Andy's insights

Remember one simple and basic knowlege that is about to get lost: The definition of the Web:

It must be linkable and allow any client to access it.

See What Is The Web on The Verge.

posted at: 01:03 | path: /net | permanent link to this entry

In my former posts I talked about how the relation network and “likes” can be used to identify the psychological profile of a human being. It looks like this is now used in reversed order: As a search machine to identify persons with a specific profile. And it’s used to target a single person. For example in the Brexit and US president election 2016. See The Guardian or German Tagesanzeiger for how this is exploited by SCL.

posted at: 17:39 | path: /net | permanent link to this entry

For years I’ve warn about how the World Wide Web is zentralized. While the internet provides a dezentralized infrastructure and protocols for the WWW are intended for dezentralized services too, the most used services are like hubs: The biggest search engine, the biggest social network and the messenger with the most users. While there are alternatives by a technical view all those services are basically a monopoly.

Now the inventor of the WWW himself, Sir Tim Berners-Lee, questioning this development as the internet has become world’s largest surveillance network

posted at: 17:04 | path: /net | permanent link to this entry

The origin source of the Panama papers published John Doe’s Manifesto a good read. He clearly describe what’s wrong.

If there is a opportunity to save taxes, you easily pay a share of the saved amount to someone helping you to save it. Even if only a few percent is payed, the tax evasion industrie is still able to employ tens of thousands of lawyers that will find every small loophole. We can say for sure that lawyers like Mossack Fonseca are at least partly paid by tax money.

posted at: 08:34 | path: /politics | permanent link to this entry

A visual illustration helps to understand the warming trend.

This visualization illustrates Earth’s long-term warming trend, showing temperature changes from 1880 to 2015 as a rolling five-year average.

2015 was the warmest year since we measure it.

posted at: 09:29 | path: /politics | permanent link to this entry

I care for my privacy, I don’t have Facebook and WhatsApp. I have a mobile phone without any commercial apps. I prefer to pay cash to avoid trails. I use encryption, host my e-mail, calender and file server myself. I avoid sweepstakes where I’ve to give any personal data including my name. In my browser I block all third party content not required for the website. I know I still leave a trail by keeping my mobile phone connected all the time. I give up a lot of comfort.

So it seems I’m paranoid. The world would be much more pleasant, cheered up and beautiful if I just suppress all the findings of Edward Snowden and WikiLeaks or The Intercept and we could then sleep better. But no I’m paranoid. Well I at least I didn’t get more paranoid, all the things I listed above I did already before Snowden leaked the NSA documents in 2013. I just feel vindicated, even if I never imagined this magnitude.

At least it seems I’m not alone. The Atlantic published an Article by Walter Kirn If you’re not paranoid, you’re crazy that is a good read.

posted at: 11:27 | path: /politics | permanent link to this entry

The (German) newspaper NZZ feature article summarize our current surveillance culture in a greate complete picture:
Bequemlichkeit und Todesangst

posted at: 11:26 | path: /politics | permanent link to this entry

A new study Computer-based personality judgments are more accurate than those made by humans shows that computers are better at predicting a personality than humans. The personality predicted based on the digital footprint is more accurate than the appraisal of close acquaintances.

Given that this study is based on generic likes, this support my claim that Facebook (and Google, and Amazon, …) knows you better than you think. It knows you well enough even if your profile info is wrong to manipulate you (see Facebook mood manipulation study). And I claim it is even able to build your profile without any likes from you based on the like button website bug implant and I’m quite sure this even works by simply analyzing your social network of all the people who added you to their profile.

Given that Facebooks now owns Whatsapp it should be able to do the same for me just from the phone book uploaded by Whatsapp. But still this isn’t an excuse for me to use Facebook or Whatsapp as I’m still trying to expose as little as possible of my personal data.

posted at: 11:26 | path: /net | permanent link to this entry

By now everybody should know about how NSA intercept nearly the whole world with the PRISM program thanks to Edward Snowden.

This leads to a few interesting questions. While this program probably helped to detect terrorist, its primary justification, it also installed all components necessary for surveillance and police states. This not only includes the technology, but also the intransparent processes, courts, and secrets to avoid investigations and control by the citizen.

For instance, there is formally a process which investigations are allowed, even a court to take the decisions to. But all this is secret. In practice the court only rejected a few two digit number out of fifteen tousands cases. Another example: The decision whether a conversation involves an american citizen needs a 51% surety before it can take place. 51% is one percent more than a coin flip! Let alone this only affects american citizen, all other people in the world will be observed anyway.

Former technical director William Binney who retired in 2001 said the first draft of this system included all saftey measures to protect the general right of privacy. But then nine eleven happened and the Bush administration wanted to observe them all. As a consequence Binney retired. Later Obama followed and extended the whole program.

So how does that affect us, we foreign people of the world? Well most internet services, search engines, mail services, social networks, telephony, and chat services are owned by an american company that is vulnerable to the electronic eavesdropping of the NSA or a connected agency. We can surely say our communication is logged once it crosses the american border, and quite probably logged if it crosses an submarine communication cable. Even if the communication is encrypted it probably is readable if it ends in a data center owned by an american company. And if it couldn’t be encrypted, there’s always the connection meta data that is as valuable as the communication itself.

Ok, and how does that affect us? Well even if the NSA is primarly oriented towards terrorism and crime, John and Jane Doe are still risking to be affected. May it collateral damage caused by dragnet investigation. Or its libability to submit to blackmail, if he has some valuable knowledge. As the USA is known to targeted killing and confinement without court, this is nothing to just ignore.

For corporations this has some more implications: Who say that once a business secrect is intercepted by the NSA they won’t forward it to a competitor?

What can we do against this?

First there are some political solutions: The first political solution does not only apply to this but can’t be said enough: Make all as transparent as possible. Each surveillance must be approved by an independed court. The court must be controllable by citizen. Of course ongoing investigations can’t be made public, but as soon as the case is solved the have to be published. Each person under surveillance must be informed too. Second: Don’t allow dragnet inestigations. They are too risky. Third: Keep the observation as low as possible. Destroy old records as soon as possible.

Then there are technical solutions: Avoid the cloud, or whatever the marketing division calls the outsourced data store and application servers. If you can’t choose hosters that can guarantee the data stays in your own country. Use distributed communiation services instead of central services for instance messaging, chat and telephony: Use XMPP (Jabber) for chat and instance messaging, switch to distributed social networks (egg and chicken problem). By all means avoid Skype, Facebook, Whatsapp for sensitive data. Encrypt all your E-Mail communications. E-Mails are only postcards without envelopes. There is tried and tested technology out there, S/MIME for corporations or PGP/GNUPG for all other (I use it for over 10 years now). Use HTTPS instead of HTTP to access websites, clean cookies often and block Google analytics, Twitter and Facebook counters in each and every website (I’m looking at you web page owner).

When I first heard from the leak I wasn’t surprised about the surveillance program. I somehow reckon that it was there. But as more and more details revealed I’m shocked about the backgrounds and intransparencies. We must stop it right now. We live in a liberal democracy, a state based on justice and integrity. I want to keep it. If we ignore the demount of our privacy right we may find us sooner than expected in a state without basic human rights.

posted at: 00:55 | path: /net | permanent link to this entry

In my recent rant I mentioned that even if you enter wrong data or leave it out Facebook knows all about you by your connections.

The Guardian brings more evidence that this is not just a conspiracy theory. In this study the likes are used: Facebook users reveal intimate secrets (See also this interpretation)

posted at: 11:04 | path: /net | permanent link to this entry