Showing posts with label big brother. Show all posts
Showing posts with label big brother. Show all posts

Tuesday, June 26, 2007

Parsing Privacy Policies: Is OpenDNS logging data forever?

OpenDNS is an alternative DNS system. It is a for-profit company which makes most of its money through Google advertisements displayed to users when they enter invalid hostnames.

OpenDNS is the frequent darling of the security press. The very same journalists frequently pummel Google (and rightly so) for their lackluster approach to customer privacy.

Last month, OpenDNS's CEO started throwing dirt at Google for their pretty shameful keyword hijacking advertisement deal with Dell and others.

In a separate matter, Google recently adjusted its logging policy (although not nearly enough), after getting smacked around in a PR dust-up initiated by Privacy International. Given the fact that David Ulevitch and OpenDNS were willing to take such an admirable public stand against Google, I decided to look into OpenDNS's own privacy and logging policies - to see how they themselves fare against the Big G.




The most relevant portions of OpenDNS's privacy policy include:

OpenDNS's DNS service collects non-personally-identifying information such as the date and time of each DNS request and the domain name requested.

OpenDNS also collects potentially personally-identifying information like Internet Protocol (IP) addresses of website visitors and IP addresses from which DNS requests are made. For its DNS services, OpenDNS is storing IP addresses temporarily to monitor and improve our quality of service.

In addition, we may combine non-personally-identifiable information with personally-identifiable information in a manner that enables us to attribute website and DNS service usage to an individual customer's computer or network.

Other than to its employees, contractors and affiliated organizations, as described above, OpenDNS discloses potentially personally-identifying and personally-identifying information only when required to do so by law, court order, or when OpenDNS believes in good faith that disclosure is reasonably necessary to protect the property or rights of OpenDNS, third parties or the public at large.




What does this mean?

OpenDNS is logging information on all DNS requests received by their servers. They log the IP address that initiated each request. Thus, OpenDNS knows and stores the fact that at 11:10PM on Friday the 22nd of June, someone at the network address of some-user-in-washington-dc.comcast.com visited www.thepiratebay.org

OpenDNS logs data on every single unique domain name that you visit. They know that you have visited www.ilikeburritos.com and sometimes.ilikeburritos.com, but they don't have any info on which specific webpages in those domains that you visit. This is still a huge amount of information - more, possibly, than Google knows.

OpenDNS keeps this information for a "temporary," yet undefined period of time. Unlike Google, who promise to anonymize the data after a set period of time, it does not look like OpenDNS makes any attempt to anonymize any of their logs.

It does not look like OpenDNS has any kind of public log deletion policy, and thus they could still be storing log data years after the queries were sent to their servers.

This information could be requested by law enforcement, the RIAA, or an angry spouse in a divorce case. These would all be legal instances in which the courts could compel OpenDNS to reveal data on customers. The only way to avoid having 8 year old DNS requests showing up in a custody dispute would be for OpenDNS to announce and enforce a data logging and log deletion policy.




What can you do?

While OpenDNS is not perfect, they are probably still better than your average mega-corporate ISP. Some ISPs already seem to be selling data on which websites customers visit. Likewise, AT&T has quite thoroughly sold its customers out to the RIAA and MPAA.

Instead, the best thing to do is to write to Dave Ulevitch/OpenDNS (david [at]opendns [dot] com) and ask him to revise/create a data deletion and anonymization policy.

Wednesday, March 07, 2007

Is the Terrorist Surveillance Program exempt from FISA?

Bit by bit, I'm slowly learning to appreciate the law, and I'm learning how to read it. At times, I actually browse SSRN for pleasure...

For those of you who don't know what the Terrorist Surveillance Program is, go read about it elsewhere. It's old news now.

I read a few parts of the FISA statute this evening, and a couple things jumped out at me. Lets look at 50 U.S.C. § 1801 (f).

“Electronic surveillance” means—

(1) the acquisition by an electronic, mechanical, or other surveillance device of the contents of any wire or radio communication sent by or intended to be received by a particular, known United States person who is in the United States, if the contents are acquired by intentionally targeting that United States person, under circumstances in which a person has a reasonable expectation of privacy and a warrant would be required for law enforcement purposes;

(2) the acquisition by an electronic, mechanical, or other surveillance device of the contents of any wire communication to or from a person in the United States, without the consent of any party thereto, if such acquisition occurs in the United States, but does not include the acquisition of those communications of computer trespassers that would be permissible under section 2511 (2)(i) of title 18;


(3) the intentional acquisition by an electronic, mechanical, or other surveillance device of the contents of any radio communication, under circumstances in which a person has a reasonable expectation of privacy and a warrant would be required for law enforcement purposes, and if both the sender and all intended recipients are located within the United States;

From my reading of these 3 parts of section (f), it would seem like:

If the US governement/NSA performs a wiretap in international waters (i.e. splices the undersea fiber-optic cable or copies the satellite signal in space), does so on a wholesale basis (i.e. captures every single communication on that wire, and isn't attempting to target a particular citizen), and does it only for communications where one party is outside the USA, that they would be exempt from FISA.

I'm still rather new to the law here, but this seems like a fairly obvious loophole.

Am I missing something here?

Monday, February 19, 2007

ID rules inna Babylon: A police confrontation at DCA Airport

I have documented (at length) past successful attempts to fly without ID. In particular, on Northwest Airlines, it is possible to fly without ever showing a single piece of ID - whereas Continental, and American have required me to show 'some' form of ID - which included a prepaid credit card and my membership card to the local organic co-op supermarket. All of my previous experiences were based on the technique of claiming that I had forgotten/lost my ID. This was based on my very first experience last year, where a Northwest Airlines supervisor told me that the airline had easy procedures when passengers had lost their ID, and that if I instead tried to assert my right to not show ID, that I would just confuse their staff.

Flying without ID through the claim of a forgotten ID has gotten slightly stale - plus, I don't want to have to misrepresent myself. I would much rather be 100% honest, and tell them that I have an ID in my bag - but do not wish to show ID, and am asserting my rights.

Today, I tried to do just that - with TSA.

I printed out my boarding pass from one of the self-service terminals, told a NWA employee that I had forgotten my ID, and she wrote "No ID" on my boarding pass in a red ink marker without asking a single question. No problem.

I told the rent-a-cop checking ID's that I didn't have one, pointed to my specially marked boarding pass, and she, without batting an eyelid, sent me down the right hand lane at the security checkpoint - which is the one lane that leads to a puffer machine.

I declined to go through the puffer machine... Not a major problem - a supervisor had to come over - and once I told him that I wasn't legally required to go through the machine, he let me opt for a pat down instead.

Once the TSA guys started searching my bags, and wiping swabs against my possessions for chemical analysis - I started chatting with the agents. I told them I was used to the process, and that I habitually fly without any ID. They asked why, and I told them that I was asserting my right to fly without any ID - as documented by the Appeals Court.

It was at this point that things got interesting.

They notified their supervisor, who told me that if I wasn't willing to show them any ID, that they would have to bring in a law enforcement officer. She made it a point to mention that I could miss my flight due to this delay. No problem I said.

A Police Sergeant, Sonya Westbrook, with the Metro. Washington Airports Authority came over to chat. I politely explained that there was no law stating that passengers were obligated to show any ID to fly. I explained that I had happily submitted myself to a vigorous secondary search - which included a pat-down of my person and the hand search of my carry on bags.

Officer Westbrook told me that I had to show her ID. I asked her to confirm that she was compelling me to show my ID, and she agreed, and said that I had to show it.

I read the Hibel case in a privacy law class 2 years ago, and while the Supreme Court didn't do the most fantastic job of answering the question in the case (Court rules that you must tell a police officer your name, but the officer in the case actually asked Mr Hibel for his ID). In any case, the case was close enough to this situation that I pulled out my drivers licence, and showed an ID to Officer Westbrook.

She then called my drivers license number in on her radio, and ran some kind of criminal check against me, after again asserting that the law stated that I had to show ID to fly.

Jim Leonard, the TSA Security Manager at the checkpoint was also present (as well as some other unnamed TSA person in a suit) - who stated that he was filing an incident, and had one of his staff write down my license info, as well as the info from my boarding pass.

After all this was over, they let me board my fight.

This was a pretty unpleasant experience. Everything I have read thus far seems to suggest that you have the right to fly without ID. My past experiences have clearly demonstrated that if you claim to not have ID (something which any would-be terrorist can claim) - one should be able to board a flight without any problems.. However, if one attempts to tell the truth, and assert their rights, one can be met with threats and bullying from law enforcement and TSA.

I'll be writing to Officer Westbrook to ask her to cite the specific law which states that I have to show ID at the airport. I'll be interested to see how she responds.