The limits of using a VPN to protect your privacy

Karl Bode at Techdirt highlights some important limitations to understand as folks rush to setup VPNs and Tor as protection against ISP overreach. Even if your traffic at your ISP is protected, it will still have to traverse at least one ISP, and likely several, on the other end who may still find value in monitoring your traffic. VPNs and Tor aren’t supported on all devices, setting them up on a home router is that much more difficult, if even possible. Bode’s sources are credible, I’ve worked with some of the network researchers he cites and quotes in this article.

Read More …

Full impact of privacy rules repeal; what you can do, too

The Register makes pretty clear that this is more than just selling what browsing history your ISP can collect. The repealed rules kept at bay some pretty terrible practices by ISPs, such as undelete-able, so-called super-cookies and search engine re-directs. So Tor or VPN it is since in the US, most of us don’t really have any alternative choices in the market.
Read More …

2015-12-05 The Command Line Podcast

old-newspaper-350376_1280This is an episode of The Command Line Podcast.

This time, I chat about some recent news stories that caught my attention, including:

You can subscribe to a feed of articles I am reading for more. You can follow my random podcast items on HuffDuffer too.

You can directly download the MP3 or Ogg Vorbis audio files. You can grab additional formats and audio source files from the Internet Archive.

Creative Commons License

This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.

2015-11-15 The Command Line Podcast

old-newspaper-350376_1280This is an episode of The Command Line Podcast.

This time, I chat about some recent news stories that caught my attention, including:

You can subscribe to a feed of articles I am reading for more. You can follow my random podcast items on HuffDuffer too.

You can directly download the MP3 or Ogg Vorbis audio files. You can grab additional formats and audio source files from the Internet Archive.

Creative Commons License

This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.

Help Support a Critical, Free Software Privacy and Security Tool (Updated)

I noticed an update from the GNU Privacy Guard project (gnupg or gpg) come across my feeds the other day. If you have received an email from me that has a digital signature if you know what that is or a bunch of gobblety-gook characters at the bottom if you don’t, the tool that makes those signatures possible is gnupg.

More people seem aware of what encryption is and why it is important. We have had a string of increasingly distressing leaks, the ones from Edward Snowden just the latest, about how many governments in presumed open societies are participating in some very questionable trawling of their citizens’ personal communications. For those still not sure why encryption is important, it is the one technology answer everyone can agree upon that allows individual citizens any sense of secrecy and privacy in their online communications, regardless of who may want to snoop on it and how well resourced those eavesdroppers may be.

gnupg is especially important as it is is both free of charge and freely licensed. That second point is critical, it means that gnupg is open to scrutiny from any expert to help ensure it is free of back doors or other problems that might compromise its effectiveness. For users of alternate operating systems like BSD and GNU/Linux, it is often the only choice for certain applications of encryption. Thankfully, it happens to be a usable and useful one that interoperates with the commercial, proprietary choices available to users of more mainstream operating systems.

That post from the gnupg folks? They are in clear need of help in terms of funding.

Work on GnuPG is mostly financed from donations. To continue maintaining GnuPG so to keep it strong and secure against the ever increasing mass surveillance we need your support. Until the end of November we received a total of 6584 € (~5500 net) donations for this year. Along with the 18000 € net from the Goteo campaign this paid for less than 50% of the costs for one developer.

For a critical project of this size two experienced developers are required for proper operation. This requires gross revenues of 120000 Euro per year. Unfortunately there is currently only one underpaid full time developer who is barely able to keep up with the work; see this blog entry for some backgound. Please help to secure the future of GnuPG and consider to donate to this project now.

Support for half of one developer for a project that could easily engage a handful, full time, year round. Do please consider making a donation and if you are unfamiliar with gnupg, spend some time on the project site. It really is a great tool.

Updated 2014-01-06: At the request of the primary author of gnupg, I changed the title and a reference to GNU/Linux in recognition of gnupg’s formal status as part of the umbrella GNU project.

NYPD Anti-Terrorist Cameras Used for Much More

I wish I could say that this New York Times piece linked to by Slashdot surprises me in the least. It isn’t entirely clear that this is a case of mission creep. That uncertainty may be intentional, remarks from the law enforces responsible make it sound like they envisaged use of this growing network of automated cameras in regular criminal investigations was envisioned all along. The key question is whether that was part of the policy that funded their purchase, deployment and operation in the first place.

Donna Lieberman, the executive director of the New York Civil Liberties Union, nails the problem with the system right on the head.

She said it was hard to tell whether interest in “effective and efficient law enforcement” was being balanced with the “values of privacy and freedom.”

“We don’t know how much information is being recorded and kept, for how long, and by which cameras,” Ms. Lieberman said. “It’s one thing to have information about cars that are stopped for suspicious activity, but it’s something else to basically maintain a permanent database of where particular cars go when there is nothing happening that is wrong and there is no basis for suspicion.”

Most of the uses listed in the article seem innocuous enough but we don’t know if the system is restricted to just effectively extended human driven BOLOs. Operational transparency and privacy safeguards should really be inviolate conditions of establishing networks like this. How else can the public interest hold them accountable and audit they are not in fact creeping in their mission? Too bad that point is really only a very small part of the article which otherwise largely lionizes the cameras.

NYPD Anti-Terrorism Cameras Used For Much More, Slashdot