You've Lost Privacy, Now They're Taking Anonymity



If you'll check the lenght of the video it might scare you. That's what happened to me at least.
I saved the link and opened it next day. I'm glad I did because it's an interesting presentation.

Need more time to watch the rest.

There's no time. They already took it all from you.

2.5 hours? Who knows, I might get around to that next year or the year after that... can it be properly followed by audio alone? In that case it'd be a heck of a lot easier to listen to.

On a related note, this just happened:

The European Commission put forward its EU Data Protection Reform in January 2012 to make Europe fit for the digital age (IP/12/46). Today, an agreement was found with the European Parliament and the Council, following final negotiations between the three institutions (so-called 'trilogue' meetings).

More than 90% of Europeans say they want the same data protection rights across the EU - and regardless of where their data is processed: this will soon be a reality. The Reform package will put an end to the patchwork of data protection rules that currently exists in the EU.

On a related note, this just happened:

Is that good or bad?
Generally, when 90% of people wants the same thing it's because the thing is bad. Quantity was never a synonym of quality...

There's no time. They already took it all from you.

I want my time back and I want it now.

Is that good or bad?

If you don't live in Germany, it should be good. If you live in Germany, I suppose nothing really changes.

This is how secure passports get hacked

All EU passports contain electronic information about facial geometry and fingerprints stored in  so-called RFID chip in the passport. The abbreviation stands for "radio frequency identification" and the microchip may send more or less advanced information via radiowaves that can be received from various distances by means of various measuring instruments.

[...]

"They can pick up your name, fingerprints, facial geometry and, in principle, all other information that is inscribed in the passport and even some control numbers... To manufacture new passports, we have seen it Middle East and also in Russia. The only ones we have managed to trace back officially are Swedish passports made in Israel," says Lars Strömberg [researcher of biometrics at KTH].

Looks like European passports beam all their contents via radiowaves. The idea of biometrical passports is stupid by itself, but to make it beam too is beyond stupid.

The RFID chip is (or should be) shielded with some metal, meaning it can only be read while open. So although the article answers everything when asking whether "Så när jag går runt med mitt pass på flygplatsen, vad kan en duktig hacker göra?" (When I hunt/walk around the airport with my passport, what can a hacker get, or something like that ) the answer is a little less alarmist. It's when you walk around the airport with your passport open, that a hacker could "plocka ditt namn, ditt personnummer, ditt fingeravtryck, din ansiktsgeometri och i princip all annan information som är inskriven i passet." So the young guy sitting within ten meters would have to be sitting near the passport control or a check-in counter for maximum effect, or be satisfied with a very low yield of information.

Still, I'm surprised this stuff is supposed to work within as much as 10 meters. I'd have figured no more than a meter at most.

Still, I'm surprised this stuff is supposed to work within as much as 10 meters. I'd have figured no more than a meter at most.

I would have thought the mechanism of reading the passport would be sensible, in the manner of stripe code scanners. I would have thought that the chip would be readable upon immediate physical contact with a specifically designed right kind of device, not at a distance with any device. I would have thought that eurobureaucrats have some common sense, but evidently this is an exceedingly rare commodity these days amongst our beloved rulers.

The "funny" thing is that this is supposed to provide extra security against falsifying passports, but mostly it seems it just makes them more expensive.

Skype finalizes its move to the cloud, ignores the elephant in the room - The move away from peer-to-peer has its virtues, but much is left unanswered

This peer-to-peer system was generally perceived as being relatively private; with no central servers the assumption was that there was no central ability to perform wiretaps or other forms of eavesdropping. This belief was in fact mistaken.

Yes, the belief is mistaken, if there's no encryption. Without encryption, it's as private as email, i.e. it isn't.

As well as addressing certain constraints of the peer-to-peer network, [Skype's] new cloud-based system is used to underpin various other Skype features. For example, on the peer-to-peer network file transfers required the recipient to be present and to accept the transfer (with the file subsequently transported directly between the clients). File transfers on the new network go via the cloud, allowing fire-and-forget transfers, even to recipients that are temporarily away.

More irreversibility to thoughtless/erratic click action is just what we need. There's never enough of that, right?

The Ed Snowden leaks raised substantial questions about the privacy of services such as Skype and have caused an increasing interest in platforms that offer end-to-end encryption. The ability to intercept or wiretap Skype came as a shock to many, especially given Skype's traditionally peer-to-peer infrastructure. Accordingly, we've seen similar services such as iMessage, WhatsApp, and even Facebook Messenger, start introducing end-to-end encryption.

The abandonment of Skype's peer-to-peer system can only raise suspicions here.

Microsoft's rationale for the system change is fair enough. The new network topology probably does make sense for the kinds of clients that are proliferating, and it's plausible that it will make building new features and capabilities much easier going forward. I don't personally think the work is being done for any nefarious purpose, not least because I don't think such a thing is even necessary: that nefarious purpose--spying on Skype communications--appears to be adequately addressed by the peer-to-peer network. I'm sure the technical rationale is accurate.

But the company's blog post completely ignores these concerns. Ctrl-F that thing for "privacy" or "security" and no results are found. Similarly "encryption." Nor do we see words like "specification" or "protocol." And in this day and age, it's not clear that any of this is really good enough.

Microsoft has been consistently silent on this. The Skype protocol remains undocumented and proprietary; we do not authoritatively know where and how encryption is used or what the limits of the system are. ---

The entire system is a black box. Much of this Microsoft inherited when it bought Skype; the client application actually contained anti-debugger systems to make it harder to reverse engineer: not only was it a closed network, it actively impeded any efforts to open it up, even slightly. These systems have now been removed, but this change was made only recently. Even with this change, the Skype clients lack any kind of a meaningful API, so we cannot even readily add our own encryption on top of the Skype network; this rules out layered systems, such as Off The Record, that add end-to-end encryption of text networks such as AIM and IRC.

No comment.