Skip to main content

Home/ Socialism and the End of the American Dream/ Group items tagged privacy-apps

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

NSA Spying Inspires ProtonMail 'End-to-End' Encrypted Email Service | NDTV Gadgets - 0 views

gadgets.ndtv.com/...encrypted-email-service-526769

surveillance state secure-email ProtonMail

shared by Paul Merrell on 20 May 14 - No Cached
  • ne new email service promising "end-to-end" encryption launched on Friday, and others are being developed while major services such as Google Gmail and Yahoo Mail have stepped up security measures.A major catalyst for email encryption were revelations about widespread online surveillance in documents leaked by Edward Snowden, the former National Security Agency contractor."A lot of people were upset with those revelations, and that coalesced into this effort," said Jason Stockman, a co-developer of ProtonMail, a new encrypted email service which launched Friday with collaboration of scientists from Harvard, the Massachusetts Institute of Technology and the European research lab CERN.Stockman said ProtonMail aims to be as user-friendly as the major commercial services, but with extra security, and with its servers located in Switzerland to make it more difficult for US law enforcement to access.
  • "Our vision is to make encryption and privacy mainstream by making it easy to use," Stockman told AFP. "There's no installation. Everything happens behind the scenes automatically."Even though email encryption using special codes or keys, a system known as PGP, has been around for two decades, "it was so complicated," and did not gain widespread adoption, Stockman said.After testing over the past few months, ProtonMail went public Friday using a "freemium" model a basic account will be free with some added features for a paid account.
  • By locating in Switzerland, ProtonMail hopes to avoid the legal woes of services like Lavabit widely believed to be used by Snowden which shut down rather than hand over data to the US government, and which now faces a contempt of court order.Even if a Swiss court ordered data to be turned over, Stockman said, "we would hand over piles of encrypted data. We don't have a key. We never see the password."
  • ...3 more annotations...
  • As our users from China, Iran, Russia, and other countries around the world have shown us in the past months, ProtonMail is an important tool for freedom of speech and we are happy to finally be able to provide this to the whole world," the company said in a blog post.Google and Yahoo recently announced efforts to encrypt their email communications, but some specialists say the effort falls short."These big companies don't want to encrypt your stuff because they spy on you, too," said Bruce Schneier, a well-known cryptographer and author who is chief technology officer for CO3 Systems."Hopefully, the NSA debate is creating incentives for people to build more encryption."Stockman said that with services like Gmail, even if data is encrypted, "they have the key right next to it if you have the key and lock next to each other, so it's pretty much useless."
  • Lavabit founder Ladar Levison meanwhile hopes to launch a new service with other developers in a coalition known as the "Dark Mail Alliance."Levison told AFP he hopes to have a new encrypted email system in testing within a few months and widely available later this year."The goal is to make it ubiquitous, so people don't have to turn it on," he said.But he added that the technical hurdles are formidable, because the more user-friendly the system becomes, "the more susceptible it is to a sophisticated attacker with fake or spoofed key information."Levison said he hopes Dark Mail will become a new open standard that can be adopted by other email services.
  • on Callas, a cryptographer who developed the PGP standard and later co-founded the secure communications firm Silent Circle, cited challenges in making a system that is both secure and ubiquitous."If you are a bank you have to have an email system that complies with banking regulations," Callas told AFP, which could allow, for example, certain emails to be subject to regulatory or court review."Many of the services on the Internet started with zero security. We want to start with a system that is totally secure and let people dial it down."The new email system would complement Silent Circle's existing secure messaging system and encrypted mobile phone, which was launched earlier this year."If we start competing for customers on the basis of maximum privacy, that's good for everybody," Callas said.
  • Paul Merrell on 20 May 14
     
    They're already so swamped that you have to reserve your user name and wait for an invite. They say they have to add servers. Web site is at https://protonmail.ch/ "ProtonMail works on all devices, including desktops, laptops, tablets, and smartphones. It's as simple as visiting our site and logging in. There are no plugins or apps to install - simply use your favorite web browser." "ProtonMail works on all devices, including desktops, laptops, tablets, and smartphones.
Paul Merrell

For sale: Systems that can secretly track where cellphone users go around the globe - T... - 0 views

www.washingtonpost.com/...3-bf76-447a5df6411f_story.html

surveillance-state Verint cellphone-tracking SS7 IMSI surveillance-proliferation

shared by Paul Merrell on 26 Aug 14 - No Cached
  • Makers of surveillance systems are offering governments across the world the ability to track the movements of almost anybody who carries a cellphone, whether they are blocks away or on another continent. The technology works by exploiting an essential fact of all cellular networks: They must keep detailed, up-to-the-minute records on the locations of their customers to deliver calls and other services to them. Surveillance systems are secretly collecting these records to map people’s travels over days, weeks or longer, according to company marketing documents and experts in surveillance technology.
  • The world’s most powerful intelligence services, such as the National Security Agency and Britain’s GCHQ, long have used cellphone data to track targets around the globe. But experts say these new systems allow less technically advanced governments to track people in any nation — including the United States — with relative ease and precision.
  • It is unclear which governments have acquired these tracking systems, but one industry official, speaking on the condition of anonymity to share sensitive trade information, said that dozens of countries have bought or leased such technology in recent years. This rapid spread underscores how the burgeoning, multibillion-dollar surveillance industry makes advanced spying technology available worldwide. “Any tin-pot dictator with enough money to buy the system could spy on people anywhere in the world,” said Eric King, deputy director of Privacy International, a London-based activist group that warns about the abuse of surveillance technology. “This is a huge problem.”
  • ...9 more annotations...
  • Yet marketing documents obtained by The Washington Post show that companies are offering powerful systems that are designed to evade detection while plotting movements of surveillance targets on computerized maps. The documents claim system success rates of more than 70 percent. A 24-page marketing brochure for SkyLock, a cellular tracking system sold by Verint, a maker of analytics systems based in Melville, N.Y., carries the subtitle “Locate. Track. Manipulate.” The document, dated January 2013 and labeled “Commercially Confidential,” says the system offers government agencies “a cost-effective, new approach to obtaining global location information concerning known targets.”
  • tracking systems that access carrier location databases are unusual in their ability to allow virtually any government to track people across borders, with any type of cellular phone, across a wide range of carriers — without the carriers even knowing. These systems also can be used in tandem with other technologies that, when the general location of a person is already known, can intercept calls and Internet traffic, activate microphones, and access contact lists, photos and other documents. Companies that make and sell surveillance technology seek to limit public information about their systems’ capabilities and client lists, typically marketing their technology directly to law enforcement and intelligence services through international conferences that are closed to journalists and other members of the public.
  • Security experts say hackers, sophisticated criminal gangs and nations under sanctions also could use this tracking technology, which operates in a legal gray area. It is illegal in many countries to track people without their consent or a court order, but there is no clear international legal standard for secretly tracking people in other countries, nor is there a global entity with the authority to police potential abuses.
  • (Privacy International has collected several marketing brochures on cellular surveillance systems, including one that refers briefly to SkyLock, and posted them on its Web site. The 24-page SkyLock brochure and other material was independently provided to The Post by people concerned that such systems are being abused.)
  • Verint, which also has substantial operations in Israel, declined to comment for this story. It says in the marketing brochure that it does not use SkyLock against U.S. or Israeli phones, which could violate national laws. But several similar systems, marketed in recent years by companies based in Switzerland, Ukraine and elsewhere, likely are free of such limitations.
  • The tracking technology takes advantage of the lax security of SS7, a global network that cellular carriers use to communicate with one another when directing calls, texts and Internet data. The system was built decades ago, when only a few large carriers controlled the bulk of global phone traffic. Now thousands of companies use SS7 to provide services to billions of phones and other mobile devices, security experts say. All of these companies have access to the network and can send queries to other companies on the SS7 system, making the entire network more vulnerable to exploitation. Any one of these companies could share its access with others, including makers of surveillance systems.
  • Companies that market SS7 tracking systems recommend using them in tandem with “IMSI catchers,” increasingly common surveillance devices that use cellular signals collected directly from the air to intercept calls and Internet traffic, send fake texts, install spyware on a phone, and determine precise locations. IMSI catchers — also known by one popular trade name, StingRay — can home in on somebody a mile or two away but are useless if a target’s general location is not known. SS7 tracking systems solve that problem by locating the general area of a target so that IMSI catchers can be deployed effectively. (The term “IMSI” refers to a unique identifying code on a cellular phone.)
  • Verint can install SkyLock on the networks of cellular carriers if they are cooperative — something that telecommunications experts say is common in countries where carriers have close relationships with their national governments. Verint also has its own “worldwide SS7 hubs” that “are spread in various locations around the world,” says the brochure. It does not list prices for the services, though it says that Verint charges more for the ability to track targets in many far-flung countries, as opposed to only a few nearby ones. Among the most appealing features of the system, the brochure says, is its ability to sidestep the cellular operators that sometimes protect their users’ personal information by refusing government requests or insisting on formal court orders before releasing information.
  • Another company, Defentek, markets a similar system called Infiltrator Global Real-Time Tracking System on its Web site, claiming to “locate and track any phone number in the world.” The site adds: “It is a strategic solution that infiltrates and is undetected and unknown by the network, carrier, or the target.”
  • Paul Merrell on 26 Aug 14
     
    The Verint company has very close ties to the Iraeli government. Its former parent company Comverse, was heavily subsidized by Israel and the bulk of its manufacturing and code development was done in Israel. See https://en.wikipedia.org/wiki/Comverse_Technology "In December 2001, a Fox News report raised the concern that wiretapping equipment provided by Comverse Infosys to the U.S. government for electronic eavesdropping may have been vulnerable, as these systems allegedly had a back door through which the wiretaps could be intercepted by unauthorized parties.[55] Fox News reporter Carl Cameron said there was no reason to believe the Israeli government was implicated, but that "a classified top-secret investigation is underway".[55] A March 2002 story by Le Monde recapped the Fox report and concluded: "Comverse is suspected of having introduced into its systems of the 'catch gates' in order to 'intercept, record and store' these wire-taps. This hardware would render the 'listener' himself 'listened to'."[56] Fox News did not pursue the allegations, and in the years since, there have been no legal or commercial actions of any type taken against Comverse by the FBI or any other branch of the US Government related to data access and security issues. While no real evidence has been presented against Comverse or Verint, the allegations have become a favorite topic of conspiracy theorists.[57] By 2005, the company had $959 million in sales and employed over 5,000 people, of whom about half were located in Israel.[16]" Verint is also the company that got the Dept. of Homeland Security contract to provide and install an electronic and video surveillance system across the entire U.S. border with Mexico.  One need not be much of a conspiracy theorist to have concerns about Verint's likely interactions and data sharing with the NSA and its Israeli equivalent, Unit 8200. 
Paul Merrell

How the NSA Converts Spoken Words Into Searchable Text - The Intercept - 0 views

firstlook.org/...nition-snowden-searchable-text

surveillance state NSA voice-to-text search

shared by Paul Merrell on 07 May 15 - No Cached
  • Most people realize that emails and other digital communications they once considered private can now become part of their permanent record. But even as they increasingly use apps that understand what they say, most people don’t realize that the words they speak are not so private anymore, either. Top-secret documents from the archive of former NSA contractor Edward Snowden show the National Security Agency can now automatically recognize the content within phone calls by creating rough transcripts and phonetic representations that can be easily searched and stored. The documents show NSA analysts celebrating the development of what they called “Google for Voice” nearly a decade ago.
  • Most people realize that emails and other digital communications they once considered private can now become part of their permanent record. But even as they increasingly use apps that understand what they say, most people don’t realize that the words they speak are not so private anymore, either. Top-secret documents from the archive of former NSA contractor Edward Snowden show the National Security Agency can now automatically recognize the content within phone calls by creating rough transcripts and phonetic representations that can be easily searched and stored. The documents show NSA analysts celebrating the development of what they called “Google for Voice” nearly a decade ago.
  • Though perfect transcription of natural conversation apparently remains the Intelligence Community’s “holy grail,” the Snowden documents describe extensive use of keyword searching as well as computer programs designed to analyze and “extract” the content of voice conversations, and even use sophisticated algorithms to flag conversations of interest. The documents include vivid examples of the use of speech recognition in war zones like Iraq and Afghanistan, as well as in Latin America. But they leave unclear exactly how widely the spy agency uses this ability, particularly in programs that pick up considerable amounts of conversations that include people who live in or are citizens of the United States.
  • ...9 more annotations...
  • The Defense Department, through its Defense Advanced Research Projects Agency (DARPA), started funding academic and commercial research into speech recognition in the early 1970s. What emerged were several systems to turn speech into text, all of which slowly but gradually improved as they were able to work with more data and at faster speeds. In a brief interview, Dan Kaufman, director of DARPA’s Information Innovation Office, indicated that the government’s ability to automate transcription is still limited. Kaufman says that automated transcription of phone conversation is “super hard,” because “there’s a lot of noise on the signal” and “it’s informal as hell.”
  • A 2008 document from the Snowden archive shows that  transcribing news broadcasts was already working well seven years ago, using a program called Enhanced Video Text and Audio Processing: (U//FOUO) EViTAP is a fully-automated news monitoring tool. The key feature of this Intelink-SBU-hosted tool is that it analyzes news in six languages, including Arabic, Mandarin Chinese, Russian, Spanish, English, and Farsi/Persian. “How does it work?” you may ask. It integrates Automatic Speech Recognition (ASR) which provides transcripts of the spoken audio. Next, machine translation of the ASR transcript translates the native language transcript to English. Voila! Technology is amazing. A version of the system the NSA uses is now even available commercially.
  • But even then, a newer, more sophisticated product was already being rolled out by the NSA’s Human Language Technology (HLT) program office. The new system, called VoiceRT, was first introduced in Baghdad, and “designed to index and tag 1 million cuts per day.” The goal, according to another 2006 memo, was to use voice processing technology to be able “index, tag and graph,” all intercepted communications. “Using HLT services, a single analyst will be able to sort through millions of cuts per day and focus on only the small percentage that is relevant,” the memo states. A 2009 memo from the NSA’s British partner, GCHQ, describes how “NSA have had the BBN speech-to-text system Byblos running at Fort Meade for at least 10 years. (Initially they also had Dragon.) During this period they have invested heavily in producing their own corpora of transcribed Sigint in both American English and an increasing range of other languages.” (GCHQ also noted that it had its own small corpora of transcribed voice communications, most of which happened to be “Northern Irish accented speech.”)
  • According to a 2011 memo, “How is Human Language Technology (HLT) Progressing?“, NSA that year deployed “HLT Labs” to Afghanistan, NSA facilities in Texas and Georgia, and listening posts in Latin America run by the Special Collection Service, a joint NSA/CIA unit that operates out of embassies and other locations. “Spanish is the most mature of our speech-to-text analytics,” the memo says, noting that the NSA and its Special Collections Service sites in Latin America, have had “great success searching for Spanish keywords.”
  • The Snowden archive, as searched and analyzed by The Intercept, documents extensive use of speech-to-text by the NSA to search through international voice intercepts — particularly in Iraq and Afghanistan, as well as Mexico and Latin America. For example, speech-to-text was a key but previously unheralded element of the sophisticated analytical program known as the Real Time Regional Gateway (RTRG), which started in 2005 when newly appointed NSA chief Keith B. Alexander, according to the Washington Post, “wanted everything: Every Iraqi text message, phone call and e-mail that could be vacuumed up by the agency’s powerful computers.” The Real Time Regional Gateway was credited with playing a role in “breaking up Iraqi insurgent networks and significantly reducing the monthly death toll from improvised explosive devices.” The indexing and searching of “voice cuts” was deployed to Iraq in 2006. By 2008, RTRG was operational in Afghanistan as well.
  • VoiceRT, in turn, was surpassed a few years after its launch. According to the intelligence community’s “Black Budget” for fiscal year 2013, VoiceRT was decommissioned and replaced in 2011 and 2012, so that by 2013, NSA could operationalize a new system. This system, apparently called SPIRITFIRE, could handle more data, faster. SPIRITFIRE would be “a more robust voice processing capability based on speech-to-text keyword search and paired dialogue transcription.”
  • What’s less clear from the archive is how extensively this capability is used to transcribe or otherwise index and search voice conversations that primarily involve what the NSA terms “U.S. persons.” The NSA did not answer a series of detailed questions about automated speech recognition, even though an NSA “classification guide” that is part of the Snowden archive explicitly states that “The fact that NSA/CSS has created HLT models” for speech-to-text processing as well as gender, language and voice recognition, is “UNCLASSIFIED.”
  • Also unclassified: The fact that the processing can sort and prioritize audio files for human linguists, and that the statistical models are regularly being improved and updated based on actual intercepts. By contrast, because they’ve been tuned using actual intercepts, the specific parameters of the systems are highly classified.
  • The presidentially appointed but independent Privacy and Civil Liberties Oversight Board (PCLOB) didn’t mention speech-to-text technology in its public reports. “I’m not going to get into whether any program does or does not have that capability,” PCLOB chairman David Medine told The Intercept. His board’s reports, he said, contained only information that the intelligence community agreed could be declassified.
Paul Merrell

iSpy: The CIA Campaign to Steal Apple's Secrets - 0 views

firstlook.org/...-campaign-steal-apples-secrets

surveillance state CIA iPhones iPads encryption-vulnerabilities

shared by Paul Merrell on 11 Mar 15 - No Cached
  • ESEARCHERS WORKING with the Central Intelligence Agency have conducted a multi-year, sustained effort to break the security of Apple’s iPhones and iPads, according to top-secret documents obtained by The Intercept. The security researchers presented their latest tactics and achievements at a secret annual gathering, called the “Jamboree,” where attendees discussed strategies for exploiting security flaws in household and commercial electronics. The conferences have spanned nearly a decade, with the first CIA-sponsored meeting taking place a year before the first iPhone was released. By targeting essential security keys used to encrypt data stored on Apple’s devices, the researchers have sought to thwart the company’s attempts to provide mobile security to hundreds of millions of Apple customers across the globe. Studying both “physical” and “non-invasive” techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.
  • The CIA declined to comment for this story. The security researchers also claimed they had created a modified version of Apple’s proprietary software development tool, Xcode, which could sneak surveillance backdoors into any apps or programs created using the tool. Xcode, which is distributed by Apple to hundreds of thousands of developers, is used to create apps that are sold through Apple’s App Store. The modified version of Xcode, the researchers claimed, could enable spies to steal passwords and grab messages on infected devices. Researchers also claimed the modified Xcode could “force all iOS applications to send embedded data to a listening post.” It remains unclear how intelligence agencies would get developers to use the poisoned version of Xcode. Researchers also claimed they had successfully modified the OS X updater, a program used to deliver updates to laptop and desktop computers, to install a “keylogger.”
  • Other presentations at the CIA conference have focused on the products of Apple’s competitors, including Microsoft’s BitLocker encryption system, which is used widely on laptop and desktop computers running premium editions of Windows. The revelations that the CIA has waged a secret campaign to defeat the security mechanisms built into Apple’s devices come as Apple and other tech giants are loudly resisting pressure from senior U.S. and U.K. government officials to weaken the security of their products. Law enforcement agencies want the companies to maintain the government’s ability to bypass security tools built into wireless devices. Perhaps more than any other corporate leader, Apple’s CEO, Tim Cook, has taken a stand for privacy as a core value, while sharply criticizing the actions of U.S. law enforcement and intelligence agencies. “If U.S. products are OK to target, that’s news to me,” says Matthew Green, a cryptography expert at Johns Hopkins University’s Information Security Institute. “Tearing apart the products of U.S. manufacturers and potentially putting backdoors in software distributed by unknowing developers all seems to be going a bit beyond ‘targeting bad guys.’ It may be a means to an end, but it’s a hell of a means.”
Paul Merrell

Court Limits Police 'StingRay' Cell Phone Tracking for the First Time | Motherboard - 0 views

motherboard.vice.com/...ll-trackers-for-the-first-time

surveillance state stingrays litigation digital-privacy civil-liberties

shared by Paul Merrell on 17 Oct 14 - No Cached
  • The  Florida Supreme Court has ruled that warrantless tracking of people's location using their cell phone signal is unconstitutional, a move that could have far-reaching consequences and suggests that the most common use of police surveillance tools called StingRays is illegal. The StingRay, if you aren't familiar, is essentially a fake cell phone tower that is used by at least 45 branches of law enforcement in the United States to track criminal suspects (the UK uses them as well). But the way it works—as a cell tower spoofer—means that, by design, all cell phones within a certain geographical area will connect to it, meaning police are sweeping up location information about everyone nearby.
  • When police have access to StingRays, they use them often: In 2011, the Los Angeles Police Department used it for 340 different investigations; in Tallahassee, Fla., police used them for 250 investigations between 2007 and 2014. Most often, tracking of specific suspects is done without a warrant. StingRays aren't at the heart of Thursday's Florida Supreme Court Decision; warrantless cell phone location tracking is, according to court justice Jorge Labarga's opinion. Nonetheless, the most common use of StingRays would fall under his decision.
  • In this instance, a suspected cocaine dealer, Shawn Tracey, was tracked in 2007 by police without a warrant. Labarga said this was a violation of the Fourth Amendment. "Regardless of Tracey's location on public roads, the use of his cell site location information emanating from his cell phone in order to track him in real time was a search within the purview of the Fourth Amendment for which probable cause was required," Labarga wrote. No matter where you are, you're giving your location data to third parties: Facebook, Google, all manner of apps you've opted into. But that doesn't give police or the government in general permission to scrape that data or con you into giving it to them, he suggested.
  • ...2 more annotations...
  • "While a person may voluntarily convey personal information to a business or other entity for personal purposes, such disclosure cannot reasonably be considered to be disclosure for all purposes to third parties not involved in that transaction," he wrote. "Requiring a cell phone user to turn off the cell phone just to assure privacy from governmental intrusion that can reveal a detailed and intimate picture of the user's life places an unreasonable burden on the user to forego necessary use of his cell phone, a device now considered essential by much of the populace," he continued. Again, this decision only counts in Florida for the time being, but it's the first time a high court has ruled, based on the US Constitution, that the practice is illegal, and it sets a strong precedent for future cases. Previously, New Jersey and Massachusetts made similar rulings using their state constitutions.
  • "It's a great decision, and it's a big deal," Nate Wessler, a staff attorney with the American Civil Liberties Union, told me. "The way the court's decision is written, it would apply to most StingRay use." Wessler said that while this is a huge decision, it's not clear yet if all StingRay use—warrant or not—may one day be ruled unconstitutional. The ruling simply hasn't been tested yet. "It's an unanswered question, but the devices wrap up innocent people, which looks like a dragnet search that's not legal under the Fourth Amendment," he said. "Even if they're tracking a specific suspect, they're getting info about every bystander. That's a concern."
Gary Edwards

Google's About Me page helps users control personal info - CIO - 0 views

www.cio.com.au/...ps-users-control-personal-info

Google Personal-Information privacy

shared by Gary Edwards on 12 Nov 15 - No Cached
  • People concerned about how much information is out there about them on Google have a new way to control what everyone can see. Without any fanfare, Google has begun rolling out an About Me page to make it easier for people to control what others can see about them across Google services. The page should be welcome news to people concerned about their privacy,
  • "With this feature, there are no changes to what information people can see, but a way for people to better control what people can see about them across Google services in one place," a Google spokesperson wrote in an email to Computerworld. Google, with its myriad services like Gmail, search, YouTube and productivity apps, has been collecting a lot of information about its users.
  • The About Me page, which is tailored for each user, contains information like work history, contact information, educational background and places the user has lived, along with gender and birthday. Brand Post How is tech changing the role of the CIO? More from Lenovo ThinkFWD The page also enables users to edit or delete information that they don't want people to be able to see.
  • ...1 more annotation...
  • this should make it easier for people to take control over what information is out there about them on various Google services.
  • Gary Edwards on 12 Nov 15
     
    Run, don't walk! HTTPS://aboutme.google.com
Paul Merrell

Tomgram: Alfred McCoy, It's About Blackmail, Not National Security | TomDispatch - 0 views

www.tomdispatch.com/...kmail%2C_not_national_security

surveillance state blackmail power-projection empire Obama BushII

shared by Paul Merrell on 29 Jan 14 - No Cached
  • For more than six months, Edward Snowden’s revelations about the National Security Agency (NSA) have been pouring out from the Washington Post, the New York Times, the Guardian, Germany’s Der Spiegel, and Brazil’s O Globo, among other places.  Yet no one has pointed out the combination of factors that made the NSA’s expanding programs to monitor the world seem like such a slam-dunk development in Washington.  The answer is remarkably simple.  For an imperial power losing its economic grip on the planet and heading into more austere times, the NSA’s latest technological breakthroughs look like a bargain basement deal when it comes to projecting power and keeping subordinate allies in line -- like, in fact, the steal of the century.  Even when disaster turned out to be attached to them, the NSA’s surveillance programs have come with such a discounted price tag that no Washington elite was going to reject them.
  • What exactly was the aim of such an unprecedented program of massive domestic and planetary spying, which clearly carried the risk of controversy at home and abroad? Here, an awareness of the more than century-long history of U.S. surveillance can guide us through the billions of bytes swept up by the NSA to the strategic significance of such a program for the planet’s last superpower. What the past reveals is a long-term relationship between American state surveillance and political scandal that helps illuminate the unacknowledged reason why the NSA monitors America’s closest allies. Not only does such surveillance help gain intelligence advantageous to U.S. diplomacy, trade relations, and war-making, but it also scoops up intimate information that can provide leverage -- akin to blackmail -- in sensitive global dealings and negotiations of every sort. The NSA’s global panopticon thus fulfills an ancient dream of empire. With a few computer key strokes, the agency has solved the problem that has bedeviled world powers since at least the time of Caesar Augustus: how to control unruly local leaders, who are the foundation for imperial rule, by ferreting out crucial, often scurrilous, information to make them more malleable.
  • Once upon a time, such surveillance was both expensive and labor intensive. Today, however, unlike the U.S. Army’s shoe-leather surveillance during World War I or the FBI’s break-ins and phone bugs in the Cold War years, the NSA can monitor the entire world and its leaders with only 100-plus probes into the Internet’s fiber optic cables. This new technology is both omniscient and omnipresent beyond anything those lacking top-secret clearance could have imagined before the Edward Snowden revelations began.  Not only is it unimaginably pervasive, but NSA surveillance is also a particularly cost-effective strategy compared to just about any other form of global power projection. And better yet, it fulfills the greatest imperial dream of all: to be omniscient not just for a few islands, as in the Philippines a century ago, or a couple of countries, as in the Cold War era, but on a truly global scale. In a time of increasing imperial austerity and exceptional technological capability, everything about the NSA’s surveillance told Washington to just “go for it.”  This cut-rate mechanism for both projecting force and preserving U.S. global power surely looked like a no-brainer, a must-have bargain for any American president in the twenty-first century -- before new NSA documents started hitting front pages weekly, thanks to Snowden, and the whole world began returning the favor.
  • ...12 more annotations...
  • As the gap has grown between Washington’s global reach and its shrinking mailed fist, as it struggles to maintain 40% of world armaments (the 2012 figure) with only 23% of global gross economic output, the U.S. will need to find new ways to exercise its power far more economically. As the Cold War took off, a heavy-metal U.S. military -- with 500 bases worldwide circa 1950 -- was sustainable because the country controlled some 50% of the global gross product. But as its share of world output falls -- to an estimated 17% by 2016 -- and its social welfare costs climb relentlessly from 4% of gross domestic product in 2010 to a projected 18% by 2050, cost-cutting becomes imperative if Washington is to survive as anything like the planet’s “sole superpower.” Compared to the $3 trillion cost of the U.S. invasion and occupation of Iraq, the NSA’s 2012 budget of just $11 billion for worldwide surveillance and cyberwarfare looks like cost saving the Pentagon can ill-afford to forego. Yet this seeming “bargain” comes at what turns out to be an almost incalculable cost. The sheer scale of such surveillance leaves it open to countless points of penetration, whether by a handful of anti-war activists breaking into an FBI field office in Media, Pennsylvania, back in 1971 or Edward Snowden downloading NSA documents at a Hawaiian outpost in 2012.
  • In October 2001, not satisfied with the sweeping and extraordinary powers of the newly passed Patriot Act, President Bush ordered the National Security Agency to commence covert monitoring of private communications through the nation's telephone companies without the requisite FISA warrants. Somewhat later, the agency began sweeping the Internet for emails, financial data, and voice messaging on the tenuous theory that such “metadata” was “not constitutionally protected.” In effect, by penetrating the Internet for text and the parallel Public Switched Telephone Network (PSTN) for voice, the NSA had gained access to much of the world’s telecommunications. By the end of Bush’s term in 2008, Congress had enacted laws that not only retrospectively legalized these illegal programs, but also prepared the way for NSA surveillance to grow unchecked. Rather than restrain the agency, President Obama oversaw the expansion of its operations in ways remarkable for both the sheer scale of the billions of messages collected globally and for the selective monitoring of world leaders.
  • By 2012, the centralization via digitization of all voice, video, textual, and financial communications into a worldwide network of fiber optic cables allowed the NSA to monitor the globe by penetrating just 190 data hubs -- an extraordinary economy of force for both political surveillance and cyberwarfare.
  • With a few hundred cable probes and computerized decryption, the NSA can now capture the kind of gritty details of private life that J. Edgar Hoover so treasured and provide the sort of comprehensive coverage of populations once epitomized by secret police like East Germany’s Stasi. And yet, such comparisons only go so far. After all, once FBI agents had tapped thousands of phones, stenographers had typed up countless transcripts, and clerks had stored this salacious paper harvest in floor-to-ceiling filing cabinets, J. Edgar Hoover still only knew about the inner-workings of the elite in one city: Washington, D.C.  To gain the same intimate detail for an entire country, the Stasi had to employ one police informer for every six East Germans -- an unsustainable allocation of human resources. By contrast, the marriage of the NSA’s technology to the Internet’s data hubs now allows the agency’s 37,000 employees a similarly close coverage of the entire globe with just one operative for every 200,000 people on the planet
  • Through the expenditure of $250 million annually under its Sigint Enabling Project, the NSA has stealthily penetrated all encryption designed to protect privacy. “In the future, superpowers will be made or broken based on the strength of their cryptanalytic programs,” reads a 2007 NSA document. “It is the price of admission for the U.S. to maintain unrestricted access to and use of cyberspace.” By collecting knowledge -- routine, intimate, or scandalous -- about foreign leaders, imperial proconsuls from ancient Rome to modern America have gained both the intelligence and aura of authority necessary for dominion over alien societies. The importance, and challenge, of controlling these local elites cannot be overstated. During its pacification of the Philippines after 1898, for instance, the U.S. colonial regime subdued contentious Filipino leaders via pervasive policing that swept up both political intelligence and personal scandal. And that, of course, was just what J. Edgar Hoover was doing in Washington during the 1950s and 1960s.
  • Indeed, the mighty British Empire, like all empires, was a global tapestry woven out of political ties to local leaders or “subordinate elites” -- from Malay sultans and Indian maharajas to Gulf sheiks and West African tribal chiefs. As historian Ronald Robinson once observed, the British Empire spread around the globe for two centuries through the collaboration of these local leaders and then unraveled, in just two decades, when that collaboration turned to “non-cooperation.” After rapid decolonization during the 1960s transformed half-a-dozen European empires into 100 new nations, their national leaders soon found themselves the subordinate elites of a spreading American global imperium. Washington suddenly needed the sort of private information that could keep such figures in line. Surveillance of foreign leaders provides world powers -- Britain then, America now -- with critical information for the exercise of global hegemony. Such spying gave special penetrating power to the imperial gaze, to that sense of superiority necessary for dominion over others.  It also provided operational information on dissidents who might need to be countered with covert action or military force; political and economic intelligence so useful for getting the jump on allies in negotiations of all sorts; and, perhaps most important of all, scurrilous information about the derelictions of leaders useful in coercing their compliance.
  • In late 2013, the New York Times reported that, when it came to spying on global elites, there were “more than 1,000 targets of American and British surveillance in recent years,” reaching down to mid-level political actors in the international arena. Revelations from Edward Snowden’s cache of leaked documents indicate that the NSA has monitored leaders in some 35 nations worldwide -- including Brazilian president Dilma Rousseff, Mexican presidents Felipe Calderón and Enrique Peña Nieto, German Chancellor Angela Merkel, and Indonesia’s president Susilo Bambang Yudhoyono.  Count in as well, among so many other operations, the monitoring of “French diplomatic interests” during the June 2010 U.N. vote on Iran sanctions and “widespread surveillance” of world leaders during the Group 20 summit meeting at Ottawa in June 2010. Apparently, only members of the historic “Five Eyes” signals-intelligence alliance (Australia, Canada, New Zealand, and Great Britain) remain exempt -- at least theoretically -- from NSA surveillance. Such secret intelligence about allies can obviously give Washington a significant diplomatic advantage. During U.N. wrangling over the U.S. invasion of Iraq in 2002-2003, for example, the NSA intercepted Secretary-General Kofi Anan’s conversations and monitored the “Middle Six” -- Third World nations on the Security Council -- offering what were, in essence, well-timed bribes to win votes. The NSA’s deputy chief for regional targets sent a memo to the agency’s Five Eyes allies asking “for insights as to how membership is reacting to on-going debate regarding Iraq, plans to vote on any related resolutions [..., and] the whole gamut of information that could give U.S. policymakers an edge in obtaining results favorable to U.S. goals.”
  • Indicating Washington’s need for incriminating information in bilateral negotiations, the State Department pressed its Bahrain embassy in 2009 for details, damaging in an Islamic society, on the crown princes, asking: “Is there any derogatory information on either prince? Does either prince drink alcohol? Does either one use drugs?” Indeed, in October 2012, an NSA official identified as “DIRNSA,” or Director General Keith Alexander, proposed the following for countering Muslim radicals: “[Their] vulnerabilities, if exposed, would likely call into question a radicalizer’s devotion to the jihadist cause, leading to the degradation or loss of his authority.” The agency suggested that such vulnerabilities could include “viewing sexually explicit material online” or “using a portion of the donations they are receiving… to defray personal expenses.” The NSA document identified one potential target as a “respected academic” whose “vulnerabilities” are “online promiscuity.”
  • Just as the Internet has centralized communications, so it has moved most commercial sex into cyberspace. With an estimated 25 million salacious sites worldwide and a combined 10.6 billion page views per month in 2013 at the five top sex sites, online pornography has become a global business; by 2006, in fact, it generated $97 billion in revenue. With countless Internet viewers visiting porn sites and almost nobody admitting it, the NSA has easy access to the embarrassing habits of targets worldwide, whether Muslim militants or European leaders. According to James Bamford, author of two authoritative books on the agency, “The NSA's operation is eerily similar to the FBI's operations under J. Edgar Hoover in the 1960s where the bureau used wiretapping to discover vulnerabilities, such as sexual activity, to ‘neutralize’ their targets.”
  • Indeed, whistleblower Edward Snowden has accused the NSA of actually conducting such surveillance.  In a December 2013 letter to the Brazilian people, he wrote, “They even keep track of who is having an affair or looking at pornography, in case they need to damage their target's reputation.” If Snowden is right, then one key goal of NSA surveillance of world leaders is not U.S. national security but political blackmail -- as it has been since 1898. Such digital surveillance has tremendous potential for scandal, as anyone who remembers New York Governor Eliot Spitzer’s forced resignation in 2008 after routine phone taps revealed his use of escort services; or, to take another obvious example, the ouster of France’s budget minister Jérôme Cahuzac in 2013 following wire taps that exposed his secret Swiss bank account. As always, the source of political scandal remains sex or money, both of which the NSA can track with remarkable ease.
  • By starting a swelling river of NSA documents flowing into public view, Edward Snowden has given us a glimpse of the changing architecture of U.S. global power. At the broadest level, Obama’s digital “pivot” complements his overall defense strategy, announced in 2012, of reducing conventional forces while expanding into the new, cost-effective domains of space and cyberspace. While cutting back modestly on costly armaments and the size of the military, President Obama has invested billions in the building of a new architecture for global information control. If we add the $791 billion expended to build the Department of Homeland Security bureaucracy to the $500 billion spent on an increasingly para-militarized version of global intelligence in the dozen years since 9/11, then Washington has made a $1.2 trillion investment in a new apparatus of world power.
  • So formidable is this security bureaucracy that Obama’s recent executive review recommended the regularization, not reform, of current NSA practices, allowing the agency to continue collecting American phone calls and monitoring foreign leaders into the foreseeable future. Cyberspace offers Washington an austerity-linked arena for the exercise of global power, albeit at the cost of trust by its closest allies -- a contradiction that will bedevil America’s global leadership for years to come. To update Henry Stimson: in the age of the Internet, gentlemen don't just read each other’s mail, they watch each other’s porn. Even if we think we have nothing to hide, all of us, whether world leaders or ordinary citizens, have good reason to be concerned.
Paul Merrell

Faced With The Security State, Groklaw Opts Out | Popehat - 0 views

www.popehat.com/...ecurity-state-groklaw-opts-out

surveillance state NSA NSA-blowback Groklaw

shared by Paul Merrell on 21 Aug 13 - No Cached
  • For ten years Pamela Jones has run Groklaw, a site collecting, discussing, and explaining legal developments of interest to the open-source software community. Her efforts have, justifiably, won many awards. She's done now.
  • That's not why she's stopping. Pamela Jones is ending Groklaw because she can't trust her government. She's ending it because, in the post-9/11 era, there's no viable and reliable way to assure that our email won't be read by the state — because she can't confidently communicate privately with her readers and tipsters and subjects and friends and family.
  • In making this choice, Jones echoes the words of Lavar Levison, who shut down his encrypted email service Lavabit. Levison said he was doing so rather than "become complicit in crimes against the American people": “I’m taking a break from email,” said Levison. “If you knew what I know about email, you might not use it either.” Lavabit was joined by encryption provider Silent Circle:
  • ...2 more annotations...
  • The extent of NSA surveillance is unknown, but what little we see is deeply unsettling. What our government says about it can't be believed; the government uses deliberately misleading language or outright lies about the scope of surveillance. So I don't blame Pamela Jones or question her decision. It's not the only way. I don't think it's my way, yet — though I am having some very concerned conversations about whether it's safe, or even ethical, to have confidential attorney-client communications by email.
  • I hope that Pamela's decision will arouse the interest, or attention, or outrage, of a few more people, who will in turn talk and write and advocate to get more people involved. Groklaw was a great resource; citizens will care that it's gone. (The government and its minions won't.) Pamela's choice will likely be met with the usual arguments: the government doesn't care about your emails. If you have nothing to hide you have nothing to worry about. This is about protecting us from terrorist attacks, not about snooping into Americans' communications. Don't you remember 9/11? I tire of responding to those. Let me offer one response that applies to all of them: I don't trust my government, I don't trust the people who work for my government, and I believe that the evidence suggests that it's irrational to offer such trust.
Paul Merrell

Declassified Docs: NSA Misled Court (and Themselves) About Spying on Americans | Killer... - 1 views

killerapps.foreignpolicy.com/...lves_about_spying_on_americans

surveillance state NSA FBI FISA Court opinions privacy-violations

shared by Paul Merrell on 22 Aug 13 - No Cached
  • Paul Merrell on 22 Aug 13
     
    The infamous 2011 FISA Court opinion finding that NSA and the FBI were massively violating U.S. citizens' 4th Amendment rights is finally released in heavily redacted form. It is a shocker, repeatedly finding that the Feds had misrepresented facts to the court. 
Paul Merrell

Group Thinks Anonymity Should Be Baked Into the Internet Itself Using Tor - Slashdot - 0 views

tech.slashdot.org/...-the-internet-itself-using-tor

surveillance state NSA Tor IETF internet internet freedom digital-privacy

shared by Paul Merrell on 29 Nov 13 - No Cached
  • "David Talbot writes at MIT Technology review that engineers on the Internet Engineering Task Force (IETF), an informal organization of engineers that changes Internet code and operates by rough consensus, have asked the architects of Tor to consider turning the technology into an Internet standard. If widely adopted, such a standard would make it easy to include the technology in consumer and business products ranging from routers to apps and would allow far more people to browse the Web without being identified by anyone who might be spying on Internet traffic. The IETF is already working to make encryption standard in all web traffic. Stephen Farrell believes that forging Tor into a standard that interoperates with other parts of the Internet could be better than leaving Tor as a separate tool that requires people to take special action to implement. 'I think there are benefits that might flow in both directions,' says Farrell. 'I think other IETF participants could learn useful things about protocol design from the Tor people, who've faced interesting challenges that aren't often seen in practice. And the Tor people might well get interest and involvement from IETF folks who've got a lot of experience with large-scale systems.' Andrew Lewman, executive director of Tor, says the group is considering it. 'We're basically at the stage of 'Do we even want to go on a date together?' It's not clear we are going to do it, but it's worth exploring to see what is involved. It adds legitimacy, it adds validation of all the research we've done.'"
Paul Merrell

Spies Infiltrate a Fantasy Realm of Online Games - NYTimes.com - 0 views

www.nytimes.com/...field-of-elves-and-trolls.html

surveillance state NSA GCHQ NSA-targets online-games mobile-apps

shared by Paul Merrell on 11 Dec 13 - No Cached
  • Not limiting their activities to the earthly realm, American and British spies have infiltrated the fantasy worlds of World of Warcraft and Second Life, conducting surveillance and scooping up data in the online games played by millions of people across the globe, according to newly disclosed classified documents.
  • Fearing that terrorist or criminal networks could use the games to communicate secretly, move money or plot attacks, the documents show, intelligence operatives have entered terrain populated by digital avatars that include elves, gnomes and supermodels. The spies have created make-believe characters to snoop and to try to recruit informers, while also collecting data and contents of communications between players, according to the documents, disclosed by the former National Security Agency contractor Edward J. Snowden. Because militants often rely on features common to video games — fake identities, voice and text chats, a way to conduct financial transactions — American and British intelligence agencies worried that they might be operating there, according to the papers.
  • Online games might seem innocuous, a top-secret 2008 N.S.A. document warned, but they had the potential to be a “target-rich communication network” allowing intelligence suspects “a way to hide in plain sight.” Virtual games “are an opportunity!” another 2008 N.S.A. document declared. But for all their enthusiasm — so many C.I.A., F.B.I. and Pentagon spies were hunting around in Second Life, the document noted, that a “deconfliction” group was needed to avoid collisions — the intelligence agencies may have inflated the threat. The documents, obtained by The Guardian and shared with The New York Times and ProPublica, do not cite any counterterrorism successes from the effort. Former American intelligence officials, current and former gaming company employees and outside experts said in interviews that they knew of little evidence that terrorist groups viewed the games as havens to communicate and plot operations.
  • ...5 more annotations...
  • In the 2008 N.S.A. document, titled “Exploiting Terrorist Use of Games & Virtual Environments,” the agency said that “terrorist target selectors” — which could be a computer’s Internet Protocol address or an email account — “have been found associated with Xbox Live, Second Life, World of Warcraft” and other games. But that document does not present evidence that terrorists were participating in the games. Still, the intelligence agencies found other benefits in infiltrating these online worlds. According to the minutes of a January 2009 meeting, GCHQ’s “network gaming exploitation team” had identified engineers, embassy drivers, scientists and other foreign intelligence operatives to be World of Warcraft players — potential targets for recruitment as agents.
  • The surveillance, which also included Microsoft’s Xbox Live, could raise privacy concerns. It is not clear exactly how the agencies got access to gamers’ data or communications, how many players may have been monitored or whether Americans’ communications or activities were captured. One American company, the maker of World of Warcraft, said that neither the N.S.A. nor its British counterpart, the Government Communications Headquarters, had gotten permission to gather intelligence in its game. Many players are Americans, who can be targeted for surveillance only with approval from the nation’s secret intelligence court. The spy agencies, though, face far fewer restrictions on collecting certain data or communications overseas.
  • “The Sigint Enterprise needs to begin taking action now to plan for collection, processing, presentation and analysis of these communications,” said one April 2008 N.S.A. document, referring to “signals intelligence.” The document added, “With a few exceptions, N.S.A. can’t even recognize the traffic,” meaning that the agency could not distinguish gaming data from other Internet traffic. By the end of 2008, according to one document, the British spy agency, known as GCHQ, had set up its “first operational deployment into Second Life” and had helped the police in London in cracking down on a crime ring that had moved into virtual worlds to sell stolen credit card information. The British spies running the effort, which was code-named Operation Galician, were aided by an informer using a digital avatar “who helpfully volunteered information on the target group’s latest activities.”
  • Even before the American government began spying in virtual worlds, the Pentagon had identified the potential intelligence value of video games. The Pentagon’s Special Operations Command in 2006 and 2007 worked with several foreign companies — including an obscure digital media business based in Prague — to build games that could be downloaded to mobile phones, according to people involved in the effort. They said the games, which were not identified as creations of the Pentagon, were then used as vehicles for intelligence agencies to collect information about the users. Eager to cash in on the government’s growing interest in virtual worlds, several large private contractors have spent years pitching their services to American intelligence agencies. In one 66-page document from 2007, part of the cache released by Mr. Snowden, the contracting giant SAIC promoted its ability to support “intelligence collection in the game space,” and warned that online games could be used by militant groups to recruit followers and could provide “terrorist organizations with a powerful platform to reach core target audiences.”
  • In spring 2009, academics and defense contractors gathered at the Marriott at Washington Dulles International Airport to present proposals for a government study about how players’ behavior in a game like World of Warcraft might be linked to their real-world identities. “We were told it was highly likely that persons of interest were using virtual spaces to communicate or coordinate,” said Dmitri Williams, a professor at the University of Southern California who received grant money as part of the program. After the conference, both SAIC and Lockheed Martin won contracts worth several million dollars, administered by an office within the intelligence community that finances research projects.
  • Paul Merrell on 11 Dec 13
     
    Coming soon: disclosure of the NSA's public bathroom cams and microphones because people talk there and exchange germs that might have DNA in them that can be used to track terrorists. 
Paul Merrell

Facebook blasted by US and UK lawmakers - nsnbc international | nsnbc international - 1 views

nsnbc.me/...blasted-by-us-and-uk-lawmakers

Facebook security Cambridge-Analytics

shared by Paul Merrell on 19 Mar 18 - No Cached
  • Lawmakers in the United States and the United Kingdom are calling on Facebook chief executive Mark Zuckerberg to explain how the names, preferences and other information from tens of millions of users ended up in the hands of the Cambridge Analytica data analysis firm.
  • After Facebook cited data privacy policies violations and announced that it was suspending the Cambridge Analytica data analytics firm also tied to the Trump campaign, new revelations have emerged. On Saturday, reports revealed that Cambridge Analytica, used a feature once available to Facebook app developers to collect information on some 270,000 people. In the process, the company, which was, at the time, handling U.S. President Donald Trump’s presidential campaign, gained access to data on tens of millions of their Facebook “friends” and that it wasn’t clear at all if any of these people had given explicit permission for this kind of sharing. Facebook’s Deputy General Counsel Paul Grewal said in a statement, “We will take legal action if necessary to hold them responsible and accountable for any unlawful behavior.”
  • The social media giant also added that it was continuing to investigate the claims. According to reports, Cambridge Analytica worked for the failed presidential campaign of U.S. Senator Ted Cruz and then for the presidential campaign of Donald Trump. Federal Election Commission records reportedly show that Trump’s campaign hired Cambridge Analytica in June 2016 and paid it more than $6.2 million. On its website, the company says that it “provided the Donald J. Trump for President campaign with the expertise and insights that helped win the White House.” Cambridge Analytica also mentions that it uses “behavioral microtargeting,” or combining analysis of people’s personalities with demographics, to predict and influence mass behavior.  According to the company, it has data on 220 million Americans, two thirds of the U.S. population. Cambridge Analytica says it has worked on other campaigns in the United States and other countries, and it is funded by Robert Mercer, a prominent supporter of politically conservative groups.
  • ...1 more annotation...
  • Facebook stated that it suspended Cambridge Analytica and its parent group Strategic Communication Laboratories (SCL) after receiving reports that they did not delete information about Facebook users that had been inappropriately shared. For months now, both the companies have been embroiled in investigations in Washington and London but the recent demands made by lawmakers focused explicitly on Zuckerberg, who has not testified publicly on these matters in either nation.
‹ Previous 21 - 32 of 32
Showing 20 items per page