryptography“, which explains why elliptic curves may be a much better solution.

Sidenote: “relatively easy to understand“, yes indeed – if you’re a math student. Anyhow, you will need to schedule a serious reading session to get to grips with this subject!

Read Full Post »

If you are like me, then you have asked yourself the question: what am I to think about the electronic surveillance programs all over the world? Yes, the NSA may be the biggest and best-equipped agency in this context, but they’re not alone!

I have been reading Evgeny Morozov’s “The Real Privacy Problem. Why Our Privacy Problem is A Democracy Problem In Disguise” several times, and I encourage you to do the same. You may not agree with his conclusion that we need “an electronic provocateur” to ponder the fundamental choices citizens need to take in a real democracy, but you should – nay, must – reflect on the subject and try to find your own answer to the questions he raises.

(c) Stephen D. Melkisethian

(c) Stephen D. Melkisethian

Read Full Post »

Older Posts »