Submit a link Features Reviews Podcasts Video Forums More ▾

Big Data Kafka: US Government Watchlists and the secrecy whose justification is a secret


In the ACLU's new paper U.S. Government Watchlisting: Unfair Process and Devastating Consequences [PDF], the group describes strange world of terrorist watchlists, including no-fly lists, where it's nearly impossible to discover if you're on a list, and nearly impossible to find out why you're on a list, and nearly impossible to get removed from a list. As the ACLU points out, this is Orwell by way of Kafka, where we're not allowed to know what surveillance is taking place or why surveillance is taking place -- and we're not allowed to know why we're not allowed to know.

The ACLU says that the national terrorism watchlist has 1.1 million names on it, and an AP report from 2012 found 21,000 people on the no-fly list. Recently, Rahinah Ibrahim became the first person to be officially, publicly removed from a no-fly list, after the government was forced to admit that she'd been placed there due to a bureaucratic error. All through the Ibrahim case, the government argued that disclosing any facts about her no-fly status would endanger national security, but ultimately it was obvious that the only potential risk was that the government's sloppiness would be disclosed. The state was willing to spend millions of dollars and ruin an innocent person's life rather than admitting that an FBI agent literally ticked the wrong box.

In the 13 years since 9/11, one person has managed to successfully challenge the system of secret and unaccountable watchlists. It's clear that she wasn't the only person who deserved to be removed, though. This is Big Data Kafka: the algorithm says you're guilty, and you're not allowed to see the data or the algorithm because it was not designed to work if the people who it judged knew about its parameters.

Read the rest

Ethiopia: the first "off-the-shelf" surveillance state


"They Know Everything We Do", a new, exhaustive report from Human Rights Watch, details the way the young state of modern Ethiopia has become a kind of pilot program for the abuse of "off-the-shelf" surveillance, availing itself of commercial products from the US, the UK, France, Italy and China in order to establish an abusive surveillance regime that violates human rights and suppresses legitimate political opposition under the guise of a anti-terrorism law that's so broadly interpreted as to be meaningless.

The Electronic Frontier Foundation is representing a victim of Ethiopian state surveillance: Mr. Kidane had his computer hacked by Ethiopian spies while he was in the USA, and they planted spyware that gave them access to his Skype and Google traffic.

Read the rest

UK tax authority used anti-terror law to spy on whistleblower who disclosed sweetheart deal for Goldman Sachs


The UK tax authority HMRC abused the country's controversial anti-terrorism law to spy on a whistleblower and journalists at the Guardian after it was embarrassed by the revelation that it had given a sweetheart deal to Goldman Sachs. Osita Mba revealed a government oversight body that HMRC forgave GBP10M in interest owed by Goldman Sachs after a failed tax-evasion scheme, and in the ensuing public furore, HMRC's top executives invoked RIPA, the country's anti-terror law, to spy on its employees and on Guardian journalists in order to discover the identity of the leaker. Under RIPA, HMRC is able to spy on the nation's emails, Internet traffic, text messages, phone records and other sensitive data.

Lin Homer, the head of HMRC has appeared before a Parliamentary committee to explain its use of anti-terror spying powers to uncover the identity of a whistleblower whose personal information is protected by legislation, and was unrepentant, and would not rule out doing it again in the future.

Margaret Hodge, the committee chair, expressed shock at this. But it was under her party's last government, the Blair regime, that RIPA was put into place, over howls of protest from campaigners who predicted that it would be used in just this way.

Read the rest

Obama administration will make tiny, nearly meaningless changes to illegal bulk phone spying


The Obama administration will unveil a plan to sunset the bulk collection of US telephone data by American spies. Instead, it will plunder data that the carriers are required to retain for 18 months (America's spies currently warehouse phone data for five years) on the strength of warrants issued by its secret, rubberstamp Foreign Intelligence "court." This won't take place for at least 90 days, and for those 90 days, the administration expects the "court" to renew the spies' power to harvest bulk phone data as it has until now (despite that fact that Obama's appointed independent commission concluded that this program is illegal). Spies will only be able to explore phone data within two "hops" of their persons of interest, rather than the "three hop" rule they claim they've followed until now. Civil liberties groups are very slightly cheered by all this news.

Read the rest

Jake Appelbaum reads his Homeland afterword, with bonus Atari Teenage Riot vocoder mix

Two of my friends contributed afterwords to my novel Homeland: Aaron Swartz and Jacob Appelbaum. In this outtake from the independently produced Homeland audiobook (which you can get for the next week exclusively through the Humble Ebook Bundle), Jake reads his afterword at The Hellish Vortex Studio in Berlin, where he is in exile after several harrowing adventures at the US border. Hellish Vortex is run by Alec Empire, founding member of Atari Teenage Riot. Alec recorded this clip (MP3), and also mixed an alternate version.

Originally Jake had intended for his afterword to be anonymous (I didn't understand this at the time, and there was no harm done!). In keeping with this, Alec mixed this vocoder edition (MP3), that is pretty awesome.

Humble Ebook Bundle

LAPD says every car in Los Angeles is part of an ongoing criminal investigation


The Electronic Frontier Foundation is trying to figure out what the LAPD is doing with the mountains (and mountains) of license-plate data that they're harvesting in the city's streets without a warrant or judicial oversight. As part of the process, they've asked the LAPD for a week's worth of the data they're collecting, and in their reply brief, the LAPD argues that it can't turn over any license-plate data because all the license-plates they collect are part of an "ongoing investigation," because every car in Los Angeles is part of an ongoing criminal investigation, because some day, someone driving that car may commit a crime.

As EFF's Jennifer Lynch says, "This argument is completely counter to our criminal justice system, in which we assume law enforcement will not conduct an investigation unless there are some indicia of criminal activity."

This reminds me of the NSA's argument that they're collecting "pieces of a puzzle" and Will Potter's rebuttal: "The reality is that the NSA isn't working with a mosaic or a puzzle. What the NSA is really advocating is the collection of millions of pieces from different, undefined puzzles in the hopes that sometime, someday, the government will be working on a puzzle and one of those pieces will fit." The same thing could be said of the LAPD.

Read the rest

Turkey orders block of Twitter's IP addresses

Just a few days after Turkey's scandal-rocked government banned Twitter by tweaking national DNS settings, the state has doubled down by ordering ISPs to block Twitter's IP addresses, in response to the widespread dissemination of alternative DNS servers, especially Google's 8.8.8.8 and 8.8.4.4 (these numbers were even graffitied on walls).

Following the ban, Turkey's Twitter usage grew by 138 percent. Now that Twitter's IP range is blocked, more Turkish Internet users are making use of Tor and VPNs, and they continue to use SMS for access to the service.

It's interesting that Prime Minister Recep Tayyip Erdoğan has singled out Twitter for his attacks ("Twitter, schmitter! We will wipe out Twitter. I don’t care what the international community says.") Why not Facebook or Google Plus? I'm not certain, but my hypothesis is that Facebook and Google's "real names" policy -- which make you liable to disconnection from the service if you're caught using an alias -- make them less useful for political dissidents operating in an environment in which they fear reprisals.

Read the rest

NSA hacked Huawei, totally penetrated its networks and systems, stole its sourcecode


A new Snowden leak details an NSA operation called SHOTGIANT through which the US spies infiltrated Chinese electronics giant Huawei -- ironically, because Huawei is a company often accused of being a front for the Chinese Peoples' Liberation Army and an arm of the Chinese intelligence apparatus. The NSA completely took over Huawei's internal network, gaining access to the company's phone and computer networks and setting itself up to conduct "cyberwar" attacks on Huawei's systems.

The program apparently reached no conclusion about whether Huawei was involved in espionage. However, the NSA did identify many espionage opportunities in compromising Huawei, including surveillance of an undersea fiber optic cable that Huawei is involved with.

Read the rest

Your metadata reveals sensitive, private information

In MetaPhone: The Sensitivity of Telephone Metadata a pair of Stanford researchers recruited test-subjects who were willing to install spyware on their phones that logged the same "metadata" that the NSA harvests -- and that the NSA and President Obama claims is not sensitive or privacy-invading. The researchers applied basic analytics to the data and uncovered -- surprise! -- incredibly compromising information about the personal lives, health, and finances of their subjects, just by looking at metadata. What's more, harvesting the subjects' metadata also revealed sensitive information about the subjects' contacts' lives. (via Techdirt) Cory 7

Help Muckrock scour DHS social media spying guidelines and figure out what to FOIA next

Michael from Muckrock sez, "With a Freedom of Information Act request, MuckRock has received copies of two of the guides Homeland Security uses to monitor social media, one on standard procedures and a desktop binder for analysts. Now we're asking for help to go through it: See something worth digging into? Say something, and share it with others so we know what to FOIA next."

Read the rest

Microsoft has always reserved the right to read and disclose your Hotmail messages

Microsoft's "Scroogled" campaign (no relation) boastfully compared Hotmail's privacy framework to Gmail's, condemning Google for "reading your mail." Now, Microsoft has admitted that it scoured the Hotmail messages belonging the contacts of a suspected leaker in order to secure his arrest, and points out that Hotmail's terms of service have always given Microsoft the right to read your personal mail for any of a number nebulously defined, general reasons.

The company says that is had an undisclosed "rigorous process" to determine when it is allowed to read and publish your private email. In a statement, it sets out what the process will be from now on (though it doesn't say what the process has been until now) and vows to include the instances in which it reads its users' mail in its transparency reports, except when it is secretly reading the Hotmail accounts of people who also work for Microsoft.

Here's a PGP tool that claims to work with Hotmail, and would theoretically leave your Hotmail messages unreadable to Microsoft, though the company could still mine your metadata (subject lines, social graph, etc).

Read the rest

EFF Policy Fellowship for students: 10 week summer program

If you're a student interested in Internet and technology policy, you're eligible to apply for an EFF Policy Fellowship, a ten week placement with public interest orgs in Africa, Asia, Europe, Latin America and North America. It pays $7500, and you get to work on global surveillance, censorship, and intellectual property. "Applicants must have strong research skills, the ability to produce thoughtful original policy analysis, and a talent for communicating with many different types of audiences." Cory 3

Alaska senator on a comedy news video about NSA surveillance

Pat sez, "Alaska Robotics News is a political satire series covering the Alaska legislative session. We've had good luck at engaging law makers and have had several notable guests on the show. U.S. Senator Mark Begich recently joined us to talk about NSA dragnet surveillance and precognitive policing. We have a small group of writers contributing the the show and enjoy a lot of support from our community. This segment was a good opportunity to get outside our local issues and poke at the boiling frog of government surveillance."

Read the rest

Fedbizopps: the US government's searchable database of defense-contractor opportunities


Dave from the Electronic Frontier Foundation sez, "The government often makes itself more accessible to businesses than the general public. For Sunshine Week, we compiled this guide to using FedBizOpps to keep an eye on surveillance technology contracts."

Fedbizopps is a weird, revealing window into the world of creepy surveillance, arms, and technology contractors who build and maintain the most oppressive and unethical parts of the apparatus of the US government. Everything from drone-testing of biological and chemical weapons to license plate cameras to weaponized bugs and other malware are there. The EFF post also has links to data-mining tools that help estimate just how much money the private arms dealers extract from the tax-coffers.

Read the rest

NSA recording all the voice calls in one country; 5-6 more countries in the pipeline


A new Snowden leak reveals that all the voice calls in an unnamed country are recorded and saved for 30 days on a rolling basis, with millions of voice "cuts" (clippings) harvested from the corpus for long-term storage by the system. The system, called MYSTIC, has been running since 2009, and its search tool, RETRO, has been fully operational against a whole country's phone calls since 2011.

President Obama has stated that " the United States is not spying on ordinary people who don't threaten our national security" -- this is a hard statement to square with the idea of recording all the voice calls made in an entire country.

The Washington Post article detailing the programs states at least five more countries are now covered by MYSTIC, with a sixth coming online.

Read the rest