Privacy & Surveillance

Ich hatte einen Tor-Exit-Node betrieben für einige Tage und bei meinem Provider (netcup.de) flatterte natürlich ein DMCA takedown notice herein. Wegen eines Torrents, von dem sie ( "CBS Corp" nicht netcup...) die Metadaten gefunden haben. Netcup hat danach meinen vServer runtergefahren - und mir ne Rechnung über 192€ plus Drohung, mich anzuklagen, würde ich nicht innerhalb von 24h CBS die gewünschte Antwort schicken plus der Bemerkung, für jede angefangenen 15 Minuten Arbeit, die sie hätten, würden sie mir weitere 20€ in Rechnung stellen. (...)

Arian Sanusi auf der Tor-Mailingliste (24.01.2010)

Nice demonstration of the CSS/history privacy issue: whattheinternetknowsaboutyou.com. Also currently in the news: EFF's Panopticlick.

An old friend of mine has sketched a picture of me because I am always keeping him (and others) up-to-date on privacy and surveillance news in our school forum.



(click to enlarge)

Thanks Butz! Great artwork! Continue reading "Data - Protection - Conscious - Man"

"PET-CON 2009.1
an informal workshop on Privacy Enhancing Techniques

March 24-25, 2009, Dresden, Germany

PET-CON is a convention to help junior researchers, master and diploma students, to come together and exchange ideas. For this purpose, we're
holding this event every six months at an easily reachable location somewhere in Germany or nearby.

The convention is organized according to the grass roots approach: from young researchers for young researchers. Therefore, there is no formal
dress code, no filtering of contributions, and no participation fee. If possible, we plan the convention in a way which allows people to travel
there and back home on the same day -- so that busy people can participate as well. Continue reading "PET-CON: An Informal Workshop on Privacy Enhancing Techniques"

The onion routing project Tor has published a three-year development roadmap. It contains a lot of interesting material and research topics, like a mechanism to turn reliable clients into bridges/relays automatically, and 'bonus points' for well-behaving relays.

One of the largest "identity thefts" in German history turned out to be a bizarre christmas story: Account data of 130,000 customers of the Landesbank Berlin (LBB) was delivered to the Frankfurter Rundschau (a German newspaper) on December 10th - allegedly even including PINs.

How did this happen? It was all about Stollen, a traditional German christmas fruitcake. Continue reading "A Most Amazing (and funny) Privacy Scandal"

With the help of Tor and its so-called "hidden services", you can publish content anonymously and censor-resistant. Gateways such as Tor2Web allow easy access to these contents without the need to install Tor as reader. Still, there's only a handful of (known) hidden services, more or less useful. While the technology and infrastructure is available (there's even a free anonymous webhoster), the majority of users is not tech-savvy enough to benefit: In times where the largest group of media workers jailed worldwide are bloggers, Web-based reporters, or online editors (more than 120 journalists in prison today), we need an easy-to-use platform for online journalists. Continue reading "Proposal for Tor Hidden Services"

Hier der zweite Linkrückblick zu Privatsphäre-Themen im Januar.

Vorratsdatenspeicherung, Online-Durchsuchung, Polizeikongreß, Reisepaß, Datenpannen, Sexualstraftäterdateien/-überwachung, Fluggastdaten. Zum ersten Mal gehört: Ausweispflicht in Internetcafés. Continue reading "Privatsphäre im Januar - Ein Linkrückblick"

Quite a few things happened this month in regard to privacy. I highly recommend the 24C3 Conference Talk about Tor to all german readers. Tor allows oppressed citizens of censoring countries such as China and the USA (see below) to bypass filters and surf anonymously, but only with your support (see "related links"). It is not yet clear whether german Tor nodes will be required to log IP data next year as a result of the new data retention law passed in December, which will effectively kill most of them (the amount of data collected over a period of 6 months will be several terabytes). The Chaos Computer Club argues that Tor and similar anonymity services cannot be seen as communication providers and thus are not affected by the law, the Arbeitskreis Vorratsdatenspeicherung isn't so sure about that. We'll see.

One month after Austria has passed a new controversial security law (Sicherheitspolizeigesetz) which allows police to access provider data (including cellphone location and IPs) without the consent of a judge, the left wing party Die Grünen set up a video/blogging platform to monitor Home Secretary Günther Platter, PlatterWatch. More importantly, they published a draft form of Viennas police, which in it's current form allows up to 30 queries at once and supports police officers with clearly illegal requests, for example for IMSI information. The party argues that with the responsibility to decide if a request is legal in the hands of the provider - who might be faced with hundreds of requests - this will certainly lead to abuse.

Video surveillance is another hot topic in Austria at the moment. While many attorneys state that more than 100.000 video cameras are currently being operated without legal grounds, the Ministry of Transport plans to monitor highways and automatically detect car types and license plates in one central police database. Also, federal government is looking into "suitable legal foundations for public video surveillance by individuals".

On a side node: AT&T is preparing to filter internet content for copyright violations.

I have cited a few more privacy related news from Heise Newsticker in the german version of this article for all german readers.