Bits and Bytes

While the rest of the world is watching the Supreme Court's final decision day of the year, it's been a busy time in the cyber world as well.  Herewith seven (!) bits and bytes of interest, in no particular order: Facebook's Psych Experiment.  You've no doubt read that Facebook manipulated news feeds as an experiment. Dan Solove has a nice introduction to the topic:  "This weekend, the results of an experiment conducted by researchers and Facebook were released, creating a fierce debate over the ethics of the endeavor. The experiment involved 689,003 people on Facebook whose News Feed was adjusted to contain either more positive or more negative emotional content. The researchers were looking for whether this had an effect on these people’s moods. And it did, albeit a small one. People exposed to more positive content had posts that were more positive, and those exposed to more negative content had posts that were more negative. This was measured by the types of words they used." Legal Government Spyware Accesses Mobile Devices. "HackingTeam, the Italian company that develops a “legal” spyware tool known as Remote Control System, has been deployed as a broad network of controversial spyware by various law enforcement entities around the world. Now, a new version has been reportedly designed to give law enforcement agencies complete access to a suspect's phone for the purpose of surveillance. According to researchers from Kaspersky Lab and Citizen Lab, Munk School of Global Affairs at the University of Toronto, a number of mobile malware modules for RCS are now operating in the wild, including modules for Android, Apple iOS, Windows Mobile and BlackBerry. The iOS module works only on jailbroken devices." NATO Updates Cyber Defense Policy.  "Reflecting how all international conflicts now have some digital component, NATO has updated its cyber defence policy to make it clear that a cyber attack can be treated as the equivalent of an attack with conventional weapons.  The organisation's new cyber defence policy clarifies that a digital attack on a member state is covered by Article 5, the collective defence clause. That states that an attack against one member of NATO "shall be considered an attack against them all" and opens the way for members to take action against the aggressor — including the use of armed force — to restore security." Damage from Snowden Leaks "Manageable" Says NSA Chief.  "The newly installed director of the National Security Agency says that while he has seen some terrorist groups alter their communications to avoid surveillance techniques revealed by Edward J. Snowden, the damage done over all by a year of revelations does not lead him to the conclusion that “the sky is falling." Protecting the internet from Political Agendas.  Another take on the ICANN meeting in London -- this one focusing on the trade issues which underlie France's new-found preference for an authoritarian system of governance.  Hint:  They want to control the .wine and .vin top-level domains.  "The recent ICANN meeting in London highlighted two issues that appear unrelated on the surface but link current concerns about how to manage Internet Governance going forward.  One is the transition of the Internet Assigned Numbers Authority (IANA) stewardship away from the U.S. Government, and the second is the Government Advisory Committee’s multi-meeting, dragged out discussion on .wine/.vin new Top Level Domains (TLDs)." Privacy Blackphone Starts Shipping -- Just $630.  Perfect for the privacy advocate in the family, but a bit pricey. Testimony before the Bundestag.  My friend, Chris Soghoian testified the other day.  He made the rather obvious point that protecting against NSA surveillance means protecting against German surveillance too:  "The German government must prioritize information security if it wishes to protect itself, German companies, and the German people from surveillance by sophisticated foreign governments. This will require more than just establishing a “German cloud”. Prioritizing security will also mean that the German police and intelligence services will also lose the ability to monitor phone calls, emails and cloud stored data that they likely will argue is essential to their work. To summarize: to keep the NSA from watching, you must also keep your own police and intelligence services from watching too."  [His answer, which is also mine:  better and more effective encryption.]