Category Archives: Internet requires TLS 1.0, 1.1 & 1.2

In order to get to work on my computer, I had to enable TLS 1.0, 1.1, and 1.2 in Internet Explorer, even though I almost never use IE.

I had turned off all three versions of TLS on security grounds. As a result, I kept getting an error message when I tried to log into Box Sync on my computer (“Cannot connect”). help desk’s explanation for the requirement — amazingly — is that SSL 3.0 is not secure so they don’t use it. It’s true there have been issues with SSL 3.0, but TLS, as I understand it, has the same issues plus much worse. [UPDATE: Dan Riley explains why I have it all backwards in the comments.]

On the positive side, I only figured out the source of the problem thanks to efficient and friendly work from ‘Ashley’ at the help desk, so they are doing something right.

Posted in Internet | 3 Comments

A New Online Dating Scam

Bentham’s Gaze:

We identified three types of scams happening on [Chinese dating site] Jiayuan. … Another interesting type of scams that we identified are what we call dates for profit. In this scheme, attractive young ladies are hired by the owners of fancy restaurants. The scam then consists in having the ladies contact people on the dating site, taking them on a date at the restaurant, having the victim pay for the meal, and never arranging a second date. This scam is particularly interesting, because there are good chances that the victim will never realize that he’s been scammed — in fact, he probably had a good time.

Would be a nice tort problem if I taught fraud (and I should).

Spotted via via Schneier on Security: Online Dating Scams.

Posted in Internet, Tort | 3 Comments

Plus Ça Change (ICANN edition)

ICANN staff are trying to sabotage the IANA transition process in order to maintain ICANN’s monopoly over the DNS in perpetuity, reports Milton Mueller in ICANN wants an IANA functions monopoly – will it wreck the transition process to get it?.

This sounds awfully familiar…

Staff shenanigans like this seem to be part of ICANN’s DNA. It’s a real shame.

I don’t write about ICANN anymore, but some relevant past papers include Almost Free: An Analysis of ICANN’s ‘Affirmation of Commitments’, ICANN 2.0: Meet the New Boss, ICANN’s UDRP: Its Causes and (Partial) Cures, Internet Governance: The ICANN Experiment (Or, Three Paradoxes in Search of a Paradigm), and especially Wrong Turn in Cyberspace: Using ICANN to Route Around the APA and the Constitution and the related Form and Substance in Cyberspace.

And then of course there was ICANNWatch.

Posted in ICANN | Leave a comment

Safe Spaces

Police Stations Increasingly Offer Safe Haven For Craigslist Transactions

Now how about having more community spaces designed for Meetups?

Posted in Internet | 3 Comments

Verizon and Turn Caught Cheating on Cookies (UPDATED)

How Verizon and Turn Defeat Browser Privacy Protections

Verizon advertising partner Turn has been caught using Verizon Wireless’s UIDH tracking header to resurrect deleted tracking cookies and share them with dozens of major websites and ad networks, forming a vast web of non-consensual online tracking. Explosive research from Stanford security expert Jonathan Mayer shows that, as we warned in November, Verizon’s UIDH header is being used as an undeletable perma-cookie that makes it impossible for customers to meaningfully control their online privacy.

Mayer’s research, described in ProPublica, shows that advertising network and Verizon partner Turn is using the UIDH header value to re-identify and re-cookie users who have taken careful steps to clear their cookies for privacy purposes. This contradicts standard browser privacy controls, users’ expectations, and Verizon’s own claims that the UIDH header won’t be used to track users because it changes periodically.

This spectacular violation of Verizon users’ privacy—made all the worse because of Verizon’s failure to allow even an opt-out—has already had far-reaching consequences.

For Shame.

UPDATE (1/17/15): Ad Network Turn Will Suspend Zombie Cookie Program. When Will Verizon?

Posted in Internet, Law: Privacy | Leave a comment

Metaphor of the Week

“The kale salad of a perfect response”

— student in my Internet Law class.

The context was why people saying nasty things online have an advantage, one reason being that it takes time to craft the kale salad of a perfect response.

Posted in Internet | Leave a comment

Ello There

I just joined Ello, the ad-free, public-spirited, clean-design alternative to Twitter.

It’s pretty, and I like the spirit of the thing, but I’m not sure yet what I’ll do with it — many of the accounts there seem much more graphics-oriented than I am. Not to mention cooler.

Posted in Internet | Leave a comment