Skip to main content
 
SEC

Security News

Security is a team sport. When communities learn good digital security practices together, what they learn is more likely to stick. It's also more effective – for example, there's little point in using encrypted communications if none of your friends use it.

Security News is an archive of curated EFF Deeplinks posts for trainers, technologists, and educators who teach digital security.

Issues that we track here include: country-specific policy updates on security and privacy, updates on malware and vulnerabilities, discussions on encryption and privacy-protecting tools, updates on surveillance (corporate surveillance, street-level surveillance, and mass surveillance), device searches by law and border enforcement, tracking via devices, and general digital security tips.

House Fails to Protect Americans from Unconstitutional NSA Surveillance

Nsa eagle 2

UPDATE, January 12, 2018: The Senate could vote Tuesday on a disastrous NSA surveillance extension bill that violates the Fourth Amendment. Click the link at the bottom of the page to email your Senator today and tell them to oppose bill S. 139.

The House of Representatives cast a deeply disappointing vote today to extend NSA spying powers for the next six years by a 256-164 margin. In a related vote, the House also failed to adopt meaningful reforms on how the government...

Read More

Groups Line Up For Meaningful NSA Surveillance Reform

702 og

Multiple nonprofit organizations and policy think tanks, and one company have recently joined ranks to limit broad NSA surveillance. Though our groups work for many causes— freedom of the press, shared software development, universal access to knowledge, equal justice for all—our voices are responding to the same threat: the possible expansion of Section 702 of the FISA Amendments Act.

On January 5, the Rules Committee for the House of Representatives introduced S. 139. The...

Read More

Supreme Court Won’t Hear Key Surveillance Case

702 og 1

The Supreme Court announced today that it will not review a lower court’s ruling in United States v. Mohamud, which upheld warrantless surveillance of an American citizen under Section 702 of the Foreign Intelligence Surveillance Act. EFF had urged the Court to take up Mohamud because this surveillance violates core Fourth Amendment protections. The Supreme Court’s refusal to get involved here is disappointing.

Using Section 702, the government warrantlessly collects...

Read More

How to Assess a Vendor's Data Security

Icon security 2

Perhaps you’re an office manager tasked with setting up a new email system for your nonprofit, or maybe you’re a legal secretary for a small firm and you’ve been asked to choose an app for scanning sensitive documents: you might be wondering how you can even begin to assess a tool as “safe enough to use.” This post will help you think about how to approach the problem and select the right vendor.

If the company can’t or won’t answer these questions, they are...

Read More

New CBP Border Device Search Policy Still Permits Unconstitutional Searches

Border search 1 0

U.S. Customs and Border Protection (CBP) issued a new policy on border searches of electronic devices that's full of loopholes and vague language and that continues to allow agents to violate travelers’ constitutional rights. Although the new policy contains a few improvements over rules first published nine years ago, overall it doesn’t go nearly far enough to protect the privacy of innocent travelers or to recognize how exceptionally intrusive electronic device searches are.

... Read More

Tipping the Scales on HTTPS: 2017 in Review

The movement to encrypt the web reached milestone after milestone in 2017. The web is in the middle of a massive change from non-secure HTTP to the more secure, encrypted HTTPS protocol. All web servers use one of these two protocols to get web pages from the server to your browser. HTTP has serious problems that make it vulnerable to eavesdropping and content hijacking. By adding Transport Layer Security (or TLS, a prior version of which was known as Secure Sockets Layer or SSL) HTTPS...

Read More

Communities from Coast to Coast Fight for Control Over Police Surveillance: 2017 in Review

Og sls 1

Americans in 2017 lived under a threat of constant surveillance, both online and offline. While the battle to curtail unaccountable and unconstitutional NSA surveillance continued this year with only limited opportunities appearing in Congress, the struggle to secure community control over surveillance by local police has made dramatic and expanding strides across the country at the local level.

In July, Seattle passed a law making it the nation’s second jurisdiction to require law...

Read More

Seven Times Journalists Were Censored: 2017 in Review

Icon free speech 1 0

Social media platforms have developed into incredibly useful resources for professional and citizen journalists, and have allowed people to learn about and read stories that may never have been published in traditional media. Sharing on just one of a few large platforms like Facebook, Twitter, and YouTube may mean the difference between a story being read by a few hundred versus tens of thousands of people.

Unfortunately, these same platforms have taken on the role of censor. They...

Read More

The Worst Law in Technology Strikes Again: 2017 in Review

The latest on the Computer Fraud and Abuse Act? It’s still terrible. And this year, the detrimental impacts of the notoriously vague and outdated criminal computer crime statute showed themselves loud and clear. The statute lies at the heart of the Equifax breach, which might have been averted if our laws didn’t criminalize security research. And it’s at the center of a court case pending in the Ninth Circuit Court of Appeals, hiQ v. LinkedIn, which threatens a hallmark of today’s...

Read More

Court Challenges to NSA Surveillance: 2017 in Review

Nsa eagle 2

One of the government’s most powerful surveillance tools is scheduled to sunset in less than three weeks, and, for months, EFF has fought multiple legislative attempts to either extend or expand the NSA’s spying powers—warning the public, Representatives, and Senators about circling bills that threaten Americans’ privacy. But the frenetic, deadline-pressure environment on Capitol Hill betrays the slow, years-long progress that EFF has made elsewhere: the courts.

2017 was a year for...

Read More

The Supreme Court Finally Takes on Law Enforcement Access to Cell Phone Location Data: 2017 in Review

Protecting the highly personal location data stored on or generated by digital devices is one of the 21st century’s most important privacy issues. In 2017, the Supreme Court finally took on the question of how law enforcement can get ahold of this sensitive information.

Whenever you use a cell phone, whether to make calls, send or receive texts, or browse the Internet, your phone automatically generates “cell site location information” (CSLI) through its interactions with cell...

Read More

Nation-State Hacking: 2017 in Review

If 2016 was the year government hacking went mainstream, 2017 is the year government hacking played the Super Bowl halftime show. It's not Fancy Bear and Cozy Bear making headlines. This week, the Trump administration publicly attributed the WannaCry ransomware attack to the Lazarus Group, which allegedly works on behalf of the North Korean government. As a Presidential candidate, Donald Trump famously dismissed allegations that the Russian government broke into email accounts belonging...

Read More

Keeping Copyright Site-Blocking At Bay: 2017 In Review

In 2017, major entertainment companies continued their quest for power to edit the Internet by blocking entire websites for copyright enforcement—and we’ve continued to push back.

Website blocking is a particularly worrisome form of enforcement because it’s a blunt instrument, always likely to censor more speech than necessary. Co-opting the Internet’s domain name system (DNS) as a tool for website blocking also threatens the stability of the Internet by inviting ever more special...

Read More

A Grim Year for Imprisoned Technologists: 2017 In Review

The world is taking an increasingly dim view of the misuses of technology and those who made their names (and fortunes) from them. In 2017, Silicon Valley companies were caught up in a ongoing trainwreck of scandals: biased algorithms, propaganda botnets, and extremist online organizing have dominated the media's headlines.

But in less-reported-on corners of the world, concerns about technology are being warped to hurt innocent coders, writers and human rights defenders. Since its...

Read More

A Grim Year for Imprisoned Technologists: 2017 In Review

The world is taking an increasingly dim view of the misuses of technology and those who made their names (and fortunes) from them. In 2017, Silicon Valley companies were caught up in a ongoing trainwreck of scandals: biased algorithms, propaganda botnets, and extremist online organizing have dominated the media's headlines.

But in less-reported-on corners of the world, concerns about technology are being warped to hurt innocent coders, writers and human rights defenders. Since its...

Read More

Protecting Immigrants from High Tech Surveillance: 2017 in Review

Sls header plain

In 2017, the federal government surged its high tech snooping on immigrants and foreign visitors, including expanded use of social media surveillance, biometric screening, and data mining. In response, EFF ramped up its advocacy for the digital rights of immigrants. 

Social Media Surveillance 

EFF resisted government programs to collect, store, and analyze the publicly available social media information of immigrants and visitors. These programs threaten the digital expression and...

Read More

Security Education in Uncertain Times: 2017 in Review

Sec og

From the time Donald Trump became president-elect in November 2016 and through 2017, EFF was flooded by requests for digital security workshops. They poured in from all over the country: educational nonprofits, legal groups, libraries, activist networks, newsrooms, scientist groups, religious organizations. There are a few reasons for this rise in digital security training requests. Certainly, the 2016 election made a lot of communities rethink their relationships with the U.S....

Read More

Beating Back the Rise of Law Enforcement’s Digital Surveillance of Protestors: 2017 in Review

In 2017, we’ve seen a dramatic rise in the number of high-profile cases where law enforcement has deployed digital surveillance techniques against political activists. From the arrest and prosecution of hundreds of January 20, 2017 Inauguration Day (J20) protestors to the systematic targeting, surveilling and infiltration of Water Protectors in Standing Rock, North Dakota, and the Black Lives Matter Movement over social media, law enforcement and private security firms have taken...

Read More

Surveillance Battles: 2017 in Review

Nsa eagle 2

If you’ve been following EFF’s work, you’ll know that we’ve been fighting against the creeping surveillance state for over 20 years. Often, this means pushing back against the National Security Agency’s dragnet surveillance programs, but as new technology becomes available, new threats emerge.

Here are some of the biggest legislative fights we had in 2017.

FISA Section 702

Section 702 is a surveillance authority that is part of the FISA Amendments Act of 2008. It was...

Read More

Urgent: We Only Have Hours Left to Stop the NSA Expansion Bill

According to reports published Tuesday evening by Politico, a group of surveillance hawks  in the House of Representatives is trying to ram through a bill that would extend mass surveillance by the National Security Agency. We expect a vote to happen on the House floor as early as tomorrow, which means there are only a few hours to rally opposition.  

The backers of this bill are attempting to rush a vote on a bill that we’ve criticized for failing to secure Americans’ privacy. If...

Read More

How to Talk to Your Family About Digital Security

Sec holiday og

You and your family are sipping hot cocoa, gathered around the [holiday object of your choice], and your family member suddenly asks: “Can you help me with my [insert device here]?”

They need a question answered about their computer, phone, tablet, video game console, or internet-connected device. Maybe they have related questions about their online accounts.

Or maybe there is a teenager or college student in your family that posts intensely personal information online, and...

Read More

Stop the Newest Border Screening Bill

Biometrics 0

Biometric screening, surveillance drones, social media snooping, license plate readers—all this and more would be required by new federal legislation to expand high-tech spying on U.S. citizens and immigrants alike at and near the U.S. border.

Sen. Charles Grassley (R-IA) introduced “the SECURE Act” (S. 2192) on December 5. It borrows liberally from two other federal bills—H.R. 3548 and S. 1757—that EFF opposed earlier this year. Those bills were respectively introduced by Rep....

Read More

Team Internet Is Far From Done: What’s Next For Net Neutrality and How You Can Help

Neutrality cat 2

Defying the facts, the law, and the will of millions of Americans, the Federal Communications Commission has voted to repeal net neutrality protections. It’s difficult to understate how radical the FCC’s decision was.

The Internet has operated under formal and informal net neutrality principles for years. For the first time, the FCC has not only abdicated its role in enforcing those principles, it has rejected them altogether.

Here’s the good news: the fight is far from...

Read More

Don’t Reauthorize NSA Spying in a Must-Pass Funding Bill

Nsa eagle 2

The next two weeks will be a flurry of activity in Congress. Before they can leave for the holidays, our government must—at minimum—pass at least one bill to keep the government running and also decide what to do about a controversial NSA spying authority called Section 702. Some legislators want to reauthorize Section 702, without meaningful reform, by attaching it to must-pass spending legislation. This is a terrible idea. The legislative process surrounding Section 702 already lacks...

Read More

FISC Assurances on Spying Leave Too Many Questions Unanswered

Nsa eagle 2

Last week, FBI Director Christopher Wray faced questions from the House Judiciary Committee about how his department is implementing one of the government’s most powerful surveillance tools. Despite repeated bipartisan requests, Director Wray refused to tell the Members of the Committee how many Americans have been impacted by Section 702, enacted as part of the FISA Amendments Act. This isn’t the first time the FBI has refused to answer to Congress.

EFF has long held that Section...

Read More