People should not fear their governments; governments should fear their people.
Already on probation, Symantec issues more illegit HTTPS certificates [Ars Technica]
As someone who worked for Symantec for sixteen years, I am completely unsurprised by this. Symantec liked to boast of being a security company, but that’s never been anything but an advertising slogan. They’ve never really made any serious effort to be remotely secure.
Developer Of Anonymous Tor Software Dodges FBI, Leaves US. An anonymous reader quotes a report from CNN: FBI agents are currently trying to subpoena one of Tor’s core software developers to testify in a criminal hacking investigation, CNNMoney has learned. But the developer, who goes by the name Isis Agora Lovecruft, fears that federal agents will coerce her to undermine the Tor system — and expose Tor users around the world to potential spying. That’s why, when FBI agents approached her and her family over Thanksgiving break last year, she immediately packed her suitcase and left the United States for Germany. “I was worried they’d ask me to do something that hurts innocent people — and prevent me from telling people it’s happening,” she said in an exclusive interview with CNNMoney. Earlier in the month, Tech Dirt reported the Department of Homeland Security wants to subpoena the site over the identity of a hyperbolic commenter. [Slashdot]
It’s depressing that I can now say that I’m old enough to remember when people defected to the US.
Senate Votes to Maintain the National Security Surveillance State. Last night the U.S. Senate could not muster the 60 votes that would have allowed debate and a vote on the USA FREEDOM Act to proceed. For most privacy and liberty advocates, the USA FREEDOM Act was a first step toward reining in the National Security Agency’s (NSA) pervasive spying on innocent American citizens. [Hit & Run]
I’m a bit puzzled as to why people think this would have made a difference. Congress already voted against the NSA’s mass surveillance back in 2003 when it was called Total Information Awareness. Are we supposed to believe that if this act had passed, the NSA would suddenly say, “Well, gosh, this time they really meant it, I guess we’d better stop?”
The only way to stop the NSA is to destroy the NSA.
It’s Even Worse: Operation Choke Point Threatens Both Guns and Common Decency. Yes, the federal government, it appears, wants to put pressure on corporations to force gun-related businesses out of U.S. banking and payment systems. That means no bank accounts. It may mean no business loans. No ability to process credit and debit card payments. Severely reduced ability to order parts or inventory, rent or buy shop space or manufacturing space, pay bills, pay employees, or execute the thousand other things businesses must do everyday to continue running. In short, the federal government is targeting entire industries for destruction.
Operation Choke Point aims to put a choke hold around the necks of perfectly innocent businesses, business owners, employees — and customers. [Jews For the Preservation of Firearms Ownership]
Recently there have been a couple of stories about promising pro-liberty technologies: DarkMarket, for enabling free market transactions, and Dark Wallet, for preserving financial privacy.
Swartz-Designed Whistleblower Tool “SecureDrop” Launched. An anonymous reader writes in with news about a new tool for whistleblowers/ “The ‘strongest-ever’ whistleblowing tool for sources to speak anonymously with journalists, partly developed by the late Reddit co-founder Aaron Swartz, has been launched by the Freedom of The Press Foundation. Before his suicide in January 2013, Swartz had been working on a tool for sources to anonymously submit documents to journalists online, without using traceable email and in a way that could be easily catalogued by news organisations. Called SecureDrop, the tool can be installed on any news organisation’s website as a ‘Contact Us’ form page. But where these pages usually require a name and email address, the encrypted SecureDrop system is completely anonymous, assigning the whistleblower two unique identifiers – one seen by the journalist, and one seen by the whistleblower. These identities stay the same, so a conversation can be had without names being shared or known.” [Search Slashdot]
I had no idea that Aaron Swartz had been working on such a tool until this story came out. It certainly explains why the Evil Empire was so determined to hound him to death.
NSA taps Skype chats, newly published Snowden leaks confirm.
Skype audio and video chats, widely regarded as resistant to interception thanks to encryption, can be wiretapped by American intelligence agencies, according to a new report in The Guardian. The report appears to contradict claims by Microsoft that they have not provided the contents of Skype communications to the government.
In a story published Thursday, based on documents leaked by former National Security Agency contractor Edward Snowden, The Guardian offers some detail about extensive cooperation between the FBI, the National Security Agency, and Microsoft to enable government access to user communications via the intelligence tool known as PRISM. That cooperation included, according to the leaked NSA documents, enabling access to Outlook.com e-mails and chats, the SkyDrive cloud storage service, and Skype audio and video calls.
The Guardian hasn’t published the documents on which this story is based, but has instead quoted from them.
This is completely unsurprising. I’ve been warning about Skype’s insecurity since 2005.
NSA’s Surveillance Operations the Envy of Former Stasi Commander. In East Germany, the Ministry
for State Security (known as the Stasi) became one of the most
aggressive domestic surveillance agencies in world history, acting
as “the shield and the sword” of the ruling Communist regime.
Despite (or because of) its history, many former members and
informants would prefer to
defend the organization and their roles in it to coming to
terms with its horrific nature. On the twentieth anniversary of the
fall of the Berlin Wall (in 2009), East Germany’s last leader told
former East German border guards he regretted failing to save the
country. But now, some former members of the Stasi can look
to America for inspiration that the spirit of their work is moving
forward. From a
McClatchy newspapers interview with Wolfgang Schmidt, a former
Stassi department head:
Peering out over the city [Berlin] that lived in fear
when the communist party ruled it, he pondered the magnitude of
domestic spying in the United States under the Obama
administration. A smile spread across his face.“You know, for us, this would have been a dream come true,” he
said, recalling the days when he was a lieutenant colonel in the
defunct communist country’s secret police, the Stasi.In those days, his department was limited to tapping 40 phones at a
time, he recalled. Decide to spy on a new victim and an old one had
to be dropped, because of a lack of equipment. He finds
breathtaking the idea that the U.S. government receives daily
reports on the cellphone usage of millions of Americans and can
monitor the Internet traffic of millions more.“So much information, on so many people,” he said.
But even Schmidt sees the design flaw in the NSA’s plan:
“It is the height of naivete to think that once
collected this information won’t be used,” he said. “This is the
nature of secret government organizations. The only way to protect
the people’s privacy is not to allow the government to collect
their information in the first place.”
James Clapper might respond that
the NSA isn’t “collecting” that information because the
director of national intelligence doesn’t consider the gathered
data “collected” until it’s officially used, a semantic maneuver
any neo-Orwellian would consider doubleplusgood.
“This is how a society destroys itself,” one German activist who
was targeted by the Stasi told McClatchy, referring to the NSA’s
surveillance operations as “bullshit.” [Reason]
The IRS vs. Open Source. simonstl writes “The IRS wasn’t after just the Tea Party, Progressives, or Medical Marijuana: Open Source Software was a regular on IRS watch lists from 2010 to 2012. Did they think it was a for-profit scam, or did they just not understand the approach? [Slashdot]
I’m guessing it’s option c: there’s no way to hide backdoors for the NSA in open-source software.
Good thing the USA won the Cold War, otherwise we might be living in a world of mass surveillance and persecution of dissidents.
Teju Cole