Tag Archives: NSA snooping

Which service providers encrypt your data?

The EFF has moved its “Who has your back?” report. It’s now at https://www.eff.org/encrypt-the-web-report. The report explains,

We’ve asked the companies in our Who Has Your Back Program what they are doing to bolster encryption in light of the NSA’s unlawful surveillance of your communications. As of now, eight companies—Dropbox, Facebook, Google, Microsoft, Sonic.net, SpiderOak, Twitter,and Yahoo—are implementing five out of five of our best practices for encryption.

image
Graphic by Electronic Frontier Foundation

Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

Advertisements

Look! Up in the sky!

Greenpeace airship over NSA image
Photo by Greenpeace

It’s the Greenpeace / EFF / TAC airship, flying above NSA’s new enormous data center in Utah. They were protesting the NSA’s illegal snooping and seizure of citizens’ electronic personal effects. EFF reported the event on their website:

Greenpeace flew its 135-foot-long thermal airship over the Bluffdale, UT, data center early Friday morning, carrying the message: “NSA Illegal Spying Below” along with a link steering people to a new web site, StandAgainstSpying.org, which the three groups launched with the support of a separate, diverse coalition of over 20 grassroots advocacy groups and Internet companies. The site grades members of Congress on what they have done, or often not done, to rein in the NSA.

The Guardian published a full story on this event.

While the NSA is in the spotlight, when will James Clapper be indicted for lying to Congress about NSA’s capture of domestic telephone records?

Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

Watch part 2 of United States of Secrets

Tonight PBS airs part 2 of a detailed program that documents NSA’s snooping into US citizens’ electronic communications. Here it airs at 10:00 PM. Check your local listings.

Read PBS’ webpage about this Frontline program and the NSA.


Glenn Greenwald
Glenn Grrenwald
photo: Glenn Greenwald
22 May update Glenn Greenwald thinks that Ed Snowden decided to reveal the extent of NSA snooping after watching US Intelligence chief James Clapper lie to Congress. (Clapper claimed that the NSA does not collect communications of ordinary Americans. When will Clapper be charged with perjury and contempt of Congress?)

The program outlined PRISM and AT&T technician Mark Klein’s discovery of a fiberoptic splitter that allowed the NSA to capture all packets that flow on AT&T’s Internet backbone as well as other attempts by NSA to read Internet-borne data without court orders. It also explored the loss of privacy to Facebook, Google, Doubleclick, et al commercial enterprises.

Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

Frontline’s United States of Secrets

On Tuesday night, PBS broadcast a powerful Frontline two hour long piece about the NSA’s snooping into citizens’ electronic communications. They subtitled it “How the government came to spy on millions of Americans”. The second part will air next Tuesday. Watch it.

us of secrets screenshot
Click to stream or download 475MB MP4 video (1hr 56m long)

Read PBS’ webpage about this Frontline program and the NSA.

The curious case of Dianne Feinstein

Senator Dianne Feinstein (D California) is outraged that her Senate Intelligence Committee’s communications have been monitored by the CIA (Feinstein Slams CIA, Accuses Agency of Spying on Staff). One irony is that last year when Ed Snowden revealed that the NSA routinely violated citizens’ Fourth Amendment rights, Senator Feinstein called for Snowden’s head.

473px-Dianne_Feinstein,_official_Senate_photo_2Another irony is that her Senate Intelligence Committee is supposed to oversee the CIA. Her committee has failed to do its job and now she’s outraged at the result of that failure. Curiouser and curiouser.

Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

Ed Snowden speaks at SXSW

Snowden-ScreenshotEdward Snowden spoke on Monday at South By Southwest via live Internet video. Presumably he was in Russia. His true location was obscured by a chain of seven proxies, which caused the audio quality to suffer from multiple echos. The best audio/video recording that I’ve found is this YouTube video. Mr. Snowden participated in a panel discussion of Internet privacy, security, and infringement of U.S. Constitutional rights.

The panel pointed out that not only is the NSA trampling on our right to freedom from unreasonable search and seizure, but so are commercial entities such as Google and Facebook. Seizing everything from everybody is clearly a violation of the Fourth Amendment.

The panel agreed that end-to-end encryption is the only way to ensure privacy.


When will intelligence chief James Clapper be indicted for lying under oath while testifying to Congress?

NSA surveillance lawful, judge says

Today a New York-based federal judge ruled that NSA’s surveillance of telephone traffic data is lawful. http://www.bbc.co.uk/news/25529677

This contradicts the 16 December ruling by a California-based federal judge, who ruled that the NSA’s telephone surveillance is “probably unconstitutional”.

I guess that this critical question needs to be decided by the U.S. Supreme Court.

NSA’s “all-encompassing, indiscriminate dump of phone metadata”

From today’s L.A. Times editorial:

In a powerful opinion released Monday in Washington, U.S. District Judge Richard J. Leon castigated what he called an “almost-Orwellian technology that enables the government to store and analyze the phone metadata of every telephone user in the United States.” Yet Leon also noted that the government had not cited “a single instance” in which the data had stopped an imminent attack.

A few months ago I noted the NSA’s poor ROI.

Finally, someone in government is doing their job! I had hoped that Congress would exercise oversight of the NSA, but the Judicial branch has beaten Congress to the punch. Note that Judge Leon is a George W. Bush appointee.

Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

EFF’s Security Report

The Electronic Freedom Foundation (EFF) has begun publishing its Who’s Doing What report, which contains the results of EFF’s survey of Internet service providers’ internal security measures.

We should all examine this report to learn how secure our entrusted data are. It will help us more wisely choose service providers of all kinds — from your ISP to email, retail sales, and search providers.
EFF Crypto Survey
Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

Lavabit CEO discusses his surveillance nightmare

ListenLeo Laporte yesterday aired a live audio interview with Ladar Levison, CEO and founder of Lavabit.

Ladar-Levison-FacebookLast month, Mr. Levison made the headlines when he shut down his Dallas-based secure email service immediately after providing his company’s SSL keys (effectively, the company’s master keys) to the FBI in compliance with a federal court order. He posted this message on Lavabit’s home page:

I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit.

Levison expects his case to eventually reach the Supreme Court. Some snippets from yeesterday’s interview:

Law enforcement is necessary. It’s a difficult job. Surveillance is supposed to be difficult. When it’s easy, we have a police state.

I’m not anti-government. I’m pro-freedom.

Lavabit defense fund

The horses have fled

ListenI listened to an October 10 Cato Institute Event during which Congressman Jim Sensenbrenner (R-Wis.), who authored the original Patriot Act, declared that ‘There has been a failure of oversight’. He’s authoring the “USA Freedom Act”, which (finally!) reins in the NSA, FBI, and other agencies who’ve violated the Fourth Amendment.

Patriot Act poster by ACLUOn his website’s October 10 news page, Congressman Sensenbrenner states,

I can say that if Congress knew what the NSA had in mind in the future immediately after 9/11, the Patriot Act never would have passed, and I never would have supported it. We have to have a balance of security and civil liberties. What the NSA has done, with the concurrence of both the Bush and Obama administrations, is completely forgotten about the guarantees of civil liberties that those of us who helped write the Patriot Act in 2001 and the reauthorization in 2005 and 2006 had written the law to prevent from happening.

Here’s a good Guardian article on Sensenbrenner, the Patriot Act, and the “USA Freedom Act”.

Sensenbrenner’s awakening is fine, but he’s closing the barn door after the horses have fled. Non-American governments and companies are moving their data and services off of servers that are surveilled by US agencies and/or controlled by US courts. I don’t blame them. The NSA’s over-reach is killing the whole “cloud” idea — who in his right mind would move his data off of his own computers to servers that you know are being read by the US federal government?

Congress slept rather than oversee the NSA and FBI and now it’s waking up to its responsibilities. It’s too late, boys. The world is moving in a different direction and the US with its arrogant and naïve agencies isn’t aboard that train. You had your chance and you blew it.

Meanwhile, back in the trenches

Three movements are underway by computer security techies:

  • Internet tech organizations are moving the Internet out from under US oversight
  • Improvement of Internet security, eliminating any third parties in authentication protocols
  • Creation of a secure Internet ver 2.0. It may or may not be built upon the existing TCP/IP foundation.

Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

Thanks for nothing, NSA.

ICANN, The World Wide Web Consortium, IETF, and other organizations are unhappy with NSA’s spying on users of the Internet. They plan to move the functions of ICANN (Internet Corporation for Assigned Names and Numbers) out from under US oversight.

Wired magazine reported in NSA Leaks Prompt Rethinking of U.S. Control Over the Internet’s Infrastructure that,

The leaders who run the internet’s technical global infrastructure say the time has come to end U.S. dominance over it.

Among other things, they were concerned “over the undermining of the trust and confidence of internet users globally due to recent revelations of pervasive monitoring and surveillance.”

Last week, Venturebeat.com published an article titled ICANN, W3C, and other orgs say U.S. is ‘undermining the trust of Internet users’.

One unintended consequence of the NSA and FBI’s lying, spying, and violation of citizens’ Fourth Amendment rights is that whatever governance the U.S. had over the Internet will be lost. It’s likely that China, Russia, Iran, et al will rush into the breach. This is not good news for an open Internet.

Thanks, creeps.

Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

Good Grief, More illegal NSA snooping

This is getting old. The NSA again demonstrates that

NSA logo parody
By EFF designer Hugh D’Andrade
  1. It’s violating US Citizens’ fourth amendment rights
  2. It’s lied about warrantless phonetapping: Not only is it capturing a phone call’s “metadata”, it’s capturing the phone call itself
  3. Its internal controls are inadequate
  4. It’s unable to manage:
    1. its unconstitutionally purloined data
    2. its employees and contractors.

 

Read Friday’s Arstechnica article titled On his first day of work, NSA employee spied on ex-girlfriend.

Congress needs to take control of this rogue agency now. Then they need to charge Intelligence chief James Clapper with contempt of Congress for lying about this surveillance during sworn testimony. The administration should fire him without benefits. I suspect that neither Mr. Obama nor Mr. Holder has the integrity to do that.

Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

Serious encryption flaw revealed. Thanks again, NSA.

The NSA strikes again. Steve Gibson, in his Security Now podcast, yesterday revealed that RSA’s respected and popular BSAFE encryption library contains a serious weakness. Its default random number generator (RNG) isn’t especially random and was tweaked years ago by the NSA to provide them with a back door. RSA is the leading security software firm. Its products are used by most of the major software publishers — Microsoft, Apple, Google, et al. Programmers who use BSAFE may choose to use other (stronger) RNGs, but BSAFE’s default RNG is definitely weak, thanks to NSA’s tinkering.

Public_key_making.svgSecure encryption requires that a unique large random number be used for each encryption. If the number is predictable, the encrypted data can be cracked. Providing truly random large numbers isn’t easy, since computers are if nothing else, deterministic machines. They produce pseudo-random numbers. Typically they seed the RNG with a small random number such as the interval between mouse clicks.

Arstechnica explains: Stop using NSA-influenced code in our products, RSA tells customers

Observers fear that NSA’s actions such as this harm US software suppliers’ credibility. When a backdoor exists, not only is it available to its creator, but uninvited visitors may hammer on it, as well.

Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695