It’s Not Your Data! Turn Off All Your Facebook Privacy Settings

There are lots of folks decrying the Facebook “breach”, where a third party company abused the terms of service and leeched a bunch of data to the seemingly shady Cambridge Analytica. I love how people are referring to this as “their private data being stolen”. IT’S NOT YOUR DATA.

nytimes

Well, at least not in the United States. In the US, when you give your private data to a company, it’s no longer private with the exception of healthcare data (HIPAA), children’s data (COPPA), and some credit data (FACTA). So, when you logged into Facebook and told them all the things you like, you gave them that data.

The true deception here is Facebook’s “privacy” setting. It gives you the false pretense that it’s your data to decide what you want to do with it. Google, Microsoft, Apple, just about everyone has created this false pretense, and we all gleefully ignore that there are no legal protections in the United States about this so-called private data.

I have an easy solution! Turn off all the privacy settings. Set everything to public. Don’t fool yourself into a false sense of privacy. If you want to be private, don’t post it on social media.

You should think of three people before sharing something online: your mother, your boss, and your kid. If any of those three people shouldn’t see it, then it shouldn’t be posted.

I’m not saying that online privacy doesn’t exist. The US does protect private information that is meant to be private from one party to an another and in other situations covered by a patchwork of laws.

I’m also not saying that online privacy shouldn’t exist. I consider myself a privacy advocate. All the actions we take online leave a digital trail. Facebook and others are notorious for tracking as much as that as possible. I think there are great dangers when insurance firms and financial firms use social media tracking data to make risk-based decisions. What about our offline activities? If a firm is using license plate scanners to build marketable data, where are our privacy rights then?

Worried about Facebook and other social media sites tracking you? I highly recommend Privacy Badger from Electronic Frontier’s Foundation.

If we want to change the way we treat data, we have to honest with ourselves about what is real privacy protection, and what makes us feel safe. Social media sites make money off data you provide them. Other companies and even governments are using that data. Use social media with eyes wide open.

Once you accept the truth, then you have the power to decide what to share, and what to keep private.

Advertisements

Pirate Bay finds gold in MediaDefender emails

Thanks to the email-leakage from MediaDefender-Defenders we now have
proof of the things we've been suspecting for a long time; the big
record and movie labels are paying professional hackers, saboteurs and
ddosers to destroy our trackers.

While browsing through the email we identified the companies that
are also active in Sweden and we have tonight reported these incidents
to the police. The charges are infrastructural sabotage, denial of
service attacks, hacking and spamming, all of these on a commercial
level.

The companies that are being reported are the following:

  • Twentieth Century Fox, Sweden AB
  • Emi Music Sweden AB
  • Universal Music Group Sweden AB
  • Universal Pictures Nordic AB
  • Paramount Home Entertainment (Sweden) AB
  • Atari Nordic AB
  • Activision Nordic Filial Till Activision (Uk) Ltd
  • Ubisoft Sweden AB
  • Sony Bmg Music Entertainment (Sweden) AB
  • Sony Pictures Home Entertainment Nordic AB

Stay tuned for updates.

Original Post.

MediaDefender-Defenders!

The whole mail database was converted to HTML by Forrest F. (JRWR), and is hosted by the nicest guy on the planet.

Do
note that this is not the official MediaDefender-Defenders website,
just a browseable copy of the e-mail leak that snowballed. We're also
not the guys that acquired these e-mails, we just nabbed them off of
BitTorrent and converted them.

We got pulled offline by No-ip.com, who seemed to take offense and took jrwr.hopto.org offline. You can now find us here at mediadefender-defenders.com.
However, as the world really should learn – whenever you take one site down, twelve new ones will spring online.

Update: We moved to the domain which.. one of the IRC guys got, and recieved our first C&D letter. More soon.

Feel free to come meet us at #MediaDefender-Defenders @ EFNet, and some new site features will be coming shortly.

I'm not sure why I find all this so entertaining, but I do. Go read some emails:

MediaDefender Damage Control: Cease and Desist!

After the big leak of last week, today mediadefender is desperately trying to establish some
level of damage control. This morning we received an email from their lawyers
stating that the domain registrar should hand over our personal information. So here is an open letter to MediaDefender.

Dearest little asstunnels,

Let me start of by thanking you for your pittyfull attempt to have your
emails removed from the entire internet (the thing that says www.).
In no way we feel obligated to fulfill your request, as a matter of
fact any organisation that tries to harm this site and the bittorrent
user in general can expect nothing more from us but a big fuck you!

In case you havent noticed, this site is located in europe (I hope you
can point it out on a map) were your stupid copyright claims have no
base. But fair is fair you guys did suffer over the past week so here's
bit of advice to you guys:

The the full email sent by Markus at Meganova.  It gets rather colorful.

MediaDefender Internal Emails Go Public

Unfortunately for Media Defender – a company dedicated to mitigating
the effects of internet leaks – they can do nothing about being the
subject of the biggest BitTorrent leak of all time. Over 700mb of their
own internal emails, dating back over 6 months have been leaked to the
internet in what will be a devastating blow to the company. Many are
very recent, having September 2007 dates and the majority involve the
most senior people in the company. Apparently this is not the first
time that a MediaDefender email leaked onto the Internet.

According to the .nfo file posted with the Mbox file the emails were
obtained by a group called “MediaDefender-Defenders”. It states: “By
releasing these emails we hope to secure the privacy and personal
integrity of all peer-to-peer users. The emails contains information
about the various tactics and technical solutions for tracking p2p
users, and disrupt p2p services,” and “A special thanks to Jay Maris,
for circumventing there entire email-security by forwarding all your
emails to your gmail account”

Note: The mbox
formatted file is circulating publicly on BitTorrent, completely
unedited. However, for publication here we have removed the username
and password logins for Media Defender’s servers, and replaced them
with asterisks and avoided publishing emails of a personal nature, e.g
pay negotiations etc. We believe that the emails are the real deal and
all the info posted here serves the public interest.

Read the whole post on TorrentFreak.

FBI's Secret Spyware Tracks Down Teen Who Made Bomb Threats

FBI agents trying to track the source of e-mailed bomb threats against
a Washington high school last month sent the suspect a secret
surveillance program designed to surreptitiously monitor him and report
back to a government server, according to an FBI affidavit obtained by
Wired News.

The court filing offers the first public glimpse into the
bureau's long-suspected spyware capability, in which the FBI adopts
techniques more common to online criminals.

The software was sent to the owner of an anonymous MySpace profile
linked to bomb threats against Timberline High School near Seattle. The
code led the FBI to 15-year-old Josh Glazebrook, a student at the
school, who on Monday pleaded guilty to making bomb threats, identity
theft and felony harassment.

Read the full article on Wired.  I believe that this is the first confirmed use of an FBI Trojan horse program in a criminal investigation.  That we know of 😉

Surf the Net Safely and Privately with JanusVM

This morning, while having a little fun with VMWare Server, I stumbled on VMWare’s list of free virtualized environments.
If you have any VMWare product installed on your box, you’ll definitely
want to check this list out. Anyhow, like I already said, I stumbled on
this list and quickly browsed the available products. That’s when I
ended up on a very interesting security package named JanusVM.
JanusVM is a virtualized security environment that allows you to surf
the internet absolutely securely and privately. It was designed to run
on VMware Player (or Server) and brings together openVPN, Tor, Squid, Privoxy and dns-proxy-tor to give you a transparent layer of security that is compatible with most TCP based applications.

JanusVM Features:

  • WiFi Support.
  • Supports multiple users in a LAN.
  • Protects you from most man-in-the-middle attacks.
  • Protects you from Javascript, Java, and Flash based side-channel privacy attacks.
  • Protects your identity and your true location by masking your IP Address.
  • Encrypts and re-routes your DNS request and ALL TCP traffic to ensure strong privacy.
  • Strips out most privacy sensitive information your web browser may leak.
  • Blocks popups, annoying ads, banners, and other obnoxious Internet junk.
  • Very simple setup and operation.
  • Works transparently for applications using TCP.

Setup is very easy. Just download and install VMWare player, download JanusVM and follow these simple instructions.

After setting up the environment, if you decide to keep JanusVM running on your box, please consider giving a small donation to the developer. Your donations will surely encourage him to keep on working on this fantastic project.

Nice, I'm downloading this now.  Usually the presence of Tor on a corporate laptop is eyed suspiciously.  Found on Geeks are Sexy.