From 1f1354fe8b37d44a5d932c935de3b49529707539 Mon Sep 17 00:00:00 2001 From: User Date: Sat, 18 Nov 2023 19:36:55 +0100 Subject: [PATCH] add new entries --- home.html | 132 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 132 insertions(+) diff --git a/home.html b/home.html index 0be2228..31991ab 100644 --- a/home.html +++ b/home.html @@ -26,6 +26,138 @@

+ +
EFF
+
Section 702 +

We all deserve privacy in our communications, and part of that is trusting that the government will only access them within the limits of the law. But it's now clear that the government hasn’t respected any limits on the intelligence community or law enforcement. When it comes to Section 702, a law that continues to allow spying on Americans, they've ignored our rights.

+

Read the article here.

+
+
+
2023
+
nation stateregulations
+ +
Rachel Tobac
+
Remove Yourself From Google +

Google your name plus the words “phone number”, “email address”, or “address”. Do you see your sensitive personal info on data brokerage sites? + Google has a tool to request a takedown of that info from Google itself (but doesn’t remove it from the other sites). + Steps for Google removal request: + - click the three vertical dots next to the Google results you want removed + - click "remove result" + - click “it shows my personal contact info”, following remaining steps.

+

See the tweet here.

+
+
+
2023
+
HBCguides
OPSECOSINTtools
+ +
DeleteMe
+
DeleteMe +

DeleteMe is a tool to help you remove your personal information from data brokerage sites. The service is paid, but the site offers many diy-opt-out guides helpful to remove your data from online brokerage services.

+

See the guides here.

+
+
+
2023
+
HBCguides
OPSECOSINTtools
+ +
WIRED
+
Encrypted Messaging Isn't Magic +

As the adage goes, there's no such thing as perfect security. And feeling invincible could get you in trouble. End-to-end encryption transforms messages into unintelligible chunks of data as soon as a user presses send. From there, the message isn't reconstituted into something understandable until it reaches the receiver's device. Along the way, the message is unreadable, protected from prying eyes. It essentially amounts to a bodyguard who picks you up at your house, rides around with you in your car, and walks you to the door of wherever you're going. You're safe during the transport, but your vigilance shouldn't end there.

+

It's easy to forget in practice that people you message with could show the chat to someone else, take screenshots, or retain the conversation on their device indefinitely. You also need to keep track of how many devices you've stored your encrypted messages on. If you sync chats between, say, your smartphone and your laptop, or back them up in the cloud, there are potentially more opportunities for the data to be exposed. Your chats may be encrypted, but your backups may not.

+

Read the article here.

+
+
+
2018
+
RCmobile phones
messagingcases
+ +
HackerNoon
+
Seven Reasons To Question Telegram's Privacy Claims +

Telegram seen as the gold-standard for secure messaging is deeply concerning. So here are 7 reasons why Telegram isn't as secure as it paints itself to be.

+

Read the article here.

+
+
+
2021
+
RCmobile phonesmessaging
+ +
TechCrunch
+
Telegram Leaks User IP Addresses To Contacts +

The popular messaging app Telegram can leak your IP address if you simply add a hacker to your contacts and accept a phone call from them. TechCrunch verified the researcher’s findings by adding Simonov to the contacts of a newly created Telegram account. Simonov then called the account, and shortly after provided TechCrunch with the IP address of the computer where the experiment was being carried out.

+

Telegram boasts 700 million users all over the world, and has always marketed itself as a “secure” and “private” messaging app, even though experts have repeatedly warned that Telegram is not secure.

+

Read the article here.

+
+
+
2023
+
RCmobile phones
casesmessaging
+ +
DARPA
+
LifeLog +

Run by Darpa, the Defense Department's research arm, LifeLog aimed to gather in a single place just about everything an individual says, sees or does: the phone calls made, the TV shows watched, the magazines read, the plane tickets bought, the e-mail sent and received. Out of this seemingly endless ocean of information, computer scientists would plot distinctive routes in the data, mapping relationships, memories, events and experiences, raising significant privacy concerns.

+

LifeLog was discontinued on the same day Facebook was launched. The two platforms function close to identical in scope and have raised the question why citizens are more comfortable sharing private information with corporations than with their governments as concerns around privacy persist.

+

Read more about LifeLog here.

+
+
+
2004
+
nation statesocial media
+ +
Barry Brown
+
Studying The Internet Experience +

In a number of areas – privacy, personalisation and community – there are opportunities to improve user experience of the Internet. Users are often concerned about giving there personal details over the internet because of problems related to privacy and misuse of information. These concerns go beyond hacking and fraud and include the tracking of browsing habits and personal information without individuals’ knowledge.

+

In the US double -click ran into considerable bad publicity over their plans to misuse their user data. Along with these problems, there are a number of new internet technologies with offer the opportunity to improve the internet user experience. Two examples of this are new personalisation technology, and new peer-to-peer sharing systems. New personalisation technologies offer the possibility of presenting timely personalised information. By tracking individuals purchases and tastes it is possible that these systems could begin to manage more of the internet user experience.

+

This uncovered something of a “privacy paradox” between users complaints regarding privacy.

+

Read the research here.

+
+
+
2001
+
HBCresearchsocial media
+ +
Daniel J. Solove
+
The Myth Of The Privacy Paradox +

In this article, Professor Daniel Solove deconstructs and critiques the privacy paradox and the arguments made about it. The “privacy paradox” is the phenomenon where people say that they value privacy highly, yet in their behavior relinquish their personal data for very little in exchange or fail to use measures to protect their privacy.

+

Managing one’s privacy is a vast, complex, and never-ending project that does not scale; it becomes virtually impossible to do comprehensively. Privacy regulation often seeks to give people more privacy self-management, such as the recent California Consumer Privacy Act. Professor Solove argues that giving individuals more tasks for managing their privacy will not provide effective privacy protection. Instead, regulation should employ a different strategy — focus on regulating the architecture that structures the way information is used, maintained, and transferred.

+

Read the article here.

+
+
+
2020
+
regulationresearch
+ +
Boston Law Review
+
Privacy Harms +

The requirement of harm has significantly impeded the enforcement of privacy law. In most tort and contract cases, plaintiffs must establish that they have suffered harm. Even when legislation does not require it, courts have taken it upon themselves to add a harm element. Harm is also a requirement to establish standing in federal court. In Spokeo v. Robins and TransUnion v. Ramirez, the U.S. Supreme Court ruled that courts can override congressional judgment about cognizable harm and dismiss privacy claims.

+

This article makes two central contributions. The first is the construction of a typology for courts to understand harm so that privacy violations can be tackled and remedied in a meaningful way. Privacy harms consist of various different types, which to date have been recognized by courts in inconsistent ways. Our typology of privacy harms elucidates why certain types of privacy harms should be recognized as cognizable.

+

The second contribution is providing an approach to when privacy harm should be required. In many cases, harm should not be required because it is irrelevant to the purpose of the lawsuit. Currently, much privacy litigation suffers from a misalignment of enforcement goals and remedies. We contend that the law should be guided by the essential question: When and how should privacy regulation be enforced? We offer an approach that aligns enforcement goals with appropriate remedies.

+

Read the paper here.

+
+
+
2022
+
regulationresearch
+ +
US Supreme Court
+
Video Privacy Protection Act +

The Video Privacy Protection Act of 1988 (codified at 18 U.S.C. § 2710 (2002)) was passed in reaction to the disclosure of Supreme Court nominee Robert Bork's video rental records in a newspaper. The Act is not often invoked, but stands as one of the strongest protections of consumer privacy against a specific form of data collection. Generally, it prevents disclosure of personally identifiable rental records of "prerecorded video cassette tapes or similar audio visual material."

+

The act was envoked in 2008 in a class action law suit against Blockbuster Inc. over participation in Facebook's discontinued Beacon program, which formed part of Facebook's advertisement system that sent data from external websites to Facebook for the purpose of allowing targeted advertisements and allowing users to share their activities with their friends. Beacon reported to Facebook on Facebook's members' activities on third-party sites that also participated with Beacon even when users were not connected to Facebook, and happened without the knowledge of the Facebook user. A similar lawsuit was brought against Netflix in 2009, when it disclosed insufficiently anonymous information about nearly half-a-million customers as part of its $1 million contest to improve its recommendation system leading to the alleged outing of a lesbian mother.

+

Read more about the Video Privacy Protection Act here.

+
+
+
1988
+
regulationRC
social mediaLGBTQ+cases
+ +
Facebook
+
Facebook Connect +

Facebook Connect, also called Log in with Facebook, is a set of authentication APIs from Facebook that developers can use to help their users connect and share with such users' Facebook friends (on and off Facebook) and increase engagement for their website or application. When so used, Facebook members can log on to third-party websites, applications, mobile devices and gaming systems with their Facebook identity and, while logged in, can connect with friends via these media and post information and updates to their Facebook profile. But sometimes, especially on lesser known websites, using Facebook's universal login feature may carry security risks, according to research from Princeton University. The tracking scripts documented by Steven Englehardt, Gunes Acar, and Arvind Narayanan represent a small slice of the invisible tracking ecosystem that follows users around the web largely without their knowledge. Facebook says the ability to scrape data through Facebook Connect has been patched.

+

Read more about Facebook Connect's privacy violations here.

+
+
+
2018
+
casesHBCRCsocial media
+ +
Danielle Citron
+
The Fight For Privacy +

Privacy is disappearing. From our sex lives to our workout routines, the details of our lives once relegated to pen and paper have joined the slipstream of new technology. As new technologies invite new violations, people have power over one another like never before, from revenge porn to blackmail, attaching life-altering risks to growing up, dating online, or falling in love. The Fight for Privacy takes the focus off Silicon Valley moguls to investigate the price we pay as technology migrates deeper into every aspect of our lives: entering our bedrooms and our bathrooms and our midnight texts; our relationships with friends, family, lovers, and kids; and even our relationship with ourselves.

+

Danielle Citron is a professor of law at the University of Virginia and a civil rights advocate. Buy the book here.

+
+
+
2023
+
booksHBCRC
LGBTQ+cases
+
Opsec 101
Opsec 101

This guide covers the basics of Opsec in a way that most anyone should be able to understand. This guide is split up into topics designed to be linked to directly for the purpose of convenient educational discussion. As this is intended for all audiences, it will be rich in easily destroyable strawmen examples that do not necessarily reflect complex realistic threats and risks.

This guide is not a "how to be anonymous on the internet", "how to protect yourself online", or "best practices" guide. Those are all countermeasure-first approaches that assume a threat model that applies to you (when it often doesn't). Instead, this guide teaches you how to understand that for yourself through the opsec process. While many guides can be useful to learn about potential threats and countermeasures, the countermeasure-first approach of the "best practices" fallacy has no place in opsec and ultimately leads to baseless paranoia.

Read the guide here.