Firefox: Open Source Security Solutions to Internet Surveillance

From Brendan Eich, CTO of Mozilla:

Mozilla has one critical advantage over all other browser vendors. Our products are truly open source . . . As Anthony Jones from our New Zealand office pointed out the other month, security researchers can use this fact to verify the executable bits contained in the browsers Mozilla is distributing, by building Firefox from source and comparing the built bits with our official distribution . . .

To ensure that no one can inject undetected surveillance code into Firefox, security researchers and organizations should:

• regularly audit Mozilla source and verified builds by all effective means;
• establish automated systems to verify official Mozilla builds from source;
• raise an alert if the verified bits differ from official bits.

In the best case, we will establish such a verification system at a global scale, with participants from many different geographic regions and political and strategic interests and affiliations.

Security is never “done” — it is a process, not a final rest-state. No silver bullets. All methods have limits. However, open-source auditability cleanly beats the lack of ability to audit source vs. binary.

Through international collaboration of independent entities we can give users the confidence that Firefox cannot be subverted without the world noticing, and offer a browser that verifiably meets users’ privacy expectations.

The Internet Strikes Back: Protest Mass Surveillance

From The Day We Fight Back:

In January 2012 we defeated the SOPA and PIPA censorship legislation with the largest Internet protest in history. A year ago this month one of that movement's leaders, Aaron Swartz, tragically passed away.

Today we face a different threat, one that undermines the Internet, and the notion that any of us live in a genuinely free society: mass surveillance.
If Aaron were alive, he'd be on the front lines, fighting against a world in which governments observe, collect, and analyze our every digital action.

Now, on the eve of the anniversary of Aaron's passing, and in celebration of the win against SOPA and PIPA that he helped make possible, we are announcing a day of protest against mass surveillance, to take place this February 11th.

Press release:

A broad coalition of activist groups, companies, and online platforms will hold a worldwide day of activism in opposition to the NSA's mass spying regime on February 11th. Dubbed "The Day We Fight Back", the day of activism was announced on the eve of the anniversary of the tragic passing of activist and technologist Aaron Swartz. The protest is both in his honor and in celebration of the victory over the Stop Online Piracy Act two years ago this month, which he helped spur.

Participants including Access, Demand Progress, the Electronic Frontier Foundation, Fight for the Future, Free Press, BoingBoing, Reddit, Mozilla, ThoughtWorks, and more to come, will join potentially millions of Internet users to pressure lawmakers to end mass surveillance -- of both Americans and the citizens of the whole world. . . . 

HOW INTERNET USERS CAN HELP:

1. Visit TheDayWeFightBack.org
2. Sign up to indicate that you'll participate and receive updates.
3. Sign up to install widgets on websites encouraging its visitors to fight back against surveillance. (These are being finalized in coming days.)
4. Use the social media tools on the site to announce your participation.
5. Develop memes, tools, websites, and do whatever else you can to participate -- and encourage others to do the same.

Stalkware App Can Use Facial Recognition Technology to ID Strangers

Make sure you have your masks and makeup handy if you want to keep your online profile separate from your person.  From CNET:

Soon your face could be your calling card. An upcoming app for Android, iOS, and Google Glass called NameTag will allow you to photograph strangers and find out who they are -- complete with social networking and online dating profiles.

Spot someone out and about that you want to identify, and you can capture their face using your device's camera. The app will send the photo wirelessly to NameTag's server, where it will compare the photo to millions of online records and return with a name, more photos, and social-media profiles, such as Facebook, Twitter, and Instagram, where the person (or their friends) might have publicly posted photos of themselves.

And, if you're interested in that person in a more-than-passing fashion, the app's creator -- FacialNetwork -- is working on technology that will allow scanning of profile pictures on online dating sites, such as Plenty of Fish, OKCupid, and Match.com.

Texas Republican Senate Candidate Accepts Bitcoin Donations

From NPR:

Stockman visits the NYC Bitcoin Center.

When Texas Rep. Steve Stockman announced recently that he'll accept donations in bitcoins, he raised some eyebrows. . . . Stockman appeared in a Dec. 31 expressing support for the virtual currency: "I really think digital money is more about freedom,Business Insider, he said his Senate campaign would show support by accepting Bitcoin donations.
" he said, adding that bitcoin is "a fixed amount of currency at a fixed rate, so very good for the markets." According to

Setting aside the question of Stockman's longshot candidacy, his announcement raised a question that has rarely been asked before: In political campaigns, what are bitcoins worth?

Car Hacking on the Rise

From Auto Express:

An increasing number of cars are at risk from computer hackers because of the advanced Internet enabled systems they offer – and the problem could be potentially life-threatening. That’s the warning from technology firm Harman at the 2014 Consumer Electronics Show (CES).

Modern cars have a number of electronic control units (ECUs), which not only control infotainment services, but also the operation of the engine, transmission and safety features such as stability control and anti-lock brakes.

If someone can hack into the connectivity system, they then have access to all the car’s other ECUs because there is currently no physical or electronic barrier between them.

Lawsuit Alleges Facebook Privacy Violations

From PC World:

Facebook has been accused of intercepting private messages of its users to provide data to marketers, according to a class-action lawsuit filed in a federal court in California.

The social networking company scanned plaintiffs’ private messages containing URLs (uniform resource locators) and searched the website identified in the URL for “purposes including but not limited to data mining and user profiling,” according to the complaint in the U.S. District Court for the Northern District of California.

The company does not engage in the practice to facilitate the transmission of users’ communications via Facebook, but to enable it to mine user data and profit by sharing the data with third parties such as advertisers, marketers, and other data aggregators, the complaint said.

Facebook is said to have violated the Electronic Communications Privacy Act and California privacy laws by its intentional interception of electronic communications.  The complaint cites third-party research to back its claim that Facebook is intercepting and scanning the content of private messages.

Torrent Search to Be Included in Ubuntu by Default

From Torrent Freak:

A new scope set to be included in Ubuntu by default will allow users of The Pirate Bay to conduct BitTorrent searches directly from Unity desktop. The tool’s creator informs TorrentFreak that while there is still work to be done, the aim of the scope – which is endorsed by Canonical founder Mark Shuttleworth – is to embed Free Culture directly into the Ubuntu user experience.

In early December 2013 there was a nice announcement for Ubuntu users. Software developer David Callé revealed that a new torrent scope (search addon) for the Debian-based Linux OS was now available.

In the first instance Callé was skeptical about having the scope included in Ubuntu by default since it would inevitably turn up unlicensed content, something he feared would “generate a lot of FUD for Ubuntu.” However, Callé’s fears were quickly addressed by Ubuntu founder Mark Shuttleworth.