The End of Trust  Topic is solved

All topics relating to computer security and internet privacy. Please try to keep it technical related and leave political diatribes at the door.

The End of Trust

Postby golinux » December 4th, 2018, 2:31 am

For your reading pleasure:

https://www.eff.org/the-end-of-trust

Most of it is familiar but I did discover something that I didn't know. Tucked away in the sidebar on page 226 is this interesting factoid:

"The website freedom-to-tinker.com, hosted by Princeton’s
Center for Information Technology Policy, published a study
highlighting a particularly invasive data-mining software
called “session replay scripts” that are being used by an
increasing number of websites. According to the study, session
replay scripts “record your keystrokes, mouse movements,
and scrolling behavior, along with the entire contents of the
pages you visit.” Unlike most third-party analytics services,
which provide aggregate statistics of your searches and the
pages you visit, session replay scripts actually record your
individual browsing session in its entirety, “as if someone is
looking over your shoulder”.

The study lists tens of thousands of websites that were
either found recording users’ browsing sessions or have the
capability to do so. Among the big-name sites are xfinity.com,
windows.com, texas.gov, petco.com, and fandango.com. The
following sites were also found on that list."
—Landon Bates


Here are links to the study and full list:

https://freedom-to-tinker.com/2017/11/1 ... y-scripts/

https://webtransparency.cs.princeton.ed ... sites.html

It just keeps getting worse and worse . . .
May the FORK be with you!
User avatar
golinux
 
Posts: 1100
Joined: July 23rd, 2011, 4:45 pm
Location: not a 'buntard!

Re: The End of Trust

Postby nodir » December 4th, 2018, 10:09 am

To me it looks as if 90% of the WWW are utter shit, no matter how you look at it
(from usability, look&feel, security, performance, no matter what).

Best might be to give up on it in general (well: for me. There are a very few sites left which i visit . Most of them i can use without scripts enabled, but not all).
Way back, at minimum 5 years, Uwe Hermann, a debian dev, wrote in his blog that there is no need to think about security anymore as soon you have scripts enabled (as the great US philosopher Alf says: "that ship has sailed").

The whole systemd debacle made me give up on the subject. gnunet might be an idea (not sure where they got in the years i was busy with working around systemd). darknets. retroshare. perhaps something like mesh networking.
With people switching from computers and laptops to smartphones we probably have a completely different situation now (at least a more complex one). I can't see how that extra problem is kept in mind at all (yeah, yeah, some use signal or telegram instead of whats-app ...)

-
Not really the above link in mind. Rather some general thoughts how the situation as a whole went south (for everyone, no matter which OS they use on a PC/laptop).
nodir
 
Posts: 289
Joined: June 16th, 2015, 10:10 pm

Re: The End of Trust

Postby Randicus Draco Albus » December 4th, 2018, 10:54 am

It is case of legal systems lagging behind technological changes. A few governments have become concerned enough to pass net and information privacy laws, but they only deal with the surface problem. They have not yet realised that the technology for invasive spying already exists. (Beyond what those same governments use to spy on their citizens. Kind of hard for governments to outlaw practices they like to use.) With computers and the internet now being part off the fabric of everyday life, laws need to be enacted that make covert information gathering over the internet illegal. If one signs a physical paper contract with a company, laws require the contract to include a notification that the company may give one's information to third parties. The same should apply to the internet. Websites that mine information should be required to state that on the home pages of their websites. And not in fine print at the bottom. Until that is done, the problem of websites and browsers secretly collecting (and using) information will only get worse.
Klingons are fun, but Romulans are the sexiest women in the galaxy.
User avatar
Randicus Draco Albus
 
Posts: 1492
Joined: September 22nd, 2011, 1:22 pm

Re: The End of Trust

Postby nodir » December 4th, 2018, 3:46 pm

What makes you hope that governments would care for such?
If anything the neoliberal gangbang of the last decades has shown that the main interest of the govrnments is in the big companies
(hence i usually call them the errant boys of the industry).

(assuming they would be able to keep up with fast technological changes at all, which i doubt, and strongly) .
nodir
 
Posts: 289
Joined: June 16th, 2015, 10:10 pm

Re: The End of Trust

Postby Randicus Draco Albus » December 4th, 2018, 10:38 pm

I did not say they care. I mention what needs to be done. If governments can ever look beyond the taxes paid by big companies that use the technology they will do something, probably too little but at least something. At the moment the internet is a lawless frontier, except in places like China and North Korea, which are at the opposite and even worse end of the spectrum.
Klingons are fun, but Romulans are the sexiest women in the galaxy.
User avatar
Randicus Draco Albus
 
Posts: 1492
Joined: September 22nd, 2011, 1:22 pm

Re: The End of Trust

Postby nodir » December 5th, 2018, 8:07 am

So conjunctive, probably "what would need to be done, (assuming ... ) ".

If it will happen at all (i for one doubt it), it will happen in a future where we already got completely different problems.
Here, in Germany, the government offers solutions to similar problems (internet, mobile-phones contracts, ISP contracts, etc) after a few years, and the companies work around the new laws in a few days (if not hours).
laws restricting the ways companies can make money? Hard to imagine in the neoliberal age.

Not saying it is that way, only that it is the way it looks to me.
Think of "rocking in the free world" as the background music.
nodir
 
Posts: 289
Joined: June 16th, 2015, 10:10 pm

Re: The End of Trust

Postby Randicus Draco Albus » December 5th, 2018, 10:54 am

nodir wrote:laws restricting the ways companies can make money?

Not when the laws are actually written to aid big companies. Incorporation is the best example. When a company is incorporated it ceases to be a business and becomes a legal entity and is treated like a person. The owners are legally considered to be employees and therefore not held responsible for the evil their companies do. A court punishes the company. If the company does not have enough money to pay the fine or pay back the people cheated, the "corporation" is dissolved. The unpunished owners then start a new company, incorporate it and continue cheating people.

But we can all fantasise about a better world.
Klingons are fun, but Romulans are the sexiest women in the galaxy.
User avatar
Randicus Draco Albus
 
Posts: 1492
Joined: September 22nd, 2011, 1:22 pm

Re: The End of Trust  Topic is solved

Postby cynwulf » December 5th, 2018, 11:51 am

And the problem comes back to unhindered and unregulated, global capitalism and greed...

To me it seems that whatever is done in seemingly "good faith", there is someone lurking behind the scenes pushing that agenda, with an ulterior motive. Because these things don't gain much momentum without some funding from invested individuals or corporations.

For example, you had people wanting to censor the WWW to stop people saying hurtful things about them - shockingly some of those people turned out to be very rich celebrities trying to protect their reputations (incomes, "brands" and IP), celebrities and corporation known to use NDAs in other cases, etc.

We had the crusade against piracy and the inevitable "installation" of DRM - sanctioned by W3C, probably heralding the end of the "open web". All of which was astonishingly backed by rich individuals, global media corporations, etc.

But if you want "privacy" for the little man, no one is listening. You will get token stuff, like the EUs antitrust investigations into google...

But who wins there? a €4 billion (?) or so "ransom" and the money goes where exactly? What is achieved, what really changes?

https://www.dw.com/en/google-fined-43-b ... a-44719609

So that's google doing what MS did (and worse) with Windows 95 and IE back in the 90''s - and what MS is still doing with Windows 10.

This is billions in fines, and who knows how much "EU money" to fund the "three-year investigation"?

But when all is said and done "it's a start", whatever the objective may be, it's probably better than letting these giants run unchecked.
User avatar
cynwulf
 
Posts: 2526
Joined: April 26th, 2011, 2:46 pm


Return to Security/Privacy-Related

Who is online

Users browsing this forum: No registered users and 1 guest

x