feeds | grep links > Outbound SSL and Search Engines, New Hefty Tome on Canadian Copyright, Free as in Hardware, and More

  • SSL in outbound links from search engines
    EFF has a great post that discusses how search engines could help our privacy even further by linking to encrypted versions of pages in their results where possible rather than the plain text. Not surprisingly, the privacy conscious search engine, Duck Duck Go, is already doing this. I switch the search engine in my browser some time back to DDG and each new announcement of the concrete steps they are taking to protect my privacy makes me feel that much better about my choice.
  • New book on Canadian digital copyright is out, including a free electronic edition
    Cory shares the news from Michael Geist about this book from Irwin Law. At over six hundred pages, this is a considerable commitment to the subject. The focus is primarily on the most recent copyright debates in Canada, centered on the hotly contested bill C-32. The free PDF version is available under a Creative Commons license making the wealth of material available to, as the cover blurb suggests, be used freely to improve directly the quality of the discourse.
  • The BBC covers the crowd funded plan to build a working analytical engine, BBC via Hacker News
  • FSF launches a hardware focused initiative
    According to the H, the “Respects your Freedom” program is an endorsement based on a device using free software, being built with free software, and allowing user installation of modified software. This reminds me of Neuros’ Unlocked mark from a couple of years back as it is also trying to draw attention to manufacturers that support end user freedom, an increasingly important issue when anti-jail-breaking stories seem to be showing up with increasing frequency.
  • Government admits to Facebook spyring, Slashdot
  • Suit claims Facebook leaked real names of users to advertisers, The Register

feeds | grep links > Hotels Held to ISP Regulations, Another Interactive HTTP Tool, and More

Quick Security Alerts for the Week Ending 10/10/2010

Facebook Profile Download Is Not Data Portability

I was one of the ones who quickly and without much thought applied the label of portable to one of the new features Facebook announced yesterday, specifically the ability for users to download their own profile data. Alisa Leonards, communications chairperson of the DataPortability project clarifies what portability should really entail and how Facebook misses the mark.

Data portability is the idea that users are, and should be, in control of their data, how its used, and have access to it at any time. Beyond this, data portability inherently implies data interoperability— the ability for your identity and social graph data to be used across any site or service, as controlled by the end user, and therefore requires the use of open web standards. Facebook’s “Download Your Info” is NOT data portability. It is data accessibility.

That is more than just a definitional point. First, she is speaking to a much more functional notion of portability. You should be able to move about to different messaging, identity and other social service providers seamlessly, without an interruption in your connection of friends and acquaintances. That is what she means by interoperability.

Second, as she goes on to make clear, Facebook’s TOS are unchanged. You are at most making a copy of the data they will retain on their servers. You cannot execute a hard delete after you’ve downloaded your data.

There are other, more nuanced concerns about how this all works in practice, too. EFF has an excellent post amplifying Leonard’s points. While they give Facebook some credit, EFF also holds their feet to the fire on similar gaps in true portability and the privacy implications that arise from those omissions.

Why downloading your data is not data portability, DataPortability Blog

TCLP 2010-08-22 News

This is news cast 223, an episode of The Command Line Podcast.

In the intro, an obligatory reminder there will be no new shows on the 29th, the 1st and the 5th because of Dragon*Con. Also, if you are in the north west of the UK, check out U^3 an UnWorkShop being held the 28th of August.

This week’s security alerts are a Firefox bug bypasses URL protection for embedded frames and an old Linux Kernel flaw allows exploits to acquire root privileges.

In this week’s news the end of privacy, a new probabilistic processor design, a thirty year old crypto system is resistant to quantum cryptanalysis, and privacy concerns (among others) over Facebook’s new Places feature. The EFF already has a guide to protecting your privacy against it.

Following up this week EFF appealing the Jewel v. NSA warrantless wiretapping case and negotiators concede ACTA isn’t about counterfeiting after all.

[display_podcast]

View the detailed show notes online. You can also grab the flac encoded audio from the Internet Archive.

Creative Commons License

This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.

Quick Security Alerts for the Week Ending 8/22/2010

Security Alerts for the Week Ending 8/15/2010

Security Alerts for Week Ending 8/8/2010

Following Up for the Week Ending 8/1/2010

Security Alerts for the Week Ending 8/1/2010