US judge orders hundreds of sites "de-indexed" from Google, Facebook

Judge Kent Dawson doesn’t know anything about the internet but business can tell him what to do – forget the law.

WOW US judge orders hundreds of sites “de-indexed” from Google, Facebook
By Nate Anderson
After a series of one-sided hearings, luxury goods maker Chanel has won recent court orders against hundreds of websites trafficking in counterfeit luxury goods. A federal judge in Nevada has agreed that Chanel can seize the domain names in question and transfer them all to US-based registrar GoDaddy. The judge also ordered “all Internet search engines” and “all social media websites”—explicitly naming Facebook, Twitter, Google+, Bing, Yahoo, and Google—to “de-index” the domain names and to remove them from any search results.
Continue reading “US judge orders hundreds of sites "de-indexed" from Google, Facebook”

Long Term Privacy with Forward Secrecy

Technically, the web server’s secret key is used to encrypt data that becomes a new, random session key that is shared between the two parties. But because the session key is encrypted with the server key, a compromised server key can decrypt the session key, which can then decrypt the data.

Long Term Privacy with Forward Secrecy November 29, 2011 
By Parker Higgins (@thisisparker)
This week, Google activated a web privacy feature called “forward secrecy”, becoming one of the web’s first major players to put this important component in place. It’s an important step, and other sites should follow suit. In order to understand why enabling forward secrecy is so important, it’s helpful to know how HTTPS works in the first place.
Continue reading “Long Term Privacy with Forward Secrecy”

Expect no Privacy from Social Networks

No Privacy Law: Social networks not private in court Judge rails against notions of secrecy. Privacy about to punted again when ‘balanced’ against need for govt spying.

Even without appellate case law in Pennsylvania to provide guidance on the discoverability of information on Facebook, the standard is becoming clear: Post at your own risk. Three courts in PA have now decided that, if a party in a civil case posts information on his Facebook page, and that information appears to contradict statements in discovery or testimony, then the party’s Facebook page falls within the scope of discovery.
Largent v. Reed, a Franklin County judge ordered plaintiff Jennifer Largent to turn over her Facebook username and password to defendant Jessica Rosko, who allegedly caused an auto accident that left plaintiffs Jennifer and Keith Largent with “serious and permanent physical and mental injuries.” The decision came in Common Pleas Court Judge Richard J. Walsh’s 14-page opinion, the beginning of which reads like a debriefing on the world’s most popular website. According to Judge Walsh, Ms. Largent’s Facebook page brought up questions about the extent of her injuries. Judge Walsh said there can be “little expectation of privacy” on a social networking site. He said no court has ever recognized a “general privacy privilege” for Facebook information, “and neither will we.” “Only the uninitiated or foolish could believe that Facebook is an online lockbox of secrets,” Judge Walsh said. Judge Walsh said making a Facebook page “private” does not shield it from discovery because even private posts are shared with other people.
<more>
Privacy about to punted again when ‘balanced’ against need for govt spying There was talk about balancing privacy against the online spying needs of governments and that this surveillance and tracking should not bother you if you’ve done nothing wrong and have nothing to hide. Balance? Bite me. By Ms. Smith on Mon, 11/28/11 – 3:34pm.
With the cyber-world such as it is now, constant breaches because companies are careless and lax about protecting our personal information, it might be true what the Office of Inadequate Security pointed out, “Maybe all companies should add ‘check Pastebin’ to their daily security to-do list.” As if there’s not enough personal info dumped about us all to invade privacy, any time there is talk about security and you hear the word ‘balance’ being used, citizens’ privacy is about to be punted. This time it was in regard to online spying as being tracked by the government is, it would have you believe, for our own good to monitor and to stop all those potential terrorists and cybercrooks, not so it can build up massive databases with secret watchlists.
Such is the case of ‘balancing privacy’ against many different governments needing to track people’s online activities. At ZDNet Asia, Elle Todd, media, communications and technology group partner at law firm Olswang Asia, noted “most citizens would accept that surveillance is an important part of law enforcement” when limited to “justifiable circumstances” and not when being spied upon “just in case” you are some kind of terrorist scum or cybercrook. The ZDNet article mentions Singapore-based Shawn Lee who was asked to take down a blog post and complied, saying “I haven’t done anything wrong [and] I have nothing to hide, so it is fine that the government is tracking me.”
This is where I could not disagree more; this entire concept of not objecting to privacy invasion if you have “nothing to hide” and have “done nothing wrong” makes me want to bite someone. Most of us don’t want to live with unlimited surveillance and there are bad seeds and rogues in law enforcement who misuse and abuse their surveillance access to check on someone who has caught their attention. The wired/wireless world is setup to be anonymity-busting as it is, and full-pipe monitoring and mapping has been around for a very long time. It’s ludicrous that valuing your privacy and civil liberties, freedom from snooping, would imply a person has something to hide or that objecting to such online spying means you are up to illicit or nefarious activities. The desire to be as anonymous as possible, which really is a contradiction when online, does not imply a person is a cyber-creep. Wired’s David Kravets nailed it, “We’re paranoid not because we have grandiose notions of our se
lf-importance, but because the facts speak for themselves.”
While I disagree with innocent people’s private info floating around as a result of whacking companies and dumping data in the war against white hats, if a person were to sail over to The Pirate Bay and actually peruse this torrent, it’s not too hard to get behind the publishing of surveillance guidelines aimed at us all. Cryptome and Public Intelligence have also published the online spying guides that regular folks aren’t supposed to know about, spying that is to be ‘balanced’ against citizens’ privacy.
Remember the FBI’s claim of ‘going dark’? Yeah right, about anything accessed via Windows machines like system and user data and apps, networking, Windows Internet-related data and logs from chat programs, IE or email [PDF] can be snooped through. Besides Big Brother in your browser, the treasure-trove of data we store in the cloud, and cell phone provider data storage, what more might be needed by law enforcement? BIOS password spying [PDF], Skype Log Files [PDF], Firefox Password Spying [PDF], iPod snooping [PDF], iChat [PDF], numerous iPhone guides, or magicJack surveillance [PDF]? There’s also spy guides for MSN [PDF], Gmail 1 [PDF] and 2 [PDF], Facebook [PDF], Verizon [PDF], Time Warner Cable [PDF], Yahoo chat [PDF], World of Warcraft [PDF], Blizzard [PDF], or AOL [PDF]. It goes on and on; it’s not that it’s new by any means, simply that it seems endless and there’s talk of finding balance between spying for security reasons and your rights.
Don’t be surprised in the least to see these companies throwing around DMCA notices just as Microsoft did at Cryptome over the Microsoft Online Services Global Criminal Compliance Handbook (zip).
I don’t think most people are “ok” with surveillance or censorship. The wise ones know enough to have their hackles raise when security is “balanced” against privacy concerns. When you hear ‘balance’ you are about to lose more civil liberties and have your privacy punted for your own protection of course. Yeah, yeah yeah security theater, surveillance, and the constant erosion of privacy and civil liberty rights shouldn’t bother you if you’ve done nothing wrong and have nothing to hide.

Feds seize 130 sites in Cyber Monday crackdown

ICE takes down any site they want, whenever they want.

Feds seize 130 sites in Cyber Monday crackdown

Bogus handbags no longer threaten the web By Kevin Murphy

According to online records, 131 domain names had their name servers changed to seizedservers.com an ICE-owned name server that directs all traffic to a place-holder stating that “This domain name has been seized by ICE – Homeland Security Investigations” and warning of the various criminal penalties associated with copyright infringement. Seized domains in this round primarily relate to the sale of branded goods. They include discount-louisvuitton-handbag.com, dvdsetonline.com and googlenfljerseys.com. The seizedservers.com name server currently hosts 372 domains. While many of the newly grabbed addresses are registered to individuals in China, all 131 are in the .com and .net zones, both of which are managed by VeriSign, a US-based company. ICE has previously stated that all .com domains fall under its jurisdiction, regardless of where the owner is based, due to the location of the registry. VeriSign has said that it cooperates with the seizures when it receives a court order.

Boycott Ringling Brothers and Barnum & Bailey Circus Animal Cruely

Ringling Brothers Circus, : Pays civil penalty of $270,000 for alleged violations of the Animal Welfare Act (AWA) dating from June 2007 to August 2011.

News Release No. 0494.11
Contact: David Sacks(301) 734-5271 Lyndsay Cole (970) 494-7410
USDA and Feld Entertainment, Inc., Reach Settlement Agreement
WASHINGTON, Nov. 28, 2011—The U.S. Department of Agriculture (USDA) and Feld Entertainment, Inc., doing business as Ringling Brothers and Barnum & Bailey Circus (Feld), have reached a settlement agreement in which Feld has paid a civil penalty of $270,000 for alleged violations of the Animal Welfare Act (AWA) dating from June 2007 to August 2011.
“This settlement sends a direct message to the public and to those who exhibit animals that USDA will take all necessary steps to protect animals regulated under the Animal Welfare Act,” said Agriculture Secretary Tom Vilsack.
“The civil penalty and other stipulations in the settlement agreement will promote a better understanding of the rights and responsibilities of all exhibitors in maintaining and caring for animals under their care.”
USDA is authorized to assess a civil penalty of up to $10,000 for each AWA violation occurring after June 2008. In addition to paying the $270,000 civil penalty, the largest assessed against an exhibitor under the AWA, Feld waived the opportunity for a hearing and agreed to develop and implement annual AWA compliance training for all employees who work with and handle animals, including trainers, handlers, attendants and veterinarians starting March 31, 2012, and to establish an AWA compliance position on its staff by February 28, 2012. All Feld employees who will work with and handle animals must complete the training within 30 days of when they are hired.
The Animal and Plant Health Inspection Service (APHIS) is a multi-faceted Agency with a broad mission area that includes protecting and promoting U.S. agricultural health, regulating genetically engineered organisms, administering the AWA, and carrying out wildlife damage management activities. These efforts support the overall mission of USDA.
One of APHIS’ core missions is to ensure the welfare of the animals it regulates under the AWA. The AWA sets forth humane standards for care and treatment of animals that are exhibited to the public. APHIS veterinarians, animal care inspectors and investigators are deeply committed to making sure that all USDA licensed exhibitors provide their animals with proper veterinary care, water, a balanced diet of wholesome food, clean and structurally sound housing that affords enough space for the animals to move comfortably, and protection from extremes in temperature and weather.
To ensure that its licensees are meeting federal standards, APHIS inspectors conduct routine, unannounced inspections of all licensed facilities. The non-compliances resolved through this settlement agreement were discovered through APHIS inspections and investigations, as well as public complaints that were submitted to the agency.
A copy of the full settlement agreement can be found at http://www.aphis.usda.gov/animal_welfare/downloads/FEI_signed_agreement.pdf.
www.aphis.usda.gov/newsroom and click on the RSS feed link.
USDA is an equal opportunity provider, employer and lender. To file a complaint of discrimination, write: USDA, Director, Office of Civil Rights, 1400 Independence Ave., SW., Washington, DC 20250-9410 or call (800) 795-3272 (voice) or (202) 720-6382 (TDD).

Mobile ‘Rootkit’ Maker Tries to Silence Critical Android Dev

Mobile ‘Rootkit’ Maker Tries to Silence Critical Android Dev By David Kravets  11,22, 11
Carrier IQ data-logging software company wants to harrass developer’s critical research into its software that is secretly installed on millions of phones, but Trevor Eckhart is refusing to  remove the company’s training manuals from his website.
Continue reading “Mobile ‘Rootkit’ Maker Tries to Silence Critical Android Dev”

Klout Score

Klout – Can an online algorithm track down your child? Unintended consequences of her very active social network life. The Realtime Report tracks social media trends. Klout used by marketers to reach habitual comment makers who are likely to promote their products on social networks. Klout lifts information from 13 separate networks. All your activity on a social network to a great extent exposes everyone you are connected to.

Klout-When Sites Drag the Unwitting Across the Web November 13, 2011
http://www.nytimes.com/2011/11/14/technology/klouts-automatically-created-profiles-included-minors.html?hpw=&pagewanted=print
Can an online algorithm track down your child?
Maggie Leifer McGary, mother, blogger and social media fan. Ms. McGary is on virtually every existing social network: Foursquare, LinkedIn, Twitter, Facebook. She is also on Klout, a popular site that assigns you a score based on its analysis of how influential you are on the social Web.
Ms. McGary got the fright of her life when she checked her Klout profile. Hovering above her score were the faces and names of those over whom she had influence, as calculated by Klout. They included her 13-year-old son, Matthew. The boy had never set up a Klout page for himself; he was only her Facebook “friend,” so she could monitor his interactions there. Klout had automatically created a page for him and assigned him a score. Then Ms. McGary’s 15-year-old daughter Mimi popped up on her Klout page — this time not with a Klout score of her own, just a nudge to Ms. McGary to invite Mimi to join.
“It’s wrong. They shouldn’t be marketing to children.”
Klout says it does not. And since this brouhaha, Klout no longer creates profiles automatically, of minors or anyone else, and every Klout user can now delete a profile entirely.
Klout culls information about individuals from publicly available sources. It lifts information from 13 separate networks in all, its chief executive, Joe Fernandez, explained, and rates you based on how “people engage with the content you create.”
For a brief period in late October, when Ms. McGary saw Matthew pop up on her Klout page, Klout’s algorithms created scores for the Facebook friends of registered Klout users. “Let’s say you and I were friends on Facebook, and I had commented on your Facebook wall,” Mr. Fernandez said. “Klout would see that, and I would get a score from my post on your wall.”
Outcry followed. Klout turned off that feature. Mr. Fernandez said his algorithms were not so smart that they could figure out who among your network of friends was a child or an adult.
Ms. McGary’s realization was part of a storm that blew through the blogosphere. It started when a few people started to see their Klout scores rise and fall and — what else? — began posting on Twitter about it.
“How did Klout get the information to create a profile on my son???” Ms. Ries wrote that day on her site, The Realtime Report, which, as luck would have it, tracks social media trends. Ms. Ries told her readers: “I have unlinked my Facebook account, and I suggest you do the same.”
Facebook said it was investigating whether Klout had broken its terms of service in harvesting information from its site. Klout says it did not. Much of a Facebook user’s personal information — name, sex, profile photo — is public information, and so too are pictures, comments and other posts that are marked as publicly visible, with a stark globe icon.
Klout, like a host of other influence yardsticks in the digital marketplace, like PeerIndex and Kred, is used by marketers to reach habitual comment makers who are likely to promote their products on social networks. It can be used by employers, teachers, homecoming queen committees — anyone — to gauge someone’s popularity.
Ms. Ries’s Klout score went up sharply after she wrote a blog post about her experience and posted a link to it on Twitter. It also prompted her to reflect on the unintended consequences of her very active social network life.
“I engage, I participate publicly. I view anything I post as fair game,” she said the other day on the phone. “The big lesson I learned, and the new area I started thinking about much more heavily, is that my activity on a social network to a great extent exposes everyone I am connected to.”
“People need to be aware — if you’re active on social networks, you’re bringing your social graph with you, and that includes your friends and family,” she said.