Quotulatiousness

December 25, 2013

Duffelblog – NSA intercepted letters to Santa

Filed under: Humour — Tags: , — Nicholas @ 00:01

Just when you thought the NSA scandal couldn’t get any worse, it now appears that the secretive intelligence gathering agency has a special program in place to intercept letters to Santa:

The National Security Agency routinely intercepts children’s letters to Santa, internal agency documents have revealed.

The documents describe an operation known as MILK COOKIES, based out of Fort Meade and run in conjunction with the U.S. Postal Service. COOKIES is the interception of the letters while MILK feeds them through a complex series of algorithms to spot any hidden messages.

Agency director Gen. Keith Alexander had previously testified to Congress in 2011 that the NSA would occasionally collect letters addressed to Santa, but insisted that it was totally accidental and that no one was actually reading or storing them.

The NSA is prohibited from directly monitoring American citizens under both Executive Order 12333 and the Foreign Intelligence Surveillance Act. However, because the letters are addressed to the North Pole, which falls outside of U.S. territory, they are considered potential foreign intelligence signals which the NSA is authorized to intercept.

[…]

Four years later the NSA began MILK COOKIES in response to the Secret Santa program, which the agency initially thought was a Soviet operation after a flier for the program mistakenly replaced the picture of Santa with Karl Marx.

Following the September 11, 2001, terrorist attacks, the NSA began an almost-relentless campaign to insert itself both legally and covertly into the Christmas spirit.

First the NSA managed to get language inserted into the PATRIOT Act which required Santa to file a flight plan with NORAD and submit to random TSA inspections at select chimneys. Then came the 2002 judgment in United States v. Kringle, when the NSA and the Justice Department ordered him to deliver multiple GPS devices to the location of Usama bin Laden and other high-ranking Al Qaeda leaders.

When Santa refused and was put on a no-fly list he briefly had to outsource all his American operations to Canada, which handles diplomatic issues for the North Pole.

December 22, 2013

Does the US Constitution actually provide any protection against surveillance?

Filed under: Government, Law, Liberty, Technology, USA — Tags: , , , — Nicholas @ 11:16

Julian Sanchez talks about dismantling the surveillance state:

On Tuesday, Judge Richard Leon held that the National Security Agency’s controversial phone records program likely violates the Fourth Amendment’s guarantee against “unreasonable searches and seizures.” But when the inevitable appeal comes, far more than a single surveillance program will be at stake. Whether far higher courts are prepared to embrace Leon’s logic could determine if Americans enjoy any meaningful constitutional protection against government monitoring in the information age.

The NSA program — a massive database that logs, and stores for five years, the time, date, duration, and number dialed for nearly every call placed in the United States — is based on Section 215 of the Patriot Act, which authorizes the government to obtain any records it reasonably believes are “relevant” to a foreign intelligence investigation. But that authority itself depends on the so-called “third party doctrine,” which says that business records held by a “third party” like a phone company aren’t protected by the Fourth Amendment.

If not for the third party doctrine, “relevance” would not be enough: The government would have to satisfy the Fourth Amendment’s far stricter demand to show “probable cause” that records it had “particularly described” would yield evidence of wrongdoing. Under Fourth Amendment standards, a program that involved vacuuming up billions of records in order to fish through them later for suspicious calls would be out of the question — the kind of unlimited “general warrant” the framers of the Constitution were especially concerned to prohibit.

The roots of this cramped reading stretch back to 1979, when the Supreme Court unwittingly dealt a profound blow to American privacy in the case of Smith v. Maryland. With the cooperation of the phone company, police had traced a series of obscene phone calls from Michael Lee Smith to a woman he had earlier robbed. Because they had not first obtained a warrant from a judge, Smith argued that the police had conducted an illegal search, akin to a wiretap.

The Court disagreed: Because Smith should have known, based on the itemized list of calls on his monthly bill, that the phone company kept business records of the numbers he dialed, he had voluntarily abandoned his “reasonable expectation of privacy” in that information — and with it, the protection of the Constitution.

December 11, 2013

Edward Snowden interviewed by Time

Filed under: Liberty, Technology, USA — Tags: , , , , — Nicholas @ 09:50

He may not have made the cover as “person of the year”, but he’s still very newsworthy:

For Snowden, those impacts are but a means to a different end. He didn’t give up his freedom to tip off German Chancellor Angela Merkel about the American snoops on her cell phone or to detail the ways the NSA electronically records jihadi porn-watching habits. He wanted to issue a warning to the world, and he believed that revealing the classified information at his fingertips was the way to do it. His gambit has so far proved more successful than he reasonably could have hoped — he is alive, not in prison, and six months on, his documents still make headlines daily — but his work is not done, and his fate is far from certain. So in early October, he invited to Moscow some supporters who wanted to give him an award.

After the toasts, some photographs and a brief ceremony, Snowden sat back down at the table, spread with a Russian buffet, to describe once again the dystopian landscape he believes is unfolding inside the classified computer networks on which he worked as a contractor. Here was a place that collected enormous amounts of information on regular citizens as a precaution, a place where U.S. law and policy did not recognize the right to privacy of foreigners operating outside the country, a place where he believed the basic freedoms of modern democratic states — “to speak and to think and to live and be creative, to have relationships and to associate freely” — were under threat.

“There is a far cry between legal programs, legitimate spying, legitimate law enforcement — where it is targeted, it’s based on reasonable suspicion, individualized suspicion and warranted action — and the sort of dragnet mass surveillance that puts entire populations under a sort of an eye and sees everything, even when it is not needed,” Snowden told his colleagues. “This is about a trend in the relationship between the governing and governed in America.”

That is the thing that led him to break the law, the notion that mass surveillance undermines the foundations of private citizenship. In a way, it is the defining critique of the information age, in which data is increasingly the currency of power. The idea did not originate with Snowden, but no one has done more to advance it. “The effect has been transformative,” argues Julian Assange, the founder of WikiLeaks, who has been helping Snowden from the confines of the Ecuadorean embassy in London. “We have shifted from a small group of experts understanding what was going on to broad public awareness of the reality of NSA mass surveillance.” If Facebook’s Mark Zuckerberg is the sunny pied piper of the new sharing economy, Snowden has become its doomsayer.

November 30, 2013

“I have nothing to hide from the government, so why should I worry?”

Filed under: Government, Liberty, Media — Tags: , , , — Nicholas @ 11:39

The Electronic Frontier Foundation explains why you should worry about omnipresent government surveillance:

There are a few ways to respond to this, depending on what you think will work best for the person raising the question.

  • Point out how mass surveillance leaves you at the mercy of not only the NSA, but also to the DEA, the FBI and even the IRS. We know that the government claims that any evidence of a “crime” can be sent to the appropriate law enforcement agencies.
  • Tell them that, even if you don’t think you have something to hide, it’s possible the government thinks you do, or can create some concern about you (or your friends or loved ones). There are so many laws and regulations on the books, Rep. Jim Sensenbrenner said the Congressional Research Service did not have the resources to count them all. One legal expert has argued that the average person likely commits three felonies a day without ever realizing. So, you may be technically breaking a law you have no idea about.
  • We all benefit from a system that allows privacy. For example, when journalists can speak to sources without the specter of surveillance, helping fuel investigative journalism and the free flow of information. And this is not just a hypothetical — the Department of Justice subpoenaed the phone records of Associated Press journalists in an effort to track down government whistleblowers. And it’s not just journalists. Activists, political organizers, lawyers, individuals conducting sensitive research, businesses that want to keep their strategies confidential, and many others rely on secure, private, surveillance-free communication.

November 14, 2013

How the internet was “weaponized”

Filed under: Government, Technology, USA — Tags: , , , , , — Nicholas @ 07:45

In Wired, Nicholas Weaver looks back on the way the internet was converted from a passive network infrastructure to a spy agency wonderland:

According to revelations about the QUANTUM program, the NSA can “shoot” (their words) an exploit at any target it desires as his or her traffic passes across the backbone. It appears that the NSA and GCHQ were the first to turn the internet backbone into a weapon; absent Snowdens of their own, other countries may do the same and then say, “It wasn’t us. And even if it was, you started it.”

If the NSA can hack Petrobras, the Russians can justify attacking Exxon/Mobil. If GCHQ can hack Belgicom to enable covert wiretaps, France can do the same to AT&T. If the Canadians target the Brazilian Ministry of Mines and Energy, the Chinese can target the U.S. Department of the Interior. We now live in a world where, if we are lucky, our attackers may be every country our traffic passes through except our own.

Which means the rest of us — and especially any company or individual whose operations are economically or politically significant — are now targets. All cleartext traffic is not just information being sent from sender to receiver, but is a possible attack vector.

[…]

The only self defense from all of the above is universal encryption. Universal encryption is difficult and expensive, but unfortunately necessary.

Encryption doesn’t just keep our traffic safe from eavesdroppers, it protects us from attack. DNSSEC validation protects DNS from tampering, while SSL armors both email and web traffic.

There are many engineering and logistic difficulties involved in encrypting all traffic on the internet, but its one we must overcome if we are to defend ourselves from the entities that have weaponized the backbone.

November 4, 2013

Living in a Surveillance State: Mikko Hypponen at TEDxBrussels

Filed under: Liberty, Technology, USA — Tags: , , , , — Nicholas @ 00:01

October 28, 2013

Reason.tv – What We Saw At The Anti-NSA “Stop Watching Us” Rally

Filed under: Government, Liberty, USA — Tags: , , , , , — Nicholas @ 09:59

On October 26, 2013, protesters from across the political spectrum gathered in Washington, D.C. to take part in the Stop Watching Us rally, a demonstration against the National Security Agency’s domestic and international surveillance programs.

Reason TV spoke with protesters — including 2012 Libertarian Party presidential candidate Gary Johnson and former Congressman Dennis Kucinich — to discuss the rally, why people should worry about the erosion of privacy, and President Barack Obama’s role in the growth of the surveillance state.

Correction: Laura Murphy, Director of the ACLU Washington Legislative Office, was incorrectly identified as Susan N. Herman, ACLU President.

Produced by Joshua Swain, interviews by Todd Krainin.

October 4, 2013

John Lanchester on the Guardian‘s GCHQ files

Filed under: Britain, Government, Liberty, Media — Tags: , , , , , — Nicholas @ 07:44

Novelist John Lanchester was invited to look at the trove of files the Guardian received from Edward Snowden:

In August, the editor of the Guardian rang me up and asked if I would spend a week in New York, reading the GCHQ files whose UK copy the Guardian was forced to destroy. His suggestion was that it might be worthwhile to look at the material not from a perspective of making news but from that of a novelist with an interest in the way we live now.

I took Alan Rusbridger up on his invitation, after an initial reluctance that was based on two main reasons. The first of them was that I don’t share the instinctive sense felt by many on the left that it is always wrong for states to have secrets. I’d put it more strongly than that: democratic states need spies.

And all’s well in the world and we’re worried over nothing?

My week spent reading things that were never meant to be read by outsiders was, from this point of view, largely reassuring. Most of what GCHQ does is exactly the kind of thing we all want it to do. It takes an interest in places such as the Horn of Africa, Iran, and North Korea; it takes an interest in energy security, nuclear proliferation, and in state-sponsored computer hacking.

There doesn’t seem to be much in the documents about serious crime, for which GCHQ has a surveillance mandate, but it seems that much of this activity is covered by warrants that belong to other branches of the security apparatus. Most of this surveillance is individually targeted: it concerns specific individuals and specific acts (or intentions to act), and as such, it is not the threat.

Few people are saying we don’t need intelligence-gathering organizations like GCHQ, but we do have a right to be concerned about what they are doing when they’re not watching actual, known threats. They have capabilities that we generally thought were just from the pages of James Bond novels or Tom Clancy thrillers … and they use them all the time, not just for keeping tabs on the “bad guys”.

In the case of modern signals intelligence, this is no longer true. Life has changed. It has changed because of the centrality of computers and digital activity to every aspect of modern living. Digital life is central to work: many of us, perhaps most of us, spend most of our working day using a computer. Digital life is central to our leisure: a huge portion of our discretionary activity has a digital component, even things which look like they are irreducibly un-digital, from cycling to cooking.

[…]

As for our relationships and family lives, that has, especially for younger people, become a digital-first activity. Take away Facebook and Twitter, instant messaging and Skype and YouTube, and then — it’s hard to imagine, but try — take away the mobile phone, and see the yawning gap where all human interaction used to take place. About the only time we don’t use computers is when we’re asleep — that’s unless we have a gadget that tracks our sleep, or monitors our house temperature, or our burglar alarm, or whatever.

This is the central point about what our spies and security services can now do. They can, for the first time, monitor everything about us, and they can do so with a few clicks of a mouse and — to placate the lawyers — a drop-down menu of justifications.

Looking at the GCHQ papers, it is clear that there is an ambition to get access to everything digital. That’s what engineers do: they seek new capabilities. When it applies to the people who wish us harm, that’s fair enough. Take a hypothetical, but maybe not unthinkable, ability to eavesdrop on any room via an electrical socket. From the GCHQ engineers’ point of view, they would do that if they could. And there are a few people out there on whom it would be useful to be able to eavesdrop via an electrical socket. But the price of doing so would be a society that really did have total surveillance. Would it be worth it? Is the risk worth the intrusion?

That example might sound far-fetched, but trust me, it isn’t quite as far fetched as all that, and the basic intention on the part of the GCHQ engineers — to get everything — is there.

October 1, 2013

PRSM – the not-at-all-a-joke NSA sharing network

Filed under: Government, Technology, USA — Tags: , , , , — Nicholas @ 12:59

Techdirt‘s Mike Masnick on the no-we’re-actually-serious “joke” PRSM network:

Soon after the very earliest reporting on Ed Snowden’s leaked documents about PRISM, the folks from Datacoup put together the very amusing GETPRSM website, which looks very much like the announcement of a new social network, but (the joke is) it’s really the NSA scooping up all our data and making the connections. It’s pretty funny. Except, of course, when you find out that it’s real. And, yes, that seems to be the latest revelation out of Ed Snowden’s leaks. The NY Times has an article by James Risen and Laura Poitras (what a combo reporting team there!) detailing how the NSA has basically built its own “shadow” social network in which it tries to create a “social graph” of pretty much everyone that everyone knows, foreign or American, and it all happens (of course) without a warrant. And, note, this is relatively new:

    The agency was authorized to conduct “large-scale graph analysis on very large sets of communications metadata without having to check foreignness” of every e-mail address, phone number or other identifier, the document said. Because of concerns about infringing on the privacy of American citizens, the computer analysis of such data had previously been permitted only for foreigners.

    The agency can augment the communications data with material from public, commercial and other sources, including bank codes, insurance information, Facebook profiles, passenger manifests, voter registration rolls and GPS location information, as well as property records and unspecified tax data, according to the documents. They do not indicate any restrictions on the use of such “enrichment” data, and several former senior Obama administration officials said the agency drew on it for both Americans and foreigners.

There were apparently two policy changes that allowed this to happen, and both occurred in the past three years. First, in November of 2010, the NSA was allowed to start looking at phone call and email logs of Americans to try to help figure out associations for “foreign intelligence purposes.” Note that phrase. We’ll come back to it. For years, the NSA had been barred from viewing any content on US persons, and the NSA, President Obama and others have continued to insist to this day that there are minimization procedures that prevent spying on Americans. Except, this latest revelation shows that, yet again, this isn’t actually true.

September 23, 2013

The inevitable late-night infomercial of the very near future

Filed under: Humour, Media, USA — Tags: , , , — Nicholas @ 09:42

Zero Hedge peeks just a short distance into your insomniac TV watching future:

(A middle-aged man in an military uniform, loaded with medals, four stars on his epaulets, is sitting in a futuristic office setting on a chair occupying a command position. He puts down a folder he is reading and looks up at the camera.)

Do you know me? Well, I know you.

(He wags his finger as if counting)

Each and every one of you.

I know everything there is to know about you. But enough about that. I’m here today to tell you about a special offer, a first time offer never before available to the general public.

(Man assumes a more relaxed mien, stands and walks slowly toward camera)

Hi, I’m General Keith Alexander, coming to you from the flight deck of the starship… well, it’s just my office, but it’s The Bomb, no? Hey, don’t you repeat that or you might get some unwanted attention. I want to tell you today about something we call simply: The NSA Tapes. This is the greatest and most complete collection of audio and video recordings every assembled anywhere in one place. You cannot buy this in stores, or over the internet. Only here, at the NSA, does the technology exist to capture at this level and at this quality.

The Prism Collection, our basic model, has everything you’d expect in a surreptitious data grab. It has “Phone Sex America: The Connoisseur Series”. It has “Hollywood Sex-ting Kittens”.

(He pauses, looks over the top of his reading glasses, and speaks.)

And let me tell you, if you enjoyed Miley Cyrus twerking, you are going to love what she tells Liam Hemsworth about things he can do to that little booty of hers.

It also has one of my favorites, and I’m sure it will be a favorite of yours, too. Yes, from the Instagram Album we have “Buck Naked Coed Selfies of the Ivy League”. If you’re like me, you’ll know where you’d like to cram for that upcoming exam.

[…]

And if you order in the next ten minutes, we’ll also throw in, just to say thanks, a one year supply of bathroom tissue, each sheet embossed with the Fourth Amendment of the Constitution of this once great nation.

(Another voice breaks in and speaks rapidly)

Shipping and handling $4.95 per item, $7.95 by black van, and rush orders $11.95 by drone.)

(Alexander speaks again)

Call now. Our operators are already listening.

September 21, 2013

Justin Amash on congressional classified briefings

Filed under: Bureaucracy, Government, USA — Tags: , , , , — Nicholas @ 10:01

In The Atlantic, Garance Franke-Ruta has transcribed some of Representative Justin Amash’s comments on the ins-and-outs of confidential briefings offered to congressmen:

Amash, who has previously butted heads with Intelligence Committee Chairman Mike Rogers and ranking member Dutch Ruppersberger over access to classified documents, recounted what happened during remarks before libertarian activists attending the Liberty Political Action Conference in Chantilly, Virginia, Thursday night. I quote his anecdote in full here, because it’s interesting to hear what it feels like to be one of the activist congressmen trying to rein in National Security Agency surveillance:

    What you hear from the intelligence committees, from the chairmen of the intelligence committees, is that members can come to classified briefings and they can ask whatever questions they want. But if you’ve actually been to one of these classified briefings — which none of you have, but I have — what you discover is that it’s just a game of 20 questions.

    You ask a question and if you don’t ask it exactly the right way you don’t get the right answer. So if you use the wrong pronoun, or if you talk about one agency but actually another agency is doing it, they won’t tell you. They’ll just tell you, no that’s not happening. They don’t correct you and say here’s what is happening.

    So you actually have to go from meeting to meeting, to hearing to hearing, asking asking questions — sometimes ridiculous questions — just to get an answer. So this idea that you can just ask, just come into a classified briefing and ask questions and get answers is ridiculous.

    If the government — in an extreme hypothetical, let’s say they had a base on the moon. If I don’t know that there’s a base on the moon, I’m not going to go into the briefing and say you have a moonbase. Right? [Audience laughs.] If they have a talking bear or something, I’m not going to say, ‘You guys, you didn’t engineer the talking bear.’

    You’re not going to ask questions about things you don’t know about. The point of the Intelligence Committee is to provide oversight to Congress and every single member of Congress needs information. Each person in Congress represents about 700,000 people. It’s not acceptable to say, ‘Well, the Intelligence Committees get the information, we don’t need to share with the rest of Congress.’ The Intelligence Committee is not one of the branches of government, but that’s how it’s being treated over and over again.

September 18, 2013

The NSA scandal is not about mere privacy

Filed under: Government, Liberty, USA — Tags: , , , , — Nicholas @ 08:19

Last week, Yochai Benkler posted this in the Guardian:

The spate of new NSA disclosures substantially raises the stakes of this debate. We now know that the intelligence establishment systematically undermines oversight by lying to both Congress and the courts. We know that the NSA infiltrates internet standard-setting processes to security protocols that make surveillance harder. We know that the NSA uses persuasion, subterfuge, and legal coercion to distort software and hardware product design by commercial companies.

We have learned that in pursuit of its bureaucratic mission to obtain signals intelligence in a pervasively networked world, the NSA has mounted a systematic campaign against the foundations of American power: constitutional checks and balances, technological leadership, and market entrepreneurship. The NSA scandal is no longer about privacy, or a particular violation of constitutional or legislative obligations. The American body politic is suffering a severe case of auto-immune disease: our defense system is attacking other critical systems of our body.

First, the lying. The National Intelligence University, based in Washington, DC, offers a certificate program called the denial and deception advanced studies program. That’s not a farcical sci-fi dystopia; it’s a real program about countering denial and deception by other countries. The repeated misrepresentations suggest that the intelligence establishment has come to see its civilian bosses as adversaries to be managed through denial and deception.

[…]

Second, the subversion. Last week, we learned that the NSA’s strategy to enhance its surveillance capabilities was to weaken internet security in general. The NSA infiltrated the social-professional standard-setting organizations on which the whole internet relies, from National Institute of Standards and Technology to the Internet Engineering Task Force itself, the very institutional foundation of the internet, to weaken the security standards. Moreover, the NSA combined persuasion and legal coercion to compromise the commercial systems and standards that offer the most basic security systems on which the entire internet runs. The NSA undermined the security of the SSL standard critical to online banking and shopping, VPN products central to secure corporate, research, and healthcare provider networks, and basic email utilities.

Serious people with grave expressions will argue that if we do not ruthlessly expand our intelligence capabilities, we will suffer terrorism and defeat. Whatever minor tweaks may be necessary, the argument goes, the core of the operation is absolutely necessary and people will die if we falter. But the question remains: how much of what we have is really necessary and effective, and how much is bureaucratic bloat resulting in the all-too-familiar dynamics of organizational self-aggrandizement and expansionism?

The “serious people” are appealing to our faith that national security is critical, in order to demand that we accept the particular organization of the Intelligence Church. Demand for blind faith adherence is unacceptable.

September 15, 2013

Bruce Schneier on what you can do to stay out of the NSA’s view

Filed under: Liberty, Technology — Tags: , , , , , — Nicholas @ 10:44

Other than going completely off the grid, you don’t have the ability to stay completely hidden, but there are some things you can do to decrease your visibility to the NSA:

With all this in mind, I have five pieces of advice:

  1. Hide in the network. Implement hidden services. Use Tor to anonymize yourself. Yes, the NSA targets Tor users, but it’s work for them. The less obvious you are, the safer you are.
  2. Encrypt your communications. Use TLS. Use IPsec. Again, while it’s true that the NSA targets encrypted connections — and it may have explicit exploits against these protocols — you’re much better protected than if you communicate in the clear.
  3. Assume that while your computer can be compromised, it would take work and risk on the part of the NSA — so it probably isn’t. If you have something really important, use an air gap. Since I started working with the Snowden documents, I bought a new computer that has never been connected to the Internet. If I want to transfer a file, I encrypt the file on the secure computer and walk it over to my Internet computer, using a USB stick. To decrypt something, I reverse the process. This might not be bulletproof, but it’s pretty good.
  4. Be suspicious of commercial encryption software, especially from large vendors. My guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well. It’s prudent to assume that foreign products also have foreign-installed backdoors. Closed-source software is easier for the NSA to backdoor than open-source software. Systems relying on master secrets are vulnerable to the NSA, through either legal or more clandestine means.
  5. Try to use public-domain encryption that has to be compatible with other implementations. For example, it’s harder for the NSA to backdoor TLS than BitLocker, because any vendor’s TLS has to be compatible with every other vendor’s TLS, while BitLocker only has to be compatible with itself, giving the NSA a lot more freedom to make changes. And because BitLocker is proprietary, it’s far less likely those changes will be discovered. Prefer symmetric cryptography over public-key cryptography. Prefer conventional discrete-log-based systems over elliptic-curve systems; the latter have constants that the NSA influences when they can.

Since I started working with Snowden’s documents, I have been using GPG, Silent Circle, Tails, OTR, TrueCrypt, BleachBit, and a few other things I’m not going to write about. There’s an undocumented encryption feature in my Password Safe program from the command line; I’ve been using that as well.

I understand that most of this is impossible for the typical Internet user. Even I don’t use all these tools for most everything I am working on. And I’m still primarily on Windows, unfortunately. Linux would be safer.

The NSA has turned the fabric of the Internet into a vast surveillance platform, but they are not magical. They’re limited by the same economic realities as the rest of us, and our best defense is to make surveillance of us as expensive as possible.

Trust the math. Encryption is your friend. Use it well, and do your best to ensure that nothing can compromise it. That’s how you can remain secure even in the face of the NSA.

Reining-in the NSA … while it’s still even theoretically possible

Filed under: Government, Liberty, Technology, USA — Tags: , , — Nicholas @ 10:25

In TechDirt, Glyn Moody on the fleeting opportunity to rein-in the NSA:

In the wake of the continuing leaks about the NSA’s activities, most commentators are understandably still trying to get to grips with the enormity of what has been happening. But John Naughton, professor of the public understanding of technology at the UK’s Open University, tackles a very different question on his blog: what is likely to happen in the future, if things carry on as they are?

Naughton notes that the NSA’s mission statement includes the following phrase: “to gain a decision advantage for the Nation and our allies under all circumstances.” “Under all circumstances” means that as the Internet grows — and as we know, it is currently growing rapidly — so the NSA will naturally ask for resources to allow it to do tomorrow what it is doing today: monitoring more or less everything that happens online. Naughton then asks where that might lead if the political climate in the US remains sufficiently favorable to the NSA that it does, indeed, get those resources:

    The obvious conclusion therefore, is that unless some constraints on its growth materialise, the NSA will continue to expand. It currently has 35,000 employees. How many will it have in ten years’ time? Who can say: 50,000, maybe? Maybe even more? So we’re confronted with the likelihood of the growth of a bureaucratic monster.

    How will such a body be subjected to democratic oversight and control? Let me rephrase that: can such a monster be subjected to democratic control?

September 10, 2013

Generational change is the Achilles heel of government secrecy

Filed under: Bureaucracy, Government, USA — Tags: , , , , , — Nicholas @ 10:23

Bruce Schneier explains why we should expect more whistleblowers in coming years:

Big-government secrets require a lot of secret-keepers. As of October 2012, almost 5m people in the US have security clearances, with 1.4m at the top-secret level or higher, according to the Office of the Director of National Intelligence.

Most of these people do not have access to as much information as Edward Snowden, the former National Security Agency contractor turned leaker, or even Chelsea Manning, the former US army soldier previously known as Bradley who was convicted for giving material to WikiLeaks. But a lot of them do — and that may prove the Achilles heel of government. Keeping secrets is an act of loyalty as much as anything else, and that sort of loyalty is becoming harder to find in the younger generations. If the NSA and other intelligence bodies are going to survive in their present form, they are going to have to figure out how to reduce the number of secrets.

As the writer Charles Stross has explained, the old way of keeping intelligence secrets was to make it part of a life-long culture. The intelligence world would recruit people early in their careers and give them jobs for life. It was a private club, one filled with code words and secret knowledge.

[…]

Whistleblowing is the civil disobedience of the information age. It is a way that someone without power can make a difference. And in the information age — the fact that everything is stored on computers and potentially accessible with a few keystrokes and mouse clicks — whistleblowing is easier than ever.

Mr Snowden is 30 years old; Manning 25. They are members of the generation we taught not to expect anything long-term from their employers. As such, employers should not expect anything long-term from them. It is still hard to be a whistleblower, but for this generation it is a whole lot easier.

« Newer PostsOlder Posts »

Powered by WordPress