|
In our 600th issue:
While copyright owners claim that they need anti-circumvention laws to address copyright infringement, twelve years' experience with the U.S. DMCA provisions demonstrates that overbroad digital locks laws can wreak havoc on lawful, non-infringing activities, stifle free speech and scientific research, and harm innovation and competition. Small wonder that a broad range of groups in Canada have come out against the unforgiving nature of Canada's C-11 Bill, including librarians, content creators, rights advocates and others.
For many years, EFF has been working to encrypt the Web, pushing websites to adopt better security and providing users with tools to protect themselves. This month, we're looking at online dating sites, which can be particularly negligent in safeguarding the sensitive data of users. Our analysis found these sites failed to implement even basic levels of security, but we were particularly concerned about the negligent security practices we discovered on the free dating site OkCupid. We've contacted the site and asked them to improve, but we could use your help. Send OkCupid an email today asking them to implement HTTPS.
Using data from EFF's SSL Observatory project, a team of researchers conducted an audit of the public keys used to protect HTTPS. Lenstra's team has discovered tens of thousands of keys that offer effectively no security due to weak random number generation algorithms. The consequences of these vulnerabilities are extremely serious.
EFF Updates
Six Heartbreaking Truths about Online Dating Privacy
Millions of people are using online dating sites to search for love or connection, but users should beware: many online dating sites are taking short cuts in safeguarding the privacy and security of users. Whether it's due to counter-intuitive privacy settings or serious security flaws, users of online dating profiles risk their privacy and security every day. We've put together six sobering facts about online dating services and a few suggestions for routing around the privacy pitfalls.
Comparing Privacy and Security Practices on Online Dating Sites
Concerned about your privacy when you use online dating sites? You should be. We found that the majority of the sites we examined did not take even basic security precautions, leaving users vulnerable to having their personal information exposed or their entire account taken over when using shared networks, such as at coffee shops or libraries.
A Better Path for Apps: Respecting Users and Their Privacy
Earlier this week, a Singapore-based iOS software developer made a startling discovery while working with the popular social-networking app Path: in the course of every new account creation, Path uploads the new user's entire iPhone address book to their servers. The strong user reaction demonstrates that even as norms of sharing evolve online and in the social networking space, users still value their privacy highly.
India's Downward Spiral
The world's biggest democracy is a formidable power in the IT sector. Despite playing such a role -- or perhaps because of it -- India has struggled to strike a balance between its security concerns and online freedom. Though the country's constitution guarantees the right to freedom of expression, the state is given the right to impose "reasonable restrictions ... in the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation, or incitement to an offence."
Iran Ratchets Up Its Internet Censorship
The Iranian government has not openly acknowledged these new measures. However, they are widely thought to be preliminary steps towards a nation-wide Halal Internet that would cut off a majority of citizens from the global web -- replacing it with one that would effectively block all foreign sites, allowing only state-controlled content to be accessed within Iran.
What the RIAA Won't Tell You: Users Matter
The New York Times published a lengthy screed from Cary Sherman, president of the Recording Industry Association of America, complaining about how "Google and Wikipedia" got in the way of efforts to ram through the Internet blacklist bills, never mind the massive collateral damage to Internet security, expression, and innovation those bills would have caused. The op-ed's really unfortunate message is that Hollywood still thinks the way forward is for a few executives to sit down together and make a deal.
miniLinks
The perpetual, invisible window into your Gmail inbox
Since Gmail added OAuth support, an increasing number of startups are asking for a perpetual, silent window into your inbox. While hugely convenient for both developers and users, OAuth may be paving the way for an inevitable privacy meltdown.
Amnesty International: EU urged to reject international anti-counterfeiting pact
Amnesty International urged EU governments not to join the Anti-Counterfeiting Trade Agreement (ACTA), branding it a "Pandora's box" of potential human rights violations.
We are the media, and so are you
In a Washington Post op-ed, Wikipedia founder Jimmy Wales explains that it's users, not corporate interests, who won the SOPA/PIPA fight.
Administrivia
ISSN 1062-9424
EFFector is a publication of the Electronic Frontier Foundation.
454 Shotwell Street
San Francisco, CA
94110-1914
USA +1 415 436 9333
+1 415 436 9993 (fax)
eff.org
Editor:
Parker Higgins, Activist
editor@eff.org
Membership & donation queries: membership@eff.org
General EFF, legal, policy, or online resources queries: info@eff.org
Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission.
Press releases and EFF announcements & articles may be reproduced individually at will.
Back issues of EFFector
Change your email address
This newsletter is printed from 100% recycled electrons.
EFF appreciates your support and respects your privacy. Privacy Policy.
Unsubscribe or change your email preferences, or opt out of all EFF email
{domain.address}
|
