A snapshot of encryption settings across the internet's most popular sites shows a hard push for stronger encryption. The revelations brought on by Edward Snowden have provoked a response by companies to better protect customer data from advanced persistent threats like the US government.
Some notable improvements over the last couple of months:
Companies are moving to elliptic curves. These are generally believed to be strong, although there is some doubt that the NIST provided curves are tamper-free. Elliptic curve technology, implemented properly, is not only stronger than traditional RSA and Diffie-Hellman techniques, but it is faster as well.
TLS 1.2 adoption has rapidly sped up. The TLS 1.2 cipher suites have been available for a long time, but adoption has been slow due to a chicken and egg problem between browser makers and internet services. It was an infinite loop of "the servers don't support it" because "the browsers don't support it" because "the servers don't support it" repeated until security researchers were vomiting with rage.> read more
A US judge has ruled that the NSA's bulk metadata collection program is legal. The case, which was filed by the American Civil Liberties Union, accused the program of being unconstitutional on the grounds of the bulk collection of metadata being for people who are not suspected of any crime.
The government claims that because the metadata is not tied to any individual, the scope of the program is legal. This is hotly contested among the privacy community as it has been shown that linking metadata to an individual is trivial.
It has also been shown that the "it's just metadata" argument doesn't hold up well either. You can tell a great deal about a person from their calls, texts, and GPS location data.
Today the US Supreme Court rejected a case for the secret collection of millions of American's phone records.
The case, made by the Electronic Privacy Information Center, being thrown out leaves legislation as the only path to halting the dragnet spying program.
The core argument of the case was that reasonable suspicion is required by current law in order to demand the personal records of an American citizen, and that the FISA court does not have the authority to allow intelligence agencies to mass gather information on citizens that are not under any suspicion.
The Foreign Intelligence Surveillance Court has processed at least 34 section 1861 orders, which obligates a phone company to hand over all of its customer records including all call metadata to the agency that is making the request. This includes names, addresses, phone unique identifiers, calling card information, timestamps, IP addresses for VOIP telephony, and more.> read more
This week Microsoft, Google, and Facebook testified in the European Parliament about how involved American companies are in widespread spying, and some of the problems with transparency and accountability for those companies. You can watch the full video here. We have skipped the opening portion of the video because it is largely a discussion of the FREEDOM act and how it would impact European citizens, which is not the focus of this article.
Some of the more interesting parts of the discussion:
The opening: All of the representatives pat their own backs on how good they are at defending privacy.
C. Morales (to Microsoft) asks about encryption of communications that are moving between datacenters. He also asks about Microsoft developing "surveillance capability" to monitor chats, emails, and other communications as it pertains to the Prism documents that have been released. He then adds that he wants clarification about bulk data collection, and why Microsoft seems to always omit talking about that and only directs dialogue toward targeted requests involving law enforcement / government agencies.> read more
I found this image on Reddit today and it sums up the arguments pretty well. How far does your privacy have to be invaded before you are concerned? This silly extreme helps put the argument into perspective.
I believe the original source is 123rf.com.> read more
As Americans become more aware of the dragnet surveillance programs being used against everyday Americans, and world opinion on the size and scope of these programs sours, a large scale rally is being organized in Washington D.C. The "Stop Watching Us" movement is a rally to restore the privacy of the internet and to stop the direct intrusion of the government into our day-to-day lives.
This issue affects everyone equally. There are strong signs of support from Democrats, Republicans, and Independents alike to find out how the programs are set-up, how the data is used, if these systems are legal, and if our government should be spending billions upon billions of dollars on it. Questions have also been raised on whether the inevitable damage to American cloud services is worth the increased security of knowing what Sally in Michigan had to eat today.
Huge Increase in NSA FOIA(Freedom Of Information Act) Requests After Snowden Revelations
Ever since Edward Snowden first leaked details of the dragnet electronic spying programs run by the NSA, many of us are curious about what exactly the NSA knows about us. I'm one such person. I made a FOIA request for my own PRISM data, and published the NSA's reply here. I recently made another FOIA request. This time, my request was to find out how many requests, similar to my first request, had been filed. The numbers are smaller than I was hoping for, but it's still a 755% increase over the normal volume of NSA FOIA requests. Every one of the requests similar to mine received a similar reply; "We can't tell you if such records exist because its a State Secret." What a load of bullshit.
You can read the full reply to my latest FOIA request. I've transcribed it in full and put scanned images of it below.> read more
Jacob Appelbaum Speaks at Euro Parliament - Addresses issues of Privacy, Security, Encryption, Spying, and Govt Abuses of Journalists
You can watch his full speech here. It's about 25 minutes long.
Terrifying Quotes From This Speech:
"My family has been targeted. My partner woke up in the middle of the night with men with night vision goggles watching her sleep in her own home. These kinds of things are a part of press freedom in the United States now."
"Surveillance is not an end toward totalitarianism, it is totalitarianism itself. Limited in scope for the moment, but when the Golden Dawn [party] in Greece has access to these systems, with their racist ideology, what will happen?"> read more