Phones Laptops Village Association Of Kaduna State: January 2020

Friday, January 31, 2020

Christopher Hasson: White supremacist Coast Guard officer jailed for 13 years

Christopher Hasson, a former lieutenant, was arrested last year after stockpiling weapons.

from BBC News - World https://ift.tt/37PtsRc

'Muslim ban should end, not expand': Groups slam Trump travel ban

Trump administration expands travel ban to include Eritrea, Kyrgyzstan, Myanmar, Nigeria, Sudan and Tanzania.

from Al Jazeera English https://ift.tt/31cg9HM

Man Utd should have moved for Ings rather than Ighalo - Warnock

The former Cardiff City boss doesn't think the Nigerian forward is the right man to provide cover for the injured Marcus Rashford at Old Trafford

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2OfYUjN

No price hike for Selangor season passes in next few seasons

Selangor recently made the bold decision to raise the price for their adult home match tickets for the 2020 season, from RM15 to RM20.

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2Uiz2Yb

Barcelona-linked Richarlison is key to Everton's future - Ancelotti

The Brazilian attacker was reportedly in the Catalans' sights but the Toffees were never tempted to cash in

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/31dG3el

Transfer news and rumours LIVE: Richarlison is key to Everton's future

Goal takes a look at the biggest transfer news and rumours from the Premier League, La Liga, Serie A and around the world

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/391AZMV

5 of the best transfers involving Premier League clubs on deadline day

Language English

Standfirst:

- Show all tags

Primary term:

Include in the block:

Main Image:

Image Style:

Landscape

Enable for Dagbladet:

Facebook Instant Article:

from FourFourTwo https://ift.tt/2uWOG0D

EFF: After Nonprofits Protest at ICANN, California's Attorney General Steps Into the .ORG Battle

After Nonprofits Protest at ICANN, California's Attorney General Steps Into the .ORG Battle

Once appearing to be a done deal, the sale of the .ORG registry to private equity is facing new delays and new opposition, after a successful protest in front of ICANN last week by nonprofits and an intervention by the California Attorney General. Private equity firm Ethos Capital’s proposed $1.1 billion purchase of the Public Interest Registry (PIR) has raised nearly unanimous opposition from the nonprofit world, along with expressions of concern from technical experts, members of Congress, two UN Special Rapporteurs, and U.S. state charities regulators. ICANN, the nonprofit body that oversees the Internet’s domain name system, has found itself under increasing pressure to reject the deal.

“ICANN, You Can Stop The Sale!”

Last Friday’s protest at ICANN’s Los Angeles headquarters was the culmination of two months of intense backlash to the sale by nonprofits from around the globe, from The Girl Scouts of America, Consumer Reports, and the YMCA to Wikimedia and Oxfam. Nonprofit professionals and technologists gathered to tell ICANN their concerns in person: a private equity–owned firm running the .ORG registry would have strong incentives to undermine the privacy and free speech rights of nonprofit organizations, and to exploit them financially, in pursuit of new revenue streams for its investors. Besides potentially raising annual registration fees, PIR could censor nonprofit organizations at the request of powerful corporations or governments, or it could collect and monetize web browsing data about the people who visit .ORG websites.

The day before the protest, ICANN and PIR agreed to extend the contractual deadline for ICANN’s review of the sale by nearly a month, until February 17th. Although ICANN initially demanded transparency from PIR; its owner, the Internet Society (ISOC); and Ethos Capital around the details of the sale and the legal framework of PIR’s new for-profit status, very little of this information has been released to the public. ICANN even seems to be ignoring a formal request [.pdf] for information by the Address Supporting Organization, part of the “Empowered Community” that was created to oversee ICANN after its independence from U.S. government control. Despite its initial lack of transparency, ICANN now seems to be feeling pressure from the public not to rubber-stamp the acquisition.

The protest was organized by EFF, NTEN, Fight for the Future, and Demand Progress. Shortly before it started, ICANN staff seemed ready to talk to the protesters, reaching out to the organizers and offering to meet with them in person after the event. The organizers agreed, and suggested ICANN staff and the board join during the protest as well—standing with protesters, if they’d like, or observing, to learn more about the coalition and their concerns. But on the day of the protest, ICANN staff canceled the in-person meeting.

%3Ciframe%20width%3D%22560%22%20height%3D%22315%22%20src%3D%22https%3A%2F%2Fwww.youtube.com%2Fembed%2FNMBh3C9o5gQ%3Fautoplay%3D1%26mute%3D1%22%20frameborder%3D%220%22%20allow%3D%22accelerometer%3B%20autoplay%3B%20encrypted-media%3B%20gyroscope%3B%20picture-in-picture%22%20allowfullscreen%3D%22%22%3E%3C%2Fiframe%3E

Privacy info. This embed will serve content from youtube.com

As ICANN’s board of directors met inside, EFF’s Elliot Harmon explained to the crowd outside what was at stake: the .ORG ecosystem is "not a product to be sold. It's not this asset that you can let acquire a bunch of value over 16 years and then sell it to a private equity firm. It's something special. It's part of the infrastructure that the global NGO sector relies on.” Supporters joined in chants of “1,2,3,4, profit’s not what .ORG’s for!” and “ICANN, you can stop the sale!” As Amy Sample Ward, CEO of NTEN, said, “This is [ICANN’s] job. This is their responsibility… if we were to make a decision about who could own and manage the .ORG domain that truly had nonprofits and the public's interest at heart it would not be a private equity firm. So we understand the role that ICANN has apparently more than they seem to, and we are calling on them to step in, stop the sale, and to immediately open up a multi-stakeholder process.”

At the end of the rally, surprising the protestors, the entire ICANN board came out to meet them in person. Organizers handed copies of two petitions, signed by 34,000 individuals and over 700 nonprofit organizations, to Board President Maarten Botterman, in a powerful moment that signaled ICANN’s willingness to consider the protesters’ concerns.

Protesters gather at ICANN in support of nonprofits and .orgs

ICANN's board receives the petition

Also last week, well-known international NGO’s including Amnesty International, Access Now, and the Sierra Club held a press conference at the World Economic Forum in Davos, Switzerland, to tell world leaders that selling .ORG puts civil society at risk. Numerous recent stories in the press have covered nonprofits’ concerns as well, from the lack of transparency in the process and the failure of ICANN to consider alternatives to the danger the sale could represent to ICANN’s own governance.

California Attorney General Asks for Unredacted Financial Info On Sale, Questions ICANN’s Authority

The California Attorney General’s Office has also reached out to ICANN, according to correspondence published on the ICANN website [.pdf], and asked for in-depth information on the sale. Some of its questions overlap with the questions ICANN has asked of PIR. According to ICANN, the Attorney General’s request constitutes an order that overrides confidentiality agreements which previously let ICANN hold back information, and requires them to respond with the confidential documents. On account of that request, ICANN has asked PIR for two more months to review the sale, meaning that the sale cannot be completed before April. In the meantime, the Attorney General’s office will be “analyz[ing] the impact to the nonprofit community, including to ICANN.”

Among the documents requested are not only the financial agreements, meeting minutes, documentation, and correspondence related to the transfer itself, but also:

Detailed information about the removal of domain price caps, which occurred just months before the sale was announced, and which ICANN, ISOC, and PIR have continuously (and curiously) claimed was unrelated to the sale.
Detailed information about ICANN staff and ICANN’s conflict-of-interest policy, indicating the Attorney General’s concern that at least some of those involved in the sale are self-dealing.
Historical information about ICANN’s own authority to manage the top-level domains, which could mean the Attorney General’s office is concerned enough about this transfer to put its trust in ICANN’s governance ability at risk.

We’re glad to see the Attorney General investigating the sale on behalf of nonprofit organizations. In addition to answering the Attorney General, ICANN should also respond to the many questions posed by the nonprofit community itself, many of which overlap. Three big questions the nonprofit community continues to ask of ICANN and PIR: How does Ethos plan on paying back the debt it will accrue in the purchase of PIR, without negatively impacting .ORGs? What “new products and services” does Ethos intend to offer to the .ORG ecosystem that makes this sale necessary? And will those new products and services serve the needs of nonprofits, or exploit them?

People who work on Internet governance issues get nervous when governments throw their weight around, and for good reason: ICANN volunteers have worked hard to keep the domain name system and other parts of the Internet’s governance structure out of government hands. Since 2016, ICANN is no longer formally supervised by the U.S. Department of Commerce, and no national government can dictate policy there, as much as some may want to. Instead of answering to governments, ICANN is supposed to answer to the community of Internet users. ICANN’s independence is an important check against censorship and government surveillance through the DNS. But that independence is fragile. It depends on ICANN maintaining legitimacy through good processes for public input and by being responsive to the concerns of Internet users who are most in need of protection, such as nonprofit users. If ICANN can only give rubber-stamp approval to billion-dollar deals that don’t protect Internet users from surveillance and censorship, then why does ICANN exist?

To avoid government intervention here, and the dangerous precedent it would set, ICANN needs to insist on more transparency around the sale of PIR, and to actively solicit public input through a multi-stakeholder process. Over the last few months, it’s been increasingly obvious that the public needs to be involved. That’s why EFF thanks each of the 34,000 individuals and over 700 organizations who signed a petition to ICANN, all who expressed their fears or requested more information about this sale, and those who helped rally in support of their favorite nonprofits at ICANN. The nonprofit and .ORG community have been united in their concern that this deal presents to civil society since it was announced, and we’re glad to see the Attorney General join us in questioning the value that this sale supposedly brings to the nonprofit ecosystem.

%3Ciframe%20width%3D%22560%22%20height%3D%22315%22%20src%3D%22https%3A%2F%2Fwww.youtube.com%2Fembed%2F-WvsfwfQ6Ec%3Fautoplay%3D1%26mute%3D1%22%20frameborder%3D%220%22%20allow%3D%22accelerometer%3B%20autoplay%3B%20encrypted-media%3B%20gyroscope%3B%20picture-in-picture%22%20allowfullscreen%3D%22%22%3E%3C%2Fiframe%3E

Privacy info. This embed will serve content from youtube.com

The sale of the .ORG registry will impact the nonprofits we all care about. Please take a moment to add your name to the petition demanding a stop to the sale. If you represent an organization that would be affected by the sale, then you can find instructions there for adding your organization’s name to our coalition letter.

Thank you to our friends at NTEN, Fight for the Future, and Demand Progress—and especially to NTEN CEO Amy Sample Ward—for your work in organizing the protest.

TAKE ACTION

STAND UP FOR .ORG

Published January 31, 2020 at 10:29PM
Read more on eff.org

Black and in the police: 'I've been called a traitor'

Here's how black police officers are dealing with the stigma, like Love Island's Mike Boateng.

from BBC News - World https://ift.tt/2GEJcKG

Kashmir avalanche: 'My baby's toy torch saved me from death'

Shakila was buried for hours under deep snow in Kashmir, hoping her daughter was alive.

from BBC News - World https://ift.tt/37IwiXY

Lina Ben Mhenni: The woman who blogged Tunisia's revolution

"Freedom, better education and health: that's all we wanted," one of Lina Ben Mhenni's friends says.

from BBC News - World https://ift.tt/390TEsf

Australia fires: How a unique slug species survived

The bright pink species is only found in a small habitat in Australia, experts say.

from BBC News - World https://ift.tt/3aXLYso

Amazon rainforest: The 90-year-old trying to stop destruction

Newsnight was given rare access to a once-in-a-generation meeting of indigenous groups trying to save the Amazon.

from BBC News - World https://ift.tt/37Iq36u

Fox News Breaking News Alert

Fox News Breaking News Alert

Senate votes to approve final framework for Trump impeachment trial, scheduling final verdict vote for Wednesday of next week.

01/31/20 4:58 PM

China coronavirus death toll surges: All the latest updates

Top Communist Party official in Wuhan expresses 'remorse' because local authorities reacted too slow on the outbreak.

from Al Jazeera English https://ift.tt/2RPjEBb

'Reyna's emergence was so quick' - Friedel hails 'amazing' Dortmund youngster

The former U.S. men's national team goalkeeper was full of praise for the up-and-coming attacker

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2RKv6O8

Manchester United complete surprise loan signing of Ighalo

The former Watford striker is on his way back to the Premier League, with the Red Devils snapping him up on a six-month contract

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/390AW42

Picture of the day for February 1, 2020

Christchurch Town Hall of the Performing Arts during the blue hour, Christchurch, New Zealand. Learn more.

Man Utd make surprise Odion Ighalo signing while Jarrod Bowen joins West Ham

Language English

Standfirst:

- Show all tags

Primary term:

Include in the block:

Main Image:

Image Style:

Landscape

Enable for Dagbladet:

Facebook Instant Article:

from FourFourTwo https://ift.tt/2SdVEqm

West Ham seal Jarrod Bowen signing

Language English

Standfirst:

Include in the block:

Main Image:

Image Style:

Landscape

Enable for Dagbladet:

Facebook Instant Article:

from FourFourTwo https://ift.tt/31fSaY8

O’Neill hails Rooney quality as Stoke given ‘reality check’ by Derby demolition

Language English

Standfirst:

- Show all tags

Primary term:

Include in the block:

Main Image:

Image Style:

Landscape

Enable for Dagbladet:

Facebook Instant Article:

from FourFourTwo https://ift.tt/2UhejnE

Kobe Bryant helicopter firm was not allowed to fly in fog

Island Express Helicopters was restricted to flying in clear conditions, officials say.

from BBC News - World https://ift.tt/2vFDiqy

Could you handle the most remote campsite on earth?

Take a look inside an Antarctic campsite and find out how they survive.

from BBC News - World https://ift.tt/3b5OOMf

Thursday, January 30, 2020

ISL 2019-20: Kerala Blasters vs Chennaiyin FC - TV channel, stream, kick-off time & match preview

Owen Coyle's side are on a three-match winning run as they travel to Kerala...

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2uMk1TN

Wilbur Ross says Coronavirus could boost US jobs

US commerce secretary Wilbur Ross says firms may bring production back to the US in response to the virus.

from BBC News - World https://ift.tt/2uMeFYH

'We are not feeder clubs', insist M3 teams appearing out of nowhere

Two new clubs have been allowed to take part in Malaysia's third tier in 2020, without having risen through the lower leagues first.

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/3aZm0Vh

Hostage-taker in India shot dead at fake children’s party

Indian police kill a man who arranged a birthday party for his daughter, then took 20 hostages.

from BBC News - World https://ift.tt/37JDXoP

Australia fires: State of emergency declared for Canberra region

Huge bushfires are raging near Canberra in the worst threat to the region since 2003, officials say.

from BBC News - World https://ift.tt/2GHyWRK

Fox News Breaking News Alert

Fox News Breaking News Alert

State Department: 'Do not travel' to China as coronavirus outbreak spreads

01/30/20 6:12 PM

Adam Ounas scores as Nice crash out to Lyon in French Cup

The Algerian international’s second-half strike could not prevent Patrick Vieira’s team from crashing out of the tournament against the Kids

from Football News, Live Scores, Results & Transfers | Goal.com http://www.goal.com

Trump impeachment: All eyes on moderate Republicans in witnesses battle

Moderate Republican senators are expected to announce their decisions in key witnesses debate.

from BBC News - World https://ift.tt/2UeHx6z

Hamdallah saves Musa’s Al-Nassr against Damac FC

The ex-Morocco international rescued the Knights of Najd from defeat against the Mountain of Damac in Thursday’s league game

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2GEUsXy

Shane Fitzsimmons: 'Tireless' fire chief steering Australians through disaster

Fire chief Shane Fitzsimmons has worked tirelessly and "masterfully" to save lives, close observers say.

from BBC News - World https://ift.tt/3195Lkb

Claudia Andujar: A glimpse of Yanomami life in the jungle

A gallery of Claudia Andujar's photographs of Yanomami tribespeople

from BBC News - World https://ift.tt/2U8uOlM

Iowa caucuses: Nine unusual things about the Democratic race

Democrats are deciding who they want to take on Trump - and it can be a noisy, chaotic process.

from BBC News - World https://ift.tt/2ObnxxK

Censorship claims emerge as TikTok gets political in India

A TikTok influencer says his videos on Hindu-Muslim unity have triggered censorship on the app.

from BBC News - World https://ift.tt/31axGQK

Making beautiful colours without toxic chemicals

Dyeing clothes uses a lot of water and chemicals, but new tech is drawing on nature for colours.

from BBC News - World https://ift.tt/2RHL2kv

Coronavirus: Why are we catching more diseases from animals?

Climate change is shifting our relationship with the animal kingdom and helping diseases evolve.

from BBC News - World https://ift.tt/2UaUzSt

WHO declares coronavirus global emergency as death toll rises

China's health commission says the number of confirmed coronavirus cases rose to 9,692 with at least 213 deaths.

from Al Jazeera English https://ift.tt/36HeAmz

China battles coronavirus outbreak: All the latest updates

To coordinate global response, WHO says spread of coronavirus is 'public health emergency of international concern'.

from Al Jazeera English https://ift.tt/2vwhayB

Evacuation of foreigners from Wuhan hastening spread of virus?

Health expert says countries are justified in ordering evacuations as they are looking after welfare of their citizens.

from Al Jazeera English https://ift.tt/2GDDVTI

Transfer news and rumours LIVE: Man Utd ready to sell Pogba after signing Fernandes

'Man Utd is my first option' - Matic eager to sign new contract at Old Trafford

The Red Devils midfielder hopes he will be offered the chance to extend his stay at the club beyond the end of the current season

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/38Qtf00

Van Dijk says he doesn't 'need to study' ex-Liverpool striker Ings ahead of Southampton clash

The Dutchman is happy to see a former colleague thriving at St Mary's, but will be ready to limit his influence on the pitch this weekend

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2RFbPOg

Picture of the day for January 31, 2020

Cityscape of Seattle just after sunset, seen from the skyscraper Columbia Center at 701 5th Avenue, Seattle, Washington, USA.. Learn more.

Fox News Breaking News Alert

Fox News Breaking News Alert

PROGRAMMING ALERT: Sen. Rand Paul talks impeachment fight on 'The Story,' 7 pm ET

01/30/20 3:52 PM

Wednesday, January 29, 2020

Venezuela crisis forced José abroad to access HIV drugs

José Tovar is an HIV-positive refugee, forced to choose between staying in Venezuela or leaving home.

from BBC News - World https://ift.tt/38PhUx9

Holed up in Wuhan, foreign students look to escape virus-hit city

Overseas students in city at centre of outbreak are confined to dormitories, hoping to avoid coronavirus infection.

from Al Jazeera English https://ift.tt/3aYHUs7

Activist who fought to protect butterflies in Mexico found dead

Homero Gomez disappeared on January 13 and activists suspect his death could be related to illegal logging disputes.

from Al Jazeera English https://ift.tt/2SduJLl

Coronavirus: Death toll rises as virus spreads to every Chinese region

With one of the 7,711 confirmed cases reported in Tibet, the virus is now in every region of China.

from BBC News - World https://ift.tt/2U69LQP

Sun's surface seen in remarkable new detail

A telescope positioned atop a Hawaiian volcano acquires remarkable pictures of our convulsing star.

from BBC News - World https://ift.tt/2tawDDV

Eriksen wasn't meant to make Inter debut so soon - Conte

The Denmark midfielder had only just arrived from Spurs but was quickly thrown into the action by his new club

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/37DCMrf

Guardiola defends Woodward after Man Utd official's house attacked

The Spaniard believes the Red Devils have a squad capable of reclaiming former glory in the future

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2S36DCz

EFF: New Bill Would Make Needed Steps Toward Curbing Mass Surveillance

New Bill Would Make Needed Steps Toward Curbing Mass Surveillance

The Safeguarding Americans’ Private Records Act is a Strong Bill That Builds on Previous Surveillance Reforms

Last week, Sens. Ron Wyden (D–Oregon) and Steve Daines (R–Montana) along with Reps. Zoe Lofgren (D–California), Warren Davidson (R–Ohio), and Pramila Jayapal (D–Washington) introduced the Safeguarding Americans’ Private Records Act (SAPRA), H.R 5675. This bipartisan legislation includes significant reforms to the government’s foreign intelligence surveillance authorities, including Section 215 of the Patriot Act. Section 215 of the PATRIOT Act allows the government to obtain a secret court order requiring third parties, such as telephone providers, Internet providers, and financial institutions, to hand over business records or any other “tangible thing” deemed “relevant” to an international terrorism, counterespionage, or foreign intelligence investigation. If Congress does not act, Section 215 is set to expire on March 15.

The bill comes at a moment of renewed scrutiny of the government’s use of the Foreign Intelligence Surveillance Act (FISA). A report from the Department of Justice’s Office of the Inspector General released late last year found significant problems in the government’s handling of surveillance of Carter Page, one of President Trump’s former campaign advisors. This renewed bipartisan interest in FISA transparency and accountability—in combination with the March 15 sunset of Section 215—provides strong incentives for Congress to enact meaningful reform of an all-too secretive and invasive surveillance apparatus.

Congress passed the 2015 USA FREEDOM Act in direct response to revelations that the National Security Agency (NSA) had abused Section 215 to conduct a dragnet surveillance program that siphoned up the records of millions of American’s telephone calls. USA FREEDOM was intended to end bulk and indiscriminate collection using Section 215. It also included important transparency provisions aimed at preventing future surveillance abuses, which are often premised on dubious and one-sided legal arguments made by the intelligence community and adopted by the Foreign Intelligence Surveillance Court (FISC)—the federal court charged with overseeing much of the government’s foreign intelligence surveillance.

Unfortunately, government disclosures made since USA FREEDOM suggest that the law has not fully succeeded in limiting large-scale surveillance or achieved all of its transparency objectives. While SAPRA, the newest reform bill, does not include all of the improvements we’d like to see, it is a strong bill that would build on the progress made in USA FREEDOM. Here are some of the highlights:

Ending the Call Detail Records Program

After it was revealed that the NSA relied on Section 215 to collect information on the phone calls of millions of Americans, the USA Freedom Act limited the scope of the government’s authority to prospectively collect these records. But even the more limited Call Detail Records (CDR) program authorized in USA Freedom was later revealed to have collected records outside of its legislative authority. And last year, due to significant “technical irregularities” and other issues, the NSA announced it was shutting down the CDR program entirely. Nevertheless, the Trump administration asked Congress to renew the CDR authority indefinitely.

SAPRA, however, would make the much-needed reform of entirely removing the CDR authority and clarifying that Section 215 cannot be used to collect any type of records on an ongoing basis. Ending the authority of the CDR program is a necessary conclusion to a program that could not stay within the law and has already reportedly been discontinued. The bill also includes several amendments intended to prevent the government from using Section 215 for indiscriminate collection of other records.

More Transparency into Secret Court Opinions

USA FREEDOM included a landmark provision that required declassification of significant FISC opinions. The language of the law clearly required declassification of all significant opinions, including those issued before the passage of USA Freedom in 2015. However, the government read the law differently: it believed it was only required to declassify significant FISC opinions issued after USA Freedom was passed. This crabbed reading of USA Freedom left classified nearly forty years of significant decisions outlining the scope of the government’s authority under FISA—a result clearly at odds with USA Freedom’s purpose to end secret surveillance law. We are pleased to see that this bill clarifies that all significant FISC opinions, no matter when they were written, must be declassified and released. It also requires that future opinions be released within six months of the date of decision.

“Tangible Things” and the impact of Carpenter v. United States

As written, Section 215 allows the government to collect “any tangible thing” if it shows there are “reasonable grounds” to believe those tangible things are “relevant” to a foreign intelligence investigation. This is a much lower standard than a warrant, and we’ve long been concerned that an ambiguous term like “tangible things” could be secretly interpreted to obtain sensitive personal information. We know, for example, that previous requests under Section 215 included cell site location information, which can be used for invasive tracking of individuals’ movements. But the landmark 2018 Supreme Court decision in Carpenter v. United States clarified that individuals maintain a Fourth Amendment expectation of privacy in location data held by third parties, thus requiring a warrant for the government to collect it. Following questioning by Senator Wyden, the intelligence community stated it no longer used Section 215 to collect location data but admitted it hadn’t analyzed how Carpenter applied to Section 215. SAPRA addresses these developments by clarifying that the government cannot warrantlessly collect GPS or cell site location information. It also forbids the government from using Section 215 to collect web browsing or search history, and anything that would “otherwise require a warrant” in criminal investigations.

These are important limitations, but more clarification is still needed. Decisions like Carpenter are relatively rare. Even if several lower courts held that collecting a specific category of information requires a warrant, we're concerned that the government might argue that this provision isn’t triggered until the Supreme Court says so. That’s why we’d like to see the law be even clearer about the types of information that are outside of Section 215’s authority. We also want to extend some of USA’s Freedom’s limitations on the scope of collection. Specifically, we’d like to see tighter limits on the that the government have a “specific selection term” for the collection of “tangible things.”

Expanding the Role of the FISC Amicus

One of the key improvements in USA Freedom was a requirement that the FISC appoint an amicus to provide the court with a perspective independent of the government’s in cases raising novel or significant legal issues. Over time, however, we’ve learned that the amici appointed by the court have faced various obstacles in their ability to make the strongest case, including lack of access to materials relied on by the government. SAPRA includes helpful reforms to grant amici access to the full range of these materials and to allow them to recommend appeal to the FISA Court of Review and the Supreme Court.

Reporting

USA Freedom requires the intelligence community to publish annual transparency reports detailing the types of surveillance orders it seeks and the numbers of individuals and records affected by this surveillance, but there have been worrying gaps in these reports. A long-standing priority of the civil liberties community has been increased accounting of Americans whose records are collected and searched using warrantless forms of foreign intelligence surveillance, including Section 215 and Section 702. The FBI in particular has refused to count the number of searches of Section 702 databases it conducts using Americans’ personal information, leading to a recent excoriation by the FISC. SAPRA requires that the transparency reports include the number of Americans whose records are collected under 215, as well as the number of US person searches the government does of data collected under Sections 215 and 702.

Notice and Disclosure of Surveillance to Criminal Defendants

Perhaps the most significant reform needed to the government’s foreign intelligence surveillance authority as a whole is the way in which it uses this surveillance to pursue criminal cases.

There are two related issues: government notice to defendants that they were surveilled, and government disclosure to the defense of the surveillance applications. Under so-called “traditional” FISA—targeted surveillance conducted pursuant to a warrant-like process—defendants are supposed to be notified when the government intends to use evidence derived from the surveillance against them. The same is true of warrantless surveillance conducted under Section 702, but we’ve learned that for years the government did not notify defendants as required. This lack of transparency denied defendants basic due process. Meanwhile, the government currently has no obligation to notify defendants whose information was collected under Section 215.

SAPRA partially addresses these problems. First, it requires notification to defendants in cases involving information obtained through Section 215. Second, and more generally, it clarifies that notice to defendants is required whenever the government uses evidence that it would not have otherwise learned had it not used FISA.

But this only addresses half of the problem. Even if a criminal defendant receives notice that FISA surveillance was used, that notice is largely meaningless unless the defendant can see—and then directly challenge—the surveillance that led to the charges. This has been one of EFF’s major priorities when it comes to fighting for FISA reform, and we think any bill that tackles FISA reform in addition to addressing Section 215 should make these changes as well.

FISA sets up a mechanism through which lawyers for defendants who are notified of surveillance can seek disclosure of the underlying surveillance materials relied on by the government. Disclosure of this sort is both required and routine in traditional criminal cases. It is crucial to test the strength of the government’s case and to effectively point out any violations of the Fourth Amendment or other constitutional rights. But in the FISA context, despite the existence of a disclosure mechanism, it has been completely toothless; the history of the law, no defendant has ever successfully obtained disclosure of surveillance materials.

The investigation into surveillance of Carter Page demonstrates why this is a fundamental problem. The Inspector General found numerous defects in the government’s surveillance applications—defects that, had Carter Page been prosecuted, might have led to the suppression of that information in a criminal case against him. But, under the current system, Page and his lawyers never would have seen the applications. And, the government might have been able to obtain a conviction based on potentially illegal and unconstitutional surveillance.

It’s important for Congress to take this opportunity to codify additional due process protections. It’s a miscarriage of justice if a person can be convicted on unlawfully acquired evidence, yet can’t challenge the legality of the surveillance in the first place. Attorneys for defendants in these cases need access to the surveillance materials—it’s a fundamental issue of due process. Unfortunately, SAPRA does not include any reforms to the disclosure provision of FISA. We look forward to working with Congress to ensure that the final FISA reform bill tackles this issue of disclosure.

In 2015, USA FREEDOM was a good first step in restoring privacy protections and creating necessary oversight and transparency into secret government surveillance programs. But in light of subsequent evidence, it’s clear that much more needs to be done. Though we would like to see a few improvements, SAPRA is a strong bill that includes many necessary reforms. We look forward to working with lawmakers to ensure that these and other provisions are enacted into law before March 15.

Published January 30, 2020 at 02:22AM
Read more on eff.org

China battles coronavirus outbreak: All the latest updates

Death toll jumps again, infections accelerate while airlines cut flights and businesses suspend operations.

from Al Jazeera English https://ift.tt/2tSNeMW

Solskjaer explains why Fred took Man Utd's late free-kick in Carabao Cup semi-final

The Brazilian surprisingly stepped up late in the game but failed to make the most of it

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2U6Fcuv

Man Utd need a striker who 'will break his nose to score' - Solskjaer

The Red Devils boss wants a goalscorer willing to put their body on the line at Old Trafford

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/37FpGth

Homero Gómez: Missing Mexican butterfly activist found dead

Activists fear that Homero Gómez may have been targeted because of his fight against illegal logging.

from BBC News - World https://ift.tt/2U5Itu0

Is visiting a strip club anti-feminist?

Videos of pop star Dua Lipa at a strip club provoked a question: can a feminist go to a strip joint?

from BBC News - World https://ift.tt/37Dok2t

A holiday camp for India's captive elephants

Once a year, captive elephants get pampered at the camp in India which has become a popular event.

from BBC News - World https://ift.tt/36DC4sC

Britons give Brexit boost to idyllic French village

The share of property held by Britons may be falling in France, but the opposite is happening in Eymet.

from BBC News - World https://ift.tt/2S4LPuu

African diaspora: Did Ghana's Year of Return attract foreign visitors?

Ghana's president has declared the Year of Return targeting the African diaspora a great success - but is he right?

from BBC News - World https://ift.tt/3aVYpVs

US now forcing asylum seekers from Brazil to wait in Mexico

Move comes as immigrant advocates document how many 'Remain in Mexico'-affected asylum seekers don't have legal support.

from Al Jazeera English https://ift.tt/2U5EsFW

Transfer news and rumours LIVE: Barcelona readying £20m Willian bid

'Who cares?' - Klopp not concerned by 'normal' Liverpool performance

The German was far from concerned after his side failed to set the world alight in extending their Premier League lead to 19 points against West Ham

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2t8IthH

Sinclair breaks Wambach's record as Canada star becomes all-time top international goalscorer

The veteran forward, who made her international debut 20 years ago, reached the mark with her second strike against St Kitts & Nevis

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/37E1yHF

Picture of the day for January 30, 2020

A ringed seal (Pusa hispida) in the Laptev Sea near Bolshoy Begichev Island, Yakutia, Russia. Learn more.

Zidane backs misfiring Jovic to come good at Real Madrid

Language English

Standfirst:

- Show all tags

Primary term:

Include in the block:

Main Image:

Image Style:

Landscape

Enable for Dagbladet:

Facebook Instant Article:

from FourFourTwo https://ift.tt/3aPLynP

Ole Gunnar Solskjaer applauds United’s attitude after falling short of cup final

Language English

Standfirst:

- Show all tags

Primary term:

Include in the block:

Main Image:

Image Style:

Landscape

Enable for Dagbladet:

Facebook Instant Article:

from FourFourTwo https://ift.tt/2vy9rjM

Tuesday, January 28, 2020

Looking to stars, Hong Kong fortune tellers see only clouds

Year of the Rat expected to bring more gloom to a territory, which has been rocked by months of protests.

from Al Jazeera English https://ift.tt/2uG08xE

What will Palestinians lose if Israel annexes Jordan Valley?

Annexation of territory cuts off West bank from River Jordan, which feeds over 80,000 hectares of agricultural lands.

from Al Jazeera English https://ift.tt/37wFvCC

Record 7,423 US bombs dropped in Afghanistan in 2019: report

US has ramped up air bombings since Trump was elected in 2016, killing 717 civilians in the first half of last year.

from Al Jazeera English https://ift.tt/3aTtGIH

Hungary border patrol fires warning shots to stop refugees

Most of Tuesday's group failed to cross the border, and the four who managed to enter Hungary were intercepted.

from Al Jazeera English https://ift.tt/2tOYwBS

Coronavirus: Foreigners evacuated from Wuhan as China death toll rises

Hundreds of people fly out of Wuhan as the death toll from the coronavirus outbreak rises to 132.

from BBC News - World https://ift.tt/36titva

Brexit: French petition launched for Briton denied citizenship

Carpenter Mark Lawrence has lived in France for 27 years but authorities say he does not earn enough.

from BBC News - World https://ift.tt/2RWmFyn

Putin's Russia: Do Russians care what president does next?

Russia's president plans to change things at the top but most Russians have little time for Moscow politics.

from BBC News - World https://ift.tt/2RQDlHe

Shaheen Bagh: The 'traitors' targeted by hardliners in poll battle

Protesters in a Muslim-dominated part of Delhi have become the focus of a bitter battle for votes.

from BBC News - World https://ift.tt/30ZxGmA

Neelam Krishnamoorthy: The film tickets that destroyed a family

Neelam Krishnamoorthy got film tickets for her kids. She now calls them "tickets to death".

from BBC News - World https://ift.tt/37CaGwi

Emiliano Sala's death: Cardiff send information to French prosecutors about Nantes involvement

The Championship club have co-operated with French authorities as the death of the Argentine continues to be investigated

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2uFU8oC

Aidil laments difficulty in stopping Seoul with one man less

The Kedah head coach knew it was an uphill battle once Renan saw red but wants his charges to learn from the experience.

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2tPrK3z

China battles coronavirus outbreak: All the latest updates

Japan, US begin evacuating citizens from hardest-hit city of Wuhan as death toll continues to rise.

from Al Jazeera English https://ift.tt/2O5CHVx

What happens next in the Trump impeachment trial?

Before the question of witnesses is resolved, senators will have 16 hours to submit questions to each side.

from Al Jazeera English https://ift.tt/36zD0y3

Does Trump's US-Israeli plan make Middle East peace impossible?

The White House launched a 'conceptual map' of what the West Bank and Gaza Strip would look like.

from Al Jazeera English https://ift.tt/3aPtYQX

Picture of the day for January 29, 2020

Indonesian actress Aminah Cendrakasih, who acted in more than a hundred feature films, in the late 1950s. Today is her birthday. Photo by Tati Photo Studio.. Learn more.

Coronavirus: Australian scientists first to recreate virus outside China

Australian scientists say it is a "significant breakthrough" in efforts to contain the new coronavirus.

from BBC News - World https://ift.tt/2GxPHyY

Trump's Middle East peace plan: Smiles and sorrow on the ground

President Donald Trump calls the strategy a win-win opportunity for both sides - but is it?

from BBC News - World https://ift.tt/2U2y8yY

AC Milan's Suso closes in on Sevilla transfer

The Spanish winger is set to return to his home nation on a temporary deal that could become permanent

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/38Nph8k

Transfer news and rumours LIVE: Barcelona move for Ajax star Tadic

EFF: Off-Facebook Activity is a Welcome but Incomplete Move

Off-Facebook Activity is a Welcome but Incomplete Move

Today Facebook announced the roll-out of its Off-Facebook Activity tool (initially introduced as “Clear History” nearly two years ago). The tools shows you a list of apps, websites, and businesses that Facebook knows you have visited through its business tools (including Facebook Login, Facebook’s tracking Pixel, social widgets such as Like and Share buttons, and other less visible features for developers). It also gives you options to “clear” or “disconnect” the identifiable information they have linked to your account. For more on how to use the setting, see our tutorial post.

This is a good step for Facebook to take, and we hope it pushes other companies who talk a big game about transparency—looking at you, Google—to follow suit. If even Facebook can give people this level of transparency and control around a particular data stream, other adtech players should be able to get their act together.

That said, it's an incomplete measure, not least because we know that most users are unlikely to dig into and change their settings. In the U.S., for example, three-quarters of adults don’t even know that Facebook’s “ad preferences” page exists.

On top of that, this tool doesn't come close to covering all the ways Facebook collects and monetizes data about you. For starters, there's no way to opt out of Custom Audiences, one of Facebook's most powerful targeted advertising services.

As long as the burden is on users to carefully manage multiple sets of labyrinthine privacy settings, the privacy-invasive norms of targeted advertising will remain. But Facebook and other companies whose business model relies on harvesting your data know that most users are uncomfortable with the status quo, and likely would not choose to have ads targeted at them if given a real option. That’s why we need a strong federal privacy law in the U.S. and stronger interpretation of existing privacy laws globally. Without it, we’ll just be shuffling deck chairs on the Titanic.

Published January 29, 2020 at 12:59AM
Read more on eff.org

EFF: EFF and Other Groups to PCLOB: Urge the Ban of Face Recognition

EFF and Other Groups to PCLOB: Urge the Ban of Face Recognition

This week EFF joined a coalition letter asking the Privacy and Civil Liberties Board (PCLOB) to urge that the government suspend its use of face recognition technology. The letter was signed by organizations like Color of Change, Council on American-Islamic Relations, Demand Progress, Fight for the Future, National Center for Transgender Equality, and the Project on Government Oversight, to name a few.

In it, the groups point to the many ways that face recognition can track people, presumes guilt of the people whose faces have been collected or identified, and can even misidentify them to great consequence. “While we do not believe that that improved accuracy of facial recognition would justify further deployment,” the letter’s authors write, “we do believe that the obvious problems with bias and discrimination in the systems that are currently in use is an additional reason to recommend a blanket moratorium.”

The letter even points to recent startling revelations regarding Clearview AI, a wholly unregulated company that provices face recognition capability to more than 600 law enforcement agencies around the United States.

PCLOB is an independent agency in the executive branch that published a 2014 report on warrantless surveillance of the Internet by the U.S. intelligence community. In July 2019, it announced that it would be investigating a number of big topics in the national security and civil liberties sphere, including facial recognition and other biometric technologies being used in airport security.

This new wave of activism comes in the wake of a number of cities across the United States banning and passing long-term moratoriums on police use of face recognition technology. EFF has been doing our part to support local ordinances banning this invasive and harmful technology. We’ve also recently launched About Face, a new project that provides cities and states interested in banning the technology with a toolkit and a model bill.

We hope that PCLOB will take up the call from these organizations and do its part to end the government’s use and misuse of this dangerous technology.

Published January 29, 2020 at 12:12AM
Read more on eff.org

EFF: How to Change Your Off-Facebook Activity Settings

How to Change Your Off-Facebook Activity Settings

Facebook's long-awaited Off-Facebook Activity tool started rolling out today. While it's not a perfect measure, and we still need stronger data privacy laws, this tool is a good step toward greater transparency and user control regarding third-party tracking. We hope other companies follow suit, and we encourage users to take advantage of it.

This tutorial will guide you through the steps to not only “clear” the off-Facebook activity already linked with your account, but also to prevent future activity from being associated with your account going forward. Note that this won’t stop third parties from sending Facebook information about you—it will only stop Facebook from associating that information with your account.

1. Navigate to the “Your Facebook Information” section of your settings and select “Off-Facebook Activity.” (Or, just go to https://www.facebook.com/off_facebook_activity/ while logged into your account.)

2. You’ll see an option to “Clear History" in the sidebar on the right, but we want to use a more powerful feature. At the bottom of that sidebar, click “More Options” and then select “Manage Future Activity.”

3. You’ll see a pop-up giving you some more information. Click “Manage Future Activity.”

4. Click the blue toggle.

5. Click “Turn Off” in the pop-up, and you are done! This should return you to the same screen, with the toggle now grey and to the left in the “off” position.

Published January 28, 2020 at 11:51PM
Read more on eff.org

Jack Ross heaps praise on hat-trick hero Christian Doidge

Language English

Standfirst:

Include in the block:

Main Image:

Image Style:

Landscape

Enable for Dagbladet:

Facebook Instant Article:

from FourFourTwo https://ift.tt/2O6HZzM

Monday, January 27, 2020

Relentless ATK reaped the rewards against NorthEast United

ATK are back on top of the table as they continue their pursuit for the Asian Champions League group stage berth...

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2RYNIZG

I-League 2019-20: Punjab FC vs NEROCA FC - TV channel, stream, kick-off time & match preview

The hosts are unbeaten at home as they look to go within three points of table toppers Mohun Bagan

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2t2yA58

Africa Cup of Nations 2021: Host, qualifiers & full competition guide

Goal brings you everything you need to know ahead of next year's Africa Cup of Nations tournament

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2tU4G3m

WATCH: Enyimba walk tightrope after Hassania Agadir draw

The two-time African champions were held at home by Ghazelle de Sousse and their qualification hopes now hang in the balance

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2U3aS3K

WATCH: Al Nasr qualify after away win at Djoliba

Having secured an away win at Stade du 26 Mars, the Libyans are through to the quarter-final of the Caf Confederation Cup

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2RTcmel

Singapore national team, Singapore Premier League & Cup - The 2020 football calendar in full

We have collated all the important dates on the Singaporean football calendar for 2020 for you as there's plenty of exciting action coming up

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/38tyX8A

China virus death toll jumps to 106, nearly 1,300 new cases: govt

The virus that began in Wuhan late last year continues to spread with China reporting more deaths and more cases.

from Al Jazeera English https://ift.tt/37xpcWn

Trump impeachment trial: Bolton takes centre stage from afar

Bolton's book clouds White House hopes for swift end to the impeachment trial, fueling Democratic demands for witnesses.

from Al Jazeera English https://ift.tt/36z1MOV

Kobe Bryant's helicopter tried to climb to avoid fog before crash

Experts question how the retired basketball star's helicopter was allowed to fly despite poor visibility.

from Al Jazeera English https://ift.tt/2tN52ci

Fox News Breaking News Alert

Fox News Breaking News Alert

Dershowitz, speaking in Trump's Senate trial, tells House Dems they chose the 'wrong' impeachment criteria

01/27/20 6:10 PM

Coronavirus: Death toll climbs to 106 as China tightens measures

Transport restrictions have been further tightened, with some cities suspending public transport.

from BBC News - World https://ift.tt/38FSDFy

Four goals from nine shots – Nketiah’s predatory instinct for Arsenal

The Ghanaian boasts of an impressive record after his goal in the Gunners’ triumph over the Cherries on Monday night

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2tZ5u7h

Arteta confirms Arsenal looking for reinforcements after Mustafi injury blow

The Gunners lost their German centre-half to injury in the cup win, during which several young players impressed the manager

from Football News, Live Scores, Results & Transfers | Goal.com https://ift.tt/2GqDAUg

Twitter and Facebook accounts for 15 NFL teams hacked

The American football teams were targeted by a group that said the accounts had lax security.

from BBC News - World https://ift.tt/36CwKpz

EFF: Ring Doorbell App Packed with Third-Party Trackers

Ring Doorbell App Packed with Third-Party Trackers

Ring isn't just a product that allows users to surveil their neighbors. The company also uses it to surveil its customers.

An investigation by EFF of the Ring doorbell app for Android found it to be packed with third-party trackers sending out a plethora of customers’ personally identifiable information (PII). Four main analytics and marketing companies were discovered to be receiving information such as the names, private IP addresses, mobile network carriers, persistent identifiers, and sensor data on the devices of paying customers.

The danger in sending even small bits of information is that analytics and tracking companies are able to combine these bits together to form a unique picture of the user’s device. This cohesive whole represents a fingerprint that follows the user as they interact with other apps and use their device, in essence providing trackers the ability to spy on what a user is doing in their digital lives and when they are doing it. All this takes place without meaningful user notification or consent and, in most cases, no way to mitigate the damage done. Even when this information is not misused and employed for precisely its stated purpose (in most cases marketing), this can lead to a whole host of social ills.

Ring has exhibited a pattern of behavior that attempts to mitigate exposure to criticism and scrutiny while benefiting from the wide array of customer data available to them. It has been able to do so by leveraging an image of the secure home, while profiting from a surveillance network which facilitates police departments’ unprecedented access into the private lives of citizens, as we have previously covered. For consumers, this image has cultivated a sense of trust in Ring that should be shaken by the reality of how the app functions: not only does Ring mismanage consumer data, but it also intentionally hands over that data to trackers and data miners.

Findings

Our testing, using Ring for Android version 3.21.1, revealed PII delivery to branch.io, mixpanel.com, appsflyer.com and facebook.com. Facebook, via its Graph API, is alerted when the app is opened and upon device actions such as app deactivation after screen lock due to inactivity. Information delivered to Facebook (even if you don’t have a Facebook account) includes time zone, device model, language preferences, screen resolution, and a unique identifier (anon_id), which persists even when you reset the OS-level advertiser ID.

Branch, which describes itself as a “deep linking” platform, receives a number of unique identifiers (device_fingerprint_id, hardware_id, identity_id) as well as your device’s local IP address, model, screen resolution, and DPI.

AppsFlyer, a big data company focused on the mobile platform, is given a wide array of information upon app launch as well as certain user actions, such as interacting with the “Neighbors” section of the app. This information includes your mobile carrier, when Ring was installed and first launched, a number of unique identifiers, the app you installed from, and whether AppsFlyer tracking came preinstalled on the device. This last bit of information is presumably to determine whether AppsFlyer tracking was included as bloatware on a low-end Android device. Manufacturers often offset the costs of device production by selling consumer data, a practice that disproportionately affects low-income earners and was the subject of a recent petition to Google initiated by Privacy International and co-signed by EFF.

Most alarmingly, AppsFlyer also receives the sensors installed on your device (on our test device, this included the magnetometer, gyroscope, and accelerometer) and current calibration settings.

Ring gives MixPanel the most information by far. Users’ full names, email addresses, device information such as OS version and model, whether bluetooth is enabled, and app settings such as the number of locations a user has Ring devices installed in, are all collected and reported to MixPanel. MixPanel is briefly mentioned in Ring’s list of third party services, but the extent of their data collection is not. None of the other trackers listed in this post are mentioned at all on this page.

Ring also sends information to the Google-owned crash logging service Crashalytics. The exact extent of data sharing with this service is yet to be determined.

Data delivered to api.branch.io

Data delivered to api.mixpanel.com

Data delivered to graph.facebook.com

Data delivered to t.appsflyer.com

Methodology

All traffic we observed on the app was being sent using encrypted HTTPS. What’s more, the encrypted information was delivered in a way that eludes analysis, making it more difficult (but not impossible) for security researchers to learn of and report these serious privacy breaches.

Our dynamic analysis was performed using mitmproxy running on an access point to intercept and analyze HTTPS flows from an Android test device. To remove noise generated from other apps, we installed the AFWall+ firewall app and only allowed network traffic from Ring. mitmproxy generates a root x509 certificate which is to be installed in the OS-level certificate store in Android, allowing active interception to take place on otherwise secured traffic. This led us to the initial discovery that the root certificate was not being accepted as valid, and that some form of certificate pinning was being employed by the app.

App-level certificate pinning is when an app validates the certificates of a remote server against a record of that certificate stored within the app, rather than validating against the list of root certificates within the OS. This is often used as a security measure, to ensure that misissuance of certificates or mismanagement along the chain of trust in PKI does not compromise the integrity, confidentiality, or authenticity of HTTPS traffic. Unfortunately, it can also prevent security researchers and users from seeing exactly what information these devices are sending, and to whom. In the case of Ring, we initially observed all intercepted traffic upon launch being rejected, and were not able to observe any communications.

mitmproxy screen displaying results of certificate pinning

It was only through the powerful dynamic analysis framework Frida that we were able to inject code into Ring at runtime, which ensured that the certificate provided by our mitmproxy instance would be accepted as valid. This allowed us to inspect all HTTPS traffic sent through the app.

Conclusion

Ring claims to prioritize the security and privacy of its customers, yet time and again we’ve seen these claims not only fall short, but harm the customers and community members who engage with Ring’s surveillance system. In the past, we’ve illuminated the mismanagement of user information which has led to data breaches, and the attempt to place the blame for such blunders at the customers’ feet.

This goes a step beyond that, by simply delivering sensitive data to third parties not accountable to Ring or bound by the trust placed in the customer-vendor relationship. As we’ve mentioned, this includes information about your device and carrier, unique identifiers that allow these companies to track you across apps, real-time interaction data with the app, and information about your home network. In the case of MixPanel, it even includes your name and email address. This data is given to parties either only mentioned briefly, buried on an internal page users are unlikely to ever see, or not listed at all.

mitmproxy flow files:

Published January 28, 2020 at 02:07AM
Read more on eff.org