Security News

The world is taking an increasingly dim view of the misuses of technology and those who made their names (and fortunes) from them. In 2017, Silicon Valley companies were caught up in a ongoing trainwreck of scandals: biased algorithms, propaganda botnets, and extremist online organizing have dominated the media's headlines.

But in less-reported-on corners of the world, concerns about technology are being warped to hurt innocent coders, writers and human rights defenders. Since its...

The world is taking an increasingly dim view of the misuses of technology and those who made their names (and fortunes) from them. In 2017, Silicon Valley companies were caught up in a ongoing trainwreck of scandals: biased algorithms, propaganda botnets, and extremist online organizing have dominated the media's headlines.

But in less-reported-on corners of the world, concerns about technology are being warped to hurt innocent coders, writers and human rights defenders. Since its...

In 2017, the federal government surged its high tech snooping on immigrants and foreign visitors, including expanded use of social media surveillance, biometric screening, and data mining. In response, EFF ramped up its advocacy for the digital rights of immigrants. 

EFF resisted government programs to collect, store, and analyze the publicly available social media information of immigrants and visitors. These programs threaten the digital expression and...

From the time Donald Trump became president-elect in November 2016 and through 2017, EFF was flooded by requests for digital security workshops. They poured in from all over the country: educational nonprofits, legal groups, libraries, activist networks, newsrooms, scientist groups, religious organizations. There are a few reasons for this rise in digital security training requests. Certainly, the 2016 election made a lot of communities rethink their relationships with the U.S....

In 2017, we’ve seen a dramatic rise in the number of high-profile cases where law enforcement has deployed digital surveillance techniques against political activists. From the arrest and prosecution of hundreds of January 20, 2017 Inauguration Day (J20) protestors to the systematic targeting, surveilling and infiltration of Water Protectors in Standing Rock, North Dakota, and the Black Lives Matter Movement over social media, law enforcement and private security firms have taken...

If you’ve been following EFF’s work, you’ll know that we’ve been fighting against the creeping surveillance state for over 20 years. Often, this means pushing back against the National Security Agency’s dragnet surveillance programs, but as new technology becomes available, new threats emerge.

Here are some of the biggest legislative fights we had in 2017.

Section 702 is a surveillance authority that is part of the FISA Amendments Act of 2008. It...

According to reports published Tuesday evening by Politico, a group of surveillance hawks  in the House of Representatives is trying to ram through a bill that would extend mass surveillance by the National Security Agency. We expect a vote to happen on the House floor as early as tomorrow, which means there are only a few hours to rally opposition.  

The backers of this bill are attempting to rush a vote on a bill that we’ve criticized for failing to secure Americans’ privacy. If...

You and your family are sipping hot cocoa, gathered around the [holiday object of your choice], and your family member suddenly asks: “Can you help me with my [insert device here]?”

They need a question answered about their computer, phone, tablet, video game console, or internet-connected device. Maybe they have related questions about their online accounts.

Or maybe there is a teenager or college student in your family that posts intensely personal information online, and...

Biometric screening, surveillance drones, social media snooping, license plate readers—all this and more would be required by new federal legislation to expand high-tech spying on U.S. citizens and immigrants alike at and near the U.S. border.

Sen. Charles Grassley (R-IA) introduced “the SECURE Act” (S. 2192) on December 5. It borrows liberally from two other federal bills—H.R. 3548 and S. 1757—that EFF opposed earlier this year. Those bills were respectively introduced by Rep....

Defying the facts, the law, and the will of millions of Americans, the Federal Communications Commission has voted to repeal net neutrality protections. It’s difficult to understate how radical the FCC’s decision was.

The Internet has operated under formal and informal net neutrality principles for years. For the first time, the FCC has not only abdicated its role in enforcing those principles, it has rejected them altogether.

Here’s the good news: the fight is far from...

The next two weeks will be a flurry of activity in Congress. Before they can leave for the holidays, our government must—at minimum—pass at least one bill to keep the government running and also decide what to do about a controversial NSA spying authority called Section 702. Some legislators want to reauthorize Section 702, without meaningful reform, by attaching it to must-pass spending legislation. This is a terrible idea. The legislative process surrounding Section 702 already lacks...

Last week, FBI Director Christopher Wray faced questions from the House Judiciary Committee about how his department is implementing one of the government’s most powerful surveillance tools. Despite repeated bipartisan requests, Director Wray refused to tell the Members of the Committee how many Americans have been impacted by Section 702, enacted as part of the FISA Amendments Act. This isn’t the first time the FBI has refused to answer to Congress.

EFF has long held that Section...

Last week, FBI Director Christopher Wray faced questions from the House Judiciary Committee about how his department is implementing one of the government’s most powerful surveillance tools. Despite repeated bipartisan requests, Director Wray refused to tell the Members of the Committee how many Americans have been impacted by Section 702, enacted as part of the FISA Amendments Act. This isn’t the first time the FBI has refused to answer to Congress.

EFF has long held that Section...

One of the most pernicious forms of censorship in modern America is the abuse of the court system by corporations and wealthy individuals to harass, intimidate, and silence their critics.

We use the term “Strategic Lawsuit Against Public Participation,” more commonly known as a “SLAPP,” to describe this phenomenon.  With a SLAPP, a malicious party will file a lawsuit against a person whose speech is clearly protected by the First Amendment. The strategy isn’t to win on the legal...

Millions of users are trying to protect their privacy from commercial tracking online, be it through their choice of browser, installation of ad and tracker blocking extensions, or use of a Virtual Private Network (VPN). This guide focuses on how to correctly configure the blocking extension in your browser to ensure that it's giving you the privacy you expect. We believe that tools work best when you don't have to go under the hood. While there is software which meets that criteria (and...

Today we’re launching a new version of Panopticlick, an EFF site which audits your browser privacy protection. Conceived to raise awareness about the threat of device fingerprinting, Panopticlick was extended in December 2015 to check for protection against tracking by ads and invisible beacons. This new update adds a test for trackers whitelisted by the so-called "Acceptable Ads" initiative. Acceptable Ads is a program involving the popular adblockers Adblock Plus and Adblock, whereby...

President Trump’s nominee to be Commissioner of U.S. Customs and Border Protection (CBP), Kevin McAleenan, revealed during his confirmation process how the agency implements its new policy not to access cloud content during border searches of digital devices.

In response to written questions for the record submitted by Sen. Ron Wyden (D-OR) and other members of the Senate Finance Committee, McAleenan explained that in accordance with CBP’s new policy to access only...

Do your friends and family rope you into providing tech support when you're home for the holidays? Use this opportunity to be a digital security hero and rescue your family from tracking cookies, unencrypted disks, insecure chats, and recycled passwords.

Check out EFF’s Security Education Companion for ideas and inspiration. And remember: People learn by doing! Encourage friends and family members to walk through new security concepts and tools with you, and avoid the pitfalls of...

The need for robust personal digital security is growing every day. From grassroots groups to civil society organizations to individual EFF members, people from across our community are voicing a need for accessible security education materials to share with their friends, neighbors, and colleagues.

We are thrilled to help. Today, EFF has launched the Security Education Companion, a new resource for people who would like to help their communities learn about digital security but...

Fundación Karisma in cooperation with EFF has released its third-annual ¿Dónde Estan Mis Datos? report, the Colombian version of EFF’s Who Has Your Back. And this year’s report has some good news.   According to the Colombian Ministry of Information and Communication Technologies, broadband Internet penetration in Colombia is well over 50% and growing fast. Like users around the world, Colombians put their most private data, including their online relationships, political, artistic and...

Fundación Karisma in cooperation with EFF has released its third-annual ¿Dónde Estan Mis Datos? report, the Colombian version of EFF’s Who Has Your Back. And this year’s report has some good news.   According to the Colombian Ministry of Information and Communication Technologies, broadband Internet penetration in Colombia is well over 50% and growing fast. Like users around the world, Colombians put their most private data, including their online relationships, political, artistic and...

Step onto any city street and you may find yourself subject to numerous forms of police surveillance—many imperceptible to the human eye.

A cruiser equipped with automated license plate readers (also known as ALPRs) may have just logged where you parked your car. A cell-site simulator may be capturing your cell-phone data incidentally while detectives track a suspect nearby. That speck in the sky may be a drone capturing video of your commute. Police might use face recognition...

Today we are releasing the implementation guide for EFF’s Do Not Track (DNT) policy. For years users have been able to set a Do Not Track signal in their browser, but there has been little guidance for websites as to how to honor that request. EFF’s DNT policy sets out a meaningful response for servers to follow, and this guide provides details about how to apply it in practice.

At its core, DNT protects user privacy by excluding the use of unique identifiers for cross-site...

Keeping Your Site Alive, our guide for keeping your site online amidst a DoS (denial of service) or DDoS (distributed denial of service) attack, now  has a new look and new advice. The guide, originally created and updated in conjunction with the Tactical Technology Collective, is aimed at human rights defenders, independent publications, and other administrators of small websites.

DDoS attacks are a common phenomena, used by a variety of actors, designed to temporarily or...

This week security researchers announced a newly discovered vulnerability dubbed KRACK, which affects several common security protocols for Wi-Fi, including WPA (Wireless Protected Access) and WPA2. This is a bad vulnerability in that it likely affects billions of devices, many of which are hard to patch and will remain vulnerable for a long time. Yet in light of the sometimes overblown media coverage, it’s important to keep the impact of KRACK in perspective: KRACK does not...