Boing Boing 

Majority of Americans think Snowden was right to leak


A forthcoming Yougov survey found that 55 percent of Americans believe Edward Snowden was right to leak the details of Prism (it's not clear whether they were surveyed on other leaks).

Read the rest

NSA can't find any emails from Snowden, then it can (convenient, no?)

Yesterday, the NSA released an email from Edward Snowden to his superiors asking about the legality of NSA spying, claiming it was the only evidence they had that he ever tried to go through channels before turning leaker; on its face, this is pretty damning. But there's one problem: six months ago, the NSA claimed that they had no emails of the sort from Snowden, and then this one happened to turn up just in time to counter Snowden's allegations on US TV that he'd tried to blow the whistle from inside. My guess? Someone as canny as Snowden kept copies of all the communiques he made and flags he raised, and will be shortly making the NSA look like pathetic liars (again).

Read the rest

Warrantless spying makes spying-with-a-warrant impossible

Tim Bray's taxonomy of privacy levels makes a compact and compelling argument that the existence of warrantless spying and security sabotage is what drives people to adopt cryptographic techniques that can't be broken even with a warrant.

Jonathan Lethem and Lars Eidinger's claustrophobic, Snowden-commemorating short film

Jonathan Lethem and Lars Eidinger star in Lars and Jonathan: A Berlin Friendship , a short, paranoid, quirky film made for Transmediale's Snowden-leak-commemorating Magical Secrecy Tour.

Watch the full-length NBC News interview with Edward Snowden

140528-snowden-interview-mn-1447_4c31342b0b39224722c815ad79f0ceea.nbcnews-fp-720-320

NBC News has released an online version of its featured interview with NSA whistleblower Edward Snowden, a first for US TV.

Read the rest

Mysterious announcement from Truecrypt declares the project insecure and dead

The abrupt announcement that the widely used, anonymously authored disk-encryption tool Truecrypt is insecure and will no longer be maintained shocked the crypto world–after all, this was the tool Edward Snowden himself lectured on at a Cryptoparty in Hawai’i. Cory Doctorow tries to make sense of it all.

Read the rest

NBC airs Edward Snowden's first US TV interview

140527-edward-snowden-jms-1846_6908feb78dc51d2345105e53cf6cb759.nbcnews-fp-1440-600

NBC released a preview clip from a widely-promoted Brian Williams interview with whistleblower Edward Snowden, which airs tonight, Wednesday May 28, at 10pm EDT. The hour-long interview is the former NSA contractor’s first US television interview since leaking NSA documents to reporters.

Read the rest

Greenwald's "No Place to Hide": a compelling, vital narrative about official criminality

Cory Doctorow reviews Glenn Greenwald’s long-awaited No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State. More than a summary of the Snowden leaks, it’s a compelling narrative that puts the most explosive revelations about official criminality into vital context.

Read the rest

Privacy vs network effects


Respected cryptographer and security researcher Ross Anderson has a fascinating new paper, Privacy versus government surveillance: where network effects meet public choice [PDF], which explores the "privacy economics" of mass surveillance, pointing out the largely overlooked impact of "network effects" on the reality of who spies, who is spied upon, and under what circumstances.

My first big point is that all the three factors which lead to monopoly – network effects, low marginal costs and technical lock-in – are present and growing in the national-intelligence nexus itself. The Snowden papers show that neutrals like Sweden and India are heavily involved in information sharing with the NSA, even though they have tried for years to pretend otherwise. A non-aligned country such as India used to be happy to buy warplanes from Russia; nowadays it still does, but it shares intelligence with the NSA rather then the FSB. If you have a choice of joining a big spy network like America's or a small one like Russia's then it's like choosing whether to write software for the PC or the Mac back in the 1990s. It may be partly an ideological choice, but the economics can often be stronger than the ideology.

Second, modern warfare, like the software industry, has seen the bulk of its costs turn from variable costs into fixed costs. In medieval times, warfare was almost entirely a matter of manpower, and society was organised appropriately; as well as rent or produce, tenants owed their feudal lord forty days’ service in peacetime, and sixty days during a war. Barons held their land from the king in return for an oath of fealty, and a duty to provide a certain size of force on demand; priests and scholars paid a tax in lieu of service, so that a mercenary could be hired in their place. But advancing technology brought steady industrialisation. When the UK and the USA attacked Germany in 1944, we did not send millions of men to Europe, as in the first world war, but a combat force of a couple of hundred thousand troops – though with thousands of tanks and backed by larger numbers of men in support roles in tens of thousands of aircraft and ships. Nowadays the transition from labour to capital has gone still further: to kill a foreign leader, we could get a drone fire a missile that costs $30,000. But that's backed by colossal investment – the firms whose data are tapped by PRISM have a combined market capitalisation of over $1 trillion.

Third is the technical lock-in, which operates at a number of levels. First, there are lock-in effects in the underlying industries, where (for example) Cisco dominates the router market: those countries that have tried to build US-free information infrastructures (China) or even just government information infrastructures (Russia, Germany) find it’s expensive. China went to the trouble of sponsoring an indigenous vendor, Huawei, but it’s unclear how much separation that buys them because of the common code shared by router vendors: a vulnerability discovered in one firm’s products may affect another. Thus the UK government lets BT buy Huawei routers for all but its network’s most sensitive parts (the backbone and the lawful-intercept functions). Second, technical lock-in affects the equipment used by the intelligence agencies themselves, and is in fact promoted by the agencies via ETSI standards for functions such as lawful intercept.

Just as these three factors led to the IBM network dominating the mainframe age, the Intel/Microsoft network dominating the PC age, and Facebook dominating the social networking scene, so they push strongly towards global surveillance becoming a single connected ecosystem.

Privacy versus government surveillance: where network effects meet public choice (via Schneier)

(Image: Friendwheel, Steve Jurvetson, CC-BY)

The Internet With a Human Face: Maciej Cegłowski on the things we need to fix


Maciej Cegłowski's latest talk, The Internet With A Human Face, is a perfect companion to both his Our Comrade the Electron and Peter Watts's Scorched Earth Society: A Suicide Bomber's Guide to Online Privacy: a narrative that explains how the Internet of liberation became the Internet of inhuman and total surveillance. Increasingly, I'm heartened by the people who understand that the right debate to have is "How do we make the Internet a better place for human habitation?" and not "Is the Internet good or bad for us?" I'm also heartened to see the growth of the view that aggregated personal data is a kind of immortal toxic waste and that the best way to prevent spills is to not collect it in the first place.

Read the rest

Greenwald to release list of Americans under illegal NSA surveillance

Glenn Greenwald has pre-announced his next Snowden-doc publication: a list of US citizens the NSA has subjected to illegal surveillance. I keep hearing that there's a huge bang at the end of the Snowden files, and there certainly seems to be a sense of controlled heightening drama in the disclosures. I assume that if Greenwald has pre-announced this publication that it's bound to have some bombshells lurking in it.

US gov may block Chinese nationals from Defcon hacker event

A map of China is seen through a magnifying glass on a computer screen showing binary digits in Singapore in this January 2, 2014 photo illustration. Picture taken January 2, 2014. REUTERS/Edgar Su

The US government may use visa restrictions to ban hackers from China from participating in the 2014 Defcon hacker conference in Las Vegas. The move is part of a larger effort by the US to combat Chinese internet espionage.

Read the rest

Wikileaks says NSA recording all calls in Afghanistan

Glenn Greenwald. [Reuters]


Glenn Greenwald, of The Intercept. [Reuters]

The National Security Agency records the entire content of every phone call in Afghanistan, claims WikiLeaks.

Read the rest

Must-see: Michael Geist on the state of surveillance in Canada

Here's a riveting talk by Michael Geist on the state of Canadian surveillance. Geist broke the story that Canadian telcos hand over personal information to government agencies every 27 seconds, without a warrant. Canada is one of the "Five Eyes" countries that participated in the NSA's surveillance build-out, and the Canadian government is once again considering a massive expansion of warrantless surveillance powers for police, government agencies, and even private companies working for the government.

Visualizing inspiring quotes about privacy


Kevin writes, "With the Privacy is a right project I try to visualize the global privacy debate by using quotes on the subject and turn them into large (in real life) visuals. I started out with key figures in this debate (such as Edward Snowden, Kirsty Hughes and even Cory Doctorow) but now everyone can react and share their view on the subject by submitting a quote on the site. Any inspiring quote will then be turned into art by me. Some of the visuals will be part of my graduation exposition (25th - 29th of June) for the Willem de Kooning Rotterdam University of Applied Sciences in Rotterdam, the Netherlands."

Read the rest

House leaders gut NSA-curbing USA FREEDOM Act


The Snowden revelations kickstarted a national dialog on surveillance and a Congressional promise to rein in mass spying through a bill called the USA FREEDOM Act. But as the Electronic Frontier Foundation reports, the cowardly leaders of the House have capitulated to Big Spook, gutting the bill so thoroughly that it might actually make things worse.

Read the rest

Surveillance state: the NSA doesn't stand alone


The NSA is supposed to be America's offshore spy agency, forbidden from spying on Americans. But as an important article by the Electronic Frontier Foundation's Nadia Kayyali points out, the FBI, DEA and other US agencies have closely integrated the NSA into their own efforts, using the NSA's mass surveillance to gather intelligence on Americans -- as Glenn Greenwald's No Place to Hide discloses, the NSA isn't a stand-alone agency, it is part of an overarching surveillance state.

Read the rest

Schneier: NSA's offense leaves Americans undefended

Writing in the Atlantic, Bruce Schneier explains the NSA's insane program of creating, discovering and hoarding vulnerabilities in computer systems in order to weaponize them. These vulnerabilities allow the NSA to attack its enemies (everyone), but let other states, hackers, and crooks attack Americans. The NSA claims it is "securing" cyberspace, but its dominant tactic requires that everyone be made less secure so that the NSA can attack them if they feel the need.

Read the rest

Kafka, meet Orwell: Lavabit's founder explains why he shut down his company

Writing in the Guardian, Lavabit founder Ladar Levison recounts the events that led to his decision to shutter his company in August 2013. Lavabit provided secure, private email for over 400,000 people, including Edward Snowden, and the legal process by which the FBI sought to spy on its users is a terrifying mix of Orwell -- wanting to snoop on all 400,000 -- and Kafka -- not allowing Levison legal representation and prohibiting him from discussing the issue with anyone who might help him navigate the appropriate law.

Levison discloses more than I've yet seen about the nature of the feds' demands, but more important are the disclosures about the legal shenanigans he was subjected to. In fact, his description of the legal process is a kind of bas relief of the kind of legal services that those of us fighting the excesses of the global war on terror might need: a list of attorneys who are qualified to represent future Lavabits, warrant canaries for the services we rely upon; and, of course, substantive reform to the judicial processes laid out in the Patriot Act.

Read the rest

The lie about Edward Snowden that just won't die

Edward Snowden

We’ve fact-checked statements in the media about Edward Snowden and the NSA before, but by far the biggest falsehood being spread by government advocates is the alleged fact that he took 1.7 million documents from the NSA.

All the parties involved—Snowden, the journalists, and even the government—either deny it or have said they have no reason to believe it is true, yet it has become the go-to number when discussing Snowden's case. It's time news organizations start issuing corrections.

Glenn Greenwald wrote about this last week, showing that news outlets have taken the statement by an NSA official on 60 Minutes that Snowden—at one point or another in his career—“accessed” or “touched” millions of documents and warped it into a claim that he’d stolen that many:

Ever since then, that Snowden “stole” 1.7 or 1.8 million documents from the NSA has been repeated over and over again by US media outlets as verified fact. The Washington Post‘s Walter Pincus, citing an anonymous official source, purported to tell readers that “among the roughly 1.7 million documents he walked away with — the vast majority of which have not been made public — are highly sensitive, specific intelligence reports”. Reuters frequently includes in its reports the unchallenged assertion that “Snowden was believed to have taken 1.7 million computerized documents.” Just this week, the global news agency told its readers that “Snowden was believed to have taken 1.7 million computerized documents.”

As Greenwald pointed out, in an interview given to the Australian Financial Review, former NSA chief Keith Alexander was asked point blank if the NSA can really say how many documents Snowden took. Here's what he said:

Well, I don’t think anybody really knows what he actually took with him, because the way he did it, we don’t have an accurate way of counting. What we do have an accurate way of counting is what he touched, what he may have downloaded, and that was more than a million documents.

Read that again. They do not know how many documents he took. But this actually isn’t anything new, we’ve known this for months. After the New York Times reported Snowden “accessed” 1.7 million files in February, they also wrote, albeit a dozen paragraphs later, that DIA head General Michael Flynn admitted in Congressional testimony they still had “a great deal of uncertainty about what Mr. Snowden possessed. ‘Everything that he touched, we assume that he took,’ said General Flynn.” In other words, they have no idea.

Despite these known facts, even this week, the Wall Street Journal has published an incredibly irresponsible piece by Edward Jay Epstein, who based an entire op-ed around the false 1.7 million statement as a way to claim that Snowden is working for a foreign goverment. And look what happens when you Google the phrase “Snowden 1.7 million”: He either “took,” “has,” or “stole” nearly 2 million documents is all over the entire front page.

So to sum up, Edward Snowden has said the number is made up, the journalists involved deny they have 1.7 million documents, and the government has stated multiple times they do not know how many documents he took. Literally no party in the NSA story believes the 1.7 million number is true, yet most media organizations claim it’s a fact.

We look forward to Reuters, the Wall Street Journal, and others who have been peddling this fictitious number issuing corrections.

Photo of NSA technicians sabotaging Cisco router prior to export


One of the Snowden documents published by Glenn Greenwald with the release of his new book is a photo showing an actual NSA Tailored Access Operations team sabotaging a Cisco router before it is exported, a practice reported earlier this week in a story Greenwald wrote for the Guardian.

The great irony is that this kind of sabotage is exactly the sort of thing that the USA has repeatedly accuse Chinese authorities of doing to Huawei routers, something for which we have no evidence. Unlike the photographic evidence we have here of the NSA doing this to a Cisco router.

Read the rest

Movie plot threat semifinalists announced

Bruce Schneier has announced the semifinalists in his seventh annual Movie-Plot Threat Contest, wherein contestants dream up implausible reasons to justify extreme surveillance and other lawless policing techniques like torture and indefinite detention. My favorite: Homeopathic Factoring, "The NSA, through the White House's Office of Faith Based and Community Initiatives formed a partnership with Zicam Digital to explore and exploit homeopathic techniques for advanced cryptanalysis."

Read the rest

IETF declares war on surveillance


The Internet Engineering Task Force has published RFC 7258, which is a bombshell whose title is: "Pervasive Monitoring Is an Attack." It represents the outcome of a long argument about whether the Internet's technical architecture should take active countermeasures to fight mass surveillance, which Tim Bray summarizes. I especially like his rejoinder to people who argue against this because there are places where it's legitimate to monitor communications, like prisons: "We don't want an In­ter­net optimized for prisons."

Read the rest

Glenn Greenwald's new book tells the inside story of working with Snowden


Writing in Wired, Kim Zetter reviews Glenn Greenwald's much-anticipated memoir, No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State , which tells the inside story of his involvement with Edward Snowden and the most significant story about technology, networks and surveillance in human history. Zetter makes the book sound like a cross between a spy thriller and 1984, and Snowden himself apparently comes out sounding like a pretty amazing and clever person, which jibes with existing accounts of his character. I've just bought a copy to start reading at lunch -- I'm setting aside Piketty for now.

Read the rest

Clapper's ban on talking about leaks makes life difficult for crypto profs with cleared students

When James Clapper banned intelligence agency employees from discussing or acknowledging the existence of leaked docs (including the Snowden docs), he made life very hard for university professors like Matt Blaze, a security expert whose classes often have students with security clearance.

My own books -- which deal with leaks like these -- are taught at West Point at a course whose instructors include a member of US Cyber Command. I imagine a rule like this would make future inclusion on the curriculum difficult, if not impossible.

NSA sabotaged exported US-made routers with backdoors

The NSA systematically sabotaged US-made network routers as they were exported, equipping them with secret backdoors, according to Edward Snowden leaks newly released by Glenn Greenward in the Guardian. The devices were tampered with prior to leaving the USA and resealed with factory seals. Ironically, this is exactly what grandstanding US politicians have been accusing the Chinese government and Huawei of doing for years. Takes one to know one? Or just honi soit qui mal y pense?

Read the rest

Against the instrumental argument for surveillance

In my latest Guardian column, 'Cybersecurity' begins with integrity, not surveillance, I try to make sense of the argument against surveillance. Is mass surveillance bad because it doesn't catch "bad guys" or because it is immoral? There's a parallel to torture -- even if you can find places where torture would work to get you some useful information, it would still be immoral. Likewise, I've come to realize that the "it doesn't work" argument isn't one that I want to support anymore, because even if mass surveillance did work, it would still be bad.

One thing that parenting has taught me is that surveillance and experimentation are hard to reconcile. My daughter is learning, and learning often consists of making mistakes constructively. There are times when she is working right at the limits of her abilities – drawing or dancing or writing or singing or building – and she catches me watching her and gets this look of mingled embarrassment and exasperation, and then she changes back to some task where she has more mastery. No one – not even a small child – likes to look foolish in front of other people.

Putting whole populations – the whole human species – under continuous, total surveillance is a profoundly immoral act, no matter whether it works or not. There no longer is a meaningful distinction between the digital world and the physical world. Your public transit rides, your love notes, your working notes and your letters home from your journeys are now part of the global mesh of electronic communications. The inability to live and love, to experiment and err, without oversight, is wrong because it's wrong, not because it doesn't catch bad guys.

Everyone from Orwell to Trotsky recognised that control over information means control over society. On the eve of the November Revolution, Trotsky ordered the Red Guard to seize control over the post and telegraph offices. I mentioned this to Jacob Appelbaum, who also works on many spy-resistant information security tools, like Tor (The Onion Router, a privacy and anonymity tool for browsing the web), and he said, "A revolutionary act today is making sure that no one can ever seize control over the network."

'Cybersecurity' begins with integrity, not surveillance

Stross on NSA network sabotage

"The same security holes that the NSA relied on to gain access to your (or Osama bin Laden's) email allowed gangsters to steal passwords and login credentials and credit card numbers. And ultimately these same baked-in security holes allowed Edward Snowden to rampage through their systems. The moral of the story is clear: be cautious about poisoning the banquet you serve your guests, lest you end up accidentally ingesting it."

Eric Schmidt, war crimes apologist and colossal hypocrite

Just a reminder that Google CEO Eric Schmidt is a colossal hypocrite and an apologist for war crimes:

Read the rest

Glenn Greenwald and Michael Hayden debate surveillance

Every year, Canada's Munk debates feature high-level, high-profile debates on burning policy issues. This year, they debated surveillance, and the participants were Glenn Greendwald and Reddit co-founder Alexis Ohanian on the anti-surveillance side and former NSA and CIA chief Michael Hayden and Harvard law professor Alan Dershowitz on the pro-surveillance side. Although the debating partners do a lot in this, the real freight is carried by Hayden and Greenwald, both of whom are more fact-intensive than the others.

I have a bias here, but I think that Greenwald wiped up the floor with Hayden (the post-debate polls from the room support this view). It was particularly useful to have Hayden being grilled by a well-informed opponent who was allowed to go after the easy dismissals and glib deflections. Normally, he gets to deliver some well-polished talking points and walk away -- this was something I hadn't seen before.

This is just about the best video you're going to watch on the surveillance debate. It kicks off around the 30m mark.

Watch Live: Glenn Greenwald Debates Former NSA Director Michael Hayden