WVUM 90.5FM | WE ARE THE VOICE | University of Miami

Posts Tagged ‘privacy’

The iPhone 5s: the Start of Widespread Genetic Tech?

By Mike Kanoff | Counterpoint | September 25th, 2013 | LEAVE A COMMENT

(Image credit: The Denver Post)

 

In case you missed it, the new iPhone went on sale recently. Normally this wouldn’t be even remotely newsworthy, but this iPhone is different: it comes with a fingerprint sensor.

The iPhone 5s (Apple’s latest offering) is able to read and store the fingerprint of the owner and if chosen, other people as well. I can’t possibly be the only one who smells something fishy here: hot on the heels of the Snowden leaks, the new must-have product just so happens to have this technology?

“But so what?” you say. It’s just a fingerprint, and those are taken all the time; for jobs, arrests, etc. so why does this even matter? Personally, I don’t think the actual data does, after all, I just said fingerprints are taken all the time, but this is huge for the “surveillance culture” we have creeping up on us: for the first time ever, there is the widespread use of a technology that uses a genetic marker to identify people on a regular basis. While I’ll admit that “fingerprints” and “genetic marker” generally aren’t lumped together as synonymous, “DNA” and “genetic marker” usually are, and that’s what this technology is paving the way for. That sounds far off into the future, but DNA-verification has been around for a while, it’s only a matter of time before it reaches the general public. What’s more, while it’s not generally accepted that specific genetic information can be reliably determined from a fingerprint, DNA-verification could pave the way for corporations to target ads with precision the likes of which has never been seen before on this Earth. Got a cold? (For those not familiar, the common cold– like any virus– can actually make slight alterations to genes) Your iPhone 151s could one day be offering you coupons for CVS before you know you’re sick.

Something to ponder as you go about your day.

Attack on Tor

By Mike Kanoff | Counterpoint | August 8th, 2013 | LEAVE A COMMENT

(Image Credit: Tor Project)

 

Before I start, here’s a reference for those who aren’t totally sure about what Tor is or how it works–

(Image Credit: EFF)

 

Near the end of the weekend, somebody (I’ll get to who later) compromised Freedom Hosting, a hosting service that was heavily invested in Tor (The Onion Router). The company was responsible for a huge chunk (about half) of the hidden network’s sites and many of the more well-known ones including Tor Mail, a completely anonymous email service. The details of the attack are starting to be sorted out, but a few facts have already been nailed down. The move comes after Freedom Hosting’s founder, Eric Eoin Marques, was arrested on suspicion of child pornography, so many are speculating that the two events are related.

 

Tor network was originally conceived by the Navy as a way of anonymizing communications between correspondents, but was abandoned mid-way through development. It was later picked up by DIY-ers and completed into what we see today. Due to the nature of the network, any one user cannot identify another, even for server-client interactions, making a breach of anonymity from the inside near-impossible. The exploit in question was placed on Freedom Hosting’s sites after the company was either seized or otherwise compelled to do so (details unconfirmed at time of writing) and injected a JavaScript executable that made the target send an unencrypted request over HTTP to a specified server in Virginia, exposing the IP address of the user that normally would be impossible to find. Therefore, I’ll admit that the title of this piece is somewhat misleading: the network itself has not been compromised, but the company that hosted a majority of it has.

 

So: who did it? Many (myself included) initially speculated that the exploit was the work of the FBI, citing the arrest of Eric Marques, and the fact that it’s the FBI’s job (more or less) to take down child pornographers. As the matter was looked into it became apparent that the server receiving the non-encrypted IP addresses was owned by a corporation in Virginia that routinely leases server space to agencies like the FBI and NSA, prompting more speculation. However, at time of writing, nobody has stepped forth to claim credit for the exploit, leading some to wonder if it was a non-official entity. The latest evidence in the exploit points toward its purpose to be solely identifying and not actually hacking, so at this point, it’s anyone’s guess. Hopefully more will become known later this week.

 

If a state actor is responsible, I seriously question the motives. We can all agree that child pornography and abuse is bad by any measure, but taking down essential services that people the world over use to keep safe from tyranny or even just to keep private is not the way to go about removing it. Take Tor Mail mentioned earlier: with the recent revelation that the NSA is monitoring literally everything on the Internet, is it not reasonable that there was a push towards anonymous encrypted email? Heck, I myself have/had (depending on the outcome of this situation) a Tor Mail for the simple reason that I don’t like being spied on. Even if Eric Marques is guilty of hosting and distributing child pornography, I believe a more effective and efficient way to go after those responsible would have been to target the specific websites which are accused of doing so rather than the entire company that may or may not have hosted them. The FBI has previously been allowed to run a child pornography site before, and doing so in this instance would have made for a much shorter list of names than half of Tor network.

 

While this story is still developing, I want to end on a slightly inquisitive note: this happened during DEF CON (a hacker’s convention), meaning a good number of the people who bother to look into this kind of thing were busy out of town, and also on the heels of the NSA’s XKeyscore revelation, which “collects nearly everything a user does on the Internet.” These combined make me somewhat suspicious of this incident; more so than I normally would be for a compromise of a major anonymity service.