Last month, Barton Gellman and I opened for Edward Snowden's first-ever public appearance, at the SXSW conference in Austin. The kind folks at SXSW have put the video online (the Snowden video itself was already up). I think we did a good job of framing the big questions raised by the Snowden leaks.
During video testimony to the Council of Europe, whistleblower Edward Snowden reiterated that the NSA targets human rights groups
, including those in the USA, for surveillance. It uses its Xkeyscore technology to "fingerprint" communications from these groups and targets them for deep surveillance. Groups that have been targeted in this way include UNICEF and many others.
Yahoo has taken some serious steps towards protecting user-privacy
, writes the Electronic Frontier Foundation's Seth Schoen. After revelations that the NSA and GCHQ had hacked its services, intercepted private video-chats
, and harvesting mass data from its fiber optic links
, the company has added forward secrecy and STARTTLS to its roster of default-on security measures. Of the two, forward secrecy is the most interesting, as it protects the privacy of old intercepted Yahoo data even if the company loses control of its keys. Bravo, Yahoo!
David Graeber, author of Debt: the First 5000 Years, was evicted from the home that his family had lived in for 52 years yesterday. He says that the NYPD intelligence department played a role in establishing a "technicality" on which his family could be evicted, despite not having missed a single payment in 52 years. He blames the eviction on retaliation against high-profile Occupy Wall Street activists, whom he says have been targeted in a wide-ranging series of administrative attacks: "evictions, visa problems, tax audits..."
Abi Sutherland has a great post on this on Making Light:
Read the rest
Mark from Screen Novelties sends us "This little animation we did for Google regarding user privacy. We happened to direct this at the same time the whole Snowden/NSA stuff went down last year. Google finally decided to release this to the public a few days ago. Just wanted to share. It's done in stop motion to give the feeling of the old school board games."
Way of a Warrant
Newly disclosed documents from the trove Edward Snowden provided to journalists reveal the existence of the "Nymrod" database that listed 122 world leaders, many from nations friendly to the USA, that were spied upon by the NSA. Included in the list is German Chancellor Angela Merkel, who was already known to have been wiretapped by the NSA thanks to an earlier disclosure. Nymrod's "Target Knowledge Database" combed through the NSA's pool of global intercepts to amass dossiers of private communications -- emails, faxes, calls and Internet traffic -- related to the leaders.
Additionally, the UK spy agency GCHQ infiltrated and compromised two German satellite communications companies -- Stellar and Cetel -- and IABG, a company that supplied them with equipment. It wiretapped their senior executives as well. None of these companies are accused of having done anything amiss, but were targeted by British spies because their services carried Internet traffic and were a convenient "access chokepoint" from which to conduct mass-surveillance programs.
Read the rest
Scott sez, "Privacy and security has been a huge problem since the Snowden revelations, and midwest SF/open source software convention Penguicon [ed: near Detroit!] wants to be part of the solution. With Guest of Honor Eva Galperin from the Electronic Frontier Foundation and Cory Doctorow returning as Guest Emeritus, much of their tech track is focused on finding answers to the recent privacy problems highlighted by Snowden. Pre-registration tickets are available until April 1st. Programming was just announced."
The Obama administration will unveil a plan to sunset the bulk collection of US telephone data by American spies. Instead, it will plunder data that the carriers are required to retain for 18 months (America's spies currently warehouse phone data for five years) on the strength of warrants issued by its secret, rubberstamp Foreign Intelligence "court." This won't take place for at least 90 days, and for those 90 days, the administration expects the "court" to renew the spies' power to harvest bulk phone data as it has until now (despite that fact that Obama's appointed independent commission concluded that this program is illegal). Spies will only be able to explore phone data within two "hops" of their persons of interest, rather than the "three hop" rule they claim they've followed until now. Civil liberties groups are very slightly cheered by all this news.
Read the rest
A new Snowden leak details an NSA operation called SHOTGIANT through which the US spies infiltrated Chinese electronics giant Huawei -- ironically, because Huawei is a company often accused of being a front for the Chinese Peoples' Liberation Army and an arm of the Chinese intelligence apparatus. The NSA completely took over Huawei's internal network, gaining access to the company's phone and computer networks and setting itself up to conduct "cyberwar" attacks on Huawei's systems.
The program apparently reached no conclusion about whether Huawei was involved in espionage. However, the NSA did identify many espionage opportunities in compromising Huawei, including surveillance of an undersea fiber optic cable that Huawei is involved with.
Read the rest
In MetaPhone: The Sensitivity of Telephone Metadata
a pair of Stanford researchers recruited test-subjects who were willing to install spyware on their phones that logged the same "metadata" that the NSA harvests -- and that the NSA and President Obama claims is not sensitive or privacy-invading. The researchers applied basic analytics to the data and uncovered -- surprise! -- incredibly compromising information about the personal lives, health, and finances of their subjects, just by looking at metadata. What's more, harvesting the subjects' metadata also revealed sensitive information about the subjects' contacts' lives. (via Techdirt
This is well-said
, from Will Potter on Mashable: "[NSA Deputy Director Richard] Ledgett said he didn't know what NSA surveillance was important, because it's all pieces of a bigger puzzle. The reality is that the NSA isn't working with a mosaic or a puzzle. What the NSA is really advocating is the collection of millions of pieces from different, undefined puzzles in the hopes that sometime, someday, the government will be working on a puzzle and one of those pieces will fit."
Pat sez, "Alaska Robotics News is a political satire series covering the Alaska legislative session. We've had good luck at engaging law makers and have had several notable guests on the show. U.S. Senator Mark Begich recently joined us to talk about NSA dragnet surveillance and precognitive policing.
We have a small group of writers contributing the the show and enjoy a lot of support from our community. This segment was a good opportunity to get outside our local issues and poke at the boiling frog of government surveillance."
Read the rest
A new Snowden leak reveals that all the voice calls in an unnamed country are recorded and saved for 30 days on a rolling basis, with millions of voice "cuts" (clippings) harvested from the corpus for long-term storage by the system. The system, called MYSTIC, has been running since 2009, and its search tool, RETRO, has been fully operational against a whole country's phone calls since 2011.
President Obama has stated that " the United States is not spying on ordinary people who don't threaten our national security" -- this is a hard statement to square with the idea of recording all the voice calls made in an entire country.
The Washington Post article detailing the programs states at least five more countries are now covered by MYSTIC, with a sixth coming online.
Read the rest
Here's a reading (MP3) of my latest Guardian column, If GCHQ wants to improve national security it must fix our technology where I try to convey the insanity of spy agencies that weaken Internet security in order to make it easier for them to spy on people, by comparing this to germ warfare.
Read the rest
The NYPD runs an intelligence agency that is even more secretive, and practically as corrupt as the NSA. They even fly their own intelligence officers to the scene of terrorist attacks overseas (and interfere with real investigations). What's more, the NYPD has invented its own, extra-legal system of "classified" documents that it has unilaterally decided it doesn't have to provide to the public in response to Freedom of Information Act (FOIA) requests.
Shawn Musgrave used Muckrock sent the NYPD a FOIA request for its FOIA manual -- the guidelines by which it decides whether or not it will obey the law requiring it to share its internal workings with the public who pay for them -- only to have the NYPD refuse to provide it, because it is "privileged attorney-client work-product."
As Musgrave says, "Handbooks and training materials hardly qualify as 'confidential communications,' particularly when the subject matter is transparency itself."
Read the rest