Thursday, December 21, 2006

Behind the Magic of Anti-Censorship Software. Behind the Magic of Anti-Censorship Software. Regular Slashdot contributor Bennett Haselton writes in to say "The December 1st release of Psiphon has sparked renewed interest in the various software programs that can help circumvent Internet censorship in China, Iran, and other censored countries. (Some of this interest undoubtedly being motivated by the fact that many of these programs also work for getting around blocking software at work or school.) Have you ever wanted to understand the science behind these programs, the way that mathematicians and codebreakers understand the magic behind PGP? If you loved the mental workout of reading "Applied Cryptography", have you ever wanted a tutorial to do the same for Psiphon and Tor and other anti-censorship programs?" The rest of his editorial follows. [Slashdot: Your Rights Online] 11:07:27 AM  PermaLink   / trackback []

Lawsuit challenges government's right to read your e-mail The government needs a search warrant if it wants to read the U.S. mail that arrives at your home. But federal prosecutors say they don't need a search warrant to read your e-mail messages if those messages happen to be stored in someone else's computer. That would include all of the Big Four e-mail providers -- Yahoo, AOL, Hotmail and Google -- that together hold e-mail accounts for 135 million Americans. Twenty years ago, when only a relative handful of scientists and scholars had e-mail, Congress passed a law giving state and federal officials broad access to messages stored on the computers of e-mail providers. 11:03:53 AM  PermaLink   / trackback []

Government Has a Right to Read Your Email? Government Has a Right to Read Your Email?  gone.fishing writes to tell us that a new lawsuit is challenging the government's right to read your e-mail. The Minneapolis Star-Tribune is reporting that a seller of "natural male enhancement" products sued after a fraud indictment based on evidence gleaned from his electronic mail. Federal prosecutors say they don't need a search warrant to read your e-mail messages if those messages happen to be stored in someone else's computer." [Slashdot: Your Rights Online] 11:01:00 AM  PermaLink   / trackback []

Computer Security Expert Edward W. Felten Joins EFF Board of Directors. Computer Security Expert Edward W. Felten Joins EFF Board of Directors. Princeton Professor Behind Important E-voting Vulnerability Research San Francisco - The Electronic Frontier Foundation (EFF) welcomes the newest member of its Board of Directors, computer security expert Edward W. Felten. A professor of Computer Science and Public Affairs at Princeton University, Felten recently demonstrated the ability to manipulate results on a Diebold electronic voting machine -- showing that the equipment was extremely vulnerable to "vote-stealing" attacks that would undermine the accuracy of vote counts. Felten's research interests include computer security and privacy -- especially relating to media and consumer products -- and technology law and policy. He has published about 80 papers in the research literature and two books. Felten was the lead computer science expert witness for the Department of Justice in the Microsoft antitrust case. He has also testified before the Senate Commerce Committee on digital television technology and regulation and before the House Administration Committee on electronic voting. Felten is the founding Director of Princeton's Center for Information Technology Policy, and his weblog, at freedom-to-tinker.com, is widely regarded for its commentary on technology, law, and policy. In 2004, Scientific American magazine named Felten to its list of 50 worldwide science and technology leaders. "EFF confronts critically important issues on the cutting edge of technology and freedom," said Felten. "My research and EFF's work have often intersected over the years, and I'm very pleased to take the next step and join the board as we strive to keep the digital world innovative, free, and secure." In 2001, Felten and EFF sued the Recording Industry Association of America and the Secure Digital Music Initiative in a case challenging the constitutionality of the Digital Millennium Copyright Act (DMCA). EFF honored Felten with a Pioneer Award in 2005, which recognizes those who have made outstanding contributions to the development of computer-mediated communications and empower individuals in using computers and the Internet. He had previously served on EFF's advisory board. "I have always been a huge fan of Ed's work, using his technical expertise to expose weak and vulnerable technologies to those of us more technically challenged," said EFF Executive Director Shari Steele. "I'm delighted to have him join EFF's Board of Directors." Other members of EFF's executive board include Brad Templeton, John Perry Barlow, David Farber, John Gilmore, Brewster Kahle, Joe Kraus, Lawrence Lessig, and Pamela Samuelson. Contact: Shari Steele Executive Director Electronic Frontier Foundation ssteele@eff.org [EFF: Breaking News] 10:56:12 AM  PermaLink   / trackback []

New Firefox Version Fixes 8 Security Holes. New Firefox Version Fixes 8 Security Holes. Mozilla on Tuesday released updates to fix at least eight security vulnerabilities in its Firefox Web browser and related software. Five of the eight flaws received a "critical" label, meaning that an attacker could exploit them to break into machines running vulnerable versions of the software. Patches are available for both the 1.5.x and 2.x versions of Firefox, each of which should automatically alert you when the updates are ready for installation. Users also can install updates by clicking on "Help" then "Check for Updates." Some of the same updates also are available Mozilla's Thunderbird e-mail client, and its Seamonkey Internet suite. Mozilla did not address one particular flaw that has received quite a bit of press over the past month: A bug in Firefox's password manager that could be exploited to gain access to a victim's stored user names and passwords. Dan Veditz, a member of Mozilla's security team, said the team members thought they had a fix for the password manager flaw ready a week ago Friday, but later learned that it really didn't solve the problem. He said Mozilla currently plans to ship a fix for the problem in January. "It made the password manager pretty unusable," Veditz said. "It required a format change to the password manager file to store additional information, and doing that ran the risk of losing peoples' passwords, so we were very uncomfortable rushing it in and decided to hold off a bit." One final note: If you're using a version of Firefox prior to 1.5 (see "Help," "About Firefox" to view the version number), then it's time to install Firefox 2.0. Mozilla long ago stopped supporting or shipping patches for any Firefox versions that begin with 1.0. [Security Fix] 10:51:42 AM  PermaLink   / trackback []

Security Plan Challenged. Security Plan Challenged. Privacy group sues feds to learn how data is gathered, kept on travelers. [PC World: Latest Technology News] 10:49:42 AM  PermaLink   / trackback []

Cellphones That Track the Kids - New York Times Let's face it: we're in love with the idea of secret location trackers. In "The Da Vinci Code," the bad guys slap a location-tracking button onto Tom Hanks's clothing. In "The Matrix," a location-tracking scorpion robot crawls into Keanu Reeves's abdomen. In "Total Recall," a tracking device is implanted into Arnold Schwarzenegger's nose. Many parents may have fleetingly harbored the fantasy of equipping their children with such tracking devices (though perhaps not through their noses or navels). You could find out instantly where your teenager was, or find out that your middle-schooler didn't come home after school because of a rendezvous you forgot about. But this is one sci-fi gadget that's no longer fi, thanks to advanced sci -- satellite-based tracking based on Global Positioning System (G.P.S.) technology. At least five companies -- Wherify Wireless, Guardian Angel Technology, Disney Mobile, Verizon Wireless and Sprint -- have built G.P.S. tracking into something children carry voluntarily: cellphones. 10:47:29 AM  PermaLink   / trackback []

Akaka-Sununu Bill Corrects Many Bad Aspects of Real ID Act. Akaka-Sununu Bill Corrects Many Bad Aspects of Real ID Act. In 2005, Congress hastily passed legislation that rolled back privacy rights and moved the country towards a national ID system. The REAL ID Act states that drivers' licenses will only be accepted for "federal purposes"[~]like accessing planes, trains, national parks, and court houses[~]if they conform to certain uniform standards. The law also requires a vast national database linking all of the ID records together. Estimated costs of $12 billion or more will be passed on to the states and, ultimately, average citizens in the form of increased DMV fees or taxes. Thankfully, new bipartisan legislation could correct some of REAL ID's many flaws and add critical privacy and civil liberties safeguards. With the "Identification Security Enhancement Act of 2006," Senators Daniel Akaka (D-HI) and John Sununu (R-NH) would cancel most of the standardization that might have led to a national ID card, call for more flexible standards, require encryption of the data itself, and prohibit the use of ID data by third parties. For more information on the problems with the Real ID Act of 2005, visit www.realnightmare.org. [EFF: Deep Links] 10:44:57 AM  PermaLink   / trackback []

Help EFF Investigate Invasive Travel Screening Program. Help EFF Investigate Invasive Travel Screening Program. For several years, the Department of Homeland Security has been treating innocent travelers like suspected terrorists by using the Automated Targeting System (ATS) to assign them "risk assessment" scores. This invasive data-mining program was only recently revealed to the public, and EFF is attempting to document the system's effect on law-abiding individuals. If you have experienced difficulties when entering or leaving the United States, we'd like to hear from you. We are particularly interested in hearing from folks who have had repeated problems, or have been told by government agents that they are on a "list" or that there is some unexplained "problem" that needs to be resolved. Please share your story with us by writing travel@eff.org and providing as much detail as possible. We will treat all responses confidentially and may contact you to follow-up. [EFF: Deep Links] 10:43:12 AM  PermaLink   / trackback []