Skip to main content

Suche

Beiträge die mit email getaggt sind


 
Bild/Foto

Danger, Will Robinson!


The EFF has released information regarding a security breach in the PGP, GPG and S/MIME protocols:
A group of European security researchers have released a warning about a set of vulnerabilities affecting users of PGP and S/MIME. EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages.

Our advice, which mirrors that of the researchers, is to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email.
More info: https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now

#Security #Privacy #Encryption #Communications #PGP #GPG #Email #SecurityBreach #SecurityRisk

 

EFAIL

...describes vulnerabilities in the end-to-end encryption technologies OpenPGP and S/MIME that leak the plaintext of encrypted emails.


#email #cracking #crypto #security #openpgp #smime

 
Understaffed and poorly staffed (clueless writers), tech press demonstrates today that it does not know how #email works and is willing to tell any lies available in order to sell a story (with ads)

#efail #media #fail

 
The #efail #email #security issue is the latest in the long, embarrassing saga of #PGP. It has been a usability disaster from its earliest days. If the paper Why Johnny Can't Encrypt was a person, it would be old enough to buy you a beer while commiserating over all the problems over the last 2 decades.

While "EFail" isn't a failure in the core of PGP, it shows how someone else's security affects you. You can take every proper precaution, do all the right things on your side, and if one of your recipients uses the vulnerable email software then they will inadvertently expose the email that you properly encrypted and emailed them. Rather than being a shocking development, however, it's just one more landmine on the landscape of a totally user-hostile piece of software.

It's time to let PGP go. The old stick-in-the-muds who still use it can only use it with other old stick-in-the-muds. They can't use it with real people who have grown accustomed to software that makes life easy on the user. It is a relic. It is time to consign it to its proper place in history and move on.

 
PGP is Fine

"According to GnuPG’s Werner Koch, the EFF is exaggerating the situation and that the foundation hasn’t yet contacted GnuPG. While Enigmail’s Robert Hansen has stated that the call from EFF is merely a “tempest in a teapot,” about which the company isn’t a “least bit worried.”

Hansen believes that instead of releasing the news publicly the foundation should have reached out to the companies involved while he claims that users can use the newest Enigmail version confidently."

#PGP #GPG #Enigmail #Privacy #Security #GnuPG #WernerKoch #EFF #Email
Uninstall PGP? PGP and S/MIME protected emails prone to exposure

 
Verschlüsselte E-Mails lassen sich mit einem Trick innerhalb von Minuten lesbar machen. Ohne den Schlüssel klauen zu müssen. Eine weitere Seifenblase platzt: Es gibt eben doch keine Sicherheit in der IT-Welt.
Geplatzte Seifenblase: Verschlüsselung unsicher

Digitalistan: Geplatzte Seifenblase: Verschlüsselung unsicher (Jörg Schieb)

#SMime #Verschlüsselung #eMail #E-Mail #Kryptografie

 
Wie scheiße muss man im Kopp sein…

…um aufgrund von EFAIL zu raten, kein PGP/GPG mehr zur Verschlüsselung zu benutzen?


Ich bin sowas von sauer… da bemüht man sich ewig lange, um die Leute dazu zu bewegen, eMails nur verschlüsselt zu nutzen… nach und nach werden es mehr, die das dann auch tun… und dann kommt die EFF daher und gibt einen dermaßen bekloppten Rat. #Pepecybs #welt #efail #eff #email #gpg #pgp #verschluesselung
Quelle: https://pepecyb.hu/2018/05/15/wie-scheisse-muss-man-im-kopp-sein/
Wie scheiße muss man im Kopp sein…

 
Wie scheiße muss man im Kopp sein…

…um aufgrund von EFAIL zu raten, kein PGP/GPG mehr zur Verschlüsselung zu benutzen?


Ich bin sowas von sauer… da bemüht man sich ewig lange, um die Leute dazu zu bewegen, eMails nur verschlüsselt zu nutzen… nach und nach werden es mehr, die das dann auch tun… und dann kommt die EFF daher und gibt einen dermaßen bekloppten Rat. #Pepecybs #welt #efail #eff #email #gpg #pgp #verschluesselung
Quelle: https://pepecyb.hu/2018/05/15/wie-scheisse-muss-man-im-kopp-sein/
Wie scheiße muss man im Kopp sein…

 
Wie scheiße muss man im Kopp sein…

…um aufgrund von EFAIL zu raten, kein PGP/GPG mehr zur Verschlüsselung zu benutzen?


Ich bin sowas von sauer… da bemüht man sich ewig lange, um die Leute dazu zu bewegen, eMails nur verschlüsselt zu nutzen… nach und nach werden es mehr, die das dann auch tun… und dann kommt die EFF daher und gibt einen dermaßen bekloppten Rat. #Pepecybs #welt #efail #eff #email #gpg #pgp #verschluesselung
Quelle: https://pepecyb.hu/2018/05/15/wie-scheisse-muss-man-im-kopp-sein/
Wie scheiße muss man im Kopp sein…

 
Fla wrote the following post Wed, 25 Apr 2018 10:14:46 +0200

Thunderbird April News Update: GSoC, 60 Beta 4, New Thunderbird Council

Due to lots of news coming out of the Thunderbird project, I’ve decided to combine three different blog posts I was working on into one news update that gives people an idea of what has been happening in the Thunderbird community this month. Enjoy and comment to let me know if you like or dislike this kind of post!
Ryan Sipes

https://blog.mozilla.org/thunderbird/2018/04/thunderbird-april-news-update/

#thunderbird #email #emailclient #foss

 
Notice how not only developers of #email clients and PGP/GPG tools deny that there's a severe issue, many of them see no need to patch anything. Some will further emphasise warnings that already existed. This 'bug' isn't new to some.

 
Bild/Foto
#email
#internetz
#ichweißauchnichtsorecht

Den Eindruck habe ich allerdings öfter ...

 
Embrace and extend https://www.howtogeek.com/fyi/you-can-now-at-people-in-gmail/ #google #email #gmail

 

Going Postal, or The Postman Always Shoot Twice.


!{forumadv@cats.pm}
For those who need better interaction or #bridging between #Hubzilla and #email #communication channels (both individual and via mailing lists) we start an initiative to develop a mailing #plugin. Come and see:
https://cni-coop.net/channel/postal

https://cni-coop.net -- CNI Coop. Technology for social libertarian revolution (and the days after)

 
[Efail: A Postmortem – Robert Hansen – Medium](https://medium.com/@cipherpunk/efail-a-postmortem-4bef2cea4c08)

#gnupg #efail #email

"The fire is a problem but the panic is worse. That’s what we saw here, and frankly I place a lot of blame for that at the feet of the Electronic Frontier Foundation."
(...)
"It’s not bad crypto that’s killing OpenPGP. It’s apathy."

 
Do you have a friend or relative who is still using a #YahooMail account? Did you know that all three billion #Yahoo accounts were breached?

http://money.cnn.com/2017/10/03/technology/business/yahoo-breach-3-billion-accounts/index.html

You might want to tell them to switch to an #email provider that is built around #privacy:

https://switching.social/ethical-alternatives-to-gmail-yahoo-mail-and-outlook/

#DeleteYahoo

 
Interesting.....
just logged on to a Starbucks/Google network
new log in screen required a first/last name entry and an email address.
further stated that after the initial signup my machine would be able to connect to all Starbucks networks.

Is it just me, or did Starbucks/Google just start asking for peoples names (luckily no ID required at this time), an email address (luckily this doesn't seem to be strictly enforced yet), and then takes to logging a machine MAC address to tie to that name and email address?

That's weird Starbucks/Google.
That's really really weird.
Not surprising, but it's really really weird.

#Starbucks #Google #Surveillance #Name #MAC #Email

 

Computer History Museum Makes Eudora Email Client Source Code Available


Early successful email client is released by Computer History Museum’s Center for Software History
Article word count: 520

HN Discussion: https://news.ycombinator.com/item?id=17127486
Posted by jmiller099 (karma: 89)
Post stats: Points: 140 - Comments: 97 - 2018-05-22T17:06:49Z

\#HackerNews #available #client #code #computer #email #eudora #history #makes #museum #source
Article content:

Bild/Foto

| Source: Computer History Museum

Mountain View, May 22, 2018 (GLOBE NEWSWIRE) -- Computer History Museum (CHM), the worldʼs leading institution exploring the history of computing and its impact on the human experience, today announced the public release and long-term preservation of the Eudora source code, one of the early successful email clients, as part of its Center for Software History’s Historical Source Code. The release comes after a five-year negotiation with Qualcomm.

The first version of Eudora was created in the 1980s by Steve Dorner who was working at the University of Illinois at Urbana-Champaign. It took Dorner over a year to create the first version of Eudora, which had 50,000 lines of C code and ran only on the Apple Macintosh.

In 1991, Qualcomm licensed Eudora from the University of Illinois and distributed it free of charge. Qualcomm later released Eudora as a consumer product in 1993, and it quickly gained popularity. Available both for the IBM PC and the Apple Macintosh, in its heyday Eudora had tens of millions of users.

After 15 years, in 2006, Qualcomm decided that Eudora was no longer consistent with their other major project lines, and they stopped development.

“In my opinion it was the finest email client ever written, and it has yet to be surpassed. I still use it today, but, alas, the last version of Eudora was released in 2006,” said Len Shustek, chairman of the Museum’s Board of Trustees. “With thanks to Qualcomm, we are pleased to release the Eudora source code for its historical interest.”

The discussion with Qualcomm for the release of the Eudora source code by the company’s museum took five years. Qualcomm has transferred ownership of the code, the Eudora trademarks, copyrights, and the Eudora domain names to the Computer History Museum. The transfer agreement allows CHM to publish the code under the very liberal BSD open source license, which means that anyone can use it for either personal or commercial purposes.

For download options and more information about the release of this historic source code, please visit: [1]http://www.computerhistory.org/_static/atchm/the-eudora-email-client-source-code/

About CHM Software Source Code
The Computer History Museum has the world’s most diverse archive of software and related material. The stories of software’s origins and impact on the world provide inspiration and lessons for the future to global audiences—including young coders and entrepreneurs. For other releases in the Museum’s historic source code series, please see: [2]APPLE II DOS, [3]IBM APL, [4]Apple MacPaint and QuickDraw, [5]Adobe Photoshop, [6]Xerox Alto, [7]Early CP/M, [8]Microsoft Word for Windows Version 1.1 and [9]MS-DOS.

About the Computer History Museum

The [10]Computer History Museum (CHM) in Mountain View, California, is the the worldʼs leading institution exploring the history of computing and its impact on the human experience. The Museum is home to the largest international collection of computing artifacts in the world, encompassing computer hardware, software, documentation, ephemera, photographs, and moving images. The Museum brings computer history to life through large-scale exhibits, an acclaimed speaker series, a dynamic website, docent-led tours, and an award-winning education program. For more information and updates visit [11]computerhistory.org.

Carina Sweet
Computer History Museum (650) 810-1059
csweet@computerhistory.org

References

Visible links
1. https://www.globenewswire.com/Tracker?data=e5gnFtvhxQvpIm9JS8-Y99U3IXoOrU-PW0TGqyH0LQMl9es9vd09zGAMY6ztIsz88kuNalKVIUJpdjVulcf11lB2IDbOvGioYFuLNDrNme4ayg0J-WVsir26KA6bgdv0EgaNRTf7d1AC6kKQwnZ-RXl5K3_wAa3zVFN2X1RKZ4iwEKSj1DTz3BcFH7cIVJWOrisSzhVfmcNYdOrsOUJnUDRBpa04bSaaxjDge38BY5Zg9U2cnuKxC9bRpWtU6wwj
2. https://www.globenewswire.com/Tracker?data=vzdRUnC4mMs6mhgH_xB94PmVTvGEiQeg286ySUlMvDulItnDzGB3jepFUzNvyKwBvyR2hIXuMzQYNqybGLq_gJoeD6VtzCkkbO0oK4b_woih5lnDSe_0m4Pb4IqGLKvI
3. https://www.globenewswire.com/Tracker?data=1BGGfKNzCtQxyowQc8ZM8UHZpUeqZvl7kcfoWCtobBh22_6Ac177JjtV4D1ZvxQD2yXPoI0E8u-_X_gIM-l0bUxkqhxE_3O3fyVJR6spynT3xoT5PJLrNB69urTqJve44h0WvdTTeLFXLpA92k4mmQ==
4. https://www.globenewswire.com/Tracker?data=jl1XyjfZqtQSRgc85FvWbkssh3J1ntRV75Zw9kLuojE3cixhaSKq6a00TMPG4Ic_sKk6iZ4ZjZJsZf5Ekchk0JLXlP5QBxCKs2s6sAFIJsGx3nuJi5lvzY7tlPm3lm_AR7AbfZqgEWgU0z2EXBZixCyYV_7Zwrk_zTXjDShuXtc=
5. https://www.globenewswire.com/Tracker?data=UDtsGi8DJofvwxbVdnCP39RPe3oi7B4D_qGFe6sBkYZrz0kKmu0k3bT_8idXyocKWLnaxE52uj9SzHsT1uXlZn1aFhp72SycgNrED4hRo9Y-B6B8xGEXiUFpT4jE4r9XUJN-AaGaVHD-3RQShUtfug==
6. https://www.globenewswire.com/Tracker?data=plMS8ZVhdYKjWjf7FdzK8JHrKTdbdednV64M45-6h-csh40eGFn5FFpKofOKKQtiL9LAwFzl8iNmdfzv3OQJcmv0J6c7iSg2UGC0B2akeLuhz_8rIMairrXclw7HLmLS
7. https://www.globenewswire.com/Tracker?data=UZomdZt8kSRiwgMwgK6Hb1EJ35vZC6kzlROuACtSpKyu2BEZaRxD7Xwf46iXPjJ6csTL9l_eonXbfi97rQcVkW69gW2V30o_HLITiFQnygD9K28yS5lZYZJ6fa_hMH8UwzXMIbrHQyljnlHQUDdRTw==
8. https://www.globenewswire.com/Tracker?data=4bfXgs1shSwyCzupvMeSa0sxBVc8WQ65sp2tatgRwvUiuQ4hMCrQdfc1KoOPTzchZGUJqYpbh15qcpRmBqz-lNehNumGSZ9GaVNTDpon_vPnxtMcP8udGRvRmau_JA2xuIiaBcDQUAJFzSg7YX4n6gOPgP4nHmUCmcFWUry-aEYspuW-aucV-IOhLwRfcVth
9. https://www.globenewswire.com/Tracker?data=FhC17IsEBhlb4k1zBZ3AwFmIy61sikGELyMNzLigeq4u8nhEg5E9K0tvnNzyeL8nbbSBicutRp6IwQFVLumTf8VhCkbTUjJ8aevq52Z3eTPQs20A6u0lpGWOmyRfu0PGhqdt7keZDDciR-Iz3FNBDg==
10. https://www.globenewswire.com/Tracker?data=bkReV1O1ma-3SwVONCfXtrhmj-jtxjKSou5EeG9a-i9suANET_f-CijS9rDfuyxWcIQhd4gpMmoS3aiQayW3dTEDCF5bdXWn6ZPqzTDkod0=
11. https://www.globenewswire.com/Tracker?data=kVG2k1BUlJCu_D9_dHwQWz77Hsd8OGlxw3YRLiKJVWE-SqdHR1BUxbvQb-CCi4oDwm5mWlpqW0T80-ou1qsiOX3SHH-isbcdyMDZIPQ1G3M=

HackerNewsBot debug: Calculated post rank: 125 - Loop: 337 - Rank min: 100 - Author rank: 37

 

How a New Era of Privacy Took Over Your Email Inbox


#business #email #era #inbox #new #over #privacy #took

 

Ghostery exposed everyone's email address in its GDPR email by not using BCC


HN Discussion: https://news.ycombinator.com/item?id=17159497
Posted by rexbee (karma: 371)
Post stats: Points: 98 - Comments: 13 - 2018-05-26T01:10:31Z

\#HackerNews #address #bcc #email #everyones #exposed #gdpr #ghostery #its #not #using
HackerNewsBot debug: Calculated post rank: 69 - Loop: 67 - Rank min: 60 - Author rank: 90

 
Bild/FotoHacker News ( unofficial ) wrote the following post Sat, 26 May 2018 07:17:17 +0200

Ghostery exposed everyone's email address in its GDPR email by not using BCC


HN Discussion: https://news.ycombinator.com/item?id=17159497
Posted by rexbee (karma: 371)
Post stats: Points: 98 - Comments: 13 - 2018-05-26T01:10:31Z

\#HackerNews #address #bcc #email #everyones #exposed #gdpr #ghostery #its #not #using
HackerNewsBot debug: Calculated post rank: 69 - Loop: 67 - Rank min: 60 - Author rank: 90- - - - - -

You can't make this shit up!

\#privacy #fail #ghostery

 
#eff badmouths #encryption for #email
while promoting this bogus law that no spy agency will obey anyway
https://www.eff.org/deeplinks/2018/05/email-privacy-act-comes-back-hopefully-stay
#efffail #efail

 
#eff reiterates #fud against #email #encryption while promoting much worse things
https://www.eff.org/deeplinks/2018/05/how-turn-pgp-back-safely-possible
#efffail #fail

 
| #military #google #leak #drone #email

 
| #military #google #leak #drone #email

 

Posteo: Kritik unerwünscht?

Der E-Mail-Provider Posteo hat einen Weg eingeschlagen, der nach meiner Ansicht nicht zum Unternehmen passt
[ #posteo #kritik #anwalt #provider #email #kuketz #blog ]

 

EU creating a link tax law and forcing an upload filter law this month.


This post will have more info that the video I just posted. A Pirate Party member, Julia Reda, has blogged about new a law that the EU is creating this month that comes in two parts.[1] First part is forcing services to be responsible for the potentially copyrighted material in HTML links posted by their users, and taxing the service owner for every time a user posts a link to something copyrighted, like an image or a news article. Since pretty much all individual artists and photographers copyright their work to themselves, and pretty much all news articles are copyrighted to the news outlet that wrote it, the owners of IRC servers, email servers, Jabber servers, or Diaspora pods in the EU can either choose to be taxed every time one of their users posts a link or reshares a link to any copyrighted items, or choose to save themselves by banning their users from posting HTML links at all, or choose to move their servers to the Americas or Asia, or choose shut down their services entirely. I'll just assume it will end up being the last one. Don't believe me? This exact thing was actually done in Spain already and what happened was all the small Spanish news apps, independent Spanish news publishers and local Spanish news aggregators shut down and died. Google News just up and left the country entirely.[2]

The second part of the new EU law is forcing service owners to filter all content uploaded to the service by the users, and suing services that do not comply. Using Diaspora as an example, this means that any post made by a pod user that contains an uploaded file would have to first be kept on hold before showing up on the users profile, and instead shown to just the owner of the pod first. The pod owner would have to then sit down and review the uploaded file and decide if it violates any copyrights anywhere in the EU, before clicking some "approve" button. Only after that would the post be posted. The pod owner would have to do this for all uploads by all users. Since this tool/feature does not even exist in the Diaspora server software, I am forced to assume that that means that Diaspora developers would have to program a special EU version of the Diaspora software that has this tool included in order for Diaspora to be viable in the EU. Diaspora is just an example, the owners of email servers, Jabber servers, or forums would have to do it too. Of course it's a whole lot more likely that Diaspora pods in the EU will just shut down since only corporations like Facebook and Twitter are the only ones that would be able to even afford do to this.

So I live in the US, and I use quite a few services that happen to be hosted somewhere in the EU. I regularly use an IRC server and a Jabber server are both located in the EU. I just don't see how it's feasible to for the server owner to run an IRC server or Jabber server while also complying with this law. I'm scared that if Europeans let their government do this then the rest of the world will take this as a signal that they can do it too. And they only have a month to rally against it, if the EU will even bother to listen to it's subjects, which I doubt. The Pirate Party member Julia Reda has this to say about EU member states who are pushing this forward:
Some of The worst offenders
* Germany is standing in the way of an agreement over what the “link tax” should cover (see above).
* Austria and Italy want to extend the duration of the “link tax”.
* France, Italy, Spain and Portugal want to force upload filters on not-for-profit platforms (like Wikipedia) and on platforms that host only small amounts of copyrighted content (like startups). Even if platforms filter, they should still be liable for copyright infringements of their users under civil law, just not under criminal law.
* Hungary used to be against the “link tax”, but is now fully in favour, thereby giving Germany the majority it needs to push this through.
Fuck the EU.

[1]https://juliareda.eu/2018/05/censorship-machines-link-tax-finish-line/
[2]https://arstechnica.com/tech-policy/2015/07/new-study-shows-spains-google-tax-has-been-a-disaster-for-publishers/

More information :
https://www.techdirt.com/articles/20180525/10072939912/forget-gdpr-eus-new-copyright-proposal-will-be-complete-utter-disaster-internet.shtml
https://youtu.be/fvXOfq3AB8s

@diaspora* HQ @nolcip @Commits to Diaspora
#european-union #eu #europeanunion #europe #internet #web #diaspora #email #irc #laws #law #DeleteArt13 #xmpp #jabber #linktax #tax #taxes
EU censorship machines and link tax laws are nearing the finish line

 

EU creating a link tax law and forcing an upload filter law this month.


This post will have more info that the video I just posted. A Pirate Party member, Julia Reda, has blogged about new a law that the EU is creating this month that comes in two parts.[1] First part is forcing services to be responsible for the potentially copyrighted material in HTML links posted by their users, and taxing the service owner for every time a user posts a link to something copyrighted, like an image or a news article. Since pretty much all individual artists and photographers copyright their work to themselves, and pretty much all news articles are copyrighted to the news outlet that wrote it, the owners of IRC servers, email servers, Jabber servers, or Diaspora pods in the EU can either choose to be taxed every time one of their users posts a link or reshares a link to any copyrighted items, or choose to save themselves by banning their users from posting HTML links at all, or choose to move their servers to the Americas or Asia, or choose shut down their services entirely. I'll just assume it will end up being the last one. Don't believe me? This exact thing was actually done in Spain already and what happened was all the small Spanish news apps, independent Spanish news publishers and local Spanish news aggregators shut down and died. Google News just up and left the country entirely.[2]

The second part of the new EU law is forcing service owners to filter all content uploaded to the service by the users, and suing services that do not comply. Using Diaspora as an example, this means that any post made by a pod user that contains an uploaded file would have to first be kept on hold before showing up on the users profile, and instead shown to just the owner of the pod first. The pod owner would have to then sit down and review the uploaded file and decide if it violates any copyrights anywhere in the EU, before clicking some "approve" button. Only after that would the post be posted. The pod owner would have to do this for all uploads by all users. Since this tool/feature does not even exist in the Diaspora server software, I am forced to assume that that means that Diaspora developers would have to program a special EU version of the Diaspora software that has this tool included in order for Diaspora to be viable in the EU. Diaspora is just an example, the owners of email servers, Jabber servers, or forums would have to do it too. Of course it's a whole lot more likely that Diaspora pods in the EU will just shut down since only corporations like Facebook and Twitter are the only ones that would be able to even afford do to this.

So I live in the US, and I use quite a few services that happen to be hosted somewhere in the EU. I regularly use an IRC server and a Jabber server are both located in the EU. I just don't see how it's feasible to for the server owner to run an IRC server or Jabber server while also complying with this law. I'm scared that if Europeans let their government do this then the rest of the world will take this as a signal that they can do it too. And they only have a month to rally against it, if the EU will even bother to listen to it's subjects, which I doubt. The Pirate Party member Julia Reda has this to say about EU member states who are pushing this forward:
Some of The worst offenders
* Germany is standing in the way of an agreement over what the “link tax” should cover (see above).
* Austria and Italy want to extend the duration of the “link tax”.
* France, Italy, Spain and Portugal want to force upload filters on not-for-profit platforms (like Wikipedia) and on platforms that host only small amounts of copyrighted content (like startups). Even if platforms filter, they should still be liable for copyright infringements of their users under civil law, just not under criminal law.
* Hungary used to be against the “link tax”, but is now fully in favour, thereby giving Germany the majority it needs to push this through.
Fuck the EU.

[1]https://juliareda.eu/2018/05/censorship-machines-link-tax-finish-line/
[2]https://arstechnica.com/tech-policy/2015/07/new-study-shows-spains-google-tax-has-been-a-disaster-for-publishers/

More information :
https://www.techdirt.com/articles/20180525/10072939912/forget-gdpr-eus-new-copyright-proposal-will-be-complete-utter-disaster-internet.shtml
https://youtu.be/fvXOfq3AB8s

@diaspora* HQ @nolcip @Commits to Diaspora
#european-union #eu #europeanunion #europe #internet #web #diaspora #email #irc #laws #law #DeleteArt13 #xmpp #jabber #linktax #tax #taxes
EU censorship machines and link tax laws are nearing the finish line

 
Bruce Schneier - " I tell people that if they want to communicate securely with someone, to use one of the secure messaging systems: Signal, Off-the-Record, or -- if having one of those two on your system is itself suspicious -- WhatsApp." https://www.schneier.com/blog/archives/2018/06/e-mail_vulnerab.html

Signal - https://signal.org/
WhatsApp - https://www.whatsapp.com/

#security #email

 
Another Day Another Hack

Hacked: 92 Million Account Details for DNA Testing Service #MyHeritage


On Monday #MyHeritage announced a security researcher had uncovered tens of millions of account details for recent #customers, including #email #addresses and hashed #passwords.

"Don't give your #DNA to a company"

https://motherboard.vice.com/en_us/article/vbqyvx/myheritage-hacked-data-breach-92-million

#vice #motherboard #hacking #privacy #security

 
Another Day Another Hack

Hacked: 92 Million Account Details for DNA Testing Service #MyHeritage


On Monday #MyHeritage announced a security researcher had uncovered tens of millions of account details for recent #customers, including #email #addresses and hashed #passwords.

"Don't give your #DNA to a company"

https://motherboard.vice.com/en_us/article/vbqyvx/myheritage-hacked-data-breach-92-million

#vice #motherboard #hacking #privacy #security

 
Captured like prisoners of #google these #email users will find themselves having to accept changes from this #nsa #prism spy
https://www.howtogeek.com/fyi/google-will-push-everyone-to-the-new-gmail-this-fall-whether-they-want-it-or-not/
https://www.howtogeek.com/354652/how-to-sign-out-of-gmail/

 

Justice Dept. Seizes Times Reporter’s Email/Phone Records in Leak Investigation


Federal prosecutors seized the records as part of an investigation into leaks of classified information to the news media by a former Senate aide.
Article word count: 357

HN Discussion: https://news.ycombinator.com/item?id=17261869
Posted by MBCook (karma: 10452)
Post stats: Points: 146 - Comments: 43 - 2018-06-08T01:33:57Z

\#HackerNews #dept #email #investigation #justice #leak #phone #records #reporters #seizes #times
Article content:




“The attorney general has stated that investigations and prosecutions of unauthorized disclosure of controlled information are a priority of the Department of Justice,” John Demers, a top Justice Department official, said in a statement announcing Mr. Wolfe’s arrest.

Ms. Watkins’s personal lawyer, Mark J. MacDougall, said: “It’s always disconcerting when a journalist’s telephone records are obtained by the Justice Department — through a grand jury subpoena or other legal process. Whether it was really necessary here will depend on the nature of the investigation and the scope of any charges.”

The investigation came to light after the Senate Intelligence Committee made a cryptic announcement on Wednesday that it was cooperating with the Department of Justice “in a pending investigation.” Earlier, the Senate quietly and unanimously adopted a resolution to share committee information with the Justice Department “in connection with a pending investigation arising out of the unauthorized disclosure of information.”

Mr. Wolfe, a former Army intelligence analyst, worked for the committee in a nonpartisan capacity for nearly 30 years. He worked closely with both Democrats and Republicans on the committee.

When law enforcement officials obtained journalists’ records during the Obama administration, members of Congress in both parties sounded alarms, and the moves touched off such a firestorm among advocates for press freedom that helped prompt the Justice Department to rewrite its relevant guidelines.

Under [1]Justice Department regulations, investigators must clear additional hurdles before they can seek business records that could reveal a reporter’s confidential sources, such as phone and email records. In particular, the rules require the government to have “made all reasonable attempts to obtain the information from alternative, non-media sources” before investigators may target a reporter’s information.

In addition, the rules generally require the Justice Department to notify reporters first to allow them to negotiate over the scope of their demand for information and potentially challenge it in court. The rules permit the attorney general to make an exception to that practice if he “determines that, for compelling reasons, such negotiations would pose a clear and substantial threat to the integrity of the investigation, risk grave harm to national security, or present an imminent risk of death or serious bodily harm.”

References

Visible links
1. https://www.law.cornell.edu/cfr/text/28/50.10

HackerNewsBot debug: Calculated post rank: 111 - Loop: 46 - Rank min: 100 - Author rank: 32

The New York Times: Justice Dept. Seizes Times Reporter’s Email and Phone Records in Leak Investigation (By ADAM GOLDMAN, NICHOLAS FANDOS and KATIE BENNER)


 
Bild/Foto
How To Turn PGP Back On As Safely As Possible...Previously,EFF recommended to PGP users that, because of new attacks revealed by researchers from Münster University of Applied Sciences,Ruhr University Bochum,and NXP Semiconductors,they should disable the PGP plugins in their email clients for now.The TL;DR (although you really should read the rest of this article):coders and researchers across the PGP email ecosystem have been hard at work addressing the problems highlighted by the paper,and after their sterling efforts,we believe some parts are now safe for use,with sufficient precautions.
#PGP #SECURITY #INTERNET #WEB #EMAIL #EFF #COMPUTER #TECHNOLOGY #HACKER
https://www.eff.org/deeplinks/2018/05/how-turn-pgp-back-safely-possible

 

Copyright reform: can Federation's greatest strength turn out to be its biggest weakness?


Disclaimer: This just my theory - I might be misunderstanding the technology or certain legal aspects of this situation. But the matter seems quite important as it appears to me that all of the attempts to create some kind of balance in the online world by providing alternatives to the existing online service monopolies are under a serious threat of being incapacitated by a mere copyright regulation.

Feel free to correct me on any of this in the comment section or to add relevant information.
TL;DR. If just sharing a link would be enough to count as an infringement, and having a comment or post containing that link on the server is enough to make that server liable - this is going to be a complete and utter disaster for the federated networks. They spread the information across different servers by design. Which would make liability similar to infection that spreads across the network all by itself with no way to control it. Scroll to the end of the post to see what you can do about it.
Longer version:

XMPP, Diaspora, Mastodon, those are some notable names in FOSS online-service world. What all of those networks have in common?
They federate content.

According to the current state of affairs
Operators of large online platforms with user-generated content will thus have significantly extended obligations, according to the will of EU countries: they will have to obtain permission from the rights holders for works that they make available to the public. Otherwise, they should do everything in their power to prevent the availability of protected content on their portals with the help of "effective and proportionate means".
^(taken^ ^from^ [^this^](https://www.heise.de/newsticker/meldung/Copyright-Reform-EU-Staaten-einigen-sich-auf-Upload-Filter-und-Leistungsschutzrecht-4059219.html) ^article)^

Now, can federated networks fall under the definition of "large online platforms with user-generated content"?
Why not? And the size of individual nodes might not matter - what matters is that the network appears as a "large online platform" for the end user.

So lets say a certain user "infringes" the copyright on a node A. This post/comment will be automatically pushed (federated) to the nodes this user interacts with, thus - getting them "infected" with the "infringement" (being liable for hosting the content.) If even sharing a link would be enough to break the law - imagine the consequences. And links are something that is federated everywhere - its just text, so it doesn't weight much.

Remember that under this review servers are liable from the moment the content actually gets into the system. So the whole system pretty much sabotages itself through spreading liability by federated design, and it really wouldn't matter if servers are in the EU or not as the whole network suffers.

Now there's this:
The technical measures to be taken against the upload of protected content should take into due account, among other things, the type and size of the services. In particular, micro-enterprises are to be exempted from the filter requirements. According to the design, the amount and type of works uploaded also play a role. Last but not least, the "availability and costs of the measures and their effectiveness in the light of technical development" should be included in the discretionary scope for the obligation.

With this provision, the Council aims to narrow the gap between the advertising revenues of online platforms such as YouTube and the comparatively modest remuneration for artists and producers ("value gap"). The draft text therefore aims at service providers whose main objective is to provide access to large quantities of user-generated content for commercial purposes.
^(taken^ ^from^ [^this^](https://www.heise.de/newsticker/meldung/Copyright-Reform-EU-Staaten-einigen-sich-auf-Upload-Filter-und-Leistungsschutzrecht-4059219.html) ^article)^

Will this help exclude federated networks from those laws? Possibly. But its not clear from the above statement, and its certainly not very profitable for large market players who might be influencing the review.

This is really urgent. It is said that the European Parliament will vote on it on June 20 or 21, and they are the one institution that can still stop this legislation.

You can take action here by contacting members of parliament:

https://saveyourinternet.eu/

https://www.fixcopyright.eu/

and/or by signing an open letter:

https://savecodeshare.eu/


If you have a Tweeter account, the site https://www.fixcopyright.eu/ makes it easy to tweet the key people on the committee.
For more info on the EU copyright review itself and resharing it around you can check out the following D* posts:
The EU Copyright Reform Again…
EU creating a link tax this month
EU creating a link tax law and forcing an upload filter law this month
Copyright reform: EU states agree on upload filters and ancillary copyright law
Forget GDPR, EU’s New Copyright Proposal Will Be a Disaster for the Internet
Please Save Code Share!
#FOSS, #reform, #politics, #politik, #creativecommons, #cc, #legislation, #europa, #freedom, #freedom-of-speech, #fairuse, #fair-use, #link, #link-tax, #linktax, #freeweb, #free-web, #sharing, #uploading, #uploads, #version-control, #EU, #EU-copyright, #law, #copyright, #censorship, #savecodeshare, #open-source, #software, #software-development, #social, #Europe, #diaspora, #thefederation, #federation, #the-federation, #internet, #web, #european-union, #europeanunion, #email, #irc, #laws, #law, #DeleteArt13, #xmpp, #jabber, #tax, #taxes

 

Copyright reform: can Federation's greatest strength turn out to be its biggest weakness?


Disclaimer: This just my theory - I might be misunderstanding the technology or certain legal aspects of this situation. But the matter seems quite important as it appears to me that all of the attempts to create some kind of balance in the online world by providing alternatives to the existing online service monopolies are under a serious threat of being incapacitated by a mere copyright regulation.

Feel free to correct me on any of this in the comment section or to add relevant information.
TL;DR. If just sharing a link would be enough to count as an infringement, and having a comment or post containing that link on the server is enough to make that server liable - this is going to be a complete and utter disaster for the federated networks. They spread the information across different servers by design. Which would make liability similar to infection that spreads across the network all by itself with no way to control it. Scroll to the end of the post to see what you can do about it.
Longer version:

XMPP, Diaspora, Mastodon, those are some notable names in FOSS online-service world. What all of those networks have in common?
They federate content.

According to the current state of affairs
Operators of large online platforms with user-generated content will thus have significantly extended obligations, according to the will of EU countries: they will have to obtain permission from the rights holders for works that they make available to the public. Otherwise, they should do everything in their power to prevent the availability of protected content on their portals with the help of "effective and proportionate means".
^(taken^ ^from^ [^this^](https://www.heise.de/newsticker/meldung/Copyright-Reform-EU-Staaten-einigen-sich-auf-Upload-Filter-und-Leistungsschutzrecht-4059219.html) ^article)^

Now, can federated networks fall under the definition of "large online platforms with user-generated content"?
Why not? And the size of individual nodes might not matter - what matters is that the network appears as a "large online platform" for the end user.

So lets say a certain user "infringes" the copyright on a node A. This post/comment will be automatically pushed (federated) to the nodes this user interacts with, thus - getting them "infected" with the "infringement" (being liable for hosting the content.) If even sharing a link would be enough to break the law - imagine the consequences. And links are something that is federated everywhere - its just text, so it doesn't weight much.

Remember that under this review servers are liable from the moment the content actually gets into the system. So the whole system pretty much sabotages itself through spreading liability by federated design, and it really wouldn't matter if servers are in the EU or not as the whole network suffers.

Now there's this:
The technical measures to be taken against the upload of protected content should take into due account, among other things, the type and size of the services. In particular, micro-enterprises are to be exempted from the filter requirements. According to the design, the amount and type of works uploaded also play a role. Last but not least, the "availability and costs of the measures and their effectiveness in the light of technical development" should be included in the discretionary scope for the obligation.

With this provision, the Council aims to narrow the gap between the advertising revenues of online platforms such as YouTube and the comparatively modest remuneration for artists and producers ("value gap"). The draft text therefore aims at service providers whose main objective is to provide access to large quantities of user-generated content for commercial purposes.
^(taken^ ^from^ [^this^](https://www.heise.de/newsticker/meldung/Copyright-Reform-EU-Staaten-einigen-sich-auf-Upload-Filter-und-Leistungsschutzrecht-4059219.html) ^article)^

Will this help exclude federated networks from those laws? Possibly. But its not clear from the above statement, and its certainly not very profitable for large market players who might be influencing the review.

This is really urgent. It is said that the European Parliament will vote on it on June 20 or 21, and they are the one institution that can still stop this legislation.

You can take action here by contacting members of parliament:

https://saveyourinternet.eu/

https://www.fixcopyright.eu/

and/or by signing an open letter:

https://savecodeshare.eu/


If you have a Tweeter account, the site https://www.fixcopyright.eu/ makes it easy to tweet the key people on the committee.
For more info on the EU copyright review itself and resharing it around you can check out the following D* posts:
The EU Copyright Reform Again…
EU creating a link tax this month
EU creating a link tax law and forcing an upload filter law this month
Copyright reform: EU states agree on upload filters and ancillary copyright law
Forget GDPR, EU’s New Copyright Proposal Will Be a Disaster for the Internet
Please Save Code Share!
#FOSS, #reform, #politics, #politik, #creativecommons, #cc, #legislation, #europa, #freedom, #freedom-of-speech, #fairuse, #fair-use, #link, #link-tax, #linktax, #freeweb, #free-web, #sharing, #uploading, #uploads, #version-control, #EU, #EU-copyright, #law, #copyright, #censorship, #savecodeshare, #open-source, #software, #software-development, #social, #Europe, #diaspora, #thefederation, #federation, #the-federation, #internet, #web, #european-union, #europeanunion, #email, #irc, #laws, #law, #DeleteArt13, #xmpp, #jabber, #tax, #taxes

 

Crisis at the National Archives





In the middle of directing the difficult task of transferring the historically important #records of the #Obama #administration into the #NationalArchives, the #archivist in charge, #DavidFerriero, ran into a serious problem: A lot of key #records are #missing.

A first-rate #librarian, Ferriero has been driving a much-needed #digital #overhaul and expansion of the #NationalArchives over the nine years of his appointment. This will greatly improve the ability of digital search locally and remotely, as well as accessing the files themselves.

To support this effort, in 2014 #PresidentObama signed the Presidential and Federal Records Act Amendments. For the first time #electronic #government #records were placed under the 1950 #FederalRecordsAct. The new #law also included updates clarifying "the responsibilities of #federal #government officials when using non-government email systems" and empowering "the National Archives to safeguard original and classified records from unauthorized removal.” Additionally, it gives the #Archivist of the #UnitedStates the final #authority in determining just what is a government record.

And yet the accumulation of recent #congressional #testimony has made it clear that the #Obama #administration itself engaged in the wholesale #destruction and “loss” of tens of thousands of government #records covered under the act as well as the #intentional #evasion of the government records recording system by engaging in #private #email exchanges. So far, former President Obama, former Secretary of State #HillaryClinton, former #AttorneyGeneral #Lynch and several #EPA officials have been named as #offenders. The #IRS suffered record “losses” as well. Former federal #prosecutor…

https://www.realclearpolitics.com/articles/2018/06/10/crisis_at_the_national_archives_137241.html


#DeepState #hiding #documents #IC #CIA #FBI

 

FBI announces arrest of 74 email fraudsters


#announces #arrest #email #fbi #fraudsters

 
Interview: Cryptographer Phil Zimmermann on encrypted email and defeating US export controls
#privacy #vieprivée #email

 

The EU Copyright Reform - 3 days left to take action


by @CrocoDuck (shared with permission from the author)
Before we dig in, the EU copyright reform will be discussed by the Europarliament on the 20 June 2018. The parliament is split in half: few MEPs could be enough to reject Article 11 and 13. Take action! I mean, if you agree Article 11 and 13 are bad... (Scroll to the end of the post for useful links.)
We have talked at length of Article 11 and , especially, Article 13, which would de-facto mandate the use of content filtering on a vast array of online services [1]. Let's just assume for a second that Article 13 will become reality. Could that mean that, in order to assist many online service providers to stay on business, few corporations could step in and offer content filtering services? The eventual rise of companies providing content filters is a double edged sword. The reason is that by controlling them then contents are controlled. We seen very well how social networks are already factoring in into shaping public opinions and informing voting decisions. Hence, there is a real bad risk in having businesses involved in filtering contents for a profit. The only way this could work would be if they were mandated to be Open Source, and with regular audit, peer reviewed, their performance constantly assessed: the filters operation must be public. Even then, I would really prefer nothing like this existing.

Since censorship machines are complex Machine Learning systems that need extensive investments and research to work at all, never mind properly, the proposal was revisited to exempt non-profit organizations. When exceptions are needed for a law to work properly (i.e. do not kill non-profits or small business) it means that it isn’t written properly. Not to mention, mandating content filtering would essentially mean gifting the entire market to giant corporations which either already have them or can afford to develop them. Something like this goes in the direction of monopoly, which is not really a good direction. Even worse, few countries (France, Italy, Spain and Portugal) are pushing to have content filtering mandatory for every platform, also non-profit ones [2].

Moreover, the proposed exceptions are not that good either. Every platform which is not a non-profit platform on which copyright protected material is uploaded would have to abide to Article 13. Among these platforms we can list: GitHub, GitLab, Launchpad, BitBucket… Open Source software development could be slowed down very significantly by false positives of filters in this regard, as complex nesting of many open source project with different licenses and copyright holders can be very very tricky to filter automatically. This isn’t realistic [3].

On the topic of Open Source: the industry relies on Open Source. Just think about every single scientific experiment running simulations and data processing on Linux clusters, or the fact that all respected machine learning toolboxes are Open Source. Blocking, or slowing down, Open Source means blocking (or slowing down) EU scientific and engineering innovation [5]. We could say that collaborative development might be safe in itself, as version control systems (git, svn, ...) can be self hosted. But this means going back in history of more than 10 years, when developers did not get to know the ecosystem of OSS software well and had quite a significant proportion of their everyday life essentially wasted in maintaining their own servers and manually managing projects. Whilst GitPub [4] could be a solution, we really don’t know if it is a solution good enough to justify a mass transition. Likely, whatever the solution will be, it will have a years long transition time. In the current situation, services like GitHub and the like are essentially allowing developers to take care of the code only, be easily in touch and cooperate seamlessly. A system of individually maintained repos could be a regression with huge productivity drop that will only be compensated for once a federated system can provide the same (if not more) of the advantages of GitHub style services. All of this assuming that there will be the political will to exempt the federated services for real: as a reminder we know that few EU countries would be totally happy to have federated systems not exempted. Finally, I don’t think that, even if workaround exists, we should accept a law which isn’t right or well written or both. Accepting every step backwards might lead us to the day in which we will have to do these things on the dark web. For me, it will be as absurd as going to buy sliced bread during night, dressed as a ninja, covered by the dark, passing only in the side alleys. It would make no sense.

Not to mention, this law has also very little balance: too much power in the hands of who would claim copyright infringement. A good law has to introduce balance. Something like Article 13 cannot be introduced without an effective system for people to defend themselves against unlawful claims, and without a strong system of punishment against unlawful claims. We all seen how utterly rubbish YouTube has been on this in the past. This almost feels like mandating YouTube filters worst mechanics.

There is one last detail: link tax regulation to be implemented differently in each EU state. Recipe for bureaucratic chaos, and de-facto a mandatory imposition on service providers to comply with the strictest one [2].

I am thinking mostly about code share. But the same I could really say about the art side of things. I do believe that all creative endeavours (science, engineering, art) are actually quite blurred together, but that’s another story.

Now, the EU parliament is split in half, and one or two MEPs could be enough to have Article 13 rejected at the vote that will be on the 20 June 2018. If you too feel like this norm is broken, do not hesitate to take action and send your concern directly to your MEPs. EU has a chance be the democracy we need only if we do actually use our voice.



[CrocoDuck] [1]https://juliareda.eu/eu-copyright-reform/censorship-machines/
[2]https://juliareda.eu/2018/05/censorship-machines-link-tax-finish-line/
[3]https://blog.github.com/2018-04-30-eu-upload-filters-response/
[4]https://github.com/git-federation/gitpub
[5]https://savecodeshare.eu/static/assets/WhitePaper-ImpactofArticel13onSoftwareEcosystem-SaveCodeShare.pdf

This is really urgent. It is said that the European Parliament will vote on it on June 20 or 21, and they are the one institution that can still stop this legislation.

You can take action here by contacting members of parliament:

https://saveyourinternet.eu/

https://www.fixcopyright.eu/

https://changecopyright.org/en-US/

and/or by signing an open letter:

https://savecodeshare.eu/

Or directly email your MEPs: http://www.europarl.europa.eu/meps/en/search.html?country=GB


If you have a Twitter account, the site https://www.fixcopyright.eu/ makes it easy to tweet the key people on the committee.
For more info on the EU copyright review itself and resharing it around you can check out the following D* posts:
Copyright reform: can Federation’s greatest strength turn out to be its biggest weakness?
The EU Copyright Reform Again…
EU creating a link tax this month
EU creating a link tax law and forcing an upload filter law this month
Copyright reform: EU states agree on upload filters and ancillary copyright law
Forget GDPR, EU’s New Copyright Proposal Will Be a Disaster for the Internet
Please Save Code Share!
#FOSS, #reform, #politics, #politik, #creativecommons, #cc, #legislation, #europa, #freedom, #freedom-of-speech, #fairuse, #fair-use, #link, #link-tax, #linktax, #freeweb, #free-web, #sharing, #uploading, #uploads, #version-control, #EU, #EU-copyright, #law, #copyright, #censorship, #savecodeshare, #open-source, #software, #software-development, #social, #Europe, #diaspora, #thefederation, #federation, #the-federation, #internet, #web, #european-union, #europeanunion, #email, #irc, #laws, #law, #DeleteArt13, #xmpp, #jabber, #tax, #taxes