In a remote teleconference by a high tech bot, Edward Snowden gave a talk in British Columbia about the issue of government surveillance.
He covers the huge issues surrounding the NSA/GCHQ scandal and how important the trajectory of surveillance is for weaponizing the internet.
He talks about the traditional dual mission of the NSA, and how the balance of attack and defense is significantly skewed toward attack. He also talks about the specifics of Prism and how Prism is about full content, not just metadata.
The full TED Talk can be viewed here: http://www.ted.com/talks/edward_snowden_here_s_how_we_take_back_the_internet> read more
Watchdog group Reporters Without Borders makes an annual report titled "Enemies of the Internet". In the report they name countries that utilize internet technologies to suppress, oppress, surveil, or manipulate their populations. This can include false information campaigns, censorship of the press, terminating internet and cellular connectivity to suppress uprising, and intimidating or imprisoning dissenters.
For the first time in their annual report, they name the United States and the United Kingdom as Enemies of the Internet. They cite the Snowden NSA revelations and the mountain of evidence that has surfaced from the documents as the primary reasoning.
Last week, Missouri passed HB1388 which bans law enforcement from tracking cellphone location data without warrant. It also explicitly bans location data being used a probable cause to issue a warrant. The bill passed with overwhelming support with a 134-13 vote.
It is a step in the right direction for privacy advocates, who are concerned that law enforcement agencies are increasingly deploying systems for tracking the location of ordinary citizens under no suspicion of crimes. Cellular location tracking is one of many technologies being used including license plate readers, wireless toll transmission data, social networking tracking, and more.
This law will also give leverage to people in Missouri who are concerned about the actions of the American agencies performing dragnet surveillance in the state.> read more
The scandals surrounding the American intelligence agencies seem to have no bounds. In a new article at the New York Times, the CIA has allegedly been caught hacking into computers of the investigative committee that is looking into their torture activities.
Careful not to disclose exactly what the CIA did, members of the committee call it "unprecedented action" taken by the CIA to compromise information related to the case. An educated guess would be that they destroyed information that they felt the committee should not have access to, but had in their possession.
It is alarming to think that the even the Senate Intelligence Committee is not immune to tampering by the intelligence agencies. It is becoming more and more clear that these entities answer to no one. Congress has made a formal complaint to the Inspector General who is now performing an internal investigation into the CIA's conduct on the matter.
In a stark change in the overall tone of his ideas, respected cybersecurity expert Bruce Schneier, in his blog, called for the breakup of the NSA and delegating their duties to other US intelligence agencies.
His argument, which i largely agree with, is that the NSA's dual-missions are directly adversarial with one another. The National Security Agency is supposed to both assist in creating and validating technologies that help keep the US and its allies safe from intrusion, and at the same time, develop an arsenal of its own intrusion efforts.
This dual mission is in conflict with itself because there is great incentive to weaken protection of data to increase the scope and power of tools to intrude into networks, servers, and devices.
A new animated video detailing the pitfalls and dangers of extreme government overreach has been made with the help of kickstarter funding. The video gives examples of why government surveillance limits the freedom of the world and can even endanger the lives of others. It is very well presented and thought-out.
> read more
Whistleblower Edward Snowden, exiled to Hong Kong and eventually coming under protection of the Russian government for exposing classified US government activities to the public, has had a new television interview with Germany's NDR TV.
I have been unable to locate an HTTPS link to the interview.
Interestingly enough, none of the major news sites are talking about the interview, and every time the interview is posted on the American version of YouTube, it is torn down within minutes.
Some of the more interesting points in the interview include:
He strongly implies that tapping Chancellor Merkel's phone was highly unlikely to be an isolated incident.
On January 17th Obama gave his official response to the NSA scandal that has pushed the privacy community to take further steps to protect their privacy and data, and created a "smog of mistrust" around American technology companies.
First we get a history lesson: He begins with four minutes on the history of surveillance against the enemies of the state. Interestingly none of those descriptions contain spying on ordinary Americans or their closest allies. It was always surveillance targeted with pinpoint accuracy at the enemies of the state, even after the initial creation of the NSA.
A snapshot of encryption settings across the internet's most popular sites shows a hard push for stronger encryption. The revelations brought on by Edward Snowden have provoked a response by companies to better protect customer data from advanced persistent threats like the US government.
Some notable improvements over the last couple of months:
Companies are moving to elliptic curves. These are generally believed to be strong, although there is some doubt that the NIST provided curves are tamper-free. Elliptic curve technology, implemented properly, is not only stronger than traditional RSA and Diffie-Hellman techniques, but it is faster as well.
TLS 1.2 adoption has rapidly sped up. The TLS 1.2 cipher suites have been available for a long time, but adoption has been slow due to a chicken and egg problem between browser makers and internet services. It was an infinite loop of "the servers don't support it" because "the browsers don't support it" because "the servers don't support it" repeated until security researchers were vomiting with rage.> read more