Blogs

The EU Commission supports lobby organizations which stronlgy advocate Web filters. The eNACSO (European NGO Alliance for Child Safety Online) which is trying to fight against child abuse with the help of Web filters got from the EU Commission 300.000 Euro.
Usually, lobby organizations get money from interest groups in order to influence the legislative process. In this case it seems to work in the opposite way...
 
Links:
http://www.netzpolitik.org/2010/computerworld-ueber-censilia-debatte/

The paper "Private Information Disclosure from Web Searches (The case of Google Web History)" (see: http://planete.inrialpes.fr/projects/private-information-disclosure-from...) offers some interesting results in order to think a little bit about (massive) data collections and anonymity in the Internet. In short, the scientists including Claude Castelluccia have investigated whether and how they can obtain personal information of users deploying different Google services (e.g. Web History and Maps).

On April 9th 2010 Seclists.org published a bug in the Java Deployment Toolkit (see http://seclists.org/fulldisclosure/2010/Apr/119). Due to this bug it is possible by means of prepared URLs to execute programs on the user's computer. And it is possible as well to install a trojan by drive-by-download and to take the computer over using further bugs in other applications. This security hole is already exploited by infected websites. Above all this problem is critical for Windows users.

On February 18. Secunia announced a zero-day-exploit for Firefox 3.6. A serios bug in Mozilla Firefox offers the possibility for remote code execution with administrator rights on Windows. It is possible that earlier versions of Firefox are affected too.

Evgeny Legerov about the result of his work: "People who've seen firefox exploit agree with me - it is a really cool bug, it was an interesting challenge to find and exploit it."

A team of scientists that has already informed about other unusual possibilities of espionage has now discovered a new method to obtain personal information: they analyzed the noises of a dot matrix printer and were thus able to reconstruct a large part of the printed information.

Philosophy and technology

Do we need JonDonym? The question seems to be out of place, since this is the blog of the company which co-develops that software. But nevertheless, if we have a look at western democracies just a very small minority of people is using services like JonDonym and the majority does not miss anything at all surfing the Web. So, do we need JonDonym?

As analogon to the "all-in-one device suitable for every purpose", they now really exist: the "pirate copying child porn terrorists" as Times Online states in a recent article (17.10.2008). Terrorists are supposed to hide secret messages in child pornographic images and to thereby spread them over the internet. We suppose that they also lack opyrights among other legal deficiencies - that's why the new term PCCPT may be established.

As the german web site Heise reports, companies might now be able to contact arbitrary visitors of their web sites using a new technology. This may be realised by a software of the company demandandbase, which may in many cases even identify individual employees of a specific company.

According to a report on Spiegel-Online, the german Federal Office for Information Security (BSI) explicitly warns from using the new Google browser "Chrome" productively. The browser may be half-baked (explicit beta, not a complete product) and had been released to market far too early. Moreover, Google may very probably use this browser to collect private surf information and other personal user data.

Since a while, a new profiling system named Phorm is in beta test at U.S. american and british access providers. Without asking the customers meanwhile some hundred thousand, partially quite detailed, data sets about visited websites and requested content (e.g. also from web e-Mails) have been created. It might be just a matter of time until such a technology will be applied in other european countries.

After recent reports about the german BKA looking for suspects in the visitors of their web sites, now even more threatening measures against web surfers have been uncovered to be used by the U.S. FBI. After clicking on prepared web links (or after automatic download by browser prefetching...). the FBI searches the houses of those people whose IP addresses could be backtraced to their identities.

The FakeNameGenerator makes ist quite easy to create plausible identities for exploring the web. This service is free and does not need any registration.

For synchronizing Firefox bookmarks we have been developing an extension that should - in contrast to all other existing ones - keep the privacy of its users. As Mozilla is now developing a far more flexible concept, Weave, that fulfills the same requirements, we have decided to stop our own development without releasing it.

Simon Pecher, a computer scientist experiences in anonymisation techniques, is now a member of our development team. Some users know him from former forum postings he did as private person to give techical help.

As the CCC is still installing a new server, the whole CCC Cascade is not available at present.