EFF in the News
“Even if we could absolutely be sure that all of the infected Coreflood botnet machines were running the exact code that we reverse-engineered and convinced ourselves that we understood,” said Chris Palmer, technology director for the Electronic Frontier Foundation, “this would still be an extremely sketchy action to take.
rs Technica reports that the proposal, which was presented by the San Francisco Police Department to address an increase in violent incidents in close proximity to the city's clubs, has already met with disapproval from civil liberties groups such as PrivacyActivism, the Electronic Frontier Foundation (which compares the proposed rules to a "police state"), the Privacy Rights Clearinghouse, IP Justice, Beat the Chip, Center for Financial Privacy and Human Rights, Patient Privacy Rights, and the Bill of Rights Defense Committee. T
I’ve really enjoyed the Humble Bundle model — you get a nice bundle of software (productivity apps, games, stuff from indie developers) for a good price, and a chunk of it goes toward causes like the Electronic Frontier Foundation or Child’s Play.
"We are deeply disappointed in the San Francisco Entertainment Commission for considering such troubling, authoritarian, and poorly thought-out rules," warns the Electronic Frontier Foundation, PrivacyActivism, and eight other groups in a letter sent to the Commission.
And while that might be reassuring to some, the Electronic Frontier Foundation, a San Francisco-based digital civil liberties group, isn't backing down.
PrivacyActivism, the Electronic Frontier Foundation, the Privacy Rights Clearinghouse, IP Justice, Beat the Chip, and the Bill of Rights Defense Committee submit these comments in opposition to the proposed rules.
But groups such as the Electronic Frontier Foundation have come out against those rules, saying they would “pose a grave threat to the rights of freedom of association, due process, and privacy” in San Francisco.
GoDaddy was the worst offender, but other CAs were also guilty, said the EFF's Chris Palmer, who warned that the practice aids attackers targeting the mail servers and intranets of huge numbers of companies.
“Although signing 'localhost' is humorous, CAs create real risk when they sign other unqualified names,” Palmer wrote. “What if an attacker were able to receive a CA-signed certificate for names like 'mail' or 'webmail'? Such an attacker would be able to perfectly forge the identity of your organization's webmail server in a 'man-in-the-middle' attack!”
The Electronic Frontier Foundation has published research showing that the SSL certificate system that underpins web security is far from trustworthy.
Some are questioning the social network’s desire to get involved in China now, during what Jillian York of the Electronic Frontier Foundation and Global Voices Online calls “one of the worst online crackdown periods in years.”