EFF in the News
The EFF has issued a report that's gaining some attention in the media. It exposes the bad habit of issuing SSL certificates to unqualified domains. In the process of revealing this issue, some focus has also been given to the discovery of incorrectly assigned EV SSL certificates.
Internet certificate authorities are creating security risks for everyone by signing off on unqualified domain names - thousands of them - according to Chris Palmer, technology director of the Electronic Frontier Foundation.
Late last month, the American Civil Liberties Union (ACLU) and Electronic Frontier Foundation (EFF) filed objections to the United States Government's 'secret' attempts to obtain Twitter account information relating to WikiLeaks.
Chris Palmer wrote a blog on Tuesday outlining work the EFF had done analyzing the quantity of certificates that were signed and trusted by all of our browsers that were technically invalid and could be used for fraud.
One of the mistakes that has a lot of potential of being misused by malicious individuals has been pointed out by EFF's Technology Director Chris Palmer in a recent blog post.
The Electronic Frontier Foundation, an online civil liberties group, has explored the Internet in an attempt to map this nebulous system. As of December, 676 organizations were signing certificates, it found. Other security experts suspect that the scan missed many and that the number is much higher.
But the Electronic Frontier Foundation’s brief describes a range of examples in which fear of unpredictable and potentially large damages has hampered “reasonable and prudent experimentation with copyrighted material, especially in the digital environment.”
In an email, Corynne McSherry, the intellectual property director at the EFF, wrote that the filing is “the crucial first step” necessary to (as one Facebook page puts it) “Take Back Urban Home-Steading(s).” Why the awkward spelling? Because, Facebook users can’t say “urban homesteading” either.
For more we go to Mark Rumold, Legal Fellow with the Electronic Frontier Foundation, who’ve investigated the use of these expiring provisions and say they’ve uncovered possible abuses of the law.
The Electronic Frontier Foundation is working to make it harder for police officers to search your smartphone if you're arrested. The foundation recently filed a brief with the Oregon Supreme Court in a case where police arrested a man and then searched his cellphone without a warrant, according to the foundation. The police argue they didn't need a warrant, an argument the foundation rejects.
"If courts give police the freedom to rummage through the cellphones of anyone they arrest, then the constitutional protection of the warrant process is meaningless," Marcia Hofmann, a senior staff attorney at the foundation, said in a statement.