Quotulatiousness

August 12, 2013

Schneier to internet company executives – it’s time to fight back

Filed under: Business, Government, Liberty, USA — Tags: , , , , — Nicholas @ 11:02

In The Atlantic, Bruce Schneier has some advice for the executives of major internet companies:

It turns out that the NSA’s domestic and world-wide surveillance apparatus is even more extensive than we thought. Bluntly: The government has commandeered the Internet. Most of the largest Internet companies provide information to the NSA, betraying their users. Some, as we’ve learned, fight and lose. Others cooperate, either out of patriotism or because they believe it’s easier that way.

I have one message to the executives of those companies: fight.

Do you remember those old spy movies, when the higher ups in government decide that the mission is more important than the spy’s life? It’s going to be the same way with you. You might think that your friendly relationship with the government means that they’re going to protect you, but they won’t. The NSA doesn’t care about you or your customers, and will burn you the moment it’s convenient to do so.

We’re already starting to see that. Google, Yahoo, Microsoft and others are pleading with the government to allow them to explain details of what information they provided in response to National Security Letters and other government demands. They’ve lost the trust of their customers, and explaining what they do — and don’t do — is how to get it back. The government has refused; they don’t care.

It will be the same with you. There are lots more high-tech companies who have cooperated with the government. Most of those company names are somewhere in the thousands of documents that Edward Snowden took with him, and sooner or later they’ll be released to the public. The NSA probably told you that your cooperation would forever remain secret, but they’re sloppy. They’ll put your company name on presentations delivered to thousands of people: government employees, contractors, probably even foreign nationals. If Snowden doesn’t have a copy, the next whistleblower will.

Online privacy and habitual oversharing

Filed under: Liberty, Media, Technology — Tags: , , , , — Nicholas @ 09:47

Cory Doctorow explains why so many of us have gotten into the habit of oversharing personal details in our social media activities:

Whenever government surveillance is debated, someone inevitably points out that it is no cause for alarm, since people already overshare sensitive personal information on Facebook. This means there’s hardly anything to be gleaned from state surveillance that isn’t already there for the taking on social media.

It’s true people overshare on social networks, providing information in ways that they later come to regret. The consequences of oversharing range widely, from losing a job to being outed for your sexual orientation. If you live in a dictatorship, intercepted social media sessions can be used by those in charge to compile enemies lists, determining whom to arrest, whom to torture, and – potentially – whom to murder.

The key reason for oversharing is that cause and effect are separated by volumes of time and space, so understanding the consequences can be difficult. Imagine practising penalty kicks by kicking the ball and then turning around before it lands; two years later, someone visits you and tells you where your kicks ended up. This is the kind of feedback loop we contend with when it comes to our privacy disclosures.

In other words, you may make a million small and large disclosures on different services, with different limits on your sharing preferences, and many years later, you lose your job. Or your marriage. Or maybe your life, if you’re unlucky enough to have your Facebook scraped by a despot who has you in his dominion.

August 11, 2013

Speculations on why Lavabit went dark

Filed under: Business, Law, Liberty, USA — Tags: , , , — Nicholas @ 11:40

In The New Yorker, Michael Phillips tries to outline the legal picture around the Lavabit shutdown:

In mid-July, Tanya Lokshina, the deputy director for Human Rights Watch’s Moscow office, wrote on her Facebook wall that she had received an e-mail from edsnowden@lavabit.com. It requested that she attend a press conference at Moscow’s Sheremetyevo International Airport to discuss the N.S.A. leaker’s “situation.” This was the wider public’s introduction to Lavabit, an e-mail service prized for its security. Lavabit promised, for instance, that messages stored on the service using asymmetric encryption, which encrypts incoming e-mails before they’re saved on Lavabit’s servers, could not even be read by Lavabit itself.

Yesterday, Lavabit went dark. In a cryptic statement posted on the Web site, the service’s owner and operator, Ladar Levison, wrote, “I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests.” Those experiences led him to shut down the service rather than, as he put it, “become complicit in crimes against the American people.” Lavabit users reacted with consumer vitriol on the company’s Facebook page (“What about our emails?”), but the tide quickly turned toward government critique. By the end of the night, a similar service, Silent Circle, also shut down its encrypted e-mail product, calling the Lavabit affair the “writing [on] the wall.”

Which secret surveillance scheme is involved in the Lavabit case? The company may have received a national-security letter, which is a demand issued by a federal agency (typically the F.B.I.) that the recipient turn over data about other individuals. These letters often forbid recipients from discussing it with anyone. Another possibility is that the Foreign Intelligence Surveillance Court may have issued a warrant ordering Lavabit to participate in ongoing e-mail surveillance. We can’t be completely sure: as Judge Reggie Walton, the presiding judge of the FISA court, explained to Senator Patrick Leahy in a letter dated July 29th, FISA proceedings, decisions, and legal rationales are typically secret. America’s surveillance programs are secret, as are the court proceedings that enable them and the legal rationales that justify them; informed dissents, like those by Levison or Senator Ron Wyden, must be kept secret. The reasons for all this secrecy are also secret. That some of the secrets are out has not deterred the Obama Administration from prosecuting leakers under the Espionage Act for disclosure of classified information. Call it meta-secrecy.

NSA wiretapping PSA

Filed under: Humour, Liberty — Tags: , , , , — Nicholas @ 10:03

Trevor Moore (Whitest Kids U’ Know) tells us what we can do about the NSA wiretapping our phones.

August 7, 2013

Bruce Schneier – “it’s becoming clear that we can’t trust anything anyone official says about these programs”

Filed under: Government, Media, USA — Tags: , , , , , , — Nicholas @ 08:39

Bruce Schneier talks about the need to restore trust in government and the internet after all the proof we’ve had lately that “they” are lying to us pretty much all the time:

In July 2012, responding to allegations that the video-chat service Skype — owned by Microsoft — was changing its protocols to make it possible for the government to eavesdrop on users, Corporate Vice President Mark Gillett took to the company’s blog to deny it.

Turns out that wasn’t quite true.

Or at least he — or the company’s lawyers — carefully crafted a statement that could be defended as true while completely deceiving the reader. You see, Skype wasn’t changing its protocols to make it possible for the government to eavesdrop on users, because the government was already able to eavesdrop on users.

At a Senate hearing in March, Director of National Intelligence James Clapper assured the committee that his agency didn’t collect data on hundreds of millions of Americans. He was lying, too. He later defended his lie by inventing a new definition of the word “collect,” an excuse that didn’t even pass the laugh test.

As Edward Snowden’s documents reveal more about the NSA’s activities, it’s becoming clear that we can’t trust anything anyone official says about these programs.

Google and Facebook insist that the NSA has no “direct access” to their servers. Of course not; the smart way for the NSA to get all the data is through sniffers.

Apple says it’s never heard of PRISM. Of course not; that’s the internal name of the NSA database. Companies are publishing reports purporting to show how few requests for customer-data access they’ve received, a meaningless number when a single Verizon request can cover all of their customers. The Guardian reported that Microsoft secretly worked with the NSA to subvert the security of Outlook, something it carefully denies. Even President Obama’s justifications and denials are phrased with the intent that the listener will take his words very literally and not wonder what they really mean.

[…]

Ronald Reagan once said “trust but verify.” That works only if we can verify. In a world where everyone lies to us all the time, we have no choice but to trust blindly, and we have no reason to believe that anyone is worthy of blind trust. It’s no wonder that most people are ignoring the story; it’s just too much cognitive dissonance to try to cope with it.

This sort of thing can destroy our country. Trust is essential in our society. And if we can’t trust either our government or the corporations that have intimate access into so much of our lives, society suffers. Study after study demonstrates the value of living in a high-trust society and the costs of living in a low-trust one.

August 6, 2013

The Electronic Frontier Foundation on reforming the NSA

Filed under: Government, Law, Liberty, USA — Tags: , , , , — Nicholas @ 11:36

The EFF has a few suggestions on how to go about reining-in the NSA:

While we still believe that the best first step is a modern Church Committee, an independent, public investigation and accounting of the government’s surveillance programs that affect Americans, members of Congress seem determined to try to enact fixes now. Almost a dozen bills have already been introduced or will be introduced in the coming weeks.

While we’re also waiting to see what the various bills will look like before endorsing anything, here’s — in broad strokes — what we’d like to see, and what should be avoided or opposed as a false response. We know full well that the devil is in the details when it comes to legislation, so these are not set in stone and they aren’t exhaustive. But as the debate continues in Congress, here are some key guideposts.

This first post focuses on surveillance law reform. In later posts we’ll discuss transparency, secret law and the FISA Court as well as other topics raised by the ongoing disclosures. In short, there’s much Congress can and should do here, but we also need to be on the lookout for phony measures dressed as reform that either don’t fix things or take us backwards.

Helping the Russians laugh … at us

Filed under: Government, Liberty, Russia, USA — Tags: , , — Nicholas @ 11:00

Bruce Sterling on the Edward Snowden situation:

This is the kind of comedic situation that Russians find hilarious. I mean, sure it’s plenty bad and all that, PRISM, XKeyScore, show trials, surveillance, threats to what’s left of journalism, sure, I get all that, I’m properly concerned. None of that stops it from being hilarious.

Few geopolitical situations can ever give the Russians a full, free, rib-busting belly laugh. This one sure does.

If Snowden had gotten things his own way, he’d be writing earnest op-ed editorials in Hong Kong now, in English, while dining on Kung Pao Chicken. It’s some darkly modern act of crooked fate that has directed Edward Snowden to Moscow, arriving there as the NSA’s Solzhenitsyn, the up-tempo, digital version of a conscience-driven dissident defector.

But Snowden sure is a dissident defector, and boy is he ever. Americans don’t even know how to think about characters like Snowden — the American Great and the Good are blundering around on the public stage like blacked-out drunks, blithering self-contradictory rubbish. It’s all “gosh he’s such a liar” and “give us back our sinister felon,” all while trying to swat down the jets of South American presidents.

These thumb-fingered acts of totalitarian comedy are entirely familiar to anybody who has read Russian literature. The pigs in Orwell’s Animal Farm have more suavity than the US government is demonstrating now. Their credibility is below zero.

The Russians, by contrast, know all about dissidents like Snowden. The Russians have always had lots of Snowdens, heaps. They know that Snowden is one of these high-minded, conscience-stricken, act-on-principle characters who is a total pain in the ass.

Modern Russia is run entirely by spies. It’s class rule by the “siloviki,” it’s Putin’s “managed democracy.” That’s the end game for civil society when elections mean little or nothing, and intelligence services own the media, and also the oil. And that’s groovy, sure, it’s working out for them.

When you’re a professional spy hierarch, there are few things more annoying than these conscience-stricken Winston Smith characters, moodily scribbling in their notebooks, all about how there might be hope found in the proles somehow. They’re a drag.

[…]

Citizens and rights have nothing to do with elite, covert technologies! The targets of surveillance are oblivious dorks, they’re not even newbies! Even US Senators are decorative objects for the NSA. An American Senator knows as much about PRISM and XKeyScore as a troll-doll on the dashboard knows about internal combustion.

Get used to seeing the term “parallel construction”

Filed under: Law, Liberty, USA — Tags: , , , , — Nicholas @ 00:01

From Zero Hedge:

Undated documents discovered by Reuters show that federal agents are trained to “recreate” the investigative trail to effectively cover up where the information originated, a practice that some experts say violates a defendant’s Constitutional right to a fair trial.

“I have never heard of anything like this at all,” is one law professor’s response to the fact that a secretive DEA unit is funneling wiretap, informant, and telephone database information to authorities across the nation in order to launch investigations of Americans (targeting common criminals, primarily drug dealers), “It is one thing to create special rules for national security, ordinary crime is entirely different. It sounds like they are phonying up investigations.”

Agents are instructed to use “normal investigative techniques to recreate the information provided by [the secret DEA source],” and as the documents reveal — “remember that the utilization of [data] cannot be revealed or discussed in any investigative function.”

Stunningly, after an arrest was made, agents then created a “parallel construction” to suggest the information secretly gathered was stumbled up during the course of the investigation — “It’s just like laundering money — you work it backwards to make it clean.” One recently retired federal gent noted, “It was an amazing tool; our big fear was that it wouldn’t stay secret.”

August 4, 2013

New tools for the surveillance state

Filed under: Government, Liberty, USA — Tags: , , , , — Nicholas @ 11:01

James Miller on token attempts to roll back the security state by local governments and other groups:

New surveillance technology lowers the barrier of effort needed to soak the productive class of the surplus fruits of its labor. From monitoring backyards to ensure taxes are being paid on swimming pools to spying on farmers who violate agricultural regulations, states across the globe are already using new spy tools to extort more loot from the greater public.

All the while, the political class gives an assurance that the technological innovation will not be abused. Newspaper editors parrot the message and paint any critic as a tinfoil hat loon who thinks Big Brother sleeps under their bed. And then there are the television intellectuals who take great joy in making flippant remarks about conspiracy theorists. Each of these personalities pictures him or herself as sitting a few ladder rungs above the horde of bumbling mass-men.

One has to be either lying or painfully ignorant to believe government will not abuse surveillance drones. State officials have rarely failed to use their capacity to terrify the populace. Just recently, journalist Glenn Greenwald and the Guardian revealed that the National Security Agency sweeps up the internet activity of all U.S. residents absent any warrants. Prior to the leak, those politicians in charge of overseeing the government’s oversight activities claimed the snooping was done in the public good and not as widespread as suspected. The new details of the program contradict the assurance, as the NSA’s spy activity is more intrusive – and prone to abuse – than originally thought.

A sterling record of misconduct is still not enough to convince enlightened thinkers and academics of the state’s propensity to terrorize. There are still a handful of civil liberty organizations calling attention to the dangers of the widespread use of surveillance drones and data gathering. But their beef is focused more on the right to privacy rather than a usurpation of basic property rights.

July 31, 2013

The congressional defenders of privacy

Filed under: Government, Law, Liberty, USA — Tags: , , , , , — Nicholas @ 11:12

Jacob Sullum in Reason:

“This is not a game,” Mike Rogers angrily warned last week, urging his colleagues in the House to vote against an amendment that would have banned the mass collection of telephone records by the National Security Agency (NSA). “This is real. It will have real consequences.”

I hope Rogers is right. Despite the Michigan Republican’s best efforts to portray the amendment as a terrifying threat to national security, it failed by a surprisingly narrow margin that could signal the emergence of a bipartisan coalition willing to defend civil liberties against the compromises supported by leaders of both parties.

Rogers was not surprised by the recent revelation that the NSA routinely collects information about every phone call Americans make, just in case it may prove useful in the future. As chairman of the House Intelligence Committee, he knew about the program for years, and he had no problem with it.

Not so two other Michigan congressmen: Justin Amash, a 33-year-old libertarian Republican serving his second term, and John Conyers, an 84-year-old progressive Democrat first elected in 1965. These two legislators, conventionally viewed as occupying opposite ends of the political spectrum, were outraged by the NSA’s data dragnet, especially since representatives of the Bush and Obama administrations had repeatedly denied that any such program existed.

The measure that Amash and Conyers proposed as an amendment to a military spending bill would have required that records demanded under Section 215 of the PATRIOT Act, which authorizes secret court orders seeking “any tangible things” deemed “relevant” to a terrorism investigation, be connected to particular targets. Although it was a pretty mild reform, leaving in place the wide powers granted by Section 215 while repudiating the Obama administration’s even broader, heretofore secret interpretation of that provision, the amendment was viewed as a quixotic effort.

July 30, 2013

The real, long-term source of damage to American interests from the NSA revelations

Filed under: Business, Government, Technology, USA — Tags: , , , , , — Nicholas @ 10:10

In The Atlantic, James Fallows explains why the NSA’s digital overreach has likely harmed US long-term interests in many different ways:

In short: because of what the U.S. government assumed it could do with information it had the technological ability to intercept, American companies and American interests are sure to suffer in their efforts to shape and benefit from the Internet’s continued growth.

    American companies, because no foreigners will believe these firms can guarantee security from U.S. government surveillance;

    American interests, because the United States has gravely compromised its plausibility as world-wide administrator of the Internet’s standards and advocate for its open, above-politics goals.

Why were U.S. authorities in a position to get at so much of the world’s digital data in the first place? Because so many of the world’s customers have trusted* U.S.-based firms like Google, Yahoo, Apple, Amazon, Facebook, etc with their data; and because so many of the world’s nations have tolerated an info-infrastructure in which an outsized share of data flows at some point through U.S. systems. Those are the conditions of trust and toleration that likely will change.

The problem for the companies, it’s worth emphasizing, is not that they were so unduly eager to cooperate with U.S. government surveillance. Many seem to have done what they could to resist. The problem is what the U.S. government — first under Bush and Cheney, now under Obama and Biden — asked them to do. As long as they operate in U.S. territory and under U.S. laws, companies like Google or Facebook had no choice but to comply. But people around the world who have a choice about where to store their data, may understandably choose to avoid leaving it with companies subject to the way America now defines its security interests.

Update: Also in the aftermath of Edward Snowden’s revelations, you’d think that Senator Ron Wyden would get the credit he clearly has been deserving all this time:

For many, many years we’ve covered Senator Ron Wyden’s seemingly quixotic attempts to signal to the American public (and press) that the NSA was doing a hell of a lot more surveillance than most people believed, even those who were carefully reading the laws. Because secrecy rules meant that he couldn’t directly reveal what he’d learned while on the Senate Intelligence Committee, he had to issue vague statements, documents and speeches hinting at things that were going on that he couldn’t actually talk about. Of course, now that Ed Snowden leaked a bunch of documents, it’s shown that Wyden was absolutely correct in what was going on (and that the American public wouldn’t like it).

You’d think that would lead people to have a lot more respect for the incredible efforts he went through to alert people to these issues without breaking the secrecy laws. And, in fact, many more people are aware of those efforts. The Washington Post has a nice article about Wyden’s attempts to bring these issues out and to get a real debate going on them.

However, towards the end, the reporter talks to two different former top lawyers at the NSA, who both appear to be really, really angry about Wyden daring to suggest to the public that the NSA wasn’t playing straight with the American public. First up, we’ve got Stewart Baker, the former NSA General Counsel and top Homeland Security official, who is so anti-civil liberties and pro-surveillance that he’s almost a caricature of himself — including claiming that the Boston bombings prove that Americans need less privacy and that civil libertarians complaining about too much surveillance are the real cause for the September 11 attacks.

The return of “lawful access”

Filed under: Cancon, Law, Liberty, Media, Technology — Tags: , , , , — Nicholas @ 07:56

Michael Geist on the Canadian implications of some information that was published in a Buzzfeed article about a Utah ISP and the NSA’s installation of a “little black box” in their network:

The article describes how a Foreign Intelligence Service Act (FISA) warrant allowed the NSA to monitor the activities of an ISP subscriber by inserting surveillance equipment directly within the ISP’s network. The experience in Utah appears to have been replicated in many other Internet and technology companies, who face secret court orders to install equipment on their systems.

The U.S. experience should raise some alarm bells in Canada, since the now defeated lawful access bill envisioned similar legal powers. Section 14(4) of the bill provided:

    The Minister may provide the telecommunications service provider with any equipment or other thing that the Minister considers the service provider needs to comply with an order made under this section.

That provision would have given the government the power to decide what specific surveillance equipment must be installed on private ISP and telecom networks by allowing it to simply take over the ISP or telecom network and install its own equipment. This is no small thing: it literally means that law enforcement (including CSIS) would have had the power to ultimately determine not only surveillance capabilities but the surveillance equipment itself.

While Bill C-30 is now dead, the government may be ready resurrect elements of it. Earlier this month, a cyber-bullying report included recommendations that are lifted straight from the lawful access package.

July 29, 2013

Why Germany is the venue for the loudest denunciations of NSA surveillance

Filed under: Europe, Germany, Government, Media, USA — Tags: , , , — Nicholas @ 09:14

Alex Harrowell explains the deep suspicions among Germans which long predate the NSA surveillance revelations:

Obviously, privacy and data protection are especially sensitive in Germany. After the Stasi, the centrality of big databases to the West German state’s response to the left-wing terrorists of the 1970s, and the extensive Nazi use of telephone intercepts during the seizure of power, it couldn’t really be otherwise. Privacy and digital activism is older and better established in Germany than anywhere else — in the US, for example, I consider the founding text of the movement to be the FBI vs. Steve Jackson Games case from 1990 or thereabouts, while the key text in Germany is the court judgment on the national census from ten years earlier. But the UK has a (strong) data protection act and no-one seems anywhere near as exercised, although they probably should be.

So here’s an important German word, which we could well import into English: Deutungshoheit. This translates literally as “interpretative superiority” and is analogous to “air superiority”. Deutungshoheit is what politicians and their spin doctors attempt to win by putting forward their interpretations and framings of the semirandom events that constitute the “news”. In this case, the key event was Snowden’s disclosure of the BOUNDLESS INFORMANT slides, which show that the NSA’s Internet surveillance operations collect large amounts of information from sources in Germany.

The slides don’t say anything about how, whether this was information on German customers handed over by US cloud companies under PRISM orders, tapped from cables elsewhere, somehow collected inside Germany, or perhaps shared with the NSA by German intelligence. This last option is by far the most controversial and the most illegal in Germany. The battle for Deutungshoheit, therefore, consisted in denying any German involvement and projecting the German government, like the people in question, as passive victims of US intrusion.

On the other hand, Snowden’s support-network in the Berlin digital activist world, centred around Jacob “ioerror” Applebaum, strove to imply that in fact German agencies had been active participants, and Snowden’s own choice of further disclosures seems to have been guided by an intent to influence German politicians. Der Spiegel, rather than the Guardian, has been getting documents first and their content is mostly about Germany.

In this second phase, the German political elite has shifted its feet; rather than trying to deny any involvement whatsoever, they have instead tried to interpret the possibility of something really outrageous as being necessary for your security, and part of fundamental alliance commitments which cannot be questioned within the limits of respectable discourse. The ur-text here is Die Zeit‘s interview with Angela Merkel, in which Merkel argues that she knew nothing, further that there was a balance to strike between freedom and security, that although some kinds of spying were unacceptable, the alliance came first. The effectiveness of this, at least in the context of the interview, can be measured by astonishingly uncritical questions like the one in which she was asked “what additional efforts were necessary from the Germans to maintain their competitiveness”.

H/T to Tyler Cowen for the link.

It’s the same joke over and over again … but it’s funny because it’s true

Filed under: Government, Humour, Media, USA — Tags: , , , — Nicholas @ 07:54

H/T to Nick Gillespie for the link.

July 28, 2013

It’s not surprising that they can be bought – it is surprising for how little

Filed under: Politics, USA — Tags: , , — Nicholas @ 11:03

Cory Doctorow posted at BoingBoing:

A detailed analysis on Maplight of the voting in last week’s vote on de-funding NSA dragnet spying found that the Congresscritters who voted in favor of more NSA spying received more than double the defense industry campaign contributions of their anti-NSA-voting rivals. They were the winners in the industry’s $13M donation bonanza leading up to the 2012 elections.

The remarkable thing is how cheaply these empty suits sold out their vow to uphold the Constitution. On average, the pro-spying side got $41,635, while the anti- averaged $18,765 — a difference of $22,870.

Contributors and the NSA amendment

« Newer PostsOlder Posts »

Powered by WordPress