Twitter & Facebook revokes Geofeedia’s access.

Image result for social mediaA recent post by the American Civil Liberties Union (ACLU) has drawn the attention of the public to a social media aggregation platform being used by law enforcement agencies to monitor protesters and activists. The platform ‘Geofeedia’ serves a wide variety of public private and public sector clients with over 500 law enforcement and public safety agencies across the US. Geofeedia offers real time monitoring of posts, photos, and live broadcast on Facebook, Twitter, Instagram, Vine and other social media sites, and sort them by location.

Although this platform is essential and profitable for law enforcement and public safety especially in times of crisis, there are worries as expressed by civil liberties advocates that such services could be misused to disrupt legal protests and possibly create a documentation on protesters.

In response to this revelations and request from ACLU, Facebook terminated Geofeedia’s access to Facebook’s Topic Feed API and the Instragrams API on September 19 and Twitter also suspended Geofeedia’s commercial access to Twitter data but Geofeedia is not the only platform for such monitoring.

ACLU is therefore requesting social media companies to do these:

  • Not provide data access to developers who have law enforcement clients and allow their product to be used for surveillance,
  • Adopt clear, public, and transparent policies to prohibit developers from exploiting user data for surveillance purposes, and
  • Institute human and technical auditing mechanisms to identify potential violations of this policy and take swift action when they do.

Facebook Veep Arrested After Court Demands WhatsApp Access

blog whatsappFacebook’s most senior representative in Brazil has been arrested after subsidiary WhatsApp did not comply with an access request forcing it to reveal messages related to a suspected drug-trafficking ring.

Regional VP of the social network, Diego Dzodan, was cuffed at Garulhos airport yesterday after the messaging firm failed to accede to the court order for over a month.

“In the face of repeated non-compliance, the judge Marcel Maia ordered the arrest of a representative of the company in Brazil, Mr Diego Dzodan for obstructing the police investigation,” a court spokesman wrote in an email to The Guardian.

The arrest is yet another example of the courts getting it wrong on technology – this time on two counts.

First, WhatsApp is run as a separate company from Facebook, and secondly it operates end-to-end encryption with the keys stored on users’ devices rather than a centralized server, meaning it couldn’t reveal the content of messages even if it wanted. Continue reading

Researchers Hack Motorola Cloud-Connected Security Camera

motorola_focus73-100643206-primary-idgeReflecting the growing number of internet of things (IoT) devices hitting the market without adequate protection, researchers have succeeded in hacking a Motorola Focus 73 outdoor security camera.

The crew at Context Information Security were able to gain access to a home network’s Wi-Fi password, obtaining full control of the pan-tilt-zoom controls and redirecting the video feed and movement alerts.

“This is one more example of an IoT product getting to market with little attention being paid to security,” said Neil Biggs, head of research at Context, in a blog. “The benefits of these security cameras are clear but it rather defeats the object if they are also open to compromise. The message is clear; companies wanting to get on the IoT bandwagon need to design in security from the outset.” Continue reading

Australian government tells citizens to turn off two-factor authentication

The Australian government has repeatedly called for citizens to turn off two-factor authentication (2FA) at its main digital government portal, myGov. The portal’s Twitter account has recently been updated several times with cute pictures encouraging holidaymakers to “turn off your myGov security codes” so that “you can spend more time doing the important things.”

The portal is the place where Australian citizens can use and manage a number of governmental services, including health insurance, tax payments, and child support. In the case of myGov, two-factor authentication is implemented by sending users text messages that contain one-time codes to complement their usual passwords.

A number of people on Twitter pointed out that, while downplaying security isn’t a good idea in general, it could be even more dangerous when citizens go abroad:

Continue reading

UK school kids to have their Internet usage monitored, filtered to avoid radicalisation

The Department for Education (DfE) has proposed a comprehensive plan that tightens control of Internet usage by children at schools, which includes the monitoring of everything kids do online and installation of content filters.

The plans are aimed at fighting extremism and radicalisation of children, following several cases of kids travelling or trying to travel to Syria. In one of the latest cases, in February, three schoolgirls from Bethnal Green Academy flew from Gatwick to Istanbul en route to Syria to become “jihadi brides.” There is, however, no evidence they were radicalised at school.

The proposals have been put online for a consultation, which will conclude in February 2016.

Continue reading

Apple raises concerns over UK’s draft surveillance bill

Apple has raised concerns about the UK’s draft Investigatory Powers Bill.

The proposed law aims to overhaul rules governing the way the authorities can access people’s communications.

The US-based firm has passed on its thoughts to a parliamentary committee scrutinising the legislation.

It focuses on three issues: encryption, the possibility of having to hack its own products, and the precedent it would set by agreeing to comply with UK-issued warrants.

The BBC has also learned that Microsoft, Facebook, Google, Yahoo and Twitter have also filed their own responses to the committee, which will publish the details in due course.

None of the companies have disclosed what they have said.

However, a spokesman for Microsoft commented: “The legislation must avoid conflicts with the laws of other nations and contribute to a system where like-minded governments work together, not in competition, to keep people more secure. We appreciate the government’s willingness to engage in an open debate and will continue to advocate for a system that is workable on a global basis.” Continue reading