Category Archives: Security Theater

Highlights from Facebook’s Libra Senate hearing | TechCrunch

Disgusting.

Perhaps the most worrying moment of the hearing was when Senator Sinema brought up TechCrunch’s article citing that “The real risk of Libra is crooked developers.” There I wrote that Facebook’s VP of product Kevin Weil told me that “There are no plans for the Libra Association to take a role in actively vetting [developers],” which I believe leaves the door open to a crypto Cambridge Analytica situation where shady developers steal users money, not just their data.

https://techcrunch.com/2019/07/16/libra-in-messenger-whatsapp/?guccounter=1

Nein! Doch! Oooh! Office 365 verstößt gegen Europäischen Datenschutz!

Reality update: Datenschützer: Einsatz von Microsoft Office 365 an Schulen ist unzulässig | heise online … :

Microsoft Office 365 darf in der Standardkonfiguration an Schulen wegen Problemen für die Privatsphäre der Nutzer derzeit nicht verwendet werden. Zu diesem Schluss ist der hessische Datenschutzbeauftragter Michael Ronellenfitsch gekommen, weil personenbezogene Daten von Kindern und Lehrern in der Cloud gespeichert würden. Auch wenn die zugehörigen Server in Europa stünden, seien die Informationen “einem möglichen Zugriff US-amerikanischer Behörden ausgesetzt”.

Online Censorship Is Coming–Here’s How to Stop It | Linux Journal

https://www.linuxjournal.com/content/online-censorship-coming-heres-how-stop-it

That’s important, because the concerns and beliefs of that “novel alliance” are closely aligned with those of the Free Software community. The new-found interest in hitherto obscure aspects of the online world and its software are an opportunity for the Open Source world to increase awareness of what it does, and to garner support for its activities. The potential for spreading the word is huge: over five million people signed an EU petition against upload filters, and 200,000 took to the streets to protest. Where new digital rights initiatives are set up to harness the recent mobilization of “digital natives”, free software coders can help people understand that open source is a key part of the solution to the problems they seek to address.

Switch your PGP keyserver, upload your key, this is important.

Reality update: Massive attacks on PGP-Keyservers, gazillion old and untrusted keys. Sorry, folks, but the web of trust didn’t work, not with that infrastructure. Here’s what you might want to do, what might help: 

Goto keys.openpgp.org and upload and confirm your key(s) – I took the liberty to highlight the important facts…:

Launching a new keyserver!

From a community effort by Enigmail, OpenKeychain, and Sequoia PGP, we are pleased to announce the launch of the new public OpenPGP keyserver keys.openpgp.org!

Hurray!

Give me the short story!

Fast and reliable. No wait times, no downtimes, no inconsistencies. Precise. Searches return only a single key, which allows for easy key discovery. Validating. Identities are only published with consent, while non-identity information is freely distributed. Deletable. Users can delete personal information with a simple e-mail confirmation. Built on Rust, powered by Sequoia PGP – free and open source, running AGPLv3. Get started right now by uploading your key!

Bringing big tech to heel: how do we take back control of the internet? | World news | The Guardian

So true, and I am happy that I was allowed to partially witness that in Brussels. Its the right way to go, and others will follow

The project will reference the world-leadingGlobal Data Protection Regulation developed by the European Union. Under the regulation, the idea that you control your data footprint has been accepted and embedded with privacy protocols placing enforceable rules on how corporations harvest and then monetise personal information. Protections include the right to be unknown and the right to be able to delete your personal records from a business that is holding them. It also includes rights for portability of data allowing, for instance, a user to take their data with them when they change banks, obligations on a business to delete a customer’s records when the customer takes their business elsewhere, as well as stringent data-handling protocols. Adopting these principles in Australia would be a significant step towards taking responsibility for the way the digital economy affects our privacy.”

https://www.theguardian.com/world/2019/jun/23/bringing-big-tech-to-heel-how-do-we-take-back-control-of-the-internet