There has been much hand-wringing this week over the United States Senate’s Thursday vote to reverse so-called broadband privacy rules adopted by the Federal Communications Commission in the fall. Some of the concerns are overblown, and some are legitimate.
Among the misleading bits: When one reads that Internet Service Providers, like AT&T, Charter, Comcast, and, Verizon, are going to gain the ability to share your browsing history and other private information without first seeking customer approval, one might get the impression that all of your search engine and other website queries—video-streaming habits, medical self-diagnoses, and sexual proclivities, perhaps—are headed straight from your ISP to a big data broker, like Acxiom or Experian. This isn’t so.
Today, much of the web is encrypted. More than half of the Internet traffic between people and websites is protected by HTTPS, an encrypted data-transferring protocol that prevents third parties, like snoops, spies, or ISPs, from eavesdropping, according to Mozilla, makers of the Firefox web browser. ISPs have little insight into what you’re doing on an encrypted network. Sure, an ISP would be able to see the destination, whether that’s “Netflix, WebMD, or PornHub,” as the Washington Post put it, but beyond that it would often be blind.
If the Republican-dominated House votes to revoke the FCC rules this week and President Donald Trump grants his blessing to the move, all hope is not lost for those who cherish their privacy. Virtual private networks, or VPNs, allow people to keep their Internet providers in the dark. These services create encrypted tunnels between web browsers and VPN computer servers, preventing ISPs from seeing which websites a person may be accessing.
Generally, consent and disclosure seem like good rules to have in place. People should be granted some say in how the data generated by their online activities are processed—especially when they involve mobile location history. Even so, companies like Google have already built massive businesses collecting and selling far more intrusive ad-targeting information on their customers. It’s no surprise that ISPs want in on some of the action, too.
Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. Fortune reporter Robert Hackett here. You may reach me via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.
Was Trump “wiretapped”? House intelligence committee chair Devin Nunes (R-Calif.) held an impromptu press conference on Wednesday morning during which he claimed that “the intelligence community incidentally collected information about U.S. citizens involved in the Trump transition.” Rep. Nunes, who declined to reveal his sources, said he believed the monitoring had been done legally, likely as part of snooping on foreign surveillance targets. Earlier in the week, FBI director James Comey and NSA director Mike Rogers both dismissed President Trump’s claim that former President Barack Obama had tapped his phones. (NBC News, Associated Press, Associated Press)
Apple threatened with mass iPhone data wipe. A group of hackers is attempting to extort the world’s most valuable company. The group, which calls itself “Turkish Crime Family,” claims to have access to a large data set containing stolen iCloud email accounts and passwords. The hackers said they will reset millions of unsuspecting people’s iPhones unless their demands, including payments in Bitcoin or iTunes gift cards, are met by April 7th. If you’ve reused your iCloud password to protect other online accounts, it’s probably best to change these passwords and turn on two-factor authentication. (Motherboard, Fortune, ZDNet)
US to name North Korea in bank heist. Remember when $81 million was stolen from Bangladesh Bank’s account at the Federal Reserve Bank of New York last year? FBI investigators in Los Angeles and New York believe they know who’s responsible. U.S. prosecutors are reportedly building cases against Chinese middlemen who they believe helped the Hermit Kingdom direct the digital bank robbery. (Reuters, Wall Street Journal)
Google loses confidence in Symantec. The search giant said it would stop recognizing some security certificates, which verify the identity of websites, that are issued by Symantec. Google said that it unearthed “a continually increasing scope of misissuance” for Symantec that has affected as many as 30,000 certificates. Meanwhile, Symantec, whose certificate authorities validate nearly a third of the web, said Google’s claims were “exaggerated” and “irresponsible.” (Ars Technica, BBC News, SC Magazine, Google blog)
Google’s sorry for extremist ads. British banks, retailers, and other companies pulled advertising campaigns from Google sites after discovering them running alongside offensive content loaded with hate speech. Some of the brands that have pulled the plug include Marks & Spencer, Sainsbury’s, Argos, HSBC, RBS, McDonald’s, and AT&T. Google apologized for the placing ads near controversial content, while noting that it can be difficult to police network’s like YouTube, where people upload 400 hours of video every minute. (Reuters, Fortune)
Also, copy editors are sick of cyberattacks.
Share today’s Data Sheet with a friend:
Looking for previous Data Sheets? Click here.
Fortune’s Michal Lev-Ram looks at why the military’s skunkworks division—the Defense Advanced Research Projects Agency, or DARPA—is interested in farm tech of all things.
Why would DARPA, which has funded projects like ballistic missile defense and surveillance drones, care about crops? The answer, while not totally obvious, actually makes a lot of sense. “One of the things we’ve seen is that regional unrest has been linked to circumstances that seem detached from national security—like the price of bread,” says Joseph Evans, a program manager in DARPA’s strategic technology office. “If we can get more accurate tools to predict famine, we can head off these types of situations with humanitarian versus military intervention.” Read more on Fortune.com.
How T-Mobile Plans to Block Phone Scammers and Crooks, by Aaron Pressman
Why the Winklevoss Bitcoin ETF May Not be Dead Yet, by Jeff Bukhari
Charging Russia’s Spies Behind the Yahoo Hack Could Deter More Cyberattacks, by Carrie Cordero
Businesses Are Getting ‘Sucker Punched’ in Cyberspace, by Robert Hackett
Two U.S. Companies Wired $100 Million to a Scammer, by Jeff John Roberts
ONE MORE THING
Inside one man’s double life as an FBI informant. In this gripping read, a pump-and-dump scammer gets recruited by the FBI to become a snitch. Then he goes rogue, again; this time double-crossing the FBI. Cool spy-tech within: the Feds equipped him with audio recording devices disguised as Starbucks gift cards and cameras hidden in the buttons of white dress shirts. (Bloomberg Businessweek)