Skip to main content

Home/ Future of the Web/ Group items matching "social science" in title, tags, annotations or url

Group items matching
in title, tags, annotations or url

Sort By: Relevance | Date Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

Cy Vance's Proposal to Backdoor Encrypted Devices Is Riddled With Vulnerabilities | Just Security - 0 views

  • Less than a week after the attacks in Paris — while the public and policymakers were still reeling, and the investigation had barely gotten off the ground — Cy Vance, Manhattan’s District Attorney, released a policy paper calling for legislation requiring companies to provide the government with backdoor access to their smartphones and other mobile devices. This is the first concrete proposal of this type since September 2014, when FBI Director James Comey reignited the “Crypto Wars” in response to Apple’s and Google’s decisions to use default encryption on their smartphones. Though Comey seized on Apple’s and Google’s decisions to encrypt their devices by default, his concerns are primarily related to end-to-end encryption, which protects communications that are in transit. Vance’s proposal, on the other hand, is only concerned with device encryption, which protects data stored on phones. It is still unclear whether encryption played any role in the Paris attacks, though we do know that the attackers were using unencrypted SMS text messages on the night of the attack, and that some of them were even known to intelligence agencies and had previously been under surveillance. But regardless of whether encryption was used at some point during the planning of the attacks, as I lay out below, prohibiting companies from selling encrypted devices would not prevent criminals or terrorists from being able to access unbreakable encryption. Vance’s primary complaint is that Apple’s and Google’s decisions to provide their customers with more secure devices through encryption interferes with criminal investigations. He claims encryption prevents law enforcement from accessing stored data like iMessages, photos and videos, Internet search histories, and third party app data. He makes several arguments to justify his proposal to build backdoors into encrypted smartphones, but none of them hold water.
  • Before addressing the major privacy, security, and implementation concerns that his proposal raises, it is worth noting that while an increase in use of fully encrypted devices could interfere with some law enforcement investigations, it will help prevent far more crimes — especially smartphone theft, and the consequent potential for identity theft. According to Consumer Reports, in 2014 there were more than two million victims of smartphone theft, and nearly two-thirds of all smartphone users either took no steps to secure their phones or their data or failed to implement passcode access for their phones. Default encryption could reduce instances of theft because perpetrators would no longer be able to break into the phone to steal the data.
  • Vance argues that creating a weakness in encryption to allow law enforcement to access data stored on devices does not raise serious concerns for security and privacy, since in order to exploit the vulnerability one would need access to the actual device. He considers this an acceptable risk, claiming it would not be the same as creating a widespread vulnerability in encryption protecting communications in transit (like emails), and that it would be cheap and easy for companies to implement. But Vance seems to be underestimating the risks involved with his plan. It is increasingly important that smartphones and other devices are protected by the strongest encryption possible. Our devices and the apps on them contain astonishing amounts of personal information, so much that an unprecedented level of harm could be caused if a smartphone or device with an exploitable vulnerability is stolen, not least in the forms of identity fraud and credit card theft. We bank on our phones, and have access to credit card payments with services like Apple Pay. Our contact lists are stored on our phones, including phone numbers, emails, social media accounts, and addresses. Passwords are often stored on people’s phones. And phones and apps are often full of personal details about their lives, from food diaries to logs of favorite places to personal photographs. Symantec conducted a study, where the company spread 50 “lost” phones in public to see what people who picked up the phones would do with them. The company found that 95 percent of those people tried to access the phone, and while nearly 90 percent tried to access private information stored on the phone or in other private accounts such as banking services and email, only 50 percent attempted contacting the owner.
  • ...8 more annotations...
  • Vance attempts to downplay this serious risk by asserting that anyone can use the “Find My Phone” or Android Device Manager services that allow owners to delete the data on their phones if stolen. However, this does not stand up to scrutiny. These services are effective only when an owner realizes their phone is missing and can take swift action on another computer or device. This delay ensures some period of vulnerability. Encryption, on the other hand, protects everyone immediately and always. Additionally, Vance argues that it is safer to build backdoors into encrypted devices than it is to do so for encrypted communications in transit. It is true that there is a difference in the threats posed by the two types of encryption backdoors that are being debated. However, some manner of widespread vulnerability will inevitably result from a backdoor to encrypted devices. Indeed, the NSA and GCHQ reportedly hacked into a database to obtain cell phone SIM card encryption keys in order defeat the security protecting users’ communications and activities and to conduct surveillance. Clearly, the reality is that the threat of such a breach, whether from a hacker or a nation state actor, is very real. Even if companies go the extra mile and create a different means of access for every phone, such as a separate access key for each phone, significant vulnerabilities will be created. It would still be possible for a malicious actor to gain access to the database containing those keys, which would enable them to defeat the encryption on any smartphone they took possession of. Additionally, the cost of implementation and maintenance of such a complex system could be high.
  • Privacy is another concern that Vance dismisses too easily. Despite Vance’s arguments otherwise, building backdoors into device encryption undermines privacy. Our government does not impose a similar requirement in any other context. Police can enter homes with warrants, but there is no requirement that people record their conversations and interactions just in case they someday become useful in an investigation. The conversations that we once had through disposable letters and in-person conversations now happen over the Internet and on phones. Just because the medium has changed does not mean our right to privacy has.
  • In addition to his weak reasoning for why it would be feasible to create backdoors to encrypted devices without creating undue security risks or harming privacy, Vance makes several flawed policy-based arguments in favor of his proposal. He argues that criminals benefit from devices that are protected by strong encryption. That may be true, but strong encryption is also a critical tool used by billions of average people around the world every day to protect their transactions, communications, and private information. Lawyers, doctors, and journalists rely on encryption to protect their clients, patients, and sources. Government officials, from the President to the directors of the NSA and FBI, and members of Congress, depend on strong encryption for cybersecurity and data security. There are far more innocent Americans who benefit from strong encryption than there are criminals who exploit it. Encryption is also essential to our economy. Device manufacturers could suffer major economic losses if they are prohibited from competing with foreign manufacturers who offer more secure devices. Encryption also protects major companies from corporate and nation-state espionage. As more daily business activities are done on smartphones and other devices, they may now hold highly proprietary or sensitive information. Those devices could be targeted even more than they are now if all that has to be done to access that information is to steal an employee’s smartphone and exploit a vulnerability the manufacturer was required to create.
  • Vance also suggests that the US would be justified in creating such a requirement since other Western nations are contemplating requiring encryption backdoors as well. Regardless of whether other countries are debating similar proposals, we cannot afford a race to the bottom on cybersecurity. Heads of the intelligence community regularly warn that cybersecurity is the top threat to our national security. Strong encryption is our best defense against cyber threats, and following in the footsteps of other countries by weakening that critical tool would do incalculable harm. Furthermore, even if the US or other countries did implement such a proposal, criminals could gain access to devices with strong encryption through the black market. Thus, only innocent people would be negatively affected, and some of those innocent people might even become criminals simply by trying to protect their privacy by securing their data and devices. Finally, Vance argues that David Kaye, UN Special Rapporteur for Freedom of Expression and Opinion, supported the idea that court-ordered decryption doesn’t violate human rights, provided certain criteria are met, in his report on the topic. However, in the context of Vance’s proposal, this seems to conflate the concepts of court-ordered decryption and of government-mandated encryption backdoors. The Kaye report was unequivocal about the importance of encryption for free speech and human rights. The report concluded that:
  • States should promote strong encryption and anonymity. National laws should recognize that individuals are free to protect the privacy of their digital communications by using encryption technology and tools that allow anonymity online. … States should not restrict encryption and anonymity, which facilitate and often enable the rights to freedom of opinion and expression. Blanket prohibitions fail to be necessary and proportionate. States should avoid all measures that weaken the security that individuals may enjoy online, such as backdoors, weak encryption standards and key escrows. Additionally, the group of intelligence experts that was hand-picked by the President to issue a report and recommendations on surveillance and technology, concluded that: [R]egarding encryption, the U.S. Government should: (1) fully support and not undermine efforts to create encryption standards; (2) not in any way subvert, undermine, weaken, or make vulnerable generally available commercial software; and (3) increase the use of encryption and urge US companies to do so, in order to better protect data in transit, at rest, in the cloud, and in other storage.
  • The clear consensus among human rights experts and several high-ranking intelligence experts, including the former directors of the NSA, Office of the Director of National Intelligence, and DHS, is that mandating encryption backdoors is dangerous. Unaddressed Concerns: Preventing Encrypted Devices from Entering the US and the Slippery Slope In addition to the significant faults in Vance’s arguments in favor of his proposal, he fails to address the question of how such a restriction would be effectively implemented. There is no effective mechanism for preventing code from becoming available for download online, even if it is illegal. One critical issue the Vance proposal fails to address is how the government would prevent, or even identify, encrypted smartphones when individuals bring them into the United States. DHS would have to train customs agents to search the contents of every person’s phone in order to identify whether it is encrypted, and then confiscate the phones that are. Legal and policy considerations aside, this kind of policy is, at the very least, impractical. Preventing strong encryption from entering the US is not like preventing guns or drugs from entering the country — encrypted phones aren’t immediately obvious as is contraband. Millions of people use encrypted devices, and tens of millions more devices are shipped to and sold in the US each year.
  • Finally, there is a real concern that if Vance’s proposal were accepted, it would be the first step down a slippery slope. Right now, his proposal only calls for access to smartphones and devices running mobile operating systems. While this policy in and of itself would cover a number of commonplace devices, it may eventually be expanded to cover laptop and desktop computers, as well as communications in transit. The expansion of this kind of policy is even more worrisome when taking into account the speed at which technology evolves and becomes widely adopted. Ten years ago, the iPhone did not even exist. Who is to say what technology will be commonplace in 10 or 20 years that is not even around today. There is a very real question about how far law enforcement will go to gain access to information. Things that once seemed like merely science fiction, such as wearable technology and artificial intelligence that could be implanted in and work with the human nervous system, are now available. If and when there comes a time when our “smart phone” is not really a device at all, but is rather an implant, surely we would not grant law enforcement access to our minds.
  • Policymakers should dismiss Vance’s proposal to prohibit the use of strong encryption to protect our smartphones and devices in order to ensure law enforcement access. Undermining encryption, regardless of whether it is protecting data in transit or at rest, would take us down a dangerous and harmful path. Instead, law enforcement and the intelligence community should be working to alter their skills and tactics in a fast-evolving technological world so that they are not so dependent on information that will increasingly be protected by encryption.
Gonzalo San Gil, PhD.

Call for Papers | thinktwice.com | Creativity, Human Rights, Hacktivism [# Via FB's Francisco George x Arif Yıldırım] Deadline July 18th 2014 - 0 views

  •  
    "Call for Papers CALL FOR SUBMISSIONS We are looking for session submissions from Pirates, NGOs and Academia to following tracks: (other topics are allowed as well) Creativity: copyrights, patents, collaboration, citizen journalism, media, DRM, open access, FOI, public licensing, policy reform, education, etc… Human Rights: security, data protection, surveillance, FOI, basic income, emigration, voting rights, drones, non-proliferation, dual use technology, encryption, anonymity, transparency, net neutrality, open data, egovernment, society, whistle blowing, political science, etc… Activism|Hacktivism: Future, innovation, liquid democracy, transhumanism, cyborgs, startups, vision, 3d-printing, crowdsourcing, big data, participation, pirate parties, artificial intelligence, globalization, space travel, science networks, freemanning, freehammond, hacktivism, activism, civil disobedience, hacker culture, cyberpunk, cypherpunk, wikileaks, surveillance, digital activism, etc..."
  • ...1 more comment...
  •  
    "Call for Papers CALL FOR SUBMISSIONS We are looking for session submissions from Pirates, NGOs and Academia to following tracks: (other topics are allowed as well) Creativity: copyrights, patents, collaboration, citizen journalism, media, DRM, open access, FOI, public licensing, policy reform, education, etc… Human Rights: security, data protection, surveillance, FOI, basic income, emigration, voting rights, drones, non-proliferation, dual use technology, encryption, anonymity, transparency, net neutrality, open data, egovernment, society, whistle blowing, political science, etc… Activism|Hacktivism: Future, innovation, liquid democracy, transhumanism, cyborgs, startups, vision, 3d-printing, crowdsourcing, big data, participation, pirate parties, artificial intelligence, globalization, space travel, science networks, freemanning, freehammond, hacktivism, activism, civil disobedience, hacker culture, cyberpunk, cypherpunk, wikileaks, surveillance, digital activism, etc..."
  •  
    "Call for Papers CALL FOR SUBMISSIONS We are looking for session submissions from Pirates, NGOs and Academia to following tracks: (other topics are allowed as well) Creativity: copyrights, patents, collaboration, citizen journalism, media, DRM, open access, FOI, public licensing, policy reform, education, etc… Human Rights: security, data protection, surveillance, FOI, basic income, emigration, voting rights, drones, non-proliferation, dual use technology, encryption, anonymity, transparency, net neutrality, open data, egovernment, society, whistle blowing, political science, etc… Activism|Hacktivism: Future, innovation, liquid democracy, transhumanism, cyborgs, startups, vision, 3d-printing, crowdsourcing, big data, participation, pirate parties, artificial intelligence, globalization, space travel, science networks, freemanning, freehammond, hacktivism, activism, civil disobedience, hacker culture, cyberpunk, cypherpunk, wikileaks, surveillance, digital activism, etc..."
  •  
    [# Via FB's Francisco George x Arif Yıldırım] Deadline July 18th 2014 "Call for Papers CALL FOR SUBMISSIONS We are looking for session submissions from Pirates, NGOs and Academia to following tracks: (other topics are allowed as well) Creativity: copyrights, patents, collaboration, citizen journalism, media, DRM, open access, FOI, public licensing, policy reform, education, etc… Human Rights: security, data protection, surveillance, FOI, basic income, emigration, voting rights, drones, non-proliferation, dual use technology, encryption, anonymity, transparency, net neutrality, open data, egovernment, society, whistle blowing, political science, etc… Activism|Hacktivism: Future, innovation, liquid democracy, transhumanism, cyborgs, startups, vision, 3d-printing, crowdsourcing, big data, participation, pirate parties, artificial intelligence, globalization, space travel, science networks, freemanning, freehammond, hacktivism, activism, civil disobedience, hacker culture, cyberpunk, cypherpunk, wikileaks, surveillance, digital activism, etc..."
Paul Merrell

The Social Media Exodus Has Begun. Here's Where Everybody's Going. : The Corbett Report - 2 views

  • 10 years ago, everybody was on MySpace. 10 years from now, the Twitters and Facebooks and YouTubes of today will be dinosaurs, abandoned by users sick of censorship and centralized control. Thankfully, the alternatives to these social media dinosaurs are already here, and they’re blockchain-based, torrent friendly, decentralized and censorship resistant.
  • SHOW NOTES Leaked Twitter API data shows the number of tweets is in serious decline Yep, science confirms that quitting Facebook makes people happier Facebook ‘made China censorship tool’ Facebook is censoring posts in Thailand that the government has deemed unsuitable The Corbett Report on Steemit The Corbett Report on Minds.com The Corbett Report on BitChute Ray Vahey on Twitter
  •  
    Secure alternatives to current social media giants.
Gonzalo San Gil, PhD.

Socially controversial Social topics on Wikipedia draw edit wars | Ars Technica - 0 views

  •  
    "by John Timmer - Aug 18, 2015 9:42pm CEST Share Tweet 70 Gene Likens (Wikipedia link, naturally) is an ecologist who set up a longterm study of a forest in New Hampshire. That study found that the water entering the ecosystem was unusually acidic, a finding that was eventually tied back to pollution. This turned out to be one of the earliest indications of acid rain."
Gonzalo San Gil, PhD.

CompletePlanet - Discover over 70,000+ databases and specially search engines - 2 views

  •  
    Node Level All Topics >> Agriculture Games & Hobbies Military Religion Arts & Design Government Music Science Business Health News Search Engines Computing & Internet Home & Garden Newspapers Shopping Education Humanities People Science Sciences Energy Jobs & Careers Places Sports Engineering Law Politics Transportation Environment Literature Products & Technology Travel Family Living things Recreation Weather Finance & Economics Magazines & Journals References Food & Drink Media & Entertainment Regional
Gonzalo San Gil, PhD.

Piracy and Movie Revenues: Evidence from Megaupload: A Tale of the Long Tail? by Christian Peukert, Jörg Claussen, Tobias Kretschmer :: SSRN - 0 views

  •  
    " Christian Peukert University of Zurich - Department of Business Administration Jörg Claussen Copenhagen Business School - Department of Innovation and Organizational Economics Tobias Kretschmer Ludwig-Maximilians-Universität München - Faculty of Business Administration (Munich School of Management); London School of Economics & Political Science (LSE) - Centre for Economic Performance (CEP) August 20, 2013 Abstract: In this paper we make use of a quasi-experiment in the market for illegal downloading to study movie box office revenues. Exogenous variation comes from the unexpected shutdown of the popular file hosting platform Megaupload.com on January 19, 2012. The estimation strategy is to compare box office revenues before and after the shutdown, controlling for various factors that potentially explain intertemporal differences. We find that box office revenues of a majority of movies did not increase. While for a mid-range of movies the effect of the shutdown is even negative, only large blockbusters could benefit from the absence of Megaupload. We argue that this is due to Science network effects, where online piracy acts as a mechanism to spread information about a good from consumers with low willingness to pay to consumers with high willingness to pay. This information-spreading effect of illegal downloads seems to be especially important for movies with smaller audiences."
  •  
    " Christian Peukert University of Zurich - Department of Business Administration Jörg Claussen Copenhagen Business School - Department of Innovation and Organizational Economics Tobias Kretschmer Ludwig-Maximilians-Universität München - Faculty of Business Administration (Munich School of Management); London School of Economics & Political Science (LSE) - Centre for Economic Performance (CEP) August 20, 2013 Abstract: In this paper we make use of a quasi-experiment in the market for illegal downloading to study movie box office revenues. Exogenous variation comes from the unexpected shutdown of the popular file hosting platform Megaupload.com on January 19, 2012. The estimation strategy is to compare box office revenues before and after the shutdown, controlling for various factors that potentially explain intertemporal differences. We find that box office revenues of a majority of movies did not increase. While for a mid-range of movies the effect of the shutdown is even negative, only large blockbusters could benefit from the absence of Megaupload. We argue that this is due to Science network effects, where online piracy acts as a mechanism to spread information about a good from consumers with low willingness to pay to consumers with high willingness to pay. This information-spreading effect of illegal downloads seems to be especially important for movies with smaller audiences."
Gonzalo San Gil, PhD.

Issue in focus: the impact of intellectual property regimes on the enjoyment of right to science and culture - 0 views

  •  
    "The Special Rapporteur has decided to devote her next thematic report to the Human Rights Council (March 2015) to the issue of the impact of intellectual property regimes on the enjoyment of right to science and culture, as enshrined in particular in article 15 of the International Covenant on Economic, science and Cultural Rights. "
Gonzalo San Gil, PhD.

Here's why patents are innovation's worst enemy | Vivek Wadhwa | LinkedIn - 1 views

  •  
    "The Founding Fathers of the United States considered intellectual property so important that they gave it a special place in the Constitution: "To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries.""
  •  
    "The Founding Fathers of the United States considered intellectual property so important that they gave it a special place in the Constitution: "To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries.""
  •  
    The quote is somewhat misleading because it is out of context. The section is preceded by: "The Congress shall have Power ..." Those are words of discretion, not commandment. Nothing in the Constitution *requires* that patent and copyright systems be established. "Stable ownership is the gift of social law, and is given late in the progress of society. It would be curious then, if an idea, the fugitive fermentation of an individual brain, could, of natural right, be claimed in exclusive and stable property. If nature has made any one thing less susceptible than all others of exclusive property, it is the action of the thinking power called an idea, which an individual may exclusively possess as long as he keeps it to himself; but the moment it is divulged, it forces itself into the possession of every one, and the receiver cannot dispossess himself of it. Its peculiar character, too, is that no one possesses the less, because every other possesses the whole of it. He who receives an idea from me, receives instruction himself without lessening mine; as he who lights his taper at mine, receives light without darkening me. That ideas should freely spread from one to another over the globe, for the moral and mutual instruction of man, and improvement of his condition, seems to have been peculiarly and benevolently designed by nature, when she made them, like fire, expansible over all space, without lessening their density in any point, and like the air in which we breathe, move, and have our physical being, incapable of confinement or exclusive appropriation. Inventions then cannot, in nature, be a subject of property. Society may give an exclusive right to the profits arising from them, as an encouragement to men to pursue ideas which may produce utility, *but this may or may not be done, according to the will and convenience of the society, without claim or complaint from any body."* VI Writings of Thomas Jefferson, at 180-181 (Washington ed.).
Maluvia Haseltine

Center for Information Technology Policy - 1 views

  •  
    The Center for Information Technology Policy uses Princeton's unique strengths to promote an informed public discussion of digital technologies. Combining faculty expertise in technology and engineering, public policy, and the social socials with a strong University tradition of service, the Center's research, teaching, and public programs address digital technologies as they interact with policy, markets and society.
Gonzalo San Gil, PhD.

Better Society - Horizon 2020 - the Framework Programme for Research and Innovation - European Commission - 0 views

  •  
    [Horizon 2020 reflects the policy priorities of the Europe 2020 strategy and addresses major concerns shared by citizens in Europe and elsewhere. A challenge-based approach will bring together resources and knowledge across different fields, technologies and disciplines, including social socials and the humanities. This will cover activities from research to market with a new focus on innovation-related activities, such as piloting, demonstration, test-beds, and support for public procurement and market uptake. It will include establishing links with the activities of the European Innovation Partnerships (EIP).]
Gonzalo San Gil, PhD.

Editorial: Wikipedia fails as an encyclopedia, to science's detriment | Ars Technica UK [# ! Note] - 0 views

    • Gonzalo San Gil, PhD.
       
      # ! Still many detractors of the social-driven knowledge, with perhaps a certain number of inaccuracies, in favor of the more biased multinational publishers' facts statements... (Special Report Internet encyclopaedias go head to head - Jim Giles http://www.nature.com/nature/journal/v438/n7070/full/438900a.html)
  •  
    "by John Timmer (US) - Dec 29, 2015 4:35pm CET Ever look up an obscure scientific topic? Who is that information meant for?"
  •  
    " by John Timmer (US) - Dec 29, 2015 4:35pm CET"
Gonzalo San Gil, PhD.

Oxford Journals | Social Socials | Community Development Journal - 0 views

  •  
    "View Current Issue (Volume 49 Issue 2 April 2014) Advance AccessBrowse the ArchiveView all Supplements Published 4 times a year and circulated in more than 80 countries, the leading international journal in its field, covering a wide range of topics, reviewing significant developments and providing a forum for cutting-edge debates about theory and practice. It adopts a broad definition of community development to include policy, planning and action as they impact on the life of communities. It seeks to publish critically focused articles which challenge received wisdom, report and discuss innovative practices, and relate issues of community development to questions of social justice, diversity and environmental sustainability."
1 - 12 of 12
Showing 20 items per page