“I could take down the internet with that, and so could you.” Dan Geer, Chief Information Security Officer of CIA’s venture capital arm, didn’t mince words when he mentioned the security flaws in home routers during his keynote address at last month’s Black Hat conference in Las Vegas. But he also noted a small silver lining around the dark cloud of router security: people are starting to take the problem much more seriously. As he noted, the “SOHOpelessly Broken” DEFCON hacking contest, co-presented by Independent Security Evaluators and EFF, is drawing attention to security vulnerabilities in routers with the goal…
Author: EFFSource
The publishing world may finally be facing its “rootkit scandal.” Two independent reports claim that Adobe’s e-book software, “Digital Editions,” logs every document readers add to their local “library,” tracks what happens with those files, and then sends those logs back to the mother-ship, over the Internet, in the clear. In other words, Adobe is not only tracking your reading habits, it’s making it really, really easy for others to do so as well. And it’s all being done in the name of copyright enforcement. After all, the great “promise” of Digital Editions is that it can help publishers “securely…
EFF has a long running-mission to Encrypt the Web. To make the Web more secure, more private, and more censorship-resistant, we need to completely replace the insecure HTTP protocol with HTTPS. That task saw some major progress last week, with the anouncement by CloudFlare that it will now make HTTPS free and available by default for the approximately two million sites that it serves. CloudFlare is a content distribution network (CDN). That means that it doesn’t entirely host web sites on its own machines, but provides a proxy and caching infrastructure to distribute content on behalf of other sites, making…
Negotiators from across the Atlantic met this week in Chevy Chase, Maryland to continue discussing the terms of the EU-US trade agreement, the Transatlantic Trade and Investment Partnership (TTIP). This is the seventh round of secretive meetings, and not much is known about the exact issues that are on the negotiating table. However a press release issued today confirms that “intellectual property” (IP) rights were one of four areas given focus in this round of negotiations. Given how notoriously captured by corporate interests IP discussions in trade negotiations are, this has us very worried. The TTIP negotiations have been rife…
Open Access Week is less than a month away! Now in its eighth year, Open Access Week is an international event that celebrates the wide-ranging benefits of enabling open access to information and research–as well as the dangerous costs of keeping knowledge locked behind publisher paywalls. From October 20 to 26, academics, researchers, and curious minds everywhere will be encouraged to learn about the various hurdles to open knowledge and share stories of positive advancements in the effort to make open access the norm in scholarship and research. Whether you’re looking to learn more, to champion open access policies, or…
When it comes to Facebook’s real names policy, it’s really clear—something needs to change. Over the last few weeks, we’ve joined dozens of advocates in saying so. And in a meeting with LGBTQ and digital rights advocates, Facebook agreed. Of course, admitting there’s a problem is always the first step towards a solution. But what’s not clear is what that solution will be. EFF continues to believe that the best solution is simply to get rid of the “real names” policy entirely. But barring that, Facebook needs to find a solution that takes into account the myriad groups of people…
As EFF outlined in a special report, ComputerCOP is a piece of “Internet Safety” software of dubious value that law enforcement agencies around the country have distributed to families for free. One of the main components of the software is KeyAlert, a keystroke-capturing function that records everything a user types. KeyAlert has two major functions. First, it logs keystrokes on the user’s hard drive. Second, it allows the person installing the software to set certain keywords. Whenever those keywords are typed, the computer sends an email with those keystrokes to the person who installed the software. ComputerCOP doesn’t appear in…
Blue Spike LLC is a patent litigation factory. At one point, it filed over 45 cases in two weeks. It has sued a who’s who of technology companies, ranging from giants to startups, Adobe to Zeitera. Blue Spike claims not to be a troll, but any legitimate business it has pales in comparison to its patent litigation. It says it owns a “revolutionary technology” it refers to as “signal abstracting.” On close inspection, however, its patents1 turn out to be nothing more than a nebulous wish list. Blue Spike’s massive litigation campaign is a perfect example of how vague and…
A federal judge in Florida ruled Thursday that Warner Brothers Entertainment must release key information about its automated scheme to send copyright infringement notices to websites. The documents will give the public a better look into robo-takedowns and their potential for abuse as Congress considers changes to the Digital Millennium Copyright Act (DMCA). The ruling comes in response to EFF’s request to release records from the Disney v. Hotfile lawsuit, in which several movie studios accused the cyberlocker site Hotfile of copyright infringement based on Hotfile users’ sharing of movie files. Hotfile countersued Warner for abusing the DMCA’s takedown procedure,…
Concerned European Internet users will descend upon Brussels on September 26 to participate in Freedom Not Fear 2014—a European week of action aimed to fight against a widespread surveillance state. Since 2008, a coalition of European organizations has met annually under the banner of Freedom Not Fear to fight against online spying, and to challenge the hyperbolic rhetoric of fear that permeates the security and privacy debate. The Freedom Not Fear movement emerged from widespread outrage to the European Union’s 2006 Mandatory Data Retention Directive. Since its origins, Freedom Not Fear’s message has been: fundamental rights like privacy, free expression,…