Social Networkers Risk More Than Privacy | Privacy Digest

Here is another story about how bad people can use your social network presence against you. In this case, it is about home burglars using information about travel and vacation plans. This really demonstrates why I have this ambivalent relationship with social networking. On the one hand, I love being able to find and reconnect with old friends. On the other, I feel unable to use more than a tiny fraction of the capability because of the identity theft, privacy, and physical security issues associated with really opening myself to the world.

I even agonize over whether I should only “friend” real friends, so only they can see some of the content on my page. The other option is to accept everyone so analysts can’t tell who my real friends are from looking at my network.

In general I have opted out. Even anonymity is a tricky thing in this context. If I go in totally anonymously, then I really get very little benefit from the site. If I try to be anonymous but still connect with friends, the anonymity will be tissue thin and instantly penetrated by anyone interested.

The Proxy Fight for Iranian Democracy - Renesys Blog

This is an article worth reading and understanding. The gist is that the use of proxies to evade censorship in Iran is failing. They are now getting blocked faster than they can be created. This is a basic flaw in the idea of simply deploying a proxy and promoting it. One must assume that the Iranian censors are monitoring the same channels you are trying to use to promote the proxy. After all, a proxy no one knows about is of little use. Public open proxies are similarly doomed because the Iranian censors can use the same discovery tools you do to find such proxies. Also, once you try to let people know about them, the same problem applies as with new proxies.

Distribution of a given proxy address to only a small number of people solves that problem, but it is very limiting. It takes tremendous numbers of proxies to serve a large population, and only those with contacts who have set up proxies are protected.

There are solutions to these problems, but they require substantial technical skills and resources to implement.

If you have contacts within Iran, do what you can to set up closed proxies that they can use to bypass censorship. In the short run, it is an effective action you can take right now. A good place to start would be here.

Israel recently forced Google to hand over the identity of a blogger. Declan McCullagh wrote a good post covering the facts of the case. This case illustrates one of the problems caused by the international nature of the Internet. A message, article, or blog post you write (completely legally) in your country, may subject you to prosecution and punishment in another. I am not thinking here of obvious and major crimes such as fraud, child pornography, etc. (and even these are not universally criminal), but rather of more subtle speech and thought crimes.In the United States, the “truth” is an absolute defense in liable cases, while in the UK it is not (lawyers in the audience, please correct me if I am in error here). Denial of the holocaust  is protected first amendment speech in the US but not in much of Europe. Personal sharing of copyrighted materials is legal in many countries, but not the US. Think cartoons of Mohammed, the Satanic Verses, the secret teachings of the Scientologists, pictures of Burmese protests, publishing of Cryptography software. Each of these is legal in some countries and not in others.How can anyone know if their words or actions might be illegal in some country somewhere in the world. 

Free Secure Email Certificates Secure Email Certificate Email Security Digital Email SignaturesUsing email encryption is often a complicated and painful process. These days strong SMIME based encryption is built in to almost all major email clients. The cost and complexity of  obtaining the necessary cryptographic certificates is the biggest obstacle to wide spread use at this point. Sites like Comodo make the process easier. While the security model is not perfect, any reasonable application of crypto and certificates will vastly improve the general security of email.

Wired has a blog
on a shareholder initiative by Google shareholders to force the company to oppose and prevent government sponsored censorship. The initiative is sponsored by 5 major public pension funds in New York. While their voting impact is insignificant, this is symbolically a major move to raise the visibility of the impact of corporate decisions on human rights issues.