Thursday 28 May 2015

Adult Friend Finder: When Bad Websites Happen to Good People

Adult Friend Finder
Two weeks ago, Adult Friend Finder was just a place where “you can finally be who you are and be accepted.” Now, its users aren’t so sure.

Last week, the UK’s Channel 4 News revealed that hacker ROR[RG] had released stolen data from Adult Friend Finder, including email addresses, birthdates, postal codes and sexual preferences and desires. To date, compromised users have received phishing emails; many are also confronting the collision of their online and in-person selves. 

According to “Kim,” a user interviewed by CNN Money, "This is not something that just goes away. People will know you're the guy into swapping partners with your wife. Or you're the burly football player who's bisexual. I wish we lived in a world in which your personal preferences didn't matter. But we do, and it sucks."

Initially, ROR[RG] appeared to be motivated by little more than an airing of secrets; more recently, however, the hacker offered to sell the complete set of data—a possible source of credit card information—as well as his hacking services.

Nearly 4 million users of Adult Friend Finder are unquestionably victims of ROR[RG], yet it’s hard to lay blame on this individual. Technology has outpaced policy, a fact that gives the average ROR[RG] considerable power over the average dating website user.

As such, it’s easy to adopt the attitude that you only have yourself to blame when your information is exposed. In response to the discovery that many users, including government employees, registered for Adult Friend Finder accounts with work email addresses, CSO reported, “Rather amazing that people would do such a thing…I will offer that if you’re going to sign up for a service like this that you make use of a throw away email and limit what information you do share.” Don’t want your boss to find out about your online dating habits? Create a new email account on your lunch hour.

Blaming user indiscretion, however, overlooks the real problem: a lack of accountability for companies to keep their users’ data secure. In 2012, the Electronic Frontier Foundation rated the privacy and security practices of online dating websites including Adult Friend Finder, eHarmony and Match. The takeaway: security is bad. If you care about your personal information, don’t ever login from shared internet. 

Which is why the modern lover is stuck. He has a human right to privacy, his peers support his choice to reveal an intimate glimpse of himself to a select group of people (59% of Americans believe online dating is a good way to meet people) and yet he can’t find a website to trust.

Adult Friend Finder is no exception. Not only was it slow to post a rather discrete link to information on the ‘security incident,’ it may have ignored initial warnings about the hacked data altogether. Data Breach Wall of Shame posted email correspondence revealing that Adult Friend Finder was first alerted to the security breach on March 12. Adult Friend Finder maintains that it never received this notifying email, despite issuing a read receipt in response.

Ultimately, Adult Friend Finder will find itself faced with data protection lawsuits. May these provide the opportunity users need to hold companies accountable for products that compromise consumer rights.

SumRando’s Brazil Server: Better! Faster!

The Randos have spoken: they want their daily dose of Orkut, 4share and Globo. As one of our most popular locations, SumRando's Brazil server needed some room to grow. In response, we increased the server's bandwidth this past Monday, which means you will experience faster speeds and reduced latency--all the content you want without the wait.

Did you hear about the Italian mafia boss arrested in Brazil? Or what Dilma Rousseff has been up to? Get the latest straight from Sao Paulo with our Brazil server.

Thursday 21 May 2015

South Korea Mandates the Installation of Monitoring Technology on Minors’ Smartphones

Middle school students in Seoul, South Korea
Imagine a land where roughly 80% of youth under the age of 19 own a smartphone. These minors’ phones are monitored by their parents’ phones, which are capable of tracking websites and apps accessed, as well as when and for how long. Parents aren’t alone in these efforts, however; telecommunications companies and software developers track data and inform parents when the system isn’t working.
 
That land is South Korea. A new law requires one of 15 monitoring apps to be installed on the new smartphone of anyone under the age of 19; already, the apps have been downloaded nearly 500,000 times.

This is a law with loopholes, as it only affects the owners of new Android phones. Minors who already own a smartphone or who buy a new iPhone are not required to install a monitoring app. Furthermore, it is only the installation and not the use of an app that is required. However, if an app is deleted or rendered inoperable, parents will receive monthly notices about such matters.

Furthermore, according to the AP, teenagers have already found ways around the law: 17-year-old Paik Hyunsuk will simply wait until he is 19 to buy a new phone. Cho Jaehyun and his parents decided to uninstall the app once he reached high school.

Regardless, the push back from civil liberties defenders has been strong. According to Open Net Korea’s briefing on the law, “The Decree is unconstitutional as it infringes on children’s privacy and parental rights, increases the risk of data breach, and overburdens both the business and the parents.” Open Net is currently in the process of appealing the law on these grounds.

Cybersecurity experts have also contributed to the criticism. Some fear that a precedent has been set that could lead to the monitoring of adults’ private data in the future; others predict that the state-sponsored monitoring apps might exist for government spying purposes. 

Regardless of future fallout, those who are guaranteed to suffer from this law are young children and the society of adults they will one day become. In 2013, roughly 3/4 of elementary school-aged children owned a smartphone. This law invites them to grow up knowing nothing but internet surveillance; today’s teenagers question and rebel against the law, tomorrow’s teens may simply accept it. As Open Net’s Kim Kha Yeun pointed out, “We are going to raise people who are accustomed to surveillance.” If South Korea wants a populace capable of free and independent thought, it should rethink the mandatory installation of monitoring technology on minors’ phones.

Tuesday 19 May 2015

SumRando’s New York Server Goes VIP

What’s that? You wish SumRando would give you an even faster connection to US-based content from anywhere in the world?
New York, USA

You got it.

SumRando’s New York node is officially VIP, providing you with the access you’ve always wanted, whether you’re in Midtown or the Middle East.

As with our VIP server in Sweden, the New York VIP node is available exclusively to SumRando Gold and Platinum members. In celebration of this upgrade, we are offering 1 year of either paid plan at 50% off. Just go to https://sumrando.com/plans.aspx, select a plan and enter promo code 50OFFNYC by May 31. Take advantage of this opportunity to experience the VIP difference!

Social Media Post Leads to Australian Government Threatening Johnny Depp’s Dogs With Death

We all know to think before posting on Facebook, but Australia’s ‘War on Terrier’ proves just how powerful the most innocent of posts can be.

Pistol and Boo at Happy Dogz. Photo: Gold Coast Bulletin


Johnny Depp’s dogs, Pistol and Boo, made international headlines last week when Australian Agriculture Minister Barnaby Joyce gave the Yorkshire terriers until Saturday to leave Australia or face death. Depp and wife Amber Heard had flown on a private jet with the dogs to Queensland, but made no attempt to declare the pooches’ entry into the import law-heavy country. 

In a public statement last Thursday, Joyce showed little sympathy for the plight of Pistol and Boo: “[Depp] has decided to bring into our nation two dogs without actually getting the proper certification and the proper permits required. Basically it looks like he snuck them in. We found out he snuck them in because we saw them taken into a poodle groomer. Now, Mr. Depp has to either take his dogs back to California or we’re going to have to euthanize them. He’s now got about 50 hours left to remove the dogs.” Joyce continued to cite the threat of disease and an unwillingness to bend the law for celebrities as reasons for taking such extreme measures.

It should come as little surprise that Facebook played a role in the Australian government finding these dogs. Pistol and Boo were dropped off at Happy Dogz salon, dog groomer Lianne Kent posted a picture of an article featuring her with the dogs on Facebook, and the rest is history: enter Barnaby Joyce, Kyle Sandilands, John Oliver, and, finally, a $400,000 rescue mission.

Our actions are increasingly traceable these days. No longer can we make an off-color comment or sneak a dog or two into a country, because there is always someone watching. As such, there is no excuse for ignoring the realities of the modern era: we must be informed of the laws, know when we are following or breaking them, and take what precautions we can to maintain and protect our privacy.

Thursday 14 May 2015

Congress Must Take Action Regarding Phone Surveillance Following Court Ruling That Current Program Is Unlawful

NSA Headquarters
The U.S. House of Representatives has voted to end the National Security Agency’s bulk collection of telephone metadata, a practice secretly authorized by the US Foreign Intelligence Surveillance Court (FISC) under Section 215 of the Patriot Act. Known to exist since May 2006, the program has allowed the NSA to collect and store phone numbers of call originators and recipients, along with times and lengths of calls, for all calls made to, from or within the United States. The purported goal of the program has been to monitor individuals capable of terrorism, but the result has been an NSA-controlled, ever-expanding database of all known phone conversations, the majority of which have no bearing on national security.

Wednesday’s USA Freedom Act, passed in a vote of 338 to 88, requires phone metadata to remain in the hands of telecommunications companies, prohibiting government access without a court order identifying suspicion of terrorism.

The House of Representatives decision rides on the heels of last week’s Second Circuit appeals court verdict that the National Security Agency’s bulk telephone metadata program is in excess of “the scope of what Congress has authorized” in Section 215 of the Patriot Act. Although the appeals court recognized the lawlessness of the NSA’s metadata collection, it has deferred to Congress to take action: “We note that at the present time, Section 215 is scheduled to expire in just several weeks. The government vigorously contends that the program is necessary for maintaining national security, which of course is a public interest of the highest order. Allowing the program to remain in place for a few weeks while Congress decides whether and under what conditions it should continue is a lesser intrusion on appellants’ privacy than they faced at the time this litigation began. In light of the asserted national security interests at stake, we deem it prudent to pause to allow an opportunity for debate in Congress that may (or may not) profoundly alter the legal landscape.”

Debate is exactly where Congress finds itself right now. The USA Freedom Act has passed the House of Representatives and has the support of the White House, but still must make it through the Senate. Senate Republicans Mitch McConnell and John McCain are in favor of extending Section 215 of the Patriot Act as is until 2020, but as Techdirt pointed out, the Second Circuit court’s decision implies that Section 215 will no longer be used to justify the bulk collection of metadata that these senators were looking for. Also in light of the Second Circuit court’s decision, the Electronic Frontier Foundation has altered its stance and is pressuring Congress to adopt an even stronger (2013) version of the USA Freedom Act.

Congress should not squander its opportunity to profoundly alter the legal landscape of government surveillance. If you’d like to share your thoughts on phone surveillance with Washington, check out www.fight215.org.

Thursday 7 May 2015

Facebook’s Internet.org Does Not Provide the Security Users Deserve

Facebook's Zuckerberg
In 2013, a Facebook-led initiative launched Internet.org, a free, barebones version of the internet for those in Africa, Asia, and Latin America who would otherwise go without. At the time, Facebook CEO and Founder Mark Zuckerberg explained the project as such: “There are huge barriers in developing countries to connecting and joining the knowledge economy. Internet.org brings together a global partnership that will work to overcome these challenges, including making internet access available to those who cannot currently afford it.” Internet.org invites users in places such as Colombia, Ghana and Indonesia to check job postings, access health information, and connect via Facebook, but has offered little else. Conceptually, Internet.org makes a lot of sense; in practice, concerns have been raised about whether its limited content constitutes access to the “knowledge economy” or just the Facebook economy.

In response, users are about to see a more robust Internet.org. On Monday, Facebook announced the arrival of the Internet.org Platform, an open program for developers to integrate their services with Internet.org. The announcement included an impassioned, egalitarian plea from Zuckerberg himself: “Everyone is welcome to join. It’s not exclusive to any mobile operator or company. Now, we had to start somewhere so we launched first with partners who wanted to work with us on this mission to connect the world, but we’ll work with anyone who wants to join us. No company pays to be included in Internet.org. No operator is paid to offer these services.” 

Zuckerberg is working hard to rebrand Internet.org as a place for everyone because he knows it is anything but. Internet.org has a long list of requirements for compatibility: content, for example, cannot utilize JavaScript, video or large images (yes, this goes for Facebook too). Furthermore, the fine print on Internet.org’s submission page clearly states, “Submission and/or approval by Facebook does not guarantee that your site(s) will be made available through Internet.org.” Internet.org may be about to expand its offerings, but Facebook remains very much in control of what those offerings will be.

Of greater consequence, Internet.org is completely unencrypted, save for its Android App. Services submitted with SSL/TLS/HTTPS will be relegated to the aforementioned app; Internet.org as it exists via any other platform has no regard for user privacy. 

Users should not underestimate the significance of this fact. Zuckerberg has positioned Internet.org as the only available web connection for two-thirds of the world’s population and he takes no responsibility in providing a secure, private connection along with it. The developed world, on the verge of accepting encryption as the smart and safe approach to the internet, has given its neighbors a no win situation—either use Internet.org and let Facebook track your every move while you hand your financial information to hackers, or don’t touch the internet at all. Even the service’s technical guidelines admit that this is a problem deserving of a solution; if Zuckerberg were guided by the humanitarian aims he claims, he would not ask the majority of the world’s population to forego their rights to privacy.