On this day, General Motors announced it would phase out production of Oldsmobile, the nation's oldest automotive brand name. The first Oldsmobile was built by Ransom Eli Olds in 1897.
Source : Historical Society of Michigan
For further reading, see Setting the pace : Oldsmobile's first 100 years / by Helen Jones Earley and James R. Walkinshaw
Oldsmobile, the last chapter, 1997 to 2004 / by Helen Jones Earley and James R. Walkinshaw.
On December 12, 1979, the inaugural event at Joe Louis Arena in downtown Detroit featured a men's basketball game, pitting the Willie McCarter's University of Detroit squad against Johnny Orr's final team at the University of Michigan. The Wolverines defeated the Titans 85-72.
Source : Detroit Historical Society
To date, there has been no way to run apps on Android with real and reliable privacy controls. Android version 4.3 and higher take a huge step in the right direction, letting users install apps while denying some of the apps' attempts to collect the user's data.
Android was built from scratch to have quite a sophisticated and strongly enforced system of per-app permissions. But many of the privacy-sensitive permissions are poorly delineated and confusing.1 And the way the OS and Google's Play Store worked, users could not install an app but say "no" to that app's demand that it be able to read their address book, track their location, or grab their phone number or IMEI.
This turned out to be the fundamental problem with the previous Android model: installing an app was an all-or-nothing proposition, and there were few practical ways to protect yourself against the apps you'd installed, or even really see what they were up to.
In the early days, that model was at an improvement on its major competitor, Apple's iOS, which didn't even have a permissions model. But after various privacy scandals, Apple started forcing apps to ask for permission to collect data: first location and then other categories, like address books and photos. So for the past two years, the iPhone's app privacy options have been miles ahead of Android's.
This changed with the release of Android 4.3, which added awesome new OS features to enhance privacy protection. You can unlock this functionality by installing a tool like App Ops Launcher. When you run it, you can easily control most of the privacy-threatening permissions your apps have tried to obtain. Want to install Shazam without having it track your location? Easy. Want to install SideCar without letting it read your address book? Done.2
App Ops Launcher in action
Despite being overdue and not quite complete, App Ops Launcher is a huge advance in Android privacy. Its availability means Android 4.3+ a necessity for anyone who wants to use the OS while limiting how intrusive those apps can be. The Android team at Google deserves praise for giving users more control of the data that others can snatch from their pockets.
- 1. To pick just one egregious example, how are users supposed to know what "read phone state and identity" means? Why isn't it split into multiple permissions, one of which is "let the app track me"?
- 2. There are some app permissions that cannot be controlled in App Ops Launcher yet. For instance, preventing an app from sending and receving network data should be, but is not, possible. The best you can do there is to purchase an Android device that gives you root access, install a firewall tool like DroidWall, and be aware that there are probably still ways for apps to sneak around your firewall.
Share this: || Join EFF
Senate Bill 661, as approved by the House in a 56-52 vote and now headed back to the upper chamber for concurrence, would still double the maximum amount that an individual or independent political action committee can donate to a political candidate.
And it would still shield groups that run sham "issue ads" from disclosing their donors, blocking new reporting requirements proposed by Secretary of State Ruth Johnson.
But an amendment adopted by the House on Wednesday would require groups that run election-season robocalls -- those often-anonymous and usually-misleading telephone calls -- to include an "authorized by" disclaimer. An earlier committee amendment extended that requirement to television, print and radio issue ads as well.
The other change approved Wednesday will extend Michigan's current prohibition on primary spending by political party caucuses, such as the House Democrats or House Republicans. The Senate had moved to allow caucus primary spending, but tea party leaders slammed the provision as a means to protect "establishment" candidates.
For the full article, see Jonathan Oosting, "Michigan House adds disclaimer rules for robocalls to controversial campaign finance bill", MLive, December 11, 2013.
We've just seen some amazing reports from the Washington Post about just a few ways NSA is tracking people around the Internet and the physical world. These newly-revealed techniques hijacked personal information that was being transmitted for some commercial purpose, converting it into a tool for surveillance. One technique involved web cookies, while another involved mobile apps disclosing their location to location-based services.
One interesting thing about this is that the tracking that results is totally independent of the privacy practices that apply to the intended use of this data. Google has its own privacy policies about how it uses PREF cookies, and app developers have privacy policies for their location-based services, but this spying bypassed both of them and simply used this information as grist for the surveillance mill. So the level of intrusion resulting from this spying didn't depend on what the information was meant for, but on how it was repurposed.
Together, these programs show us that transmitting any unique information unencrypted forms the technological basis for a location-tracking technology, existing or potential. Every kind of identifiable information that gets transmitted in the clear over a radio or a public network is either an already-deployed NSA location-tracking program, or an exciting opportunity for some NSA agent to propose a new program to monitor devices’ whereabouts. And it’s not just NSA: we’ve already seen commercial use of phones’ wifi and Bluetooth addresses (which are visible to anybody nearby and which normally don’t change over the lifetime of the device) to monitor shoppers.
There’s a long-term privacy solution for location tracking that can address all of these tracking methods and others. Every transmission of personally-identifiable information, over the air or over a public network, must be encrypted. If addresses can’t be encrypted, they should be random and change frequently. And personally-identifiable information must be understood to include persistent identifiers for people or devices, even if those identifiers don’t directly include a person’s name1 For example, a unique cookie can be used to recognize a device, so it should only ever be transmitted encrypted. Even if cookies were out of the picture, there's a lot else that's unique in browser behavior that can potentially be used to track an Internet user.
The Post’s earlier report on tracking shows that fixing technology to prevent the tracking of device locations will be a challenging task. The paper's recent story on a program called FASCIA referred to literally dozens of potentially unique and distinctive things about a cell phone that the NSA might be able to observe directly on the air or by tapping into cell phone carriers’ infrastructure. That list shows many different ways in which the existing cell phone infrastructure inherently exposes unique attributes of devices, and hence inherently permits location tracking (either by carriers or by spies monitoring radio signals). We've already noticed that location tracking is an inherent part of the way today's cell phone infrastructure is put together—we can't make some simple technical change to stop mobile carriers (or governments) from being able to know where particular mobile devices. Rather, fixing this at a technical level will require re-engineering our cell phone networks, so it might take a little longer than turning on HTTPS for tracking cookies and mobile location check-ins.
On whatever timescale we can make these necessary changes, technology developers should commit to the principle that no unique user data is ever exposed unencrypted.
- 1. Some privacy engineers use the term uniqueness to refer to unique properties of a device or system that aren’t already associated with a particular person, or that might not ever become associated with a person in practice. For example, if a cell phone hasn’t been purchased yet, or if a transit fare collection system had a unique ID but nobody recorded or noticed who ended up using it for travel, some people would say the systems exhibit uniqueness but not personal identifiability. But it’s so easy for a device to make the one-way trip from uniqueness into an association with a person at any moment that careful privacy engineering would treat any long-term persistent uniqueness as presumptively identifying.
Share this: || Join EFF
The Michigan Senate and House on Wednesday approved a voter-initiated law that would prohibit basic health insurance plans from covering abortions.
The Senate voted 27-11 mostly along party lines in favor of Right to Life of Michigan’s proposal to require women to purchase additional insurance coverage for abortions. Sen. Tupac Hunter of Detroit was the lone Democrat who voted with the GOP majority.
The House voted 62-47 for the plan with Democrats Charles Brunner of Bay City and Terry Brown of Pigeon as well as independent John Olumba of Detroit also voting with the majority. The initiated law contains no exceptions for pregnancies caused by rape or in cest and will go into effect in mid-March.
Other Senate Democrats decried the legislation in passionate Senate floor speeches, saying it would require women to purchase “rape insurance.”
For the full article, see Chad Livengood and Gary Heinlein, "Legislature approves ban on abortion coverage in health plans", Detroit News, December 11, 2013.
As Holiday Shopping Season Gets Underway, FTC Reminds Internet Retailers to Ensure Consumers Have Access to Warranty Information
Yesterday, we learned that the NSA is using Google cookies—the same cookies used for advertisements and search preferences—to track users for surveillance purposes.
These Google cookies—known as “PREF” cookies—last two years and can uniquely identify you. Sniffing one off the Internet as it goes past allows the NSA to recognize your browser whenever you interact with Google from any location or network. Every person who visits a Google site will receive a PREF cookie, regardless of whether they log in or even have an account with Google. Using Google Search without logging in tags you for two years, and that unique tag is sent over the network every time you search even if it’s on a different network (or in a different country).
According to documents just published by the Washington Post, the NSA is using this to “enable remote exploitation” (hacking into people’s computers)—an act aided by the ability to uniquely identify individuals on the Internet.
The Guardian previously reported on the use of intercepted advertising cookies to recognize individuals—it appears in the “Tor Stinks” presentation it posted in October, which talks about recognizing people from their DoubleClick cookies. DoubleClick is also owned by Google, but the use of DoubleClick cookies had no apparent connection to the use of PREF cookies. This goes to show that spy agencies are keen to find any available way to recognize a particular user by their devices’ behavior on the Internet, and that cookies sent with unencrypted web requests are one of the easiest and most straightforward ways of picking out an individual device even as it moves from network to network.
As Ed Felten explains, “The easiest way to protect users against this threat is to refrain from tracking.” But if tracking is to happen, the “approach that does work is for the tracking entity to use https, the secure web protocol, for its communication with the user’s computer.” When HTTPS is turned on, eavesdroppers recording Internet traffic can’t see the contents of cookies sent inside the secure connection. EFF’s HTTPS Everywhere software may provide a degree of protection against the measures reported by the Post because it makes a user’s browser use HTTPS exclusively on certain sites where it would otherwise be optional. But we can’t protect connections where servers don’t make HTTPS an option.Anonymous User Tracking? The Fragility of Anonymity
The Google PREF cookie is typical of the tracking cookies used by many different Internet sites. (The PREF cookie stands out partly because Google’s services are so popular and so omnipresent, not because there aren’t a number of other cookies that might be used to track people in the same ways.) A typical one looks like
The value after the “ID” is a random number that Google makes up on the spot the first time you visit a Google service in a particular browser. This number is chosen by Google and isn’t derived from anything distinctive about you. But your web browser will remember it for two years, unless you’ve changed your browser settings, and send it out over the Internet every time you interact with any Google web service.
The advertising industry and many website operators have often suggested that cookies like Google’s PREF are “anonymous” or “non-personally-identifiable” if they don’t contain a person’s name or e-mail address. Unfortunately, a persistent cookie can easily become associated with a person’s identity, whether that’s by the website that set the cookie, by a third-party website, or by a spy agency.
For example, suppose you at some point put something in a Google search that allows an eavesdropper to figure out who you are (or do anything else from that same computer that the eavesdropper manages to link to your identity). If the eavesdropper also sees your Google PREF cookie, that eavesdropper knows the real-life identity that’s associated with that cookie, and can remember this association for as long as the cookie lasts, and recognize you wherever else you go. The supposed “anonymity” of any individual tracking cookie is incredibly fragile; it can be lost forever at a moment’s notice.Fighting Nonconsensual Tracking
These revelations make it ever clearer that we need to fight back against nonconsensual tracking of web users, by deploying and adopting technology that allows users to block online tracking. In the past we’ve been concerned about the profiles that web companies could build up about users without their knowledge or consent. Now we’ve seen that this tracking technology is also being hijacked for government surveillance of Internet users.NSA Overhears Mobile Apps Reporting Their Location
The Post also reported on other kinds of information that are being scooped up by NSA and used to track and identify individuals. A program called HAPPYFOOT listens to mobile apps that send geolocation information about the current whereabouts of a user’s device back to an app developer or service provider. Tapping these communications lets NSA find a user’s physical location by sitting back and letting the user’s own mobile device inform on their whereabouts. Some of these apps are transmitting this information solely for advertising purposes in ways that users may not even understand or expect. (As the Post reminds us, parts of the mobile app industry have been keen to collect user data for no user benefit: as the newspaper reported last week, even a mobile flashlight app actively gathered data on people’s whereabouts.) Yet if it’s sent unencrypted, NSA can scoop it up to figure out where people are at any moment, even by passively listening to distant Internet links.
Even when location information is sent for a purpose that the user actively understands and wants (say, to enable a location-based service like Yelp or Foursquare), it can still be intercepted and used for location tracking if a particular mobile app fails to encrypt it. Mobile app developers can address this kind of surveillance by encrypting any communications that include a user’s location details.
All of this goes to show that spy agencies have a vast array of tools for tracking people around the Internet and the physical world. As we discuss in an accompanying post, it's important that technology developers confront these privacy problems head-on.Related Issues: Cell TrackingEncrypting the WebNSA Spying
Share this: || Join EFF