Since Edward Snowden exposed the extent of online surveillance by the U.S. government, there has been a surge of initiatives to protect users’ privacy.

But it hasn’t taken long for one of these efforts — a project to equip local libraries with technology supporting anonymous Internet surfing — to run up against opposition from law enforcement.

In July, the Kilton Public Library in Lebanon, New Hampshire, was the first library in the country to become part of the anonymous Web surfing service Tor. The library allowed Tor users around the world to bounce their Internet traffic through the library, thus masking users’ locations.

Soon after state authorities received an email about it from an agent at the Department of Homeland Security.

“The Department of Homeland Security got in touch with our Police Department,” said Sean Fleming, the library director of the Lebanon Public Libraries.

After a meeting at which local police and city officials discussed how Tor could be exploited by criminals, the library pulled the plug on the project.

“Right now we’re on pause,” said Fleming. “We really weren’t anticipating that there would be any controversy at all.”

He said that the library board of trustees will vote on whether to turn the service back on at its meeting on Sept. 15.

Used in repressive regimes by dissidents and journalists, Tor is considered a crucial tool for freedom of expression and counts the State Department among its top donors. But Tor has been a thorn in the side of law enforcement; National Security Agency documents made public by Snowden have revealed the agency’s frustration that it could only identify a “very small fraction” of Tor users.

The idea to install Tor services in libraries emerged from Boston librarian Alison Macrina’s Library Freedom Project, which aims to teach libraries how to “protect patrons’ rights to explore new ideas, no matter how controversial or subversive, unfettered by the pernicious effects of online surveillance.” (The Library Freedom Project is funded by Knight Foundation, which also provides funding to ProPublica.)

After Macrina conducted a privacy training session at the Kilton library in May, she talked to the librarian about also setting up a Tor relay, the mechanism by which users across the Internet can hide their identity.

The library board of trustees unanimously approved the plan at its meeting in June, and the relay was set up in July. But after ArsTechnica wrote about the pilot project and Macrina’s plan to install Tor relays in libraries across the nation, law enforcement got involved.

A special agent in a Boston DHS office forwarded the article to the New Hampshire police, who forwarded it to a sergeant at the Lebanon Police Department.

DHS spokesman Shawn Neudauer said the agent was simply providing “visibility/situational awareness,” and did not have any direct contact with the Lebanon police or library. “The use of a Tor browser is not, in [or] of itself, illegal and there are legitimate purposes for its use,” Neudauer said, “However, the protections that Tor offers can be attractive to criminal enterprises or actors and HSI [Homeland Security Investigations] will continue to pursue those individuals who seek to use the anonymizing technology to further their illicit activity.”

When the DHS inquiry was brought to his attention, Lt. Matthew Isham of the Lebanon Police Department was concerned. “For all the good that a Tor may allow as far as speech, there is also the criminal side that would take advantage of that as well,” Isham said. “We felt we needed to make the city aware of it.”

Deputy City Manager Paula Maville said that when she learned about Tor at the meeting with the police and the librarians, she was concerned about the service’s association with criminal activities such as pornography and drug trafficking. “That is a concern from a public relations perspective and we wanted to get those concerns on the table,” she said.

Faced with police and city concerns, library director Fleming agreed to turn off the Tor relay temporarily until the board could reconsider. “We need to find out what the community thinks,” he said. “The only groups that have been represented so far are the Police Department and City Hall.”

Fleming said that he is now realizing the downside of being the first test site for the Tor initiative.

“There are other libraries that I’ve heard that are interested in participating but nobody else wanted to be first,” he said. “We’re lonesome right now.”

Published by Julia Angwin at www.propublica.org

Finally! There’s something that apparently virtually all governments around the world can actually agree upon. Unfortunately, it’s on par conceptually with handing out hydrogen bombs as lottery prizes.

If the drumbeat isn’t actually coordinated, it might as well be. Around the world, in testimony before national legislatures and in countless interviews with media, government officials and their surrogates are proclaiming the immediate need to “do something” about encryption that law enforcement and other government agencies can’t read on demand.

Here in the U.S., it’s a nearly constant harangue over on FOX News (nightmarishly, where most Americans apparently get their “news” these days). On CNN, it’s almost as pervasive (though anti-crypto tirades on CNN must share space with primetime reruns of a globetrotting celebrity chef and crime “reality” shows).

It’s much the same if you survey media around the world. The names and officials vary, but the message is the same — it’s not just terrorism that’s the enemy, it’s encryption itself.

That argument is a direct corollary to governments’ decidedly mixed feelings about social media on the Internet. On one hand, they’re ecstatic over the ability to monitor the public postings of criminal organizations like ISIL (or ISIS, or Islamic State, or Daesh — just different labels for the same fanatical lunatics) that sprung forth from the disastrously misguided policies of Bush 1 and Bush 2 era right-wing neocons — who not only set the stage for the resurrection of long-suppressed religious rivalries, but ultimately provided them with billions of dollars worth of U.S. weaponry as well. Great job there, guys.

Since it’s also the typical role of governments to conflate and confuse issues whenever possible for political advantage, when we dig deeper into their views on social media and encryption we really go down the rabbit hole.

While governments love their theoretical ability to track pretty much every looney who posts publicly on Twitter or Facebook or Google+, governments simultaneously bemoan the fact that it’s possible for uncontrolled communications — especially international communications — to take place at all in these contexts.

In particular, it’s the ability of radical nutcases overseas to recruit ignorant (especially so-called “lone wolf”) nutcases in other countries that is said to be of especial concern, notably when these communications suddenly “go dark” off the public threads and into private, securely encrypted channels.

“Go dark” — by the way — is now the government code phrase for crypto they can’t read on demand. Dark threads, dark sites, dark links. You get the idea.

One would be remiss to not admit that these radical recruiting efforts are of significant concern.

But where governments’ analysis breaks down massively is with the direction of their proposed solutions, which aren’t aimed at addressing the root causes of fanatical religious terrorism, but rather appear almost entirely based on preventing secure communications — for anybody! — in the first place.

Naturally they don’t phrase this goal in quite those words. Rather, they continue to push (to blankly nodding politicians, journalists, and cable anchors) the tired and utterly discredited concept of “key escrow” cryptography, where governments would have “backdoor” keys to unlock encrypted communications, supposedly only when absolutely necessary and with due legal process.

Rewind 20 years or so and it’s like “Groundhog Day” all over again, back in the early to mid 90s when NSA was pushing their “Clipper Chip” hardware concept for key escrowed encryption, an idea that was mercilessly buried in relatively short order.

But like a vampire entombed without appropriate rituals, the old key escrow concepts have returned to the land of the living, all the uglier and more dangerous after their decades festering in the backrooms of governments.

The hardware Clipper concept dates to a time well before the founding of Twitter or Facebook, and a few years before Google’s arrival. Apple existed back then, but centralized social media as we know it today wasn’t yet even really a glimmer in anyone’s eye.

While governments generally seem to realize that stopping all crypto that they can’t access on demand is not practical, they also realize that the big social media platforms (of which I’ve named only a few) — where most users do most of their social communicating — are the obvious targets for legislative, political, and other pressures.

And this is why we see governments subtly (and often, not so subtly) demonizing these firms as being uncooperative or somehow uncaring about fighting evil, about fighting crime, about fighting terrorism. How dare they — authorities repeat as a mantra — implement encryption systems that governments cannot access at the click of a mouse, or sometimes access at all under any conditions.

Well, welcome to the 21st century, because the encryption genie isn’t going back into his bottle, no matter how hard you push.

Strong crypto is critical to our communications, to our infrastructures, to our economies, and increasingly to many other aspects of our lives.

Strong crypto is simply not possible — let’s say that once more with feeling — not possible, given key escrow or other government backdoors designed into these systems. There is no practical or even theoretically accepted means for including such mechanisms without fatally weakening the entire associated encryption ecosystem, and opening it up to all manner of unauthorized access via hacking and various subversions of the key escrow process.

But governments just don’t seem willing to accept the science and reality of this, and keep pushing the key escrow meme. It’s like the old joke about the would-be astronaut who wanted to travel to the sun, and when reminded that he’d burn up, replied that it wasn’t a problem, because he’d go at night. Right.

Notably, just as we had governments who ignored realistic advice and unleashed the monsters of religious fanatical terrorism, we now have many of the same governments on the cusp of trying to hobble, undermine, and decimate the strong encryption systems that are so very vital.

There’s every reason to believe that we’d experience a similarly disastrous outcome in the encryption context as well, especially if social media firms were required to deploy only weak crypto — putting the vast populations of innocent users at risk — while driving the bad guys even further underground and out of view.

If we don’t vigorously fight back against government efforts to weaken encryption, we’re all going to be badly burned.

Published by Lauren Weinstein on vortex.com

If you are an activist and are using a printer to print out flyers to hand out on the street or any other documents that go out into the public, the police and government agents can easily track the document back to the printer you used, or even back to you, thanks to a technology pioneered by Canon and Xerox.

Virtually all modern and quality color laser printers and color copiers are designed to print invisible tracking “codes” across every single printed page of their output. These codes reveal which device produced a document and, in some cases, a timestamp for when the document was printed or copied.

Pattern of yellow dots on each printout can be used to track the document back to the device used and eventually find the person who made the copies

According to experts, several printer companies quietly encode the serial number and the manufacturing code of their color laser printers and color copiers on every document those machines produce. Governments, including the United States, already use the hidden dots to supposedly track currency counterfeiters.

Peter Crean, a senior research fellow at Xerox, said his company’s laser printers, copiers and multifunction workstations, such as its WorkCentre Pro series, put the “serial number of each machine coded in little yellow dots” in every printout. The millimeter-sized dots appear about every inch on a page, nestled within the printed words and margins.

“It’s a trail back to you, like a license plate,” Crean says.

The dots’ minuscule size, covering less than one-thousandth of the page, along with their color combination of yellow on white, makes them invisible to the naked eye, Crean says. One way to determine if your color laser is applying this tracking process is to shine a blue LED light–say, from a keychain laser flashlight–on your page and use a magnifier.

Laser-printing technology makes it incredibly easy to counterfeit money and documents, and Crean says the dots, in use in some printers for decades, allow law enforcement to identify and track down counterfeiters.

However, they could also be employed to track a document back to any person or business that printed it. Although the technology has existed for a long time, printer companies have not been required to notify customers of the feature.

Lorelei Pagano, a counterfeiting specialist with the U.S. Secret Service, stresses that the government uses the embedded serial numbers only when alerted to a forgery. “The only time any information is gained from these documents is purely in [the case of] a criminal act,” she says.

John Morris, a lawyer for The Center for Democracy and Technology , says, “That type of assurance doesn’t really assure me at all, unless there’s some type of statute.” He adds, “At a bare minimum, there needs to be a notice to consumers.”

If the practice disturbs you, don’t bother trying to disable the encoding mechanism–you’ll probably just break your printer.

Crean describes the device as a chip located “way in the machine, right near the laser” that embeds the dots when the document “is about 20 billionths of a second” from printing.

“Standard mischief won’t get you around it,” Crean adds.

Neither Crean nor Pagano has an estimate of how many laser printers, copiers, and multifunction devices track documents, but they say that the practice is commonplace among major printer companies.

“The industry absolutely has been extraordinarily helpful [to law enforcement],” Pagano says.

According to Pagano, counterfeiting cases are brought to the Secret Service, which checks the documents, determines the brand and serial number of the printer, and contacts the company. Some, like Xerox, have a customer database, and they share the information with the government.

Crean says Xerox and the government have a good relationship. “The U.S. government had been on board all along–they would actually come out to our labs,” Crean says.

Unlike ink jet printers, laser printers, fax machines, and copiers fire a laser through a mirror and series of lenses to embed the document or image on a page. Such devices range from a little over $100 to more than $1000, and are designed for both home and office.

Crean says Xerox pioneered this technology about 20 years ago, to assuage fears that their color copiers could easily be used to counterfeit bills.

“We developed the first (encoding mechanism) in house because several countries had expressed concern about allowing us to sell the printers in their country,” Crean says.

Since then, he says, many other companies have adopted the practice.

In the video below, the good people from the Electronic Frontier Foundation describe three different ways to see the tracking dots your printer produces: with a blue light, with a microscope, or with a scanner. If you don’t have the necessary equipment for a particular step, go on to the next one.

Twitter has added a tool to help users report abusive content to law enforcement, which could aid in removing the most threatening posts as Twitter ramps up its efforts to combat harassment.

The tool has been incorporated into the existing process for flagging abusive content or tweets. After reporting abusive or threatening content to Twitter, users have an option to receive an emailed summary of the report. The report would include the flagged tweet and its URL, the time at which it was sent, and the user name and account URL of the person who posted it.

The report, aimed at law enforcement, would also include a link to Twitter’s guidelines on how authorities can request non-public user account information from Twitter. The idea is that after seeing a report, law enforcement might feel compelled to take further action.

Twitter would not send this emailed report to law enforcement directly; it would be up to user to forward it. It comes as Twitter has more broadly beefed up its tools for reporting abusive content.

Twitter seems to envision the tool as a possible route to respond to the most threatening tweets. “While we take threats of violence seriously and will suspend responsible accounts when appropriate, we strongly recommend contacting your local law enforcement if you’re concerned about your physical safety,” Twitter said in a blog post on Tuesday.

In developing the tool, Twitter received feedback from a number of outside groups including the National Network to End Domestic Violence, which works to end violence against women. The new tool is not designed exclusively for women, but it could help in this area. Women have been ruthlessly targeted on Twitter and on other sites like Reddit and 4chan, due to sexism in the video game industry, sometimes referred to as “Gamergate.”

Twitter has been working to improve its abuse-reporting tools, which all rely on users to flag content. The company recently streamlined its tools for reporting issues like impersonation and self-harm. Just last week Twitter banned the posting of revenge porn and nude images that have been stolen or are being used without permission, after a similar move by Reddit.

Twitter’s new tool is rolling out worldwide starting Tuesday for the desktop as well as the company’s mobile apps.

AVG Innovation Labs has a new invention to help the fight against tyranny and constant monitoring: a pair of glasses that will make you invisible. With cameras watching your every move and face recognition software evolving, we all need a cloak of invisibility when we go out in public. AVG is developing just the right cloak.

According to AVG, there are a number of reasons why you want their glasses:

• The increasing use of smartphone cameras in public places means it’s more likely unsolicited images taken of us may end up online.
• Big Data projects such as Google’s StreetView highlight the possibility for our faces and identities to appear in the public domain.
• Advancements in facial-recognition technologies, such as Facebook’s DeepFace, could soon give a private corporations power to not only recognize us, but also cross-reference our faces to other data found online.

“Through a mixture of technology and specialist materials, privacy wearables such as invisibility glasses can make it difficult for cameras or other facial recognition technologies to get a clear view of your identity”, AVG claims.

While the device is still in the prototype phase, early testing indicates that this pair of glasses can make it much harder for cameras or other facial recognition methods to violate your privacy and identity.

AVG explains that “through a mixture of technology and specialist materials, privacy wearables such as invisibility glasses can make it difficult for cameras or other facial recognition technologies to get a clear view of your identity.”

The glasses were officially announced at the Mobile World Congress in Barcelona.Reflective material in the fame 0f the glasses and a series of infrared lights surrounding the eyes and nose do not interfere with the spectrum of visible light and with how other people perceive the wearer, but will interfere with surveillance cameras making facial recognition much harder, if not impossible.

AVG notes that “Rather than designing a product for market release, tech experts are investigating how technology can adapt to combat the daily erosion of our privacy in the digital age. Don’t expect to see them for sale any time soon”.

So yes, this might be a prototype but innovation in this area is bound to push the issue of privacy on the forefront of the technology market, hopefully motivating other manufacturers to follow suit.