Sky's Blog

Well am I ever surprised! I would have thought that inserting a robots.txt file that tells googlebot to “go away” would cause it to “not index the site.”

User-agent: *
Disallow: /

Instead, I discovered that the googlebot may still spot the site and then put up a message saying that the site exists but is not indexed. i.e. the Googlebot still publicizes the existence of the site. It makes Google look like the good guys and us look like the bad guys for putting up a robots.txt. Yay for Google liberating all online information! Boo for us trying to keep our site un-indexed until we’re ready to make it public. (continue reading…)

Digital nomads, you can finally and really be the system administrator for your cloud (and other) servers from your iPad. Since December, each time I’ve left town, I have intentionally left my MacBook Pro at home in favor of my iPad. I found that just having a few specific apps allowed me to fully administer my cloud servers from the pad. Please note that a bluetooth (or other) keyboard is required for some of these apps to function fully. But generally I can do everything I need to when I’m on the road. (continue reading…)

Far from solving all your problems, if you rely on government to solve your cyber-security problems, I think you’re more likely to end up with restricted access to the Internet and someone other than hackers evaluating your communications. And I mean this is a possibility not only from your own national government but due to future international “cooperation” among governments.

Here are five reasons why you have to build your own cyber-protection capabilities rather than relying on governments to solve any of your security (and cyber-attack) problems for you. And you have to be vigilant and aware of what’s going on that might put governments even more in control of your online communications, reducing the options you have available to communicate privately with others as well as to defend yourself. (continue reading…)

Who has access to your email addresses and your email-writing history?

The Washington Post reported last week that the Obama administration is seeking to modify the 1993 Electronic Communications Privacy Act so that Internet service providers must turn over transaction records on email communications and possibly web browsing records, upon receipt of a “national security letter” from the FBI. This particular legal process doesn’t require review by a judge—unlike search warrants.^[1]

The law does not allow access to the contents of those emails without judicial oversight…only the more externally-visible addressing information, and that does tend to be what email systems log and archive. On the other hand, the term “electronic communication transactional records” which is what the government could require ISPs to divulge, is not defined in federal statutes, according to the Washington Post.^[2] And so it could conceivably be extended to include other person-to-person communications, such as social media contacts

This is the same process the Bush administration used, in the early 2000s, to ask libraries to turn over the records of books checked out by patrons, which was strongly resisted by librarians at that time.

Phone companies keep records of all of the numbers you call, and these are subject to the same access rules. This has never been a question, and most people in the US are probably at least marginally aware of this.

The real question isn’t whether someone is reading your email addresses and headers—it’s how they are interpreting the titles, subjects, and names of the people you are corresponding with. In the McCarthy era here in the US, you could be blacklisted for associating with the wrong people.

If you have an inquiring mind, would you want someone to judge you based on the titles of the books or publications you’re reading? Or the subjects and addressees of your email?

[2] The New York Times 30 July, 2010 — secondary report and opinion

A whole nother ancillary question is whether your ISP actually keeps these records or not. If they do not, are they then exempt from having to turn over any records, or will the government require that they keep such records in the future? Some ISPs intentionally do not keep certain kinds of records, which helps keep your use of certain services anonymous. And, for instance, I’d guess that very few ISPs, if any, keep records of your browsing history, and this makes it prohibitively difficult to document all of the web sites you’ve visited.