privacy - Page 2

  • Data retention : german high court decision and the Belgian situation

    The Germans had since 2008 a local data retention law that made it an obligation for the ISP's and networkproviders to keep all data from all communications for 6 months. THere was a huge public outcry against this and the German High Court has now decided that the local law isn't a good interpretation/reflection of the European rules because it doesn't balance enough between the right of privacy for all and the need for the police to have the ability to monitor those that want to throw bombs at the heart of our democracy or are just plain criminals.

    In Belgium we still don't have a local law and discussions in parliament have only started. Different versions and propositions are doing the rounds.

    My personal take on it is that it is much better to invest heavily in specific infrastructure and human knowledge to give the police and intelligence services the exact info they need about a certain number of criminals and terrorist or espionage groups (even if it would be very easy for them to circumvent those intercepts) than to spend enormous amounts of money to keep everything about everybody in the hope that somewhere somehow something will come out of it (too late).

    Some say that if they had those databases it would have been easier to track down the teacher serial killer. But that is not correct because his first attacks are already dated back to 2001. What makes the investigation goes forward now is systematic good policework and cooperation between the different services and departments.

    Those investigations - like the one against the PKK going on since 3 years - need all the technology and material they need to prove their case or proof that they were wrong and there is no terrorism. On the international level this investment and coordination is even more important.

    For example I think that as this terrorism trial is taking place in Belgium, security and intelligence services are closely trying to listen to the wires to see any hint of actions that could take place in the coming days or weeks. In a restricted but efficient Data Retention environment they would be able to spend less resources and make even more balanced opinions based on much more realtime information.

  • Belgian League of Defense of Human Rights in financial trouble - seeks help

    Every country has an organisation that tries to monitor and defend the privacy and democratic rights of its citizens. Even in a democracy our privacy and rights can be diminished or just become text without much meaning. It is the role of these group to monitor those tendencies and to alert us and to propose necessary changes.

    You may not always agree with everything they say or have said all the time, but they are so necessary that we should be sure that you should be sure that they are still around when your rights or privacy are diminished. 

    This organisation has lost its subsidies and is now looking for ways to make ends meet. The problem is that in Belgium you don't have those kinds of charitable funds and organisations that distribute money to worthwhile causes and are for that reason responsable for a whole group of websites and organisations that make our government and society more democratic and transparent.

    You have the King Bouwdewijn but they work with specific programs and goals and their main goal is not to support organisations 'an sich'.

    Meanwhile I stay with my idea that dewereldmorgen.be should become a better activist portal and that organisations in the end shouldn't have to invest time and money in ITinfrastructure. They should invest in content, actions and people.

    This doesn't change a thing for the League. If you want or can help, please do - even if you don't agree with them all the time, you should be sure that they are still there every time.

    It seems that Flanders doesn't want such an organisation anymore. I am not sure how this will play with their international imagebuilding campaign that is necessary because policymakers and businessmen around the world don't understand the harassment of minorities in Flanders due to their language. Today I have read that a french speaking Belgian couple pensioners from Brussels were refused the permission to buy a house at the Belgian coast because "they were not enough integrated in the local community" dixit the administrative commission. The Green party calls this an example of 'Soviet Republic Flanders'.

    It makes me always think about the famous german poem. When the nazis took the jews, I didn't protest because I wasn't a jew. When the nazis took the communists, I didn't.....' 

    This is why it is not acceptable to let politics kill a democratic organisation that wants more democracy.

    Here is the text

    "En cause: la suppression des subsides octroyés par du Ministre de la culture de la Région flamande Joke Schauvlieghe. Ces subsides étaient essentiels pour permettre à la Liga d’exister.

    La Flandre a besoin d’un mouvement qui se consacre au respect des droits humains.

    La décision du ministre étant irrévocable, la Liga met sur pied une opération SAUVEZ LA LIGA et montrer au ministre quil existe un large consensus en faveur d'une Ligue des droits de l'homme.

    La Liga a déjà reçu beaucoup de soutien Mais certains d'entre vous ont peut-être des idées concrètes qui pourraient contribuer à assurer sa pérennité.

    Si vous ou l’une de vos connaissance avez envie de réfléchir avec nous sur à des solutions ou à des actions, nous vous invitons à une Réunion « Sauvez la Liga »

    Le mercredi 10 mars 2010
    17h30 au Trefpunt, Bij Sint Jacobs 18 à 9000 Gand

    Au programme :
    - Accueil du Président
    - Synthèse de la situation
    - Réflexion et mise en place d’actions de soutien… A vous la parole!

    La Liga espère de tout cœur votre soutien et votre présence.

    Plus d’infos :www.mensenrechten.be -  info@mensenrechten.beCette adresse email est protégée contre les robots des spammeurs, vous devez activer Javascript pour la voir. - 09/223.07.38

    Diffusez cette information!

    Vous pouvez également nous soutenir en devenant membre de la Liga
    Ou en devenant membre du groupe facebook

    ENSEMBLE, SAUVONS LA LIGA!"

  • german database becomes strikers index

    From the beginning of 2010 every German employer must now submit detailed information on a monthly basis to the so-called ELENA database, ELENA is an acronym for Eleketronischer Entgeltnachweis which loosely translates to Electronic Payslip. This sounds innocent enough until you consider exactly what information employers are obliged to provide.

    The information will cover every worker’s salary, all absenteeism and their participation in strike action whether legal or illegal. This data is to be submitted to a central hub and from 2012 it will be used to determine whether to pay out or refuse social benefits. Plans are in place to relieve employers of the necessity of printing paper-based pay statements for their employees and instead issuing each worker with a plastic “jobcard” again by 2012. This card would then need to be produced should the holder ever need to apply for benefits allowing for data retrieval to determine eligibility.

    http://countermeasures.trendmicro.eu/move-over-big-brother-sister-elena-is-here/

    so were unions sleeping or are they just incompetent on the digital rights issue ?

  • belgium firewall back against antipedo site

    So while some time ago the Belgium firewall seem to be gone, it is back again and probably because they have decided to publish some parts of the names and the general locations where they live of some not yet convicted but under investigation pedo's (one has been arrested several times before).

    http://www.stopkinderporno.com

    they also have an rss feed

    You will need to use our free online proxylistings (see link to site up here) to bypass that firewall.

     

    hack6

  • When you are nude before your webcam, somebody may be watching and saving

    One of the candidates for one of those Miss elections around here is just 18 years old. But some time ago she was chatting with her boyfriend over the webcam and as kind of a game she undressed before the webcam. That ex-boyfriend sold them to some magazines. (how many of those pics with ex-sexpartners (some are fake) are not published on the web ?)
    Naturally that would have ruined all her chances to become elected. Or not ?
    But it is forbidden in Belgium to publish nude pictures of underage kids without the consent of the parents. Would you agree that a national magazine publishes nude pics of your underage daughter - however stupid she has been and angry you may be at her.
    So a judge have ordered both magazine to retire all of their editions from all of the shops by tonight.
    Two questions
    These magazines have lawyers no ? And these lawyers didn't check the age of the girl at the time the pictures were taken ? And they didn't warn their client that publishing them would cost them dearly ? Or they did but the editors just wanted to have the publicity (one is a 'family' tv magazine). And even if she was 18 at the time the pictures were taken, it is not the decent thing to do.
    That girl is really stupid. So girls if your boyfriend wants nude pictures of you, tell them to buy a playboy. Everything that is digital will travel and once it travels it will go around the world forever and ever. 
    Hope the pics are worth all that trouble :)

  • my profile ? It is nearly empty my profile - go away

    spam like this makes me laugh

    "Yo,! i don't mean to annoy you, I came across you in the search and thought you seem cool :P I guess I don't have a lot of info on my profile here but you can see my other profile if you wanna see more, date-bucket.com?id=2545&profile=tma0422 (my name there is star_beauty). it'd be cool if we could chat sometime :> hope to see u soon, Kiara Johnson "

    On same places I have some things in my profile but they are mostly closed and I don't so often go there for the moment. It is one of my todo's.

    Profiles are on a need to know basis and if the service or the members don't have to know more about you than why should you fill it in ? Because they ask it ? Privacy is also keeping stuff for yourself or just making it up.

    It is not who or what you are that is important, but what you are saying or doing.

  • how long to keep those internetdata

    As you maybe know, the belgian government must keep its internet- and other telecommunication data available for the (inter) national police and intelligence forces according to the obligations from the European Commmission.

    The police forces and the Minister of Justice want 2 years. Because justice is slow (and international cooperation even more) and not every case is opened or found out about directly after. Say that you discover that a fraud has been committed a year ago, how will find these emails (if the guy has been stupid enough to write anything on email).

    The national privacy commission want just 12 months after which is has to be destroyed.

    The ISP's (the internet providers) want only for 6 months and if the minister want more, he or the internet users will have to pay for it.

    So where is the compromise ?

    The compromise would be that not all the data have to be kept during all the time about everybody and everything. If one keeps everything for about 6 months one should only keep certain other traffics for the next 6 months and only very specific traffic for the remaining year. This doesn't mean that the police should have direct access to it, but they should know that this kind of traffic is kept long enough to be able to use it when in they need for an international or national investigation.

    So say that after 6 months you don't keep the P2P and multimedia traffic (which counts for about 70% according to some) and the normal website traffic except for a list of exceptions (terrorist organisations, criminal traffic (for example everything that says 'carding' or 'child porn') and the next year you only keep the traffic for a number of Ip adresses or destination that are currently being watched or under investigation and for which a judge has signed and a minister has taken responsability.That list should be reviewed every 6 months.

    This doesn't mean that the ISP's should give direct access to the police or intelligence officers to these databases. It doesn't mean that they shouldn't be guaranteed by the same privacy guarantees as any other data. It only means that the cost will go down enormously after 6 months and that the data available will be of more use and will cost less time to retrieve.

    It is just a suggestion.

    And don't kid yourself, these databases won't make much difference because of three reasons.

    There are enough possibilities (surely if the person wants to pay some money) to hide your traffic. For example how are you going to discover steganography ?

    Secondly even if he doesn't hide he knows that he is being watched and that he should be very careful.

    and third - before I forget - legally it will be very hard to proof that the person under investigation was responsable for the traffic. It could have been his dog....

  • it all started with a car that was not parked right

    The members of a turkish club had a meeting room next to an internal parking lot hidden from streetview in that city in Belgium. They always met there for thee and talks and passing some time together. It looked as if the days would pass without much happening and every day looked more or less like the day before. The quiet and easy life you would say.

    But one day there was a new car in the parking lot. They didn't see that car before so it couldn't be from someone from the neighborhood. There was something not right with that car, it wasn't parked the way all the neighbors parked their cars there. It was strange. So this turk talked to the local cop, the one who is responsable for the community relations and being sure he knows more or less what happens in his bloc.

    It was interesting he said. He would check it and he consulted the database of stolen cars. Bingo. It was the car that was used by the prisoners who escaped prison last week. They were only looking for the girlfriend from one of them. THe others were already found.

    But where could she be ? The police had another clue. The GSM of the girlfirend was being traced to a GSM tower not far from the parking lot. She was definitively here. But you can't search a few thousand people. Where could she be ? She wouldn't be with a turkish family because she wasn't turk. There were only a few Maroccan families living here. So he visited them. And found them.

    A perfect example of good neighborhood relationship with the local police who knows well his neighborhood, a national database and some intelligent modern tracking methods. None of those methods alone would probably have resulted in such a quick arrest but the combination of them makes each of them more efficient. It is the puzzle and not the pieces on which one should concentrate. You are always missing pieces but maybe you have already enough to make a beautiful puzzle anyway.

  • give your encryption key or go to jail

    Several countries are making it illegal to refuse to give your encryption key to the police when they have received permission to ask it to you (because of a number of crimes that are important enough according to the law).

    In England the first two persons were convicted because they refused to give those keys (maybe swallowed them or flushed them).

    This is part of the ongoing battle between privacy activists at one hand and the police forces at the other. Off course the police wants to know everything (and the more paranoid they are the more they want to know) and off course the gangsters want to hide that information even more.

    But also look at the numbers. It seems to me that it is a whole lot of trouble for not much result. Off course when you are apprehended you won't give the encryption keyx because this would mean the same thing as a confession. They are maybe criminals but they are not always that stupid.

    "Of the 15 individuals served (with a demand for their encyrption keys), 11 did not comply with the notices. Of the 11, seven were charged and two convicted. Sir Christopher did not report whether prosecutions failed or are pending against the five charged but not convicted in the period covered by his report.

    To obtain a section 49 notice, police forces must first apply to the National Technical Assistance Centre (NTAC). Although its web presence suggests NTAC is part of the Home Office's Office of Security and Counter Terrorism, it is in fact located at the government's secretive Cheltenham code breaking centre, GCHQ.
    http://www.theregister.co.uk/2009/08/11/ripa_iii_figures

    In Belgium the police is also dreaming of such a thing. Question is if it is worth the trouble ?

  • skype to be monitored in Belgium by police soon

    The Belgian police and intelligence services are using more phone taps than ever before according to an answer to a parliamentary question. But the police forces are saying they are losing out because they can't intercept skype conversations yet, what some criminals seem to use.

    The minister of Justice is working at a solution to force 'internet service providers' such as skype to work with the police.

    This changes nothing at the process in which the police has to get the benidiction of a judge or prosecutor before being able to intercept and use those conversations.

    But what will they ask when they are confronted with encryption ? Ask for the encryption key ?

  • digital content, ownership and how to protect it

    There is a row about Amazon that deleted itself from a distance content (ebooks)  on personal digital tools (kindle, sort of ebookreader) because of changed copyrights. They have excused themselves now, but that doesn't change a thing.

    The fact is that it is proven - as numerous other initiatives and trials have shown or are showing - that content can be blocked or locked and destroyed from a distance. Aside the security issues with such a superadministrator access for the provider, there are some steps you could take to limit the possibilities of such things happening to you.

    1. Do not live with an always on the network pc or tool. I know this may be sounding strange to the instant-generation (they generate everything instantly and want the stuff and answers as instantly). It means the provider doesn't has direct access either.

    2. Do not stock the downloaded or received stuff on the preprogrammed place. Take those files out of that folder and copy them elsewhere and eventually put a password on that folder. You can still open the files or copy them back if you need to see them.(open with).

    3. Keep a copy of the old versions of the players in case new versions will install new DRM's or other limitations. If you install the old versions, do so without an internet connection and desactivate the auto-update. If possible install the reader on another partition.

    4. always try to transform the closed format to an open format.

    5. Keep a backup.

    I think Kindle doesn't look ery kind today but a perfect big brother control what you read tool :) 1984. Very Orwellian what Amazon did.

  • ICANN finds national webfilters stupid but Belgian government goes ahead

    An Internet Corporation for Assigned Names and Numbers (ICANN) chief has said the Australian government will “embarrass itself” if it pushes ahead with plans to install a national Internet content filter.

    The group is a non-profit corporation that oversees management of domain names and IP addresses, Internet Protocol address space allocation and generic Top Level Domains.

    ICANN board chair Peter Dengate Thrush said national Internet content filters are ineffective at law enforcement. The plan was introduced by federal Communications Minister Stephen Conroy ostensibly as a mechanism to control distribution and access to child pornography.

    “The government has set itself up for embarrassment,” Thrush said.

    “I have no problems with the principle behind it [but] censoring material outside the country is difficult and the tools to do it cost a lot.”


    http://www.computerworld.com.au/article/309524/icann_says_web_filters_will_embarass_aussie_govt

    Meanwhile in Belgium the national webfilters are like the monster of Loch Ness. THey pop up from time to time as the solution for the problem. It can be general insecurity, child porn and now in the newest fix, gambling.

    Under a proposition that is now before parliament, the Belgian government will try to block all international gambling and pokersites that are not certified under Belgian law. (and so linking to them will in se be illegal also - as will be taking admoney from them).

    Just have a look at our freeproxy blog and you will see how ridiculuous it is. You can even go to any blocked site through Google.

  • 10 paranoid lessons from the UK mobile spy hacking scandal

    So lets get it straight first. It is not the technology that is important, it is the information that you have and give that is important, whatever the technology that you are using to receive or distribute or discuss it. This means that the technological means that you use must be in accordance with the importance of the information. (by the way, technology can also be face to face meetings in a closed safe room).

    So after the scandal with the hacked mobile phones (and/or voice messages) the advice to give to people who treat important information or think they are important enough is the following

    1. Mobiles are not safe. Normal mobiles that you can buy in a mobile shop are not made for security or privacy. If you really make big bugs and have important stuff you should look for really secure mobiles (with encryption and stuff like that).

    For the market : there is a market now for these.

    2. Do not use mobiles for important messages or contacts. You have (in comparaison) cheap secure fax and fixed phones for that. You also have some secure internet services (but they aren't free)

    3. The more stupid the mobile the more secure. The less things you can do with a mobile the better. So desactivate everything from java to internet to email to bluebooth and so on.

    4. Pin codes of 4 characters can't be defended. Desactivate your messagebox allthogether.

    5. Make your phonenumber private. If it is important you or your contact will try again.

    6. Nobody will known unless somebody or something is discovered which is rare. Do not count on it. And if it is found out, it will be too late.

    7. If you are really important you throw away your mobile every x (in a fire) or give your simcard to the dogs :)

    8. Do not keep adresses or phonenumbers on your phone. You give a hacker only more ideas. And what would be the use of using a private phonenumber if the real ones are in your mobile addressbook

    9. Clean your mobile from all messages and calls as often as possible.

    10. Really important people have no mobiles. They have people that handle and secure their important information for them. Those people should be trained in security and you should test your security often.

  • ehealth is just another (insecure) networkservice

    and the same things that happen with any other network or data, happen with ehealth

    "A former security guard for a Dallas hospital has been arrested by federal authorities for allegedly breaking into the facility's HVAC and confidential patient information computer systems. In a bizarre twist, he posted videos of his hacks on YouTube, and was trying to recruit other hackers to help him wage a massive DDoS attack on July 4 -- one day after his planned last day on the job
    http://www.darkreading.com/insiderthreat/security/attacks/showArticle.jhtml;jsessionid=2VASG14YVIKUOQSNDLPCKHSCJUNN2JVN?articleID=218300006

    the only question is in how far you are ready to protect it as if it was your own gold

    or should we 'just trust' and shut up

  • why you shouldn't give your emailpasswords away

    The Argentine mistress of the US governor released a statement. Her emails about the relationship were published in a newspaper. She won't press charges but feels disappointed anyway.

    Another reason to keep your emails to yourself.

    "She said someone accessed her Hotmail account without permission and sent the e-mail correspondence to the newspaper.

    Chapur denied that the person was a friend — as reported by some news outlets — saying he was as much a victim of the media frenzy as she.

    "I have a strong suspicion of who is responsible for this evil act that was directed at me, but also destroyed the lives of so many others," she said. "But without sufficient proof, and for legal reasons, I am obligated to not reveal the name."


    http://news.yahoo.com/s/ap/20090629/ap_on_re_la_am_ca/lt_sc_governor_the_mistress

  • the lifting of the belgian firewall not global

    My ISP has lifted it but I can't disclose which one. But others seem not to have lifted it. In any case there is no legal reason to keep the firewall up as the reason for it is gone. The question is if they are going now to pull another one up against the new US based website.

    well if you want to go behind it, you can still get one of those proxies we are publishing above.

    and ask your ISP to get it down that firewall as one big one has already done.

    You can publish here where it is up or not. If there is enough reaction we will follow the situation.

    ps it could also be your cache in your Internet explorer or the proxy of your network that is serving you the wrong page.

  • we are all Iranians and correspondents

    There are about 100.000 to 200.000 tweets every hour about the Iranian protests and crisis. There are millions of blogposts about Iran and the protests and than we don't count the number of pics and vids on other social media sites. BBC says that around 7 videos are arriving every minute when there is a protest going on.

    For the moment the police is searching cars and people on the street and confiscating phones and cameras. Maybe we should send thousands of them. Bombard the country with wireless free fast internet access with sites that are accessable for mobiles.

    On CNN a web2.0 specialist said that as the web becomes entrangled with normal communications it becomes too difficult for the censors to block them. They have reestablished SMS or texting traffic in Teheran after a week because it was too difficult to work without any SMS for even a normal business person. Filtering is very hard to do.

     

    len34

  • US ready to invest in global anticensor software

    Tear down this cyberwall. Nicholas Kristof's Thursday column:

    If President Obama wants to support democratic movements on a shoestring, he should support an "Internet freedom initiative" pending in Congress. This would include $50 million in the appropriations bill for these censorship-evasion technologies. The 21st-century equivalent of the Berlin wall is a cyberbarrier, and we can help puncture it.


    Mr. Zhou, the son of a Chinese army general, said that he and his colleagues began to develop such software after the 1999 Chinese government crackdown on Falun Gong (which the authorities denounce as a cult). One result was a free software called Freegate, small enough to carry on a flash drive. It takes a surfer to an overseas server that changes I.P. addresses every second or so, too quickly for a government to block it, and then from there to a banned site.

    Freegate amounts to a dissident's cyberkit. E-mails sent with it can be encrypted. And after a session is complete, a press of a button eliminates any sign that it was used on that computer.

  • The whole Slovak (secret) telephone database on a lost USB stick

    This time anonymous man brought to the offices of Slovak newspaper SME just one USB pendrive. As he told, he found it on the main square in small town on the west of the Slovakia where it was lost by a crew of a black BMW (usually used by the politicians or some higher officers...). Content of the drive should be highly confidential: it contains extensive documents and personal data about policemens from Slovak Military Police. Just to mention that some Slovak military cops are on the mission in Afghanistan...

    source zone-H.com