Little Brother-themed team scavenger hunt coming to San Francisco!

My novel Little Brother is the "One City One Book" pick for the San Francisco Public Library this year; and in its honor, they've put together an amazing city-wide scavenger hunt called "Rogue Agent." It features fiendish puzzles and awesome clues, and kicks off on September 14. It's a team-sport, so start thinking about your teammates now; I'll be at the SFPL at the end of September to read from the book and talk about it.

Read the rest

Pirate Cinema wins the Prometheus Award

I could not be happier to announce that my novel Pirate Cinema has won the Libertarian Science Fiction Society's Prometheus Award, along with Neal Stephenson's Cryptonomicon. I won the Prometheus in 2008 for my novel Little Brother, and it's among my proudest honors. My sincere thanks to the judges and the members of the society for this honor. Cory 2

EFF's guide to Comic-Con

Headed to San Diego? The EFF Guide to San Diego Comic-Con is a thorough guide to where to go to hear about comics and free expression, meet friends of the EFF, learn about surveillance and privacy, and find like-minded civil liberties comic geeks. Cory 1

Glenn Greenwald's keynote at Freedom to Connect 2013

Joly sez, "On March 4-5 2013 the Internet Society's North America Bureau webcast the Freedom to Connect 2013 conference in Washington DC. One keynote speaker was Glenn Greenwald, who has recently come to international attention as the journalist who broke the NSA surveillance story. In his hour long speech, he talks about Aaron Swartz, the imbalance of justice, the growth of the surveillance state, the nature of power in the digital age, and its implications for Internet freedom. There are a couple of small glitches in the recording, for which we apologize."

VIDEO: Glenn Greenwald keynote at Freedom to Connect 2013 #f2c #netfreedom #prism (Thanks, Joly!)

Where to get an EFF laptop sticker like Edward Snowden's

Hugh from the Electronic Frontier Foundation sez, "Edward Snowden's computer sported stickers for EFF and Tor. You can buy the EFF sticker here."

Last chance for an ORGCon2013 ticket!


Ruth from the Open Rights Group writes,

There are still some tickets left for ORGCon2013! Don't miss out on a rare opportunity to hear John Perry Barlow speak in London, this Saturday June 8th! John Perry Barlow, co-founder of Electronic Frontier Foundation, will be headlining ORGCon2013 along with writer of The Master Switch, Tim Wu.

Debate the big issues hitting the headlines, including the cry for a Snoopers' Charter revival following the Woolwich attack, and the calls for new Internet filters in the light of April Jones' murder. As politicians use the latest tragic news stories as an excuse to regulate the Internet, now is the time to get involved with digital rights!

The final programme has the perfect mix of panel debates, workshops, rapid fire talks and guest lectures! You can look forward to sessions on the Digital Arms Trade, freedom of speech, child protection on the internet, online censorship, copyright, creative citizenship...

Plus, hear from an impressive line-up of speakers including David Allen Green of #twitterjoketrial, Jeni Tennison, Policy Head at the Open Data Institute, Richard Allan Policy Director at Facebook, Diane Duane, Star Trek and Young Wizards writer, and many more! Individual tickets are priced at £28, £16 for ORG supporters and just £6 for students. FREE tickets if you join ORG today!

Open Rights Group - Join us at ORGCon2013! (Thanks, Ruth!)

(Disclosure: I co-founded the Open Rights Group and am pleased to serve as a volunteer advisor to it)

Why lie?

Here's an excerpt from Judge Alex Kozinski's opinion in US v Xavier Alvarez (PDF), in which the judge describes some of the reasons that people lie:

Saints may always tell the truth, but for mortals living means lying. We lie to protect our privacy ("No, I don't live around here"); to avoid hurt feelings ("Friday is my study night"); to make others feel better ("Gee you've gotten skinny"); to avoid recriminations ("I only lost $10 at poker"); to prevent grief ("The doc says you're getting better"); to maintain domestic tranquility ("She’s just a friend"); to avoid social stigma ("I just haven't met the right woman"); for career advancement ("I'm sooo lucky to have a smart boss like you"); to avoid being lonely ("I love opera"); to eliminate a rival ("He has a boyfriend"); to achieve an objective ("But I love you so much"); to defeat an objective ("I'm allergic to latex"); to make an exit ("It's not you, it's me"); to delay the inevitable ("The check is in the mail"); to communicate displeasure ("There's nothing wrong"); to get someone off your back ("I'll call you about lunch"); to escape a nudnik ("My mother's on the other line"); to namedrop ("We go way back"); to set up a surprise party ("I need help moving the piano"); to buy time ("I'm on my way"); to keep up appearances ("We're not talking divorce"); to avoid taking out the trash ("My back hurts"); to duck an obligation ("I've got a headache"); to maintain a public image ("I go to church every Sunday"); to make a point ("Ich bin ein Berliner"); to save face ("I had too much to drink"); to humor ("Correct as usual, King Friday"); to avoid embarrassment ("That wasn't me"); to curry favor ("I've read all your books"); to get a clerkship ("You're the greatest living jurist"); to save a dollar ("I gave at the office"); or to maintain innocence ("There are eight tiny reindeer on the rooftop")….

An important aspect of personal autonomy is the right to shape one’s public and private persona by choosing when to tell the truth about oneself, when to conceal, and when to deceive. Of course, lies are often disbelieved or discovered, and that, too, is part of the push and pull of social intercourse. But it’s critical to leave such interactions in private hands, so that we can make choices about who we are. How can you develop a reputation as a straight shooter if lying is not an option?

Why We Lie

Girl who was arrested for making a tin-foil volcano tells her story


On May 1, Kiera Wilmot, a Florida high school student, was arrested for mixing toilet bowl cleaner with tin foil, causing a small, harmless explosion. Though she had a spotless school record, she was expelled and charged with a felony as an adult -- a harsh penalty widely ascribed to institutional racism (Wilmot is black). On May 16, thanks to Wilmot's bravery, a crowdfunded project by former NASA engineer Homer Hickam, and the ACLU, the charges against Wilmot were dropped and Wilmot and her twin sister were awarded a full bursary to the Advanced Space Academy program at the U.S. Space Camp in Huntsville, Ala..

Now, Wilmot has written a must-read editorial for the ACLU on her experience with zero-tolerance, detailing the awful treatment she received and the thoughtless way in which the gears of the a discipline-obsessed educational system grind up its own students:

The principal and dean of discipline came over and asked me to tell them what happened. I was kind of scared, but I thought they'd understand it was an accident. Before that, I've never gotten in trouble this year other than a dress code violation because my skirt was two inches too short. I told him it was my science experiment. In my third period class I was called up to discipline. I wrote a statement to the dean of discipline explaining what had happened. Afterward I was told to sit on the resource officer's office. They told me I made a bomb on school property, and police possibly have the right to arrest me. I didn't know what they classified as a bomb. I was worried I accidently made a bomb. I was really hurt and scared. I was crying.

They didn't read me any rights. They arrested me after sitting in the office for a couple minutes. They handcuffed me. It cut my wrist, and really hurt sitting on my hands behind my back.

They took me to a juvenile assessment center. I was sitting in this room with no clock so it felt like years of me sitting there. When my mom came, she didn't say anything. She just had this really disappointed look, and told me I lost privileges. But she's really been supportive of me. I don't know what would have happened if I didn't have my mom. I would have dug a hole and sat there for the rest of my life.

I don't think police should have been involved because I'm a good student for one. And two, it was a big deal, but it wasn't like people were hurt and the school was in shatters. I maybe should have gotten 10 days suspension or a work detail where on Saturday you wake up early and pick up trash around the school.

An Unexpected Reaction: Why a Science Experiment Gone Bad Doesn't Make Me a Criminal (via The Mary Sue)

MEP explains the security problem with militarizing the Internet

The Dutch MEP Marietje Schaake has a fantastic, must-read essay on the problem with "cyber-war." She lays out the case for securing the Internet (and the world of people and systems that rely on it) through fixing vulnerabilities and making computers and networks as secure and robust as possible, rather than relying on weaknesses in security as vectors for attacking adversaries.

Mass surveillance, mass censorship, tracking and tracing systems, as well as hacking tools and vulnerabilities can be used to harm people as well as our own security in Europe. Though overregulation of the internet should never be a goal in and of itself, regulation of this dark sector is much needed to align our values and interests in a digital and hyper-connected world. There are many European examples. FinFisher software, made by UK’s Gamma Group was used in Egypt while the EU condemned human rights violations by the Mubarak regime. Its spread to 25 countries is a reminder that proliferation of digital arms is inevitable.

Vupen is perhaps best labelled as an anti-security company in France that sells software vulnerabilities to governments, police forces and others who want to use them to build (malicious) software that allows infiltrating in people’s or government’s computers.

It is unclear which governments are operating on this unregulated market, but it is clear that the risk of creating a Pandora’s box is huge if nothing is done to regulate this trade by adopting reporting obligations. US government has stated that American made, lawful intercept technologies, have come back as a boomerang when they were used against US interests by actors in third countries. Other companies, such as Area Spa from Italy designed a monitoring centre, and had people on the ground in Syria helping the Assad government succeed in anti-democratic or even criminal behaviour by helping the crackdown against peaceful dissidents and demonstrators.

It's just not good policy to make the people who are supposed to be securing our computers dependent on insecurity in computers to achieve that end.

In defense of digital freedom (via Techdirt)

Perils of smart cities

Here'a an excellent piece on the promise and peril of "smart cities," which could be part of a system to make cities fairer and more transparent, or could form the basis for an authoritarian lockdown. As Adam Greenfield says, "[the centralized model of the smart city is] disturbingly consonant with the exercise of authoritarianism." The author mentions Greenfield's upcoming book "The City is Here for You to Use" (a very promising-looking read) as well as Smart Cities: Big Data, Civic Hackers, and the Quest for a New Utopia, which is out in the fall.

These critics are advocating not that cities shun technology, but that they foster a more open debate about how best to adopt it—and a public airing of the questions cities need to ask. One question is how deeply cities rely on private companies to set up and maintain the systems they run on. Smart-city projects rely on sophisticated infrastructure that municipal governments aren’t capable of creating themselves, Townsend points out, arguing that the more they rely on software, the more cities are increasingly shunting important civic functions and information into private hands. In recent talks and in his upcoming book, “Smart Cities: Big Data, Civic Hackers, and the Quest for a New Utopia,” Townsend portrays companies as rushing to become the indispensable middlemen without which the city cannot function.

Cities can easily lose leverage to private companies their citizens rely on, as the persistent battles of political leaders against telecom companies over price increases show. And private-sector software can operate behind a veil: Townsend says that while cities have made lots of data freely available online, there’s less concern about opening up the proprietary tools used to analyze that data—software that might help a city official decide who is eligible for services, or which neighborhoods are crime hotspots. “It’s the algorithms in government that need to be brought out to the light of day, not the data,” he says. “What I worry about are the de facto laws that are being coded in software without public scrutiny.”

Another concern is what will be done to protect the huge amount of data cities can gather about their citizens. The wealth of video at the Boston Marathon bombings, though it came from private cameras, showed how useful surveillance footage can be—and also how pervasive. Cameras, sensors, and tracking technologies like the Mass Pike’s EZPass can reveal a great deal about your life: where you live and travel, what you buy, even what time you take a shower. Smart grid utility-metering systems, for instance, collect and transmit detailed energy consumption information, which help consumers understand and curb their energy use but can also reveal their habits. As such, they have come under fire for threatening privacy and civil liberties, and several states have adopted legislation governing what kind of data can be shared with third parties and how customers can opt out. In Massachusetts, automated license plate recognition technology used by police cruisers has raised concerns about authorities tracking the whereabouts of citizens. The American Civil Liberties Union of Massachusetts has been pushing for a License Plate Privacy Act that would limit law enforcement’s ability to retain and use the information.

The too-smart city [Courtney Humphries/Boston Globe]

(via Beyond the Beyond)

Computer scientists to FBI: don't require all our devices to have backdoors for spies

In an urgent, important blog post, computer scientist and security expert Ed Felten lays out the case against rules requiring manufacturers to put wiretapping backdoors in their communications tools. Since the early 1990s, manufacturers of telephone switching equipment have had to follow a US law called CALEA that says that phone switches have to have a deliberate back-door that cops can use to secretly listen in on phone calls without having to physically attach anything to them. This has already been a huge security problem -- through much of the 1990s, AT&T's CALEA controls went through a Solaris machine that was thoroughly compromised by hackers, meaning that criminals could listen in on any call; during the 2005/6 Olympic bid, spies used the CALEA backdoors on the Greek phone company's switches to listen in on the highest levels of government.

But now, thanks to the widespread adoption of cryptographically secured messaging services, law enforcement is finding that its CALEA backdoors are of declining utility -- it doesn't matter if you can intercept someone else's phone calls or network traffic if the data you're captured is unbreakably scrambled. In response, the FBI has floated the idea of "CALEA II": a mandate to put wiretapping capabilities in computers, phones, and software.

As Felten points out, this is a terrible idea. If your phone is designed to secretly record you or stream video, location data, and messages to an adverse party, and to stop you from discovering that it's doing this, it puts you at huge risk when that facility is hijacked by criminals. It doesn't matter if you trust the government not to abuse this power (though, for the record, I don't -- especially since anything mandated by the US government would also be present in devices used in China, Belarus and Iran) -- deliberately weakening device security makes you vulnerable to everyone, including the worst criminals:

Our report argues that mandating a virtual wiretap port in endpoint systems is harmful. The port makes it easier for attackers to capture the very same data that law enforcement wants. Intruders want to capture everything that happens on a compromised computer. They will be happy to see a built-in tool for capturing and extracting large amounts of audio, video, and text traffic. Better yet (for the intruder), the capability will be stealthy by design, making it difficult for the user to tell that anything is amiss.

Beyond this, the mandate would make it harder for users to understand, monitor, and fix their own systems—which is bad for security. If a system’s design is too simple or its operation too transparent or too easy to monitor, then wiretaps will be evident. So a wiretappability mandate will push providers toward complex, obfuscated designs that are harder to secure and raise the total cost of building and operating the system.

Finally, our report argues that it will not be possible to block non-compliant implementations. Many of today’s communication tools are open source, and there is no way to hide a capability within an open source code base, nor to prevent people from simply removing or disabling an undesired feature. Even closed source systems are routinely modified by users—as with jailbreaking of phones—and users will find ways to disable features they don’t want. Criminals will want to disable these features. Ordinary users will also want to disable them, to mitigate their security risks.

Felten's remarks summarize a report [PDF] signed by 20 distinguished computer scientists criticizing the FBI's proposal. It's an important read -- maybe the most important thing you'll read all month. If you can't trust your devices, you face enormous danger.

CALEA II: Risks of wiretap modifications to endpoints

TSA hearing for "Naked American Hero" John Brennan

NewImageRemember our happy mutant comrade John Brennan, who removed his clothes at the Portland Airport during a TSA screening? He was acquitted of a ridiculous indecent exposure charge, and now he is appealing an equally stupid fine from the Transportation Security Administration for “interfering with the screening process.” This might sound silly, but it's serious business. As Brennan points out in his press release below, "This is the first time the TSA has followed through on assessing civil penalties for 'interference with screening" purely for nonviolent, non-obstructive protected expressive conduct.'"

I'm grateful to Brennan for being a civil liberties champion.

Read the rest

Short UK documentary about woman threatened with terrorism charges for videorecording cops while they stop-and-searched her boyfriend on the tube

Gemma sez, "You wrote a blog post about how I was assaulted by the police after filming my boyfriend being searched, back in 2009. The publicity we got from your post and the other press we got (Guardian and BBC) helped make thousands more people aware of this issue which led to the Metropolitan police eventually having to change their guidelines on photographing and filming the police. It was always my aim to get section 58a of the terrorism act clearer to all citizens in the UK and this hasn't changed. Today I'm releasing the animated short film about the case - It deals with broad issues of police accountability and citizen''s rights as well as the specifics of my case. We also hope it entertains you on its way."

Act of Terror

Obama's regressive record makes Nixon look like Che

Redditor Federal Reservations has made a handy post enumerating all the regressive, authoritarian, corporatist policies enacted by the Obama administration in its one-and-a-bit terms. You know, for someone the right wing press likes to call a socialist, Obama sure makes Richard Nixon look like Che Guevara. And what's more, this is only a partial list, and excludes the parade of copyright horrors and bad Internet policy emanating from the White House, via Joe Biden's push for Six Strikes, the US Trade Rep's push for secret Internet censorship and surveillance treaties like TPP and ACTA and TAFTA; the DoJ's push to criminalize every Internet user by expanding the CFAA, and much, much more.

Obama extends Patriot Act without reform - [1]
http://articles.nydailynews.com/2011-05-27/news/29610822_1_terrorist-groups-law-enforcement-secret-intelligence-surveillance

Signs NDAA 2011 (and 2012, and 2013) - [2]
http://www.forbes.com/sites/erikkain/2012/01/02/president-obama-signed-the-national-defense-authorization-act-now-what/

Appeals the Federal Court decision that “indefinite detention” is unconstitutional - [3]
http://www.activistpost.com/2013/02/ndaa-hedges-v-obama-did-bill-of-rights.html

Double-taps a 16-year-old American-born US citizen living in Yemen, weeks after the boy's father was killed. Administration's rationale? He "should have [had] a far more responsible father" - [4]
http://www.washingtonpost.com/world/national-security/anwar-al-awlakis-family-speaks-out-against-his-sons-deaths/2011/10/17/gIQA8kFssL_story.html

Continues to approve drone strikes that kill thousands of innocent civilians including women and children in Pakistan, Yemen, and other countries that do not want the US intervening; meanwhile, according to the Brookings Institute's Daniel Byman, we are killing 10 civilians for every one mid- to high- level Al Qaeda/Taliban operative. This is particularly disturbing, since now any military-aged male in a strike zone is now officially considered an enemy combatant - [5]
http://www.telegraph.co.uk/news/worldnews/asia/pakistan/7361630/One-in-three-killed-by-US-drones-in-Pakistan-is-a-civilian-report-claims.html

Protects Bush’s war crimes as State Secrets - [6] [7] [8]
http://www.salon.com/2010/09/08/obama_138/
https://www.eff.org/deeplinks/2009/04/obama-doj-worse-than-bush
http://washingtonindependent.com/33985/in-torture-cases-obama-toes-bush-line

Waives sections of a law meant to prevent the recruitment of child soldiers in Africa in order to deepen military relationship with countries that have poor human rights records -[9]
http://thecable.foreignpolicy.com/posts/2010/10/26/why_is_obama_easing_restrictions_on_child_soldiers

Read the rest

Today, we save the Internet (again): fix the CFAA!

Read this if you want to stay out of jail.

When my friend Aaron Swartz committed suicide in January, he’d been the subject of a DoJ press-release stating that the Federal prosecutors who had indicted him were planning on imprisoning him for 25 years for violating the terms of service of a site that hosted academic journals.

Read the rest