Blogger, activist pals answer Anons' CISPA website blackout call Almost 400 websites around the world have shut down services as part of a protest against new US cybersecurity laws. The blackout was organised by hacktivist collective Anonymous in protest against the Cyber Intelligence Sharing and Protection Act (CISPA) - in a similar way to the Stop Online Piracy Act (SOPA) blackout last …
"An amendment to the law which would ban employers asking their minions to hand over Facebook or Twitter passwords has already been blocked"
anyone who *did* hand over their details would be breaching Facebook/Twitters T&Cs.
Anyone any idea what the UK position would be here, if a candidate declined to provide these details ?
It almost certainly breaches all kinds of laws in the UK, from contract (the one you sign with the provider), to employment, to prejudice, and right through data protection and human rights.
Fact is it's pretty much illegal to judge a candidate on anything other than their references and how they come across in an interview/testing and any evidence of work/education they provide. (And the whole ecrb/crb/security stuff.)
Fact is if you look at my facebook and then go "we're not recruiting you because of blah on your face book" I can just claim that the real reason you aren't recruiting me is because I happen to have too many black friends.
"It almost certainly breaches all kinds of laws in the UK....." Only if your Ts & Cs don't include phrases like "and I give Company X's representative permission to monitor my use of social media sites".....
Besides, you are a representative of your company, so what you post on social media can reflect badly on the company or your career prospects. For instance, if you are applying for a job with an investment bank, they would be very interested if your blog reads like the Rosa Luxembourg Appreciation Society as it points out that you are unlikely to be the type of employee they are looking for if not an outright security threat. If you are employed by a company and are stupid enough to have a blog or social media content acknowledging your company role but then also making controversial remarks then you will probably be censured or fired regardless of this new law.
The skiddies blacked out the sites the skiddies visit, sites which the ordinary public (and all those Senators) probably never even knew existed, and expect that to demonstrate what, that they are so far out of touch with Joe Public they make the Senators look street smart?
What's bad about this is that it has the potential to affect people well outside the borders of the US.
Take the mobile phone companies in the UK. I know I'm repeating myself here, but at one point both 3UK and Vodafone were using the services provided by Bluecoat. This entailed them sending all URLs being visited by their customers to Bluecoat, whereupon Bluecoat would then attempt to access the same page. Apparently this was all part of the filtering product they offer - the one downside to that being that it just didn't work the moment you started visiting pages protected by SSL (and the less said about redirecting known Bluecoat IP addresses or deny them access entirely with a few simple lines added to the .htaccess file the better).
In any case a US company both based in the US and subject to US law would at that point have a complete browsing history where non-SSL protected traffic of UK based users is concerned and would be able to hand over personal information even more easily and with fewer checks than before.
Oh, and in case other readers here have forgotten there are a number of UK.gov websites - including the ICO - that use Google Analytics from Google's own servers.
Every time you go to a website which uses Google fonts in its layout (which is, as far as I can tell, almost any Wordpress site to start with) you create a hit on the Google fonts API. If you want to prevent that you'll be looking at a screwed design.
Google is dangerous. They are much, much smarter than you're average intercept agency.
Do you really want the Government to know when you access pr0n sites?
For Future Tailored Supply from Super Popular Common Stock Aces in Humanity, why not? Otherwise is porn somewhere to stumble around virtually lost in the Pleasures of Passion and Insatiable Lusts :-)
Just Two Sticky Sweet Serpents of Desire that Actuate Miraculous Movements ..... in Programs of Pogrom and Renaissance towards Singularities/Temporary Temporally Ordered States in Grand Mastery?
And that Question to the White House for a Hot HyperRadioProActive ReBounding Shot?
Hi, Barack and Michelle, ... the Register says Hi. Wanna Play Deep Virtual Reality for Realisation of Physicals/MetaDataBaseMorphs and Future Events and Spectacular Private Pirate Party Adventures ..... Discrete and Sweet Milk and Sticky Honey Suckling Trips.
And I suppose now that question is viable of anybody to answer with competence and confidence to further add to Greater IntelAIgent Games Sharing of Virtual Reality Assets ...... Intellectual Source Property.
You might like to ask if there's a postmodern Bletchley Boffinry being kept at Bay and in Special Reserve for Blighting Systems which prove themselves to be Unfit for Future Great Games Services. Although who to ask for a sensible knowledgeable answer on that utility is quite another question to struggle with, if kept in ignorance of all facts and/or fictions.
I have said this before, but will say it again: These people will continue their relentless assaults on our privacy and freedom as long as it comes at no cost to them. We need to make the assault itself costly to them. They need to be put on notice that we are taking names and the penalty for assaults on the commons is to be, at the very least, disbarred from the commons.
People entering the Internet to entrap netizens or otherwise do them harm should be stopped at the doors.
It is possible, if we have the will, to use cryptographic techniques to create a new cyberspace where hostile agents of all stripes are effectively barred from entry.
We cannot seal everything up, so we also need to put into place laws that see evidence tainted by improperly obtained information as 'fruit of the poison tree'. As long as incentives outweigh costs, we will always be under attack.
Make no mistake, it is *you*, dear reader, that is under attack. You may feel that you are safe because you don't do anything wrong. Think again. The United States willingness to indulge in 'ex post facto' laws makes you vulnerable no matter how innocent you feel you may be. Your actual innocence is irrelevant. These days, accusation is becoming equivalent to guilt.
"I have said this before, but will say it again: These people will continue their relentless assaults on our privacy and freedom as long as it comes at no cost to them. We need to make the assault itself costly to them. They need to be put on notice that we are taking names and the penalty for assaults on the commons is to be, at the very least, disbarred from the commons."
Err... Are you talking about Anonymous or the politicians? Or both?
They need to be put on notice that we are taking names and the penalty for assaults on the commons is to be, at the very least, disbarred from the commons.
And who is going to do that? You? Bwahahaha. Sorry to break it to you, but you're classed as at most a temporary nuisance. The reality is that we have already lost control.
I'd use this as an intelligence test. Ask somewhere on the application form "please list any active FB/Twitter/Google accounts and passwords"
If the candidate does anything other than leave this blank or write "not applicable", the form gets rejected.
The problem is that there are a lot of desperate for work people who would hand this information over for the chance of a job.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
