Security This Week: If You Sue Ashley Madison, You’ll Have to Use Your Real Name
This week it became more clear than ever that the Apple-FBI fight was just the beginning of a new wave of encryption fights. Vibes announced that it would enable encryption by default for its 700 million users—and since it’s a foreign company, Congress won’t be able to do a thing about it. Oh, and that San Bernadino iPhone that caused all the fuss? Sounds like the FBI paid over a million bucks to a third party to access it.
There were also hearings about encryption on Capitol Hill this week, though whatever legislation Congress does come up with would be much more informed if the Office of Technology Assessment hadn’t been axed 20 years ago. Meanwhile, on the other side of the world, tech-savvy Iranians are using satellites to get around their country’s internet bans and slow speeds. Google introduced Montage, a video analysis tool that allows for more accurate war reporting. And MIT devised a way for humans and AI to work together to identify 85 percent of cyberattacks. That’s a lot!
And there was more: Each Saturday we round up the news stories that we didn’t break or cover in depth at WIRED, but which deserve your attention nonetheless. As always, click on the headlines to read the full story in each link posted. And stay safe out there.
If you want to sue Ashley Madison for the hack that leaked the names of its customers, you’ll have to use your real name, which sounds like a fun way to relive a terrible day. As the New York Times reports, several dozen plaintiffs had moved to file suit under a John Doe pseudonym, because the entire reason they want to sue in the first place is that people found out they were Ashley Madison customers. The judge in the case noted that there was no legal precedent to allow anonymity under threat of embarrassment, besides which their names were already out in public because of the hack.
In the fall of 2014, Facebook launched a version of its site on Tor, the privacy-friendly network. It’s been growing nicely. In June of 2015 it saw around 525,000 people visiting in a given 30-day window. This month, that number’s now up to over a million.
Facebook says there’s been no one surge in usage, but instead a mostly linear progression. Steady as she goes! But also secure. Steady and secure.
Though they’re mostly known for helping people dodge regional content restrictions, VPNs can be handy for all kinds of things, including masking your online activity. They can require a little bit of technological know-how, though, or at the very least an extra download. But wait! The latest developer version of the Opera desktop browser now has a (free) VPN built right in.
Best of all, it seems pretty easy to use; just a couple of clicks to switch a VPN on and you’re set. On the other hand, Opera’s a likely acquisition target for a consortium of Chinese internet companies. If that actually happens your overall security mileage may vary.
The Burr-Feinstein encryption bill is historically bad, and the Reform Government Surveillance group would like Congress to know it. In an open letter this week, the group, which counts Google, Apple, Facebook, Microsoft, and more among its members, outlined its objections.
“We believe it is critical to the safety of the nation’s, and the world’s, information technology infrastructure for us all to avoid actions that will create government-mandated security vulnerabilities in our encryption systems,” the letter states, just after calling the bill “unworkable.”
There probably aren’t words enough to describe how bad this bill is, but this letter is as good a start as any.
Last year, a former federal prosecutor named Amy Jeffress was asked by the Foreign Intelligence Surveillance Court to determine whether the NSA’s PRISM program was illegal. Jeffress, in turn, said that she thought the FBI’s ability to investigate data associated with certain email addresses was far too broad.
As these things go, the judge disagreed, and his opinion was kept confidential until its release earlier this week. The full findings of Jeffress remain sealed.