Saturday, June 2, 2018
CryptPad
CryptPad is a real-time collaborative editor, with servers located in Paris France and Iasi Romania.
A CryptPad is a document that you can edit in your browser, generally with other people's changes visible nearly instantly. Create a CryptPad and share its URL with others. Users can collaborate on the document, with changes being visible to each other instantly.
A CryptPad can be created with a set time at which it will be automatically removed from the server. Expiring pads can be configured to last anywhere from one hour to one hundred months. The pad and all of its history will become permanently unavailable even if it is being edited at the time that it expires. If you are an anonymous user (i.e. haven't signed up with CryptPad) pads will expire after 3 months of inactivity.
CryptPad has many additional features that I find useful for document collaboration. Basic features are available for free, with premium features available for a small fee.
Kent, WA Woman Kidnapped, Raped, Locked Naked in a Room and Sold for Sex
On February 9, 2018 I posted the news that a woman in Marblemount, WA had been kidnapped, raped, and tortured. On June 1, 2018 we saw a very similar case in Kent, WA where a man kidnapped a woman, raped her, and held her naked, locked in a room for two days; until she was able to escape when he attempted to pimp her out to have sex with other men.
According to the Komo 4 News report (June 1, 2018) the woman remained trapped in a room where the man repeatedly assaulted and raped her, and forced her to snort methamphetamine. He also tried to force the woman to earn money for him through prostitution and invited seven to eight men over to "look at her." On May 19, 2018 when a customer agreed to pay the man to have sex with the woman, he took the woman out the apartment in his SUV. She was able to escape by jumping from the vehicle and running to a nearby home where she hid under a table until police arrived.
Prosecutors charged the man last week with first-degree rape and promoting prostitution.
--
As can we seen from the above incidents, this type of horrific kidnapping and assault on women is perhaps more common than you might think. Having a personal security plan is essential to protecting yourself from violent attack.
Letting a trustworthy person know where you are going, when you are expected to return, and having that person check up on you if you are not heard from at the expected time is a simple and common sense precaution. If you don't want to tell someone every time that you go some place, consider setting up an automatic message to alert people if you go missing.
Defense items, such as personal alarms and pepper spray can help ward off an attacker; although according to U.S. Bureau of Justice Statistics data, having a firearm and being able to use it in a defensive situation is the most effective means of avoiding injury (more so even than offering no resistance) and thwarting completion of violent crime, such as robbery or assault. In general, resisting violent crime is far more likely to help than to hurt, and this is especially true if your attacker attempts to take you hostage.
While no one expects to be attacked, the fact is that these violent attacks do happen and it is important to be prepared should you be targeted as the next victim.
Hackers Find 65 Bugs in the Pentagon’s Travel Management System
According to Nextgov (May 30, 2018) hackers found 65 bugs in the Pentagon’s Travel Management System, 28 of which were deemed highly severe or critical. Defense employees use DTS to authorize, reserve and receive reimbursements for work-related travel. The system processes more than 25,000 transactions every day.
Although the Nextgov article does not say whether these bugs resulted in a breach of DOD employees' personal information, it should be assumed that "highly severe or critical" vulnerabilities in any system containing PII puts that information at risk.
Friday, June 1, 2018
Reducing Your Information Footprint
While spring cleaning your home and, if you’re like me, the top of your desk, consider also cleaning up your information footprint. Your information footprint is how much information about you is recorded and available in both digital and paper formats. Cleaning up your footprint can mean examining social media, online accounts, and even paper records containing sensitive information. While we may use a few key digital devices and services on a regular basis, they often contain more information about us than is necessary. It’s also likely that devices and services we don’t use anymore may still contain information. You might have that pile of paper you’ve been meaning to shred for a while, making this an opportune time to spring clean your information footprint. By spending a little bit of time and effort, you can better secure your information to safeguard against various forms of identity theft.
Disks, Hard Drives, and USB drives, Oh My!
Over the years, it’s easy to accumulate a mass of CD’s, DVD’s, hard drives, and USB drives that are no longer needed or with data that is no longer needed stored on them. If you have hard drives or USB drives with old data but want to continue to use them, consider following US-CERT’s guidance on how to securely clean the data off of these items before properly recycling them. Many shredders, including those rated for home use, can shred CDs and DVDs. If your shredder can’t handle them, check your local community for shredding days as many towns, schools, and office supply businesses will sponsor shredding events.
Clean Up Your Paper Trail
Many of us have a large quantity of paper documents that may contain sensitive information about ourselves, financial accounts, government identification information, tax returns, and more. Take some time to go through these documents this spring and check whether it is something you truly need to hold onto. If the answer is no, be sure to securely dispose of it by shredding it and recycling the shredded pieces. Simply ripping up sensitive documents is not enough to guarantee your information is unreadable.
Not sure how long you should hold on to those old documents? The Federal Trade Commission (FTC) has a handy website - "A Pack Rat’s Guide to Shredding" with information on how long you should hold on to those documents!
Closing Old Online Accounts
It is common for people to use many different shopping sites, social media outlets, online storage, clubs, and other online outlets that require you to enter, store, and sometimes share information from or about you. If you are no longer using any of these accounts, consider removing information that may be sensitive and consider closing them out if you do not plan to use them again. Sometimes, it is easiest to check out as a guest when shopping online at a place that you rarely, if ever, patronize. Checking out as a guest should minimize the data retained about you.
Old Social Media Accounts
Remember MySpace? LiveJournal? Do you still have that old email account or an account on an old dating website? As we move from Myspace to Facebook to Twitter, Instagram, and the other latest and greatest social media platforms, our old accounts and information are left behind, filled with personal details. Consider closing out social media accounts that you no longer use, as it will reduce your digital footprint. Keep in mind that all social media platforms have different policies when deleting old accounts and content. Be sure to read the policy. And, don’t forget to remove the app from your smartphone, too!
Oversharing on Social Media That You Do Use
If you frequently use a social media or online account but it contains lots of personal details or information that you now think should be safeguarded more closely, consider removing it from your profile or deleting the posted content. Think about if the information you continue to share could be used against you or combined with other information to be used against you. Enough pieces of personal information combined together can be very useful to cybercriminals.
Being aware of any information that you share that could be used to respond to "Challenge" questions, which are frequently used to reset passwords. What does that mean? How could information be combined to be used against you? Think about your online bank account. If you forget your password what types of questions do they ask? Probably something about the color of your car, your mother’s maiden name, your birthday, or pets’ names. Did you post a picture of your new car? Friend your mother or her brother on social media? Answer a meme about your birth month and day? Share adorable pictures of Fluffy? If you did, you’ve helped someone find out the answers to your bank’s security questions!
This is the case for many of the pieces of information you may share online and many online accounts that use challenge questions to reset passwords. Information commonly used for challenge questions include the above examples and other details, such as your favorite sports team, vacation spot, fruit, ice cream, type of reading material, youngest sibling, elementary school name, and so on. As you clean up your data think about what information could be used to answer your security questions and try to remove that data from your social media accounts.
In closing, these short tips can make a world of difference in lowering your information’s exposure to others. By questioning if you need to share or provide certain information online as you move forward, you can save yourself from many of the unnecessary overexposures we discuss here. Additionally, by taking a look at both your digital and paper trails to do these activities on a routine basis, you can be sure to keep overexposure in check. (CI Security)
EFF and ACLU Call for Amazon to Stop Powering Government Surveillance
The EFF has joined the ACLU and a coalition of civil liberties organizations demanding that Amazon stop powering a government surveillance infrastructure. Last week, they signed a letter to Amazon condemning the company for developing a new face recognition product that enables real-time government surveillance through police body cameras and the smart cameras blanketing many cities.
The system, called "Rekognition",is already being used by agencies in Florida and Oregon. This system affords the government vast and dangerous surveillance powers, and it poses a threat to the privacy and freedom of communities across the country.
How Many Federal Criminal Laws Are There Currently on the Books?
When federal laws were first codified in 1927, they fit into a single volume.
In 1982 the Justice Department tried to determine the total number of criminal laws. In a project that lasted two years, the Department compiled a list of approximately 3,000 criminal offenses. This effort, headed by Ronald Gainer, a Justice Department official, is considered the most exhaustive attempt to count the number of federal criminal laws. This effort came as part of a long and ultimately failed campaign to persuade Congress to revise the criminal code, which by the 1980s was scattered among 50 titles and 23,000 pages of federal law.
In 1998, the American Bar Association performed a computer search of the federal codes looking for the words "fine" and "imprison," as well as variations. The ABA study concluded the number of crimes was by then likely higher than 3,000, but didn't give a specific estimate.
In 2003, there were around 4,000 offences that carried criminal penalties. By 2013, that number had grown by 21 percent to 4,850.
None of these studies broached the separate - and equally complex - question of crimes that stem from federal regulations, such as, for example, the rules written by a federal agency to enforce a given act of Congress. These rules can carry the force of federal criminal law. Estimates of the number of regulations range from 10,000 to 300,000 !!! None of the legal groups who have studied the code have a firm number.
"There is no one in the United States over the age of 18 who cannot be indicted for some federal crime," said John Baker, a retired Louisiana State University law professor who has also tried counting the number of new federal crimes created in recent years. "That is not an exaggeration."
Thursday, May 31, 2018
The Cyber Threat and Its Implications for Our Privacy
“The time has come — indeed, if it has not already passed — to think seriously about some fundamental questions with respect to our reliance on cyber technologies: How much connected technology do we really want in our daily lives? Do we want the adoption of new connected technologies to be driven purely by innovation and market forces, or should we impose some regulatory constraints?” asked NSA General Counsel Glenn Gerstell in a Wednesday presentation at Georgetown University. “Although we continue to forge ahead in the development of new connected technologies, it is clear that the legal framework underpinning those technologies has not kept pace. Despite our reliance on the internet and connected technologies, we simply haven’t confronted, as a U.S. society, what it means to have privacy in a digital age.”
Mr. Gerstell's speech is available here.
Collins v. Virginia
In Collins v. Virginia (Argued January 9, 2018 - Decided May 29, 2018 ), the USSC held that the scope of the automobile exception extends no further than the automobile itself; its proposed "expansion would undervalue the core Fourth Amendment protection afforded to the home and its curtilage and untether the exception from its justifications."
JUSTICE SOTOMAYOR delivered the opinion of the Court. This case presents the question whether the automobile exception to the Fourth Amendment permits a police officer, uninvited and without a warrant, to enter the curtilage of a home in order to search a vehicle parked therein. It does not.
The key to this decision is balance; compare the government interest in law enforcement against the sanctity of the home.
The essential facts of the case are simple: police made a warrantless entry into the curtilage of a home seeking and then collecting evidence related to a collection of traffic violations, and possibly a stolen motorcycle that had been used to commit those violations.
Two aspects of 4th Amendment law are involved:
1) Consider that, after the person himself, his house is the next explicitly listed object protected from intrusion by the government. His effects, even if considered instrumentalities of a crime, enjoy a lower standard. Remember, the curtilage of a home enjoys the same intrusion protections as the home itself. The fact that the suspect motorcycle could be seen from a legal vantage point still did not justify the physical intrusion into the curtilage. For a good discussion of the privacy of a home and its curtilage, see Florida v. Jardines.
2) In 1925, the USSC created the infamous automobile exception to the warrant requirement, stating that if there was probable cause to believe contraband was in a car (in the Carroll case, alcohol being imported from Canada), due to its inherent mobility, the exigency of the moment weighed in favor of an exception to requiring a warrant before conducting a search of the car.
In the instant case, there was no exigency to justify the warrantless intrusions on both the parked motorcycle and, in particular, the curtilage of the home; and in a 8-to-1 decision, the USSC ruled the privacy of the home outweighed the government benefit allowed by the 1925 Carroll automobile exception.
FLETC Legal Resources
FLETC Legal Resources. Legal resources for federal law enforcement officers. Podcasts on a variety of legal matters related to law enforcement. Video series pertaining to the 4th and 5th amendments, enhancing witness skills, and surviving an active shooter event... and more.
Wednesday, May 30, 2018
Link Password
Link Password is a Firefox Add-on that encrypts your bookmarks and links. Do you sometimes need password-protected individual bookmarks or links? Perhaps a link to a secret site that no one else will be able to follow?
Is Your Identity Up For Grabs?
In an age of data breaches and sophisticated identity thieves, protecting your digital information is more important than ever. A new state survey from AARP shows Washington consumers are falling further behind in the battle to protect their identities. According to AARP’s report, six-in-ten Washington adults (60%) failed a quiz testing their “Digital Identity IQ.”
Take the quiz to see if you know how to protect your digital identity.
Learn more about the AARP study here: Up for Grabs: Taking Charge of Your Digital Identity: Survey of Washington Internet Users Age 18+
TSA's Secret Watchlist
The Transportation Security Administration has created a new secret watch list to monitor people who may be targeted as potential threats at airport checkpoints simply because they have swatted away security screeners’ hands or otherwise appeared unruly.
According to a confidential memo, any behavior that is "offensive and without legal justification" can land a traveler on the list, as can any "challenges to the safe and effective completion of screening." Anyone who has ever "loitered" near a checkpoint could also make the list. So could any woman who pushes a screener's hands away from her breasts.
Hugh Handeyside, an attorney for the American Civil Liberties Union, stated the policy gives the agency wide latitude to "blacklist people arbitrarily and essentially punish them for asserting their rights".
According to the LA Times "The watchlist would seem less perilous if the TSA were not one of most incompetent agencies on Earth. After a series of undercover tests at multiple airports across the country, the Department of Homeland Security concluded last year that TSA officers and equipment had failed to detect mock threats roughly 80% of the time. (In Minneapolis, an undercover team succeeded in smuggling weapons and mock bombs past airport screeners 95% of the time.) An earlier DHS investigation found the TSA utterly unable to detect weapons, fake explosives and other contraband, regardless of how extensive its pat-downs were."
The TSA has a long history of intimidation. In 2002, it created a system of fines to penalize travelers with bad attitudes, charging up to $1,500 for any alleged "nonphysical interference." This included any "situation that in any way would interfere with the screener and his or her ability to continue to work or interfere with their ability to do their jobs."
Peerio: Privacy for Everyone
Peerio is a state of the art encryption tool for everyone - designed to be as simple as it is secure. With a one-minute signup, end-to-end encryption by default, and cloud backup, you can easily
share private messages and files and access them from anywhere.
Peerio: Privacy for Everyone (YouTube Video)
Nadim Kobeissi, the brain behind Cryptocat and miniLock, is back with yet another tool designed to make your day-to-day life more secure. Peerio - a cloud-based, end-to-end encrypted communications suite that lets you send messages and share files as easily as you use Gmail or Skype's IM tool.
E-mail Privacy Act 2018
The House of Representatives passed a bill this week called the National Defense Authorization Act (NDAA), which authorizes the nation’s military and defense programs. Earlier in the week, scores of Representatives offered amendments to this must-pass bill in hopes of ensuring that their ideas get a chance to become law.
Rep. Kevin Yoder (R-KS) used this opportunity to include as an amendment the Email Privacy Act, a piece of legislation long-favored by EFF. The Email Privacy Act would codify the rule announced by the Sixth Circuit—and now followed by providers nationwide—that requires government agents to first obtain a probable cause warrant when seeking the content of communications stored by companies like Google, Facebook, Slack, Dropbox, and Microsoft. Read more from the EFF.
National Security Requests to Apple Spike
The number of data requests from the U.S. government to Apple Inc. more than doubled last year, according to a biannual transparency report released by the consumer tech giant Friday.
Apple received 16,249 national security requests across 8,249 accounts between July 1, 2017 and Dec. 31, 2017, almost three times higher than the amount of requests received during the same period in 2016, when the company saw just 5,999 such requests.
Broadly speaking, a national security data request is usually made to compel access to private user information that’s stored by the company. These requests sometimes allow the government to learn more about suspected terrorists, criminals or other targets in order to pursue legal charges. (Cyberscoop, May 29, 2018)
Tuesday, May 29, 2018
California's New E-Ink License Plates (with built-in tracking)
We talked about digital drivers' licenses, and now there are digital license plates...
California is now testing a unique license plate option: a digital license plate that sports a Kindle-like E-ink display. Here’s the basic run down of the new (currently in pilot-testing) license plates. The plate can be changed automatically - but not to switch out your license number like you’re a spy racing across international borders - to update the displayed registration data and (theoretically if the State of California approves) display advertisements or other data when the car is stopped.
In addition to the flexibility of the display, the digital plates also sport a tracking device that will alert the police to the location of a stolen vehicle and allow for general vehicle tracking. (KGTV 10, April 20, 2018).
--
With the current price of the e-Link plate ($699 + $7 monthly connection fee) few people are signing up for them. But, this may change as the cost comes down, and may in time become the standard license plate format.
The tracking ability built into these plates creates significant privacy issues. As we have previously seen, license plate tracking of our current standard plate is a concern. Having automatic vehicle tracking built into the license plate of the future is a privacy nightmare.
And now Washington State is in the early stages, considering whether to adopt these digital plates. The plates will cost about $300 in WA, and come with the same concerns about government tracking and data privacy.
Your Complete Amazon Purchase History
Did you know that Amazon stores your complete purchase history from 2006 through today on its web-site? Well, it does, and as a service to its customers, Amazon makes that information available to you. Just log into your Amazon account here, set the date range for your orders and Amazon makes your purchase history available to you as a MS Excel spreadsheet.
The spreadsheet contains a list of the items you purchased, the amount that you paid, how you paid (i.e. what credit card you used), the address where the item was shipped, and more.
This is a great way to keep track of all of your Amazon purchases over the years, but there is a problem - you can't delete this information. Amazon will always have a complete, and very detailed history of the purchases you have made.
To avoid having a purchase from Amazon associated with you, you will need to use a separate Amazon account, fund it with a source different than that used for your primary account. (Use an Amazon Gift Card, or fund your new Amazon account through Privacy.Com). You should also have the items delivered somewhere other than your home address (think Amazon Locker here).
Now maybe you don't care that Amazon maintains a detailed list of all your purchases. Maybe you think it's a good service to let you review you entire purchase history - it is. But, what does that purchase history tell others about you? Groups like the American Library Association have long opposed the government gaining access to your reading history at libraries. Is your Amazon reading (purchase) history really that much different?
Cryptomator
Cryptomator encrypts file contents and names using AES. Your passphrase is protected against bruteforcing attempts using scrypt. Directory structures get obfuscated. The only thing which cannot be encrypted without breaking your cloud synchronization is the modification date of your files.
The program creates an AES-encrypted file in your Dropbox folder, Google Drive, or whatever other location you like. Just specify the file name, location and a passphrase, and you're done.
Once the vault is set up, Cryptomator mounts it as a virtual drive on your computer.
Save any documents to that drive, and they're automatically encrypted, then uploaded to the cloud (or to wherever your storage folder is located).
When you're finished, lock the vault, the virtual drive disappears, and no-one will even know it's there.
Cryptomator is a free and open source software licensed under the GPLv3. Cryptomator’s software works on Windows, Mac, and Linux, in both 32 and 64-bit flavors. A Java version is also available, for cross-platform compatibility.
Cryptomator Tutorial: Get Started (YouTube Video)
Some people have expressed a concern that a masterkey file is stored in the Cryptomator vault. This is supposed to be there. - "Inside the storage location of a Cryptomator vault, you will find a file called masterkey.cryptomator. This file is stored in the cloud to allow convenient access to a vault on different devices. This file contains encrypted data, which is needed to derive the masterkey from your password. The file does not contain the decrypted masterkey itself. In addition, some metadata about the vault (e.g., the version of Cryptomator used to create it) is also stored in this file. The encrypted key in masterkey.cryptomator is not more sensitive than the encrypted files themselves."
Digital Driver's Licenses
There's an app for almost everything these days, whether it's shopping, tracking your eating or exercise or finding your way. Now driver's licenses are making the transition from a card carried in a pocket or purse to a digital application on your mobile phone.
Colorado, Delaware, Idaho, Maryland, Wyoming and the District of Columbia are carrying out limited trials of digital driver's licenses. Iowa and Louisiana are planning to issue digital licenses to every motorist who wants one beginning this year.
What about the security of digital licenses in an age when it seems everything can be hacked? Digital licenses are protected by password, PINs and other security features in addition to the usual security built into phones, and state authorities can wipe a digital license remotely if a driver reports it lost to the Department of Motor Vehicles. (NBC News, May 24, 2018)
--
For data privacy, digital driver's licenses are an extremely bad idea. If you are stopped by the police for some minor traffic violation, the police officer will ask to see your driver's license, vehicle registration, proof of insurance, etc. But what does the police officer do with your documents? He or she takes them back to the police vehicle, runs your information through a data terminal mounted in the vehicle or radios the information into to a dispatcher who runs it.
If you driver's license is on your phone, the police officer now takes your unlocked phone back to the police vehicle. There is nothing to now prevent the police from taking a quick look through the content of your phone. Some police departments may even copy the entire content of your cell-phone as we see in this 2011 article in Geek. According to the article:
"If you’re a Michigan citizen, you may want to be careful about what you have on your cell phone. Apparently Michigan State Police have been using a high-tech mobile forensics device that can pull information from over 3,000 types of cell phones in under only two minutes.
The information the device is able to export is basically everything from your smartphone, including call history, deleted phone data, text messages, contacts, images, and GPS data. And don’t think you’ll be safe if your phone is password-protected, the device can get around that too.
The police don’t even need a warrant to scan your phone. They can pull your information without your consent, and without any reasonable cause. The Cellebrite UFED scanner has been used by MSP since at least August 2008.
It would be one thing if these scanners are being used on people who were suspected of a crime, but police officers are scanning the phones of drivers stopped in minor traffic violations."
Monday, May 28, 2018
Pornhub Launches VPNhub
PornHub launches VPNhub - a free and unlimited VPN service for anything (including p*rn)
PornHub wants you to keep your porn viewing activities private, and it is ready to help you out with its all-new VPN service.
Yes, you heard that right.
Adult entertainment giant PornHub has launched its very own VPN service today with "free and unlimited bandwidth" to help you keep prying eyes away from your browsing activity.
Dubbed VPNhub, the VPN service by PornHub is available for both mobile as well as desktop platform, including Android, iOS, MacOS, and Windows.
VPN, or Virtual Private Network, allows users to transmit data anonymously, avoids ISP-level website blocking or tracking and keeps your browsing activity private by encrypting your data, even when you are on public Wi-Fi connections.
VPNhub promises never to store, collect, sell, or share your personal information with any third parties for their marketing, advertising or research purposes.
VPNhub is available in countries across the globe except for Burma/Myanmar, Cuba, Iran, North Korea, Sudan, and Syria, due to the ban imposed by the U.S. government.
While mobile users (both iOS and Android) can download and use the VPNhub app for free, desktop users (MacOS and Windows) have to purchase a premium account.
You can also upgrade your free account to a premium subscription for $13 a month or $90 for a full year, which eliminates ads, provides faster connection speeds, and opens up "servers from a wide range of countries."
You can give premium VPNhub a try by using its use 7-day free trial. (Hacker News, May 24, 2018)
Ways to Protect Your Privacy from Amazon Echo
KOMO 4 News (May 27, 2018) provided tips that can help you protect your privacy when using voice controlled devices, like Amazon Echo. The article states "There's no way to eliminate these sorts of privacy risks short of unplugging entirely. But you can minimize the odds of unpleasant privacy surprises with these tips:
— KILL THE MIC
— LIMIT THE MIC
— ABOUT THAT CAMERA
— BLOCK THE SIGNALS
— BE INFORMED
Of course, the safest approach is not to buy a new gadget in the first place. That might not be practical for smartphones these days, but do you really need a smart speaker or a television set that's connected to the internet?"
Smart Meters - Surveillance of Your Home
According to the Seattle Times (May 13, 2018): Utility regulators are pushing utilities to adopt automated meter technology. But the American Civil Liberties Union and others warn it potentially threatens privacy and could pose health risks because of the radio signals used to transmit the information.
In 2017, the ACLU of Washington urged the Seattle City Council to consider requiring privacy protections before allowing the devices to be installed.
The meters, the ACLU argued, collect data in such ways that can reveal whether someone is home, and to some extent what they are doing in their home based on energy usage. And that data can be sold for marketing purposes, the ACLU and others warned. "The potential surveillance capabilities ... make clear and binding guidelines essential," ACLU Technology and Liberty Project Director Shankar Narayan wrote to the Seattle council. "In considering what safeguards might be appropriate, the City Council must consider the outer envelope of this (or any other) technology’s capabilities and ensure third-party verification of those capabilities, rather than rely on the assurances of the very vendors that stand to benefit from potential sales of Seattleites’ data."
The ACLU stated in its letter:
"We have consistently advocated for privacy protections and against government surveillance without appropriate checks and balances. Advanced Metering Infrastructure (AMI) is a surveillance-capable infrastructure that is being rapidly implemented in Seattle with little public transparency as to its privacy impacts and how they will be mitigated; without appropriate regard for the principles of Seattle’s own Privacy Program; and without a meaningful opportunity for individuals to offer informed consent."
According to the Electronic Frontier Foundation:
Smart meters also reveal intimate details about what’s going on inside the home. By collecting energy use data at high frequencies - typically every 5, 15, or 30 minutes - smart meters know exactly how much electricity is being used, and when. Patterns in your smart meter data can reveal when you are home, when you are sleeping, when you take a shower, and even whether you cook dinner on the stove or in the microwave. These are all private details about what’s going on inside your home...
The Washington Utilities and Transportation Commission says customers can choose not to have the advanced meters hooked up to their homes or businesses.
Sunday, May 27, 2018
Credit Security Freeze May Soon Be Free
According to CNN Money (May 22, 2018) - You will soon be able to freeze your credit report for free, a step that can help protect you from identity theft. The provision was included in a broader bill passed by the House on Tuesday, which rolled back regulations on banks created by Dodd-Frank. The bill now heads to President Donald Trump's desk.
The new legislation will make placing, lifting, and permanently removing freezes free no matter where you live. It also requires consumer rating companies to fulfill your request within one business day if made online or over the phone, and within three business days if requested by mail.
The changes will take effect about four months after the bill is signed.
In February 2018, I wrote about using a Credit Freeze for Privacy and Security.
Amazon Teams Up With Law Enforcement to Deploy Face Recognition Technology
The ACLU stated on May 22, 2018: Amazon, which got its start selling books and still bills itself as “Earth’s most customer-centric company,” has officially entered the surveillance business.
The company has developed a powerful and dangerous new facial recognition system and is actively helping governments deploy it. Amazon calls the service “Rekognition.”
Marketing materials and documents obtained by ACLU affiliates in three states reveal a product that can be readily used to violate civil liberties and civil rights. Powered by artificial intelligence, Rekognition can identify, track, and analyze people in real time and recognize up to 100 people in a single image. It can quickly scan information it collects against databases featuring tens of millions of faces, according to Amazon.
The ACLU released an open letter to Amazon CEO Jeff Bezos Tuesday, demanding Amazon to "stop powering a government surveillance infrastructure that poses a grave threat to customers and communities across the country."