Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
So, as everyone knows on here by now (or, a lot of ranters), I am a fervid privacy person.
Appearantly a new surveillance law in my country is about to extend mass surveillance/hacking a lot. So here a rundown of what they are about to be allowed to do (stuff that is not okay imo and this is the reason I am so pro-privacy):
- Mass Data Gathering: The intelligence agency over here (lets call it IA from now) can pretty much record everything send through the country.
- Extra Protection: If they want to conduct surveillance on journalists/lawyers, they have to go through extra channels first at least.
- Data/survaillance sharing: The IA is allowed to share their raw/filtered data with foreign intelligence agencies without limits. Also, they're allowed to conduct surveillance based on foreign requests.
- Secret DNA database: A secret DNA database will be created which can store the DNA profiles of any person who has commited any kind of crime. These profiles are allowed to be stored for a maximum of 30 years. This database is allowed to be shared with any foreign intelligence agency.
- Hacking: Unlimited power to hack any device deemed neccesary to hack in relation to crime. From computers to smartphones and so on. Also, it's allowed to use zero-days without reporting them to the vendor (we have seen what can go wrong with that through the ShadowBrokers scandal).
- Automatic Database Collection: They are allowed to directly tap into any database they see required (banks, healthcare, messaging services and so on). Practically this can lead to backdoors being build in because if you don't cooperate, you can go to prison. (mother of god I am not using anything closed source anymore if possible).
So yeah, this is pretty much the reason why I am so privacy consious. This country is fucked.57 -
Although it might not get much follow up stuffs (probably a few fines but that will be about it), I still find this awesome.
The part of the Dutch government which keeps an eye on data leaks, how companies handle personal data, if companies comply with data protection/privacy laws etc (referring to it as AP from now on) finished their investigation into Windows 10. They started it because of privacy concerns from a few people about the data collection Microsoft does through Windows 10.
It's funny that whenever operating systems are brought up (or privacy/security) and we get to why I don't 'just' use windows 10 (that's actually something I'm asked sometimes), when I tell that it's for a big part due to privacy reasons, people always go into 'it's not that bad', 'oh well as long as it's lawful', 'but it isn't illegal, right!'.
Well, that changed today (for the netherlands).
AP has concluded that Windows 10 is not complying with the dutch privacy and personal data protection law.
I'm going to quote this one (trying my best to translate):
"It appears that Microsofts operating system follows every step you take on your computer. That gives a very invasive image of you", "What does that mean? do people know that, do they want that? Microsoft should give people a fair chance for deciding this by themselves".
They also say that unless explicit lawful consent is given (with enough information on what is collected, for what reasons and what it can be used for), Microsoft is, according to law, not allowed to collect their telemetrics through windows 10.
"But you can turn it off yourself!" - True, but as the paragraph above said, the dutch law requires that people are given more than enough information to decide what happens to their data, and, collection is now allowed until explicitly/lawfully ok'd where the person consenting has had enough information in order to make a well educated decision.
I'm really happy about this!
Source (dutch, sorry, only found it on a dutch (well respected) security site): https://security.nl/posting/534981/...8 -
Did you read about the new Digital Services Act and Digital Markets Act laws of the European Union, that will go in effect in 2022? Pretty neat stuff, more transparency, user rights and a tool against internet monopolies.
"Very big online plattforms" must submit reports on freedom of speech, abuse of human rights, manipulation of public opinion.
EU assigned scientists will gain access to trade secrets like google search or Amazon recommendation algorithm to analyze potential threats.
The EU can fine serial offenders 10 % of their yearly income. And break up companies that stiffle competition.
Internet companies like Facebook will not be permitted to share user data between their products like Instagram and WhatsApp.
There will be a unified ruleset on online advertisement. Each add must have the option to find out why this add is shown to the user.
Unlike the GDRP data protection rule the two acts will be valid at the Union level. So that there won't be any exceptions from single member states.
Let's hope this leads to a better Internet and not things like cookie pop ups 😄
Link to the EU DMA DSA page
> https://ec.europa.eu/digital-single...
49 -
Story time...of how HR actually did its job of taking care of employees.
So, I started at this new gig on December, the boss was all sunshine and promise (big red flag now to think back). Then as time passed, he started seeming...off. To a point I considered quitting my boss just after 2 months of working for him.
Then one morning we had a project meeting. He started verbally abusing me, calling me incompetent, bashing my work (of which he knew ~nothing, his experience 30 years back). Earlier in the week he demanded me to make a presentation which he in this meeting told is complete bullshit without actually reading any of it. He told me 'I am your boss, you do exactly as I say' when I told him something is technologically impossible in the situation we're in. He *actually* told me to break the law with data protection...
This was like wtf dude. That's not how you manage people. So, I made an HR ticket about his behaviour. They were *shocked* and escalated the matter.
Long story short: he was a bully, he's getting fired, my team has a new manager. My workplace actually appreciates my expertise.
Bad thing in this is, now I actually need to continue doing my job. ;_;8 -
So... Intense pillowtalk with the wife the other night regarding the coming enforcement of the new General Data Protection Regulation (GDPR) law in the EU after a while turns into nerdy dirty talk.
Me: *Whisper in a sleazy voice like the dirty malware that I am*: So... Why don't you just open up all your inbound firewall ports for me...
Her: Hell no... But I might just make an exception in the private domain just for you...4 -
The German constitutional court (BverfG) declared many part of the law regulating the German secret agency "Bundesnachrichtendienst" (Federal Intelligence Service; BND) for unlawful and unconstitutional.
The key points:
- The freedom of press and the right for privacy are human rights, not just for Germans
- Uncontrolled and targetless, without protection for e.g. foreign journalists
- No independent control institution
- Lawmakers completely did not mention why they see a reason why human rights can be restricted, but intentionally did not respect them
- There must be specific reasons to give data to other countries' secret agencies
Sources (in German):
- https://spiegel.de/netzwelt/...
- https://golem.de/news/...
-9 -
Mozilla has announced that it's rolling out changes under the California Consumer Privacy Act (CCPA) to all Firefox users worldwide.
According to report of ZDNet: The CCPA (America's privacy legislation) came into effect on January 1, 2020, offering Californian users data-protection rules. Much like Europe's GDPR, the CCPA gives consumers the right to know what personal information is collected about them and to be able to access it. While the law technically only applies to data processed about residents in California, US. But Mozilla notes it was one of the few companies to endorse CCPA from the outset. Mozilla has now outlined the key change it's made to Firefox, which will ensure CCPA regulations benefit all its users worldwide. The main change it's introducing is allowing users to request that Mozilla deletes Firefox telemetry data stored on its servers. That data doesn't include web history, which Mozilla doesn't collect anyway, but it does include data about how many tabs were opened and browser session lengths. The new control will ship in the next version of Firefox on January 7, which will include a feature to request desktop telemetry data be deleted directly from the browser.6 -
The new UK law for data sharing with the governments is crazy with making it law for service providers to hold data of browsing history and big sites like google, facebook so on to retain human readable access to there data is they offer a service to the UK, what steps do we take to protect the data, service but also follow this law I can't see anything that would make any sense to be able to follow this law.
What are your views and ideas going forward, at the moment the UK as made it law even tho the EU said stop this madness, so lets take it as red its there, is there sense-able way to do this or are we going to have to provide UK users data a means to be back doored?11
Top Tags
Weekly Rant
View