Firefox adopts technique from Tor to blunt browser fingerprinting

The change, to curtail access to the Canvas API, is incremental and likely to be limited in how it is visible to regular users. However it signals some progress in a collaboration with the Tor project to incorporate code and ideas that benefit the privacy features of Firefox and Tor Browser. The Register’s write up includes a pretty good explainer on fingerprinting and why finding ways to mitigate it is important.
Read More …

FBI still arguing for “responsible encryption”

Why is this still a thing? There is no such thing as encryption only law enforcers can bypass. The math and computer science on this is pretty well settled, not to mention the terrifying unintended consequences that would be unleashed should the FBI should get its wish. Thankfully, EFF is still on top of this, as Kurt Opsahl does the usual solid analysis taking this to task and taking it apart.
Read More …

Defensive computing and why we need it

Mike Loukkides defines defensive computing through a few examples and more importantly argues in broad strokes why we need it. Definitely bolsters my argument that neither technology nor policy on their own are sufficient to defend our online interests, such as privacy. We need smart technology that deals with the actual realities of how networks work and smart policy that shores up our expectations with strong accountability.

Read More …

House Republican unveils internet privacy bill

The Hill has the details of Blackburn’s bill which are exactly what the right said they wanted when they repealed the FCC’s pending privacy rules. Worth noting is that this would apply to ISPs and content companies alike along with moving oversight and enforcement to the FTC. No idea if this will shore up the FTC’s authority but the concern I have is its track record in this space, which is not great, and the fact that it traditionally has had far fewer staff technologists to help with efforts like these than the FCC.

Read More …

2017-05-07 The Command Line Podcast

This is an episode of The Command Line Podcast.

I talk about the privacy rules repeal at the FCC and the fight starting to shape up again over network neutrality.

You can directly download the MP3 or Ogg Vorbis audio files. You can grab additional formats and audio source files from the Internet Archive.

Creative Commons License

This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.

Fingerprinting TCP/IP headers may reveal browsing activity despite encryption

I submit that this trend of revealing private online activity through second and third order effects, like fingerprinting network packet headers as described in this research, is why we still need to push for better privacy norms and regulations. There is never likely to be a perfect privacy solution, we’ll always need some reasonable expectations and legal protections as well.

Read More …