All posts in “Data”

Flight electronics ban will separate passengers from their private data

Boarding an airplane is one of those times you realise just how vital laptops are to modern life. If yours was left behind in a checked bag at some airport terminal, you’d be rendered somewhat useless until you got it back. If you’re on a deadline, you need it to work on the plane. They contain so much personal data that being separated from them for an extended period of time is frightening.

With new rules enforced Tuesday, you will no longer be able to bring your beloved laptop on flights coming to the U.S. from 10 airports within Muslim-majority countries — and some people are rightfully worried about authorities being able to comb through your data without your consent. So, what happens to your data when it’s out of your hands?

“Journalists, activists and human rights lawyers have very sensitive data on their computers, on their tablets and other electronic devices,” human rights lawyer Arjun Sethi said. “Often we don’t let these devices leave our sight, and the prospect that they could be in the hands of a foreign government — even for a short period of time — is disconcerting and troubling.”

The ban prohibits passengers flying to the U.S. from select airports in Jordan, Egypt, Turkey, Saudi Arabia, Kuwait, Morocco, Qatar and the United Arab Emirates from carrying laptops, tablets, e-readers, cameras, DVD players, some game systems and more, though smartphones are allowed. This could subject around 6.75 million passengers to the possibility of placing their devices and data into the hands of government officials on multiple continents over the next 12 months.

This has worried a cross-section of folks including immigration and human rights lawyers as well as the Electronic Frontier Foundation (EFF). 

“The government should be more transparent about the need for the new rule, which affects the privacy of our data,” said Danny O’Brien, the international director at the EFF in an emailed statement. He also called on Congress to “make it clear” that agents need a warrant before accessing electronic devices. 

The problem, of course, is that U.S. agents don’t need such a warrant. They can ask to see phones and other devices at the border. Now officials will know which flights have bags filled with devices that store personal information. 

Now officials will know which flights have bags filled with devices that store personal information. 

It’s the latest in a string of strict regulations that can affect travelers’ privacy.

Following President Donald Trump’s attempts at a de facto Muslim ban, immigration lawyers said they heard many stories from clients and others who have been asked to provide device passwords so agents can snoop through whatever they like. Many people who have traveled internationally have opened a checked bag to find a note saying their bag’s been searched.

Licelle Cobrador, an immigration lawyer, said it’d be simple to say there’s a “national security issue” of some type to justify why certain bags were checked, and officials wouldn’t necessarily have to reveal which bags. 

That’s not to say it’d be the easiest job in the world. Rick Nelson, a former counterintelligence official now with the Center for Strategic and International Studies, said it’d be difficult to target a certain bag after it’s been checked, find the device officials are looking for, copy or search through the data, and get it back in place before a plane takes off or before the bags are sent to be picked up. 

That may be true in some cases, but several lawyers in multiple fields of expertise pointed to technology that can quickly download and store data off phones and laptops.

You might remember Cellebrite, the Israeli company that helped the FBI crack the encryption on a phone that belonged to a perpetrator of the 2015 mass-shooting in San Bernardino, California. Cellebrite devices can copy data from laptops and other electronics simply by being physically connected to them. Once connected, Cellebrite users can select how much data they’d like to take.  

With such technology, agents wouldn’t need to ask for your password if they wanted your data. 

The company has contracts with many U.S. government agencies, including Immigrations and Customs Enforcement (ICE) and the Transportation Security Administration (TSA). With such technology, agents wouldn’t need to ask for your password if they wanted your data. 

Bradley Shear, a lawyer with expertise in social data, said the main way to protect yourself is to limit the data on the devices you travel with. 

If you can afford a second laptop, it might make sense to travel with a small laptop free of much of the data you keep on the other one. If that’s not an option, make sure to back up your data on a separate drive that stays at home, or at least put your information on the cloud.

“Whatever you’re bringing with you, you’ve gotta be prepared that there’s going to be a very invasive security screening,” Shear said. 

Peter Thiel company reportedly helped NSA spy program

Thiel's company Palantir helped the NSA develop a program they call XKeyscore.
Thiel’s company Palantir helped the NSA develop a program they call XKeyscore.

Image: Jim Lo Scalzo/Epa/REX/Shutterstock

Peter Thiel is a man who enjoys both the having of cake and the putting of that cake into the largest hole in his face.

He’s written that “A free press is vital for public debate,” yet financed a lawsuit that bankrupted Gawker Media. He’s buddy-buddy with “America First” President Donald Trump, but if his friend winds up ruining the United States, Thiel’s got citizenship in New Zealand. And now, thanks to a report by The Intercept, it sounds like Thiel has worked to sharpen government surveillance while his company (and he) has claimed a fondness for privacy. 

According to the report, Thiel’s company Palantir helped the NSA develop a program they call XKeyscore

The NSA, as The Intercept points out, believes it’s their most invasive tool. It logs an enormous array of communication and other data transmitted by Internet users, including email, photos, sites you visit, documents you have saved, social networks you visit and what you write there, anything you type, your passwords, anything you upload, whomever you talk to via programs that access your webcams, and more. Also, it’s searchable. 

For those comforted by a hope that this is all far, far, way too much information for any government official to know where to begin searching, this is where Palantir comes in to mulch that hope. 

The company offered a sort of visual mapping for XKeyscore’s bottomless pit of information.

The company offered a sort of visual mapping for XKeyscore’s bottomless pit of information. It built visuals that allowed anyone looking to graph to see social connections as well as ideological groupings. A group of people all linked via their social accounts might all have a love for Thomas Jefferson, for example, and agents can infer what they will from that. 

“Privacy and Civil Liberties” is the first category in the “What We Believe” section of Palantir’s website.

“With the right engineering, the technologies that protect against data misuse and abuse can be the same technologies that enable powerful data analysis,” the site reads. 

It’s unclear whether Palantir has yet achieved “the right engineering.” 

Worried about your public Facebook data? You might want to try these tools

If you’re a Facebook user, by now you probably know that every “like” and piece of information gets aggregated into a set of anonymized data, which eventually turns into advertising dollars for the social media giant. 

Facebook offers multiple layers of privacy settings so the world doesn’t have to see every cringeworthy photo your mom uploaded and tagged you in. Still, changing those settings can be pretty time-consuming. Trust us, we get it. 

But as mass surveillance and digital privacy becomes more of a prevalent threat, you might want to know, at the very least, what information about you is public. Two tools that can help you do that — at least when it comes to your Facebook data — are Data Selfie and Stalkscan.

Stalking yourself

Data Selfie is a browser extension that analyzes what your Facebook usage says about your personality — like your political views, interests, and causes you care about. Stalkscan is a web-based tool that lets you search for information a Facebook user has shared publicly. For example, if you went to a diner on the south side of Albuquerque for Christmas in 2010 and checked in on Facebook, someone could easily find that out through Stalkscan.

[embedded content]

Image: Stalkscan/screenshot

Inti De Ceukelaire, the brains behind Stalkscan, said in an email that while most people are aware of privacy dangers on the internet, many won’t take active steps to safeguard themselves. De Ceukelaire believes that privacy blog posts and articles “only reach the intellectual, educated community” who are already interested in privacy.

“I want to reach the man on the street that simply has no clue about privacy in general,” he says. “I find my technique more effective, confronting them by showing them the facts. It also puts a bit of pressure of them — people may be worried that someone would find photos they did not accept on their timeline, for example.” 

For Regina Flores Mir and Hang Do Thi Duc, the motive for creating Data Selfie lies beyond safeguarding online privacy — they want to give users an idea of how Facebook potentially interprets their data and packages it to advertisers. Unlike Stalkscan, which tracks publicly shared content, Data Selfie only tracks your Facebook usage from the time you install the extension.

Flores Mir and Do Thi Duc acknowledge that the data only represents a small slice of what Facebook actually has. But they want users to be aware of the data Facebook is tracking and more importantly what it’s used to infer. Do Thi Duc, for example, said her data implies her psychological gender to be “56% male.”

What these tools are good for

Stalkscan is mostly good for reminding you about content you shared that you might have forgotten about, while Data Selfie shows you how those activities could be interpreted about you as a person (although it’s worth keeping in mind Facebook advertisers really only see this data once it’s aggregated and anonymized).

I tried both tools to see what they’ll bring up about me, and Stalkscan reminded me that I played the game The True Age Test on Facebook sometime in the last two years (which I definitely don’t recall). Data Selfie said there’s insufficient activity on Facebook so far to determine what my political views and interests are, but it did tell me that the longest time I spent browsing a friend’s page this week was 24 seconds. That person was not a close friend nor someone I message often, so it definitely made me realize that I was being unnecessarily creepy.  

Using these tools might not stop nosy individuals from being on your profile for too long, but you can at least control what they can dig up about you. By seeing what is already public through Stalkscan, you can adjust your privacy settings so that certain information will only be visible to you. Likewise, if you want to be aware of how your digital footprints could be presented to advertisers, or track how long you spend browsing through someone’s profile each week, using Data Selfie can be very helpful. 

Flores Mir strongly believes that in the age of the internet, it’s important to be aware of how things work and do as much as you can to control your data. “It’s program or be programmed,” she said. The choice is yours. 

Why unlimited data is making a comeback

Unlimited data is the hot new thing … again.

It’s been almost five years since the last of the great unlimited data plans died out and left just a few calcifying tendrils of grandfather access for those willing to live the remainder of their days on 3G phones.

People were upset when AT&T and Verizon ended those plans, even if few ever used their monthly allotment of 2G of data. Most, however, realized how awesome unlimited would have been in the age of 4G LTE. Obviously, carriers realized how not awesome that would be: people streaming 5 GB of data at 4G speeds without paying a dime more.

So just as a whole new class of 4G LTE phones hit the market, including the iPhone 5, the industry switched to strict data caps and instant overage charges. Most of us soon learned that 2 GB doesn’t go very far on an LTE network. We pay for 5 or even 10 GB of data and live in fear of our Snapchat and Facebook Live obsessions costing us dearly every month.

The only winners were the carriers. So why did they bring unlimited plans back?

One could start by crediting T-Mobile, the once struggling network that started offering unlimited plans as early as 2012, even though it didn’t have the attractive LTE network to back it. Essentially, T-Mobile was still offering the past, while the all-you-can eat squashers were promising the future.

For years, Sprint and T-Mobile lagged way behind AT&T and Verizon on 4G coverage.  Depending on where you lived, the best and fastest coverage often narrowed down to a two-horse race (leaving aside the various Mobile Virtual Network Operators [MVNO] like Virgin Mobile that used someone else’s network to provide more affordable network rates.). 

Since then, T-Mobile and Sprint have both built out their 4G networks, achieving near-parity with the two big guys. That fact emboldened T-Mobile to, for instance, offer its first Binge On program, which let consumers freely binge-watch services like Netflix or Hulu (at 480p) on their mobile network.

A customer looks at the screen size on an iPhone 6 Plus while waiting in line to upgrade his iPhone at a Verizon Wireless store in Flowood, Miss.

A customer looks at the screen size on an iPhone 6 Plus while waiting in line to upgrade his iPhone at a Verizon Wireless store in Flowood, Miss.

Image: V. Solis/AP/REX/Shutterstock

Late last week, one survey declared T-Mobile as good a mobile network as Verizon.

While Verizon’s decision to bring back an unlimited data plan looks like a direct response to this news, it’s probably more closely related to AT&T’s decision last month to do the same

And there’s an even bigger, more disruptive factor at play — and, once again, it was T-Mobile that got the ball rolling.

In March of 2013, T-Mobile announced that it was doing away with two-year contracts. No one liked the contracts, but if you promised yourself to a carrier for 24 months, they subsidized much of the cost of your smartphone – baking the cost into your monthly fee so you either didn’t notice it or felt it a little less intensely. No contract meant no subsidies, so people started paying a monthly fee to pay off the phone.

This disruptive idea slowly bled into the entire carrier industry. These days, carrier contracts are virtually non-existent and there are all sorts of new ways for carriers to try and shield you from the full cost of an iPhone 7 Plus (like monthly fees that don’t change and let you auto-upgrade to the newest phone, as long as you don’t leave).

No contracts, unlocked smartphones and just-as-good networks (even the ability to take your phone number with you) mean that consumers no longer fear switching carriers. 

The power has transferred from the carriers to the people.

If AT&T, Verizon, T-Mobile and Sprint are the same in consumers’ eyes, the carriers are forced to compete for your business, which means that they must offer attractive data plans and competitive prices.

The power has transferred from the carriers to the people.

There is, though, a long-term and somewhat disheartening reality here: 4G is quickly becoming yesterday’s 3G. Just think about all the times you’ve seen four or five healthy-looking 4G bars on your phone only to have a 2G experience. The infrastructure is sagging under the weight of our Snapchatting, livestreaming, Netflix-binging mobile devices. The towers we connect to are overwhelmed with traffic and even as networks achieve parity, the infrastructure can’t keep up.

5G connectivity may solve this, but it will be like a rerun of the early days of LTE. There’ll be scant network coverage, most of it probably consolidated in the deeper pockets of Verizon and AT&T, with, initially, few devices that can take advantage of it. 

This fast, new flavor of data will not be a part of unlimited plans and, as soon as they can, carriers will upsell those with new devices to the new, fastest network. Over the next few years, we’ll all migrate to 5G and, if T-Mobile and Sprint lag behind, consumers will switch back to Verizon and AT&T. The imbalance will be reset and we’ll have to wait another three to five years for T-Mobile to catch up and disrupt all over again.

Apple fixed a bug that accidentally kept your cleared browsing data on iCloud

Image: lili sams/mashable

Apple has fixed a bug that was inadvertently storing users’ cleared browsing history on iCloud. 

Vladimir Katalov, CEO of security firm ElcomSoft, recently told Forbes that he discovered browsing history dating back as far as a year on his iCloud account—despite having cleared it. Katalov did this using ElcomSoft’s own “phone breaker” software, which allows you to download your iCloud data, including your old browsing records. 

Katalov’s claim was reportedly validated by an iOS forensics expert, and a Forbes reporter conducted a test on his own device by running the software on his iCloud account. He found browsing data from November 27, 2015, including the visit counts, dates and search terms. Shortly after the article was published, Katalov reportedly reached out to Forbes and said that his old browsing history was no longer accessible. 

In a statement to Mashable, Apple representatives said the problem was caused by a bug they’ve since resolved.

“To further strengthen the protections we provide customers, we’ve fixed a bug that retained browsing history for longer than we intended,” the statement said. “Devices will now have access to this data for 14 days and it will be deleted from our servers within 60 days. Customers can also turn off Safari syncing features at any time.”

So, rest easy if you’re concerned about your data lingering a bit longer than it should. But maybe double-check your syncing features just to be safe.