After attacks in Paris: Premier Cameron wants to ban effective encryption. And so begins the madness of attacks on civil rights with flimsy pseudo-arguments and ineffective - but certainly very convenient for the intelligence services - requirements. Who gets left behind? The citizen, who just wants to live. The citizen, who is still in the majority, who does not question the liberal democratic basic order, as extremist fringe groups like terrorists and politicians do.
datenschutz
German government: "Data protection authorities not responsible for NSA scandal". Well, that makes it easy, if as an affected party you simply declare the responsible supervisory authority as not responsible. Classic interior minister logic.
Trusted Computing: Federal government warns against Windows 8. As long as Microsoft does not also remove the article from the network, like the same article in the Zeit. TLDR: TCP offers more and more control over computers to people who are not the owners - and increasingly restricts the rights of the owner to protect themselves from it. Which is why the BSI warns the government (the title is somewhat misleading) against using systems that use TCP in newer versions. Whereas the NSA is very enthusiastic about the new possibilities. Which gives the whole thing even more background in the current Prism discussion.
Here's what I've found worth reading this week, collected and uncommented:
Here's what I found worth reading this week, collected and uncommented:
Because it's always claimed that it's not as bad as all that, how about a comment from a real expert on the topic? "This is really bad. The surveillance state is closer than most of us think." via Schneier on Security: NSA Surveillance and Mission Creep.
Facebook analyzes chats for crime fighting. Is this then under the project name "fully automatic informer"?
Flight data agreement has been negotiated - fm4.ORF.at. And where are our so-called diligent data protection officers of the states and the federal government now? Oh, sorry, they must hate Facebook. It's also much more important to campaign against Like buttons and threaten websites with fines rather than standing up to their own government representatives who draft and enforce such data trading deals.
CCC | Chaos Computer Club analyzes current version of the state trojan. Well, well, the current state trojan is just as bad as the alleged prototype. And of course, everyone claims not to use it. So what is the wonderful, legally compliant version of the state trojan that is allegedly used in the authorities? It would be interesting if the authorities would provide this trojan to the CCC for analysis. But that would be honest and transparent behavior. Apparently, we can no longer expect that from authorities in our banana republic.
State Trojan also in NRW - WDR 2 Der Sender. Just heard a radio report - and again annoyed. If someone lies to you multiple times, why do you believe wild, unverifiable claims? The alleged "configuration" of the Trojan is feasible for the police, but not the development? Haha, very credible. And the configuration as well as the deployment - these are digital traces that are, on the one hand, trivially falsifiable (unless there is a usable cryptographically signed audit) and, on the other hand, not retrievable afterwards. The documents on the cases only contain what the respective official has said. Whether that is true, no data protection officer and no lawyer can find out afterwards - unless the Trojan is found and examined on devices. And that is exactly what happened with the Bavarian Trojan - and the examination by the CCC did not speak of deactivated features, but of active functions. So again, why do parts of the press still believe the claims of the state criminal investigation departments and politicians?
Chaos Computer Club: The German state trojan has been cracked - Current - FAZ. I'm linking to the FAZ. And then to an article where the FAZ uses the CCC as an expert source. But such things happen when your own executive wants to screw over the citizens and just builds constitutionally illegal trojans that are supposed to spy on the citizens. And in the process does things like implementing arbitrarily reloadable (and thus unchecked) code - and then has the whole thing checked for security by verifying an IP address to a redirect server in the USA. Which is just great again. Oh, and you can also deposit data on the computers of the suspects with the software. And of course without any control. No investigator would do that, that would be illegal. About as illegal as the whole trojan. And of course we trust the people who come up with such things, don't we?
Clearly identifiable: NATO wants individual signature for every internet user. The next pig that will be driven through the village. Military facilities are not exactly known as birthplaces of democracy, so I'm not surprised to hear such nonsense from that direction. But it will certainly be interesting to observe which politicians and which lobby groups will pick this up. Wouldn't be surprised to see some of the hardliners from Berlin or e.g. the rights extortionists of the music industry. Oh, and it will certainly be funny to see what the "data protectors" will not say about it.
Face off: Facebook claims personal data is "intellectual property" | G! - gutjahr's blog. And the fun continues - now Facebook claims they can't meet the legally required deadline of 40 days and anyway, the data is Facebook's intellectual property. Quite amusing - but interesting is the hint that the data protection authority in Ireland is actively working on it, so it could indeed give Facebook a slap in the face. I think the whole thing about the alleged workload for Facebook is just an excuse - if you do it right, it's just a tool that collects and prepares a user's data from all the pots.
Diebold voting machines can be hacked by remote control - 2012 Elections - Salon.com. Hmm - where would these devices be used? Are there already any deployments of these machines in Europe?
Schneier on Security: New, Undeletable, Web Cookie. On to the next round: ETags are evil! Since they can be arbitrarily assigned by the server, you can simply insert a visitor's UUID there, and on the next visit, the browser sends the content for checking for file changes (provided it supports conditional-GET, but that's true for all browsers today). The user has no control over the use of ETags - and it actually doesn't make sense to give the user this control - so it's very difficult to defend against this method.
Privacy Fail: How Facebook Steals Your Friends Phone Numbers | Kurt von Moos.com. Ouch. Facebook sends the iPhone address book to their servers and stores all contacts there when you activate the function "sync profile pictures with address book" - according to the description of the function, the user believes that only the pictures from Facebook are added to the contacts they have locally, but in reality the entire address book is facebookized. Without the user being aware at that moment what is happening.
The strange facts of Mr. Uhl « mrtopf.de. I'll just say: read. Because why should I repeat everything that someone has already written elsewhere. And since it also concerns data protection with the VDS, also categorized for the Metaeule.
ShareMeNot. Firefox extension that filters out the various social buttons, so that the corresponding services cannot see the visited pages (because this data is also transmitted when the buttons are not clicked - for example, the icon is usually hosted by the service provider and they can see the visited pages in the logs via the referrer, provided you are logged in to one of the services, they can also see the user who visited the page via the login cookie).
Little mourning for electronic wage reporting procedure ELENA. While we're at it with embarrassing - the government's number with Elena is also one of those stupid non-issues that cost a lot of money but ultimately brought nothing and didn't work. And incidentally also violated data protection laws. And was simply idiotic anyway - the data that was supposed to be collected there was really nonsensical for the announced purpose in many areas. But why our government always starts such idiotic projects in the first place, even though the problems are known in advance, someone must explain that to me in a understandable way.
But you have to do something about it! - The Raummaschine. It's definitely worth reading and thinking about. As often said on WDR: spend a quarter of an hour thinking about it. A quarter of an hour. You can manage that. Because I want data protection to provide me with the tools and legal means to control the spread of my data, but not to dictate what I can do with data (indirectly through the massive attempts to regulate services). I want to be able to decide for myself what is published - but I also want to have the option to say "not anymore" and a commitment from providers to meaningful tools. For me, this does not only include "prohibiting" and "regulating" - but rather things like data portability (I want a property right to my data!) and traceable deletion. Because I am indeed interested in services and service providers that work with my data - social networks can be fun and useful.
Data Protection and Social Network Buttons
Just read: Data Protection & Facebook Like Button for Website Operators. I just played around with the various social buttons (they might still appear on cached pages for a while), but then I thought they will probably report more connections between accounts and page visits - and turned them off for now.
The linked article takes a closer look at the Facebook Like Button, the Google +1 Button should be very similar. The Twitter Button is probably not unproblematic either, at least when the server is queried for the number of tweets - but an unproblematic variant of the Twitter button should be achievable, because that is the simplest case after all.
Well, for now I have turned off the toy again, I still have to think about it. Because on the one hand it is of course interesting to enable visitors with active social networks to easily share in their networks - but what is the price?
Thoughts on Data Privacy, Loss of Control, and Other Things
From the Spackeria, from tin foil hats and from loss of control - The wonderful world of Isotopp. Worthwhile consideration of data protection, data traces, the inevitable accumulation of data volumes and the inevitability of the accessibility and evaluation of this data.
I myself am always sitting between the chairs of the tin foil hats and Spackeria - on the one hand, I want data avoidance and have my problems with the data collection mania in some places, on the other hand, I am close to technology and enthusiastic about it and am therefore automatically collected in many data pots. And I am absolutely aware of how much can be found out about me online if someone puts it all together.
I see, just like Isotopp presents it in the article, a massive (probably inevitable) failure of legal data protection - but I myself see a certain differentiation between data that arises in the voluntary context of the use of technical services (even if the user may not directly notice these data) and data that are collected in the state context.
The state sets up data silos only under the negative aspect - a state-created database is always designed under the aspect of general suspicion. The state does not collect the data of persons involved in visa procedures in order to provide them with targeted information and services related to visa procedures - the sole purpose is law enforcement. However, this automatically suspects all persons involved in visa procedures of terrorism and other crimes - because otherwise one would not need to record their data. The executive of the state hates the disorderly citizens and deeply distrusts them, therefore they must be controlled.
A private economic pile of data has a much more banal goal - market economic exploitation. This is, as crazy as it may sound to some, much more preferable to me. Google will not use the data to negatively interpret my political beliefs and put me on a no-fly list because I criticize the state - they just want to show me better-placed advertising. In a certain way, one can rely on the reduced field of vision of capitalists, it is much more positively influenced than that of politicians. Data sets are potential businesses - not potential attackers.
For this reason, I find the current activity of various state data protection officers in the private economic or even directly private sector (warning blogs for the use of Google Analytics) laughable to embarrassing, if the same data protection officers do not stand up to projects like those that are coming up in the Interior Ministry or other state authorities.
How can a data protection officer expect to be taken seriously if he loudly complains about the location data falling off the iPhone and rails against Apple, but at the same time does not make any attempts to stop this crazy EU commissioner who has plans for EU-wide, suspicionless data retention that would violate our Basic Law (just as the data retention already failed in Karlsruhe that was spied out in Berlin)?
iPhone Location Data Again
Once again regarding the Apple response to the motion profile allegations and why Apple is right, but there is still a problem (but one that is significantly smaller than the dramatized problem in the press).
Apple produces a database with - anonymously collected, there are no indications so far that it is not anonymous - position data of iPhones with activated GPS, in which positions of networks are stored. Networks in this context are radio masts for GSM, 3G and WLANs that the iPhone sees at that time. However, this is not what is stored in the database that everyone is talking about. This is only the basis on which something is built that then ends up in the database.
The data sent to Apple is averaged internally and a "center" is determined for the networks reported by various iPhones (since the exact position of WLAN routers or radio masts is not simply provided - this must first be determined in some way). This data is stored in a large database at Apple. The position data therefore refers to the center of radio identifications. The original position data is only basic material for the determined position data.
The iPhone can now determine an approximate position via the visible radio identifications and their position information and a weighted average of the data based on transmission strength - but internet access is required for this. And internet access to the database at Apple. Therefore, the iPhone downloads the information about radio identifications and caches this locally. But of course not the entire database - that would be too much. Rather, a relevant excerpt determined by algorithms. This is now the database on the iPhone.
Apparently, Apple not only downloads the networks that the iPhone currently sees, but also neighboring networks - which makes sense, as the user moves around more often and the data from neighboring networks will be needed (potentially - the iPhone does not know in advance where I am going). Presumably, the iPhone will say "I see networks A, B, C" and the database will then provide "here are the networks A-M from the metropolitan area where you are located". The iPhone then takes X% of A, Y% of B and Z% of C as a basis and calculates a rough position and says "here I am". If it then moves into the visibility of network D, its position is already known and the iPhone can perform the position calculation directly without downloading.
In addition, the iPhone seems to store a temporal history of these downloads - presumably the developer assumed that if the user has been there before, there is a high chance that he will go there again. For this purpose, the iPhone keeps these data ready for one year. The claim by Apple that the duration of storage is a bug is certainly rather an embellishment - presumably a developer simply made up a duration and used it without considering how much would really be sensible - after all, these were not special data in his understanding. Only technical caches for downloads that he anyway makes when the user asks for his position.
What does this mean for the user? The data does not reproduce where he was in the coordinates - it only reproduces where the radio identifications are, in whose vicinity he was approximately. And since it also contains neighboring networks, this is really very approximate. Of course, a rough spatial profile of the user can be derived from this - for example, in my data I can indeed see that I have been in Amsterdam, in Frankfurt and in Berlin.
But for example, it also means in reverse that only the approximate regions are included if you also had network reception there, with download options. I was in Copenhagen - there I also had network access via the hotel, so traces of this are present. In Malmö and at the turn of the year in Russia I did not have network access - so GSM, but no internet access - and therefore the iPhone could not access these location data and could not download radio identifications with positions. Therefore, these data are also completely missing from my iPhone and there are no traces of Malmö, Ekaterinburg or Nischni Tagil (the same should apply if you have activated airplane mode or simply turn off WLAN and mobile data).
Furthermore, the spaces should become larger when you come to more rural regions - few WLANs, so mainly GSM cells and these with a larger range and more scattered. If you store a cell with the neighbors, this is already a fairly large area that is covered. In large cities, on the other hand, the covered area should be significantly smaller, simply because WLANs have significantly smaller ranges and there are more of them there. And radio cells there are also usually smaller (just because a cell can only cover a finite number of users, but the user density in cities is greater).
This is particularly interesting for programmers: do you think about what can be derived from cached data when you program? Take as a basis for consideration that someone has access to your DNS cache - which every system has internally, simply to reduce DNS queries. What picture of you as an image could this technically harmless information produce? These are the small pitfalls that programmers like to stumble over. It is actually harmless - auxiliary data that you get from the network is the beginning. Throwing away after use - well, if they are needed again, then it makes sense to have the most frequent ones ready, or? And it is exactly then that you run into problems like Apple currently has.
The discussion about why your browser cache contains porn pictures (because you read your mails with Outlook, for example, and opened a spam mail and had image display activated - not an outlandish situation!), if your wife finds them there, could already become quite interesting. The data no longer shows why they ended up where they ended up.
As stated in the title: I am referring here to the answer from Apple and have only checked this with my own data. My own data matches the information from Apple's statement and this statement itself is also consistent - both the contents and the specification of the use match quite well. I therefore see no reason why I should distrust the statement.
Apple's answer that the iPhone does not record the user's motion profile is therefore correct - it simply stores information for a position determination as an alternative to GPS. At the same time, however, it is at least a profile of the stay in large areas. Criticism is therefore quite appropriate. But in my opinion, it should be more intelligent than "Apple stores the user's positions in the last year", because this is simply wrong.
But as Apple says in the introduction to the answer: these are technical relationships that are more complicated than simply "does Apple store a motion profile Yes/No". And our press has massive problems with questions to which an answer contains more than two sentences. "Apple stores data from which the presence in large areas can be derived" does not sound so great and catchy as a headline.
Unfortunately, this very imprecise reporting can lead to problems arising - if I know that the data only covers regions where I have been, but not precise points of my stay, the explanation why my data from Frankfurt also includes the red light district (it's just near the train station) is much easier than if I have to assume that these are all places where I have been.
Apple must (and will, according to its own explanation) improve this - caching data for a year is nonsense. Backing up the data is also nonsense, they can simply be downloaded again if they are missing. Similarly, the data does not need to be stored if all location services are globally deactivated. It might also be generally interesting to have a switch "Pseudo-GPS Yes/No" or something like that, with which this type of position determination can be deactivated - then the user simply has to wait until the GPS satellites are logged in. Just as, in my opinion, the anonymous data collection for WLAN and radio masts should be switchable.
In my opinion, no cache should exist without a control function for this cache (just as you can also empty the browser cache). Because one thing must be clear: due to the general necessity of linking access time and loaded data (because only in this way can a cache with temporary storage function), every type of cache provides a kind of user profile. And this should be at least rudimentarily controllable by the user (in the sense of deleting). Setting up caches fundamentally with a clear function and a UI for this should become just as much a best practice as the encrypted storage of passwords on servers (hello Sony!).
Tomtom apologizes for sharing data with radar traps. It's all quite funny in a way. On the one hand, the naivety of a data provider ("hey, they won't just use my data for something that might be embarrassing for us"), and on the other hand, the innovativeness of a government. (It is still unknown at this hour whether "experts" will run amok again and urge buyers of TomTom devices to sue the manufacturer or the Dutch state.)
Apple Q&A on Location Data. Will the experts who made some rather obscure claims now correct their statements? Or will there now be a great, embarrassing silence? Alternatively, I also have a nice conspiracy theory ready, that always works on the Internet.
Alex Levinson has some interesting comments on the "new" discovery of the collected geodata on the iPhone. Apart from the fact that it is not Apple that collects the data, but only the user's own device and computer, it is quite interesting that this "new" discovery was so well known that Alex has spoken about it at conferences and it was already described in his book on iPhone Forensics at the end of December 2010. A printed book. One of those made of paper. Something that researchers should actually read when they investigate things. So they don't make themselves look ridiculous when they write hyped articles about topics that have been known for a long time, without referring to previous research on the subject ...
Snooping: It's not a crime, it's a feature. The great new photo network Color? It turns on your microphone to have another clue about location based on sounds. Did you expect that a photo-sharing app for the iPhone would eavesdrop as well, or?
BBC News - Net giants challenge French data law. Great idea from France, mandatory storage of plaintext passwords, so they can be handed over to any random authority. The Federal Interior Friedrich will probably like that, as he is so keen on all data ... (Discussions on reddit claim that bbc misrepresented the situation, it's only about storing account data even after closing the account for one year - if a service does not do this, it will be held liable for activities of non-identifiable users afterwards - so not quite what you could read in the BBC article)
Privacy advocates: Piwik instead of Google Analytics - that's a good start, concrete suggestions for what site operators should do if they want statistics. We should probably take a closer look at work to recommend it to customers who ask for statistics.
IP Addresses and Privacy
IP Address: Data Protectionists Target AdSense, Amazon Links, and IVW. I don't know, but I think slowly this is starting to overshoot the mark. Yes, data collection should be avoided when avoidable. And certainly, one should always keep in mind what can be done with the data for a central figure like Google. But if this leads to, for example, the Google API Loader for jQuery no longer being usable because their accesses also go to Google servers, or if, as here, complaints are made about Amazon Affiliate links - which only access Amazon when clicked, not generally - then things are getting a bit hairy.
Then we are only a short step away from generally prohibiting links to pages from larger providers. Or absurdities, such as the idea expressed here of the illegality of using Google Mail in Germany. Yes, IP addresses are conditionally personally identifiable. And with IPv6, this will certainly become even more apparent (since there the reuse of IP addresses is not as mandatory as with IPv4). But the IP address is at the same time the central pivot of the Internet, and if one focuses too much on it, one eventually reaches the point where the highest data protection officer prohibits access to the international Internet because one thereby reveals one's IP address to computers outside Germany...
Data protection is to a large extent also the education of users and the self-responsibility of users - the latter can of course only be achieved with an appropriate level of knowledge. I would feel much better if the data protection authorities also produced useful output in the form of citizen information. But there it's somehow bleak.
So, discuss with the large providers and, if necessary, take them to court to force them to comply with data protection guidelines: yes. Public discussion about the problems and dangers: yes. Wildly attacking random forum operators: no.
Why is the data protectionist going after something as irrelevant as mentioned in the article, and not even against one of the big players in the forum industry, such as Heise, Spiegel, Focus, or Golem? Too much respect for the reaction to be expected there?
Something smells fishy about the whole thing. Possibly we don't have all the information - but I can't think of what information might be missing that would make the whole thing an appropriate reaction.
Gravatars: why publishing your email's hash is not a good idea. And it also explains why avatars have disappeared again from my blog for commentators - not that I suffer from paranoia, but why open up the possibility of determining an email address for a gimmick?
Sunday reading: Google Streetview - linked because I'm fed up with all the pro-Streetview talk and the "who pixelates doesn't understand the net" faction. The net is a medium for the whole society and not just a playground for some tech enthusiasts. And whoever ties their net freedom to the permission for unrestricted data collection for a large corporation has a significant understanding deficit. Especially when the sole purpose of this corporation is the systematic evaluation of these data mountains for the optimization of advertising.
Lastschriftzahlung: Easycash sammels data about good and bad customers - Golem.de - of course purchasing behavior related to account numbers, that's not personal data ... how stupid do companies like this think we are? And especially brazen: we as customers have no influence on this, it just goes past us.
Virtual internet lady provokes espionage in the USA | tagesschau.de - somehow only one comment fits here. Facepalm. And every comment about the weakest link in the chain is simultaneously strangely fitting and inappropriate.
In the eye of the law — Der Freitag - yeah, yeah, the state would never create unauthorized data collections, the state simply legalizes the nonsense it produces.
Fuck you, Google « Fugitivus - why Google really screwed up with Buzz. This "automatically follow all regular contacts" is pretty much the dumbest idea ever, especially with their idea of opt-out-not-possible. I've been saying this for a while, just because they have "don't be evil" as a motto doesn't mean they also have "don't be stupid". It's hard to get much dumber than the introduction of Buzz.
An experiment in real-time: The human becomes a data set - Background - Feuilleton - FAZ.NET - I rarely link to FAZ, but if they let Frank Rieger write about the problems of data collection mania, then you have to honor it with a link, especially if the article is really very good.
Data protectionists criticize "electronic income verification" - and yet another nonsensical data collection action that will only lead to other authorities wanting these data for completely different purposes. What does the state have to do with whether an employee has received warnings or shows "misconduct" (which is then, after all, a matter of interpretation by the employer)? What does the state have to do with whether and how long an employee has gone on strike? The fact that data pools are not secured against misuse should be well known by now. And that any data collection arouses the hunger of other authorities, as well.
US-Hacker copies RFID badges unnoticed - but our prolethicians, and above all the federal interior minister, claimed that such things would only be science fiction nonsense. And anyone who is against the RFID chips in the badges is simply a paranoid person. Why doesn't the bunch in Berlin even bother anymore when they try to screw us around?
Nokia pushes through surveillance rights for emails - we buy ourselves a government. The model will certainly soon be adopted in Germany by various large employers (Deutsche Bahn and Deutsche Telekom anyone?).
IT-Gipfel: Vertrauenswürdige De-Mail von Innenministerium und Telekom - so the company that wants to put a trojan on every PC and the company that decided arbitrarily and unilaterally to tap phones that interest them, want to build a "trusted" email platform together. Did I get that right?
Ex-BND Chief: Plans for covert online searches unconstitutional - it's nice that he says that. But he is the former BND chief after all. Would he have said the same thing during his active time? Probably not. The wolf becomes a sheep more easily when he can only eat oatmeal.
Copyright infringement: Courts set low threshold for information claim against providers - "If other courts follow this extremely broad interpretation of 'commercial scale', it is to be expected that the civil courts will then be confronted with the same flood of applications that law enforcement agencies are currently confronted with." - well, that was to be expected. So once again, only hope remains for Karlsruhe and a somewhat more reasonable basic decision.
Dealing with Resident Registration Data: The Shadow Registration Offices - how was that, Mr. Schäuble? "The data is safe in the hands of the state"? And of course, anyone who thinks differently is just a paranoid?
Google: "No Trespassing" signs won't stop Street View - anyone who still believes that all these "social networks" have anything to do with social or nice can read the arrogant comments from Google in that article. "There is no complete privacy" - and that is immediately interpreted as "ignore no entry".
Advertising and Privacy – Google Privacy Center - important link, opt-out from the Doubleclick cookie mess. No idea if it's realistic, or just fake - but if the latter, that will surely come out sooner or later.
Network Advertising Initiative - and a whole list of opt-outs for other ad networks.
Data Protection Experts: Google Analytics Violates User Rights - well, this assessment was somewhat predictable. I'm curious to see what else will come up in the near future. Will Google give in? I doubt it. And even if they do - how credible would an (unverifiable!) assurance from Google be?
Strange practice at mobile phone contract trading portal - "For example, a bank statement must be provided to prove the liquidity of the new customer." - eh, hello? Bank statements contain much more than just statements about liquidity. What a stupid idea is that? And probably the users will do the nonsense and obediently present their regular bookings to some stranger ...
Data trading with the FBI - and this is how we are sold and traded. And the fact that perhaps one or the other state still has rudimentary data protection regulations that prohibit such trading does not interest anyone either.