Re: [liberationtech] Securing Email Communications from Facebook offering PGP support
On 06/01/2015 12:35 PM, Thomas Delrue wrote: On 06/01/2015 01:46 PM, Steve Weis wrote: Hi Libtech. Facebook added support to put a PGP public key to your profile and optionally use it to encrypt email notifications that are sent to you: https://www.facebook.com/notes/protect-the-graph/securing-email-communications-from-facebook/1611941762379302 Forgive my ignorance but what is the point of this 'feature'? Wouldn't FB (and thus anyone able to coerce FB as well) still have the unencrypted data? Wooden leg, meet band-aid. Facebook is offering end-to-end encryption. If you don't trust the other end of an end-to-end connection, this won't help that particular problem. But there are plenty of well-attested benefits of end-to-end encryption for all sorts of other threats. Thanks, Parker -- Parker Higgins Director of Copyright Activism Electronic Frontier Foundation https://eff.org 815 Eddy Street San Francisco, CA 94109-7701 I prefer to use encrypted email. Public key: https://www.eff.org/files/2014/11/03/gphkey.txt Fingerprint: 4FF3 AA1B D29E 1638 32DE C765 9433 5F88 9A36 7709 Learn how to encrypt your email with the Email Self Defense guide: https://emailselfdefense.fsf.org/en/ -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Securing Email Communications from Facebook offering PGP support
On 06/01/2015 04:20 PM, John Sullivan wrote: Thomas Delrue tho...@epistulae.net writes: On 06/01/2015 06:19 PM, z...@manian.org wrote: For their notification system, FB is leveraging GPG as an identity provider to say only a person who has a certain private key should be able to reset access credentials for this account. I had not thought of this and I think that this is a good point. I do however question whether this is the purpose of this feature, I think it is more of a side-effect. It may also help them reduce phishing/spamming, if enough users use it -- phony Facebook notifications are pretty common, and that's one thing this addresses pretty well. By the same token, another non-obvious problem this could address is password resets. At first glance it looks like this effectively raises the level of your (knowledge-factor) security from that of your email inbox to that of your private key. Thanks, Parker -- Parker Higgins Director of Copyright Activism Electronic Frontier Foundation https://eff.org 815 Eddy Street San Francisco, CA 94109-7701 I prefer to use encrypted email. Public key: https://www.eff.org/files/2014/11/03/gphkey.txt Fingerprint: 4FF3 AA1B D29E 1638 32DE C765 9433 5F88 9A36 7709 Learn how to encrypt your email with the Email Self Defense guide: https://emailselfdefense.fsf.org/en/ -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Does anyone know a celebrity who feels strongly about privacy issues?
On 8/12/13 1:45 PM, Sarah A. Downey wrote: Ashton Kutcher has talked publicly multiple times about the value of privacy, both in his personal life and as an investor. He made some comments today that were sort of unfortunate in that area. http://news.moviefone.com/2013/08/12/ashton-kutcher-steve-jobs-interview/ Thanks, Parker -- Parker Higgins Activist Electronic Frontier Foundation https://eff.org Please note our new address: 815 Eddy Street San Francisco, CA 94109-7701 -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secret European deals to hand over private data to America
It was an Observer article, which shares a website with the Guardian despite separate staff and editorial. It was also heavily dependent on Wayne Madsen as a source, and he is a crackpot. Guardian removed the article when they discovered what happened. Check Glenn Greenwald's timeline on Twitter for many explanations of that series of events. Parker Jurre andmore drw...@gmail.com wrote: Oddness all over the place, it seems the story has been pulled by the Guardian. Anyone who knows more? 2013/6/29 Paul Bernal (LAW) paul.ber...@uea.ac.uk: None of this should be surprising, should it? It's a reasonable assumption that all intelligence agencies share their data on a pretty regular basis - certainly with 'friendly' nations, and almost certainly with others, on a quid pro quo basis. It's always been that way. On 29 Jun 2013, at 21:42, Jurre andmore drw...@gmail.com wrote: There was a hearing last week in Dutch parliament about PRISM. There was another interesting point being discussed a rumor that the TAT-14 cable in Katwijk was being eavesdropped. Not only is it eavesdropped, but data is shared with the US! Article below: Revealed: secret European deals to hand over private data to America Germany 'among countries offering intelligence' according to new claims by former US defence analyst At least six European Union countries in addition to Britain have been colluding with the US over the mass harvesting of personal communications data, according to a former contractor to America's National Security Agency, who said the public should not be kept in the dark. Wayne Madsen, a former US navy lieutenant who first worked for theNSA in 1985 and over the next 12 years held several sensitive positions within the agency, names Denmark, the Netherlands, France, Germany, Spain and Italy as having secret deals with the US. Madsen said the countries had formal second and third party status under signal intelligence (Sigint) agreements that compels them to hand over data, including mobile phone and internet information to the NSA if requested. Under international intelligence agreements, confirmed by declassified documents, nations are categorised by the US according to their trust level. The US is first party while the UK, Canada, Australia and New Zealand enjoy second party relationships. Germany and France have third party relationships. In an interview published last night on the PrivacySurgeon.org blog, Madsen, who has been attacked for holding controversial views on espionage issues, said he had decided to speak out after becoming concerned about the half story told by EU politicians regarding the extent of the NSA's activities in Europe. He said that under the agreements, which were drawn up after the second world war, the NSA gets the lion's share of the Sigint take. In return, the third parties to the NSA agreements received highly sanitised intelligence. Madsen said he was alarmed at the sanctimonious outcry of political leaders who were feigning shock about the spying operations while staying silent about their own arrangements with the US, and was particularly concerned that senior German politicians had accused the UK of spying when their country had a similar third party deal with the NSA. Although the level of co-operation provided by other European countries to the NSA is not on the same scale as that provided by the UK, the allegations are potentially embarrassing. I can't understand how Angela Merkel can keep a straight face, demanding assurances from Obama and the UK while Germany has entered into those exact relationships, Madsen said. The Liberal Democrat MEP Baroness Ludford, a senior member of the European parliament's civil liberties, justice and home affairs committee, said Madsen's allegations confirmed that the entire system for monitoring data interception was a mess, because the EU was unable to intervene in intelligence matters that remained the exclusive concern of national governments. The intelligence agencies are exploiting these contradictions and no one is really holding them to account, Ludford said. It's terribly undermining to liberal democracy. Madsen's disclosures have prompted calls for European governments to come clean on their arrangements with the NSA. There needs to be transparency as to whether or not it is legal for the US or any other security service to interrogate private material, said John Cooper QC, a leading international human rights lawyer. The problem here is that none of these arrangements has been debated in any democratic arena. I agree with William Hague that sometimes things have to be done in secret, but you don't break the law in secret. Madsen said all seven European countries and the US have access to the Tat 14 fibre-optic cable network running between Denmark and Germany, the Netherlands, France, the UK and the US, allowing them to intercept vast amounts of
Re: [liberationtech] Yes, we scan!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 6/9/13 10:19 AM, fukami wrote: [...] The 1227x1658 version available here: http://www.flickr.com/photos/nerdcoreblog/8989863112/sizes/o/ Yes, we scan will probably be used as one of the main slogans in protests against Obama when he will visiting Germany in 9 days. He has truly disappoint many many Germans, but it's a matter of fact that this whole story helps us a lot in some of the political discussions we have in Germany and the EU right now (i.e. EU regulations on data protection and data retention). It's a beautiful graphic, but I'm conflicted about the use of the slogan, as it's also the name of Carl Malamud's excellent campaign to digitize the resources held in various American archives. See: http://yeswescan.org/ But oh well, this is important too. Good luck! Parker - -- Parker Higgins Activist Electronic Frontier Foundation https://eff.org Please note our new address: 815 Eddy Street San Francisco, CA 94109-7701 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.13 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRtTCnAAoJEJQzX4iaNncJDc8P/AnI66UKxpCWqHxkNOvfiza6 AGTT/faOP/xRTzLZPCcIdv9Z4wMt8LmlAMP6fT3ix3qHRM45IOVfVAZhk7xr+VGi VwPvQS0GyKEfYeRABiWx/+ko6y0VCQbNa5F11NRdepzoYqAfaDeLEVmTQdPknQqf eZDNKq5ZYtReQh10c9Gm3xlpEcAfAAkKCdaSFiKyVK77T5fBwwrBHeFjSLavk0OA oIcBcxGd9o6V58YCJh5E6diOjntJwsWeStCFIZMYx24+IDOAaeFAINL3N/jkY7wP QGCRZapEga35KfqmxXSpzVAzbVKxeaRpjEOC44mQY/QnTWyOF97z9eT3Md9iOHuE umwV9mkX4dxSEaPVWIOv2celADSMkn49YOFIp8f2tmjaQfTcI/xO7jqwyI/wUSC+ 4XjGGznfVYL6k5/yVL51L4aQzQU7z2CYAOuGHHqWFIpP8Ch/KRMH/IPRC7H4Ohrg 8/gJ7C2oPBXRotazN8I7wcMv6WcNSOyS73YeKsucqyHVrZNIxHPCiVGU+pp7jZli a5bdPluCZN49PTx0KblYoGBW9toNaguwEbIdL1Bp+1ZiXhHrr/aDrX04tgaS/smu JZbObNuciag8mEjmqjvYQXrMhJfT3vy8iJMavJN/tZsglT0rge4qaTG3H9jrhp43 kTNX9EjosX9jAkBOZkcZ =UKGM -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Drones
The person who compiled that list is very active on the Stanford Drones list that Yosem sent around a link to just the other day. I haven't done extensive vetting, but I'm sure he'd be willing to explain how he came to his conclusions over there. Thanks, Parker On 2/26/13 4:31 AM, tata dano wrote: This is quite interesting topic. Thank you for sharing. On Tue, Feb 26, 2013 at 5:58 PM, Andreas Bader noergelpi...@hotmail.de mailto:noergelpi...@hotmail.de wrote: There is an interesting conclusion on drone nations at cryptome. http://cryptome.org/2013/02/drone-nations.htm Any ideas if this is authentic? Andreasg -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu mailto:compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Linux Registered User #383849 http://lakbaytaodev.com/ http://tdanotech.blogspot.com http://atats.blogspot.com/ http://sedemdbs.blogspot.com/ -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Parker Higgins Activist Electronic Frontier Foundation https://eff.org -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Freeze the memory out of a galaxy nexus?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2/21/13 10:32 AM, Brian Conley wrote: Any idea why the researchers would posit that iOS devices may be less susceptible? Not sure if this is what they have in mind, but this particular technique requires a battery pop to get into fastboot mode, which isn't quite as available on iOS devices as these Android ones. On Thu, Feb 21, 2013 at 10:08 AM, Steve Weis stevew...@gmail.com mailto:stevew...@gmail.com wrote: This is a good illustration how data in use is exposed to physical attacks on most computing devices. An interesting side-note is that Android phones are starting to ship with a hardware security module (HSM), which can be used for crypto operations and key storage. Duo Security is one company that started using the HSM to store credentials: http://siliconangle.com/blog/2013/02/19/simple-to-scale-duo-security-uses-android-hardware-for-its-own-hack-resistance/ I haven't found much about the capabilities of these HSMs. It's not a silver bullet since they may still be key material exposed in memory, but I think it's a positive development. - -- Parker Higgins Activist Electronic Frontier Foundation https://eff.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRJmlPAAoJEJQzX4iaNncJU1UP/jlg5E78XGOYu3KWpRwS6tCM 8eMXPANGvv3CVBhlL8WNe9HsdpyGOJVAvztdUUGiZ40HkYN7KXn/xY7Ar7TSsa8W iwT/jjwbJO7WRkl8gW/MxrQJF8SAIwgzbZ9lJ2745e7MODS6qLyMaha8B/jou1ni OMy7G907qrM4mLiSYdS8vKNJ89kDMMT04iX9phHDRHscBDot7dRhY+bAeBKV6H3W HUG5neWGKrRNW1altAFZWdKEYobQkvC/TWRLbfcr825t+ilJjeXzGw3WFom2mkto nKn1LLG6LTb94TK3x7ev8paecRthkpxPHjFd8aAmsEovvPzmNUr6fN538eII2jTW oARxCDcm8A/i4swoJEBVanFAzYNCs5ADgKYQ1EUtJAhdYDTT5Ml2kfwWUTIeyynW +pFlR+LivnfBl40ursbrYjVIk5Kgu1uY4V4pdY7JIw5JrCqiTMvAFjZrWJGaY4L/ oiMSPb4bmZGMS2J8/VgNR/NF6vapckcN3m1J6jf8jbKsyUojjWCrrfh5D3FTvULM LAeT5ku31eV07MWQQeVIleBGbwQEp6uyY65U2uoieL0DvpRox/FNkZO1XhmcMxkr Tok0QavnNOr0Zt4G/4MyFqPAjR3kh+W+KlGhba5Qzfz6FSj2/7/3CegET5FaV4JT ScwShlIBQwiHzYqIaMpb =jTAu -END PGP SIGNATURE- -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Privacy in Ubuntu 12.10
Thanks Douglas! I'm not exactly a neutral party, as I work with Micah at EFF, but I want to second your opinion and thank Micah in particular for his work on this issue. Back 18 months ago he was already explaining the alternate installer and pushing for default inclusion: https://www.eff.org/deeplinks/2011/05/help-bring-disk-encryption-ubuntu-live-cd So thanks Micah :-] -Parker On 11/8/12 11:48 AM, Douglas Lucas wrote: I want to chime in here to thank EFF for encouraging Ubuntu to do this and encourage everyone who appreciates it to donate to EFF: https://supporters.eff.org/donate I'm sure many of us have had and continue to have the experience of wanting to nudge someone over from OS X or Windows to GNU/Linux and LUKS full disk encryption, but the process got roadblocked at some point because using the alternate installer to config the partitions and all for FDE was just too much of a hassle for parties involved. Now FDE is just a tickbox in the default installer. How cool is that? So again, donate! :-Douglas On 11/08/2012 01:34 PM, Micah Lee wrote: On 11/08/2012 05:18 AM, Niels ten Oever wrote: Dear Micah, Small correction to your piece: Selecting full disk encryption in the installer GUI was already possible in Ubuntu 12.04. The explanation wasn't as clear as it is now though. Before 12.10 the Ubuntu GUI installer only let you set up home directory encryption using encryptfs, which is different than full disk encryption. This option is still there in 12.10, and you can choose to use it as well as full disk encryption if you want (I can't see how it could help though). With encryptfs home directory encryption, all of the individual files in your home folder get stored encrypted on the disk, but a lot of data about your files still gets leaked. The directory structure, file size, timestamps, etc. don't get encrypted, only the contents of the files. And it's also only your home directory that gets encrypted, not your whole disk. So for example, if you have any mysql databases on your computer, that data gets stored in /var/lib/mysql and therefore won't get encrypted. When you're not encrypting your whole hard drive, evil maid style attacks become much easier. If someone gets physical access to your computer for just a couple minutes, they can boot to a live cd and replace your /usr/bin/ssh or /usr/bin/gpg with malicious versions. The full disk encryption that's offered in 12.10 uses luks and differs in many ways from encryptfs home directory encryption. It creates full encrypted file systems, which means that no meta data about the files on your computer get leaked. The key that's used to unlock the luks partitions are encrypted with a separate passphrase that isn't your user password, and you have to enter this each time you boot your computer, which is more secure since user passwords tend to not be long passphrases. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Parker Higgins Activist Electronic Frontier Foundation https://eff.org -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] best practices - roundup
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Katy, Excellent list. Sorry I'm late to the game, but if you're traveling to one Internet hostile regime in particular -- and here, I'm referring to the US -- you or others may find this EFF whitepaper on border crossing to be useful. https://www.eff.org/wp/defending-privacy-us-border-guide-travelers-carrying-digital-devices Thanks, Parker On 10/9/12 9:23 AM, Katy P wrote: Best practices for traveling to an internet-hostile regime. There is a lot of variance - obviously the regime's capabilities as well as one's own visibility come into play. And, if it isn't obvious, I'm not a security expert. This is not official, legal advice. Everyone needs to research this on their own and make good decisions for themselves. If you're really not tech-savvy, it might be worthwhile to hook up with a tech-savvy friend (or IT professional) to do some of these steps. Regardless, here are some hints from the community: BEFORE YOUR TRIP - your laptop and mobile device should be ones that are fresh - factory reset to the original operating system and best case would be burners -- devices that you can factory reset upon return home (some suggested also using a bootable Linux install) - do not link your Dropbox, GDrive, or other file service at any time - do not be logged into GMail, social media sites, etc. - be careful with what photos you have on your phone (before leaving the country especially) - have a virus scanner installed - make sure that all software is up-to-date (Windows Updates, virus scanner) - any sensitive data/documents should be on a USB drive, not kept in an obvious place (like throw it in with your toiletries or something) with an encrypted volume - change all of your passwords to something very secure before your trip - install TOR - consider a mobile security app (Here's a review of some Android ones: http://www.digitaltrends.com/mobile/top-android-security-apps/) - encryption may be illegal and may cause more concern AT THE AIRPORT: - don't be logged into anything - be polite - don't be nervous DURING YOUR TRIP - when on WiFi, DNSCrypt http://www.opendns.com/technology/dnscrypt/ - set up a VPN connection - never leave your devices anywhere (even hotel safe) - assume phone conversations are monitored - turn off GPS - turn on encryption for your social media sites (Facebook encryption http://www.facebook.com/help/?faq=215897678434749 Twitter http://blog.twitter.com/2011/03/making-twitter-more-secure-https.html) - - some suggest having a different burner social media account - be careful posting pictures and updates during trip LEAVING THE COUNTRY - if possible, it might be a good idea to do a factory reset on devices before going to the airport (??) - upon return, do factory resets of all devices - change passwords upon return Thanks to everyone that made suggestions. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech - -- Parker Higgins Activist Electronic Frontier Foundation https://eff.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (Darwin) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iQIcBAEBAgAGBQJQdF7TAAoJEJQzX4iaNncJRX0P/RJ6j52WS82MrhphAACYLmf3 6piCAtmjroMYfS+vMdXmcWVbJcR8PHo2W93PPuZcWxXuZJ9oxEkL5X6yDhs8ujcN m0XBK5U19/Sl+6Go18p+1Wwd6Q0bWLJAYeU4T+wKHZ6KBTlw9GzadfFKUXdIzp99 W+Xpe4ye429AJBxMs+LE/oJ88Fuu9eD61mwWD++M6VgXvA2kIsZ+2WGwHdR4xkfP xhnbaQw+MlFzTBx9W8ZkWcYG6gR4QDIEQxFC+NczBLYbkEz8uZ8oFFB6raUaBjSN G5zouS3FGvgaaufMMHedp0Aj70aFTgHYuif4y1e4c47w1D+h5Fv6ajU5rUbLlbmh mBi056jw5us2N9u7wWjna9z6lUWrPe4pJVlUb+lcUgCR2Eg5ezW8dGoaBzQC+Gtg Zg3wNNA34G43D0WuUkzU1m8IQewHXUsawtji/RC05YdPXqTER63S02f1iDMbRt1l bn7t4TEmWo8Dbe1AZmls1usi0WOc4pxflrV2UFvhSVF2RXUVuHC4C9BI5cDyd83g 1UH6nRtREo9ybwg2OhXQIOTecsDz+yejU6gWpLMLkhqlBNhLfjrmbqe5aZHXq7A/ yrNj/wS1m5IAOUnAIf+mZaRaa6Tggk80qAa/4EvPySeucGGExFnWiqCVfB3jeJAi MwGq8qRxMxyMcDU3WRTQ =4wVS -END PGP SIGNATURE- -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] If we want to be anonymous in #azerbaijan we take batteries out of our cellphones
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 6/18/12 8:36 AM, Yosem Companys wrote: Hi Liberationtech folks, is this always the case? I've heard cases where people can still be tracked whether they have batteries in their cell phones or not... I've spoken with mobile security researchers who have given me the impression that this theory hasn't been tested very much. It's theoretically possible that some phones could be recording or transmitting without the main battery, but the equipment that would be required to test is prohibitively expensive and you'd have a hard time demonstrating anything but an evidence of absence. P - -- Parker Higgins Activist Electronic Frontier Foundation https://eff.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJP32WQAAoJEJQzX4iaNncJdPwP/3Vx9UdDXfHuw1vLWM/03eG7 WSU2OxTIBxcrtO7JDhv+pIkeq5p/uOpK+C/Oj9ZbYX5g0GtjM9d8EOldUqXWd6xk qNHEG1OtgBmJTxin7EmJSBvOpjIkGWcMqiAsyRbtp09ZcwAZYg3fgP0c8zI3bLKV hza9VULg/E3Wf5ng5vf7Md3pnKLwMadAOIO4jzoRaBSfHsPvOxblC1ppudBc/oNG S19KSxbLeqKHz6bk+paH9GpK5Vde+lfz3iuWA/bRkKC3S4zCcaYlJMlUpj8l2A0F 7gzzaiq9qOPFdZuim0W/9vrPEdGaphlr8ZFMEgk6U2C1wY24gr6Ge9QJ79q8hSI2 KBwcYYBS3KQ27gV+x9niGoH3apIQw+FGP9RXfPywNkMaqfw7masvd4qYfwDrR76+ iwJwF6Vfz2SOmualE6jN+g27pzJ/X4HrYs3vJYNc8pqg1ehDeQ2Nz0UlCc2yZPOu 0FeLG420YeHXU0/mSXSDhfv65cGkYqmF1Gxdmj9axgLpGPuYJfuF1izZGiSrVSfD mujdmdyNaMemPnmZEjUMUGirbUhGE/9/+pjQDHNx6jsJpV/xjXqRWH0lgiRmzLun BNVbdwJLsUVIG19/UcQlws+stOOKxMKhYsrfYAVEYnaGaPGvVq+XFgWNKiq1Qof5 QBv/P9I5zW/DZ2D/9rNm =67yR -END PGP SIGNATURE- ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] If we want to be anonymous in #azerbaijan we take batteries out of our cellphones
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 6/18/12 11:44 AM, Bernard Tyers - ei8fdb wrote: The still being tracked with no battery in my phone story sounds like a hoax to me. Yeah, I wouldn't want my answer to be interpreted as providing evidence for it. I'm not advocating breaking any laws in this forum, but especially not laws of physics. As Eleanor said, if there is no power source attached to telephone, or to whatever secondary tracking device installed in the telephone, then it is not possible to track someone. No power source, no radio frequencies being created, no transmissions of information. Right. On a specific device, you could imagine a secondary battery powering the tracking device (er, the radio) but it's hard to imagine a scenario where that's the easiest way to track somebody. The conversation I had with the security researcher was actually about a related question, and that's whether airplane mode could be trusted as well. Again, I don't want my acknowledging a theoretical possibility to be taken as advocating a hoax or anything, but the agreement was that SOFTWARE solutions like airplane mode can't really be trusted, and some processor components do not have open-source software options. Of course, on a current iPhone, there isn't an option to remove the battery. Hope that clears things up a bit! Thanks, Parker - -- Parker Higgins Activist Electronic Frontier Foundation https://eff.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJP33m1AAoJEJQzX4iaNncJlr8P/iNPAmjKJ+0V+7fDEQH+GQs7 dXRVtSPk2ymg4YXAhoXEHGUmyogZ3STrRUlSIxV0knYi2bqzt31z2z03jFvWlryZ MEJpasCk8ENj+yN1eBj2dYqNzFQobJ1GCaDSMuLjOcimDsS6uINkROgTPOIr+IiC I416O/UgGHwpUNJ7mfjWOezvODl0rG7KN2XndnYVuHaSsBTsruOAJuPeBXeuNG4C zkF3wT346SGu/6WCnSwCR066YS01Cmh43zhYmFiuTWWv/Apwx1rpg7grnHYsW2QA fKeTZoruiFbkb4FIHxTrxljMgW2bmUBIxMCFoeFhK6cZx9IUYsmY+q/UkU/peAku 9u1JTUzEwYC6HL8crszJgWXy7yZswLbrd3HLE8dGfHnbvoLM5JEsedLXdvBBN8lT lUttuxUU26TNb0Gjb0JY+yH7MNJxuDpvTBezpKSDcQphD9Jb6pmAvT21mwtlTuqV 2TMmr1DI5xTr6aROXu/7oQTcjJvL/rB3+dCBOzB4vMA6U6q49zniW5PWDFsucwK2 +5MHgVeNPoz3kG59djNNJgUlzi8KGhKfMuC53s3gx44ralMIE/hGUz6gyENwWb8T YKzFpxXPFmbt6oXzsbtkOX5POCfQP/Uji1XSvOGNYpiTwT9C9uugHf+QiqTGHNtU YMESLnadRjQwHMwutFqO =fDVf -END PGP SIGNATURE- ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
Re: [liberationtech] Video cameras coming to an SF bar near you
Hey guys, When I posted about this on Twitter, I had a few people notify me that they complained to some of the bars in question at which they were regulars. At least the Ambassador responded (on Twitter) that they were pulling out of the program, and their name is no longer on this list: http://www.scenetap.com/san-francisco/venues/ This move makes sense for the bars as long as this new data they're getting is very cheap or free. I think enough complaints can convince them that it's not. Thanks, Parker On 5/14/12 2:16 PM, James Losey wrote: Hi All, This Friday http://blogs.sfweekly.com/thesnitch/2012/05/scenetap_facial_recognition.php a start-up is launching facial recognition cameras in 25 San Francisco bars. The companies goal is to give patrons a sense of the average age, male to female ratio, and popularity of a bar before going in. This data will also be shared with the bar (aka, tracking attendance/demographics on differente evenings). Based on the company's privacy policy http://www.scenetap.com/privacy states: * No facial photos or video are recorded or stored. * No streaming video may be viewed by venue operators or patrons. * No personal information is collected or even attempted to be collected. However, I suspect this could mean that photos/video (with faces blurred) might be stored, and its certainly strange to be de facto accepting a privacy policy by walking into a bar. J ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech -- Parker Higgins Activist Electronic Frontier Foundation https://eff.org ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech