Hey You, Get Off Of My Cloud

Why I don’t do Facebook, reason No. umpty-three…

When it comes to personal data security I’ve always been paranoid, and with good reason. From Techcrunch:

You’ve got to hand it to Facebook. They certainly know how to do security — not.

Today I was tipped off that there is a major security flaw in the social networking site that, with just a few mouse clicks, enables any user to view the live chats of their ‘friends’. Using what sounds like a simple trick, a user can also access their friends’ latest pending friend-requests and which friends they share in common. That’s a lot of potentially sensitive information.

Unbelievable I thought, until I just tested the exploit for myself.

And guess what? It works.

The irony is that the exploit is enabled by they way that Facebook lets you preview your own privacy settings. In other words, a privacy feature contains a flaw that lets others view private information if they are aware of the exploit.

I know Facebook wants us to share more information and open up, but I’m not sure that this is quite what they had in mind.

Video…

Oooh, I dunno, I wouldn’t put it past them, especially with the current requirements placed ISP’s and social networking companies to provide information to security organisations – how better to datamine friends and associates of someone under suspicion, no warrant required?

, “…in future finding out other people’s secrets is going to involve breaking everyday moral rules”.
Sir David Omand, former Whitehall intelligence and security co-ordinator February 2009

I was having this very conversation with my son yesterday, apropos of Charlie Stross’ article on cloud computing and Steve Jobs’ long term strategy for the development of Apple as a data handler.

My son and his iPhone-toting friends may consider me an old fart for being firmly in the open-source using, roll your own cloud tendency, but being what might be considered a political dissident in a vicious neoliberal society I’ve got good reason to be paranoid. And this from someone who read Cryptonomicon by Neal Stephenson as a teenager and loved it. Now he’s happy just to hand over his data to any old Tomasina, Dick or Harret. Feh, where did I go wrong as a parent?

This latest piece of Facebookery just goes to prove me right and him wrong. Let some corporation have control over my personal details? Not a hope in hell.

Comment of The Day: Redacted Holiday Fun

From The Guardian comments pages –

UpsideDownCakeEater
19 Jun 09, 1:02am (about 6 hours ago)

Seen the claim from the PM and the Speaker when both attended ████████ in █████████ paying £ ███.██ just to watch two █████████. Both claimed £ ████.██ as though they actively took part ?
Shocking.

What’s █████████ ? We might well ask.

If it weren’t for the Daily Telegraph’s uncensored leaks, for all we’d know of it █████████ could have been anything, from a Harrods rocking horse to a box of man-size Pampers to an Agent Provocateur gimp mask.

At least if you’re on holiday and it rains this week there’s no need to be bored; you can always play redaction bingo and insert your own words. All those blacked out spaces leave lots of scope for the imagination and reading censored expenses claims is much more entertaining that way. Holiday fun for all the family!

A Good Day To Bury A DNA Database

police01a

The expenses scandal rolls on and on, and while it may be a disaster for the public’s faith in constitutional government, for New Labour it’s business as usual and every new day of scandal is just another good day for burying bad news.

Home Secretary Jacqui Smith in particular must be chuffed to bits that the politerati’s bogged down in the mire of the expenses scandal; it all not only takes the heat off her personal travails, it lets her get on with dismantling democracy by the back door in decent peace and quiet:

Opposition parties and civil liberty groups united to condemn plans that are being steered through parliament while MPs are distracted by the expenses row.

The Conservatives and the Liberal Democrats claim the government is seeking to make controversial changes to the national DNA database via a “statutory instrument” because it fears losing a vote that would be required if they were introduced by the more conventional method of primary legislation.

A statutory instrument has to be discussed only by a specialist committee which meets for 90 minutes and is usually made up of 16 MPs and a chairman. Critics say the Labour MPs who will dominate the committee will be handpicked by government whips and therefore back the Home Office proposals

How to do things with rules, in a nutshell.

Wounded and weak though he is, Gordon Brown is still PM and intends to stay PM for the foreseeable future; he still wants to get his way and as we already know, bullying is one of his favoured methods of doing so. I’ll bet those MPs will be handpicked – handpicked to be lying awake nights fretting they’ll be found out about something.

I can only hope that because of the unauthorised publication of the unredacted reciepts (with more yet to come) that the whips have lost most of their coercive power over MPs. I can only hope too that enough MPs are roused by this blatant use misuse of procedure to ensure the DNA database isn’t bulldozed through via statutory instrument while there’s no Speaker and Parliament’s in turmoil.

Those are very faint hopes, though. What they’re fretting about nights may not even be expenses at all: milking allowances may be the least of some MPs’ sins. While the latest revelations are certainly juicy and indicative of the unscrupulousness greed of some MPs, not least the whips themselves, not all scandals are financial and the whips probably have plenty of even juicier stuff left to make members sweat with nervousness and suddenly decide to retire ‘because of health problems’.

I wouldn’t be at all surprised to find that publication of the reciepts has enabled whips to join the dots on some very questionable personal behaviour by some MPs. I think MPs will do what they’re told.

We’re Not Having It, Either

noifsnobuts-1

If anyone’s looking for tips on how to move ahead investigating our MPs and their expenses, this old post of mine from 2008 has some good ideas:

I now want the Action Squad to co-ordinate a new drive against the hard core of ‘hard nut’ cases.

That car of theirs? is the tax up to date? Is it insured? Let’s find out.

And have they a TV licence for their plasma screen? As the advert says, ‘it’s all on the database.’

As for their council tax, it shouldn’t be difficult to see if that’s been paid

And what about benefit fraud? Can we run a check?

How could any MP object to such investigation? Those aren’t my words, those are Home Secretary Jacqui Smith’s in a speech by to the 2008 ‘Anti-Social Behaviour: We’re not Having It‘ conference.

Of course she was admitting to using the power of the state to harass individuals because they behave in ways the government disapproves of or finds politically inconvenient, not because they’re committing any crime.

But we’re told that if you have nothing to hide, you’ve nothing to fear, so I’m sure Honourable Members, especially Labour Members , won’t mind such close scrutiny at all.

Is It Balls Or Not?

uncertain

All this week it’s been rumoured in UK political blogdom that the known troughers and married Cabinet Ministers Education Secretary Ed “So what” Balls and Treasury Secretary Yvette Cooper were so worried about public reaction to that greed being exposed that they’d obtained an injunction to stop the publication of their expenses; the implication being that despite the dishonesty that had already been exposed to public disgust, there was an even worse crime Labour’s golden couple were trying to hide. Which of course leads one to ask the inevitable question, “What! Worse than this?”

So have they or haven’t they got an injunction? The press have been remarkably quiet on Balls and Cooper this week, considering their past history, so reports that they’d obtained an injunction haven’t seemed at all unlikely, though impossible to confirm.

Now it’s rumoured they have applied but they haven’t succeeded:

Balls Fails to Prevent Expenses Revelations

News reaches me that Brown protégé Ed Balls has been fighting a rear-guard action to prevent publication of the expenses he and his wife Yvette Cooper have been claiming over the last few years. Rumours have abounded for a while that the Daily Telegraph had a devastating story on the couple but I have been informed that Balls sought a High Court injunction to prevent the Telegraph publishing what it knows.

This morning the High Court rejected Balls’ pleas to cover up his expenses record and I am told that therefore there will be a very damaging story published shortly. Balls has been suggested by some to be Gordon Brown’s preferred successor and if he is damaged goods it will further reflect badly on the Prime Minister’s judgement.

‘News reaches’ him from where? How does a Reading conservative have an inside track on Labour? Has the Councillor a mole in Downing St, or is his source in the High Court, or one of the chambers acting for the couple? If not where are these rumours coming from? Of course it could just be a deep Labour plot, an attempt to nobble Brown’s anointed successor Balls ahead of any leadership battle – hence the propagation of the story in Tory-leaning blogs. You can say virtually anything in a comment thread.

I don’t expect source-revealing. I’m not just nosy (well, I am, OK I admit it), merely trying to pin down whether the injunction story’s true or not. Obviously if the source is a court official, Councillor Willis can’t name names – contempt and all that -but ‘news reaches me’ is just a little fuzzy.

So I reluctantly have to conclude – because I do loathe Cooper and Balls, who personify everything vile about New Labour in one easy to hate package – that at the moment the whole injunction story’s still just a rumour.

Damn. It could have done for them politically for once and all. One can only live in hope.