Tag: privacy

New Zealand spy agency uses ‘computer network exploitation’ to take digital information

One of the country’s two spy agencies has revealed it retrieves information directly from where it is stored or processed on computers.

The “computer network exploitation” operations have been a highly-classified secret at the GCSB until now.

US commentators refer to computer network exploitation as a form of cyber warfare, or the “theft of data”.

“Our legislation … allows us to access information infrastructures, which is more than just interception,” the Director-General of the Government Communications Security Bureau, Andrew Hampton, said.

It “also allows us to retrieve digital information directly from where it is stored or processed”.

The GCSB refers to this as “accessing information infrastructures”.

The spy watchdog, the Inspector-General of Intelligence and Security, Brendan Horsley, cited Hampton’s speech to the Institute of International Affairs in May, for making the revelation.

This had freed Horsley up to be able to assure the public that the exploitation operations were scrutinised, he said in his annual report released on Friday.

Previously, he had had to refer to “certain operations”.

“Although it was subject to oversight, it was not possible to provide any clear public assurance of this.”

In fact, he had conducted a review that found the compliance systems around CNE “to be generally effective and appropriate”.

However, he was still not allowed to go into details “on the bureau’s use of this important capability”.

Keep reading

UN pushes COP27 app that has ability to spy on private conversations and access encrypted texts

Security advisers from Western countries are warning delegates attending the COP27 climate summit not to download the Egyptian government’s official app. The app is supposed to help attendees of the event with navigation but has major privacy concerns – allowing the app to be used as a surveillance tool.

The app is recommended on the official UN website for the COP27.

POLITICO says a potential vulnerability was found by four different cybersecurity experts that reviewed it. The news outlet claims that the app can allow the Egyptian government to read users messages, emails, and even communications via encrypted messaging platforms like Signal and WhatsApp.

The app can track location through GPS and WiFi. It also requires a permission that could allow the government to spy on conversations even when the device is in sleep mode.

The app also gives the government back-door privileges to scan users’ devices.

Some experts said much of the access and data the app gets are fairly standard. Additionally, so far, there is no evidence that people’s messages and emails have been read or users’ location tracked.

The main problem is the combination of the access it has and the Egyptian government’s record with tracking. According to Privacy International, following the Arab Spring, the Egyptian government has cracked down on dissidents and used emergency rules to track citizens both online and offline.

Keep reading

Australia’s Commonwealth Bank begins tracking transactions, links it to carbon footprint

Australia’s Commonwealth Bank (CBA) has added a new feature to its online banking software that tells customers their carbon footprint based on monthly spending. The move follows a partnership between the bank and CoGo, a company that provides carbon footprint management solutions.

According to the bank, the national average of carbon emitted is 1,280 kilograms, while a sustainable figure is 200. The bank has provided the option to “pay a fee” to offset the carbon footprint.

CBA said it does not share data with CoGo. It added that eventually the data will be broken down into each individual transaction.

The bank calculates a person’s carbon footprint based on the transactions using their credit or debit cards.

Keep reading

Google Employees Are Laughing at You for Thinking ‘Incognito Mode’ Is Private

According to a series of internal communications discovered in court, Google employees joked about Chrome’s “Incognito mode” and criticized the company for failing to meet users’ expectations of privacy.

Google is currently the target of a class action lawsuit in California over its misleading claims of privacy.

Court documents obtained by Bloomberg reveal that a Google engineer suggested in 2018 that the Incognito mode icon be changed to “Guy Incognito,” a Simpsons character who looks exactly like Homer Simpson except for his mustache. According to the Google employee, the character “accurately conveys the level of privacy [Incognito mode] provides” compared to Chrome’s standard browsing mode.

In a 2021 email, Google marketing chief Lorraine Twohill urged the implementation of a more secure Incognito mode as a means of gaining users’ trust.

“Make Incognito Mode truly private,” Twohill wrote. “We are limited in how strongly we can market Incognito because it’s not truly private, thus requiring really fuzzy, hedging language that is almost more damaging.”

Studies have shown that the language used by Google contributes to the misconception that “Incognito mode” is truly private.

“We found that browsers’ disclosures fail to correct the majority of the misconceptions we tested,” researchers at the University of Chicago and Leibniz University Hannover wrote in 2019. “These misconceptions included beliefs that private browsing mode would prevent geolocation, advertisements, viruses, and tracking by both the websites visited and the network provider.”

Keep reading

United States Government Has Plans of Creating an AI that Can Expose Anonymous Writers

According to a recent announcement by the Office of the Director of National Intelligence (ODNI), the Intelligence Advanced Projects Activity (IARPA) is developing a program to unmask anonymous writers. IARPA will use AI to analyze anonymous writers’ style. According to Cindy Harper of Reclaim the Net, a writer’s style “is seen as potentially being as unique as a fingerprint.” 

“Humans and machines produce vast amounts of text content every day. Text contains linguistic features that can reveal author identity,” IARPA stated.

If IARPA succeeds with its venture, it believes that the Human Interpretable Attribution of Text Using Underlying Structure (HIATUS) program could identify a writer’s style from multiple samples and change those patterns to increase the anonymization of the writing. 

“We have a strong chance of meeting our goals, delivering much-needed capabilities to the Intelligence Community, and substantially expanding our understanding of variation in human language using the latest advances in computational linguistics and deep learning,” declared HIATUS program manager Dr. Timothy McKinnon.

On top of that, IARPA said it will create explainability standards for the program’s AIs.

ODNI revealed that HIATUS could have several applications, which includes fighting foreign influence activities, defending writers whose work may potentially endanger them, and identifying counterintelligence risks. Per McKinnon, the program can identify if a machine generated or a human being wrote the text.

However, Harper noted that “it is not IARPA’s work to turn HIATUS into something usable. The agency’s work is only to develop the technology.” Regardless, it’s becoming clear that the ruling class has it in for anonymous writers and those who use pen names. 

Keep reading

Surveillance shift: San Francisco pilots program allowing police to live monitor private security cameras

Last week San Francisco city leaders approved a 15-month pilot allowing police to monitor live footage from surveillance cameras owned by consenting businesses and civilians without a warrant.

The 7-4 decision by the San Francisco board of supervisors was a major loss for a broad coalition of civil liberties groups that had argued the move would give police unprecedented surveillance powers. It also seemingly marked a departure from the progressive stance on surveillance the city’s leadership had previously maintained.

In May 2019, the board had made history by making the city the first to ban the use of facial recognition by any local government agency. At the time, supervisor Aaron Peskin said, the city had an “an outsize responsibility to regulate the excesses of technology”.

But more than three years, a pandemic and many protests against police injustice later, some members of the board now say they need to balance concerns for privacy with the need to allow law enforcement officials to “utilize certain technologies to make San Francisco safer”.

Privacy advocacy groups say the shift is part of a larger phenomenon in cities across the US, where fears of both perceived and real increases in crime have prompted police and elected officials to expand the use of surveillance technology, even if there isn’t always clear evidence those technologies are effective at deterring or solving crimes.

Keep reading

The US edges closes to passing digital ID legislation

The Senate Homeland Security and Governmental Committee has approved the Improving Digital Identity Act, a legal framework for digital ID systems for US citizens.

We obtained a copy of the bill for you here.

The House Oversight and Reform Committee already voted to pass the legislation in July.

The Improving Digital Identity Act is a bipartisan bill sponsored by Senators Cynthia Lummis (R-Wyo.) and Kyrsten Sinema (D-Ariz.). It aims to create a public-private digital identity task force tasked with “improving” digital ID verification systems in government agencies.

The legislation would also allow the Department of Homeland Security to award grants for advancements to digital identity verification systems. Territorial, tribal, local, and state governments would be eligible to receive funding for the establishment of interoperable and secure digital ID systems.

The legislation would also require the Government Accountability Office (GAO) to provide Congress with reports on the cost savings of the wide use of digital ID systems.

Critics of digital ID systems say such systems raise privacy concerns. Supporters of these systems argue that they will help prevent identity fraud and improve economic activity by providing secure online transactions.

Keep reading

US government plans to develop AI that can unmask anonymous writers

The Office of the Director of National Intelligence (ODNI) said that the Intelligence Advanced Projects Activity (IARPA) is working on a program to unmask anonymous writers by using AI to analyze their writing style which is seen as potentially being as unique as a fingerprint.

“Humans and machines produce vast amounts of text content every day. Text contains linguistic features that can reveal author identity,” IARPA said.

If successful, IARPA believes the Human Interpretable Attribution of Text Using Underlying Structure (HIATUS) program could identify a writer’s style from different samples and modify those patterns to further anonymize the writing.

“We have a strong chance of meeting our goals, delivering much-needed capabilities to the Intelligence Community, and substantially expanding our understanding of variation in human language using the latest advances in computational linguistics and deep learning,” said HIATUS program manager Dr. Timothy McKinnon.

IARPA said that it will also develop explainability standards for the program’s AIs.

Keep reading

The digital dollar will not be anonymous, Federal Reserve chair Jerome Powell says

Despite privacy being one of the main concerns citizens have about central bank digital currencies (CBDCs), the heads of the United States (US) Federal Reserve and European Central Bank (ECB) have confirmed that their respective CBDCs will not be anonymous.

During an appearance at a Banque de France (Bank of France) event, the chairman of the Federal Reserve, Jerome Powell, said if the US were to pursue a central bank digital currency (CBDC), it would be “identity verified” and “not anonymous.”

“We would be looking to balance privacy protection with identity verification, which…has to be done, of course, in today’s traditional banking system as well,” Powell added.

Keep reading

Google Is Like ‘a Stranger Watching Your Child Through Their Bedroom Window’

By default, Google Chrome allows any and all tracker cookies to follow your every move online.

Google is without a doubt the largest and clearest monopoly on the planet. It dominates online searches and advertising, which in and of itself leads to automatic bias.

As noted by Google’s founders Sergey Brin and Lawrence Page in their 1998 paper, “The Anatomy of a Large-Scale Hypertextual Web Search Engine,”

“… [W]e expect that advertising funded search engines will be inherently biased towards the advertisers and away from the needs of consumers.”

Google has also infiltrated many other areas of our day-to-day lives, having acquired dozens of other companies you might not realize belong to Google or its parent company, Alphabet.

Among the most well-known are YouTube, the largest video platform on the web, and Android, one of the most popular operating systems worldwide.

Google also has significant influence over urban developmenthealth care and childhood education.

Keep reading