Yale Privacy Lab @privacylab@mastodon.social
An initiative of Yale ISP. We explore the connection between privacy, security, & anonymity through hands-on tech implementation.
Twenty Thousand Hz podcast episode on Ultrasonic Tracking featuring @privacylab: https://www.20k.org/episodes/ultrasonictracking
"Officials had discovered “technical irregularities” this year in its collection from phone companies of so-called call record details, or metadata showing who called or texted whom and when, but not what they said." #privacy https://www.nytimes.com/2018/06/29/us/politics/nsa-call-records-purged.html
For friends where our website is blocked: you can still download Tor Browser and access critical resources and sites.
Send a DM to @get_tor with your OS, and you'll receive download links. #censorship #privacy #freespeech #internet https://twitter.com/torproject/status/1008716280726196225/photo/1 source: https://twitter.com/torproject/status/1008716280726196225
Apple new tech to geolocate 911 calls, raising a few privacy questions... 🤔 http://www.wpri.com/news/us-and-world/apple-sets-up-iphones-to-relay-location-for-911-calls-1/1246399748 #privacy #apple #iphone https://t.co/p3VAygsnn7
"Oh, it also tracks your every move and taps your smartphone's microphone, supposedly in the name of helping to root out unauthorized match broadcasts in bars, restaurants and cafes." #privacy #futbol https://boingboing.net/2018/06/11/spanish-football-app-turns-use.html
DHS plans to massively expand its collection of data on citizens and foreigners, combining everything from biometrics to information about people’s “relationship patterns” and “encounters” with officers.
This plan is fatally flawed and must be stopped. https://www.eff.org/deeplinks/2018/06/hart-homeland-securitys-massive-new-database-will-include-face-recognition-dna-and source: https://twitter.com/eff/status/1006270018470809601
using a ~$200 USD drone: "In a paper titled 'Eye in the Sky,' the researchers describe their system... An algorithm trained using deep learning estimates poses of humans in the video and matches them to postures researchers have designated as 'violent.'" https://www.theverge.com/2018/6/6/17433482/ai-automated-surveillance-drones-spot-violent-behavior-crowds
"Industry lobbyists who want to continue monetising users’ online data are battling against new ePrivacy regulations, targeting EU member states in the Council. And some member state governments are only too happy to help." #privacy #gdpr #rgdp https://corporateeurope.org/power-lobbies/2018/06/shutting-down-eprivacy-lobby-bandwagon-targets-council
large Ticketfly data breach. Shout out to the excellent haveibeenpwned service that notifies users of #privacy disasters like this :) https://www.cbsnews.com/news/ticketfly-eventbrite-data-breach-disruption-today-2018-06-03/
"One of the major wireless carriers informed my office that it reported an SS7 breach, in which customer data was accessed, to law enforcement through the government's Customer Proprietary Network Information (CPNI) Reporting Portal." https://soylentnews.org/article.pl?sid=18/06/01/0425258
Photo CC BY-NC-SA François Proulx https://flic.kr/p/mBJ32
"The concern is that a rogue submodule can trick the Git into running code it shouldn’t outside the context of the repository. 'This allowed an adversary to exfiltrate data, pull down a web shell, plant a cryptominer or just totally own the machine...'" #security
https://threatpost.com/bug-in-git-opens-developer-systems-up-to-attack/132395/
"@eff has joined the ACLU and a coalition of civil liberties organizations demanding that Amazon stop powering a government surveillance infrastructure." #privacy #surveillance
https://www.eff.org/deeplinks/2018/05/amazon-stop-powering-government-surveillance
Set to task of compiling a blog post for the #Privacy and #Security space at #MozFest. ETA publication in a few weeks time.
Messaging is around #DATA.
Around 2,000 people show up and a wide variety of levels - newbies to world-class experts.
Any suggestions for what topics you might hope would be covered in this year's interactive sessions & workshops?
"Levy argued for a 'transparent, well managed and ordered' surveillance regime as opposed to a system that would rely on finding software flaws in order to defeat encryption. He told privacy advocates: 'If you whack governments on privacy it will only drive the vulnerability market.'"
Mozilla's #internethealth Report examines the state of privacy, inclusion, and openness online. It also shares best practices for making the web a better place: https://t.co/OsVeNG0sKu https://twitter.com/mozilla/status/1001514268892811265/photo/1 source: https://twitter.com/mozilla/status/1001514268892811265
are tides from the "Web 2.0" era turning? majority in poll won't trade privacy for free (gratis) services
"63% in poll say they are not willing to give up their personal data for targeted ads to use an online service for free”
our @diggity on GDPR: "Warning screens and verbose agreements often become software malpractice: they not only mask the poison coursing through the system, they sedate the user into a click-through coma." #privacy #gdpr https://boingboing.net/2018/05/25/gdpr-dont-forget-to-bring-a.html
great piece by @yaelwrites including Jack Balkin's concept of information fiduciaries: "Although relationships with third parties might be lucrative for telecoms, any entity collecting sensitive information like location data has a moral obligation to keep it safe."
#privacy #security
