Skip to main content

Home/ Socialism and the End of the American Dream/ Group items tagged digital-surveillance

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

Rep. Mike Rogers Angrily Defends Bathroom Spycam | Popehat - 0 views

www.popehat.com/...ngrily-defends-bathroom-spycam

surveillance state NSA NSA-oversight must-read

shared by Paul Merrell on 31 Oct 13 - No Cached
  • Representative Mike Rogers (R-Michigan) was defiant today in the face of accusations that he had installed a small digital camera in the women's bathroom in his office at the Capitol. "This is just politics," said the ten-term Congressman. "I would argue the fact that we haven't had any women come forward with any specificity arguing that their privacy has been violated, clearly indicates, in ten years, clearly indicates that something must be doing right. Somebody must be doing something exactly right." When reporters asked how women would know to complain — the spycam, funded by the government, was expertly hidden — Rogers asserted that was the point. "You can't have your privacy violated if you don't know your privacy is violated," said Rogers.
  • Rogers went on to explain that the nation's Capitol — which has housed figures like former Congressman Bob Filner and former Senator Bob Packwood — presents known dangers to women, and that the spycam is calculated to make certain they are protected from those dangers. “If the women knew exactly what that spycam was about, they would be applauding and popping champagne corks. It’s a good thing. it keeps the women safe. It keeps the Capitol safe," Rogers asserted. Rogers then abruptly concluded the interview, threatening to sue reporters if they wrote about it.
  • Paul Merrell on 31 Oct 13
     
    Ken White of Popehat gives a great satirical take on the statement by Rep. Mike Rogers's statement that this week during a hearing on the NSA scandal that: "You can't have your privacy violated if you don't know your privacy is violated." (Put that one in your memorable quotes file, quick.) Worse, Rogers seemed to be sincere. And even worse yet, he is the chairman of the House Intelligence Committee. The CSPAN footage is in one of the links from White's masterful satire. 
  • Paul Merrell on 31 Oct 13
     
    Oops! Chairman Rogers apparently has a double standard on what constitutes "privacy" that distinguishes between victims of NSA snooping and victims of an insecure Affordable Care Act web site: "Continuing with the issue of privacy, Rep. Mike Rogers, R-Mich., ridiculed the program as unsafe for private information, stating that functionality concerns are indicative of a lack of privacy. "If it's not functioning, you know it's not secure," said Rogers. "You have exposed millions of Americans because you said it was "an acceptable risk." http://washington.cbslocal.com/2013/10/30/obamacare-website-down-while-sebelius-testifies/ So actual NSA privacy violations: not a problem. Potential ACA privacy violations: huge problem. Somehow, I strongly favor accidental privacy violations over intentional and secret government snooping. But maybe I'm just weird.
Paul Merrell

NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say - ... - 0 views

www.washingtonpost.com/...3-8b74-d89d714ca4dd_story.html

surveillance state NSA NSA-targets Google Yahoo must-read

shared by Paul Merrell on 31 Oct 13 - No Cached
  • The National Security Agency has secretly broken into the main communications links that connect Yahoo and Google data centers around the world, according to documents obtained from former NSA contractor Edward Snowden and interviews with knowledgeable officials. By tapping those links, the agency has positioned itself to collect at will from hundreds of millions of user accounts, many of them belonging to Americans. The NSA does not keep everything it collects, but it keeps a lot.
  • According to a top-secret accounting dated Jan. 9, 2013, the NSA’s acquisitions directorate sends millions of records every day from internal Yahoo and Google networks to data warehouses at the agency’s headquarters at Fort Meade, Md. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records — including “metadata,” which would indicate who sent or received e-mails and when, as well as content such as text, audio and video.The NSA’s principal tool to exploit the data links is a project called MUSCULAR, operated jointly with the agency’s British counterpart, the Government Communications Headquarters . From undisclosed interception points, the NSA and the GCHQ are copying entire data flows across fiber-optic cables that carry information among the data centers of the Silicon Valley giants.
  • The infiltration is especially striking because the NSA, under a separate program known as PRISM, has front-door access to Google and Yahoo user accounts through a court-approved process. The MUSCULAR project appears to be an unusually aggressive use of NSA tradecraft against flagship American companies. The agency is built for high-tech spying, with a wide range of digital tools, but it has not been known to use them routinely against U.S. companies.
  • ...1 more annotation...
  • In a statement, Google’s chief legal officer, David Drummond, said the company has “long been concerned about the possibility of this kind of snooping” and has not provided the government with access to its systems.“We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform,” he said.
  • Paul Merrell on 31 Oct 13
     
    It says later in this 3-page article that Google's data centers back up their content to each other in case one goes down. So no question that U.S. citizens' data is collected, I think. See also closely related article, Why the NSA Wanted More Access, http://www.washingtonpost.com/blogs/the-switch/wp/2013/10/30/prism-already-gave-the-nsa-access-to-tech-giants-heres-why-it-wanted-more/ ("Scooping up data is deep in the NSA's DNA, and it may simply have been unable to help itself."). See also http://apps.washingtonpost.com/g/page/world/how-the-nsas-muscular-program-collects-too-much-data-from-yahoo-and-google/543/ (excerpts from documents discussed in the main article). 
Paul Merrell

If GCHQ wants to improve national security it must fix our technology | Technology | th... - 0 views

www.theguardian.com/...q-national-security-technology

surveillance state cyberwar vulnerabilities secure-computing Doctorow

shared by Paul Merrell on 10 Apr 14 - No Cached
  • In a recent column, security expert Bruce Schneier proposed breaking up the NSA – handing its offensive capabilities work to US Cyber Command and its law enforcement work to the FBI, and terminating its programme of attacking internet security. In place of this, Schneier proposed that “instead of working to deliberately weaken security for everyone, the NSA should work to improve security for everyone.” This is a profoundly good idea for reasons that may not be obvious at first blush.People who worry about security and freedom on the internet have long struggled with the problem of communicating the urgent stakes to the wider public. We speak in jargon that’s a jumble of mixed metaphors – viruses, malware, trojans, zero days, exploits, vulnerabilities, RATs – that are the striated fossil remains of successive efforts to come to grips with the issue. When we do manage to make people alarmed about the stakes, we have very little comfort to offer them, because Internet security isn’t something individuals can solve.
  • I remember well the day this all hit home for me. It was nearly exactly a year ago, and I was out on tour with my novel Homeland, which tells the story of a group of young people who come into possession of a large trove of government leaks that detail a series of illegal programmes through which supposedly democratic governments spy on people by compromising their computers.
  • I explained the book’s premise, and then talked about how this stuff works in the real world. I laid out a parade of awfuls, including a demonstrated attack that hijacked implanted defibrillators from 10 metres’ distance and caused them to compromise other defibrillators that came into range, implanting an instruction to deliver lethal shocks at a certain time in the future. I talked about Cassidy Wolf, the reigning Miss Teen USA, whose computer had been taken over by a “sextortionist” who captured nude photos of her and then threatened to release them if she didn’t perform live sex shows for him. I talked about the future of self-driving cars, smart buildings, implanted hearing aids and robotic limbs, and explained that the world is made out of computers that we put our bodies into, and that we put inside our bodies.These computers are badly secured. What’s more, governments and their intelligence agencies are actively working to undermine the security of our computers and networks. This was before the Snowden revelations, but we already knew that governments were buying “zero-day vulnerabilities” from security researchers. These are critical bugs that can be leveraged to compromise entire systems. Until recently, the normal response to the discovery of one of these “vulns” was to report them to the vendor so they could be repaired.
  • ...6 more annotations...
  • But spy-agencies and law-enforcement have created a bustling marketplace for “zero-days,” which are weaponised for the purpose of attacking the computers and networks of “bad guys”. The incentives have shifted, and now a newly discovered bug had a good chance of remaining unpatched and live in the field because governments wanted to be able to use it to hack their enemies.
  • Last year, when I finished that talk in Seattle, a talk about all the ways that insecure computers put us all at risk, a woman in the audience put up her hand and said, “Well, you’ve scared the hell out of me. Now what do I do? How do I make my computers secure?”And I had to answer: “You can’t. No one of us can. I was a systems administrator 15 years ago. That means that I’m barely qualified to plug in a WiFi router today. I can’t make my devices secure and neither can you. Not when our governments are buying up information about flaws in our computers and weaponising them as part of their crime-fighting and anti-terrorism strategies. Not when it is illegal to tell people if there are flaws in their computers, where such a disclosure might compromise someone’s anti-copying strategy.But: If I had just stood here and spent an hour telling you about water-borne parasites; if I had told you about how inadequate water-treatment would put you and everyone you love at risk of horrifying illness and terrible, painful death; if I had explained that our very civilisation was at risk because the intelligence services were pursuing a strategy of keeping information about pathogens secret so they can weaponise them, knowing that no one is working on a cure; you would not ask me ‘How can I purify the water coming out of my tap?’”
  • Because when it comes to public health, individual action only gets you so far. It doesn’t matter how good your water is, if your neighbour’s water gives him cholera, there’s a good chance you’ll get cholera, too. And even if you stay healthy, you’re not going to have a very good time of it when everyone else in your country is striken and has taken to their beds.If you discovered that your government was hoarding information about water-borne parasites instead of trying to eradicate them; if you discovered that they were more interested in weaponising typhus than they were in curing it, you would demand that your government treat your water-supply with the gravitas and seriousness that it is due.The public health analogy is suprisingly apt here. The public health threat-model is in a state of continuous flux, because our well-being is under continuous, deliberate attack from pathogens for whom we are, at best, host organisms, and at worst, dinner. Evolution drives these organisms to a continuously shifting array of tactics to slide past our defenses.Public health isn’t just about pathogens, either – its thorniest problems are about human behaviour and social policy. HIV is a blood-borne disease, but disrupting its spread requires changes to our attitudes about sex, pharmaceutical patents, drugs policy and harm minimisation. Almost everything interesting about HIV is too big to fit on a microscope slide.
  • And so it is for security: crypto is awesome maths, but it’s just maths. Security requires good password choice, good password management, good laws about compelled crypto disclosure, transparency into corporate security practices, and, of course, an end to the governmental practice of spending $250M/year on anti-security sabotage through the NSA/GCHQ programmes Bullrun and Edgehill.
  • But for me, the most important parallel between public health and internet security is their significance to our societal wellbeing. Everything we do today involves the internet. Everything we do tomorrow will require the internet. If you live near a nuclear power plant, fly in airplanes, ride in cars or trains, have an implanted pacemaker, keep money in the bank, or carry a phone, your safety and well-being depend on a robust, evolving, practice of network security.This is the most alarming part of the Snowden revelations: not just that spies are spying on all of us – that they are actively sabotaging all of our technical infrastructure to ensure that they can continue to spy on us.There is no way to weaken security in a way that makes it possible to spy on “bad guys” without making all of us vulnerable to bad guys, too. The goal of national security is totally incompatible with the tactic of weakening the nation’s information security.
  • “Virus” has been a term of art in the security world for decades, and with good reason. It’s a term that resonates with people, even people with only a cursory grasp of technology. As we strive to make the public and our elected representatives understand what’s at stake, let’s expand that pathogen/epidemiology metaphor. We’d never allow MI5 to suppress information on curing typhus so they could attack terrorists by infecting them with it. We need to stop allowing the NSA and GCHQ to suppress information on fixing bugs in our computers, phones, cars, houses, planes, and bodies.If GCHQ wants to improve the national security of the United Kingdom – if the NSA want to impove the American national security – they should be fixing our technology, not breaking it. The technology of Britons and Americans is under continuous, deadly attack from criminals, from foreign spies, and from creeps. Our security is better served by armouring us against these threats than it is by undermining security so that cops and spies have an easier time attacking “bad guys.”
Paul Merrell

The Agency That Could Be Big Brother - New York Times - 0 views

www.nytimes.com/...25bamford.html

surveillance state NSA digital-privacy Bamford 2005

shared by Paul Merrell on 15 Jun 14 - No Cached
  • December 25, 2005
  • DEEP in a remote, fog-layered hollow near Sugar Grove, W.Va., hidden by fortress-like mountains, sits the country's largest eavesdropping bug. Located in a "radio quiet" zone, the station's large parabolic dishes secretly and silently sweep in millions of private telephone calls and e-mail messages an hour. Run by the ultrasecret National Security Agency, the listening post intercepts all international communications entering the eastern United States. Another N.S.A. listening post, in Yakima,Wash., eavesdrops on the western half of the country. A hundred miles or so north of Sugar Grove, in Washington, the N.S.A. has suddenly taken center stage in a political firestorm. The controversy over whether the president broke the law when he secretly ordered the N.S.A. to bypass a special court and conduct warrantless eavesdropping on American citizens has even provoked some Democrats to call for his impeachment. According to John E. McLaughlin, who as the deputy director of the Central Intelligence Agency in the fall of 2001 was among the first briefed on the program, this eavesdropping was the most secret operation in the entire intelligence network, complete with its own code word - which itself is secret.
  • But the agency is still struggling to adjust to the war on terror, in which its job is not to monitor states, but individuals or small cells hidden all over the world. To accomplish this, the N.S.A. has developed ever more sophisticated technology that mines vast amounts of data. But this technology may be of limited use abroad. And at home, it increases pressure on the agency to bypass civil liberties and skirt formal legal channels of criminal investigation. Originally created to spy on foreign adversaries, the N.S.A. was never supposed to be turned inward. Thirty years ago, Senator Frank Church, the Idaho Democrat who was then chairman of the select committee on intelligence, investigated the agency and came away stunned. "That capability at any time could be turned around on the American people," he said in 1975, "and no American would have any privacy left, such is the capability to monitor everything: telephone conversations, telegrams, it doesn't matter. There would be no place to hide." He added that if a dictator ever took over, the N.S.A. "could enable it to impose total tyranny, and there would be no way to fight back."
  • ...3 more annotations...
  • Before the Sept. 11 attacks, the N.S.A. normally eavesdropped on a small number of American citizens or resident aliens, often a dozen or less, while the F.B.I., whose low-tech wiretapping was far less intrusive, requested most of the warrants from FISA. Despite the low odds of having a request turned down, President Bush established a secret program in which the N.S.A. would bypass the FISA court and begin eavesdropping without warrant on Americans. This decision seems to have been based on a new concept of monitoring by the agency, a way, according to the administration, to effectively handle all the data and new information. At the time, the buzzword in national security circles was data mining: digging deep into piles of information to come up with some pattern or clue to what might happen next. Rather than monitoring a dozen or so people for months at a time, as had been the practice, the decision was made to begin secretly eavesdropping on hundreds, perhaps thousands, of people for just a few days or a week at a time in order to determine who posed potential threats. Those deemed innocent would quickly be eliminated from the watch list, while those thought suspicious would be submitted to the FISA court for a warrant. In essence, N.S.A. seemed to be on a classic fishing expedition, precisely the type of abuse the FISA court was put in place to stop.At a news conference, President Bush himself seemed to acknowledge this new tactic. "FISA is for long-term monitoring," he said. "There's a difference between detecting so we can prevent, and monitoring.
  • In 2002, it was revealed that the Pentagon had launched Total Information Awareness, a data mining program led by John Poindexter, a retired rear admiral who had served as national security adviser under Ronald Reagan and helped devise the plan to sell arms to Iran and illegally divert the proceeds to rebels in Nicaragua. Total Information Awareness, known as T.I.A., was intended to search through vast data bases, promising to "increase the information coverage by an order-of-magnitude." According to a 2002 article in The New York Times, the program "would permit intelligence analysts and law enforcement officials to mount a vast dragnet through electronic transaction data ranging from credit card information to veterinary records, in the United States and internationally, to hunt for terrorists." After press reports, the Pentagon shut it down, and Mr. Poindexter eventually left the government. But according to a 2004 General Accounting Office report, the Bush administration and the Pentagon continued to rely heavily on data-mining techniques. "Our survey of 128 federal departments and agencies on their use of data mining," the report said, "shows that 52 agencies are using or are planning to use data mining. These departments and agencies reported 199 data-mining efforts, of which 68 are planned and 131 are operational." Of these uses, the report continued, "the Department of Defense reported the largest number of efforts."
  • "I don't want to see this country ever go across the bridge," Senator Church said. "I know the capacity that is there to make tyranny total in America, and we must see to it that this agency and all agencies that possess this technology operate within the law and under proper supervision, so that we never cross over that abyss. That is the abyss from which there is no return." James Bamford is the author of "Puzzle Palace" and"Body of Secrets: Anatomy of the Ultra-Secret National Security Agency."
  • Paul Merrell on 15 Jun 14
     
    James Bamford's 2005 article in The New York Times that raised public awareness of what the Bush-II administration had done by bypass the FISA Court. 
Paul Merrell

European ISPs Can Stop Logging User Data, Court Rules | TorrentFreak - 0 views

torrentfreak.com/ata-retention-directive-140408

surveillance state EU litigation data-retention

shared by Paul Merrell on 06 May 14 - No Cached
  • The European Court of Justice has overturned Europe's data retention directive, arguing that it's disproportionate and a violation of people's privacy. The decision has far-reaching consequences for the collection of data from European internet users, including their IP-addresses.
  • In a landmark ruling, the European Court of Justice has declared Europe’s Data Retention directive to be a violation of Internet users’ privacy. Under the Directive Internet providers and other telecom companies were required to log and store vast amounts of information, including who their subscribers communicate with, and what IP-addresses they use. The local authorities could then use this information to fight serious crimes, but it was also been frequently used by third parties, in online piracy cases for example. Today the Court ruled that the data collection requirements are disproportionate. In a case started by Digital Rights Ireland the Court effectively annulled the directive, and it’s now up to the individual member states to change local laws accordingly.
  • “The Court is of the opinion that, by adopting the Data Retention Directive, the EU legislature has exceeded the limits imposed by compliance with the principle of proportionality,” the Court states. “By requiring the retention of those data and by allowing the competent national authorities to access those data, the directive interferes in a particularly serious manner with the fundamental rights to respect for private life and to the protection of personal data,” it adds. The judgement has far-reaching implications for large telecom companies, but also for smaller businesses including many VPN providers. With the new ruling these companies are no longer required to log extensive amount of user data as was required under the EU Directive.
  • ...1 more annotation...
  • The European Court of Justice judgement is a clear victory for privacy activists, but mostly for the public who will regain some of their online privacy. While the ruling specified that some data retention may be needed, broad and mandatory retention laws and NSA-style data dragnets are no longer the standard.
Paul Merrell

DOJ Seeks Removal Of Restrictions On Computer Search Warrants - 0 views

www.mintpressnews.com/...190535

surveillance state digital-privacy remote-computer-search 4th Amendment

shared by Paul Merrell on 13 May 14 - No Cached
  • The Justice Department recently submitted proposed new rules on the procedures and practices of the department’s agencies and bureaus. Among the suggested changes is a modification of the Federal Rules of Criminal Procedure Rule 41(b), which empowers a federal court to issue a warrant allowing the federal government to conduct a search of a computer or computer network involved in a criminal investigation. Under current regulations, a warrant issued by a federal court is only valid in that court’s district. As there are 94 federal judicial districts, investigating a widespread attack may require either petitioning dozens of district courts or acting extrajudicially by not seeking a warrant. An extrajudicial investigation, however, cannot be used if criminal convictions are sought, as evidence gathered in this manner is not typically admissible in court. The Justice Department is seeking to make remote access warrants to search, seize and copy electronic information valid for all federal districts.
  • The Justice Department argues that due to the sophistication of cyber-criminals, an offending computer or computer cluster can sit in a district separate from the district where the hackers that infected the target computer anonymously are and separate from the investigators’ district. “Criminals are using multiple computers in many districts simultaneously as part of complex criminal schemes, and effectively investigating and disrupting these schemes often requires remote access to Internet-connected computers in many different districts,” wrote then-acting Assistant Attorney General Mythili Raman in a September letter to the Advisory Committee on the Criminal Rules. “Botnets are a significant threat to the public: they are used to conduct large-scale denial of service attacks, steal personal and financial data, and distribute malware designed to invade the privacy of users of the host computers,” Raman continued. In the letter, Raman cited an investigation of a child porn site that uses The Onion Router Network, or Tor, to anonymize its traffic. The Justice Department argues that it knows the site’s hosting server location, but without a warrant local to the server, the department is prevented from retrieving the server’s user records — including IP and MAC addresses. In most cases, however, law enforcement do not know the physical location of the site’s server, making it impossible to request a specific warrant.
  • In these cases, the Justice Department could request a blanket warrant. This would allow the department to set up a “zero-day” attack on the server — an attack exploiting a manufacturer-unknown or -permitted security flaw, allowing access to the system’s operating software. However, a Texas judge denied the FBI access to such a warrant, saying the Justice Department’s use of “zero-day” attacks in its investigation exposes the public and the target to unknown risks. One typical type of a “zero-day” attack is an infected email that could affect a large number of innocent people if the target used a public computer to access his email. The FBI planned to install a Remote Administration Tool, or RAT, which would distribute such emails in a partially-targeted spam mail distribution. Last year, Federal Magistrate Judge Stephen Smith of the Houston Division of the Southern District of Texas ruled that this was a gross overreach of investigatory intrusion, blocking the plan temporarily. A “zero-day” attack has the potential to activate and control the targeted computer’s peripherals, such as webcams and microphones.
  • ...2 more annotations...
  • Following this ruling, based on the assumptions that federal law enforcement fundamentally act in good faith and that there may be a legitimate need for remote exploitation of computer data, the Justice Department sought to introduce changes to the rules that would overcome Smith’s objections. The proposed change to Rule 41(b) would allow magistrate judges “… to issue a warrant to use remote access to search electronic storage media and to seize electronically stored information located within or outside that district.” The Justice Department has indicated that it wants warrants permitting multiple computers to be searched at the same time, as well as permission to search all of the email and social media accounts accessible from a single computer. Such access would constitute a violation of the Electronic Communications Privacy Act, as the government, under the act, must make demonstrate probable cause to each targeted service provider and obtain and serve a warrant for each service provider. A warrant to search every account active on a computer would be actively bypassing the act’s numerous safeguards.
  • Privacy advocates fear that this rule change would allow prosecutors and the Justice Department to seek out magistrates likely to give them their requested warrants, creating a situation in which the federal government could have a “warrant shop” with just one judge for the whole of the nation. In light of allegations of federal government over-policing — including revelations of aggressive domestic and international electronic spying by the FBI and the National Security Agency — many advocates argue that an examination of the federal government’s commitment to the Fourth Amendment is needed. “The proposed amendment would significantly expand the government’s authority to conduct remote searches of electronic storage media,” the American Civil Liberties Union wrote in a memorandum early last month. “It would also expand the government’s power to engage in computer hacking in the course of criminal investigations, including through the use of malware and other techniques that pose a risk to internet security and that raise Fourth Amendment and policy concerns. “In light of these concerns, the ACLU recommends that the Advisory Committee exercise extreme caution before granting the government new authority to remotely search individuals’ electronic data.” The rules are scheduled to be discussed at the meeting of the Judiciary’s Committee on Rules of Practice and Procedure later this month.
  • Paul Merrell on 13 May 14
     
    The proposed rule change is at pp. 499-501 here. http://www.uscourts.gov/uscourts/RulesAndPolicies/rules/Agenda%20Books/Standing/ST2014-05.pdf#page499 (very large PDF).  This is not just about the government being granted permission to exploit vulnerabilities unknown to the computer owner; the issue arose in a case where the government sought judicial permission to implant a Trojan Horse in a suspect's computer. Moreover, the proposed rule goes far beyond the confines of that case, purporting to authorize the government to skip merrily along searching computers not specified in the warrant, along the purported botnet. To put the icing on the cake, the government wants to be relieved from the requirement that they apply for a warrant in the district in which the computer to be searched is located. ("Oh, Goody! Let's start shopping around for the judges we like instead of the ones we are now required to persuade. What? The Mississippi judge refused to sign the warrant? Oh well, let's try it with that other judge we like, the one in Gnome, Alaska.") In other words, what the government seeks is authority for "general warrants," the very evil that the 4th Amendment was designed to outlaw. Even more outrageously, the proposed rule provides in part: "For a warrant to use remote access to search electronic storage media and seize or copy electronically stored information, the officer must make reasonable efforts to serve a copy of the warrant on the person whose property *was* searched or whose information *was* seized or copied. Service may be accomplished by any means, including electronic means, reasonably calculated to reach that person." Not the use of the past tense "was." So after they have drained your computer of all its data, they may permissibly install a batch file that will display a copy of the warrant on your monitor the next time you boot your computer. With a big red lipstick imprint of a kiss imprinted in the warrant's bottom margin, no doubt
  • Paul Merrell on 13 May 14
     
    The proposed rule change is at pp. 499-501 here. http://www.uscourts.gov/uscourts/RulesAndPolicies/rules/Agenda%20Books/Standing/ST2014-05.pdf#page499 (very large PDF).  This is not just about the government being granted permission to exploit vulnerabilities unknown to the computer owner; the issue arose in a case where the government sought judicial permission to implant a Trojan Horse in a suspect's computer. Moreover, the proposed rule goes far beyond the confines of that case, purporting to authorize the government to skip merrily along searching computers not specified in the warrant, along the purported botnet. To put the icing on the cake, the government wants to be relieved from the requirement that they apply for a warrant in the district in which the computer to be searched is located. In other words, what the government seeks is authority for "general warrants," the very evil that the 4th Amendment was designed to outlaw. Even more outrageously, the proposed rule provides in part: "For a warrant to use remote access to search electronic storage media and seize or copy electronically stored information, the officer must make reasonable efforts to serve a copy of the warrant on the person whose property *was* searched or whose information *was* seized or copied. Service may be accomplished by any means, including electronic means, reasonably calculated to reach that person." Not the use of the past tense "was." So after they have drained your computer of all its data, they may permissibly install a batch file that will display a copy of the warrant on your monitor the next time you boot your computer. With a big red lipstick imprint of a kiss imprinted at the bottom.  To be continued after this is intially posted to Diigo so the content isn't cut off.   
Paul Merrell

Internet Giants Erect Barriers to Spy Agencies - NYTimes.com - 0 views

www.nytimes.com/...-barriers-to-spy-agencies.html

surveillance-state NSA-reform DIY-reform internet-hardening digital-privacy

shared by Paul Merrell on 08 Jun 14 - No Cached
  • As fast as it can, Google is sealing up cracks in its systems that Edward J. Snowden revealed the N.S.A. had brilliantly exploited. It is encrypting more data as it moves among its servers and helping customers encode their own emails. Facebook, Microsoft and Yahoo are taking similar steps.
  • After years of cooperating with the government, the immediate goal now is to thwart Washington — as well as Beijing and Moscow. The strategy is also intended to preserve business overseas in places like Brazil and Germany that have threatened to entrust data only to local providers. Google, for example, is laying its own fiber optic cable under the world’s oceans, a project that began as an effort to cut costs and extend its influence, but now has an added purpose: to assure that the company will have more control over the movement of its customer data.
  • A year after Mr. Snowden’s revelations, the era of quiet cooperation is over. Telecommunications companies say they are denying requests to volunteer data not covered by existing law. A.T.&T., Verizon and others say that compared with a year ago, they are far more reluctant to cooperate with the United States government in “gray areas” where there is no explicit requirement for a legal warrant.
  • ...8 more annotations...
  • Eric Grosse, Google’s security chief, suggested in an interview that the N.S.A.'s own behavior invited the new arms race.“I am willing to help on the purely defensive side of things,” he said, referring to Washington’s efforts to enlist Silicon Valley in cybersecurity efforts. “But signals intercept is totally off the table,” he said, referring to national intelligence gathering.“No hard feelings, but my job is to make their job hard,” he added.
  • Hardware firms like Cisco, which makes routers and switches, have found their products a frequent subject of Mr. Snowden’s disclosures, and their business has declined steadily in places like Asia, Brazil and Europe over the last year. The company is still struggling to convince foreign customers that their networks are safe from hackers — and free of “back doors” installed by the N.S.A. The frustration, companies here say, is that it is nearly impossible to prove that their systems are N.S.A.-proof.
  • Many point to an episode in 2012, when Russian security researchers uncovered a state espionage tool, Flame, on Iranian computers. Flame, like the Stuxnet worm, is believed to have been produced at least in part by American intelligence agencies. It was created by exploiting a previously unknown flaw in Microsoft’s operating systems. Companies argue that others could have later taken advantage of this defect.Worried that such an episode undercuts confidence in its wares, Microsoft is now fully encrypting all its products, including Hotmail and Outlook.com, by the end of this year with 2,048-bit encryption, a stronger protection that would take a government far longer to crack. The software is protected by encryption both when it is in data centers and when data is being sent over the Internet, said Bradford L. Smith, the company’s general counsel.
  • Mr. Smith also said the company was setting up “transparency centers” abroad so that technical experts of foreign governments could come in and inspect Microsoft’s proprietary source code. That will allow foreign governments to check to make sure there are no “back doors” that would permit snooping by United States intelligence agencies. The first such center is being set up in Brussels.Microsoft has also pushed back harder in court. In a Seattle case, the government issued a “national security letter” to compel Microsoft to turn over data about a customer, along with a gag order to prevent Microsoft from telling the customer it had been compelled to provide its communications to government officials. Microsoft challenged the gag order as violating the First Amendment. The government backed down.
  • In Washington, officials acknowledge that covert programs are now far harder to execute because American technology companies, fearful of losing international business, are hardening their networks and saying no to requests for the kind of help they once quietly provided.Continue reading the main story Robert S. Litt, the general counsel of the Office of the Director of National Intelligence, which oversees all 17 American spy agencies, said on Wednesday that it was “an unquestionable loss for our nation that companies are losing the willingness to cooperate legally and voluntarily” with American spy agencies.
  • In one slide from the disclosures, N.S.A. analysts pointed to a sweet spot inside Google’s data centers, where they could catch traffic in unencrypted form. Next to a quickly drawn smiley face, an N.S.A. analyst, referring to an acronym for a common layer of protection, had noted, “SSL added and removed here!”
  • Facebook and Yahoo have also been encrypting traffic among their internal servers. And Facebook, Google and Microsoft have been moving to more strongly encrypt consumer traffic with so-called Perfect Forward Secrecy, specifically devised to make it more labor intensive for the N.S.A. or anyone to read stored encrypted communications.One of the biggest indirect consequences from the Snowden revelations, technology executives say, has been the surge in demands from foreign governments that saw what kind of access to user information the N.S.A. received — voluntarily or surreptitiously. Now they want the same.
  • The latest move in the war between intelligence agencies and technology companies arrived this week, in the form of a new Google encryption tool. The company released a user-friendly, email encryption method to replace the clunky and often mistake-prone encryption schemes the N.S.A. has readily exploited.But the best part of the tool was buried in Google’s code, which included a jab at the N.S.A.'s smiley-face slide. The code included the phrase: “ssl-added-and-removed-here-; - )”
Paul Merrell

Warrantless airport seizure of laptop "cannot be justified," judge rules | Ars Technica - 0 views

arstechnica.com/...annot-be-justified-judge-rules

surveillance state warrantless-search laptop border-search-&-seizure litigation

shared by Paul Merrell on 15 May 15 - No Cached
  • The US government's prosecution of a South Korean businessman accused of illegally selling technology used in aircraft and missiles to Iran was dealt a devastating blow by a federal judge. The judge ruled Friday that the authorities illegally seized the businessman's computer at Los Angeles International Airport as he was to board a flight home. The authorities who were investigating Jae Shik Kim exercised the border exception rule that allows the authorities to seize and search goods and people—without court warrants—along the border and at airport international terminals. US District Court judge Amy Berman Jackson of the District of Columbia noted that the Supreme Court has never directly addressed the issue of warrantless computer searches at an international border crossing, but she ruled (PDF) the government used Kim's flight home as an illegal pretext to seize his computer. Authorities then shipped it 150 miles south to San Diego where the hard drive was copied and examined for weeks, but the judge said the initial seizure "surely cannot be justified." After considering all of the facts and authorities set forth above, then, the Court finds, under the totality of the unique circumstances of this case, that the imaging and search of the entire contents of Kim’s laptop, aided by specialized forensic software, for a period of unlimited duration and an examination of unlimited scope, for the purpose of gathering evidence in a pre-existing investigation, was supported by so little suspicion of ongoing or imminent criminal activity, and was so invasive of Kim’s privacy and so disconnected from not only the considerations underlying the breadth of the government’s authority to search at the border, but also the border itself, that it was unreasonable.
  • "The government points to its plenary authority to conduct warrantless searches at the border. It posits that a laptop computer is simply a 'container' that was examined pursuant to this authority, and it submits that the government’s unfettered right to search cargo at the border to protect the homeland is the beginning and end of the matter," the judge wrote. Evidence discovered on his computer of his alleged involvement in the conspiracy that won an indictment is now suppressed, and it cannot be used against him according to the ruling. The authorities took the man's computer in 2012 for national security reasons but allowed him to board his flight home. The government did not comment on the decision. Judge Berman Jackson questioned whether the border search exception should apply to laptops because they carry much more private information than, say, a briefcase. Judge Jackson cited last year's Supreme Court case, known as Riley, in which the justices ruled unanimously that the authorities generally may not search the mobile phones of those they arrest unless they have a court warrant.
  • The Supreme Court said that "Modern cell phones, as a category, implicate privacy concerns far beyond those implicated by the search of a cigarette pack, a wallet, or a purse. A conclusion that inspecting the contents of an arrestee’s pockets works no substantial additional intrusion on privacy beyond the arrest itself may make sense as applied to physical items, but any extension of that reasoning to digital data has to rest on its own bottom." Seizing on that high court opinion, Judge Berman Jackson wrote: Applying the Riley framework, the national security concerns that underlie the enforcement of export control regulations at the border must be balanced against the degree to which Kim’s privacy was invaded in this instance. And as was set forth above, while the immediate national security concerns were somewhat attenuated, the invasion of privacy was substantial: the agents created an identical image of Kim’s entire computer hard drive and gave themselves unlimited time to search the tens of thousands of documents, images, and emails it contained, using an extensive list of search terms, and with the assistance of two forensic software programs that organized, expedited, and facilitated the task. Based upon the testimony of both Special Agent Hamako and Special Agent Marshall, the Court concludes that wherever the Supreme Court or the Court of Appeals eventually draws the precise boundary of a routine border search, or however either Court ultimately defines a forensic – as opposed to a conventional – computer search, this search was qualitatively and quantitatively different from a routine border examination, and therefore, it was unreasonable given the paucity of grounds to suspect that criminal activity was in progress.
  • Paul Merrell on 15 May 15
     
    The court's decision indicates that the Feds can still do a border search of a laptop but that they cross the line when they seize the computer for later forensic examination without a warrant. In this case, the government conducted the forensic examination before obtaining a warrant.
Paul Merrell

Citizenfour's Laura Poitras suing US government over 'harassment' | Film | The Guardian - 0 views

www.theguardian.com/...s-us-harassment-edward-snowden

surveillance state DHS FOIA litigation Poitras

shared by Paul Merrell on 14 Jul 15 - No Cached
  • The Oscar-winning documentary film-maker Laura Poitras is suing the US government demanding to know why she has repeatedly been subjected to “Kafkaesque harassment” at airports across the world. Poitras, 51, said she had been held at borders more than 50 times between 2006 and 2012, often for hours at a time. At various times she alleges being told by officials that she was on a “no fly” list, having her electronic equipment confiscated and not returned for 41 days, and being threatened with handcuffs for taking notes. The latter incident took place when she was working on a film about the WikiLeaks founder Julian Assange. Poitras said she was launching the legal action, which demands the release of all documentation held on her tracking, targeting and questioning by agencies over the six year period, following the failure of a 2013 freedom of information request.
  • “I’m filing this lawsuit because the government uses the US border to bypass the rule of law,” said the film-maker in a statement, The Intercept reported. “This simply should not be tolerated in a democracy. I am also filing this suit in support of the countless other less high-profile people who have also been subjected to years of Kafkaesque harassment at the borders. We have a right to know how this system works and why we are targeted.” Poitras has previously said she was placed on the Department of Homeland Security’s watch list in 2006 after returning home to the US following work on My Country, My Country. She says airport security told her officials had assigned her the highest “threat rating” possible, even though she had never been charged with a crime. She was repeatedly stopped until 2012, when the journalist Glenn Greenwald wrote an article about her experiences.
  • Poitras’s reporting on the NSA whistleblower Edward Snowden, along with work by Greenwald, Ewen MacAskill and Barton Gellman contributed to the Pulitzer prize for public service won jointly by the Washington Post and the Guardian in 2014. Her film on Snowden, Citizenfour, won the 2015 Oscar for best documentary. The director is being represented by lawyers from digital-rights advocacy group the Electronic Frontier Foundation. “The well-documented difficulties Ms Poitras experienced while traveling strongly suggest that she was improperly targeted by federal agencies as a result of her journalistic activities,” senior counsel David Sobel told the Intercept. “Those agencies are now attempting to conceal information that would shed light on tactics that appear to have been illegal. We are confident that the court will not condone the government’s attempt to hide its misconduct under a veil of ‘national security.’”
Paul Merrell

Visit the Wrong Website, and the FBI Could End Up in Your Computer | Threat Level | WIRED - 0 views

www.wired.com/...operation_torpedo

surveillance state FBI drive-by-malware Tor digital-privacy

shared by Paul Merrell on 09 Aug 14 - No Cached
  • Security experts call it a “drive-by download”: a hacker infiltrates a high-traffic website and then subverts it to deliver malware to every single visitor. It’s one of the most powerful tools in the black hat arsenal, capable of delivering thousands of fresh victims into a hackers’ clutches within minutes. Now the technique is being adopted by a different kind of a hacker—the kind with a badge. For the last two years, the FBI has been quietly experimenting with drive-by hacks as a solution to one of law enforcement’s knottiest Internet problems: how to identify and prosecute users of criminal websites hiding behind the powerful Tor anonymity system. The approach has borne fruit—over a dozen alleged users of Tor-based child porn sites are now headed for trial as a result. But it’s also engendering controversy, with charges that the Justice Department has glossed over the bulk-hacking technique when describing it to judges, while concealing its use from defendants. Critics also worry about mission creep, the weakening of a technology relied on by human rights workers and activists, and the potential for innocent parties to wind up infected with government malware because they visited the wrong website. “This is such a big leap, there should have been congressional hearings about this,” says ACLU technologist Chris Soghoian, an expert on law enforcement’s use of hacking tools. “If Congress decides this is a technique that’s perfectly appropriate, maybe that’s OK. But let’s have an informed debate about it.”
  • The FBI’s use of malware is not new. The bureau calls the method an NIT, for “network investigative technique,” and the FBI has been using it since at least 2002 in cases ranging from computer hacking to bomb threats, child porn to extortion. Depending on the deployment, an NIT can be a bulky full-featured backdoor program that gives the government access to your files, location, web history and webcam for a month at a time, or a slim, fleeting wisp of code that sends the FBI your computer’s name and address, and then evaporates. What’s changed is the way the FBI uses its malware capability, deploying it as a driftnet instead of a fishing line. And the shift is a direct response to Tor, the powerful anonymity system endorsed by Edward Snowden and the State Department alike.
Paul Merrell

WikiLeaks Slams Google Capitulation to US Government | News | teleSUR - 0 views

www.telesurtv.net/...Government--20150126-0019.html

surveillance state press-freedom Google DoJ emails contact-lists credit-card bank-account Wikileaks

shared by Paul Merrell on 28 Jan 15 - No Cached
  • WikiLeaks strongly criticized Google at a press conference in Geneva Monday for taking two and a half years to divulge that it had handed over staff emails from the open information journalistic group to the U.S. government. On Dec. 23, 2014, Google finally informed WikiLeaks that it had responded to the U.S. Justice Department's order to give all available digital data of three WikiLeaks members, Sarah Harrison, Kristinn Hrafnsson, and Joseph Farell. The information handed over included emails, draft emails, deleted emails, source and destination addresses of all of the emails, as well as telephone numbers, contact lists, and credit card and bank account numbers. In a press conference, WikiLeaks’ lawyer Baltasar Garzon said that the way that the U.S. government asked for the information is “unacceptable and violates the Fourth Amendment” of the U.S. Constitution. He characterized the U.S. government's request as a “fishing expedition” and a “blanket attack” against WikiLeaks.
  • He also questioned why Google did not contest the request from the Justice Department and pointed out that if Google had challenged the order, then that would have given WikiLeaks the opportunity to fight the U.S. government's invasion of privacy. Garzon said he has written a letter to the executive chairman of Google, Eric Schmidt, demanding to know all of the information that was turned over to the U.S. government. This latest revelation by Google is seen as a part of the criminal investigation against WikiLeaks that was first launched in 2010, following the group’s publication of hundreds of thousands of U.S. secrets, included in documents and cables, that the organization received by U.S. soldier Chelsea Manning. Manning is currently serving 35 years in military prison for leaking the information. Julian Assange, the founder and editor-in-chief of WikiLeaks, said that this is really a story of Google rolling over yet again to help the US government violate the Constitution – by taking over journalists’ private emails in response to give-us-everything warrants.”
Paul Merrell

Hackers Use Old Lure on Web to Help Syrian Government - NYTimes.com - 0 views

www.nytimes.com/...old-web-lure-to-aid-assad.html

surveillance state cyberwarfare Syrian-War

shared by Paul Merrell on 03 Feb 15 - No Cached
  • To the young Syrian rebel fighter, the Skype message in early December 2013 appeared to come from a woman in Lebanon, named Iman Almasri, interested in his cause. Her picture, in a small icon alongside her name, showed a fair-skinned 20-something in a black head covering, wearing sunglasses.They chatted online for nearly two hours, seemingly united in their opposition to the rule of Bashar al-Assad, the Syrian leader still in power after a civil war that has taken more than 200,000 lives. Eventually saying she worked “in a programing company in Beirut,” the woman asked the fighter whether he was talking from his computer or his smartphone. He sent her a photo of himself and asked for another of her in return. She sent one immediately, apologizing that it was a few years old.“Angel like,” he responded. “You drive me crazy.”
  • What the fighter did not know was that buried in the code of the second photo was a particularly potent piece of malware that copied files from his computer, including tactical battle plans and troves of information about him, his friends and fellow fighters. The woman was not a friendly chat partner, but a pro-Assad hacker — the photos all appear to have been plucked from the web.
  • The Syrian conflict has been marked by a very active, if only sporadically visible, cyberbattle that has engulfed all sides, one that is less dramatic than the barrel bombs, snipers and chemical weapons — but perhaps just as effective. The United States had deeply penetrated the web and phone systems in Syria a year before the Arab Spring uprisings spread throughout the country. And once it began, Mr. Assad’s digital warriors have been out in force, looking for any advantage that could keep him in power.In this case, the fighter had fallen for the oldest scam on the Internet, one that helped Mr. Assad’s allies. The chat is drawn from a new study by the intelligence-gathering division of FireEye, a computer security firm, which has delved into the hidden corners of the Syrian conflict — one in which even a low-tech fighting force has figured out a way to use cyberespionage to its advantage. FireEye researchers found a collection of chats and documents while researching malware hidden in PDF documents, which are commonly used to share letters, books or other images. That quickly took them to the servers where the stolen data was stored.
Paul Merrell

German NSA Committee May Turn To Typewriters To Stop Leaks - Slashdot - 0 views

it.slashdot.org/...n-to-typewriters-to-stop-leaks

surveillance state NSA Germany Russia typewriters

shared by Paul Merrell on 16 Jul 14 - No Cached
  • Patrick Sensburg, chairman of the German parliament's National Security Agency investigative committee, now says he's considering expanding the use of manual typewriters to carry out his group's work. ... Sensburg said that the committee is taking its operational security very seriously. "In fact, we already have [a typewriter], and it's even a non-electronic typewriter," he said. If Sensburg's suggestion takes flight, the country would be taking a page out of the Russian playbook. Last year, the agency in charge of securing communications from the Kremlin announced that it wanted to spend 486,000 rubles (about $14,800) to buy 20 electric typewriters as a way to avoid digital leaks.
Paul Merrell

New regs say passengers cannot fly without biometric ID card - Police State USA - 0 views

www.policestateusa.com/...tsa-to-require-real-id

surveillance state REAL-ID flying

shared by Paul Merrell on 16 Feb 15 - No Cached
  • The ability to travel in the United States is about to become more restrictive as the TSA announces it will soon be enforcing new identification standards in American airports. Beginning in 2016, passengers attempting to pass through a federal TSA checkpoint will be subject to the requirements of the REAL ID Act. To that end, the TSA will put higher scrutiny on travelers’ identities, and will only accept a federal passport or a “REAL-ID” card, which is issued by the states to meet federal requirements. Passengers will not be allowed to fly through an American airport without submitting to the advanced federal specifications. Both federal passports and REAL-ID cards require a number of unique personal identifiers to be stored together in government databases, including his or her full name, date of birth, Social Security Number, scanned signature, and other identifiers. Both cards require biometric data: a front-facing digital photograph of the passenger’s face, which is ultimately used with a facial recognition database.
Paul Merrell

The Spy Cables: A glimpse into the world of espionage - Al Jazeera English - 0 views

www.aljazeera.com/...rica-leak-150218100147229.html

war & peace surveillance-state spy-cables leaked-docs

shared by Paul Merrell on 24 Feb 15 - No Cached
  • A digital leak to Al Jazeera of hundreds of secret intelligence documents from the world's spy agencies has offered an unprecedented insight into operational dealings of the shadowy and highly politicised realm of global espionage. Over the coming days, Al Jazeera's Investigative Unit is publishing The Spy Cables, in collaboration with The Guardian newspaper.
  • Spanning a period from 2006 until December 2014, they include detailed briefings and internal analyses written by operatives of South Africa's State Security Agency (SSA). They also reveal the South Africans' secret correspondence with the US intelligence agency, the CIA, Britain's MI6, Israel's Mossad, Russia's FSB and Iran's operatives, as well as dozens of other services from Asia to the Middle East and Africa.
  • Among the revelations, the Spy Cables disclose how: Israel's Mossad told its allies that Iran was not working to produce nuclear weapons just a month after Prime Minister Benjamin Netanyahu warned it was barely a year from being able to do so; The CIA made attempts to contact Hamas directly despite the US government listing the Palestinian group as a "terrorist organisation"; Britain's MI6 sought South African help in an operation to recruit a North Korean official who had previously refused their cash; and South African and Ethiopian spies struggled to "neutralise" an assassination plot targeting a leading African diplomat.
  • ...6 more annotations...
  • Mossad contradicted Netanyahu on Iran nuclear programme The Spy Cables A glimpse into the world of espionage Spy Cables South African spies wary of Iran operations Spy Cables expose 'desperate' US approach to Hamas Israeli cable reveals S Africa missile theft cover-up The Spy Cables - Al Jazeera English Yazidis battle ISIL Disaster 'made us stronger' Spy Cables Abbas and Israel ally against 2009 UN probe Cables describe British attempt to recruit N Korean spy The Rise of the Oligarchs
  • Unlike the Edward Snowden documents that focus on electronic signals intelligence, commonly referred to in intelligence circles as "SIGINT", the Spy Cables deal with human intelligence, or "HUMINT".
  • Rather than chronicling spy-movie style tales of  ruthless efficiency of intelligence agencies, they offer an unprecedented glimpse into the daily working lives of people whose jobs are kept secret from the public.
  • The Spy Cables also reveal that in many cases, intelligence agencies are over-classifying information and hiding behind an unnecessary veil of secrecy. This harms the ability of a democratic society to either consent to the activities of their intelligence agencies or provide adequate checks and balances to their powers.
  • Spy Cables expose 'desperate' US approach to Hamas Leaked documents also show Mossad lobbying South Africa against Goldstone Report, claiming Abbas shared their stance.
  • Spy Cables: South African spies wary of Iran operations Leaked documents describe Tehran working to counter sanctions by using front companies and official channels.
Paul Merrell

GCHQ handed new smartphone-hacking legal powers - RT UK - 0 views

www.rt.com/...19277-gchq-hack-smartphone-law

surveillance state GCHQ legislation backdoors encryption

shared by Paul Merrell on 22 Oct 15 - No Cached
  • Spy agencies in Britain will be given the explicit right to hack into smartphones and computers as part of a new law being introduced by the Conservative government. Security services MI5, MI6 and GCHQ can already access electronic devices by exploiting software security vulnerabilities, but the legal foundation for the practice is under scrutiny.New powers laid out in the Investigatory Powers Bill, due to be introduced in Parliament next month, will give spies a solid legal basis for hacking into computer systems, according to the Times.The revelation has sparked criticism from human rights group Liberty, which accuses the government of giving spy agencies “unlimited potential” to act against citizens.The bill, which was announced in the Queens’ Speech following the general election, is likely to include the new Snooper’s Charter, according to privacy campaigners at the Open Rights Group.
  • British spies will be able to hack into a person’s “property” through backdoors in the software. Once inside, intelligence agents can install software that allows them operate microphones to eavesdrop on conversations and even control the camera to take photographs of targets.The government admitted in February that MI5, MI6 and GCHQ were hacking into computers, servers, routers and mobile phones using the Intelligence Services Act 1994, which does not give explicit authorization for such practices.Independent reviewer of terrorism legislation Dave Anderson QC recommended in June that new legislation be introduced to clarify give intrusive hacking a firm legal basis.Anderson said that hacking presents a “dizzying array of possibilities to the security and intelligence agencies.”While some methods are appropriate, “many are of the view that there are others which are so intrusive that they would require exceptional safeguards for their use to be legal … A debate is clearly needed,” he said.
  • The investigatory powers bill will give agents explicit powers to interfere with “property” once they have obtained a warrant from the home secretary.Digital evidence expert Peter Sommer said the powers circumvented encryption technology.“Increasingly, [intelligence agents] can’t read communications sent over the internet because of encryption, so their ability to get information from interception is rapidly diminishing. The best way around this is to get inside someone’s computer. This is an increasingly important avenue for them,” he told the Times.
Paul Merrell

International Covenant on Civil and Political Rights - 3 views

www.ohchr.org/...CCPR.aspx

surveillance state NSA international law digital-privacy

shared by Paul Merrell on 22 Mar 14 - No Cached
  • Article 17 1. No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation. 2. Everyone has the right to the protection of the law against such interference or attacks.
  • declarations
« First ‹ Previous 161 - 177 of 177
Showing 20 items per page