Archive for April 2010
Read this post from IntelFusion. It makes a very strong case for why I worry about any privacy system run by operators you can’t really trust, investigate, and verify. In this case it is an investigation of Glype servers. They can be configured to do significant logging, and the author has been able to remotely retrieve the logs from many of the Glype servers. The results show many users from within sensitive US Government organizations and would provide the ability for an attacker to gather all kinds of useful intelligence to find soft targets to exploit.
On the personal privacy side, it is an easy way for attackers to intercept usernames, passwords, travel plans, personal information and more for use in, identity theft, burglary, and hacking among other things.
For a long time I have been saying that storage is cheap and that one should assume that anything put out on the Internet will live forever. It looks like that is even being institutionalized. The US Library of Congress recently announced that it will be creating a public archive of every tweet sent since the founding of Twitter.
This kind of resource will keep tabloids in business for decades to come. Generations of celebrities yet undiscovered should be concerned about their old unguarded, but now professionally preserved, brain droppings.
For the record, I am not opposed to this archiving. It is happening anyway in private databases. This just makes the issue more visible and helps to raise awareness. It is similar in many ways to The Internet Archive project.
I strongly encourage anyone with a commitment to Internet anonymity to read this blog post. An organized opposition to the existence of such anonymity is growing. Of course, like attempt to clamp down on cryptography, it will only impact the law abiding while criminals use bots and other tools to circumvent the restrictions.
Between this and the push to remove the expectation of privacy from all stored emails, I am very concerned.
This article does a nice job of making a point I have been talking around for some time. The Internet naturally supports pseudonymity, and that is really what we want most of the time. When I talk to someone on-line, I am most interested that I am still talking today with the person I started talking to last month. Whether the name actually corresponds to their birth certificate is not important (and I would not have any idea in a real world encounter either).
Having just finished initial testing with the actual iPad device, I am pleased to announce that Anonymizer Universal (AU) provides the same level of support on the iPad that we have been providing for the iPhone and iPod Touch!
Considering how these devices are going to be used, the combination of privacy along with the security when using insecure WiFi is really critical.