State of the arms race between repressive governments and anti-censorship/surveillance Tor technology (and why American companies are on the repressive governments' side)

Discuss

22 Responses to “State of the arms race between repressive governments and anti-censorship/surveillance Tor technology (and why American companies are on the repressive governments' side)”

  1. Stefan Jones says:

    Bruce Sterling’s “Three Abhorrent Characters” speech, given maybe 18 years ago, predicted this phenomena. Worth looking up.

  2. grimatongueworm says:

    Sadly, these are the kind of guys that the NDAA retention provisions are being written for.

    • ioerror says:

      I’m certainly aware of that – should we stop our work? I don’t think so. We must not turn a blind eye to these crimes against humanity nor to the machines that enable those very crimes.

  3. noen says:

    “Western governments’ insistence on “lawful interception” back-doors in network equipment means that all the off-the-shelf network gear is readymade for spying”

    That may be but policing and enforcement are proper functions of the government. A state’s ability to intercept unlawful activity is not the problem. It not being accountable to and fairly representative of the people is. What places like China, Iran and Syria need is more democracy. States have the duty and right to enforce the law and to do that they need to be able to monitor illegal activity.

    It’s not the routers in China and Iran that need to be changed, it’s their governments.

    • xzzy says:

      The routers need changed too, because the temptation to use those backdoors will always be there and it’s not really democracy if the people have to live with the assumption the government is spying on them.

      Claiming it’s necessary to catch bad guys is not justification enough, because innocent people have rights that need to be respected.

      • noen says:

        “routers need changed too, because the temptation to use those backdoors will always be there”

        The government *should* be able to regulate illegal activity. The alternative is anarchy (no government) which, contrary to it’s advocates, is undesirable. I think it is a false choice to say that I have to choose between no government at all and repressive ones.

        The argument that governments should not have the ability to monitor and intercept illegal activity because innocent people’s rights must be respected is false because they are not mutually exclusive. Law enforcement in democratic states can do both and they have a history of respecting individual rights while simultaneously going after law breakers. That totalitarian states choose not to is not an argument against the tools they use, it’s an argument against those governments.

        • “More democracy” isn’t the answer; look how well that’s worked out for the USA.  Law enforcement in democratic states also has a history of breaking individual rights and pursuing innocent people in the name of witch hunts.

          I think the answer you’re actually looking for is “more transparency and accountability”, which makes for better leaders no matter which political philosophy they adhere to.

          The mere presence of known back-doors into network equipment (and OSes) is a temptation that the sort of people who abuse their power cannot resist.  Does this mean that those doors shouldn’t exist?  Maybe.  Maybe not.  If they’re going to exist, however, they need to be locked and only able to be opened by the manufacturer, and even then only after a formal request is made by the LEO/government of the land.

          • noen says:

            “”More democracy” isn’t the answer” — I’m pretty sure it is and the problems we have in the US are attributable to us having *less* democracy by virtue of wealthy individuals and powerful corporations distorting democracy to their benefit.

            That’s what the Occupy movement (and even the Tea Party somewhat) is all about; demanding more democracy and denying the special privileges that wealth and power have accumulated for themselves.

            “Law enforcement in democratic states also has a history of breaking individual rights” — Those are isolated incidents that are not typical of the whole. On the whole and in the long run free democratic states respect individual rights far more than authoritarian states. If they fail to there is a means of removing the administration where in non-democratic states there is no such mechanism.

            “I think the answer you’re actually looking for is “more transparency and accountability”” —- Well yes, being held accountable is what defines a democracy. Accountability is not separate from democracy. It is what it *is*.

            “The mere presence of known back-doors into network equipment (and OSes)
            is a temptation that the sort of people who abuse their power cannot
            resist.”  –  But the solution to those who abuse their power is not to remove the means or tools at their disposal. It’s to remove them by giving the people the power to hold their representatives to account.

            We don’t eliminate prisons because despotic regimes abuse them by jailing their political enemies. We remove the regime, keep the jails and use the power to imprison people justly and fairly and through due process.

        • xzzy says:

          You’re not wrong, but I have serious problems with any government being able to snoop on a citizen with a button press. Without a system of oversight or full disclosure, the government should not have the privilege to access whatever they want, whenever they want. 

          Mandating mechanisms to enable surveillance under the premise of eliminating crime (or the current catchphrase, national security) isn’t good enough on its own. There has to be a way for the people to monitor the monitors, and there isn’t a single government on the planet enabling it.

          • noen says:

            “the government should not have the privilege to access whatever they want, whenever they want.”

            They don’t. In the US there is a special court the government must go through before it can spy on a citizen. I think the gov. should have the ability to do that if they have reason to suspect that person is involved in illegal activity.

            National security is not a catch phrase. It is a real daily concern. Nine men brought down the World Trade Center murdering 3,000 people and costing us trillions. One disgruntled scientist released weapons grade anthrax, murdered several people, caused millions in damage and terrorized an entire nation.

            The conspiracy theories are false. The reality is there are many people who seek every day to cause untold damage to the US and to other nations. Al-Qaeda really would like to release anthrax, or a dirty nuke, or a real nuke or any of a number of other threats. Oklahoma was not a government false flag. 911 was not an inside job. They were real events by organizations outside of the US gov who succeeded in causing real harm. There are others who would like to do the same or more. We need to balance security and privacy and if you don’t like how it’s being done you should vote accordingly. But the solution is not to remove the very tools needed to make us secure. The solution is more better government.

          • Dennis Nilsson says:

            The governments is using the same network surveillance enabled technology, as we citizens are using, to monitor us.

            So we could monitor the monitors.

          • Dennis Nilsson says:

            Noen, the special courts in U.S is gone. NSA and the others don’ t ask for permission.

            And the perfect human doesn’ t exist. Power is always corrupting our mindset. Thats the reason we have laws.

          • EH says:

            Noen, look up NSLs.

    • EH says:

      Is it a citizen’s duty to be accountable to an unaccountable government?

      • noen says:

        Not sure I see what you’re getting at. If your state is unaccountable to you then yes, it’s your duty to replace it. Ask the people of Egypt or Libya. ALL governments exist with the consent of the governed. (but people will put up with a lot)

        If your democratically elected government is doing things you don’t like then vote accordingly. If you feel that’s not enough then you should convince enough of your fellow voters to make changes you like.

        Your choices are: leave, agitate for change, vote, or rebel. You cannot chose to opt out because by doing so you give the status quo legitimacy.

  4. scolbath says:

    Fortunately, that system of disclosure and laws is (one of the many) things that distinguishes the US from China/Syria/the rest.

    One thing I was struck by is that we Appelbaum’s comparison to regulations in arms trafficking.  We already have a procedure in place to regulate this kind of behavior;  how is it that surveillance equipment does not fall into this bucket?  I would suggest that the first stop NOT be the manufacturers as he suggests, but the State department.

  5. Alvin Baldwin says:

    For people interested in more Applebaum, I recently had the pleasure of attending a speech by him on a very similar vain. More on how the US government is implementing censorship, and the history of information control. 
    http://ssu.echo360.com/ess/echo/presentation/ce210adf-a6e4-474e-bd62-3bffd51c5bdc/media.m4v

  6. Finnagain says:

    reply function seems to be pooched.

    From noen: We need to balance security and privacy and if you don’t like how it’s being done you should vote accordingly.

    Right. And which major party is it that respects our rights to privacy? Neither, that’s the one.

  7. @bvonahsen:disqus 

    “They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.” Benjamin Franklin.

    • Jonathan Lynch says:

      The idea that we need these protections for our safety is a misinformed one. How many terrorists has the TSA caught? Yes, sometimes bad people want to hurt you, but that doesn’t mean you should be paranoid.

  8. hugh crawford says:

    The trouble is that if the putative good guys have access to a back door, then everybody has access to the back door.

    Merely because something is incredibly difficult and only one in a billion people could figure it out, as soon as one of those six people lets someone know how to do it , then everybody can do it.When I worked at cisco , you could find a lot of what should have been secret stuff just by looking up interesting words in the bug database.Who the good guys are is outside the scope of this argument.

    • ioerror says:

      That is exactly the point missed by many people who believe that law and policy somehow relates to actual ability, control or even discovery of past activity. Take a look at the Greek Vodafone case as a good example of something we will see more and more of – when we’re lucky enough to have it come to light:  https://en.wikipedia.org/wiki/Greek_wiretapping_case_2004%E2%80%932005

      Policy and law outline what kind of world we’d like to have and how we’ll try to steer the ship. Code is law – it defines where the ship can go – if the code is there, we’re at best reacting to some power mad fools crashing the ship, at worst, we never find out the full scope – as we know from the EFF/NSA cases: https://www.eff.org/issues/nsa-spying

      In an ideal world, we’d see that the law and policy would provide a balance. However, it simply isn’t possible when machines replace humans. We do not know how to secure machines and I assure you, the police/telecom CALEA/wiretapping machines are not the cutting edge example of a secure machine design.

      The trade-offs are simple not worth it and the feedback loop isn’t available to the public. This kind of secrecy ends very badly, especially for those targeted by the machine itself.

      No conspiracy theory, just history repeating – read Stasiland for a view into the kind of world we’re building in the name of “national security” and other related topics:
      https://en.wikipedia.org/wiki/Stasiland

Leave a Reply