Jan 212017
 January 21, 2017  Laws, Surveillance, U.S. No Responses »

Mike Maharrey writes:

A New York electronic data protection bill would end warrantless collection of cell phone data and ban the use “stingrays” to track the location of phones and sweep up electronic communications without a warrant in most situations. Passage of the bill would not only protect privacy in New York, but would also hinder at least two aspects of the federal surveillance state.

A coalition of 19 assembly members introduced Assembly Bill1895 (A1895) on Jan. 13. Titled the New York Electronic Communications Privacy Act, the legislation would help block the use of cell site simulators, known as “stingrays.”

Read more on Tenth Amendment Center.

Jan 212017
 January 21, 2017  Online, Surveillance No Responses »

Chris Brook writes:

Users of the encrypted email service ProtonMail looking for an extra layer of security now have the option of accessing their inbox directly through the Tor network. ProtonMail, originally developed by CERN and MIT scientists, announced Thursday it had added its own Tor hidden service.

According to a blog post from Andy Yen, the service’s co-founder and chief executive officer, users can access ProtonMail on Tor, assuming it’s been properly configured, at https://protonirockerxow.onion.

Read more on ThreatPost.

Jan 202017
 January 20, 2017  Business No Responses »

Lily Hay Newman reports:

Meitu is a popular app that transforms your selfie into an adorable anime character. You’ve probably already downloaded it. In exchange for the simple pleasure of giving you an absurd makeover, though, it demands sprawling access to your personal data and numerous features of your smartphone, seemingly collecting a bloat of information about you in the process. Wannabe nymphs and sprites everywhere: be warned.

It’s normal for apps to need access to a variety of data and functions on a smartphone so they can run properly and deliver their service. But responsible apps ask for the fewest number of “permissions” possible so they don’t have access to anything they don’t absolutely need. It’s natural, for instance, for Meitu to accesses your camera. But it also has access to users’ GPS location, cell carrier information, Wi-Fi connection data, SIM card information, jailbreak status, and personal identifiers that could be used to track you and your device across the web.

Read more on Wired.

Not surprisingly, Meitu claims complete innocence and offers a detailed defense.

Jan 202017
 January 20, 2017  Featured News No Responses »

Joseph Cox reports:

There is no backdoor in WhatsApp, the messaging app used by more than 1 billion people worldwide. That’s the message from an open letter written by Turkish academic and commentator Zeynep Tufekci, and signed by around 30 cryptographers, security researchers, and other technical experts.

The letter comes after a much-castigated article in The Guardian from last week written by a freelance journalist, which interpreted an implementation of WhatsApp’s end-to-end encryption as a major security concern. The issue revolves around how WhatsApp generates new encryption keys for messages that cannot be immediately delivered, sometimes without warning the user; and how governments could force WhatsApp to take advantage of this alleged flaw in order to read some messages.

Read more on Motherboard.