Archive | May, 2017

Big Brother is not amused

The annual German Big Brother Awards were bestowed by EDRi member Digitalcourage on 5 May 2017 in Bielefeld, Germany. The event drew much media attention, as one of the awardees threatened the organiser with legal action. (…)

The awardee in the “Politics” category was the Turkish-Islamic Union for Religious Affairs (DİTİB). Imams at DİTİB – with ties to the Turkish government and its secret service MİT – are said to have conducted political espionage on DİTİB members and visitors, exposing them to persecution by the Turkish state.

EDRi » BBA Germany 2017: Espionage, threats, tracking, provoking cyber wars »

0

WTISD-17: The two faces of Big Data

Big data has a potential to improve society – much like electricity or antibiotics. From health care and education to urban planning and protecting the environment, the applications of big data are remarkable. However, big data comes with big negative impacts. Big data can be used – by both advertisers and government agencies – to violate privacy. The power of big data can be exploited to monitor every single detail of people’s activities globally.

EDRi: Big Data for Big Impact – but not only a positive one »

0

Is EU slowly killing the Internet?

Article 13 (in the European Union’s draft Copyright Directive), fewer than 250 words, is designed to provoke such legal uncertainty that internet companies will have no option other than to block, filter and monitor our communications, if they want to have any chance of staying in business. Ultimately, only the current internet giants, shedding crocodile tears at the prospect, will be able to survive. From global internet to “Googlebook”.

Joe McNamee, EDRi: Killing parody, killing memes, killing the internet? »

0

WannaCry: NSA is unforgivable and beyond irresponsible

It’s clear that in weaponizing a vulnerability instead of responsibly disclosing it (so hospitals and transportation infrastructure can be protected), the NSA made a critical error in judgment that put millions of people at risk. However, one would think that after learning 10 months ago that their entire cyberweapon arsenal had been stolen and was now out “in the wild”, the NSA would have immediately taken action and responsibly disclosed the vulnerabilities so systems around the world could be patched.

Unfortunately, there is no indication that they did so. If we read carefully the statement from Microsoft today, it appears the NSA deliberately withheld the information that would have allowed critical civilian infrastructure like hospitals to be protected. In our view, this is unforgivable and beyond irresponsible.

Proton Mail blog: Important lessons from the first NSA-powered ransomware cyberattack »

0

Microsoft on NSA and the WannaCrypt exploits

Finally, this attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.

Microsoft: The need for urgent collective action to keep people safe online: Lessons from last week’s cyberattack »

0

Ecuador on Swedens unfair treatment of Assange

Ecuador has written to the Swedish government complaining of a “serious lack of progress” in the investigation involving a rape allegation against WikiLeaks founder Julian Assange.

Radio Sweden: Ecuador concerned by Sweden’s “lack of progress” in Assange case »

Radio Sweden: Assange lawyer calls for Sweden to drop charges after US statement »

BBC: Julian Assange: Ecuador ‘concerned’ over lack of progress »

0

NSA, what have you done?

The ransomware spread so quickly because it was delivered by a special digital code developed by the NSA to move from one unpatched computer to another, security experts said. They warned that the malware now could move from large networks to individual users.

Washington Post: Malware, described in leaked NSA documents, cripples computers worldwide »

Update:

• The Intercept: Leaked NSA malware is helping hijack computers around the world »
• PC World: Microsoft blames U.S. stockpiled vulnerability after WannaCry ransomware attack »
• The Duran: Worried about ‘WannaCry’? You should have listened to Julian Assange »
• Falkvinge: Current wave of ransomware not written by ordinary criminals, but by the NSA »
• Reuters: Global cyber attack fuels concern about U.S. vulnerability disclosures »

• Ars Technica: How I accidentally stopped a global Wanna Decryptor ransomware attack »
• Ars Technica: Wanna Decryptor ransomware worm may have North Korea’s fingerprints on it »
• Wired: The WannaCry Ransomware Has a Link to Suspected North Korean Hackers »
• Proton Mail: Important lessons from the first NSA-powered ransomware cyberattack »

0