You are browsing the archive for Snowden.

by msmolly

Over Easy: …one more thing

7:45 am in Uncategorized by msmolly

Blog-comments

…one more thing.

This is a very late addition to the post, because it is very important for anyone who uses Linkedin AND iOS devices like iPhones or iPads. If this doesn’t apply to you, please just skip to the hoocoodanode department below.

LinkedIn ‘Intro’duces Insecurity

LinkedIn released a new product today called Intro. They call it “doing the impossible,” but some might call it “hijacking email.” Why do we say this? Consider the following:

Intro reconfigures your iOS device (e.g., iPhone, iPad) so that all of your emails go through LinkedIn’s servers. You read that right. Once you install the Intro app, all of your emails, both sent and received, are transmitted via LinkedIn’s servers. LinkedIn is forcing all your IMAP [incoming] and SMTP [outgoing] data through their own servers and then analyzing and scraping your emails for data pertaining to…whatever they feel like.

Keep reading the article; it gets worse! It lists the problems this would cause for personal and business emails. The email tech gurus at Notre Dame took this seriously enough to send an alert. If you use Exchange/Outlook, you probably aren’t affected. If you use another email client and install the Intro app, you may regret it.

Here’s a link to Linkedin’s announcement of the app. I’m not sure I believe their “update” at the end, either. I wonder how quickly they will scrap this idea, or conversely, how many people will fall for it?

LinkedIn Intro: Doing the Impossible on iOS

Now back to your regularly scheduled programming…

From the hoocoodanode department, we have these items.

Security Check Now Starts Long Before You Fly

The Transportation Security Administration is expanding its screening of passengers before they arrive at the airport by searching a wide array of government and private databases that can include records like car registrations and employment information.

If you’re anywhere near Washington, D.C., Join the Largest Privacy Protest Ever This Weekend

US Representative John Conyers Jr., Pentagon Papers whistleblower Daniel Ellsberg and actor Maggie Gyllenhaal join a chorus of prominent voices calling for an end to mass suspicionless surveillance by the National Security Agency (NSA) in a new short video released by the StopWatching.us coalition.

I recently discovered the Stop Watching Us organization, and I’m really pleased to see some grass roots protest bubbling up about our out-of-control security state. Watch the Stop Watching Us video below:

Read the rest of this entry →

by msmolly

Over Easy: …one more thing

7:45 am in Uncategorized by msmolly

Flickr - law keven - Watching you...watching me....

Watching you…watching me…

I vowed to myself that this week I was going to post about something other than surveillance, but this one is too good not to write about!

A Data Broker Offers a Peek Behind the Curtain

The Acxiom Corporation, a marketing technology company that has amassed details on the household makeup, financial means, shopping preferences and leisure pursuits of a majority of adults in the United States, is trying something new. According to the NYT, Acxiom is the “quiet giant” of consumer database marketing. It knows who you are. It knows where you live. It knows what you do.

Few consumers have ever heard of Acxiom. But analysts say it has amassed the world’s largest commercial database on consumers — and that it wants to know much, much more. Its servers process more than 50 trillion data “transactions” a year. Company executives have said its database contains information about 500 million active consumers worldwide, with about 1,500 data points per person. That includes a majority of adults in the United States.

But now Acxiom, one of the most secretive and prolific collectors of consumer information, is embarking on a novel public relations strategy: openness. On Wednesday, September 4, Acxiom unveiled a free Web site where we can all see, edit, or suppress the information the company has collected about us.

The data on the site, called AbouttheData.com, includes biographical facts, like education level, marital status and number of children in a household; homeownership status, including mortgage amount and property size; vehicle details, like the make, model and year; and economic data, like whether a household member is an active investor with a portfolio greater than $150,000. Also available will be the consumer’s recent purchase categories, like plus-size clothing or sports products; and household interests like golf, dogs, text-messaging, cholesterol-related products or charities.

From the About the Data website,

Ever wonder what kind of information determines the ads you see or the offers you receive? You’ve come to the right place. About The Data brings you answers to questions about the data that fuels marketing and helps ensure you see offers on things that mean the most to you and your family.

More from the website:
Why is data about me important to companies?
How do companies get data about me and what do they do with it?
What types of data do companies use about me?

Now, if you’re curious, you can look at the data they have about you, and you have an option to edit it, or opt out of their collecting altogether. They say the penalty for opting out is that the ads you see will no longer be targeted to your personal interests or lifestyle. To look at your data, you first enter information about yourself, a Captcha code, and agree to terms of use.

To make sure we are accessing information about the correct person, we ask for some personal information, which we then compare to our Authentication system. We do this for your protection so that we can verify that we are only giving access to Acxiom’s digital Marketing Data about you.

I took a look at my own data, and here’s what I found.

  • “Characteristic Data” showed that I’m married (I’ve been divorced since 1990), 1 child “present,” 14 years old, a surname that’s Scottish/Irish (I still use my ex husband’s last name), no political party. My children are in their 40s (no 14 year old!) and don’t live with me.
  • “Home Data” was reasonably accurate. Most of that is available from public records, and they use home value and property size ranges, not specifics. But there was no mortgage amount shown.
  • “Vehicle Data” was not found. Interesting, because I own a registered, licensed automobile, the same one for about 5 years.
  • “Economic Data” showed regular American Express credit card use (I have only one credit card, and it isn’t an American Express card), regular online purchasing (that’s true), but the other info in that category wasn’t accurate, including household income.
  • “Shopping Data” also was inaccurate. It way understated my purchasing, both in dollars (only $408!) and in frequency (3 purchases in 24 months). It says I’m a mail order responder and a mail order buyer, and it does seem to show basic categories of my purchases reasonably correctly.
  • “Household Interests Data” lists categories accurately, except I don’t have or purchase collectible antiques, nor do I own a pet.

I didn’t see any information about my…

Read the rest of this entry →

by msmolly

Over Easy: … one more thing

7:45 am in Uncategorized by msmolly

Nsa sign

NSA

Something important has been overlooked in the past few weeks amid the uproar over Edward Snowden’s whistleblowing revelations, his flight to Hong Kong and to Russia, and his recently granted asylum in Russia. To wit:

Edward Snowden’s not the story. The fate of the Internet is.

The press has lost the plot over the Snowden revelations. The fact is that the net is finished as a global network and that US firms’ cloud services cannot be trusted.

[But] the Snowden revelations also have implications for you and me. They tell us, for example, that no US-based internet company can be trusted to protect our privacy or data. The fact is that Google, Facebook, Yahoo, Amazon, Apple and Microsoft are all integral components of the US cyber-surveillance system. Nothing, but nothing, that is stored in their “cloud” services can be guaranteed to be safe from surveillance or from illicit downloading by employees of the consultancies employed by the NSA. That means that if you’re thinking of outsourcing your troublesome IT operations to, say, Google or Microsoft, then think again. (my bold)

Most of us have become increasingly dependent on the Internet and the services we access there. We store private information in “the cloud” services provided by one or more vendors. But this could change drastically as we realize how vulnerable our personal information is to government surveillance when these companies are required to turn over everything. The realization has not been lost on foreign companies.

More:
Why NSA Surveillance Will Be More Damaging Than You Think

As long as they operate in U.S. territory and under U.S. laws, companies like Google or Facebook had no choice but to comply [with government orders]. But people around the world who have a choice about where to store their data, may understandably choose to avoid leaving it with companies subject to the way America now defines its security interests. (my bold)

The fact that these companies have been data-mining our personal information for their own ad-targeting commercial purposes is a risk known to most of us, or should be by now. The demands the U.S. government has placed on these companies are, for the general public, the main news of the Snowden revelations. It has been subsumed by the disclosures of the extent of the surveillance (and sidetracked by the distractions about Snowden’s saga, his personal story, etc.).

And more:
U.S. Cloud Companies Suffer from NSA PRISM Program

Media accounts of the PRISM program based on Snowden’s leaks have created a perception that the U.S. government has unlimited and direct access to data stored on the servers of companies like Google and Microsoft. The long-held suspicion that the U.S. government will be able to freely access foreign users’ data under the PATRIOT Act has been fueled by foreign cloud companies and some state officials who are pressing for policies that would effectively require foreign providers to establish local data centers in their own countries.

Still more:
U.S. cloud firms face backlash from NSA spy programs

A Cloud Security Alliance (CSA) survey found that 10% of 207 officials at non-U.S. companies have canceled contracts with U.S. service providers following the revelation of the NSA spy program last month. The alliance, a non-profit organization with over 48,000 individual members, said the survey also found that 56% of non-U.S. respondents are now hesitant to work with any U.S.-based cloud service providers.

In the full survey, more than half of 456 representatives of companies in the U.S., Europe and Asia said they are less likely to use American cloud service providers because of concerns over U.S government access to their data.

Finally:
Why wasn’t the NSA prepared?

In the coming weeks, Congress and the civilian defense leadership will have to ask a lot of questions about the National Security Agency’s surveillance programs, and how to reconcile them with privacy concerns. But they will also have to ask a more basic set of questions: Why on earth wasn’t the NSA prepared for this? Why didn’t the intelligence agency’s leadership have a plan to deal with the global outcry that would follow the leak of classified Internet surveillance programs?

[...]

This mistrust of these companies is particularly damaging to the cloud computing services, a sector led by American firms like Microsoft, Google and Amazon. Many countries have talked about limiting use of American firms, or requiring data be kept locally, dramatically raising the cost of trade, and potentially locking many U.S. companies out of lucrative foreign markets. More generally, the complicity of American firms in safeguarding America has raised suspicions about all American firms.

An unexpected and unwelcome downside to Snowden’s exposure of the NSA surveillance, and the long overdue and welcome worldwide debate it has produced, is the hit to U.S. firms caused by the revelations. And yes, of course most of us wouldn’t mind having Google and Microsoft reined in, but the fallout may be much broader and more damaging to our still-fragile economy.

UPDATE: For more “fallout” please read Kevin Gosztola’s post from yesterday about email services shutting down.
Email Service Snowden Was Reportedly Using Shuts Down

Photo by National Security Agency [Public domain], via Wikimedia Commons