As Authorized by The Telecommunication Breakdown Act of 1995

(Normally I would just drop this in a mixtape, but I'm way behind, so here.)

Mike Relm: 0000 Remix

Based on this trailer.

I met Mike briefly, and was shocked to learn that he was unfamiliar with Emergency Broadcast Network. This is, apparently, not an uncommon state of affairs amongst the VJ types these days -- it's not the first time I've had this conversation! It is baffling to me, as if A Place to Bury Strangers had claimed to be unfamiliar with Jesus and Mary Chain.

Tags: , ,

Dropbox doesn't actually encrypt your files.

Miguel de Icaza wrote:

Dropbox recently announced an update to its security terms of service in which they announced that they would provide the government with your decrypted files if requested to do so.

This is not my problem with Dropbox.

My problem is that for as long as I have tried to figure out, Dropbox made some bold claims about how your files were encrypted and how nobody had access to them, with statements like:

  • All transmission of file data occurs over an encrypted channel (SSL).
  • All files stored on Dropbox servers are encrypted (AES-256)
  • Dropbox employees aren't able to access user files, and when troubleshooting an account they only have access to file metadata (filenames, file sizes, etc., not the file contents)

This announcement means that Dropbox never had any mechanism to prevent employees from accessing your files, and it means that Dropbox never had the crypto smarts to ensure the privacy of your files and never had the smarts to only decrypt the files for you. It turns out, they keep their keys on their servers, and anyone with clearance at Dropbox or anyone that manages to hack into their servers would be able to get access to your files.

Dropbox CTO Arash Ferdowsi admits that they were always able to access the contents of user files if they felt like it.

Tags: , ,

That pocket supercomputer of yours is such a snitch.

iPhone keeps record of everywhere you go

Security researchers have discovered that Apple's iPhone keeps track of where you go – and saves every detail of it to a secret file on the device which is then copied to the owner's computer when the two are synchronised.

The file contains the latitude and longitude of the phone's recorded coordinates along with a timestamp, meaning that anyone who stole the phone or the computer could discover details about the owner's movements using a simple program.

For some phones, there could be almost a year's worth of data stored, as the recording of data seems to have started with Apple's iOS 4 update to the phone's operating system, released in June 2010.

Here's the app to plot the data on your phone on a map. Yup, it's there!

AT&T saves all that data too, but at least that (theoretically) requires a subpoena. This just requires momentary access to the phone.

Relatedly, Michigan police clone your cell phone at traffic stops.

Tags: , , , ,