Notices by Sean O'Brien (diggity@mastodon.social)

the point here is not to praise IBM, but that there was a recognition of fundamentals about privacy almost 40 years ago that #BigTech is just now "waking up to". The understanding that data is a toxic asset, and that only information that's essential should be collected, is on display here. At least in marketing... from the biggest tech company of the day.

circa 1980. "And we concluded that one excellent way to protect people was to collect less information about them."

#privacy switches in @PINE64 PineBook: https://www.forbes.com/sites/jasonevangelho/2019/07/05/google-chromebook-challenger-pinebook-pro-gets-privacy-switches-and-july-pre-order-date/

well, this event eclipses the 2016 Quest breach by an order of magnitude... I wonder how similar the attack vector / methodology was between the two.

https://www.businessinsider.com/quest-diagnostics-says-data-breach-could-have-hit-119-million-patients-2019-6

.@torproject protects people facing real threats to their liberty, autonomy, and lives. All privacy-by-design technologies can be used by criminals. Arguments against Tor that merely highlight criminal activity have been levied against the Internet in general, esp. by the worst dictators.

it turns out that NYTimes "Privacy Project" was a honeypot for privacy advocates all along (who built a ladder of legitimacy for Google to climb), not just readers (who had their data pilfered by tons of Big Tech trackers). #SurveillanceCapitalism

#abusedanimals #heavypetting

a writeup on NY privacy legislation I'm helping to draft alongside Rohan Grey with Ron T. Kim: https://www.governing.com/week-in-finance/gov-tech-companies-tax-data-states.html

@mikegerwitz ...called "Keep Internet Devices Safe Act" (SB1719). Amazon and Google are opposing it with the attached talking points (via https://twitter.com/matthewstoller/status/1115991653662195713).

I know of two other cases like this Alexa example that made press. Samsung SmartTV in 2015 w/ help from Nuance Comms (now a partner for Apple's Siri), and "My Friend Cayla" dolls in 2017 (again w/ Nuance).

At @privacylab we think we've found an example of speech broken into syllables and disguised as a nUHF signal. Stay tuned. 3/3

fresh off the press - this is why I don't like to give the "benefit of the doubt" to Big Tech, even though I will limit my comments to the available info:
https://www.bloomberg.com/news/articles/2019-04-10/is-anyone-listening-to-you-on-alexa-a-global-team-reviews-audio

Shoshana Zuboff in "The Age of #SurveillanceCapitalism": "extraordinary research from French nonprofit @exodus and @privacylab in 2017 documented the exponential proliferation of tracking software... Two themes stand out in the research report: ubiquity and intensification."

@t0k @Purism @privacylab this is certainly an issue with most news outlets. Journalists have no control over the profit schemes of their overlords and I still think it's important to try to reach readers beyond the FOSS / digital privacy choir.

new mastodon.social "wizard" is FANTASTIC. Great job @Gargron (and team)!

@philippemargery @61 @Purism OWS has had a contentious relationship w/ FOSS devs who want alt. clients/forks of Signal that interop w/ OWS network

From the OWS perspective, it's important to keep the UI/UX consistent; alternative clients degrade the user experience for everyone on the network, and use expensive resources. Security and QC are impossible to verify for apps out of OWS control

The FOSS-y arguments are familiar, and include the fact that centralization is dangerous for freedom. 2/2

@philippemargery @61 @Purism Signal isn't "bad". In a nutshell:

OpenWhisperSystems / the devs behind Signal made the choice to centralize the service and build identity around the phone number system, instead of doing the federated / decentralized approach.

They did this consciously to encourage widespread adoption without the traditional difficulties associated with a decentralized, multiple-client approach.

That makes it different from approaches by Matrix.org, XMPP, and so on. 1/2

I'm actively recruiting volunteer devs for a native Signal / Signal-like client in Gtk, in the hopes that we can bring it to the @Purism Librem 5 phone. Please contact sean.obrien@puri.sm if interested.

PGP/GPG: FA9D 40F1 5FE1 D8AB 8312 4AAA 77E3 1447 CD1F C3F6

Thanks everyone for attending @privacylab "Tracking Mobile Trackers" session @mozilla festival, esp. the people who had to stand in the hall! Don't hesitate to contact me if you'd like to know more. Shout-out to Floor 9 @mozfestprivsec

Presentation: https://frama.link/ypl-mozfest

Graphic and Presentation CC BY-SA Sean O'Brien

Excited to be presenting "Tracking Mobile Trackers" today @mozfestprivsec in London :D 11:30 New York / 4:30 London / 5:30 Paris @exodus #Mozfest #mozilla

@rysiek @cwebber @Shamar @kaniini @starbreaker NC licensing is a problem for exactly this reason... it's a shaky legal foundation and it also doesn't port well internationally.

CC's interpretation of NC is purposefully vague to be flexible: https://wiki.creativecommons.org/wiki/NonCommercial_interpretation

In my opinion, that doesn't make it very useful; NC is mostly a barrier to combining with other FOSS licenses, especially the big copyleft licenses.

In some cases, artists and musicians feel more comfortable with CC licensing... 1/2