The NSA Response -- Companies Crank Up Their Encryption

A snapshot of encryption settings across the internet's most popular sites shows a hard push for stronger encryption. The revelations brought on by Edward Snowden have provoked a response by companies to better protect customer data from advanced persistent threats like the US government.

Some notable improvements over the last couple of months:

Companies are moving to elliptic curves. These are generally believed to be strong, although there is some doubt that the NIST provided curves are tamper-free. Elliptic curve technology, implemented properly, is not only stronger than traditional RSA and Diffie-Hellman techniques, but it is faster as well.

TLS 1.2 adoption has rapidly sped up. The TLS 1.2 cipher suites have been available for a long time, but adoption has been slow due to a chicken and egg problem between browser makers and internet services. It was an infinite loop of "the servers don't support it" because "the browsers don't support it" because "the servers don't support it" repeated until security researchers were vomiting with rage.

> read more

US Judge Rules that NSA Phone Tapping is Legal

A US judge has ruled that the NSA's bulk metadata collection program is legal. The case, which was filed by the American Civil Liberties Union, accused the program of being unconstitutional on the grounds of the bulk collection of metadata being for people who are not suspected of any crime.

The government claims that because the metadata is not tied to any individual, the scope of the program is legal. This is hotly contested among the privacy community as it has been shown that linking metadata to an individual is trivial.

It has also been shown that the "it's just metadata" argument doesn't hold up well either. You can tell a great deal about a person from their calls, texts, and GPS location data.

> read more

The NSA is Coming to Town!

The ACLU has put together a nice ad talking about the NSA snooping on your holiday activities, and put it to an old holiday jingle.

View it here:

> read more

US Supreme Court Rejects Phone Metadata Spying Case

Today the US Supreme Court rejected a case for the secret collection of millions of American's phone records.

The case, made by the Electronic Privacy Information Center, being thrown out leaves legislation as the only path to halting the dragnet spying program.

The core argument of the case was that reasonable suspicion is required by current law in order to demand the personal records of an American citizen, and that the FISA court does not have the authority to allow intelligence agencies to mass gather information on citizens that are not under any suspicion.

The Foreign Intelligence Surveillance Court has processed at least 34 section 1861 orders, which obligates a phone company to hand over all of its customer records including all call metadata to the agency that is making the request. This includes names, addresses, phone unique identifiers, calling card information, timestamps, IP addresses for VOIP telephony, and more.

> read more

Microsoft Google and Facebook Testify In The EU About Spying And Privacy

This week Microsoft, Google, and Facebook testified in the European Parliament about how involved American companies are in widespread spying, and some of the problems with transparency and accountability for those companies. You can watch the full video here. We have skipped the opening portion of the video because it is largely a discussion of the FREEDOM act and how it would impact European citizens, which is not the focus of this article.

Some of the more interesting parts of the discussion:

The opening: All of the representatives pat their own backs on how good they are at defending privacy.


C. Morales (to Microsoft) asks about encryption of communications that are moving between datacenters. He also asks about Microsoft developing "surveillance capability" to monitor chats, emails, and other communications as it pertains to the Prism documents that have been released. He then adds that he wants clarification about bulk data collection, and why Microsoft seems to always omit talking about that and only directs dialogue toward targeted requests involving law enforcement / government agencies.

> read more

The Privacy Argument Taken To Extremes

I found this image on Reddit today and it sums up the arguments pretty well. How far does your privacy have to be invaded before you are concerned? This silly extreme helps put the argument into perspective.

I believe the original source is

> read more

The Guardian, the primary source of the documents leaked by NSA whistleblower Edward Snowden, has put together an excellent page devoted to the story. They talk about the size and scope of the domestic and foreign spying. They have excellent infographics to help visualize the complicated topics at hand. The format of the page, with interview clips throughout the discussions presented in each section, are exemplary. I highly recommend giving the page a look for anyone that would like to know more about the discussion about domestic and foreign spying.

I'd comment further, but the page speaks for itself.
> read more

The Stop Watching Us Rally in Washington D.C. is Gaining Steam!

As Americans become more aware of the dragnet surveillance programs being used against everyday Americans, and world opinion on the size and scope of these programs sours, a large scale rally is being organized in Washington D.C. The "Stop Watching Us" movement is a rally to restore the privacy of the internet and to stop the direct intrusion of the government into our day-to-day lives.

This issue affects everyone equally. There are strong signs of support from Democrats, Republicans, and Independents alike to find out how the programs are set-up, how the data is used, if these systems are legal, and if our government should be spending billions upon billions of dollars on it. Questions have also been raised on whether the inevitable damage to American cloud services is worth the increased security of knowing what Sally in Michigan had to eat today.

> read more

The People Want To Know What The NSA Knows About Them

Huge Increase in NSA FOIA(Freedom Of Information Act) Requests After Snowden Revelations

Ever since Edward Snowden first leaked details of the dragnet electronic spying programs run by the NSA, many of us are curious about what exactly the NSA knows about us.  I'm one such person.  I made a FOIA request for my own PRISM data, and published the NSA's reply here.  I recently made another FOIA request.  This time, my request was to find out how many requests, similar to my first request, had been filed.  The numbers are smaller than I was hoping for, but it's still a 755% increase over the normal volume of NSA FOIA requests.  Every one of the requests similar to mine received a similar reply; "We can't tell you if such records exist because its a State Secret."  What a load of bullshit.

You can read the full reply to my latest FOIA request.  I've transcribed it in full and put scanned images of it below.

> read more

Jacob Appelbaum Speaks at Euro Parliament - Addresses issues of Privacy, Security, Encryption, Spying, and Govt Abuses of Journalists

You can watch his full speech here.  It's about 25 minutes long.

Terrifying Quotes From This Speech:

"My family has been targeted.  My partner woke up in the middle of the night with men with night vision goggles watching her sleep in her own home.  These kinds of things are a part of press freedom in the United States now."

"Surveillance is not an end toward totalitarianism, it is totalitarianism itself.  Limited in scope for the moment, but when the Golden Dawn [party] in Greece has access to these systems, with their racist ideology, what will happen?"

> read more