Paul Ciano https://paulciano.org Technophile, Contemplative, Raging Geek Sat, 27 May 2017 11:00:00 +0000 en-US hourly 1 https://wordpress.org/?v=4.7.5 EFF to Court: Forcing Someone to Unlock and Decrypt Their Phone Violates the Constitution https://www.eff.org/deeplinks/2017/03/eff-court-forcing-someone-unlock-and-decrypt-their-phone-violates-constitution https://paulciano.org/2017/05/eff-to-court-forcing-someone-to-unlock-and-decrypt-their-phone-violates-the-constitution/#respond Sat, 27 May 2017 11:00:00 +0000 https://paulciano.org/?p=13972 EFF: First, the compelled entry of a memorized passcode forces a person to reveal the contents of their mind to investigators—contents that are absolutely privileged by the Fifth Amendment. As far as the Fifth Amendment is concerned, there’s no difference between forcing a person to type their passcode directly into their phone and forcing them … Continue reading EFF to Court: Forcing Someone to Unlock and Decrypt Their Phone Violates the Constitution

The post EFF to Court: Forcing Someone to Unlock and Decrypt Their Phone Violates the Constitution appeared first on Paul Ciano.

]]>
EFF:

First, the compelled entry of a memorized passcode forces a person to reveal the contents of their mind to investigators—contents that are absolutely privileged by the Fifth Amendment. As far as the Fifth Amendment is concerned, there’s no difference between forcing a person to type their passcode directly into their phone and forcing them to say it out loud to an investigator. The trial judge in this case understood that and found that typing in a passcode was a “testimonial act.” So just by forcing the defendant to unlock his phone, the investigators violated his Fifth Amendment right.

Second, the process of decryption itself is testimonial because it involves translating unintelligible, encrypted evidence into a form that can be used and understood by investigators—again relying on the contents of the suspect’s mind.

The post EFF to Court: Forcing Someone to Unlock and Decrypt Their Phone Violates the Constitution appeared first on Paul Ciano.

]]>
https://paulciano.org/2017/05/eff-to-court-forcing-someone-to-unlock-and-decrypt-their-phone-violates-the-constitution/feed/ 0
How to Use the Trump Archive to Find TV News Appearances, Fact Checks, and Share Clips https://blog.archive.org/2017/03/01/how-to-use-the-trump-archive-to-find-tv-news-appearances-fact-checks-and-share-clips/ https://paulciano.org/2017/05/how-to-use-the-trump-archive-to-find-tv-news-appearances-fact-checks-and-share-clips/#respond Wed, 24 May 2017 11:00:00 +0000 https://paulciano.org/?p=13966 The Internet Archive: The experimental Trump Archive, which we launched in January, is a collection of President Donald Trump’s appearances on TV news shows, including interviews, speeches, and press conferences dating back to 2009. Now largely hand-curated, the Trump Archive is a prototype of the type of collection on a public figure or topic possible … Continue reading How to Use the Trump Archive to Find TV News Appearances, Fact Checks, and Share Clips

The post How to Use the Trump Archive to Find TV News Appearances, Fact Checks, and Share Clips appeared first on Paul Ciano.

]]>
The Internet Archive:

The experimental Trump Archive, which we launched in January, is a collection of President Donald Trump’s appearances on TV news shows, including interviews, speeches, and press conferences dating back to 2009. Now largely hand-curated, the Trump Archive is a prototype of the type of collection on a public figure or topic possible to make with material from our library of TV news. We are starting to reach out to machine learning collaborators to develop tools to make it more efficient to create such collections, and we have plans to publish similar collections on the Congressional leadership on both sides of the party aisle.

The growing Trump Archive contains a lot of content–928 clips and counting–so we’ve put together some pointers and ideas for how to use the collection.

The post How to Use the Trump Archive to Find TV News Appearances, Fact Checks, and Share Clips appeared first on Paul Ciano.

]]>
https://paulciano.org/2017/05/how-to-use-the-trump-archive-to-find-tv-news-appearances-fact-checks-and-share-clips/feed/ 0
Injustice at the Border: How to Protect Your Data (Part 3) https://paulciano.org/2017/05/injustice-border-protect-data-part-3/ https://paulciano.org/2017/05/injustice-border-protect-data-part-3/#respond Mon, 22 May 2017 11:00:43 +0000 https://paulciano.org/?p=14089 Last time, I covered the first part of the Electronic Frontier Foundation's (EFF) Digital Privacy at the U.S. Border guide. Now, I am going to cover the second part of their series, which focuses on the legal framework around searches and seizures at the border. Keep in mind, this is only meant to be a … Continue reading Injustice at the Border: How to Protect Your Data (Part 3)

The post Injustice at the Border: How to Protect Your Data (Part 3) appeared first on Paul Ciano.

]]>
Last time, I covered the first part of the Electronic Frontier Foundation's (EFF) Digital Privacy at the U.S. Border guide. Now, I am going to cover the second part of their series, which focuses on the legal framework around searches and seizures at the border.

Keep in mind, this is only meant to be a primer. If you have deep concerns about these issues and need a greater level of detail, it might be best to consult a lawyer.

Constitutional Rights, Government Policies, and Privacy at the Border

The Law of Border Searches and Seizures

In general, government agents at the U.S. border enjoy even more power than those active in the interior. Usually, they exercise these powers over those entering the country, but they can use them on people leaving the country, as well.

Regardless, the U.S. border is not a Constitution-free zone. If you are a U.S. citizen, border agents' powers are mitigated by our constitutional rights, specifically our First, Fourth, Fifth, and Fourteenth Amendment rights. Let's break those down.

The Fourth Amendment at the Border: Digital Privacy

The Default Constitutional Privacy Rule

The Fourth Amendment is the primary protector of individual privacy against government intrusion. It prohibits unreasonable searches and seizures by the government (Brigham City v. Stuart, 2006). Reasonable means that a law enforcement officer must first obtain a probable cause warrant (Katz v. U.S., 1967). To do this, the officer would need to present preliminary evidence to a judge that shows that the thing to be searched or seized likely contains evidence of illegal activity.

Sounds fair, right? But…

The Border Search Exception

The Supreme Court views the Fourth Amendment to include a border search exception to the standard warrant and probable cause requirements outlined above. They have held that the government has an interest in protecting the integrity of the border by enforcing immigration and custom laws.

The Supreme Court believes that warrantless and suspicion-less border searches are critical to:

  1. Ensuring that travelers entering the U.S. have proper authorization and documentation
  2. Enforcing the laws regulating the importation of goods into the U.S., including duty requirements
  3. Preventing the entry of harmful people (e.g., terrorists) and harmful items (i.e., contraband) such as weapons, drugs, and infested agricultural products

Basically, this means that routine searches at the border don't require a warrant, or even any individualized suspicion that the thing to be searched contains evidence of illegal activity. For the most part, it's a free for all.

The Exception to the Exception: “Non-Routine” Searches

Not all border searches are routine, and the Supreme Court has acknowledged that some can be highly intrusive and affect the dignity and privacy interests of individuals (I'll leave the details of these searches to your imagination). They have determined that such non-routine searches do require that border agents have some level of individualized suspicion about the traveler.

By individualized suspicion, they mean that the border agent has a factual reason to believe a specific person is involved in criminal activity. Here are some examples from the EFF:

Thus, for example, the Supreme Court held that disassembling a gas tank is “routine” and so a warrantless and suspicionless search is permitted (U.S. v. Flores-Montano, 2004). However, detaining a traveler until they have defecated to see if they are smuggling drugs in their digestive tract is a “non-routine” search that requires “reasonable suspicion” that the traveler is a drug mule (U.S. v. Montoya de Hernandez, 1985). Likewise, lower courts have held that body cavity searches and strip searches are “non-routine” and also require reasonable suspicion (U.S. v. Ogberaha, 1985; U.S. v. Gonzalez-Rincon, 1994).

Border Searches of Digital Devices

Since our smartphones contain a trove of personal data, you'd think that there would be no debate over whether or not a search of it would be considered routine.

As the EFF points out, smartphones hold a vast amount of sensitive information:

…call logs, emails, text messages, voicemails, browsing history, calendar entries, contact lists, shopping lists, personal notes, photos and videos, geolocation logs, and other personal files. Digital devices typically cover many years of information and include the most intimidate details of a person’s life.

To me, searches of these devices would most certainly not be routine. It would be like letting an agent of the state into my home to go through all my drawers and make copies of my most sensitive documents without a warrant or suspicion of illegal activity. The EFF agrees, but apparently, there is still legal uncertainty about this issue.

In U.S. v. Cotterman (2013), the U.S. Court of Appeals for the Ninth Circuit ruled that border agents need reasonable suspicion of illegal activity before conducting a forensic search, i.e., before bringing sophisticated software to bear on a person's laptop. However, they also ruled that a manual search of a digital device is routine.

In Riley v. California (2014), the Supreme Court ruled that the police had to obtain a probable cause warrant to search the cell phone of an arrested individual. The police stated that a warrantless and suspicion-less cell phone search was permitted as a search incident to arrest, the way they can search the pockets or wallet of an arrestee for drugs or weapons. The Court rejected that argument and held that a warrant is generally required before such a search, even when a cell phone is seized incident to arrest (Riley v. California, 2014).

This decision has not yet been applied to the border context, but the Supreme Court has recognized that the search incident to arrest exception invoked by the government in Riley is similar to the border search exception (U.S. v. Ramsey, 1977).

Courts in both the Cotterman and Riley decisions at least seem to recognize that the cloud further complicates these matters. The Ninth Circuit in Cotterman stated:

With the ubiquity of cloud computing, the government’s reach into private data becomes even more problematic. In the “cloud,” a user’s data, including the same kind of highly sensitive data one would have in “papers” at home, is held on remote servers rather than on the device itself. The digital device is a conduit to retrieving information from the cloud, akin to the key to a safe deposit box. Notably, although the virtual “safe deposit box” does not itself cross the border, it may appear as a seamless part of the digital device when presented at the border (U.S. v. Cotterman, 2013).

In Riley, the Supreme Court stated that using the search incident to arrest exception to justify searching files saved in the cloud, would be like finding a key in a suspect’s pocket and arguing that it allowed law enforcement to unlock and search a house (Riley v. California, 2014).

Interior Checkpoints

If you are traveling into America by road, be aware that border agents may create permanent checkpoints on the roads that are miles away from the border. There, they can stop motorists for questioning, even in the absence of any individualized suspicion (United States v. Martinez-Fuerte, 1976). However, these border agents cannot search a car without a probable cause (United States v. Ortiz, 1975; Almeida-Sanchez v. United States, 1973). Similarly, these agents should not be able to search a digital device without probable cause.

Next

We covered a lot today, and we are about halfway through section 2 of the EFF's guide. Take a moment to review some of the rulings, and next time, we will wrap up the legal context for border searches and seizures.

The post Injustice at the Border: How to Protect Your Data (Part 3) appeared first on Paul Ciano.

]]>
https://paulciano.org/2017/05/injustice-border-protect-data-part-3/feed/ 0
Want to Improve Data Quality, Reduce Liability, and Gain Consumer Trust? Try Deleting. https://cdt.org/blog/want-to-improve-data-quality-reduce-liability-and-gain-consumer-trust-try-deleting/ https://paulciano.org/2017/05/want-to-improve-data-quality-reduce-liability-and-gain-consumer-trust-try-deleting/#respond Sat, 20 May 2017 11:00:00 +0000 https://paulciano.org/?p=13964 CDT: Uber’s situation illustrates the disconnect between what data deletion means to companies and how users understand the concept. To users, deletion is an act of finality that ends their relationship with a company and destroys their information. To most companies, a deletion command is more likely to send a copy of the user’s information … Continue reading Want to Improve Data Quality, Reduce Liability, and Gain Consumer Trust? Try Deleting.

The post Want to Improve Data Quality, Reduce Liability, and Gain Consumer Trust? Try Deleting. appeared first on Paul Ciano.

]]>
CDT:

Uber’s situation illustrates the disconnect between what data deletion means to companies and how users understand the concept. To users, deletion is an act of finality that ends their relationship with a company and destroys their information. To most companies, a deletion command is more likely to send a copy of the user’s information to cloud storage for potential retrieval.

In CDT’s newest white paper, “Should it stay or should it go? The legal, policy, and technical landscape around data deletion,” we explore this disconnect and the reasons why commercial data stores have grown. We make the case that it is neither in a company’s nor a customer’s best interest to hold onto large amounts of data.

The post Want to Improve Data Quality, Reduce Liability, and Gain Consumer Trust? Try Deleting. appeared first on Paul Ciano.

]]>
https://paulciano.org/2017/05/want-to-improve-data-quality-reduce-liability-and-gain-consumer-trust-try-deleting/feed/ 0
Consumer Reports Rates Privacy and Security https://sixcolors.com/link/2017/03/consumer-reports-rates-privacy-and-security/ https://paulciano.org/2017/05/consumer-reports-rates-privacy-and-security/#respond Wed, 17 May 2017 11:00:00 +0000 https://paulciano.org/?p=13974 Jason Snell: There are only two reasons why the makers of Internet-connected devices would change their ways and take customer privacy and security seriously. One would be government regulations, and at least in the United States that seems unlikely in the near future. The other is the realization that security and privacy are features that … Continue reading Consumer Reports Rates Privacy and Security

The post Consumer Reports Rates Privacy and Security appeared first on Paul Ciano.

]]>
Jason Snell:

There are only two reasons why the makers of Internet-connected devices would change their ways and take customer privacy and security seriously. One would be government regulations, and at least in the United States that seems unlikely in the near future. The other is the realization that security and privacy are features that customers care about, and that if they don’t take them seriously, their sales will suffer. Consumer Reports taking this seriously—and publicizing when companies fail these tests—could be an important step along the way.

Consumer Reports to Begin Evaluating Products, Services for Privacy and Data Security

The post Consumer Reports Rates Privacy and Security appeared first on Paul Ciano.

]]>
https://paulciano.org/2017/05/consumer-reports-rates-privacy-and-security/feed/ 0
Hello Again: Mac Thoughts (Part 4) https://paulciano.org/2017/05/hello-mac-thoughts-part-4/ https://paulciano.org/2017/05/hello-mac-thoughts-part-4/#respond Mon, 15 May 2017 11:00:27 +0000 https://paulciano.org/?p=14036 In regard to software, there are several kinds of applications that I need, and I have been happy to see increasingly good Linux counterparts available. In the next parts of this series, I am going to briefly cover some of the best ones I have found. Password Manager Series Part 1 Part 2 Part 3 … Continue reading Hello Again: Mac Thoughts (Part 4)

The post Hello Again: Mac Thoughts (Part 4) appeared first on Paul Ciano.

]]>
In regard to software, there are several kinds of applications that I need, and I have been happy to see increasingly good Linux counterparts available. In the next parts of this series, I am going to briefly cover some of the best ones I have found.

Password Manager

A password management solution is required for living a responsible, digital lifestyle. In the past, I was happy to settle for the balance of security and convenience that solutions like LastPass offered. These days, I no longer want my password database on any device except for my primary computer.

In some ways, this simplifies my search, as there are good, local alternatives for password management. I have been becoming increasingly comfortable with the command line, so I decided to check out pass. After getting it set up, creating some entries, and testing its workflow several times, I came to appreciate that the command line does not always offer the most efficient way to accomplish a task.

In addition, I needed more from a password manager than just the storing of passwords and related login information. Most modern password managers also let you store additional content, like IDs and identity information, as well as arbitrary file attachments. To some extent, pass can accommodate these functions, but in my opinion, it did not offer a more efficient experience than something like 1Password.

KeeWeb

Next, I searched for graphical solutions, and the best I could find was KeeWeb. At first, the Web part of the name made me wary. After digging through the software's FAQ on GitHub, I found the following from the developer:

Q: Password manager in browser?
A: If you prefer desktop version, there are desktop clients for all major OS: Mac, Windows and Linux. It's called KeeWeb because it's created with web technologies.

What you have here is a cross-platform password management solution that is based on modern, web technologies, and is built upon the free and open source password manager KeePass application's file format.

Q: Is it compatible with KeePass? What about KeePassX or other clients?
A: File format is compatible and all features important to users are supported. If something is not working, please open an issue, and it will be investigated. Only kdbx (KeePass v2), not kdb (KeePass v1) is supported. You can use KeePass to convert between them.

To use the application, you have several options. You can use the online web app hosted by the developer at app.keeweb.info, you can host it yourself, or you can use one of the previously mentioned desktop apps to use it locally on your computer.

KeeWeb Entry

About those desktop apps:

Q: Is it secure?
A: The app makes no external requests unless you ask for it explicitly, it's completely offline, all your data is stored locally and never sent by network. It doesn't contain and will never contain any statistics collection scripts, analytics, ads and other slow, disturbing and insecure stuff like that. The only request this app performs is version check which can be disabled in app settings, and it's done via HTTPS. The other behaviour is not different from usual desktop or web apps.

Essentially, KeeWeb is a free, open source graphical user interface (GUI) for KeePass files. The file you create with KeeWeb can be used with any KeePass client (of which there are many), so you are not locked into a proprietary platform. You can serve the application from a web server that either someone else controls or that you yourself own, or you can just use the application locally.

KeeWeb Settings

This is all good stuff, but what really impressed me about this program was how it looks and works. From the developer:

Q: Yet another KeePass client app? Why? What is the motivation?
A: Because there's no cross-platform app with good ui and no browser version.

This application is beautiful and well-designed. Basically, it is like an open source version of 1Password. Since I am only using it as a separate, desktop application, I need to manually copy and paste information from it into my browser or other applications, but KeeWeb and keyboard shortcuts make searching and copying information a breeze. For me, this is a small price to pay for freedom and flexibility.

Light Theme

If you would like to know more about the application, check out the FAQ and give it a try. You can also show the developer some love by making a donation via the link at the bottom of the page here.

Calendars, Contacts, Files, Photos

As time goes on, I am less comfortable carrying around large amounts of personal data on my smartphone. However, I would still like the ability to sync a subset of data from my primary computer to my smartphone.

In the Apple ecosystem, iTunes and macOS make this easy, at least if you are using an iPhone. Over the years, I have heard a lot of hateful comments for iTunes, but in my experience, it has been a champ. If you are the type of person that is not comfortable leaving all your data on someone else's computer (i.e., the cloud), then software like iTunes is a boon.

iTunes (and Photos for getting photos from an iOS device back to a Mac) makes it trivial to sync contacts, calendars, and files between a Mac and an iOS device. Also, iTunes makes it easy to create encrypted local backups of your iOS devices. This is all accomplished through device to device connections, with no one in the middle.

Based on Apple's recent actions, I do not think this functionality is long for this world. Like every other big player in town, they want you to store all of your personal information in their system, where they (or the partners they work with) can act as middlemen. Possibly, they will break iTunes's functionality up into separate apps and keep it around for a while, while its replacements mature.

Next

Being able to continue to use an iPhone with a GNU/Linux-based primary computer and still get this functionality seemed a difficult task. There were ways to piece something together, but I wanted a more comprehensive solution that would check off all the right boxes.

Based on a couple months of testing, I think I found something sufficient. Next time, we will dig into my solution.

The post Hello Again: Mac Thoughts (Part 4) appeared first on Paul Ciano.

]]>
https://paulciano.org/2017/05/hello-mac-thoughts-part-4/feed/ 0
Meet the Guy Selling Artisanal SNES and NES Games on Etsy https://motherboard.vice.com/en_us/article/meet-the-guy-selling-artisanal-snes-and-nes-games-on-etsy Sat, 13 May 2017 11:00:00 +0000 https://paulciano.org/?p=13905 Motherboard: Jacobson’s love of the physical cartridge highlights the limitations of the diminutive NES Classic Edition. It may look like a tiny version of its 1985 counterpart, but the cartridge tray is merely an illusion. Instead, the console’s pre-packed with a 30 retro games, including classics like Super Mario Bros. 3 but lacking others like … Continue reading Meet the Guy Selling Artisanal SNES and NES Games on Etsy

The post Meet the Guy Selling Artisanal SNES and NES Games on Etsy appeared first on Paul Ciano.

]]>
Motherboard:

Jacobson’s love of the physical cartridge highlights the limitations of the diminutive NES Classic Edition. It may look like a tiny version of its 1985 counterpart, but the cartridge tray is merely an illusion. Instead, the console’s pre-packed with a 30 retro games, including classics like Super Mario Bros. 3 but lacking others like River City Ransom and Battletoads. For that matter, players have long been able to play ROMs of classic games on emulators on their PCs, but it’s a soulless experience in comparison, a bit like substituting a rocking horse for a real pony.

Reproduction cartridges, though, allow new life for beloved systems that have been off production lines for two decades or more. With a “repro cart,” players can see games that never made it out of Japan, such as Mobile Suit Gundam Wing: Endless Duel, or games like The Legend of Zelda: Outlands, which take the shell of classic games and alter them to include new enemies, levels, maps, or difficulties. With Jacobson, at least, the former type’s far more popular.

The post Meet the Guy Selling Artisanal SNES and NES Games on Etsy appeared first on Paul Ciano.

]]>
Nintendo Switch: Are Physical or Digital Games Better? http://www.imore.com/nintendo-switch-are-physical-or-digital-games-better Wed, 10 May 2017 11:00:00 +0000 https://paulciano.org/?p=13894 iMore: Digital or physical? That is a good question to ask when thinking about how you are going to purchase games on any console. Both options have benefits and drawbacks. Whether you buy digital or physical (or both) depends on what is most important to you. I think I still prefer digital, but great points, … Continue reading Nintendo Switch: Are Physical or Digital Games Better?

The post Nintendo Switch: Are Physical or Digital Games Better? appeared first on Paul Ciano.

]]>
iMore:

Digital or physical? That is a good question to ask when thinking about how you are going to purchase games on any console. Both options have benefits and drawbacks. Whether you buy digital or physical (or both) depends on what is most important to you.

I think I still prefer digital, but great points, nonetheless.

The post Nintendo Switch: Are Physical or Digital Games Better? appeared first on Paul Ciano.

]]>
Digging Deep With Linux (Part 11) https://paulciano.org/2017/05/digging-deep-linux-part-11/ Mon, 08 May 2017 11:00:25 +0000 https://paulciano.org/?p=14012 This post is part of a multi-part series on Linux. Last time, we explored several archiving and compressing programs that can be used on Linux. Now, we are going to tackle the Linux directory hierarchy. Linux Directory Hierarchy Essentials Index Linux Directory Hierarchy Essentials Other Root Subdirectories The /usr Directory Kernel Location Running Commands as … Continue reading Digging Deep With Linux (Part 11)

The post Digging Deep With Linux (Part 11) appeared first on Paul Ciano.

]]>
This post is part of a multi-part series on Linux.

Last time, we explored several archiving and compressing programs that can be used on Linux. Now, we are going to tackle the Linux directory hierarchy.

Linux Directory Hierarchy Essentials

The details of the Linux directory structure are outlined in the Filesystem Hierarchy Standard, or FHS. That is a long read, so let's have a brief walkthrough.

This is a simplified overview of the hierarchy:

Linux Directory Hierarchy

Notice that the directory structure under /usr contains some of the same directory names as /.

These are the most important subdirectories in root:

  • /bin contains ready-to-run programs (i.e., executables), including most of the basic UNIX commands, e.g., ls and cp. Most of the programs in /bin are in binary format (i.e., having been created by a C compiler), but some are shell scripts in modern systems.
  • /dev contains device files, which we will explore later.
  • /etc contains the user password, boot, device, networking, and other setup files. Many items here are specific to a machine's hardware. For example, the /etc/X11 directory contains graphics card and window system configurations.
  • /home has personal directories for regular users. Most UNIX installations adhere to this standard.
  • /lib holds library files containing code that executables can use. There are 2 types of libraries: static and shared. The /lib directory should only contain shared libraries, but other lib libraries, e.g., /usr/lib, contain both types, as well as auxiliary files.
  • /proc provides system statistics through a browsable directory-and-file interface. Much of the /proc subdirectory structure on Linux is unique, but many other UNIX variants have similar features. The /proc directory contains information about currently running processes, as well as some kernel parameters.
  • /sys is similar to /proc, i.e., it provides a device and system interface.
  • /sbin is the place for system executables. Programs in this directory relate to system management, so regular users usually do not have /sbin components in their command paths. Many of the programs here will not work unless you are running them as root.
  • /tmp is a storage area for smaller temporary files. Any user may read from and write to this directory, but the user may not have permission to access another user's files there. Many programs use this directory as a workspace. If something is very important, do not put it in /tmp, as most distributions clear it when the machine boots. Some distributions even periodically remove its old files. Also, do not let /tmp fill up with garbage, as its space is usually shared with something critical, e.g., the rest of /.
  • /usr has no user files. Instead, it contains a large directory hierarchy, including the bulk of the Linux system. Many of the directory names in /usr are the same as those in the root directory (e.g., /usr/bin and /usr/lib) and they hold the same types of files.
  • /var is where programs record runtime information. System logging, user tracking, caches, and other files that system programs create and manage are kept here.

Other Root Subdirectories

There are a few other interesting subdirectories in the root directory:

  • /boot contains kernel boot loader files. These files pertain only to the first stage of the Linux startup procedure.
  • /media is a base attachment point for removable media, e.g., flash drives, which is found in many Linux distributions.
  • /opt may contain additional third-party software. Many systems do not use /opt.

The /usr Directory

There is a lot here. /usr is where most of the user-space programs and data reside. In addition to /usr/bin, /usr/sbin, and /usr/lib, /usr contains the following:

  • /usr/include holds header files used by the C complier.
  • /usr/info contains GNU information manuals.
  • /usr/local is where administrators can install their own software. Its structure should look like that of / and /usr.
  • /usr/man contains manual pages.
  • /usr/share contains files that should work on other kinds of UNIX machines with no loss of functionality. Previously, networks of machines would share this directory, but a true /usr/share directory is becoming rare, as there are no space issues on modern disks.

Kernel Location

On Linux systems, the kernel is normally kept in /vmlinuz or /boot/vmlinuz. A boot loader loads this file into memory and sets it in motion when the system boots.

Once the boot loader runs and sets the kernel in motion, the main kernel file is no longer used by the running system. However, you will find many modules that the kernel can load and unload on demand during the course of normal system operations, i.e., loadable kernel modules, which are located under /lib/modules.

Running Commands as the Superuser

You can run the su command and enter the root password to start a root shell, but this practice has disadvantages:

  • You have no record of system-altering commands.
  • You have no record of the users who performed system-altering commands.
  • You do not have access to your normal shell environment.
  • You have to enter the root password.

sudo

Most larger distributions use a package called sudo to allow administrators to run commands as root when they are logged in as themselves. When you run commands as sudo, sudo logs your actions with the syslog service under the local2 facility.

/etc/sudoers

Not all users can run commands as the superuser. You must configure the privileged users in your /etc/sudoers file. The sudo package has many options, which makes the syntax in /etc/sudoers somewhat complicated.

For example, this file gives user1 and user2 the power to run any command as root without having to enter a password:

User_Alias ADMINS = user1, user2
 
ADMINS ALL = NOPASSWD: ALL
 
root ALL=(ALL) ALL

The first line defines an ADMINS user alias with the two users, and the second line grants the privileges. The ALL = NOPASSWD: ALL part means that the users in the ADMINS alias can use sudo to execute commands as root. The second ALL means "any command." The first ALL means "any host." (If you have more than one machine, you can set different kinds of access for each machine or group of machines.)

The root ALL=(ALL) ALL means that the superuser may also use sudo to run any command on any host. The extra (ALL) means that the superuser may also run commands as any other user. You can extend this privilege to the ADMINS users by adding (ALL) to the /etc/sudoers line, as shown at :

ADMINS ALL = (ALL)➊ NOPASSWD: ALL

To edit the /etc/sudoers file, use the visudo command, as it checks for file syntax errors after you save the file.

Next

In the next part of this series, we are going to take a tour of the device infrastructure provided in a functional Linux system.

The post Digging Deep With Linux (Part 11) appeared first on Paul Ciano.

]]>
How to View CBR and CBZ Comic Books in Calibre https://www.howtogeek.com/291916/how-to-view-cbr-and-cbz-comic-books-in-calibre/ Sat, 06 May 2017 11:00:00 +0000 https://paulciano.org/?p=13890 How-To Geek: If you use Calibre, the veritable Swiss Army knife of ebook management, you might not realize it can also view and organize digital comic books—though it’s a little janky out of the box. I love me some Calibre.

The post How to View CBR and CBZ Comic Books in Calibre appeared first on Paul Ciano.

]]>
How-To Geek:

If you use Calibre, the veritable Swiss Army knife of ebook management, you might not realize it can also view and organize digital comic books—though it’s a little janky out of the box.

I love me some Calibre.

The post How to View CBR and CBZ Comic Books in Calibre appeared first on Paul Ciano.

]]>
HTTPS for WordPress With a Click https://www.siteground.com/blog/https-wordpress/ Wed, 03 May 2017 11:00:00 +0000 https://paulciano.org/?p=13898 SiteGround: A month ago we made the first step to increase the adoption rate of SSL certificates amongst our customers by starting to issue automatically Let’s Encrypt certificates for all domains hosted on our servers. However, there still remained a manual step to configure all applications to use the certificates we’ve made available. We knew … Continue reading HTTPS for WordPress With a Click

The post HTTPS for WordPress With a Click appeared first on Paul Ciano.

]]>
SiteGround:

A month ago we made the first step to increase the adoption rate of SSL certificates amongst our customers by starting to issue automatically Let’s Encrypt certificates for all domains hosted on our servers. However, there still remained a manual step to configure all applications to use the certificates we’ve made available. We knew that if we really wanted to see a rise in the HTTPS usage we not only needed to provide the SSLs, but also make it easy for our clients to implement them. Today we are happy to announce that we have achieved this second goal for a large group of our customers — the WordPress users.

The post HTTPS for WordPress With a Click appeared first on Paul Ciano.

]]>
Injustice at the Border: How to Protect Your Data (Part 2) https://paulciano.org/2017/05/injustice-border-protect-data-part-2/ Mon, 01 May 2017 11:00:55 +0000 https://paulciano.org/?p=13993 Since I wrote the first part of this series, the Electronic Frontier Foundation (EFF) has released a superlative guide on digital privacy at the U.S. Border. They have done things like this before, but since the legal context around these issues is somewhat labile, it is important to make sure you are getting up-to-date information. … Continue reading Injustice at the Border: How to Protect Your Data (Part 2)

The post Injustice at the Border: How to Protect Your Data (Part 2) appeared first on Paul Ciano.

]]>
Since I wrote the first part of this series, the Electronic Frontier Foundation (EFF) has released a superlative guide on digital privacy at the U.S. Border. They have done things like this before, but since the legal context around these issues is somewhat labile, it is important to make sure you are getting up-to-date information.

Before I move on to my own technical solution for moving across borders, I think it is beneficial to review the EFF's Guide. Their post about this guide can be found here. It is broken up into 3 parts:

  1. Digital Privacy Guide for Travelers
  2. Constitutional Rights, Government Policies, and Privacy at the Border
  3. The Technology of Privacy Protection

Here, I am going to focus on the first 2 parts, and the last part of this series will basically be my take on part 3 of their guide.

Much of the information presented will be useful to any traveler, but I am writing this from the perspective of a deeply concerned U.S. citizen, and will correspondingly focus on aspects that affect this cohort.

Digital Privacy Guide for Travelers

What is the Border?

The border includes the land borders with Canada and Mexico, airports for international flights, and seaports for international cruises. When you cross the border, you will be inspected by U.S. Customs & Border Protection (CBP) officials. This inspection may include an interview and examination of your belongings.

At 15 airports and 1 seaport, travelers will be inspected by CBP prior to departing the foreign country. You can find the full list of these preclearance locations here.

Before You Arrive at the Border

The simplest and most reliable precaution against border searches is to reduce the amount of information that you carry across the border.

Ultimately, this is probably the best approach a privacy/security concerned person can adopt. This is the basis of my personal approach that I will expand upon in the last part of this series.

Border agents may demand to look through the photos or videos on your cameras or phones. Most cameras do not come with encryption, so there are no convenient technical means that would prevent this kind of inspection.

If you do not want border agents to see your photos or videos, the simplest approach is to delete them or move them to a secured laptop or cloud storage. You should be aware that forensic examination can typically recover deleted photos, unless the storage media has been securely wiped.

This might not be an issue for most people, as they probably use their smartphone as their camera. However, if you are a photophile, or even if you carry around other unencrypted storage devices, you may want to start thinking about what is possible at the border, what you are comfortable with, and how you can legally adapt to the situation.

Many phones and tablets, and some laptops, can be locked with a biometric feature like a fingerprint. While this can be a convenient security precaution, it may not offer the same security and legal benefits as a password that you memorize. Before arriving at the border, make sure that your device requires a password to decrypt, and that your device has been powered off.

If you are using an iPhone, disabling Touch ID should not be necessary. If you turn off your iOS device before going through a checkpoint (which you should be doing, anyway), your passcode will be required upon startup, whether Touch ID is enabled or not.

If you take this approach, you have a few options. For example, you could generate a new random password that is too long for you to remember, change your password to the new one, and then give this password to someone else, send it via a different channel, or store it online where you can only retrieve it once you have Internet access. A variation on this idea is to tell it to a lawyer, so that nobody can retrieve it without getting your lawyer involved.

For most normal, concerned citizens, this would probably seem absurdly complicated. There will be more on this in the last part of this series.

If you are a U.S. citizen, border agents cannot stop you from entering the country, even if you refuse to unlock your device, provide your device password, or disclose your social media information. However, agents may escalate the encounter if you refuse. For example, agents may seize your devices, ask you intrusive questions, search your bags more intensively, or increase by many hours the length of detention.

Unjustified escalation may violate the law and, as discussed in the next section, you may have some recourse after you exit.

As far as I can tell, this is a grey area that desperately needs a precedent. If you are set on not yielding device/account credentials, you should at least be prepared for redundant, gratuitous questioning and a lengthy stay. Keep in mind, there appears to be no set limit on how long you can be detained, but some believe it will not be longer than 36 hours.

If you decide later to file a complaint about the way the officers treated you, it will be easier to do so if you know who they were. Also, if officers seize your digital devices, politely demand a property receipt (Customs Form 6051D).

I wonder how often this information is provided upon request.

Law enforcement officials often try to persuade civilians to consent to searches. Once the civilian consents, it can be harder to challenge the search in court.

Sometimes law enforcement officials achieve so-called “consent” by being vague about whether they are asking or ordering a civilian to do something. You can try to dispel this ambiguity by inquiring whether border agents are asking you or ordering you to unlock your device, provide your device password, or disclose your social media information. If an agent says it is a request only, you might politely but firmly decline to comply with the request.

If you elect to comply with a border agent’s order to unlock your device, provide your password, or disclose your social media information, you can inform the agent that you are complying under protest and that you do not consent. If you later assert a legal challenge, this may help you defeat the government’s claim that you consented to the search.

This applies to dealing with police officers in the U.S., as well.

If you refuse to comply with an order to unlock your device, provide your password, or disclose your social media information, several things may occur.

  • Border agents may seize your devices. Then CBP and ICE agents may attempt to access your digital data without your assistance. Even if they cannot decrypt your devices, they may be able to copy the encrypted contents of your devices. If they later obtain your passwords, or find vulnerabilities in the encryption, they may be able to decrypt their copies. The government’s scrutiny of your devices may take months. During this time, you may need to purchase replacement devices, and you will not have access to the information on the devices.

  • You may be flagged for heightened screening whenever you cross the U.S. border in the future.

The heightened screening may not be restricted to international travel.

If you believe that border agents violated your digital rights at the border, please contact EFF at borders@eff.org.

Good to know.

If you are unhappy with how border agents treated you, then you should write down everything you remember about the event as soon as you can. This may help you later if you choose to challenge the agents’ actions. You should also try to identify witnesses.

You may also want to ask the government for its written records about you and your encounter at the border. Anyone can do this with the Freedom of Information Act.17 U.S. citizens and legal permanent residents also can do this with the Privacy Act.18

CBP FOIA

ICE FOIA

This is an important, and perhaps under-appreciated, step to take after incidents like this. The sooner you get the information down, the better.

You may wish to file a complaint with, or seek help from, the government. However, you would benefit from speaking with a lawyer before doing so, especially if it is possible that you will file a lawsuit about your experience at the border.

CBP Complaint

Department of Home Land Security (DHS) Complaint

DHS Traveler Redress Inquiry Program

Also, good to know.

Next

When I return to this series, I am going to cover the second part of the EFF's Digital Privacy at the U.S. Border guide. Here, I will highlight, in my opinion, the most important aspects of the legal framework that travelers are operating under at the U.S. Border.

The post Injustice at the Border: How to Protect Your Data (Part 2) appeared first on Paul Ciano.

]]>
The List-Building Has Begun: How the Tech Sector Should Respond https://cdt.org/blog/the-list-building-has-begun-how-the-tech-sector-should-respond/ Sat, 29 Apr 2017 11:00:00 +0000 https://paulciano.org/?p=13888 Nuala O’Connor, CDT: I recently walked into a policy meeting in Washington, DC, and a friendly voice called out, “Nuala, you know you and CDT are on the enemies list.” It was supposed to be a joke, and it was. But it wasn’t. The power of the state lies in its ability to deprive individuals … Continue reading The List-Building Has Begun: How the Tech Sector Should Respond

The post The List-Building Has Begun: How the Tech Sector Should Respond appeared first on Paul Ciano.

]]>
Nuala O’Connor, CDT:

I recently walked into a policy meeting in Washington, DC, and a friendly voice called out, “Nuala, you know you and CDT are on the enemies list.” It was supposed to be a joke, and it was. But it wasn’t.

The power of the state lies in its ability to deprive individuals of rights, benefits, life, and liberty. This power is magnified when the government amasses hordes of information on its citizens, particularly on those citizens with whom they may disagree. These datasets are certainly made easier by new technologies.

One of the most compelling messages of the Snowden disclosures was that the bright line between those two datasets is far less clear, and far more permeable, than we had previously imagined. We now have an Administration that is starting its list-building in profound ways. There are calls to investigate alleged voter fraud, which will naturally include closely examining voter registration records across the country. We also witnessed an executive order aimed at securing our borders that adds new layers of examination for not only visitors, but also legal visa and green card holders. We’ve heard stories of forced disclosure of social media identifiers and passwords, and contacts from cell phones. This is how it begins.

The post The List-Building Has Begun: How the Tech Sector Should Respond appeared first on Paul Ciano.

]]>
Workflow 1.7 Introduces Magic Variables for Easier, More Powerful Visual Automation https://www.macstories.net/ios/workflow-1-7-introduces-magic-variables-for-easier-more-powerful-visual-automation/ Wed, 26 Apr 2017 11:00:00 +0000 https://paulciano.org/?p=13860 Federico Viticci: With today’s 1.7 update, the Workflow team isn’t introducing Instant Variables. Instead, they’ve rebuilt the engine behind variables on a new system called Magic Variables, which completely reimagines how you can create workflows and connect actions for even more powerful automations. More than a mere tweak for power users, Magic Variables are the … Continue reading Workflow 1.7 Introduces Magic Variables for Easier, More Powerful Visual Automation

The post Workflow 1.7 Introduces Magic Variables for Easier, More Powerful Visual Automation appeared first on Paul Ciano.

]]>
Federico Viticci:

With today’s 1.7 update, the Workflow team isn’t introducing Instant Variables. Instead, they’ve rebuilt the engine behind variables on a new system called Magic Variables, which completely reimagines how you can create workflows and connect actions for even more powerful automations.

More than a mere tweak for power users, Magic Variables are the next step in Workflow’s goal to enable everyone to automate their iOS devices. By making workflows easier to create and read, Magic Variables are the app’s most important transformation to date, and the result far exceeds my expectations.

The post Workflow 1.7 Introduces Magic Variables for Easier, More Powerful Visual Automation appeared first on Paul Ciano.

]]>