Deeplinks Blog posts about Security
Google's security team recently identified a new domain masquerading as an official EFF site as part of a targeted malware campaign. That domain, electronicfrontierfoundation.org, is designed to trick users into a false sense of trust and it appears to have been used in a spear phishing attack, though it is unclear who the intended targets were. The domain was registered on August 4, 2015, under a presumably false name, and we suspect that the attack started on the same day. At the time of this writing the domain is still serving malware.
Yesterday, Manhattan District Attorney Cyrus Vance, Jr. and law enforcement officials from Paris, London, and Madrid published an anti-encryption op-ed in the New York Times—an op-ed that amounts to nothing more than a blatant attempt to use fear mongering to further their anti-privacy, anti-security, and anti-constitutional agenda. They want a backdoor. We want security, privacy, and respect for the Fourth Amendment’s guarantee that we be “secure” in our papers. After all, the Founding Fathers were big users of encryption.
Earlier this week researchers with Zimperium Mobile Security announced that they had found a scary new vulnerability deep in the code that Android phones and tablets use to handle multimedia.
The code and the vulnerability are called StageFright. The researchers discovered that by sending a text message containing a specially crafted audio or video file they could execute arbitrary code on the victim's phone. Zimperium estimates that in 50% of cases the user wouldn't even have to open the text message for the exploit to work. In the other 50%, the exploit runs as soon as the user opens the message containing the malicious content. According to Zimperium, this vulnerability affects any Android device running version 2.2 or above regardless of manufacturer, which accounts for nearly every android phone in existence (95% according to Zimperium).
EFF has long advocated for greater vigilance over the potential sale of specially-developed surveillance tools to oppressive regimes that use technology to commit human rights abuses. We want those countries to be held legally accountable for such conduct, and have rallied tech companies to take steps to prevent their products and services from being used for censorship and/or to target and harm activists.
La ciudad de Buenos Aires está en proceso de elegir a su próximo Jefe de Gobierno y a los miembros de la Legislatura. Las elecciones fueron el pasado 5 de julio, cuyos resultados derivaron a una segunda vuelta programada para el 19 del corriente, al mismo tiempo, debutó en la capital Argentina un sistema de votación electrónica denominado Vot.ar, desarrollado por la compañía Magic Software Argentina (MSA).
Pages
Subscribe to EFF Updates
Deeplinks Archives
Deeplinks Topics
- Fair Use and Intellectual Property: Defending the Balance
- Free Speech
- Innovation
- International
- Know Your Rights
- Privacy
- Trade Agreements and Digital Rights
- Security
- State-Sponsored Malware
- Abortion Reporting
- Analog Hole
- Anonymity
- Anti-Counterfeiting Trade Agreement
- Biometrics
- Bloggers' Rights
- Broadcast Flag
- Broadcasting Treaty
- CALEA
- Cell Tracking
- Coders' Rights Project
- Computer Fraud And Abuse Act Reform
- Content Blocking
- Copyright Trolls
- Council of Europe
- Cyber Security Legislation
- CyberSLAPP
- Defend Your Right to Repair!
- Defending Digital Voices
- Development Agenda
- Digital Books
- Digital Radio
- Digital Video
- DMCA
- DMCA Rulemaking
- Do Not Track
- DRM
- E-Voting Rights
- EFF Europe
- Encrypting the Web
- Export Controls
- FAQs for Lodsys Targets
- File Sharing
- Fixing Copyright? The 2013-2015 Copyright Review Process
- FTAA
- Genetic Information Privacy
- Hollywood v. DVD
- How Patents Hinder Innovation (Graphic)
- ICANN
- International Privacy Standards
- Internet Governance Forum
- Law Enforcement Access
- Legislative Solutions for Patent Reform
- Locational Privacy
- Mandatory Data Retention
- Mandatory National IDs and Biometric Databases
- Mass Surveillance Technologies
- Medical Privacy
- National Security and Medical Information
- National Security Letters
- Net Neutrality
- No Downtime for Free Speech
- NSA Spying
- OECD
- Online Behavioral Tracking
- Open Access
- Open Wireless
- Patent Busting Project
- Patent Trolls
- Patents
- PATRIOT Act
- Pen Trap
- Policy Analysis
- Printers
- Public Health Reporting and Hospital Discharge Data
- Reading Accessibility
- Real ID
- RFID
- Search Engines
- Search Incident to Arrest
- Section 230 of the Communications Decency Act
- Social Networks
- SOPA/PIPA: Internet Blacklist Legislation
- Student and Community Organizing
- Stupid Patent of the Month
- Surveillance and Human Rights
- Surveillance Drones
- Terms Of (Ab)Use
- Test Your ISP
- The "Six Strikes" Copyright Surveillance Machine
- The Global Network Initiative
- The Law and Medical Privacy
- TPP's Copyright Trap
- Trans-Pacific Partnership Agreement
- Travel Screening
- TRIPS
- Trusted Computing
- Video Games
- Wikileaks
- WIPO
- Transparency
- Uncategorized
eff.org/nsa-spying
