OnionWare Anonymity Software Makes Spies Cry: New Secure Filesharing Service Expertly Thwarts Middlemen

With privacy issues becoming more and more critical in modern life, it is important to retain a feeling of security when dealing with one's major online documents. More than simple spied-on social media or intercepted emails, having a means to store and transfer large files online in a private manner is the focus of a new anonymity software.

Inspired by NSA patriot Edward Snowden, the new OnionWare technology uses the super-secure Tor network to thwart prying eyes, then establishes a temporary website on the user's computer. This eliminates the "middleman" of other filesharing services like Dropbox, which could be infiltrated by the government at any point. Using Onionware and Tor, a secure password and URL are exchanged peer-to-peer, and once the desired files are downloaded by the recipient, the temporary site is deleted permanently.

Parker Higgins, an activist with the Electronic Frontier Foundation, lauded the new technology, telling www.digitaljournal.com that, "Peer-to-peer offers no convenient mechanism for centralized surveillance or censorship. By design, there's usually no middleman that can easily record metadata about transfers—who uploaded and downloaded what, when, and from where—or block those transfers...recording all of it would require a dragnet effort, not a simple request for a log file from a centralized service provider."

The software was developed by tech analyst and cryptography/cybersecurity crusader Micah Lee while trying to expedite the secure transfer of files between Edward Snowden and journalists David Miranda and Glenn Greenwald, whose own files came under government scrutiny once the Snowden leaks were exposed.

No Cash For Spy Stash: The NSA Loses Government Funds For Domestic Peeping; Foreign Spyware

Will a lack of "backdoor funding" deter the NSA in any way from spying on citizens at home and abroad? Soon the world will have a chance to find out.

As reported by www.wired.co.uk, on June 19th the House of Representatives passed an amendment to the Department of Defense Appropriations Act 2015 that will prevent the NSA from using government funds to stock information obtained while stalking both Americans and foreign citizens not expressly under warrant.

An open letter from several civil liberties groups to the House Of Representatives regarding the vote stated, "...These measures would make appreciable changes that would advance government surveillance reform and help rebuild lost trust among internet users and businesses, while also preserving national security and intelligence authorities."

This is an important breakthrough, with many foreign citizens recently extra-suspicious of the NSA thanks to discoveries of wireless routers sold in Europe being tainted by American spyware (subsequent hacks and defenses have already been issued to quell this problem.) But will removing Uncle Sam's wallet from Big Brother's pocket really slow down the spying?

Now they'll have to raise funds just as shady as they are.

"External Communications" And Infernal Revelations: Britain Allows Cyber-Spying On Facebook And Google

While many other nations around the world are condemning the US for its privacy violations, it seems that Great Britain is taking advantage of our lapses.

The BBC reports that British intelligence now considers sites like Facebook and Google to be "external communications" due to the companies' headquarters being based in the US, and thus the information gleaned from these sites is acceptable for agency retainment and/or review. Non-external sources would require the signature of a minister on a targeted warrant, issued only after suspicion of illegal activity was clearly stated.

Privacy International director Eric King noted the actual laws preventing this are unclear and possibly manipulated by those who would scour for secrets, stating "Intelligence agencies cannot be considered accountable to parliament and to the public they serve when their actions are obfuscated through secret interpretations of Byzantine laws."

With America, Britain, and even more of the world now affected by pervasive privacy penetration, an international dialogue on what constitutes infringement may be necessary. With the American Constitution already well trampled in regards to cyber and cell security, perhaps a rallying of world citizens tired of being spied on would achieve some measure of change.

Government To Local Police: Shhh About The Surveillance

It's no longer a secret that the US government routinely, deliberately and invasively spies on their citizens with no regard as to privacy or pertinence of information. Now, it is emerging that they are actively trying to cover their tracks on a local level, as even average officers are using surveillance gear with extreme impunity.

The federal government has been oddly intervening at local public records and criminal trials that deal with information gained in a possibly over-invasive manner, which as Top Tech News reports, "resulted in police departments withholding materials or heavily censoring documents in rare instances when they disclose anything about the purchase and use of such powerful surveillance equipment."

One popular piece of such technology, the Stingray, reroutes the target's call and metadata to the police's receiver instead of a cell phone tower, bringing up serious questions of infractions on the Constitutional rights of those who are being listened to. Various affadavits and documents point to the federal government overtly refusing to answer questions about such technology's locations, design and operations prove that they are trying to cover up a plot that is legally-questionable and lucrative (both informationally for the feds and financially for Harris Corp....the Stingray accounted for nearly one-third of it's parent company's $5 billion in revenue.)

Unsurprisingly, the government and local departments' excuse for their secrecy is "security."

Dissonantly, President Obama claims he is welcoming debates on surveillance and transparency. Dial any number at all to talk to him regarding your feelings...if there's a Stingray nearby, the government will be happy hear you out. 

Drone Sweet Drone: FAA Approves First Commercial Drone In US

It looks like oil security, once again, will be used as the main excuse to make a strong and questionable societal statement...except this one is over civilian privacy, and on (well, above) American soil.

As reported by Gizmodo, drone manufacturing company AeroVironment was given the go-ahead this week for a commercial drone to patrol skies over Alaska as a means to guard BP oil pipelines. The drone will also supposedly participate in "some 3D-mapping, wildlife monitoring, and the occasional search-and-rescue mission."

While it is noteworthy that the first commercial drone has been licensed as a way to do a job that is both difficult and dangerous for humans, there is no telling where the FAA will stop regarding the industries allowed to fly these aircraft, or what they are allowed to do while airborne. Armed with cameras, sensors, and sturdy craftmanship (the military-type AeroVironment Puma AE used in Alaska is nearly five feet long with a nine-foot wingspan), it will be intriguing to see how drones at home will aid or aggravate American lives.

Falkvinge: Private Communications or Mass Corporate Surveillance, Pick One

In his most recent column for Torrent Freak, Richard Falkvinge, the founder of the Swedish Pirate Party, argues that we have a simple choice before us. We can opt for retaining some semblance of private correspondence and communication that is outside the scope of government and corporate surveillance, or we can acquiesce to the demands of the entertainment industry.  Excerpt:

There is no way to enforce the copyright monopoly without reading all the private communications in transit – mass eavesdropping and mass surveillance. There is no magic way to just wiretap the violations and ignore the rest; the act of finding which communications may violate the copyright monopoly requires that you sort all correspondence into legal and illegal. The act of sorting requires observation; you cannot determine if something is legal or illegal without looking at it. At that point, the postal secret and the privacy of correspondence have been broken . . .

So we’re at a crossroads where we as a society must determine which is more important – the right to communicate in private at all, or the obsolete distribution and manufacturing monopoly of an entertainment industry. These two are completely mutually exclusive and cannot coexist. This is, and has been, the problem since the cassette tape.

FBI to Expand Facial Recognition Photo Database

From the EFF:

New documents released by the FBI show that the Bureau is well on its way toward its goal of a fully operational face recognition database by this summer.
EFF received these records in response to our Freedom of Information Act lawsuit for information on Next Generation Identification (NGI)—the FBI’s massive biometric database that may hold records on as much as one third of the U.S. population. The facial recognition component of this database poses real threats to privacy for all Americans.

NGI builds on the FBI’s legacy fingerprint database—which already contains well over 100 million individual records—and has been designed to include multiple forms of biometric data, including palm prints and iris scans in addition to fingerprints and face recognition data. NGI combines all these forms of data in each individual’s file, linking them to personal and biographic data like name, home address, ID number, immigration status, age, race, etc. This immense database is shared with other federal agencies and with the approximately 18,000 tribal, state and local law enforcement agencies across the United States.

The records we received show that the face recognition component of NGI may include as many as 52 million face images by 2015. By 2012, NGI already contained 13.6 million images representing between 7 and 8 million individuals, and by the middle of 2013, the size of the database increased to 16 million images. The new records reveal that the database will be capable of processing 55,000 direct photo enrollments daily and of conducting tens of thousands of searches every day . . .

In order to avoid the prying eyes of government pervs, you might want to consider a new look, such as those being developed by Adam Harvey, who is seeking to "create a growing catalog of designs and techniques that can be employed as camouflage against face detection."

Torrent Freak's Updated VPN Privacy Profiles

From Torrent Freak:

Millions of people use a VPN service to protect their privacy, but not all VPNs are as anonymous as one might hope. In fact, some VPN services log users' IP-addresses for weeks. To find out how secure VPNs really are TorrentFreak asked the leading providers about their logging policies, and more. . . .

Unfortunately, not all VPN services are as anonymous as they claim. Following a high-profile case of an individual using an ‘anonymous’ VPN service that turned out to be not so private, TorrentFreak decided to ask a selection of VPN services some tough questions.

By popular demand we now present the third iteration of our VPN services “logging” review. In addition to questions about logging policies we also asked VPN providers about their stance towards file-sharing traffic, and what they believe the most secure VPN is . . . 

British and US Spy Agencies Compromise Yahoo Chat

It needs to be said: the actions of intelligence agencies such as the NSA and the British GCHQ amount to an act of war against innocent civilian populations around the world.  This brings their actions into line with the definition of terrorism, the use of force or the threat of the use of force against civilian populations to achieve political ends.  It is time for people to stand up and call these government agencies out for what they are: state sponsored terrorist groups.  From The Guardian:

Britain's surveillance agency GCHQ, with aid from the US National Security internet users not suspected of wrongdoing, secret documents reveal.
Agency, intercepted and stored the webcam images of millions of GCHQ files dating between 2008 and 2010 explicitly state that a surveillance program codenamed Optic Nerve collected still images of Yahoo webcam chats in bulk and saved them to agency databases, regardless of whether individual users were an intelligence target or not.

In one six-month period in 2008 alone, the agency collected webcam imagery – including substantial quantities of sexually explicit communications – from more than 1.8 million Yahoo user accounts globally.

Yahoo reacted furiously to the webcam interception when approached by the Guardian. The company denied any prior knowledge of the program, accusing the agencies of "a whole new level of violation of our users' privacy".

Clueless Judge Thinks Government Can Be Trusted

Here's a funny little tidbit from the ongoing court case surrounding the former Lavabit secure email service. An appeals court judge believes that the government can be trusted not to abuse its powers.  From Ars Technica:

In the summer of 2013, Lavabit was ordered to provide real-time e-mail monitoring of one of its users, widely believed to be Edward Snowden, the former NSA contractor-turned-leaker. When Lavabit told the feds that the only way it could hand over communications was through an internal process that would deliver results 60 days after any communication was sent, the authorities returned with a search warrant for Lavabit's SSL keys, which could decrypt the traffic of all of Lavabit's users. Ladar Levison, the CEO of Lavabit, handed over the SSL keys but then shut down his 10-year-old business rather than expose all of Lavabit's users.

The first report of the appeals argument from PC World suggests that while Levison may be a hero with privacy advocates, he's going to have a tougher time convincing the judges on the appeals court. The case was “blown out of proportion with all these contentions” of what the FBI would do with the SSL keys, said US Circuit Judge Paul Niemeyer. "There’s such a willingness to believe” that the keys will be misused and that "the government will spy on everyone,” he said.

Use of Online Privacy and Anonymity Tools on the Rise

From the Guardian:

Globally, 56% of those surveyed by GlobalWebIndex reported that they felt the internet is eroding their personal privacy, with an estimated 415 million people or 28% of the online population using tools to disguise their identity or location.

On these figures, Tor could be regularly used by as many as 45.13 million people. Its biggest userbase appears to be in Indonesia, where 21% of respondents said they used the tool, followed by 18% in Vietnam and 15% in India. 

Indonesia also has the world's highest penetration of general anonymity tools among its internet users, with 42% using proxy servers or virtual private networks known as VPNs, which disguise the location of the user's internet connection - their IP address - and therefore bypass regional blocks on certain content.

The US, UK, Germany and Ireland meanwhile all report 17% penetration, with Japan the lowest at 5%. The data includes those aged 16-64 for the last quarter of 2013.

Stalkware App Can Use Facial Recognition Technology to ID Strangers

Make sure you have your masks and makeup handy if you want to keep your online profile separate from your person.  From CNET:

Soon your face could be your calling card. An upcoming app for Android, iOS, and Google Glass called NameTag will allow you to photograph strangers and find out who they are -- complete with social networking and online dating profiles.

Spot someone out and about that you want to identify, and you can capture their face using your device's camera. The app will send the photo wirelessly to NameTag's server, where it will compare the photo to millions of online records and return with a name, more photos, and social-media profiles, such as Facebook, Twitter, and Instagram, where the person (or their friends) might have publicly posted photos of themselves.

And, if you're interested in that person in a more-than-passing fashion, the app's creator -- FacialNetwork -- is working on technology that will allow scanning of profile pictures on online dating sites, such as Plenty of Fish, OKCupid, and Match.com.

Lawsuit Alleges Facebook Privacy Violations

From PC World:

Facebook has been accused of intercepting private messages of its users to provide data to marketers, according to a class-action lawsuit filed in a federal court in California.

The social networking company scanned plaintiffs’ private messages containing URLs (uniform resource locators) and searched the website identified in the URL for “purposes including but not limited to data mining and user profiling,” according to the complaint in the U.S. District Court for the Northern District of California.

The company does not engage in the practice to facilitate the transmission of users’ communications via Facebook, but to enable it to mine user data and profit by sharing the data with third parties such as advertisers, marketers, and other data aggregators, the complaint said.

Facebook is said to have violated the Electronic Communications Privacy Act and California privacy laws by its intentional interception of electronic communications.  The complaint cites third-party research to back its claim that Facebook is intercepting and scanning the content of private messages.

Falkvinge: 5 Predictions that Won't Shock the World

Over at Private Internet Access, Rick Falkvinge makes some fairly conservative predictions for the new year:

So here are my five predictions for privacy in 2014: Snowden will continue to shock those who understand what he’s saying, oldmedia will continue to not care, the average person hasn’t understood what’s going on and will continue to not understand, politicians will continue to pretend nothing happened, and laws enabling the mass surveillance won’t change or will go the wrong way, unless politicians lose their jobs over it.

How to Scrub Your Online Presence . . .

It is by now common wisdom that once you put something up on the internet, it is there forever, or at least as long as the internet still exists.  However, it is possible to change your digital footprint enough to hide your tracks.  A small primer on doing so from Make Use Of:

If you’re looking to drop from the Webosphere completely in an attempt to remain anonymous, we can help. The process is arduous and there are several key steps you’ll need to take along the way. But in the end, if you value your online privacy, it’ll be worth it . . .

BitTorrent: Secure Chat App on the Way?

From CNET:

The aftermath of the NSA spying revelations has people and companies scrambling for ways to create more secure communications, which has led BitTorrent to build a instant-message chat client that follows the torrenting principle of decentralized data transfer.

The first release of BitTorrent Chat is a private alpha, meaning you have to go to the BitTorrent Chat sign-up page to get an invite, which will take you to a download.  The client uses the concept of decentralized technology that's at the heart of torrents to run instant messages between people . . . 

Homeland Security Is Going to Get in Your Face

If you thought Homeland Security checkpoints were intrusive, just wait until they start getting in your face.  An oped in the New York Times:

the Department of Homeland Security is making considerable progress on a computerized tool called the Biometric Optical Surveillance System. The system, if completed, will use video cameras to scan people in public (or will be fed images of people from other sources) and then identify individuals by their faces, presumably by cross-referencing databases of driver’s license photos, mug shots or other facial images cataloged by name . . .

At the moment, there is little to no regulation or legal oversight of technologies like the Biometric Optical Surveillance System. We need to implement safeguards to protect our civil liberties — in particular, our expectation of some degree of anonymity in public.

The Department of Homeland Security is not the only agency developing facial-surveillance capacities. The Federal Bureau of Investigation has spent more than $1 billion on its Next Generation Identification program, which includes facial-recognition technology. This technology is expected to be deployed as early as next year and to contain at least 12 million searchable photos.

Google: No Expectation of Privacy in Gmail Emails

From Slate:

If you happen to be one of the 400 million people who use Google's Gmail service for sending and receiving emails, you shouldn't have any expectation of privacy, according to a court briefing obtained by the Consumer Watchdog website. In a motion filed last month by Google to have a class action complaint dismissed, Google's lawyers reference a 1979 ruling, holding that people who turn over information to third parties shouldn't expect that information to remain private.

Yahoo Wins Suit to Reveal Documents from Secret Court Proceedings

According to the Daily Dot, a court has ruled that documents relating to Yahoo's legal resistance to demands from the Federal government for access to its users' records will be declassified.  Excerpt:

Yahoo, initially vilified for being part of the PRISM program, which allows the National Security Agency (NSA) to tap it and other companies for users' information, is about to be vindicated.

A court ruled Monday that the Department of Justice must reveal classified documents from 2008 that Yahoo says will demonstrate that the company fought back against a secret court order to reveal their users' data.

"The Government shall conduct a declassification review of this Court's Memorandum Opinion of [Yahoo's case] and the legal briefs submitted by the parties to this Court," the ruling read. The Department of Justice has two weeks to estimate how long it'll take to declassify the documents and can still redact the parts it finds contains classified information.

Economic Fallout of the NSA Surveillance Scandal

From PC Mag:

Microsoft, despite denials, appears to be in bed with the NSA. Apparently all encryption and other methods to keep documents and discussions private are bypassed and accessible by the NSA and whomever it is working with. This means a third party, for whatever reason, can easily access confidential business deals, love letters, government classified memos, merger paperwork, financial transactions, intra-corporate schemes, and everything in between.

With that said, do you really want to buy a Microsoft product? Do you want to buy anything that gives easy access to snoops poking around at their leisure? If you'd think twice about this, then why would a foreign government rely on Microsoft Office with any confidence? Personally, if I were any foreign government or corporation, I'd stop using all Microsoft products immediately for fear of America spying on me. Nothing can be secret.

If I was a shareholder in any public company, I'd get up at the annual meeting and ask if the company was using Microsoft products and if so, I'd demand to know why it has not dumped them for something else . . .