Fingerprinting TCP/IP headers may reveal browsing activity despite encryption

I submit that this trend of revealing private online activity through second and third order effects, like fingerprinting network packet headers as described in this research, is why we still need to push for better privacy norms and regulations. There is never likely to be a perfect privacy solution, we’ll always need some reasonable expectations and legal protections as well.

Read More …

Berners-Lee’s new work to re-decentralize the web

The article mentions Berners-Lee receiving the Turing Award, often called the Nobel prize for computing. The really interesting part is the description of Solid, his work to try to crack loose personal data from the central stores where it accumulates today, in order to restore control to users of where and how their data is accessed and used. Efforts along this line aren’t new, as the article notes the are increasingly relevant as traditional protections for online privacy are increasing eroded.
Read More …

Minnesota working to protect consumer privacy from ISPs

The proposal in Minnesota still has a few steps before becoming state law. Proponents are definitely capitalizing on the attention garnered by the repeal of the FCC rules. ISPs may not have liked the federal rules, I can almost guarantee that if other states follow suit, they will like it even less. A state level push back could create a minefield that the larger ISPs would have to navigate, likely leading to them taking the most conservative approach rather than incurring the cost of state by state compliance.

Read More …

The limits of using a VPN to protect your privacy

Karl Bode at Techdirt highlights some important limitations to understand as folks rush to setup VPNs and Tor as protection against ISP overreach. Even if your traffic at your ISP is protected, it will still have to traverse at least one ISP, and likely several, on the other end who may still find value in monitoring your traffic. VPNs and Tor aren’t supported on all devices, setting them up on a home router is that much more difficult, if even possible. Bode’s sources are credible, I’ve worked with some of the network researchers he cites and quotes in this article.

Read More …

Full impact of privacy rules repeal; what you can do, too

The Register makes pretty clear that this is more than just selling what browsing history your ISP can collect. The repealed rules kept at bay some pretty terrible practices by ISPs, such as undelete-able, so-called super-cookies and search engine re-directs. So Tor or VPN it is since in the US, most of us don’t really have any alternative choices in the market.
Read More …