Softpanorama

May the source be with you, but remember the KISS principle ;-)
Home Switchboard Unix Administration Red Hat TCP/IP Networks Neoliberalism Toxic Managers
(slightly skeptical) Educational society promoting "Back to basics" movement against IT overcomplexity and  bastardization of classic Unix

Privacy is dead bulletin, 2015

Home 2019 2018 2017 2016 2015 2014 2013 1999

For the list of top articles see Recommended Links section


Top Visited
Switchboard
Latest
Past week
Past month

NEWS CONTENTS

Old News ;-)

[Dec 22, 2015] Orwells Nightmare Is Here - China Just Gamified Obedience To The State (And Soon Itll Be Mandatory)

That's something new and pretty Orwelian : computerized score of "political correctness" made similar for FICO score and based on data about you in social media.
Notable quotes:
"... Among the things that will hurt a citizen's score are posting political opinions without prior permission, or posting information that the regime does not like, such as about the Tiananmen Square massacre that the government carried out to hold on to power, or the Shanghai stock market collapse. ..."
"... "Imagine the social pressure against disobedience or dissent that this will create." ..."
"... "very ambitious in scope, including scrutinizing individual behavior and what books people read. It's Amazon's consumer tracking with an Orwellian political twist." ..."
"... "Coming soon to a New World Order near you: social credit! Earn points by behaving like the government wants you to behave! Get penalized if you don't act like a doubleplusgood citizen! What could be more fun?" ..."
"... Applying for a passport? Buy my book and learn how to boost your patriotism score by 400 points in 6 months! We can even give you a spambot to do the work for you! ..."
"... At this point, any good developer can write a program that reads Twitter/Facebook/Renren/WeChat feeds, gives the posts to IBM's Watson (or some simpler algorithm), and have the program spit out a score. And this program would take at most a month to make. I know, I write similar stuff ;) ..."
"... What scares me is how the initial assumptions that go into querying data can give you radically different results at the end, and these intelligence agencies do not exactly explain what methods they are using to determine who is a 'bad guy.' ..."
"... Patriot Points. ..."
"... The article has taken some real, some proposed and some imaginary credit tracking programs and smushed them into one 'terrifying', freedom-destroying blob. In other words, it's irresponsible b.s. intended to make the Chinese government look even more diabolical and oppressive than our own. ..."
"... The underlying cultural truth, though, is that Chinese are willing to cooperate with – and trust – their government much more than we are. They've always respected and looked up to their national leaders and expected those leaders to actually lead – morally and practically. It works for them, as we see. ..."
"... Digital will end up being our worse nightmare and our undoing. It is the Perfect tool for the crazed sociopaths around us and the insane psychopaths that want to control our every breath (literally). ..."
"... The social networks are piped right into governments security complex. ..."
Dec 22, 2015 | Zero Hedge

As if further proof were needed Orwell's dystopia is now upon us, China has now gamified obedience to the State. Though that is every bit as creepily terrifying as it sounds, citizens may still choose whether or not they wish to opt-in - that is, until the program becomes compulsory in 2020. "Going under the innocuous name of 'Sesame Credit,' China has created a score for how good a citizen you are," explains Extra Credits' video about the program. "The owners of China's largest social networks have partnered with the government to create something akin to the U.S. credit score - but, instead of measuring how regularly you pay your bills, it measures how obediently you follow the party line."

Zheping Huang, a reporter for Quartz, chronicled his own experience with the social control tool in October, saying that

"in the past few weeks I began to notice a mysterious new trend. Numbers were popping up on my social media feeds as my friends and strangers on Weibo [the Chinese equivalent to Twitter] and WeChat began to share their 'Sesame Credit scores.' The score is created by Ant Financial, an Alibaba-affiliated company that also runs Alipay, China's popular third-party payment app with over 350 million users. Ant Financial claims that it evaluates one's purchasing and spending habits in order to derive a figure that shows how creditworthy someone is."

However, according to a translation of the "Planning Outline for the Construction of a Social Credit System," posted online by Oxford University's China expert, Rogier Creemers, it's nightmarishly clear the program is far more than just a credit-tracking method. As he described it,

"The government wants to build a platform that leverages things like big data, mobile internet, and cloud computing to measure and evaluate different levels of people's lives in order to create a gamified nudging for people to behave better."

While Sesame Credit's roll-out in January has been downplayed by many, the American Civil Liberties Union, among others, urges caution, saying:

"The system is run by two companies, Alibaba and Tencent, which run all the social networks in China and therefore have access to a vast amount of data about people's social ties and activities and what they say. In addition to measuring your ability to pay, as in the United States, the scores serve as a measure of political compliance.

Among the things that will hurt a citizen's score are posting political opinions without prior permission, or posting information that the regime does not like, such as about the Tiananmen Square massacre that the government carried out to hold on to power, or the Shanghai stock market collapse. It will hurt your score not only if you do these things, but if any of your friends do them."

And, in what appears likely the goal of the entire program, added, "Imagine the social pressure against disobedience or dissent that this will create."

Social pressure, of course, can be highly effective given the right circumstances. China seems to have found exactly that in the intricate linking of people's scores to their contacts, which can be seen publicly by anyone - and then upping the ante through score-based incentives and rewards. Rick Falkvinge pointed out a startling comparison:

"The KGB and the Stasi's method of preventing dissent from taking hold was to plant so-called agents provocateurs in the general population, people who tried to make people agree with dissent, but who actually were arresting them as soon as they agreed with such dissent. As a result, nobody would dare agree that the government did anything bad, and this was very effective in preventing any large-scale resistance from taking hold. The Chinese way here is much more subtle, but probably more effective still."

As Creemers described to Dutch news outlet, de Volkskrant,

"With the help of the latest internet technologies, the government wants to exercise individual surveillance. The Chinese aim […] is clearly an attempt to create a new citizen."

Chinese internet specialist at the Swedish Institute of International Affairs, Johan Lagerkvist, said the system is

"very ambitious in scope, including scrutinizing individual behavior and what books people read. It's Amazon's consumer tracking with an Orwellian political twist."

James Corbett has been tracking the implementation of Sesame Credit for some time. Introducing the ubiquitous tracking system for a recent episode of the Corbett Report, he mused:

"Coming soon to a New World Order near you: social credit! Earn points by behaving like the government wants you to behave! Get penalized if you don't act like a doubleplusgood citizen! What could be more fun?"

Indeed, because mandatory enrollment in Sesame Credit is still a few years away, its true effectiveness won't be measurable for some time. But even a reporter's usual wariness appears knocked off-kilter, as Zheping Huang summarized his personal experience,

"Even if my crappy credit score doesn't mean much now, it's in my best interest I suppose to make sure it doesn't go too low."

And that, of course, is precisely why gamifying State obedience is so terrifying.

Cornfedbloodstool

We just have FICO scores in the US, that measures how obidient you are to the banks, the true rulers of the country.

ToSoft4Truth

And Facebook 'Likes'. Can't get laid without the Likes, man.

CAPT DRAKE

It is already here. There is a thing called an "NSA Score", based on your habits, contacts, and email/posts. Fortunately, porn surfing, even addiction, is not a negative. Only anti state stuff counts, and no, most of the posts on ZH don't count as they are seen as venting and not actionable intel.

knukles

I love Big Brother...

Miffed Microbiologist

"The children and adults, including his own parents, tiptoe nervously around him, constantly telling him how everything he does is "good," since displeasing him can get them wished away into a mystical "cornfield", an unknown place, from which there is no return. At one point, a dog is heard barking angrily. Anthony thinks the dog is "bad" and doesn't "like [him] at all," and wishes it into the cornfield. His father and mother are horrified, but they dare not show it."

Welcome to the Twilight Zone.

Miffed

Old Poor Richard

You beat me to it on FICO score. If you're off the grid, out of the electronic money system or not paying sufficient fealty to banksters, you are NOT being obedient to the state.

NoDebt

I'm as off the grid as you can get and still live a middle class lifestyle with electricity and a cell phone. I assure you they still score me and I'm usually over 800. I don't use credit much these days but what I use says nothing but "pays as agreed".

Now, if you start to factor in the "slightly to the right of the John Burke Society" shit I post on ZH I'd be down around -500.

Uchtdorf

http://qz.com/519737/all-chinese-citizens-now-have-a-score-based-on-how-...

Dated October 9th of this year.

savagegoose

thats it, in the communist version of facebook you can vote on gov post's, ie you can like them.

Government needs you to pay taxes

Cmon its China, where numbers are faked everyday. Ya think this number will be any different? And even if its effective in China, when the US .govbots roll this out, how effective can it be when US .gov employees 'at the wheel'?

The US .gov can fuck ANYTHING up.

roisaber

It will be funny to see who gets a low citizen loyalty oath score for unpredictable reasons, or from hacks, and their increasing radicalization as their honest efforts to try to get themselves back into good standing only makes them register as more anti-social.

techpriest

The other question is, how many services are going to pop up to help you boost your score, just like there are books, guides, and services for your credit score currently?

"Applying for a passport? Buy my book and learn how to boost your patriotism score by 400 points in 6 months! We can even give you a spambot to do the work for you!"

SgtShaftoe

China doesn't have enough enforcers to control the population. They will lose control. That is only a matter of time. They may be able to delay the inevitable for a while but eventually reality will arrive. Keep pushing that volatility into the tail and see what happens. When it goes, it will blow your fucking socks off.

Tick tock motherfuckers, and that goes for the US as well...

tarabel

That is the (evil) genius of this scheme. It is collectively enforced by the proletarians themselves. If you do anti-social things, that will reflect badly on your friends and family so they will excoriate you and, if necessary, shun you until you get with the program. Really, it's just a crowd-sourced Communist Block Warden program gone digital.

I don't worry about the Chinese. They're fooked any which way you slice it. But China invents nothing, merely imitates. So where did they get this idea from, hmmm?

techpriest

At this point, any good developer can write a program that reads Twitter/Facebook/Renren/WeChat feeds, gives the posts to IBM's Watson (or some simpler algorithm), and have the program spit out a score. And this program would take at most a month to make. I know, I write similar stuff ;)

With that in mind, what would you be able to accomplish with a team of 40-50 developers and several months? What scares me is how the initial assumptions that go into querying data can give you radically different results at the end, and these intelligence agencies do not exactly explain what methods they are using to determine who is a 'bad guy.'


cherry picker

"I have nothing to hide"

Well, the bozos who coined the above term, have fun. You think keeping up with mortgage, car payments, Obama Care, taxes, raising kids and keeping a spouse happy is stressful, wait til .gov does a 'test' on you.

Me, I'm not worried. I'm a non conformist, live in the boonies and am too old. I tell my children and grandchildren they need to get rid of this 'evil eye' government encroachment.

They think I am crazy now, but I think they may be coming around.

techpriest

I would love to turn that "You shouldn't be afraid if you have nothing to hide" around by pointing out that the Fed shouldn't be afraid of an audit if they have nothing to hide.

Amish Hacker

Patriot Points.

Bopper09

Is this not what assface is? (facebook for people plugged in). I admit I went on it for the simple fact I couldn't find anything better for talking to my Russian fiance. But even a year before she got here, I said fuck it. Tried cancelling, but if you click a link that has something to do with facebook, your profile becomes active again. Fucking criminals. I left a computer for 3 weeks (not that I haven't done that before. TRY IT, no cell phone or computer for ONE WEEK. Take vacation days and see what's important in your life. Seriously, I've never owned a cell phone. Where I work I don't need one. Cell phones do not 'save your life'.

Consuelo

Interesting the references to FB, especially when one considers who's at the head and his position on censorship. Then again, what happened in Mao's China descended from the likes of Trotsky, so it kinda sorta follows...

Gantal

The article has taken some real, some proposed and some imaginary credit tracking programs and smushed them into one 'terrifying', freedom-destroying blob. In other words, it's irresponsible b.s. intended to make the Chinese government look even more diabolical and oppressive than our own.

The underlying cultural truth, though, is that Chinese are willing to cooperate with – and trust – their government much more than we are. They've always respected and looked up to their national leaders and expected those leaders to actually lead – morally and practically. It works for them, as we see.

The underlying lie is that the Chinese government needs to repress its people. It doesn't. Anyone purporting to be China 'experts' like Messrs. Lagerkvist and Creemers, should know that China's government is the most popular, most trusted government on earth.

By why let facts get in the way of a good story?

Fuku Ben

The score is created by Ant Financial

https://www.youtube.com/watch?v=8lcUHQYhPTE#t=36s

FedFunnyMoney

Ein Volk, Ein Reich, Ein Fuhrer...Chinese style.

rejected

Digital will end up being our worse nightmare and our undoing. It is the "Perfect" tool for the crazed sociopaths around us and the insane psychopaths that want to control our every breath (literally).

Sure, it's cool, you can play games and other useless crap but even a blind man could see how governments are going to be useing it. The social networks are piped right into governments security complex. Wouldn't surprise me if everything we post even here on ZH is stored on some digital crap machine somewhere.

For sure it's on ZH servers and thus available to any Tom, Dick or Harry LEO. I myself am very close to going dark. This stuff isn't laughable anymore. It's getting DEADLY serious.

[Dec 17, 2015] Please Don't Shut Down the Internet, Donald Trump

The New Yorker

Still, two interesting-and vexing-issues for the technology industry, and for the politicians who regulate it, emerged in the debate. The first came up in John Kasich's response to Trump's proposal. "Wolf, there is a big problem-it's called encryption," he said. "We need to be able to penetrate these people when they are involved in these plots and these plans. And we have to give the local authorities the ability to penetrate, to disrupt. That's what we need to do. Encryption is a major problem, and Congress has got to deal with this, and so does the President, to keep us safe."

The central question is whether American technology companies should offer the U.S. government, whether the N.S.A. or the F.B.I., backdoor access to their devices or servers. The most important companies here are Apple and Google, which, in the fall of 2014, began offering strong encryption on the newer versions of Android and iOS phones. If you keep your passcode secret, the government will be unable to, for instance, scroll through your contacts list, even if it has a warrant. This has, naturally, made the government angry. The most thorough report on the subject is a position paper put out last month by Cyrus Vance, Jr., Manhattan's district attorney. In the previous year, Vance wrote, his office had been "unable to execute approximately 111 search warrants for smartphones because those devices were running iOS 8. The cases to which those devices related include homicide, attempted murder, sexual abuse of a child, sex trafficking, assault, and robbery."

The solution isn't easy. Apple and Google implemented their new encryption standards after Edward Snowden revealed how the government had compromised their systems. They want to protect their customers-a government back door could become a hacker's back door, too-and they also want to protect their business models. If the N.S.A. can comb through iPhones, how many do you think Apple will be able to sell in China? In the debate, Carly Fiorina bragged about how, when she ran Hewlett-Packard, she stopped a truckload of equipment and had it "escorted into N.S.A. headquarters." Does that make you more or less eager to buy an OfficeJet Pro?

The second hard issue that came up indirectly in the debate-and, more specifically, in recent comments by Hillary Clinton-is how aggressive American companies such as Facebook, Twitter, and Google (with YouTube) should be in combatting the use of their platforms by ISIS. Again, there's no simple answer. You can't ban, say, everyone who tweets the hashtag #ISIS, because then you'd have to ban this guy. The algorithms are difficult to write, and the issues are difficult to balance. Companies have to consider their business interests, their legal obligations to and cultural affinities for free speech, and their moral obligations to oppose an organization that seeks to destroy the country in which they were built-and also kill their C.E.O.s.

[Dec 16, 2015] Congress just revived the surveillance state in the name of cybersecurity

Notable quotes:
"... Whistleblower: "Every Time There Is a Terrorist Attack, What We Really Need to Do Is Demand that They CUT the Budgets of All the Intelligence Agencies" - William Binney ..."
Dec 16, 2015 | The Guardian
Stumphole 16 Dec 2015 17:44

Use a VPN and Start Page as a search engine. Nothing is saved from your search.

Fgt 4URIGHTS -> lefthalfback2 16 Dec 2015 19:44

Only the brain dead idiots who are deceived and under collective Stockholm syndrome are fine with it. Yeah, all the illegal surveillance in the world didn't stop the San Bernadinos attack. Also, let's not forget the treason and terrorism being conducted against innocent Americans (Cointelpro/Gangstalking) and hidden from the American people while their asleep to the crimes happening in secret all around them. Yeah for a fascist, totalitarian police state, isn't it cool?? I feel so safe knowing my criminal government is there to protect me because they love me so much.

Whistleblower: "Every Time There Is a Terrorist Attack, What We Really Need to Do Is Demand that They CUT the Budgets of All the Intelligence Agencies" - William Binney

sand44 16 Dec 2015 18:26

"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
-Benjamin Franklin 1755

How far has the standard of American politicians managed to fall?

AvZweeden 16 Dec 2015 14:53

Edward Snowden might as well not have blown any whistle, and saved himself a lot of trouble.
Most Americans think America is a democracy, but it is really an oligarchy in disguise. Probably always was. I read this earlier this year:
https://theintercept.com/2015/07/30/jimmy-carter-u-s-oligarchy-unlimited-political-bribery/

[Dec 09, 2015] Are Windows and OS X malware

May 26, 2015 | ITworld
Are Windows and OS X malware?

Richard Stallman has never been...er...shy about sharing his opinions, particularly when it comes to software that doesn't adhere to his vision. This time around he has written an opinion column for The Guardian that takes on Microsoft Windows, Apple's OS X and even Amazon's Kindle e-reader.

Richard Stallman on malware for The Guardian:

Malware is the name for a program designed to mistreat its users. Viruses typically are malicious, but software products and software preinstalled in products can also be malicious – and often are, when not free/libre.

Developers today shamelessly mistreat users; when caught, they claim that fine print in EULAs (end user licence agreements) makes it ethical. (That might, at most, make it lawful, which is different.) So many cases of proprietary malware have been reported, that we must consider any proprietary program suspect and dangerous. In the 21st century, proprietary software is computing for suckers.

Windows snoops on users, shackles users and, on mobiles, censors apps; it also has a universal back door that allows Microsoft to remotely impose software changes. Microsoft sabotages Windows users by showing security holes to the NSA before fixing them.

Apple systems are malware too: MacOS snoops and shackles; iOS snoops, shackles, censors apps and has a back door. Even Android contains malware in a nonfree component: a back door for remote forcible installation or deinstallation of any app.

Amazon's Kindle e-reader reports what page of what book is being read, plus all notes and underlining the user enters; it shackles the user against sharing or even freely giving away or lending the book, and has an Orwellian back door for erasing books.

More at The Guardian

As you might imagine, Stallman's commentary drew a lot of responses from readers of The Guardian:

JohnnyHooper: "The Android operating system is basically spyware, mining your personal information, contacts, whereabouts, search activity, media preferences, photos, email, texts, chat, shopping, calls, etc so Google can onsell it to advertisers. Nice one, Google, you creep."

Ece301: "What the free software movement needs is more than just the scare stories about 'capability' - without reliable examples of this stuff causing real-world problems for real people such detail-free articles as this are going to affect nothing.

I'm quite willing to make the sacrifice of google, apple, the NSA etc. knowing exactly where I am if it means my phone can give me directions to my hotel in this strange city. Likewise if I want the capability to erase my phone should I lose it, I understand that that means apple etc. can probably get at that function too.

Limiting_Factor: "Or for people who don't want to mess about with command lines and like to have commercially supported software that works. Which is about 99% of the home computer using population. You lost, Richard. Get over it."

CosmicTrigger: "Selling customers the illusion of security and then leaving a great gaping hole in it for the government to snoop in return for a bit of a tax break is absolutely reprehensible."

Liam01: "This guy is as extreme as the director of the NSA , just at the other end of the spectrum. I'd be more inclined to listen if he showed a hint of nuance, or didn't open with an egoistic claim of "invented free software"."

AlanWatson: "My Kindle doesn't report anything, because I never turn the WiFi on. Just sideload content from wherever I want to buy it (or download if there is no copyright), format conversion is trivial, and for the minor inconvenience of having to use a USB cable I'm free of Amazon's lock-in, snooping and remote wipes. Simple."

Rod: "Here's my crazy prediction: Stallman's diatribes will continue to have zero measurable impact on adoption rates of Free software. Time to try a different approach, Richey."

Quicknstraight: "Not all snooping is bad for you. If it enhances your experience, say, by providing you with a better playlist or recommendations for things you like doing, what's the big deal?

Consumers don't have it every which way. You either accept a degree of data collection in return for a more enjoyable user experience, or accept that no data collection means you'll have to search out everything for yourself.

The average user prefers the easier option and has no interest in having to dig away through loads of crap to find what they want.

They key question should be what happens to data that is mined about users, not whether mining such data is bad per se."

Bob Rich: "As an author, I LIKE the idea that if a person buys a copy of my book, that copy cannot be freely distributed to others. With a paper book, that means that the original owner no longer has access to it. With an electronic book, "giving" or "lending" means duplicating, and that's stealing my work. The same is true for other creators: musicians, artists, photographers."

Mouse: "Stallman's a hero and we wouldn't have the level of (low-cost) technology all we enjoy today without him. I remember reading an article by him years ago and he said that the only laptop he'd use was the Lemote Yeeloong because it was the only system that was 100% open, even down to the BIOS - he was specifically paranoid about how government agencies might modify proprietary code for their own ends - and at the time I thought "Jeez, he's a bit of a paranoid fruitcake", but post-Snowden he's been proven to be right about what the security services get up."

More at The Guardian

[Nov 12, 2015] The Emperor Has No Clothes and Nobody Cares

www.howtogeek.com

... ... ...

Ever since we found out just how much government spying is going on, the security community has been systematically looking into every piece of technology that we use, from operating systems to network protocols, and we've learned just how insecure everything is.

... ... ...

That's the good news. The bad news is that nothing has fundamentally changed as far as the spying is concerned, despite all of the stories and media attention online. Organizations like the ACLU have tried, and failed, to even bring cases to figure out what's actually going on. Very few politicians even talk about it, and the ones that do have no power to change anything. People not only haven't exploded in anger, they don't even know the details, as John Oliver illustrated brilliantly in his interview with Snowden.

Everybody knows the government is probably spying on everything, and nobody really cares.

[Nov 06, 2015] Facebook Revenue Surges 41%, as Mobile Advertising and Users Keep Growing

In after Snowden world, is this a testament that most smartphone users are idiots, or what ?
Notable quotes:
"... The company said mobile advertising in the third quarter accounted for a colossal 78 percent of its ad revenue, up from 66 percent a year ago. ..."
"... ... ... ... ..."
Nov 06, 2015 | The New York Time

Facebook is so far defying concerns about its spending habits - a criticism that has at times also plagued Amazon and Alphabet's Google - because the social network is on a short list of tech companies that make money from the wealth of mobile visitors to its smartphone app and website. The company said mobile advertising in the third quarter accounted for a colossal 78 percent of its ad revenue, up from 66 percent a year ago.

... ... ...

Revenue was also bolstered by Facebook increasing the number of ads it showed users over the past year, said David Wehner, the company's chief financial officer. And video advertising, a growth area for Facebook, is on the rise: More than eight billion video views happen on the social network every day, the company said.

Hand in hand with the increased advertising is more users to view the promotions. The number of daily active users of Facebook exceeded one billion for the first time in the quarter, up 17 percent from a year earlier, with monthly active mobile users up 23 percent, to 1.4 billion.

... ... ...

Beyond the properties it owns, Facebook is dabbling in partnerships with media companies that could prove lucrative in the future. In May, the company debuted a feature called Instant Articles with a handful of publishers, including The New York Times, which lets users read articles from directly inside the Facebook app without being directed to a web browser.

[Nov 06, 2015] How Firefox's New Private Mode Trumps Chrome's Incognito

11/05/15 | Observer

Comment

Firefox ups its privacy game with version 42.

Mozilla made a bit of a splash this week with the announcement of its updated "private mode" in Firefox, but it's worth spelling out exactly why: Firefox's enhanced privacy mode blocks web trackers.

Users familiar with Chrome's "Incognito Mode" may assume that's what it does as well, but it doesn't. It's no fault of Google or the Chromium Project if someone misunderstands the degree of protection. The company is clear in its FAQ: all Incognito Mode does is keep your browsing out of the browser's history.

'We think that when you launch private browsing you're telling us that you want more control over the data you share on the web.'

Firefox's new "Private Mode" one-ups user protection here by automatically blocking web trackers. Nick Nguyen, Vice President for Product at Mozilla, says in the video announcement, "We think that when you launch private browsing you're telling us that you want more control over the data you share on the web." That sounds right. In fact, most people probably think private modes provide more safety than they do.

Firefox has been working to educate web users about the prevalence of trackers for a long time. In 2012, it introduced Collusion to help users visualize just how many spying eyes were in the background of their browsing (a tool now known by the milquetoast name 'Lightbeam') and how they follow you around.

Privacy nuts might be thinking, "Hey, isn't the new Private Mode basically doing what the Ghostery add-on/extension does already? It looks that way. Ghostery was not immediately available for comment on this story. This reporter started using Ghostery in earnest in the last few weeks, and while it does bust the odd page, overall, it makes the web much faster. As Mr. Nguyen says in the video, Firefox's new mode should do the roughly the same.

The best way to update Firefox is within the 'About Firefox' dialogue. Open it and let it check for updates (if it doesn't say version 42.0 or higher, the browser doesn't have it). On Macs, find "About Firefox" under the "Firefox" tab in the menu bar. On a PC, find it in the hamburger menu in the upper right.

Competition in the browser battles keeps improving the functionality of the web. When Chrome first came along, Firefox had become incredibly bloated.

Notice of what's new in 'Private Mode' when opened in Firefox, after updating. (Screenshot: Firefox)

Notice of what's new in 'Private Mode' when opened in Firefox, after updating. (Screenshot: Firefox)

Then, Chrome popularized the notion of incognito browsing, back when the main privacy concern was that our roommate would look at our browsing history to see how often we were visiting Harry Potter fansites (shout out to stand-up comic, Ophira Eisenberg, for that one).

As the web itself has become bloated with spyware, incorporating tracker blocking directly into the structure of the world's second most popular browser is a strong incentive for web managers to be more judicious about the stuff they load up in the background of websites.

Don't forget, though, that even with trackers blocked, determined sites can probably identify visitors and they can definitely profile, using browser fingerprinting. If you really want to hide, use Tor. If you're mega paranoid, try the Tails OS.

[Nov 06, 2015] Wikileaks' Hacked Stratfor Emails Shed Light on Feds Using License Plate Readers

Oct 01, 2015 | observer.com

Federal law enforcement began planning to use license plate readers in 2009 to track cars that visited gun shows against cars that crossed the border into Mexico, according to notes from a meeting between United States and Mexican law enforcement, released on Wikileaks. The notes were taken by Marko Papic, then of Stratfor, a company that describes itself as a publisher of geopolitical intelligence.

License plate readers are becoming a standard tool for local and national law enforcement across the country. In 2013, the ACLU showed that state and local law enforcement were widely documenting drivers' movements. Ars Technica looked at license plate data collected in Oakland. In January, the ACLU described documents attained from the Drug Enforcement Agency under the Freedom of Information Act that showed that agency has been working closely with state and local law enforcement. Many of the findings in these latter documents corroborate some of the insights provided by the 2009 meeting notes on Wikileaks.

Wikileaks began publishing these emails in February 2012, as the "Global Intelligence Files," as the Observer previously reported. The documents have to be read with some caution. These were reportedly attained by hackers in December 2011. A Stratfor spokesperson declined to comment on the leaked emails, referring the Observer instead to its 2012 statement, which says, "Some of the emails may be forged or altered to include inaccuracies; some may be authentic. We will not validate either."

While it's hard to imagine that such a giant trove could be completely fabricated, there is also no way to know whether or not some of it was tampered with. That said, details about federal license plate reader programs largely square with subsequent findings about the surveillance systems.

The meeting appears to have been primarily concerned with arms control, but related matters, such as illegal drug traffic and the Zetas, come up as well. The focus of the meeting appears to be information sharing among the various authorities, from both countries. Among other initiatives, the notes describe the origins of a sophisticated national system of automobile surveillance.

Here are some findings on law enforcement technology, with an emphasis on tracking automobiles:

The notes themselves are not dated, but the email containing them is dated September 4, 2009. It provides no names, but it cites people from the Mexican Embassy, the Bureau of Alcohol Tobacco and Firerearms, DEA, Department of Homeland Security, the FBI and others. The only person named is Marko Papic, who identifies himself in this hacked email. Stephen Meiners circulated Mr. Papic's notes from the summit's morning and afternoon session in one email.

The Supreme Court of California is set to review police's exemption to sharing information on how they use license plate reader data in that state. A court in Fairfax County, Virginia, is set to consider a suit against police there over local law enforcement keeping and sharing of data about people not suspected of a crime.

The DEA and the ATF did not reply to a request for comment for this story.

[Nov 06, 2015] An Entire City Trolled NSA Spies Using an Art Project

Notable quotes:
"... This created an open communication network, meaning that with the use of any wifi-enabled device, anyone could send anything (text messages, voice calls, photos and files) anonymously for those listening to hear. ..."
"... "If people are spying on us, it stands to reason that they have ..."
"... To no surprise, there was a ton of trolling. ..."
observer.com

When it was revealed in 2013 that the NSA and its UK equivalent, GCHQ, routinely spied on the German government, artists Mathias Jud and Christoph Wachter came up with a plan.

They installed a series of antennas on the roof of the Swiss Embassy in Berlin and another giant antenna on the roof of the Academy of Arts, which is located exactly between the listening posts of the NSA and GCHQ. This created an open communication network, meaning that with the use of any wifi-enabled device, anyone could send anything (text messages, voice calls, photos and files) anonymously for those listening to hear.

"If people are spying on us, it stands to reason that they have to listen to what we are saying," Mr. Jud said in a TED Talk on the subject that was filmed at TED Global London in September and uploaded onto Ted.com today.

This was perfectly legal, and they named the project "Can You Hear Me?"

To no surprise, there was a ton of trolling. One message read, "This is the NSA. In God we trust. In all others we track!!!!!" Another said, "Agents, what twisted story of yourself will you tell your grandchildren?" One particularly humorous message jokingly pleaded, "@NSA My neighbors are noisy. Please send a drone strike."

Watch the full talk here for more trolling messages and details about the project:

... ... ...

[Nov 05, 2015] This 19th-Century Invention Could Keep You From Being Hacked

Just typing your correspondence on disconnected from internet computer and pointing it on connected via USB printer is enough. Or better writing letter using regular pen.
observer.com

The most secure and, at the same time, usable, method of creating, sharing and storing information is to write it up on a manual typewriter and store it in a locked filing cabinet

If the CIA's Director John Brennan can't keep his emails private, who can? Sadly, the fact that email and instant messaging are far more convenient than communicating via papers in envelopes or by actually talking on the phone, or (God forbid) face to face, these technologies are far more insecure. Could it be that the old ways protected both secrecy and privacy far better than what we have now?

The men and women in the United States government assigned to protect our nation's most important secrets have good reason to quote Allen Ginsberg, the Beat poet who proclaimed, "The typewriter is holy." For that matter so are pens, pencils, carbon paper and ordinary paper. In the digital age privacy as we once knew it, is dead, not just for ordinary citizens, but for government officials including, apparently, the head of the CIA-not to mention our former Secretary of State. Neither the NSA nor the U.S. military have been able to keep their secrets from being exposed by the likes of WikiLeaks or Edward Snowden.

... ... ...

Given America's failures to protect our own secret information, one hopes and wishes that the U.S. is as successful at stealing information from our potential foes as they are at stealing from us.

In the private sector, hackers steal information from countless companies, ranging from Target to Ashley Madison. The banks rarely let on how badly or how often they are victimized by cybercrime, but rumor has it that it is significant. At least for now, the incentives for making and selling effective cyber security systems are nowhere near as powerful as the incentives for building systems that can steal secret or private information from individuals, as well as from corporations and governments. In the digital age, privacy is gone.

Increasingly, organizations and individuals are rediscovering the virtues of paper. Non-digital media are simply invulnerable to hacking. Stealing information from a typewriter is harder than stealing it from a word processor, computer or server. A physical file with sheets of paper covered in words written either by hand or by typewriter is a safer place to store confidential information than any electronic data storage system yet devised.

[Nov 04, 2015] Surveillance Q A: what web data is affected – and how to foil the snoopers

Notable quotes:
"... The government is attempting to push into law the ability for law enforcement agencies to be able to look at 12 months of what they are calling "internet connection records", limited to the website domains that UK internet users visit. ..."
"... It does not cover specific pages: so police and spies will not be able to access that level of detail. That means they would know that a person has spent time on the Guardian website, but not what article they read. ..."
"... Information about the sites you visit can be very revealing. The data would show if a person has regularly visited Ashley Madison – the website that helped facilitate extramarital affairs. A visit to an Alcoholics Anonymous website or an abortion advice service could reveal far more than you would like the government or law enforcement to know. ..."
"... In using a VPN you are placing all your trust in the company that operates the VPN to both secure your data and repel third parties from intercepting your connection. A VPN based in the UK may also be required to keep a log of your browsing history in the same way an ISP would. ..."
"... One way to prevent an accurate profile of your browsing history from being built could be to visit random sites. Visiting nine random domains for every website you actually want to visit would increase the amount of data that your ISP has to store tenfold. But not everybody has the patience for that. ..."
The Guardian

Critics call it a revived snooper's charter, because the government wants police and spies to be given access to the web browsing history of everyone in Britain.

However, Theresa May says her measures would require internet companies to store data about customers that amount to "simply the modern equivalent of an itemised phone bill".

Who is right? And is there anything you can do to make your communications more secure?

What exactly is the government after?

The government is attempting to push into law the ability for law enforcement agencies to be able to look at 12 months of what they are calling "internet connection records", limited to the website domains that UK internet users visit.

This is the log of websites that you visit through your internet service provider (ISP), commonly called internet browsing history, and is different from the history stored by your internet browser, such as Microsoft's Edge, Apple's Safari or Google's Chrome.

It does not cover specific pages: so police and spies will not be able to access that level of detail. That means they would know that a person has spent time on the Guardian website, but not what article they read.

Clearing your browser history or using private or incognito browsing modes do nothing to affect your browsing history stored by the ISP.

What will they be able to learn about my internet activity?

Information about the sites you visit can be very revealing. The data would show if a person has regularly visited Ashley Madison – the website that helped facilitate extramarital affairs. A visit to an Alcoholics Anonymous website or an abortion advice service could reveal far more than you would like the government or law enforcement to know.

The logged internet activity is also likely to reveal who a person banks with, the social media they use, whether they have considered travelling (eg by visiting an airline homepage) and a range of information that could in turn link to other sources of personal information.

Who will store my web browsing data?

The onus is on ISPs – the companies that users pay to provide access to the internet – to store the browsing history of its customers for 12 months. That includes fixed line broadband providers, such as BT, TalkTalk, Sky and Virgin, but also mobile phone providers such as EE, O2, Three and Vodafone.

... ... ...

Don't ISPs already store this data?

They already store a limited amount of data on customer communications for a minimum of one year and have done for some time, governed by the EU's data retention directive. That data can be accessed under the Regulation of Investigatory Powers Act 2000 (Ripa).

The new bill will enshrine the storage of browsing history and access to that data in law.

Can people hide their internet browsing history?

There are a few ways to prevent the collection of your browsing history data, but each way is a compromise.

The most obvious way is the use of virtual private networks (VPNs). They channel your data from your computer through your ISP to a third-party service before immersing on the internet. In doing so they can obfuscate your data from your ISP and therefore the government's collection of browsing history.

Companies routinely use VPNs to secure connections to services when off-site such as home workers. Various companies such as HotspotShield offer both free or paid-for VPN services to users.

Using the Tor browser, freely available from the Tor project, is another way to hide what you're doing from your ISP and takes things a stage further. It allows users to connect directly to a network of computers that route your traffic by bouncing it around other computers connected to Tor before emerging on the open internet.

Your ISP will see that you are connected to Tor, but not what you are doing with it. But not everybody has the technical skills to be comfortable using Tor.

Is there any downside to using a VPN?

In using a VPN you are placing all your trust in the company that operates the VPN to both secure your data and repel third parties from intercepting your connection. A VPN based in the UK may also be required to keep a log of your browsing history in the same way an ISP would.

The speed of your internet connection is also limited by the VPN. Most free services are slow, some paid-for services are faster.

Tor also risks users having their data intercepted, either at the point of exit from the Tor network to the open internet or along the path. This is technically tricky, however. Because your internet traffic is bounced between computers before reaching you, Tor can be particularly slow.

Can I protest-browse to show I'm unhappy with the new law?

One way to prevent an accurate profile of your browsing history from being built could be to visit random sites. Visiting nine random domains for every website you actually want to visit would increase the amount of data that your ISP has to store tenfold. But not everybody has the patience for that.

At some point it will be very difficult to store that much data, should everyone begin doing so.

... ... ...

[Nov 02, 2015] The Fatal Blindness of Unrealistic Expectations

Notable quotes:
"... Snowden revealed some outrageous practices and constitutional abuses and the Obama administration - yes the same one that has not managed to bring a single criminal charge against a single senior banker - wants to charge Snowden with espionage. ..."
"... The fact is that Mr Snowden committed very serious crimes, and the US government and the Department of Justice believe that he should face them." ..."
Peak Prosperity
cmartenson
Speaking of not having a clear strategy or vision

Snowden revealed some outrageous practices and constitutional abuses and the Obama administration - yes the same one that has not managed to bring a single criminal charge against a single senior banker - wants to charge Snowden with espionage.

It bears repeating; US Bankers committed literally hundreds of thousands of serious felonies and *not one* was ever charged by the Justice Dept. under Obama's two terms.

Recently the White House spokesman said "The fact is that Mr Snowden committed very serious crimes, and the US government and the Department of Justice believe that he should face them."

Well, either you believe serious crimes should be prosecuted or you don't.

Pick one.

But to try and be selective about it all just makes one something of a tyrant. Wielding power when and how it suits one's aims instead of equally is pretty much the definition of tyranny (which includes "the unreasonable or arbitrary use of power")

However, the EU has decided to drop all criminal charges against Snowden showing that the US is losing legitimacy across the globe by the day.

EU parliament votes to 'drop any criminal charges' against whistle-blower

The European parliament voted to lift criminal charges against American whistle-blower Edward Snowden on Thursday.

In an incredibly close vote, EU MEPs said he should be granted protection as a "human rights defender" in a move that was celebrated as a "chance to move forward" by Mr Snowden from Russia.

This seems both right and significant. Significant because the US power structure must be seething. It means that the EU is moving away form the US on important matters, and that's significant too. Right because Snowden revealed deeply illegal and unconstitutional practices that, for the record, went waaaaAAaaay beyond the so-called 'meta-data phone records' issue.

And why shouldn't the EU begin to carve their own path? Their interests and the US's are wildly different at this point in history, especially considering the refugee crisis that was largely initiated by US meddling and warmongering in the Middle East.

At this point, I would say that the US has lost all legitimacy on the subject of equal application of the laws, and cannot be trusted when it comes to manufacturing "evidence" that is used to invade, provoke or stoke a conflict somewhere.

The US is now the Yahoo! of countries; cheerleading our own self-described excellence and superiority at everything when the facts on the ground say something completely different.

Quercus bicolor

cmartenson wrote:

Recently the White House spokesman said "The fact is that Mr Snowden committed very serious crimes, and the US government and the Department of Justice believe that he should face them."

And this "serious crime" was committed by Snowden because he saw it as the only viable path to revealing a systematic pattern of crimes by none other than our own federal government that are so serious that they threaten the basic founding principles on which our REPUBLIC was founded.


lambertad

Truth is treason

You know how the old saying goes "truth is treason in the empire of lies". I'm a staunch libertarian, but I wasn't always that way. Before that I spent most of my 20's in Special Operations wanting to 'kill bad guys who attacked us' on 9/11. It wasn't until my last deployment that I got ahold of Dr. Ron Paul's books and dug through them and realized his viewpoint suddenly made much more sense than anyone else's. Not only did it make much more sense, but it was based on Natural Law and the founding principals of our country.

A lot has been made of the fact that Snowden contributed money to Dr. Paul's 2008 presidential campaign and that this was an obvious tell that he was really an undercover (insert whatever words the media used - traitor, anarchist, russian spy, etc.). The part that I find troubling is the fact that Snowden revealed to the world that we are all being watched, probably not in real time, but if they ever want to review the 'tapes' they can see what we do essentially every minute of every day. That's BIG news to get out to the citizenry. If you've got access to that kind of data, you don't want that getting out, but here's the kicker - Very few in this country today even care. Nothing in this country has changed that I'm aware of. GCHQ still spies on us and passes the info to the NSA. The NSA still spys on everyone and the Brits and passes the info to GCHQ. Austrialia and NZ and Canda still spy on whoever and pass the info on to whoever wants it. It's craziness.

At the same time, as Chris and others have pointed out, we're bombing people (ISIS/Al Nusra/AQ) we supported ('moderate rebels) before we bombed them (AQ) after we bombed Sadaam and invaded Iraq. Someone please tell me the strategy other than the "7 countries in 5 years plan". Yup, sounds a lot like Yahoo!.

I'm looking forward to Christmas this year because I get to spend 5 days with my wife's family again. My father-in-law is a smart man, but thinks the government is still all powerful and has everything under control. It should make some interesting conversations and debating.

Thanks for the article Adam, interesting parallel between TPTB and Yahoo!.

[Oct 28, 2015] The Senate, ignorant on cybersecurity, just passed a bill about it anyway

Notable quotes:
"... a spying bill that essentially carves a giant hole in all our privacy laws and allows tech and telecom companies to hand over all sorts of private information to intelligence agencies without any court process whatsoever. ..."
"... Make no mistake: Congress has passed a surveillance bill in disguise, with no evidence it'll help our security. ..."
"... They were counting on nobody paying much attention. Didnt you hear somebody got killed on Walking Dead? Whos got time to talk about boring nonsense like a Congressional bill? ..."
"... Inverse totalitarianism. Read Sheldon Wolin. Were sliding down the slippery slope. ..."
"... On Tuesday afternoon, the Senate voted 74 to 21 to pass a version of CISA that roughly mirrors legislation passed in the House earlier this year, paving the way for some combined version of the security bill to become law. ..."
www.theguardian.com

This is the state of such legislation in this country, where lawmakers wanted to do something but, by passing Cisa, just decided to cede more power to the NSA

Under the vague guise of "cybersecurity", the Senate voted on Tuesday to pass the Cybersecurity Information Sharing Act (Cisa), a spying bill that essentially carves a giant hole in all our privacy laws and allows tech and telecom companies to hand over all sorts of private information to intelligence agencies without any court process whatsoever.

Make no mistake: Congress has passed a surveillance bill in disguise, with no evidence it'll help our security.

eminijunkie 28 Oct 2015 17:34

Being competent requires work. Actual work.

You can't honestly say you expected them to do actual work, now can you?

david wright 28 Oct 2015 13:44

'The Senate, ignorant on cybersecurity, just passed a bill about it anyway '

The newsworthy event would be the Senate's passage of anything, on the basis of knowledge or serious reflection, rather than $-funded ignorance. The country this pas few decades has been long on policy-based evidence as a basis for law, rather than evidence-based policy. Get what our funders require, shall be the whole of the law.

Kyllein -> MacKellerann 28 Oct 2015 16:49

Come ON! You are expecting COMPETENCE from Congress?
Wake up and smell the bacon; these people work on policy, not intelligence.

VWFeature -> lostinbago 28 Oct 2015 13:37

Bravo!

"...There is no nation on earth powerful enough to accomplish our overthrow. ... Our destruction, should it come at all, will be from another quarter. From the inattention of the people to the concerns of their government, from their carelessness and negligence, I must confess that I do apprehend some danger. I fear that they may place too implicit a confidence in their public servants, and fail properly to scrutinize their conduct; that in this way they may be made the dupes of designing men, and become the instruments of their own undoing." -- Daniel Webster, June 1, 1837

"If once [the people] become inattentive to the public affairs, you and I, and Congress and Assemblies, Judges and Governors, shall all become wolves. It seems to be the law of our general nature, in spite of individual exceptions." -- Thomas Jefferson to Edward Carrington, 1787

lostinbago -> KhepryQuixote 28 Oct 2015 12:09

We became the enemy when the people started attacking the Military Industrial Corporate complex and trying to regain our republic from the oligarchs.

lostinbago 28 Oct 2015 12:07

Congress: Where Catch 22 melds with Alice in Wonderland

Phil429 28 Oct 2015 11:44

we now have another law on the books that carves a hole in our privacy laws, contains vague language that can be interpreted any which way, and that has provisions inserted into it specifically to prevent us from finding out how they're using it.

They were counting on nobody paying much attention. Didn't you hear somebody got killed on Walking Dead? Who's got time to talk about boring nonsense like a Congressional bill?

guardianfan2000 28 Oct 2015 08:53

This vote just showed the true colors of the U. S. Government,...that being a total disregard for all individuals' privacy rights.

newbieveryday 28 Oct 2015 02:11

Inverse totalitarianism. Read Sheldon Wolin. We're sliding down the slippery slope. Who's going to be der erster Fuehrer? David Koch?

Triumphant George -> alastriona 27 Oct 2015 18:55

From elsewhere:

On Tuesday afternoon, the Senate voted 74 to 21 to pass a version of CISA that roughly mirrors legislation passed in the House earlier this year, paving the way for some combined version of the security bill to become law.

CISA still faces some hurdles to becoming law. Congressional leaders will need to resolve remaining differences between the bills passed in the Senate and the House.

President Obama could also still veto CISA, though that's unlikely: The White House endorsed the bill in August, an about-face from an earlier attempt at cybersecurity information sharing legislation known as CISPA that the White House shut down with a veto threat in 2013.

--"CISA Security Bill Passes Senate With Privacy Flaws Unfixed", Wired

[Oct 24, 2015] Snowden NSA, GCHQ Using Your Phone to Spy on Others (and You)

that's pretty superficial coverage. Capabilities of smartphone mike are pretty limited and by design it is try to suppress external noise. If your phone is in the case microphone will not pick up much. Same for camera. Only your GPS location is available. If phone is switched off then even this is not reality available. I think the whole ability to listen from the pocket is overblown. There is too much noice to make this practical on the current level of development of technology. At the same time I think just metadata are enough to feel that you are the constant surveillance.
Notable quotes:
"... the most part intelligence agencies are not really looking to monitor your private phone communications per se. They are actually taking over full control of the phone to take photos or record ongoing conversations within earshot. ..."
"... According to Snowden, the UK's spy agency, the Government Communications Headquarters, uses NSA technology to develop software tools to control almost anyone's smartphone. He notes that all it takes is sending an encrypted text message to get into virtually any smartphone. Moreover, the message will not be seen by the user, making it almost impossible to stop the attack. ..."
"... Reprinted with permission from WeMeantWell.com . ..."
Oct 15, 2015 | The Ron Paul Institute for Peace and Prosperity
You are a tool of the state, according to NSA whistleblower Edward Snowden.

The NSA in the U.S., and its equivalent in the UK, GCHQ, are taking control of your phone not just to spy on you as needed, but also to use your device as a way to spy on others around you. You are a walking microphone, camera and GPS for spies.

Snowden, in a BBC interview, explained that for the most part intelligence agencies are not really looking to monitor your private phone communications per se. They are actually taking over full control of the phone to take photos or record ongoing conversations within earshot.

According to Snowden, the UK's spy agency, the Government Communications Headquarters, uses NSA technology to develop software tools to control almost anyone's smartphone. He notes that all it takes is sending an encrypted text message to get into virtually any smartphone. Moreover, the message will not be seen by the user, making it almost impossible to stop the attack.

GCHQ calls these smartphone hacking tools the "Smurf Suite." The suite includes:

Snowden said the NSA has spent close to $1 billion to develop these smartphone hacking programs.

Reprinted with permission from WeMeantWell.com.

[Oct 21, 2015] CIA chief's emails exposed Key things we learned from WikiLeaks' Brennan dump

Notable quotes:
"... A 2007 draft position paper on the role of the intelligence community in the wake of the 9/11 attacks shows that Brennan was already aware that numerous federal agencies – the FBI, CIA, NSA, Defense Department and Homeland Security – "are all engaged in intelligence activities on US soil." He said these activities "must be consistent with our laws and reflect the democratic principles and values of our Nation." ..."
"... Brennan added that the president and Congress need "clear mandates" and "firm criteria" to determine what limits need to be placed on domestic intelligence operations. When it comes to situations beyond US borders, Brennan said sometimes action must be taken overseas "to address real and emerging threats to our interests," and that they may need to be done "under the cover of secrecy." He argued that many covert CIA actions have resulted in "major contributions" to US policy goals. ..."
"... "enhanced interrogation" ..."
"... Some of the techniques Bond suggested that Congress ban included: forcing the detainee to be naked; forcing them to perform sexual acts; waterboarding; inducing hypothermia; conducting mock executions; and depriving detainees of food, water, or medical care. ..."
"... "Limitations on Interrogation Techniques Act of 2008." ..."
"... The bill prohibited the use of many of the same techniques listed in the previous document, though it was not passed. Ultimately, President Obama issued an executive order banning officials from using techniques not in the Army Field Manual. ..."
Oct 21, 2015 | RT USA

US government 'engaged' in spying activities on US soil

Debate over torture restrictions

Bond's suggestions get a bill

[Oct 21, 2015] The CIA director was hacked by a 13-year-old, but he still wants your data

Notable quotes:
"... With a properly run service provider, neither the helpdesk drones nor the admin staff should be able to see any user's password, which should be safely stored in an encrypted form. ..."
"... This is a turf war between bureaucrats who are born incompetent. The NSA has been increasing its share of budgetary largesse while the CIA and other security units have each been fighting to keep up. Politicians, being bureaucrats themselves, engage in the turf war. To them its all great fun. ..."
"... Lets be clear: it is very hard to see how blanket surveillance of American citizens is beneficial to American citizens. It tips over the power balance between government and citizen - it is undemocratic. It is unAmerican. ..."
"... It would be funny if it wasnt for the fact that the kid will most likely regret this for the rest of his life and nothing will change for Government or Brennan. ..."
"... Ive said it before and Ill say it again: incompetence is the main bulwark against tyranny. So let us be grateful for John Brennan. ..."
www.theguardian.com

Paul C. Dickie 20 Oct 2015 12:32

With a properly run service provider, neither the helpdesk drones nor the admin staff should be able to see any user's password, which should be safely stored in an encrypted form.

AmyInNH -> NigelSafeton 21 Oct 2015 11:59

You seriously underestimate the technical incompetence of the federal government. They buy on basis of quantity of big blue arrows, shown on marketing slideware.

Laudig 21 Oct 2015 05:31

This is great. This man is a serial perjurer to Congress. Which does eff-all about being lied to [they lie to everyone and so don't take offense at being lied to] and now he's hacked by a 13 year-old who, until a few weeks ago was protected by the The Children's Online Privacy Protection Act of 1998.
Well done, CIA or whatever you are.

So your well constructed career gets collapsed by someone who is still in short pants. The Age of Secrets is over now.

Stieve 21 Oct 2015 02:54

Er, why has no-one mentioned, why has there been no press coverage, why has not a single presidential candidate been asked to comment on the fact that The USA has been the victim of a military coup?

All pretence of government oversight has been dropped. The NSA, CIA and most likely every other arm of the "intelligence service" have simply taken over the elected government, ripped up The Constitution and transformed The US into a police state. Seven thousand people disappeared in Chigaco? Exactly why have there not been massive arrests of these Stasi? Or riots on the streets? Exactly why has there not been an emergency session of The Senate or Congress to find out why Chicago is being run like an Eastern Bloc dictatorship? Exactly why are police departments been given military hardware designed to be used by an occupying army?
I'll tell you exactly why.

Because The US actually has been taken over

Glenn J. Hill 21 Oct 2015 01:28

LOL, the Head of the CIA put sensitive info on an personal AOL ACCOUNT !!!!! What an total idiot. Just proves the " Peter Principle", that one gets promoted to one`s point of incompetent!

Can he be fired ? Locked up for gross stupidity ?? Will he come hunting for me, to take me out for pointing out his asinine stupidity ??

Fnert Pleeble -> Robert Lewis 20 Oct 2015 23:42

Congressmen are self motivating. They want the gravy train to continue. The carrot is plenty big, no need for the stick.

Buckworm 20 Oct 2015 21:51

Those old, tired, incompetent, ignorant, trolls are asking for more and more access to citizens data based on the assumption that they can catch a terrorist or another type of psycho before they act out on something. Don't they realize that so far, after 15 years of violating the citizen's constitutional rights, they HAVE NEVER CAUGHT not even ONE single person under their illegal surveillance.

This is the problem: they think that terrorists are as stupid as they are, and that they will be sending tons of un-encrypted information online- and that sooner or later they will intercept that data and prevent a crime. How many times have they done so? Z E RO . They haven't realized that terrorists and hackers are waaaaayyy ahead of them and their ways of communicating are already beyond the old-fashioned government-hacked internet. I mean, only a terrorist as stupid as a government employee would think of ever sending something sensitive through electronic communications of any kind - but the government trolls still believe that they do or that sooner or later they will!! How super-beyond-stupid is that? Congress??

Don't even talk about that putrid grotesque political farce - completely manipulated by the super-rich and heated up by the typical white-trash delusional trailer park troll aka as the "tea party". We've had many killing in the homeland after 9/11 - not even one of them stopped by the "mega-surveillance" - and thousands committed by irresponsible and crooked cops - and this will continue until America Unites and fight for their constitutional rights. That will happen as soon as their priority is not getting the latest iPhone with minimal improvement, spends endless hours playing candy crush,stand in long lines to buy pot, get drunk every evening and weekends, and cancel their subscription to home-delivered heroin and cocaine. So don't hold your breath on that one.

Wait until one of those 13-yr old gets a hold of nuclear codes, electric grid codes, water supply or other important service code - the old government farts will scream and denounce that they could have prevented that if they had had more surveillance tools - but that is as false as the $3 dollar bills they claim to have in their wallets. They cannot see any further from their incompetence and ignorance.

Robert Lewis -> Giants1925 20 Oct 2015 18:38

Did the FSB cook data so the US would invade Iraq and kill 1,000,000 civilians?

yusowong 20 Oct 2015 18:20

This is a turf war between bureaucrats who are born incompetent. The NSA has been increasing its share of budgetary largesse while the CIA and other security units have each been fighting to keep up. Politicians, being bureaucrats themselves, engage in the turf war. To them it's all great fun.

Triumphant -> George Giants1925 20 Oct 2015 14:41

Are you saying that because you aren't in a concentration camp, everything's pretty good? That's a pretty low bar to set.

Most people probably didn't vote for your current leader. To compare, in the UK, only 37% of the popular vote went for the current government. And once you leader is voted in, they pretty much do as they please. Fortunately, there are checks and balances which are supposed to prevent things getting out of control. Unfortunately, bills like the cybersecurity bill are intend to circumvent these things.

Let's be clear: it is very hard to see how blanket surveillance of American citizens is beneficial to American citizens. It tips over the power balance between government and citizen - it is undemocratic. It is unAmerican.


Red Ryder -> daniel1948 20 Oct 2015 14:16

The whole freakin government is totally incompetent when it comes to computers and the hacking going on around this planet. Hillary needs to answer for this email scandal but currently she is making jokes about it as if nothing happened. She has no clue when she tried to delete her emails. Doesn't the government know that this stuff is backed up on many computers and then stored it a tape vault somewhere. Hiding emails is a joke today.

mancfrank 20 Oct 2015 13:27

It would be funny if it wasn't for the fact that the kid will most likely regret this for the rest of his life and nothing will change for Government or Brennan.

Giants1925 20 Oct 2015 12:53

I still don't understand why Russia is allowed to have the FSB but the US is forbidden from having the CIA Who makes these rules again? Because frankly I'm tired of the world being run by popular opinion.


bcarey 20 Oct 2015 12:33

The bill is so bad that the major tech companies like Google and Amazon all came out against it last week, despite the fact that it would give them broad immunity for sharing this information with the government.

The usual show... "We're totally against it, but it's okay."


Donald Mintz 20 Oct 2015 12:02

I've said it before and I'll say it again: incompetence is the main bulwark against tyranny. So let us be grateful for John Brennan.

[Oct 14, 2015] Security farce at Datto Inc that held Hillary Clintons emails revealed by Louise Boyle & Daniel Bates

Notable quotes:
"... But its building in Bern Township, Pennsylvania, doesn't have a perimeter fence or security checkpoints and has two reception areas ..."
"... Dumpsters at the site were left open and unguarded, and loading bays have no security presence ..."
"... It has also been reported that hackers tried to gain access to her personal email address by sending her emails disguised parking violations which were designed to gain access to her computer. ..."
"... a former senior executive at Datto was allegedly able to steal sensitive information from the company's systems after she was fired. ..."
Oct 13, 2015 | Daily Mail Online

Datto Inc has been revealed to have stored Hillary Clinton's emails - which contained national secrets - when it backed up her private server

The congressional committee is focusing on what happened to the server after she left office in a controversy that is dogging her presidential run and harming her trust with voters.

In the latest developments it emerged that hackers in China, South Korea and Germany tried to gain access to the server after she left office. It has also been reported that hackers tried to gain access to her personal email address by sending her emails disguised parking violations which were designed to gain access to her computer.

Daily Mail Online has previously revealed how a former senior executive at Datto was allegedly able to steal sensitive information from the company's systems after she was fired.

Hackers also managed to completely take over a Datto storage device, allowing them to steal whatever data they wanted.

Employees at the company, which is based in Norwalk, Connecticut, have a maverick attitude and see themselves as 'disrupters' of a staid industry.

On their Facebook page they have posed for pictures wearing ugly sweaters and in fancy dress including stereotypes of Mexicans.

Its founder, Austin McChord, has been called the 'Steve Jobs' of data storage and who likes to play in his offices with Nerf guns and crazy costumes.

Nobody from Datto was available for comment.

[Oct 13, 2015] Hillary Clintons private server was open to low-skilled-hackers

Notable quotes:
"... " That's total amateur hour. Real enterprise-class security, with teams dedicated to these things, would not do this" -- ..."
"... The government and security firms have published warnings about allowing this kind of remote access to Clinton's server. The same software was targeted by an infectious Internet worm, known as Morta, which exploited weak passwords to break into servers. The software also was known to be vulnerable to brute-force attacks that tried password combinations until hackers broke in, and in some cases it could be tricked into revealing sensitive details about a server to help hackers formulate attacks. ..."
"... Also in 2012, the State Department had outlawed use of remote-access software for its technology officials to maintain unclassified servers without a waiver. It had banned all instances of remotely connecting to classified servers or servers located overseas. ..."
"... The findings suggest Clinton's server 'violates the most basic network-perimeter security tenets: Don't expose insecure services to the Internet,' said Justin Harvey, the chief security officer for Fidelis Cybersecurity. ..."
"... The U.S. National Institute of Standards and Technology, the federal government's guiding agency on computer technology, warned in 2008 that exposed server ports were security risks. It said remote-control programs should only be used in conjunction with encryption tunnels, such as secure VPN connections. ..."
Daily Mail Online

Investigation by the Associated Press reveals that the clintonemail.com server lacked basic protections

... ... ...

Clinton's server, which handled her personal and State Department correspondence, appeared to allow users to connect openly over the Internet to control it remotely, according to detailed records compiled in 2012.

Experts said the Microsoft remote desktop service wasn't intended for such use without additional protective measures, and was the subject of U.S. government and industry warnings at the time over attacks from even low-skilled intruders.

.... ... ...

Records show that Clinton additionally operated two more devices on her home network in Chappaqua, New York, that also were directly accessible from the Internet.

" That's total amateur hour. Real enterprise-class security, with teams dedicated to these things, would not do this" -- Marc Maiffret, cyber security expert

'That's total amateur hour,' said Marc Maiffret, who has founded two cyber security companies. He said permitting remote-access connections directly over the Internet would be the result of someone choosing convenience over security or failing to understand the risks. 'Real enterprise-class security, with teams dedicated to these things, would not do this,' he said.

The government and security firms have published warnings about allowing this kind of remote access to Clinton's server. The same software was targeted by an infectious Internet worm, known as Morta, which exploited weak passwords to break into servers. The software also was known to be vulnerable to brute-force attacks that tried password combinations until hackers broke in, and in some cases it could be tricked into revealing sensitive details about a server to help hackers formulate attacks.

'An attacker with a low skill level would be able to exploit this vulnerability,' said the Homeland Security Department's U.S. Computer Emergency Readiness Team in 2012, the same year Clinton's server was scanned.

Also in 2012, the State Department had outlawed use of remote-access software for its technology officials to maintain unclassified servers without a waiver. It had banned all instances of remotely connecting to classified servers or servers located overseas.

The findings suggest Clinton's server 'violates the most basic network-perimeter security tenets: Don't expose insecure services to the Internet,' said Justin Harvey, the chief security officer for Fidelis Cybersecurity.

Clinton's email server at one point also was operating software necessary to publish websites, although it was not believed to have been used for this purpose.

Traditional security practices dictate shutting off all a server's unnecessary functions to prevent hackers from exploiting design flaws in them.

In Clinton's case, Internet addresses the AP traced to her home in Chappaqua revealed open ports on three devices, including her email system.

Each numbered port is commonly, but not always uniquely, associated with specific features or functions. The AP in March was first to discover Clinton's use of a private email server and trace it to her home.

Mikko Hypponen, the chief research officer at F-Secure, a top global computer security firm, said it was unclear how Clinton's server was configured, but an out-of-the-box installation of remote desktop would have been vulnerable.

Those risks - such as giving hackers a chance to run malicious software on her machine - were 'clearly serious' and could have allowed snoops to deploy so-called 'back doors.'

The U.S. National Institute of Standards and Technology, the federal government's guiding agency on computer technology, warned in 2008 that exposed server ports were security risks.

It said remote-control programs should only be used in conjunction with encryption tunnels, such as secure VPN connections.

[Oct 13, 2015] Soviet Spying on US Selectric Typewriters

NSA fairy take, attempt to repair post-Snowden reputation ?
"... I stopped reading at NSA personnel demonstrated a tremendous capacity for hard work. They also exhibited deep dedication to the mission . ..."
"... This is clearly a bureaucratese interpretation of the events which, while not necessarily inaccurate, is tailored to claim the maximum possible credit and glory for the NSA and to cast aspersions on the readiness or cooperativeness of their organizational rivals in State and CIA. ..."
"... The whole document does not ring true in of its self, let alone before you start comparing it to other information that is now known from that time and earlier. ..."
"... It has been joked in the past that the Russians never really had to bother recruiting moles in the CIA and US military because The US Gave it away . Allen Dullas and his relatives were indirectly responsible for much of the leakage by putting way to much belief in direct force[1] and being more than hostile to the scientific and technical staff. So much so that it is known that often the scientific and technical work was carried out by the cash strapped British and passed back. ..."
Oct 12, 2015 | Schneier on Security
In the 1980s, the Soviet Union bugged the IBM Selectric typewriters in the US Embassy in Moscow. This NSA document discusses how the US discovered the bugs and what we did about it. Codename is GUNMAN.

Is this the world's first keylogger? Maybe.

Bob S.October 12, 2015 9:43 AM

On the other hand,

I am absolutely certain I read the Russian government ordered thousands of old fashioned electric typewriters, maybe from Germany, after the Snowden Revelations. I suppose even today some kind of electronic transmitter could be fitted to typewriters.

I wonder how that relates to the conveniently released NSA document?

So then, manual typewriter and trusted courier? (wax seal?)

Let's face it, on a governmental level anything truly serious and/or secret shouldn't be prepared or communicated on electronics. That seems to be a given anymore.

Conversely, hundreds of millions of people are now exposed to massive corporate-government-criminal spying and surveillance for their personal business (think bank and credit cards), medical records, personal data and recreational communications.

ps: Anyone noticing a the new, special privacy notices going up on major websites? Why is that?

blakeOctober 12, 2015 10:09 AM

@Daniele
I was going to post the same beautiful post-Snowden irony, but you beat me to it.

Instead I'll share these:
> "To the best of NSA's knowledge, the Soviets did not interfere with any of the equipment that was shipped to the embassy or returned to Fort Meade." (Pages 7-8)

So *either* the op went perfectly, *or else* went really badly, and there's no way to be sure. And:

> "The true nature of the GUNMAN project was successfully masked from most embassy employees"

Equivalently, the true nature of the op was not successfully masked from all embassy employees.

I stopped reading at "NSA personnel demonstrated a tremendous capacity for hard work. They also exhibited deep dedication to the mission".

Slime Mold withMustardOctober 12, 2015 11:45 AM

On page 25, the document mentions that the led to incident led to National Security Decision Directive Number 145 , part of which was the formation of the System Security Steering Group consisting of the Secretary of State , Secretary of Treasury, the Secretary of Defense, the Attorney General, the Director of the Office of Management and Budget, and the Director of Central Intelligence. If it still exists, I guess they were meeting in a suburban New York basement.

The theme of the entire piece is bureaucratic infighting, and (@ blake is right), self-congratulatory.

Ribbit • October 12, 2015 12:30 PM

I remember reading a similar story in the press back in the 1970s wherein the Soviets had managed to read the French diplomatic mission's traffic by planting a bug in their teletypes, which had been sent to Moscow by land without an accompanying guard. Why waste time attacking the crypto when you can get yourself direct access to the clear text...

IIRC, the device was said to be hidden in an capacitor which had a bit too many wires coming out.

I kind of remember that the new US embassy building in Moscow was so hopelessly riddled with bugs cast right into the concrete, that the tenant refused to move into the new premises.

The security at the construction US Embassy in Berlin inaugurated a few years ago was visibly much better than it must have been in Moscow, the site was quite visibly guarded like a fortress. They probably didn't want to see what THEY were installing...

I'm a bit surprised that the host country's electrical supply was used in the Embassy, I would have thought that paranoid security people would have installed a motor-generator group to provide isolation and also obtain 120/60Hz power from the public supply, which in Russia is 50Hz and not 60Hz like the report states.

It's not clear why GUNMAN should have been kept very secret, as the eavesdroppers must have wisened up relatively quickly that the embassy's equipment was being replaced wholesale. Was the NSA trying to secrecy in order to reuse the technique on its own targets?

Renato • October 12, 2015 2:47 PM

From the text: "As a totalitarian society, the Soviet Union valued eavesdropping and thus developed ingenious methods to accomplish it."

Made me laugh... :)

Ray Dillinger • October 12, 2015 3:15 PM

This is clearly a bureaucratese interpretation of the events which, while not necessarily inaccurate, is tailored to claim the maximum possible credit and glory for the NSA and to cast aspersions on the readiness or cooperativeness of their organizational rivals in State and CIA.

That said, it's good reading. Comic in some places and informative in others.

If you want security from electronic bugs built into your machinery, you pretty much have to use manual machinery. Which, post-Snowden, the Russians apparently do. They did not get electric typewriters, they got manual typewriters. The kind that keep right on working when there's no power to plug into. The kind in which ANY wire or battery or a chip showing up on an x-ray would definitely be an indication of something wrong. The kind where the plaintext can usually be recovered with some effort from an audio recording of the typing being done....

Tatütata • October 12, 2015 3:49 PM

@tyr:

" My favorite scam was the mini-cam in every Xerox that photoed every document you copied and was collected by the serviceman who also reloaded the camera. "

Modern multi-function devices combine a scanner back-to-back with a laser printer. How do I know that this document I am simply copying on a Brother or Xerox machine isn't stored and eventually sent on?

If printers mark documents with hidden watermarks [on what legal basis?] and scanners have logic for recognising certain dot patterns on bank notes [again, on what legal basis?], surely one could sneak in code to identify and collect interesting stuff, if the CPU horsepower is there?

On a Canon scanner I once had much difficulty in scanning a perfectly innocent document -- not a bank note or other financial instrument -- , but the damn thing kept resetting on a certain page. I eventually figured by selectively masking out parts of the page that something on the page was accidentally triggering the hidden code.

My Brother professional home office FAX/Scanner/Printer/Copier doesn't seem to have any memory than it strictly needs for the job. And for good measure, my firewall router is configured prevents it from making any outside calls.

But at my former job, the high volume and high speed Xerox machine had a hard disk mounted inside, and in addition had a card reader to read employee badges. People actually got tracked and punished for merely scanning sensitive documents showing management turpitude.

Justin • October 12, 2015 10:06 PM

@Tatütata

But at my former job, the high volume and high speed Xerox machine had a hard disk mounted inside, and in addition had a card reader to read employee badges. People actually got tracked and punished for merely scanning sensitive documents showing management turpitude.

If you can actually build a case showing "management turpitude," and it's successful, that's one thing, but you've got to expect that any large company would like to maintain control over "sensitive documents." (They don't tend to hire people who "know too much" in the first place.)

Ruufs • October 13, 2015 5:51 AM

The breathless schoolgirl prose is funny and sad. Not hard to imagine a retired Russian typewriter "repairman" reading it aloud to a colleague and saying "Wait, it gets better!"

Really, what's embarrassing about this is the high school writing style and the facile analysis.

"How I got to the White House and the story of our outwitting the extraordinarily clever Soviets (after a tipoff)" by Nancy Drew.

All seems very kindergartenlike now. So the US was incapable of keeping this secret, incapable of exploiting the discovery, relied on a foreign source in the first place, had lousy operational security and asset management, and couldn't organise an edit of this gushing, self-congratulatory piffle. LOL is the word.

It's a selfie before its time, and there's a connection all the way to Keith Alexander's holodeck. And to Snowden for that matter. Superheroes in the mirror and a conviction of the enemy's inferiority. There's a lot to be said for self-doubt, putting oneself in the shoes of the other and testing assumptions. The national aversion to this in the self-proclaimed "Greatest country in the world" is remarkable. Hubris as a security weakness has a long history.

Bob S.October 13, 2015 7:42 AM

@Ray

The Russians did indeed buy old fashioned ELECTRIC typewriters:

"German-made Triumph Adler Twen 180 typewriters were popular in the late '80s and early '90s"

http://www.telegraph.co.uk/news/worldnews/europe/russia/10173645/Kremlin-returns-to-typewriters-to-avoid-computer-leaks.html

However, not to be outdone, in 2014 the Germans were thinking about really old fashioned MANUAL typewriters after the Merkel revelations:

http://www.theguardian.com/world/2014/jul/15/germany-typewriters-espionage-nsa-spying-surveillance

One thing is clear Five Eyes sees anything electronic as a bonafide target whether it's grandma's flip phone or Russian intelligence services.

If it was me, and I wanted to make sure something did not go wild, I would not use any electronic device to prepare or communicate the information.

In turn, I would pump white noise by the ton into the rf world. How about a trillion cat pictures per...day...or hour?

albert October 13, 2015 10:47 AM

Very clever stuff from those '2nd-rate' Russkis.

"If you can't know your enemy, don't underrate him."

The paper mentions the number of typewriters required for the embassy was 250! The place must have been awash in paper. This has to be much more than the number of people assigned there. Talk about information overload.
Something tells me that there was a lot of BS being thrown around, or the US personnel were getting tons of Soviet data from somewhere.
Can someone explain this?

I'm assuming that the bugs transmitted 'over air', rather than over the power lines, which raises the question: how did the Soviets receive this data?

Other questions:

Did the Embassy have draconian power line filtering? At minimum, it should be installed at the service entrance, and at each sensitive electrical device.

OT. What about those powerful microwave beams the Soviets blasted at the Embassy? Were they for spying purposes, or just to make folks sick (which they did)?../OT

Did the US use any ECM systems there?

MarkOctober 13, 2015 3:03 PM

Something is fishy here... When I was in college I bought a used I/O Selectric typewriter (one with an RS232 EBCIDIC nterface). During Christmas break in 1978 I brought it home to my father's house and showed it to him. He had retired a decade earlier as colonel in military intelligence. He mentioned that they were forbidden to use Selectrics. A COMSEC officer had demonstrated to them that one could decode the typing from the sound that the mechanism made.

I had a KIM-1 microcomputer board with me at the time... a 1 kB, 6502 processor demo board. I spent a couple of days and hacked together a program that used the cassette tape interface on the KIM-1 as an input and proved that it was rather easy and reliable to do.

So why would our embassies be using Selectrics in the 1980's when it was well known that they were quite insecure as far back as the late 1960's?

Clive Robinson • October 13, 2015 5:45 PM

@ Nick P,

The whole document does not ring true in of it's self, let alone before you start comparing it to other information that is now known from that time and earlier.

Makes you wonder if it might have been some elaborate deception... If it was you then have to think "Who would fall for this 'steaming pile'?", to which the obvious answer would be a long term idiot sitting on an oversight committee.

You only have to look back at the Berlin Tunnel Attack --Operation Stopwatch / Gold-- that the UK and US carried out on Russia. The Russian KGB knowing it was going on via the mole George Blake made only tiny changes to the traffic that went down the cable, thus the bulk of the traffic was genuine but not strategic. With it is suspected some false information injected by the KGB to waste the Western IC time.

Then at a politically sensitive time the Russian's "discover" the tunnel and tell the world all about it along with photographs etc.

What has never been explained is that George Blake knew about the TEMPEST attacks around the Russia Cipher machines, that enabled the British to read the "faint ghost of plaintext" direct from the cables thus not having to attempt any cryptanalysis.

Presumably as Blake told the KGB about the tunnel, he also told them about the TEMPEST attacks, why then even after the tunnel was investigated and the British made "technical equipment" for the attacks had been captured and examined did the Russian cipher equipment at fault and still leaking plaintext continue in use for some very considerable time thereafter...

Arguably neither the US or Russians were any good at responding to EmSec issues in their own equipment even though both clearly knew the equipment was faulty. Whilst the British and Canadians however spent considerable time and effort removing the "plaintext ghost" from their Rockex super encipherment and similar equipment.

It has been joked in the past that the Russians never really had to bother recruiting moles in the CIA and US military because "The US Gave it away". Allen Dullas and his relatives were indirectly responsible for much of the leakage by putting way to much belief in direct force[1] and being more than hostile to the scientific and technical staff. So much so that it is known that often the scientific and technical work was carried out by the cash strapped British and passed back.

[1] He was known to espouse the belief that all wars could be stopped with a single bullet. Or as more normally called "Political Assassination". It can be easily shown that both Russia and Israel likewise believe in this, with Putin having pushed through legislation to make it legal and thus ensure protection for the assassins.

MarkOctober 13, 2015 6:48 PM

Ribbit,

My Selectric was an IBM I/O Selectric. It was part of their SER program (special engineering request). Basically an OEM custom machine that they would not support, repair, touch. I bought it to use as a typewriter for school ($600, with service manual). It used standard type balls and had a 150 baud RS232 port that spoke EBCIDIC. Since IBM repair people would not touch it and independent repair shops were pretty much useless I had to learn how to maintain the beast... oh for the love of hooverometers...

DEC machines could talk to it directly. The reason I had brought it home over Christmas was to work on building a replacement circuit board for it that would turn it into a standard ASCII terminal. My board used a 6502 to drive it. It had a large buffer so that you could send 300 baud data to it (the fastest that standard modems would work at in those days). Worked quite well. It paid for itself printing out peoples term papers and dissertations. Word processors and letter quality printers were practically non-existent at the time.

One guy got into a pissing match with his dissertation advisor who would not approve his dissertation unless he made a bunch of rather picayune changes. Changes rather obviously made to cause him to miss a deadline. Well, he edited his text (on a CDC-6600) and we spent the night re-printing all 200 pages. The poor advisor never knew what hit him...

[Oct 10, 2015] Forums and bulleting board users are watched by GCHQ

Oct 10, 2015 | marknesop.wordpress.com
Warren , September 25, 2015 at 2:25 pm

et Al , September 26, 2015 at 4:23 am

A top-secret GCHQ document from March 2009 reveals the agency has targeted a range of popular websites as part of an effort to covertly collect cookies on a massive scale. It shows a sample search in which the agency was extracting data from cookies containing information about people's visits to the adult website YouPorn, search engines Yahoo and Google, and the Reuters news website.

Other websites listed as "sources" of cookies in the 2009 document (see below) are Hotmail, YouTube, Facebook, Reddit, WordPress, Amazon, and sites operated by the broadcasters CNN, BBC, and the U.K.'s Channel 4.

…A top-secret GCHQ document from March 2009 reveals the agency has targeted a range of popular websites as part of an effort to covertly collect cookies on a massive scale. It shows a sample search in which the agency was extracting data from cookies containing information about people's visits to the adult website YouPorn, search engines Yahoo and Google, and the Reuters news website.

Other websites listed as "sources" of cookies in the 2009 document (see below) are Hotmail, YouTube, Facebook, Reddit, WordPress, Amazon, and sites operated by the broadcasters CNN, BBC, and the U.K.'s Channel 4…
###

And I bet the Guardian too as it is 'the world's most widely read new site'. They probably keep automatic tabs on this site considering how it has grown over the last couple of years.

I do wonder though, with all those stories about those thousands of Kremlin controlled Russian trolls on British news websites, whether some of this comes from carefully massaged data from GCHQ through third parties to the Pork Pie News Networks via 'unnamed sources', i.e. the usual bollox.

May I suggest to fellow commenters here, if at any point you loose your smart phone (etc.) just call GCHQ and they'll tell you where you left it. I wonder if they provide a data back up service?!

et Al, September 26, 2015 at 4:48 am

…The agency operates a bewildering array of other eavesdropping systems, each serving its own specific purpose and designated a unique code name, such as: …and INFINITE MONKEYS, which analyzes data about the usage of online bulletin boards and forums…

…Authorization is "not needed for individuals in the U.K.," another GCHQ document explains, because metadata has been judged "less intrusive than communications content." All the spies are required to do to mine the metadata troves is write a short "justification" or "reason" for each search they conduct and then click a button on their computer screen…

…When compared to surveillance rules in place in the U.S., GCHQ notes in one document that the U.K. has "a light oversight regime."

The more lax British spying regulations are reflected in secret internal rules that highlight greater restrictions on how NSA databases can be accessed. The NSA's troves can be searched for data on British citizens, one document states, but they cannot be mined for information about Americans or other citizens from countries in the Five Eyes alliance….
#####

It's just what is expected from the junior in the US/UK relationship. For the UK to retain privileged access to the US' global spy network, it needs to give the US what it wants, a way to circumvent the US' own laws. Dial back to when Gary Powers & his U-2 were shot down over the Soviet Union. All subsequent overflights by US manned and operated aircraft were prohibited, so, the US used British pilots and Canberras.

Once you understand the relationship and the goals that they have, you can work backwards and make fairly good conclusions about what tools would be required and used to get to those conclusions and try not think whether they are legal or not. What people can do to protect themselves is a) don't change most of your digital habits (as this would raise a flag); b) just don't do or say obvious things that you wouldn't do in real life in your digital life; c) use encryption such as PGP for email and products using perfect forward secrecy for chat/etc.; d) don't write about what not to do on the Internet as I have just done! ;)

The most disturbing thing about it all is that it puts us one step away from a totalitarian system. All that is required is a political decision. All the tools are in place and depending on how much information they have actually kept they can dip in to it at any time throughout your life as a rich source of blackmail, probably via third parties. It's not exactly threatening to send you to a concentration camp (or disappeared to one of Britain's (and others) many small overseas territories, but it is total control.

If the European economy completely crashes and mass instability ensues (or whatever), then the politicians will be told, or even ask, "What tools do we have to control this?".
Forget about 'checks and balances' – they're the first thing to be thrown out of the window in an emergency. Arbeit macht frei!

et Al , September 26, 2015 at 9:52 am

This should be a massive story as the parliamentary security committee gave the intelligence services a 'clean bill of health' not so long ago.

Since then, they've lost intelligence 'yes man' Malcolm Rifkind to an expenses scandal so the make up of the committee has changed a bit.

What it does show is that we cannot even trust the gatekeepers (above) who are give very limited info from the security services.

And let us not forget the dates that this occurred under a Labor administration and continued under a Conservative-Liberal Democrat and now a Conservative one.

It will be interesting to see if this story gains any traction, though I suspect that it will be much bigger outside of the UK, at least initially,

The cat is, again, out of the bag!

marknesop , September 26, 2015 at 2:38 pm

GCHQ and the CIA are in bed with one another, and have been for years. This might be a timely occasion to mention once again that both are capable of hacking into smartphones by all leading manufacturers; in the case of the IPhone the CIA uses a program application called Dropout Jeep.

We can thank Edward Snowden for that; the NSA spying scandal revealed a great deal more than just the information the CIA is snooping on your phone calls and collecting information on everyone. As the second reference relates, the CIA also diverted laptops ordered online so that government spyware could be installed on them. Intelligence agencies are determined that citizens shall have no privacy whatsoever. You might as well assume they are watching everything you do and listening to everything you say. Give the window the finger at random times just in case, and slip embarrassing revelations on the sexual proclivities of intelligence agents into your telephone conversations.

Canada's Blackberry was once safe, but GCHQ broke that. So now there is no smartphone that is private, except maybe for Russia's YotaPhone. Probably not that either, though, since it is sold in the USA, and if they couldn't break into the phone they would just hack the carrier. And the Canadian government bought all of its Secure Telephone Units (STU) from the NSA, so say no more about the "security" of those.

A few companies, like Silent Circle, pitch a privacy phone like the Blackphone, but it originates in the USA and everyone's paranoia has become so acute that the instant suspicion is they are telling you it is more private just because it is wired straight to the NSA. You can't believe anyone any more.

[Oct 03, 2015] The Athens Affair shows why we need encryption without backdoors

"... after the 2004 Olympics, the Greek government discovered that an unknown attacker had hacked into Vodafone's "lawful intercept" system, the phone company's mechanism of wiretapping phone calls. The attacker spied on phone calls of the president, other Greek politicians and journalists before it was discovered. ..."
"... all this happened after the US spy agency cooperated with Greek law enforcement to keep an eye on potential terrorist attacks for the Olympics. Instead of packing up their surveillance gear, they covertly pointed it towards the Greek government and its people. But that's not all: according to Snowden documents that Bamford cited, this is a common tactic of the NSA. They often attack the "lawful intercept" systems in other countries to spy on government and citizens without their knowledge: ..."
"... It's the exact nightmare scenario security experts have warned about when it comes to backdoors: they are not only available to those that operate them "legally", but also to those who can hack into them to spy without anyone's knowledge. If the NSA can do it, so can China, Russia and a host of other malicious actors. ..."
Sep 30. 2015 | The Guardian
Revelations about the hack that allowed Greek politicians to be spied on in 2004 come at a time when the White House is set to announce its encryption policy

Just as it seems the White House is close to finally announcing its policy on encryption - the FBI has been pushing for tech companies like Apple and Google to insert backdoors into their phones so the US government can always access users' data -= new Snowden revelations and an investigation by a legendary journalist show exactly why the FBI's plans are so dangerous.

One of the biggest arguments against mandating backdoors in encryption is the fact that, even if you trust the United States government never to abuse that power (and who does?), other criminal hackers and foreign governments will be able to exploit the backdoor to use it themselves. A backdoor is an inherent vulnerability that other actors will attempt to find and try to use it for their own nefarious purposes as soon as they know it exists, putting all of our cybersecurity at risk.

In a meticulous investigation, longtime NSA reporter James Bamford reported at the Intercept Tuesday that the NSA was behind the notorious "Athens Affair". In surveillance circles, the Athens Affair is stuff of legend: after the 2004 Olympics, the Greek government discovered that an unknown attacker had hacked into Vodafone's "lawful intercept" system, the phone company's mechanism of wiretapping phone calls. The attacker spied on phone calls of the president, other Greek politicians and journalists before it was discovered.

According to Bamford's story, all this happened after the US spy agency cooperated with Greek law enforcement to keep an eye on potential terrorist attacks for the Olympics. Instead of packing up their surveillance gear, they covertly pointed it towards the Greek government and its people. But that's not all: according to Snowden documents that Bamford cited, this is a common tactic of the NSA. They often attack the "lawful intercept" systems in other countries to spy on government and citizens without their knowledge:

Exploiting the weaknesses associated with lawful intercept programs was a common trick for NSA. According to a previously unreleased top-secret PowerPoint presentation from 2012, titled "Exploiting Foreign Lawful Intercept Roundtable", the agency's "countries of interest" for this work included, at that time, Mexico, Indonesia, Egypt and others. The presentation also notes that NSA had about 60 "Fingerprints" - ways to identify data - from telecom companies and industry groups that develop lawful intercept systems, including Ericsson, as well as Motorola, Nokia and Siemens.

It's the exact nightmare scenario security experts have warned about when it comes to backdoors: they are not only available to those that operate them "legally", but also to those who can hack into them to spy without anyone's knowledge. If the NSA can do it, so can China, Russia and a host of other malicious actors.

... ... ...

Disclosure: Trevor Timm works for Freedom of the Press Foundation, which is one of the many civil liberties organizations to have called on the White House to support strong encryption.


TDM MCL -> LePloumesCleau 30 Sep 2015 21:21

You are getting very warm near the real reasons why the government does not want your to have full privacy....encryption (of a certain type, not your usual off the shelf type mind you), is the threat that all power greedy controlling tyrant governments phreak out about....they tell you it's about national security...

if you don't find the contradiction in that line of thinking...you are not thinking carefully.

which is precisely what the elites desire..you ! no thinking...do what you are told..get in line..work hard...don't ask questions...

this is the world powers at work...and the minions of narrow minded geeks that support them in exchange for unbelievable amounts of money, influence and true freedom...it's ironic, really..that the world's smartest people have to steal your power from you, in order to have any themselves.

but it is what makes the current regimes' clock ticking.

TDM MCL -> Ehsan Tabari 30 Sep 2015 21:16

only by the most self favored moralistic nationalist bigotry can one assume that a "certain" kind of government can pull off mass surveillance "responsibly"!

and apparently, the USA would have you believe there is some significant difference in how well they perform the freedom robbing than their comrades..

I call them both tyrants..how bout them apples?!

TDM MCL -> ACJB 30 Sep 2015 21:12

what makes you believe that ALL NON-TRIVIAL communications are not being surveilled in real time at this moment, now?

If any entity of any significance is communicating, it is surely being tracked... this isn't some conspiratorial thinking either...

The vast reach and capacity for surveillance infrastructure is many time more then necessary to capture all real time communications. The most important significant communications are in fact the target...

Mom sending her sister a recipe on her aol account never registers....the "machine"...listens specifically.. it is far more intelligent and directed than most people understand.

But it also has the capacity to target just about anything..and that is the danger... What happens to the newsie or the everyday fella that takes note of something very disturbing...illegal even..or morally objectionable?

Remember why the tor network was designed for...mostly to allow people that could not talk freely to do so..in warzones..or where their discussions would bring grave danger to them and others....

Tor was hacked and it a dead animal to privacy for over 6 years now...don't use it, unless you want to the information to be used against you...

There are very few private venues anymore...the world has gone to shit


TDM MCL -> Crashman55 30 Sep 2015 20:58

It happens more often than most people understand.

If you want to get a reality test of this, here is how you too can verify that the spy agencies are very prevalent in every day communications.

btw: this simple type of test, is best applies using several of the off the shelf encryption programs ...in this way, you get verification of what snowden and many others have acknowledged for quite some time.

a. create a secure email ...join a secure vpn..use encrypted off the shelf s/w for your message.

b. send "someone" that you know ..that you call first ...that wants to play along...and within the email message...write some off the wall content about terrorism...bombs...etc..use all the sorted "key words"..it's easy to locate a list...google is your friend. Just make sure they understand that the purpose of the test to to verify that security exists..you will find..it doesn't...

c. it is best that your "friend" be localed outside of the us...middle east ...or russia...or china...ukraine...gernamny.,.,..etc..you get the idea.

d. repeat, rinse and wash using all the garden variety of the shelf security...PGP...GPG...CRYPTZONE...SYMANTEC...HPSECURE...ETC..ETC...DO ANY AND ALL OF THEM THAT YOU LIKE TO TEST. Fire them out like a shotgun...if you can enlist the help of hundreds to chain the mail along, even better.

When the agencies contact you...and they will depending on how authentic you have decided to mask your traffic and how authentic they consider your email content exchange merited inspection...you will discover what anyone who has actually used encyption in a real world way has come to understand...

if you are using typical commercially available encryption..there is NO privacy.

meaning it is not simple possible to crack..but easily...


Zhubajie1284 GoldMoney 30 Sep 2015 20:29

Facebook and Twitter were banned in China after someone posted a bunch of gruesome photos from some rioting in Xinjiang. It looked to me, as an outsider, that someone was trying to provoke anti-Muslim rioting elsewhere in China. It would be reasonable for Chinese security people to suspect the CIA or some other US agency famous for destabilizing foreign governments. The US had already announced it's strategic pivot towards Asia, which can easily be interpreted as a declaration of Cold War on China.

I don't know the whole truth of the incident, but people in PR China have good reason to be suspicious.

now, what is the risk...you may be harassed..but unless I am missing some new law, none of this type of testing is unlawful...

for real world security that works...similar kinds of penetration tests are used as above....

hey you can even honey pot a public network if you wanted to....you know just to prove to yourself there is no such thing as secrecy achieved by using a public library or a "shared" computer.

note: one of the first indications that you are being surveilled, is that there will a subtle but noted performance hit on your machine..if you attach a security gateway with logging, even better...or a high end hardware firewall-gateway, that sniffs...

watch also for some very interesting emails to hit all of your "other" accounts.

if you do this, I can predict at least the following:

your machine will take a hit...
you will get notified most likely by the FBI, via your isp.
if you do this on your smartphone and that is linked to other accounts..you can guarantee to have spread malware abundantly to all other accounts linked.
if the FBI asks that you reveal the content of emails...ask them to show you first...and grin very large when you say that...if it's a low end non-tech....force them to gain a warrant...and contact your lawyer...

is it a waste of time for law enforcement to show their hand in how intimately they have backended encyption..? or is worth it to you to understand that it is common..and secret..and very broad...

that time when making things better is waning...and narrowing..if you aren't willing to take a stand and object and posit your own resistance to overreaching spying..then the awful dreadful future that awaits you, is just as much your own fault.

that is where I land on the issue.


for the issue, now...not later!

take a stand!

TDM MCL martinusher 30 Sep 2015 20:27

the real issue with the "legal tacK' wrt to halting the fed from building backdoors or mandating them, is the reality that most of the high level secret business of spy agencies DEFY any law. As is the case with most software and hardware corporations..there is massive financial and intelligence capitol that depends on building backdoors in secret..sharing them with the government simply provides "cover"...

the real threat of all of this of course is the very reason why the constitution was written and preoccupied with protecting freedom and liberty...eventually, abuses from a tyranny government or fascist state comes into power.

some say we have already passes that threshold...given the broad "known" abuses of the 300+ secret spy agencies and the secret laws that not only authorize them but threaten companies who do not comply...you really can't deny the fact that the target is you and me. And sometimes, although, seemingly unproven, some existential external terror organization.

I've long since held that a formal security arrangement can implemented by ISP's where ALL internet traffic is routed...and where the most inteligent and efficient means to shut down malware and other activities that are unlawful and harmful...

I has never been seriously considered or even suggested by the government .....you have to serious be suspicious why that has never been considered...

perhaps too much intelligent security programs, would put all of the security industry and fear agencies out of business...What else would they do with their time...

I have zero faith in the US government to do the right thing anymore..they have been vacant at their core responsibility to protect its citizens. They have built a wall of mistrust by their abuses.

to the technologically talented, what this all means is that the US government has created a niche market that is growing ever larger...and that is to establish highly secure networks for end users. It also happens to make them appear to be criminals.

Imagine that...a software engineer who is actually doing the business of protecting a persons right to privacy...immediately falls into the long list of persons of interest!

the government has parted company with its responsibilities..and has created a adversarial rife with the people of its own country...I give it less than 10 years before the people perform their own arab spring...it really is going to get very bad in this country.

beelzebob 30 Sep 2015 17:34

This is all very interesting from a certain standpoint. 21 CFR Part 11 requires all drug companies, and other companies doing business before the FDA to take reasonable steps to ensure the security of all of their data to guarantee that the data are not tampered with. If the FBI and CIA are inserting backdoors into electronic communications devices, defined broadly to include everything from telephones to the Internet, there is no reasonable way to ensure that unauthorized parties can not use these devices to alter drug company data. Thus, it appears that drug companies, and their employees, contractors and suppliers, can not use the internet or anything connected to the internet as part of their FDA regulated operations.

kenalexruss 30 Sep 2015 14:02

Data is big business and ironically, only serves big business. The US government couldn't tell it's head from its ass regarding the stuff, but the data is critical for corporations. Since corporations are people and dictate government policy and are also the primary government interest, there will be back doors. Apple, google, microsoft, et.al. are ALL big business and they don't want you knowing how they really feel about it, so they feign objections. It's all about money, as usual.

martinusher 30 Sep 2015 13:23

There was an op-ed piece in the Los Angeles Times yesterday that suggested that adding backdoors or otherwise hacking into people's computers was a violation of the 3rd Amendment.

http://www.latimes.com/opinion/op-ed/la-oe-gatto-surveillance-3rd-amendment-20150929-story.html

Quite apart from that never making it past the Roberts court (although it might be worth trying) I daresay proponents of universal surveillance will argue that businesses aren't covered by this so hacking into servers &tc. is OK.

Government agencies do appear to be out of control. Its not the snooping so much as their general ineffectiveness when it comes to crime and the Internet -- you can get your identity stolen, your back account hacked and so on and they shrug as if to say "What's this got to do with us?". The seem to be only interested in a very narrow range of political activities.

Phil429 30 Sep 2015 12:14

Coming out strongly against such a mandate [to eliminate everyone's security] would be huge on multiple fronts for the Obama administration: it would send a strong message for human rights around the world, it would make it much harder for other governments to demand backdoors from US tech companies and it would also strengthen the US economy.

Only if you assume some connection between the administration's stated policies and its actions.


GoldMoney -> RoughSleeper 30 Sep 2015 12:05

I don't care about mass surveillance, because I have nothing to hide! I have nothing to hide, so I have nothing to fear, those that are trying to hide private lives, must have something to fear"....Signed GCHQ/MI5/Police/Council troll

haha - I loved that post, so true!


GoldMoney -> koichan 30 Sep 2015 11:49

The TSA travel locks for use in air travel have a backdoor and now can be opened by pretty much anyone in the world now. Now imagine the same thing applying to bank transactions, credit/debit card payments and so on...

Very good point.

By having backdoors you compromise the entire security of the system and make it vulnerable to attackers in general.

Snowden deserves the Nobel peace prize if you ask me....

While we are on the topic - lets take back the prize from Obama....


GoldMoney -> LePloumesCleau 30 Sep 2015 11:39

If people don't trust the security of encryption then there is no point in using it.

Exactly right.

I think the internet as we know it will break down in the future as countries will not trust foreign technology companies colluding with their home intelligence agencies.

Its already happening in China - most western technology companies like FB, Twitter, etc. are banned there for fear they could be used by the US to spy on Chinese citizens or to orchestrate a "Chinese Spring" there....


Crashman55 30 Sep 2015 11:13

You can go online and get the source codes off of several excellent encryption websites, and then develop your own. My brother and I did this, and we were sending our weekly NFL football picks back and forth each week. We stopped after the FBI came to my brother's place of business, after a couple months, and questioned him. When my brother asked how they able to even look at our emails, they said they had a computer program in place that kicked out encrypted emails. After being threatened with arrest at his job in front of everyone, he showed them the unencrypted versions.

They said that our silliness had wasted valuable FBI time and resources. If you don't think Big Brother is watching...


Peter Dragonas -> Ehsan Tabari 30 Sep 2015 10:25

Why do you think the anti-American Muslim Community and others, call us TERRORISTS? OUR COMPASS is as faulty as ????????. The world situation is a mirror of Grandiose Individuals who look down on reality. Reality is an obstruction to their neediness for attracting attention and control.


Peter Dragonas 30 Sep 2015 10:19

Another major "foundation section" removed from our Country's integrity. Sick, paranoia, similar to the "J. EDGAR HOOVER ERA & CONTINUATION THROUGH HIS LEGACY FUNDS TO THIS DAY". Could this be true, I could think the "The Athens Affair" predates the elements that brought down Greece, in favor of pushing Turkey to becoming the American doorway into Asia & the Middle East. Just a theory. Yet, where there is smoke, something is cooking, which requires political FIRE.


RoughSleeper 30 Sep 2015 08:50

I don't care about mass surveillance, because I have nothing to hide! I have nothing to hide, so I have nothing to fear, those that are trying to hide private lives, must have something to fear"....Signed GCHQ/MI5/Police/Council troll

  • I don't care about State cameras recording everyone out, because I don't go out. I don't care about those that do.
  • I don't care about State cameras recording wives, girlfriends, children, because I don't have any. I don't care about those that do.
  • I don't care about the right to privacy because I have nothing of any value to hide. I don't care about those that have.
  • I don't care about freedom of speech because I have nothing of any value to say. I don't care about those that have.
  • I don't care about freedom of the press because I have nothing of any value to write. I don't care about those that have.
  • I don't care about freedom of thought, because I have no thoughts of any value. I don't care about those that have.
  • I don't care about the right to privacy of intellectual property, because I have no intelligence of any value. I don't care about those that have.
  • I don't care about the right to privacy of bank details, because I have nothing of any value in my bank account. I don't care about those that have.
  • I don't care about the right to privacy of love letters, because I have no love of any value. I don't care about those that have.
  • I don't care about the rights of HR activists, because I don't contribute anything to HRs. I don't care about those that do.
  • I don't care about society, community, future, because I don't contribute anything to them. I don't care about those that do.
  • I don't care about the right to privacy of my vote, because we have no democracy of any value anyway. I don't care about countries that have.
  • I don't care about Gypsies, Blacks, Jews, Invalids, Unions, socialists, Untermensch, because I am not one. I don't care about those that are.
  • I only care about me, here & now! It's look after number one, as the Tories tell us.

  • koichan 30 Sep 2015 08:39

    For the less technically minded, heres another example of whats wrong with government backdoors:

    http://boingboing.net/2015/09/17/3d-print-your-own-tsa-travel-s.html

    The TSA travel locks for use in air travel have a backdoor and now can be opened by pretty much anyone in the world now. Now imagine the same thing applying to bank transactions, credit/debit card payments and so on...

    LePloumesCleau 30 Sep 2015 08:10

    I would only ever trust open source encryption software. I don't trust the "encryption" built into Windows or Apple software at all.

    If people don't trust the security of encryption then there is no point in using it.

    [Sep 27, 2015] Since st least 2009 GCHQ has targeted a range of popular websites as part of an effort to covertly collect cookies on a massive scale

    BBC used by GCHQ to spy on Internet users https://theintercept.com/2015/09/25/gchq-radio-porn-spies-track-web-users-online-identities/
    "... I do wonder though, with all those stories about those thousands of Kremlin controlled Russian trolls on British news websites, whether some of this comes from carefully massaged data from GCHQ through third parties to the Pork Pie News Networks via 'unnamed sources', i.e. the usual bollox. ..."
    "... …The agency operates a bewildering array of other eavesdropping systems, each serving its own specific purpose and designated a unique code name, such as: …and INFINITE MONKEYS, which analyzes data about the usage of online bulletin boards and forums… ..."
    "... Once you understand the relationship and the goals that they have, you can work backwards and make fairly good conclusions about what tools would be required and used to get to those conclusions and try not think whether they are legal or not. ..."
    "... The most disturbing thing about it all is that it puts us one step away from a totalitarian system. All that is required is a political decision. ..."
    "... Forget about 'checks and balances' – they're the first thing to be thrown out of the window in an emergency. Arbeit macht frei! ..."
    "... GCHQ and the CIA are in bed with one another, and have been for years. This might be a timely occasion to mention once again that both are capable of hacking into smartphones by all leading manufacturers; in the case of the IPhone the CIA uses a program application called Dropout Jeep. ..."
    "... the CIA also diverted laptops ordered online so that government spyware could be installed on them. ..."
    "... You can't believe anyone any more. ..."
    Sep 27, 2015 | marknesop.wordpress.com
    Warren, September 25, 2015 at 2:25 pm
    https://theintercept.com/2015/09/25/gchq-radio-porn-spies-track-web-users-online-identities/

    et Al, September 26, 2015 at 4:23 am

    A top-secret GCHQ document from March 2009 reveals the agency has targeted a range of popular websites as part of an effort to covertly collect cookies on a massive scale. It shows a sample search in which the agency was extracting data from cookies containing information about people's visits to the adult website YouPorn, search engines Yahoo and Google, and the Reuters news website.

    Other websites listed as "sources" of cookies in the 2009 document (see below) are Hotmail, YouTube, Facebook, Reddit, WordPress, Amazon, and sites operated by the broadcasters CNN, BBC, and the U.K.'s Channel 4.

    …A top-secret GCHQ document from March 2009 reveals the agency has targeted a range of popular websites as part of an effort to covertly collect cookies on a massive scale. It shows a sample search in which the agency was extracting data from cookies containing information about people's visits to the adult website YouPorn, search engines Yahoo and Google, and the Reuters news website.

    Other websites listed as "sources" of cookies in the 2009 document (see below) are Hotmail, YouTube, Facebook, Reddit, WordPress, Amazon, and sites operated by the broadcasters CNN, BBC, and the U.K.'s Channel 4…
    ###

    And I bet the Guardian too as it is 'the world's most widely read new site'. They probably keep automatic tabs on this site considering how it has grown over the last couple of years.

    I do wonder though, with all those stories about those thousands of Kremlin controlled Russian trolls on British news websites, whether some of this comes from carefully massaged data from GCHQ through third parties to the Pork Pie News Networks via 'unnamed sources', i.e. the usual bollox.

    May I suggest to fellow commenters here, if at any point you loose your smart phone (etc.) just call GCHQ and they'll tell you where you left it. I wonder if they provide a data back up service?!

    et Al, September 26, 2015 at 4:48 am
    …The agency operates a bewildering array of other eavesdropping systems, each serving its own specific purpose and designated a unique code name, such as: …and INFINITE MONKEYS, which analyzes data about the usage of online bulletin boards and forums…

    …Authorization is "not needed for individuals in the U.K.," another GCHQ document explains, because metadata has been judged "less intrusive than communications content." All the spies are required to do to mine the metadata troves is write a short "justification" or "reason" for each search they conduct and then click a button on their computer screen…

    …When compared to surveillance rules in place in the U.S., GCHQ notes in one document that the U.K. has "a light oversight regime."

    The more lax British spying regulations are reflected in secret internal rules that highlight greater restrictions on how NSA databases can be accessed. The NSA's troves can be searched for data on British citizens, one document states, but they cannot be mined for information about Americans or other citizens from countries in the Five Eyes alliance….
    #####

    It's just what is expected from the junior in the US/UK relationship. For the UK to retain privileged access to the US' global spy network, it needs to give the US what it wants, a way to circumvent the US' own laws. Dial back to when Gary Powers & his U-2 were shot down over the Soviet Union. All subsequent overflights by US manned and operated aircraft were prohibited, so, the US used British pilots and Canberras.

    Once you understand the relationship and the goals that they have, you can work backwards and make fairly good conclusions about what tools would be required and used to get to those conclusions and try not think whether they are legal or not.

    What people can do to protect themselves is

    1. don't change most of your digital habits (as this would raise a flag);
    2. just don't do or say obvious things that you wouldn't do in real life in your digital life;
    3. use encryption such as PGP for email and products using perfect forward secrecy for chat/etc.;
    4. don't write about what not to do on the Internet as I have just done! ;)

    The most disturbing thing about it all is that it puts us one step away from a totalitarian system. All that is required is a political decision. All the tools are in place and depending on how much information they have actually kept they can dip in to it at any time throughout your life as a rich source of blackmail, probably via third parties. It's not exactly threatening to send you to a concentration camp (or disappeared to one of Britain's (and others) many small overseas territories, but it is total control.

    If the European economy completely crashes and mass instability ensues (or whatever), then the politicians will be told, or even ask, "What tools do we have to control this?".

    Forget about 'checks and balances' – they're the first thing to be thrown out of the window in an emergency. Arbeit macht frei!

    et Al, September 26, 2015 at 9:52 am
    This should be a massive story as the parliamentary security committee gave the intelligence services a 'clean bill of health' not so long ago. Since then, they've lost intelligence 'yes man' Malcolm Rifkind to an expenses scandal so the make up of the committee has changed a bit.

    What it does show is that we cannot even trust the gatekeepers (above) who are give very limited info from the security services. And let us not forget the dates that this occurred under a Labor administration and continued under a Conservative-Liberal Democrat and now a Conservative one.

    It will be interesting to see if this story gains any traction, though I suspect that it will be much bigger outside of the UK, at least initially. The cat is, again, out of the bag!

    marknesop, September 26, 2015 at 2:38 pm
    GCHQ and the CIA are in bed with one another, and have been for years. This might be a timely occasion to mention once again that both are capable of hacking into smartphones by all leading manufacturers; in the case of the IPhone the CIA uses a program application called Dropout Jeep.

    We can thank Edward Snowden for that; the NSA spying scandal revealed a great deal more than just the information the CIA is snooping on your phone calls and collecting information on everyone. As the second reference relates, the CIA also diverted laptops ordered online so that government spyware could be installed on them. Intelligence agencies are determined that citizens shall have no privacy whatsoever. You might as well assume they are watching everything you do and listening to everything you say. Give the window the finger at random times just in case, and slip embarrassing revelations on the sexual proclivities of intelligence agents into your telephone conversations.

    Canada's Blackberry was once safe, but GCHQ broke that. So now there is no smartphone that is private, except maybe for Russia's YotaPhone. Probably not that either, though, since it is sold in the USA, and if they couldn't break into the phone they would just hack the carrier. And the Canadian government bought all of its Secure Telephone Units (STU) from the NSA, so say no more about the "security" of those.

    A few companies, like Silent Circle, pitch a privacy phone like the Blackphone, but it originates in the USA and everyone's paranoia has become so acute that the instant suspicion is they are telling you it is more private just because it is wired straight to the NSA.

    You can't believe anyone any more.

    [Sep 26, 2015] Intelligent System Hunts Out Malware Hidden In Shortened URLs

    Sep 26, 2015 | tech.slashdot.org
    Posted by timothy
    An anonymous reader writes: Computer scientists at a group of UK universities are developing a system to detect malicious code in shortened URLs on Twitter. The intelligent system will be stress-tested during the European Football Championships next summer, on the basis that attackers typically disguise links to malicious servers in a tweet about an exciting part of an event to take advantage of the hype.

    Anonymous Coward

    Shouldn't browsers be changed to not simply follow the redirect, but ask the user first?

    Zontar The Mindless

    For TinyURL, you can enable preview of the full URL here [tinyurl.com]. Uses a cookie, though.

    Anonymous Coward on Saturday September 26, 2015 @06:37AM (#50603143)

    I can connect to the server and retrieve the redirect information manually. Works for all of them. But it's a) inconvenient, and b) not something everyone is able to do. Some addons seem to be available, but they don't do things nicely.

    1) Patch the page directly (not just retrieve the data on mouse over), making it less original

    2) Even retrieve the title of the redirection target (just that connection is enough to validate the existence of an email address)

    My requirements are:

    - shall not connect to the host of the shortened url (or any other -- no distinction between "normal" and shorted urls) unless clicked

    - shall not connect to the the redirect target unless confirmed by the user, or the target is on the same host

    Zontar The Mindless

    Whatever. I despise shorteners, don't use them myself, and generally refuse to follow shortened URLs. Just bored and trying to be helpful.

    [Sep 26, 2015] Phone Passwords Protected By 5th Amendment, Says Federal Court

    Sep 26, 2015 | yro.slashdot.org
    September 24, 2015

    imothy

    Ars Technica reports that a Federal court in Pennsylvania ruled Wednesday that the Fifth Amendment protects from compelled disclosure the passwords that two insider-trading suspects used on their mobile phones. In this case, the SEC is investigating two former Capital One data analysts who allegedly used insider information associated with their jobs to trade stocks-in this case, a $150,000 investment allegedly turned into $2.8 million. Regulators suspect the mobile devices are holding evidence of insider trading and demanded that the two turn over their passcodes.However, ruled the court , "Since the passcodes to Defendants' work-issued smartphones are not corporate records, the act of producing their personal passcodes is testimonial in nature and Defendants properly invoke their fifth Amendment privilege. A"

    [Sep 26, 2015] NSA Director Admits that Sharing Encryption Keys With the Government Leaves Us Vulnerable to Bad Guys

    "... Writing your own encryption is a recipe for disaster. Only peer-reviewed algorithms and implementations should ever be used. They must also use reliable random number generators. ..."
    Sep 26, 2015 | www.zerohedge.com
    Sep 26, 2015 | Zero H4edge
    GreatUncle

    Drop the random number generator method that is already venerable now.

    Go for an encryption key of length > data length instead so each data bit is uniquely encrypted by a unique key bit.

    Break one bit has no bearing on breaking any other bit.

    For the NSA comes the headache under such an encryption method a 10 letter statement can be any other 10 letter statement from different keys.

    Now it gets interesting "I love you" is from one encryption key whilst another key says "I hate you".

    Now each message generated if asked for the key you provide one of an infinite number of keys where the the key you give is for the message you wish them to see provided it makes sense any evidence used through a prosecution on this is only ever circumstantial evidence and quite easily refuted questioning only the key being used.

    Kind of like it myself.

    SgtShaftoe

    Bullshit. Encryption works. Even if the NSA had some back-door in a particular encryption algorithm, or weakened a random number generator (Microsoft, cough), the NSA does not have the processing power to decrypt everything.

    Snowden has stated as much, I've seen the same thing in .mil circles during my time there. Using decent encryption works. It's far easier to attack the people directly with social engineering than crack decent encryption.

    logicalman

    The world has gone totally batshit crazy.

    NSA want to watch everyone and also have the ability to plant damaging or malicious files on targeted computers.

    What a fucking trick!

    On a good day you can trust yourself.

    John_Coltrane

    What type of encryption is being discussed? I've notice very few actually understand how encryption works. When public/private key encyption is used only the public key is ever available to the counterparty and can be freely published. The secret key is kept on your machine only and never shared. Both parties/computers use the others public key to encrypt the plaintext and only the person with the unique secret key on both ends can read it. Authentication is also facile: You simply sign using the secret key. Only your public key can decrypt the signature so anyone intercepting and attempting to change your message cannot do so (spoofing impossible). Unbreakable and requires no secure key exchange like like two way keys such as AES, for example. This is what happens on https sites where key pairs are generated by both parties and the secret keys are never exchanged or shared-new key pairs are generated each visit. Intercepting the encrypted message is useless since the secret key remains physically in your possesion. That's why the NSA and any government hates this algorithm. Make the key at least 2048 bits long and you'll need more time than the age of universe to crack it by brute force with the entire computing power of every machine on earth. Even 256 bits is sufficient to protect against anyone before they die.

    blindman

    information is power and access to information is big business. the taxpayer pays the bills for the gathering, hell, the individual "user" of the technology pays for the surveillance and data collection themselves. we are paying to have our privacy sold to corporations. get that, it is freakin' brilliant! and the "officials" sell the access for personal gain. the corporations love to eat it all up and reward the loyal local success story dupes, pimps and prestitutes. everyone is on stage 24/7 and no one is the wiser in the field of cultural normalcy bias, mind control and entertaining with the Jones's. soft control moving into hard up confiscation, then incarceration. wonderfully yokel deterioration impersonating culture and civilization, what many call government, but i take exception to every term and wonder wtf.

    q99x2

    The NSA works for corporations and they need to break into peoples stuff to steal from them as well as to steal from other corporations. There is a war going on but it is much larger than a war on nations or citizens of bankster occupied nations.

    Gaius Frakkin' ...

    With one-time pad, the software is trivial.

    There are two big challenges though:

    1) Building a hardware random number generator which is truly random, or as close as possible.

    2) Getting the keys to your counter-party, securely. It has to be down physically ahead of time.

    HenryHall

    E.R.N.I.E. - the electronic random number indicator equipment was used with British Premium Bonds in the 1950s. A chip based on digital counting of thermal noise must be easy to make. Getting the keys to thye other party just involves handing over a chip. 16Gigabytes or so miniSD should be good for enough emails to wear out a thousand or more keyboards.

    It just needs to be made into a product and sold for cash.

    Open source encryption software may or may not be trivial, but it sure isn't easy to use for folks who aren't experts in encryption.

    Lookout Mountain

    The NSA decided that offense was better than defense. Suckers.

    ah-ooog-ah

    Write your own encryption. Use AES - freely available. Exchange keys verbally, face to face, or use One Time Pads (once only!!). If you didn't write, don't trust it.

    SgtShaftoe

    Writing your own encryption is a recipe for disaster. Only peer-reviewed algorithms and implementations should ever be used. They must also use reliable random number generators.

    If you don't know what you're doing and are very very careful and exacting in running a OTP system (One time pad) you will be fucked. That's why they aren't typically used except in very small use cases. They're hard to run properly.

    Anyone claiming to have an encryption product for a computer based on a one time pad is full of shit. Cough, Unseen.is, cough. It's a glorified Cesar cypher and the NSA will have your shit in 2.5 seconds or less.

    Good encryption works. Snowden stated that fact. Don't use shitty encryption, unless you want everyone to know what you're doing.

    There's plenty of open source projects out there based on good encryption, twofish, serpent, AES, or ideally a combination of multiple algorithms. Truecrypt is still alive and has been forked with a project based in Switzerland. I think that's still a good option.

    I wouldn't use MS bitlocker or PGP unless you trust symantec or microsoft with your life. Personally I wouldn't trust those companies with a pack of cigarettes, and I don't even smoke.

    Nels

    Writing your own encryption is a recipe for disaster. Only peer-reviewed algorithms and implementations should ever be used. They must also use reliable random number generators.

    I read the original note to mean you use a peer reviewed algorithm, but write the code yourself. Or, at least review it well. Some open source code tends to be a bit tangled. Checkout Sendmail and its support for X.400 and other old mail protocols, as well as a convoluted configuration setup. At some point, with code with that much historical baggage and convoluted setup becomes impossible to really check all possible configurations for sanity or safety.

    If you believe that the simpler the code the safer it is, code it yourself.

    . . . _ _ _ . . .

    Power grab by the NSA (deep state) basically saying that they don't trust the hand that feeds it. So why should we? What level of classification would this entail? Are we then supposed to trust the NSA? Civil War 2.0.???

    Sorry for all the questions, but... WTF?

    S.N.A.F.U.

    SgtShaftoe

    It really starts with asymmetry of power. If some agency or person has a asymmetric level of power against you and lack of accountability, you should be concerned about them.

    That's a much easier test case vs enemy/friend and far more reliable.

    Urban Roman

    Long self-published certificates, Novena and Tails.

    [Sep 26, 2015] US and China back off internet arms race but Obama leaves sanctions on the table

    "... How can the U.S. say cyber hacking must stop when we know very well that they have been cyber spying and hacking for years, Snowden spilt the beans on that issue, big brother raising his head again. ..."
    "...
    ..."
    "... I see a contradiction here that you critcize for not warring with Xi/China and then bemoaning the obviously damaging costs of what looks like perpetual wars. ..."
    "... In the main, Obama has not slipped out of his arrogant school master's tone and role, but we keep hearing he does it to please the American electorate. If the NSA in Germany (Bad Aibling) is allowed to sniff out commercial secrets on German computers (an issue for over 10 years, it's only the spinlessness of the elites that keep allowing that) then surely it's all 'open platform'. I only read German and English well enough to ascertain what's what in the spying game, so I can only refer to Germany. Maybe we get some Spanish, Italian, French etc reading people to tell us if sniffing out Germany's company secrets is unique, probably not. ..."
    "... Nice little bit of spin here. It gives the impression that the US is telling the PRC what to do when the reality is this is part of the previous and current five year plan. ..."
    "... This looks a bit odd to me. Is he saying that Snowden forged the ten thousand records detailing US cyber spying on fifty countries or is he asking for Chinas assurance that the CCP are not sponsoring the attacks. In any case...I Obamas full of shit. ..."
    "... the US has offered no proof that China hacked American records, while the world knows that the worse hacker on the planet is the US as shown via the Snowden documents - we even hack our allies. You know, there is a saying about glass houses and throwing stones. ..."
    "... Its a fallacy that you can separate business spying and state secrets spying. If there is going to be war, it will be all out, no sacred cows. Don't expect an agreement to leave space satellites out for example. People are still living in this utopia that a war can happen somewhere else and life will go on as normal. For China, the war will be for its own existence and there will be no holds barred. Look at the Vietnam war for example and you will see how much the Vietnamese sacrificed for that ultimate victory. So I believe that a more comprehensive framework is required for the assured future for both nations. ..."
    "... Every year the same blame the Chinese happens. US agencies will always fabricate foreign threat so annual budgets can be increased $$$. The fiscal year ends in Sept. "My dept. needs more taxpayer funding, the Chinese and Russians are attacking!" ..."
    "... In the name of "National Security" anything goes (except sabotage in peace time), so long as it is not used for "competitive advantage". Nice to have a mutually approved set of labels to continue doing what both sides have always been doing. ..."
    Sep 25, 2015 | The Guardian

    JoeCorr -> Erazmo 25 Sep 2015 23:57

    The US has no class...

    They call it 'American directness'. In fact it's gross bad manners but thats how the Empire of the Exceptionals sees itself.

    A John Wayne mindset and a Lex Luthor worldview. Being dismantled with astonishing ease by the PRC.


    Eugenios -> SuperBBird 25 Sep 2015 23:58

    The Chinese Communists are humanists itself compared to the brutality of the US.

    Just compare prison populations, for examine. The US has more people in prison both proportionately and absolutely than all of China.


    HollyOldDog -> TheEqlaowaizer 25 Sep 2015 21:30

    Looks like the wise words of the Pope has not penetrated the 'brains' American State Department or its President, if all that Obama can say is to threaten sanctions against another country. Is the BRICS alternative bank such a worry to the Americans as their first thoughts are bullying tactics.


    ID240947 25 Sep 2015 21:22

    How can the U.S. say cyber hacking must stop when we know very well that they have been cyber spying and hacking for years, Snowden spilt the beans on that issue, big brother raising his head again.


    JoeCorr -> goatrider 25 Sep 2015 21:08

    Take all that cheap junk

    Cheap junk? Its 2015 can you even just try to keep up. We're buying Chinese flat screens the size of billboards and China leads the world in home appliances. BYD and Shanghai Auto sales are expanding at warp speed. I could go on but thats enough.

    The US and Europe made the same stupid jibes at Japan before they decimated our electrics, shipbuilding, auto manufacturing and every single electronics company outside military patronage.

    Its not China whos at fault here. It's people like you with your head so deeply wedged in the sand your shitting pebbles.


    JoeCorr 25 Sep 2015 21:01

    My daughter drew speech balloons on this photo and mages it to the fridge.

    Obama is saying. " Sanctions are still on the table". Xi is saying. " Poor thing. Allah will look after you"

    Which I thought kinda perceptive for a 13 year old.


    HauptmannGurski -> Sam3456 25 Sep 2015 20:46

    I see a contradiction here that you critcize for not warring with Xi/China and then bemoaning the obviously damaging costs of what looks like perpetual wars. Never mind, we all get emotional in these troubled times and find ourselves in contraction with ourselves.

    In the main, Obama has not slipped out of his arrogant school master's tone and role, but we keep hearing he does it to please the American electorate. If the NSA in Germany (Bad Aibling) is allowed to sniff out commercial secrets on German computers (an issue for over 10 years, it's only the spinlessness of the elites that keep allowing that) then surely it's all 'open platform'. I only read German and English well enough to ascertain what's what in the spying game, so I can only refer to Germany. Maybe we get some Spanish, Italian, French etc reading people to tell us if sniffing out Germany's company secrets is unique, probably not.

    (PS: if we think that the perpetual wars are too costly, in the sense that the populations miss out more and more, then we ought to keep an eye on the US job figures. There's a view out there that it's been US arms sales under Obama which underpin the 'recovery'. The Nobel Peace prize committee would take the prize back now, I gues, but that's not in the rules.)

    goatrider 25 Sep 2015 20:37

    How is America going to sanction a country that produces a majority of the items sold in America? Take all that cheap junk off the shelves of box stores and the American people will revolt----they are addicted consumers of cheap junk and fast food.


    JoeCorr -> vr13vr 25 Sep 2015 20:15

    Whom exactly did we fire, prosecute or whatever else after all those NSA revelations?

    Bradley Manning. Aaron Swartz driven to Suicide having never broken a single law. Snowden driven to exile. There are many others.


    JoeCorr 25 Sep 2015 20:00

    News of this deal, first revealed on Thursday, was followed up before...

    Nice little bit of spin here. It gives the impression that the US is telling the PRC what to do when the reality is this is part of the previous and current five year plan.

    The 'sanctions' are another interesting bit of spin. How would you enforce sanctions against almost a quarter of the worlds population when they are your most reliable customer and literally thousands of American companies have invested and relocated there.

    what I am hoping that President Xi will show me is that we are not sponsoring these activities and that … we take it seriously and will cooperate to enforce the law."

    This looks a bit odd to me. Is he saying that Snowden forged the ten thousand records detailing US cyber spying on fifty countries or is he asking for Chinas assurance that the CCP are not sponsoring the attacks. In any case...I Obamas full of shit.


    Erazmo 25 Sep 2015 19:12

    The US has no class and is a paper tiger. First, no one in the administration met President Xi when arrived on American soil. This is an insult to the Chinese and shows no class on the part of the Obama administration. Sure, the Pope was here at the same time but I don't understand why some schedules couldn't have been changed a little to accommodate the visit the leader of the world's most populous country. Second, the US continues to accuse and scold China as if they were a kid. Yet, the US has offered no proof that China hacked American records, while the world knows that the worse hacker on the planet is the US as shown via the Snowden documents - we even hack our allies. You know, there is a saying about glass houses and throwing stones.


    Chin Koon Siang 25 Sep 2015 19:05

    Its a fallacy that you can separate business spying and state secrets spying. If there is going to be war, it will be all out, no sacred cows. Don't expect an agreement to leave space satellites out for example. People are still living in this utopia that a war can happen somewhere else and life will go on as normal. For China, the war will be for its own existence and there will be no holds barred. Look at the Vietnam war for example and you will see how much the Vietnamese sacrificed for that ultimate victory. So I believe that a more comprehensive framework is required for the assured future for both nations.

    vr13vr -> CitizenCarrier 25 Sep 2015 18:42

    Whom exactly did we fire, prosecute or whatever else after all those NSA revelations?

    vr13vr 25 Sep 2015 18:40

    Obama never stops surprising with his manners. Or actually a lack of such. He just made an agreement with a leader of another country, a large and powerful country mind you. And right away he publicly expresses a doubt whether the other party intends to carry the agreements. Basically calling his counterpart a liar for no good reason. And as a cheap bully, inserts more threats of more sanctions. Sure, the president of the other country had more class, he stayed there and smiled friendly, but with such arrogant display of disrespect and bullying, nobody would ever take Obama serious. And nobody should.

    shawshank -> CitizenCarrier 25 Sep 2015 18:24

    Grasping at straws? Xi is not Hitler. Also, Snowden already exposed that the US was spying on China.


    Book_of_Life -> CitizenCarrier 25 Sep 2015 18:10

    "Acts of war"
    USA are worlds biggest warmongers instigators including false flags and regime changes covert activity black ops

    you better check yourself before you wreck yourself
    cause i'm bad for your health, i come real stealth
    droppin bombs on ya moms
    So chikity-check yo self before you wreck yo self
    Come on and check yo self before you wrikity-wreck yourself


    Lrgjohnson -> canbeanybody 25 Sep 2015 18:00

    Every year the same blame the Chinese happens. US agencies will always fabricate foreign threat so annual budgets can be increased $$$. The fiscal year ends in Sept. "My dept. needs more taxpayer funding, the Chinese and Russians are attacking!"


    Book_of_Life CitizenCarrier 25 Sep 2015 17:22

    American Hypocrisy "fuck off"
    say countries spied on
    http://time.com/2945037/nsa-surveillance-193-countries/


    canbeanybody 25 Sep 2015 15:59

    It is plain silly and ridiculous to pin blame of the so-called theft of finger prints of American 5.6 millions employees.

    Those rubbish finger prints have zero value to anyone other than those who are at position to manipulate, modify or even fabricate them.

    In any case why should a technological so advanced American system need to keep the finger prints of their own employees? Is it impossible for American government to keep the finger prints of own employees safe?


    peternh 25 Sep 2015 15:57

    "President Xi indicated to me that with 1.3 billion people he can't guarantee the behaviour of every single person on Chinese soil."

    Although that is, in fact, what his government is entirely dedicated to attempting to do, by controlling all education, all media, what may and may not be said publicly, and controlling everything that happens on the Internet inside the Great Firewall.

    Utter hypocrisy.


    bujinin 25 Sep 2015 15:24

    Analysis:

    In the name of "National Security" anything goes (except sabotage in peace time), so long as it is not used for "competitive advantage". Nice to have a mutually approved set of labels to continue doing what both sides have always been doing.


    Sam3456 25 Sep 2015 15:24

    Another useless summit with a lame duck President who achieved the Nobel Peace Prize for being an ineffectual player on the world stage and propagating constant war for the profit of his corporate puppet masters.

    [Sep 20, 2015] The History of Witchhunts and Their Relevance to the Present Day

    Sep 20, 2015 | naked capitalism
    bh2 September 20, 2015 at 3:26 pm

    The witch-burning craze would be best suited as yet another unwritten chapter in Mackay's "Extraordinary Popular Delusions and the Madness of Crowds".

    If both men and women were charged and tried for this imaginary crime driven by baseless superstition, a narrative proposing it was really an ancient war on women is logically absurd - and therefore also a baseless superstition.

    craazyman September 20, 2015 at 6:54 pm

    It wasn't unwritten. He wrote it!

    "The Witch Mania" between "The Crusades" and "The Slow Poisoners".

    Laughingsong September 20, 2015 at 5:03 pm

    We could lump it all together and I do agree that the context is important, but it is much easier to see why members of new religions were targeted than peasants being accused of being witches.

    I find the theory fascinating because it does provide a possible explanation for something that does not really fit the usual "threat to power/otherness" explanations. I don't know if the theory is correct but I find it intriguing, especially after reading the Sonia Mitralias article yesterday.

    sd September 20, 2015 at 2:25 pm

    Not having read the book, is there any mention of c (ergot) in relation to witch hunts? I first heard of this thesis in my college botany class. The theory seems controversial even though there's archaeological evidence of rye cultivation as far north as Scandinavia by 500 AD.

    sd September 20, 2015 at 3:48 pm

    Worth noting that rye blight typically affects the poor and those with limited food resources.
    http://www.botany.hawaii.edu/faculty/wong/BOT135/LECT12.HTM

    skippy September 20, 2015 at 7:10 pm

    If memory serves, the Salem witch saga was defined by topographical elevation e.g. poor down the hill, the soggy bottom, elites up the hill, w/ poor consuming the lesser status rye whilst the elites consumed wheat.

    Its not hard to imagine the elites with their religious "self awarded" superiority complex, that any, straying from the narrative would just reinforce the aforementioned mental attitude. As such any remediation would be authoritatively administered by the elites as they owned the code [arbiters of religious interpretation].

    Skippy…. the old NC post on that provincial French town would make a great book end to this post, by Lambert imo….

    BEast September 20, 2015 at 3:07 pm

    Two other noteworthy aspects of he witch hunts: one, they were an attempt by the Catholic Church to destroy non-Church authorities; and two, they were an attempt by physicians (nobles) to destroy alternate sources of medical care.

    Thus, the targets were frequently midwives and herbalists.

    (It's also worth noting that the court physicians had no scientific basis for their treatments - that was shoehorned in later. So the traditional healers were, and remained for centuries, to the extent they and their methods survived, the better choice for health care, particularly for childbirth.)

    Jim September 20, 2015 at 4:42 pm

    False Foundations of Capitalism?

    "Primitive accumulation is the term that Marx uses in Capital vol.1, to characterize the historical process upon which the development of capitalist relations was premised. It is a useful term, for it provides a common denominator through which we can conceptualize the changes that the advent of capitalism produced in economic and social relations. But its importance lies, above all in the fact that primitive accumulation is treated by Marx as a foundational process, revealing the structural conditions for the existence of capitalist society."

    Marx seemed to seek the determinants of capitalism's genetic process in the logic of the preceding mode of production–in the economic structure of feudal society. But is such a description an explanation for the transition from feudal to capitalistic society?

    Doesn't Marx's explanation of the origins of capitalism seems to presuppose capitalism itself?

    Doesn't Marx's use of only economic variables lead into a blind alley in terms of understanding the origins of capitalism?

    Shouldn't the collapsing Left finally take a serious look at cultural and political explanations for the origins of capitalism?

    What about a cultural explanation in which the creation and role of nationalism in 16th century England provided a key competitive individual motivating factor among its citizens– as a possible cause of capitalism? What about the emergence of the autonomous city as a primary political cause of capitalism? Was capitalism born in Catholic, urban Italy at the end of the Middle Ages?

    Why has the search for explanations of the origins of capitalism, only in the economic sphere, come to occupy such a central place in our thinking?

    craazyman September 20, 2015 at 5:45 pm

    I think this analysis is off the mark and probably a convolution of an array of underlying variable and functions.

    It's as if the author says z = g(x); when in fact x = f(z,t,u and v).

    To conclude that z relies on x is a distortion of the underlying phenomenological structure and also distorts the agency by which z, t, u and v correspond to z.

    one item that is quite significant to note, and perhaps is one of the underlying variables, is the urgency by which authorities demanded "confessions' by witches, which in and of itself was sometimes enough to ameliorate punishment.

    The other underlying variable is the reality of paranormal phenomenon. We think witchcraft is a doddering myth invented by overly imaginative minds, but the reality is quite other than that.

    Relating "capitalism" to persecution of witches on the basis of their femaleness lacks all precision. The Roman empire was capitalist but accepted paganism. Our current culture would view persecution on the basis of witchcraft as daftminded lunacy. yet pagan cultures in Africa do so even today.

    The book author throws up an interesting cloud of ideas but doesn't seem capable of credible navigation, based simply on the summary offered here. I suspect it has to do less with capitalism and femaleness in particular and more, in general, in terms of threats posed by alternative consciousness structures to the dominant structure of social organization (inclusive of economics, theology, eshatology, etc.) These would be the z, t, u and v of the underlying f-function. It's seen the world over in varying guises, but the underlying variables manifest in different costumes, in varying degrees of malision.

    DJG September 20, 2015 at 6:24 pm

    The problem of witches depends on the history of individual countries and also on religious orthodoxies, Catholic as well as Calvinist and Lutheran.

    As is often the case, Italy is contradictory and somewhat of an exception. Yet the exceptions are regional. The peasants on the Peninsula ruled by Naples were treated differently from northern Italians. Venice was an exception.

    The process of liberation seems to have begun earlier in Italy than the Black Death. While doing research about Bologna, I ran across this:

    "Liber Paradisus
    The Liber Paradisus (Heaven Book) is a law text promulgated in 1256 by the Comune of Bologna which proclaimed the abolition of slavery and the release of serfs (servi della gleba)."

    So you have emancipation and the development of an idea of human rights a hundred years before the Black Death. But the source was a social war and a desire for higher wages.

    Throughout Italy, too, the Inquisition and its treatment of witches was highly uneven. I happen to have studied the benandanti, who didn't consider themselves witches, but had visions and myterious rituals. Some were healers. The Franciscans who investigated them were considered lousy Inquisitors (not tough enough) and the results are highly ambiguous. See Carlo Ginzburg's works, and see the work of Italian scholars who found even more ambiguities. Many of the benandanti in trouble were men–and the women and men reported the same mystical experiences, many of which are astounding and rather beautiful. Reports of benandanti extend into the early 1800s.

    Piero Camporesi also wrote about the economic status of Italian peasants, the rituals of their year (which didn't always coincide with Catholic orthodoxy), and the strength of ancient pagan customs.

    I realize that your point is witchcraft as a kind of collision with the growth of the state and "modern" markets. Yet I'd encourage you to consider Italy as a counterexample. On the other hand, fragmented Italy was the most highly developed economy in Europe during most of the middle ages and up to roughly 1550, so the markets may have developed (capitalistically as well as by state intervention, especially in Venice) more slowly, more peculiarly, and less disruptively. There are peasant revolts in Italian history, but not regions in flames and years and years of scorched-earth actions against rebellious peasants.

    Chauncey Gardiner September 20, 2015 at 6:37 pm

    Enlightening observations regarding the premeditated, planned and organized use of witch-hunts by the elite of that period as a vehicle of social control. I was surprised at the level of elite information and coordination in what I had previously viewed as a very primitive era of considerable physical isolation. The events discussed here suggest there was a fairly high level of communication and organization among and by the elite.

    However, I would question to what extent the extreme 14th century depopulation of Europe and Britain caused by the great plague pandemics, the Great Famine, wars and weather would have led to similar elite initiatives, regardless of the transition to capitalism.

    Appears to share some common threads with events and behaviors which have occurred in our own time – from those mentioned in the article to the McCarthy hearings of the 1950s, the Powell memorandum of 1971 and related subsequent behavior, including the forms of "primitive accumulation" cited that led to the 2008 financial collapse.

    Thank you for the review of Silvia Federici's book, Lambert, and your related observations. Seems worthwhile reading.

    LifelongLib September 20, 2015 at 7:33 pm

    There was at least one man in the Salem witch trials who did save his wife. At the preliminary hearing he cursed the judges for allowing her to be imprisoned, saying God would surely punish them. When she was bound over for trial anyway, he broke her out of jail and fled with her to New York.

    Would that all of us men had that kind of courage and resourcefulness. Sadly most of us don't.

    [Aug 27, 2015] Digital surveillance 'worse than Orwell', says new UN privacy chief

    "...He added that he doesn't use Facebook or Twitter, and said it was regrettable that vast numbers of people sign away their digital rights without thinking about it."
    Aug 24, 2015 | The Guardian

    The first UN privacy chief has said the world needs a Geneva convention style law for the internet to safeguard data and combat the threat of massive clandestine digital surveillance.

    Speaking to the Guardian weeks after his appointment as the UN special rapporteur on privacy, Joseph Cannataci described British surveillance oversight as being "a joke", and said the situation is worse than anything George Orwell could have foreseen.

    He added that he doesn't use Facebook or Twitter, and said it was regrettable that vast numbers of people sign away their digital rights without thinking about it.

    "Some people were complaining because they couldn't find me on Facebook. They couldn't find me on Twitter. But since I believe in privacy, I've never felt the need for it," Cannataci, a professor of technology law at University of Groningen in the Netherlands and head of the department of Information Policy & Governance at the University of Malta, said.

    ... ... ...

    But for Cannataci – well-known for having a mind of his own – it is not America but Britain that he singles out as having the weakest oversight in the western world: "That is precisely one of the problems we have to tackle. That if your oversight mechanism's a joke, and a rather bad joke at its citizens' expense, for how long can you laugh it off as a joke?"

    He said proper oversight is the only way of progressing, and hopes more people will think about and vote for privacy in the UK. "And that is where the political process comes in," he said, "because can you laugh off the economy and the National Health Service? Not in the UK election, if you want to survive."

    The appointment of a UN special rapporteur on privacy is seen as hugely important because it elevates the right to privacy in the digital age to that of other human rights. As the first person in the job, the investigator will be able to set the standard for the digital right to privacy, deciding how far to push governments that want to conduct surveillance for security reasons, and corporations who mine us for our personal data.


    Mario_Marceau 26 Aug 2015 07:27

    At the time of writing this comment, there are only 155 other comments. This is a very important article. A crucial one. Nobody's reading. It is as though nobody gives a damn anymore*. (Taylor Swift just opens her mouth and thousands of comments fill the pages.)

    People have very clearly become numb to the idea of privacy mining. By this I mean everyone knows that their privacy is being eradicated, we all despise the idea, but somehow, very few get involved and are taking steps to prevent it from going further or, dare I hope, roll it back!

    After the revelations by Edward Snowden (a very important apex for TheGuardian), one would expect the entire western world to be up in arms about unlawful government surveillance and big corporation scooping our privacy away. Yet big brother and major corporations have been able to perform 'damage control' with surgical precision, going as fas as manipulating or intimidating the press, therefore keeping their precious status quo on the issue and keeping people across entire nations hostage and on a very tight leash.

    I hope Mr Cannataci is taking or will take into account the fact that the *people have seemingly given up while in fact they are worried but don't know what to do anymore and feel utterly helpless. I strongly believe this aspect of the whole fiasco on privacy constitute perhaps the most important cog in the gear of online positive changes when it comes to taking back our rights.

    guardianfan2000 26 Aug 2015 00:55

    British oversight of GCHQ surveillance is non-existent. If you live or work in Britain your privacy is wholly violated on everything you do. Pervasive snooping.

    luella zarf syenka 25 Aug 2015 23:54

    Ultimately it may be necessary for anyone desiring real privacy to learn to code and build his or her own encryption.

    Also if anyone desires protection from abusive police officers it might be necessary to set up a private army.

    If you desire to avoid being poisoned by Monsanto it might be necessary to purchase giant farms and grow your own food: corn, wheat, rice, avocados, melons, carrots, pigs, cattle, tilapia, hazelnuts... and make cheese and butter!

    And ultimately, for those of us desiring to avoid being cooked up by the fossil industry and its minions, it might be necessary to acquire another planet, which we could call Absurdistan.


    newschats4 Barbacana 25 Aug 2015 18:00

    The Toshiba laptop - the least expensive model I could find as a replacement - came with windows 8. I am trying to use the internet without getting hooked on all the expensive come-ons, the confusing and even contradictory offers, amenities, protection programs (some of which are scams) and other services, that unless you are in the business, most people don't seem to know much about how they all work or what is really reliable or necessary. I don't know how many times sites have tried to change my home page or provide a new tool bar to control what I'm doing, just because I responded to a "free offer" like solitaire games. Ads are enough pay off for those offers aren't they? Being electronically shanghaied is a step too far. I even unchecked the box to opt out of the tool bar but got it anyway. Now I have to try to figure out how to remove it again.
    The personal computer business is the capital city of artificial obsolescence and quackery. it is also highly addictive even for people who don't really need it for business. But having an email address is almost as necessary now as having a phone number or even a home address. The situation offered by most suppliers of equipment and even the providers is "take it or leave it". But the internet is driving out the older print media (a subscription to a physical newspaper is so much more expensive) and is becoming a requirement of classrooms at all levels, so "take it or leave it" isn't good enough. For an industry intent on dominating all aspects of life, "take it or leave it" can't be tolerated forever. I have tried at times to read the policies I have to accept or not use the product and all the protection is one-sided: the industries aren't liable for one damned thing: they could destroy your computer and you couldn't do anything about it. But it isn't an honest choice if the user, having purchased the product, has only the option to accept with no other provisions allowed, except refusal. You can shop for all sorts of alternatives for access and protection but the sheep still have to buy from the wolves to use any of them.

    Statutes governing "mail fraud", as it is called in the US, should apply to dubious scams that occur on the internet. The internet is very nearly a world wide public utility and as such should be very heavily regulated as one. It is barely regulated at all and the industry seems to be the only effective voice with regulators like the FCC.

    You can't be spied on legally on the telephone system, or with the public mails, but apparently anyone can do it with the internet as long as they know how to do it and know how to go undetected.

    BTW - I followed that link and saw no price mentioned.

    FreedomAboveSecurity -> newschats4 25 Aug 2015 15:02

    Not to mention that you had to agree to access to your computer by Microsoft before activating Windows 8. The agreement states that they can shut down your laptop anytime they find malicious files...indefinitely. You don't really own your computer under this agreement or any of the programs you paid for in purchase. There is a clause about third party access, too. One questions if the agreement provides backdoor authority. I returned both laptops with 8 on them. Oh...and you promised to connect to the net, preventing air-gapping as a privacy tactic.

    newschats4 25 Aug 2015 14:32

    It is obvious that the consumer has little or no protection on the internet or even with the manufacturers and providers. And even antivirus protection can, itself, be a form of protection racket.

    The internet is supported by industries that can make the problems they can then make even more money on by claiming to solve them.

    BTW - I have had a new laptop that I reluctantly purchased in January 2014 because I was notified (and confirmed) that I had to get an updated program because windows XP was no longer "supported". I wasn't getting updates anymore. But updates never said what they were doing or why they were doing it. It is also very obvious that the personal computer works both ways. If you can look "out", other can just as easily look in.

    When I got the new laptop with windows 8, my first impression was it was glitzier but also dumbed down. It was stuffed with apps for sale that I didn't want and I quickly removed. But what really angers me about the come-ons is, updates have removed apps I did want and found free online that someone doesn't want me to have. I had a free version of Google earth that I downloaded easily but has since disappeared.

    But now when I try to download the free version, the google earth site says that windows 7, windows XP and one other are required but not windows 8. ?? I get an error message and am told I have to download a site that will allow Google earth to keep a log of my hard drive so they can determine why I get an error message.

    I am sure that the execs at the top of the ladder know that the vast majority of internet users are sheep to be shorn. But those corporate decision makers are also the only people in key positions to know they can make the sheep pay for the razors that they will be shorn with.

    And now the school systems are raising a new generation of sheep that won't be able to live without the internet. They will feel helpless without it.


    syenka -> Robert987 25 Aug 2015 12:44

    Good point about the NSA and the GCHQ. However, neither of these outfits has magical powers and really solid encryption can pretty effectively stymie their efforts to pry. The question remains whether software purveyors can resist the government's insistence that there be a backdoor built in to each program. Ultimately it may be necessary for anyone desiring real privacy to learn to code and build his or her own encryption.


    AdMelliorandum 25 Aug 2015 08:08

    Better late than never…

    Let's wish the United Nations first UN privacy chief, Mr. Cannataci, success in "challenging the business model of companies that are "very often taking the data that you never even knew they were taking"."

    Likewise consider the ongoing investigation in Switzerland against Microsoft, as pertains the alleged Windows 10 theft of client information and privacy violations.
    See the corresponding article titled:

    "Berne a lancé une procédure concernant Windows 10", (roughly translated as: "Berne has launched a procedure concerning Windows 10"),
    published on 24.08.15 on the "Le Tribune de Geneve" newspaper:

    http://www.tdg.ch/economie/berne-lance-procedure-concernant-windows-10/story/29192122

    Excerpts from said article follow, translated using Google Translate:

    "The federal policeman launched a clarification process on Windows 10 de Microsoft."
    ". . . infringement of privacy committed by Microsoft. He demanded the examination of several issues related to the operating system of Windows 10."
    "The computer program automatically captures and shares information from its users with software vendors. They transmit them further, including for advertising."
    "In Valais, the cantonal officer Sébastien Fanti had expressed his indignation at the beginning."
    "If Microsoft does not review its privacy policy, Windows 10 could be the subject of a recommendation prohibiting the purchase" in the canton. . ."

    wichdoctor 25 Aug 2015 02:32

    I have been pointing these dangers out for over 20 years ever since the local authority stuck CCTV around the town without any consultation. If these systems were only there to act as spectators then the authorities should have no objection to slaving every camera to a publicly viewable screen or even the web. Since they do object we have to suppose they are using these things to spy on us.

    Then there are the ANPR systems that allegedly log every vehicle journey between every town on mainland UK. There is no trustworthy independent oversight on how the data is stored or used just the usual "trust us we are the police".

    Then there is the private stasi style database of the credit reference companies. No real control over their compilation or use. Use extended from credit checking to being used in employment references. Can even be used to track movements of a spouse by a vindictive ex.

    DVLA? A long history of letting any gangster with a business card access to anyone's data. Same with the electoral roll. Anyone wanting to avoid being tracked by someone bent on violence such as an ex spouse or gangster can not safely exercise their right to vote.

    I don't use social networking sites and until recently used an assumed name for voting. After a career spent in IT specialising in data acquisition I'm well aware just how easy it is to suck data a database using very basic tools. I hide my data as much as possible even though at my stage in life I probably have little to fear from the state or even the bankers


    WalterBMorgan 25 Aug 2015 01:11

    In many respects we are the problem. As pointed out we give away our privacy too easily and too cheaply. We accept massive CCTV intrusions because we fear crime unduly but don't wish to pay for more police officers instead. We want free email, news, and entertainment if we can get it so we end up with the KGB of the digital age following us about. We are bombarded with advertising yet most of us don't fight back with ad blockers or protest the over intrusion of billboard advertising. Government will spy on us and business will exploit us if we let them. Both business and government can be good and necessary but we connive with their downsides because it's cheaper.


    JaitcH BritCol 24 Aug 2015 23:40

    I live in an 'authoritarian' [state] and yet we enjoy more personal freedom that do people in Australia, Canada, the UK and USA!

    xxxsss MrPotto51 24 Aug 2015 17:16

    Encryption is all well and good, but engaging in an encryption arms race with business and governmental bodies is not going to end well; there is no point encrypting your emails if the spies have backdoors in your OS or whatever.

    We need to debate and then come to a truce, as well as clearly setting out what is acceptable, and unacceptable, behaviour.

    BritCol 24 Aug 2015 15:14

    I agree entirely with this assessment, and especially how ominous surveillance has become in the UK. When I grew up outside London it seemed to be the freest nation on Earth. We would visit North America and found the city police to be gun-toting thugs (they still are) but England has become the world's worst police state in surveillance techniques.

    Not even Russia or China spies on its citizens as much.


    Lafcadio1944 24 Aug 2015 14:06

    Way too little way too late. Just think about the vast amount of personal data that is already out there and the vast amount that is entered every minute. The dependence society and business on the internet and the fact that the data on the internet is INDELIBLE!! Everything having been collected by the NSA/GCHQ/BND etc could be accessed by hackers in the future who could trust them to actually protect it. Even the super high tech super security company Hacking Team which sells hacking and spying tools to governments and government agencies all over the world (with no concern about who they are) was itself hacked. Given that and the fact that the spyware and hacking techniques are becoming known by more and more people each day how is an ordinary internet used to protect himself? - he can't. Look at the Ashly Madison hack which was apparently done for purely personal petty grievances and adolescent morality. This can only increase with all sorts of people hacking and releasing our data can only get worse and the INDELIBLE data is always there to take.

    We all thought the internet would be liberating and we have all enjoyed the movies, porn social networking and the ability to make money on the internet but what has been created is a huge monster which has become not our friend but our enemy.


    well_jackson rationalistx 24 Aug 2015 13:59

    "I doubt if George Orwell had the imagination to conceive of airliners being hijacked and being flown into buildings, killing thousands."

    I seem to recall George Bush saying a similar thing about his own government on countless occasions following 9/11. The fact NORAD were carrying out mock exercises that same morning, including this very scenario, seems lost on people.

    As for the train shooting, it sounds like utter nonsense to me. This man well known to the intelligence agencies but allowed to roam free gets stopped by Americans and Brits just as hell is to be unleashed (I bet they were military or ex military weren't they? UK/US public love a good hero army story).... smells like BS.

    Besides, if these events tell us anything it's that surveillance never seems to work when needed most (there are very limited videos of 7/7 bombers, the pentagon attack lacked video evidence, virtually every nearby camera to the pont d'alma tunnel was not working as Diana hurtled through to an untimely end, etc, etc)....

    [Aug 16, 2015] The Real News - 9/11 The Man Who Knew Too Much

    "Mass surveillance is not about protecting people; it is about social control.

    The shadow government is its own enterprise, and it rewards those who pay obesiance quite richly"


    Here is the second segment of a fascinating five part interview about the deep state and the mechanics of what some might call corporatism.

    You may watch all five segments of this interview at The Real News here. Note that they are listed in descending order on the site, so start from the bottom up to see them in order.


    [Aug 08, 2015] The people who demand unrestricted access to Internet regardless its source implicitly belief that those who pitch them information are telling them the truth

    I think people just believe that they can determine whether the information is valid or is propaganda themselves, although they probably overestimating their abilities...
    marknesop.wordpress.com

    marknesop, August 4, 2015 at 11:46 am

    Not hard to see where they're going with that – the U.S. State Department enjoyed such dramatic success with the earlier events in the "Arab Spring" that it took even them by surprise. Unfortunately for them, they built a template of it and tried to use the same formula too repetitively, and without spontaneity it failed to achieve the same results.

    In most countries, people angrily defend a completely free and open internet, with no government oversight or censorship – a comment under the Facebook comments to that article reflects this attitude. I have to pity that, because I wish we still lived in that kind of world, but a core truth is this – the people who demand unrestricted access to information regardless its source are operating under the unspoken belief that those who pitch them information are telling them the truth.

    Just make your play, honestly and openly, and let me make up my own mind. In such an environment, the west would say, come on over here, baby; it's fine. We got chicken-fried steak and Kentucky bourbon, all you want, and potato chips and Doctor Pepper. And Russia says, why you wanna put that crap in your mouth when you know you'll have an ass five axe-handles wide by sunup tomorrow? And you say, hey, that's right. Think I'll just stay here with my kvas, and a salad.

    But it's not like that. The State Department uses social media to get a mob going and then to keep it building, by firing tweets at you so fast you can't think. Usually it starts with an outrageous incident, such as a riot policeman beating a defenseless student or protester – remember that kreakle female student back during the short-lived "White Revolution" whose thing was to put on an agonized expression when being restrained by police so the photo would suggest she was having her arm torn out by the roots? The same one caught on video taking a rock out of her bag and throwing it at police, yeah, that's the one; I forget her name now. Then another tweet will come in, saying, brothers, come to Taganka right now, they're dragging the bureaucrats out of their offices like Navalny promised, we need everybody here now and so on and so on. Complete stage-managing of the fray using phony incidents and successes to inject a spirit of unstoppable momentum. Those who argue for an unregulated access to information do not ever imagine that kind of scenario.

    I'm for an unregulated internet myself. But I have all the time in the world to sift through information and decide what is likely to be true and what is not. Well, sort of; I mean, I'm busy, but nobody is running a push campaign here involving, say, an assault by the Ukrainian forces on Crimea which is not happening. But what if the State Department managed to shut off local broadcasts which would reveal that as a lie, and all the English-speaking networks started running with a breaking story at the same time? I'd believe it, of course I would, so would you. And our ability to reason and think clearly would be affected by it. We'd look for corroboration, but if we couldn't find anything we'd have little choice but to assume it was true. And that's how the political side of the USA uses the internet.

    [Jul 11, 2015]Merkel and the NSA - Analysis

    October 24, 2013 | www.tomroganthinks.com

    Accusations that the NSA has listened in on Chancellor Merkel's conversations are not conducive to positive German-US relations. Interestingly, the fact that the White House is saying that they 'are not' monitoring and 'will not' monitor Merkel, suggests that 'they have' monitored her in the past. To be sure, as I noted yesterday, there are worthwhile reasons behind US intelligence collection operations in Europe. Still, targeting the phone of a close ally (especially a head of state and especially one as friendly as Merkel) is a dangerous gamble. It risks significant blowback in terms of personally alienating a valued American friend. The NSA will have known this. Correspondingly, I assume that Merkel was targeted for a short time and in pursuit of specific information. Perhaps in regards to her position during a conference/financial negotiations (international meetings are a playground for intelligence officers).


    There's another point here; as Marc Ambinder (a top journalist on the NSA) notes, if Merkel was indeed targeted, then why wasn't her position as an intelligence source more highly classified? Ambinder hints at the larger truth. If she was monitored, Merkel was effectively a deep cover source. In that regard, it's truly ridiculous that Snowden was able to gain access to such an operation. He was a contractor, not the Director of the NSA. As I've argued before, the US Government has a serious problem with its protection of its highly classified sources.


    Of course, all of this raises the broader question as to what other information Snowden might have given Greenwald. Does he have agents/officers details? The British certainly think so. Based on what's happening at the moment, we must assume that Greenwald is upping the ante. This may signal how he'll conduct himself at Omidyar's new media endeavor. Ultimately, this is what will most concern the US Government - signal intelligence programs can be reconstructed. Humans cannot.

    [Jun 29, 2015] NSA intercepted French corporate contracts worth $200 million over decade

    Jun 29, 2015 | WikiLeaks
    Washington has been leading a policy of economic espionage against France for more than a decade by intercepting communications of the Finance minister and all corporate contracts valued at more than $200 million, according to a new WikiLeaks report.

    The revelations come in line with the ongoing publications of top secret documents from the US surveillance operations against France, dubbed by the whistleblowing site "Espionnage Élysée."

    The Monday publications consist of seven top secret documents which detail the American National Security Agency's (NSA) economic espionage operations against Paris.

    According to the WikiLeaks report, "NSA has been tasked with obtaining intelligence on all aspects of the French economy, from government policy, diplomacy, banking and participation in international bodies to infrastructural development, business practices and trade activities."

    The documents allegedly show that Washington has started spying on the French economic sector as early as 2002. WikiLeaks said that some documents were authorized for sharing with NSA's Anglophone partners – the so-called "Five Eyes" group – Canada, New Zealand, Australia and the UK.

    The report strongly suggests that the UK has also benefited from the US economic espionage activities against France.

    "The United States not only uses the results of this spying itself, but swaps these intercepts with the United Kingdom. Do French citizens deserve to know that their country is being taken to the cleaners by the spies of supposedly allied countries? Mais oui!" said WikiLeaks founder Julian Assange in a statement on Monday.

    The documents published on Monday also reveal US spying on the conversations and communications the French Finance Minister, a French Senator, officials within the Treasury and Economic Policy Directorate, the French ambassador to the US, and officials with "direct responsibility for EU trade policy."

    The leaked NSA documents reveal internal French deliberation and policy on the World Trade Organization, the Trans-Pacific Partnership Agreement, the G7 and the G20, the 2013 French budget, the decline of the automotive industry in France, and the involvement of French companies in the Oil for Food program in Iraq during the 1990s, the report said.

    "The US has been conducting economic espionage against France for more than a decade. Not only has it spied on the French Finance Minister, it has ordered the interception of every French company contract or negotiation valued at more than $200 million," said Assange.

    "That covers not only all of France's major companies, from BNP Paribas, AXA and Credit Agricole to Peugeot and Renault, Total and Orange, but it also affects the major French farming associations. $200 million is roughly 3,000 French jobs. Hundreds of such contracts are signed every year."

    On June 23, WikiLeaks announced a plan to reveal a new collection of reports and documents on the NSA, concerning its alleged interception of communications within the French government over the last ten years.

    In the first tranche of leaked documents WikiLeaks claimed that NSA targeted high-level officials in Paris including French presidents Francois Hollande, Nicolas Sarkozy and Jacques Chirac, as well as cabinet ministers and the French Ambassador to the US.

    Despite the tapping claims made by WikiLeaks, US President Barack Obama has assured his French counterpart Francois Hollande that Washington hasn't been spying on Paris top officials.

    Hollande, on his part, released a statement saying that the spying is "unacceptable" and "France will not tolerate it."

    It's not the first time that the NSA has been revealed to be spying on European leaders. According to documents leaked by Edward Snowden and published at the end of 2013 the US intelligence agency had previously targeted the phone of the German Chancellor Angela Merkel. The tapping scandal is believed to have created a rift between Washington and Berlin.

    The US collects the information through spy operations regardless of its sensitivity, as it has the ability to do so, Ray McGovern, a former CIA analyst told RT.

    "It's hard to be surprised by any revelations of this kind," he said. "The snooping is conducted because it's possible to conduct it. In a new way we have a technical collection on steroids. The President of the US said that just because we can collect this material, doesn't mean we should. The thing has a momentum, an inertia of its own. Since about ten years ago it has become possible to collect everything, and that's precisely what we're doing."

    [Jun 28, 2015] Inquiry needed into GCHQ's operations

    Jun 28, 2015 | The Guardian
    • Canon Collins Educational and Legal Assistance Trust is alarmed both that GCHQ has been monitoring and retaining the electronic communications of the Legal Resources Centre and other international NGOs and, despite breaches of process, that this should be ruled lawful (Rights groups targeted by GCHQ spies, 23 June). The supposed balance between the security interests of the state and the rights of citizens is currently not a balance at all, but a lopsided and unhealthy bias towards the former. We urge the government to make known all the facts in this case and to ensure that the rights of citizens in the UK and elsewhere are respected.
      Sandy Balfour
      CEO, Canon Collins Educational and Legal Assistance Trust
    • Am I the only person to be appalled that a US drone operation in a country not at war – Yemen – is called Widowmaker (UK faces call to explain role in US drone killing in Yemen, 25 June)? We have known for a long time about some of the activities of NSA/NRO Menwith Hill, Denver and Alice Springs thanks to Edward Snowden and others. A small group of people are at the gates of this most secretive and unaccountable US base every Tuesday evening and has been there for nearly 15 years. We are awaiting for a brave, courageous, principled and honest whistleblower like Edward Snowden to come out of the Menwith Hill woodwork.
      Lindis Percy
      Joint coordinator, Campaign for the Accountability of American Bases
    • While the legal framework under which GCHQ shares intelligence with the US on drone strikes is an important issue, the direct role of NSA facilities located in the UK should be the subject of investigation. Through the monitoring of electronic communications, combined with satellite imagery, Menwith Hill plays a crucial role in US military power projection, including extra-judicial killings by drone and missile strikes. The least we should expect is a parliamentary investigation into the legality of NSA operations in the UK and a full, informed debate as to whether their continued presence is in our interests.
      Steven Schofield
      Bradford

    [Jun 16, 2015]US Navy Solicits Zero Days

    Jun 15, 2015 | Slashdot

    msm1267 writes:

    The US Navy posted a RFP, which has since removed from FedBizOpps.gov, soliciting contractors to share vulnerability intelligence and develop zero day exploits for most of the leading commercial IT software vendors. The Navy said it was looking for vulnerabilities, exploit reports and operational exploit binaries for commercial software, including but not limited to Microsoft, Adobe, [Oracle] Java, EMC, Novell, IBM, Android, Apple, Cisco IOS, Linksys WRT and Linux, among others. The RFP seemed to indicate that the Navy was not only looking for offensive capabilities, but also wanted use the exploits to test internal defenses.The request, however, does require the contractor to develop exploits for future released CVEs. "Binaries must support configurable, custom, and/or government owned/provided payloads and suppress known network signatures from proof of concept code that may be found in the wild," the RFP said.

    quenda (644621) on Monday June 15, 2015 @07:50PM (#49917853)

    Ask the NSA (Score:4, Interesting)

    So much for post-911 interagency cooperation. While one agency is inserting weaknesses, another is having to buy then on the open market. Though the Navy approach is probably cheaper.

    Taco Cowboy (5327) on Monday June 15, 2015 @09:17PM (#49918315)

    This has been happening since day one (Score:2)

    How many years it officially took the hackers to stumble across the existence of the embedded NSA backdoor inside MS Windows??

    Way before the news of that 'discovery' was told to the world, a friend of mine found it, but was told to 'shut up or else' by his then boss

    Apparently they (and many other people) already knew about it for quite a while, but none of them bother to tell the world about it

    Luthair (847766) on Monday June 15, 2015 @08:01PM (#49917925)

    Why.... (Score:2, Interesting)

    does every agency and division of the military need to do this? Seems like the classic not invented here syndrome and a colossal waste of tax payer money.

    onproton (3434437) <emdanyi.gmail@com> on Tuesday June 16, 2015 @12:34AM (#49919171)

    and yet real secuirty research is all but outlawed (Score:2)

    I am finding it harder and harder to accept that the people in charge of these types of programs aren't aware of just how glaringly hypocritical they are [boingboing.net]. I can't help but be reminded of the quote:

    We grow up in a controlled society, where we are told that when one person kills another person, that is murder, but when the government kills a hundred thousand, that is patriotism.

    - Howard Zinn

    Find a zero day and report it to someone who might fix it, that is criminal. Find a zero day and report it to the navy, you've done a service for your country. There is a unfortunate disconnect when the things the government does in the name of keeping us safe, end up making us all decidedly less safe in the end [schneier.com].

    [Jun 14, 2015] Snowden files read by Russia and China: five questions for UK government

    The Guardian

    The government has an obligation to respond to the Sunday Times report that MI6 has been forced to pull agents out of live operations in hostile countries

    The Sunday Times produced what at first sight looked like a startling news story: Russia and China had gained access to the cache of top-secret documents leaked by former NSA contractor turned whistleblower Edward Snowden.

    Not only that, but as a result, Britain's overseas intelligence agency, the Secret Intelligence Service, better known as MI6, had been forced "to pull agents out of live operations in hostile countries".

    These are serious allegations and, as such, the government has an obligation to respond openly.

    The story is based on sources including "senior officials in Downing Street, the Home Office and the security services". The BBC said it had also also been briefed anonymously by a senior government official.

    Anonymous sources are an unavoidable part of reporting, but neither Downing Street nor the Home Office should be allowed to hide behind anonymity in this case.

    1. Is it true that Russia and China have gained access to Snowden's top-secret documents? If so, where is the evidence?

    Which cache of documents is the UK government talking about? Snowden has said he handed tens of thousands of leaked documents over to journalists he met in Hong Kong, and that he has not had them in his possession since. Have Russia and China managed to access documents held by one of the journalists or their companies?

    In addition, if agents had to be moved, why? Which Snowden documents allegedly compromised them to the extent they had to be forcibly removed from post?

    2. Why have the White House and the US intelligence agencies not raised this?

    Snowden is wanted by the US on charges under the Espionage Act. The White House, the US intelligence agencies and especially some members of Congress have been desperate to blacken Snowden's reputation. They have gone through his personal life and failed to come up with a single damaging detail.

    If the UK were to have evidence that Russia and China had managed to penetrate his document cache or that agents had been forced to move, London would have shared this with Washington. The White House would have happily briefed this openly, as would any number of Republican – and even Democratic – members of Congress close to the security services. They would not have stinted. It would have been a full-blown press conference.

    Related: UK under pressure to respond to latest Edward Snowden claims

    The debate in the US has become more grownup in recent months, with fewer scare stories and more interest in introducing reforms that will redress the balance between security and privacy, but there are still many in Congress and the intelligence agencies seeking vengeance.

    3. Why have these claims emerged now?

    Most the allegations have been made before in some form, only to fall apart when scrutinised. These include that Snowden was a Chinese spy and, when he ended up in Moscow, that he was a Russian spy or was at least cooperating with them. The US claimed 56 plots had been disrupted as a result of surveillance, but under pressure acknowledged this was untrue.

    The claim about agents being moved was first made in the UK 18 months ago, along with allegations that Snowden had helped terrorists evade surveillance and, as a result, had blood on his hands. Both the US and UK have since acknowledged no one has been harmed.

    So why now? One explanation is that it is partly in response to Thursday's publication of David Anderson's 373-page report on surveillance. David Cameron asked the QC to conduct an independent review and there is much in it for the government and intelligence services to like, primarily about retaining bulk data.

    Anderson is scathing, however, about the existing legal framework for surveillance, describing it as intolerable and undemocratic, and he has proposed that the authority to approve surveillance warrants be transferred from the foreign and home secretaries to the judiciary.

    His proposal, along with another surveillance report out next month from the Royal United Services Institute, mean that there will be continued debate in the UK. There are also European court rulings pending. Web users' increasing use of encryption is another live issue. Above all else though, there is the backlash by internet giants such as Google, which appear to be less prepared to cooperate with the intelligence agencies, at least not those in the UK.

    The issue is not going away and the Sunday Times story may reflect a cack-handed attempt by some within the British security apparatus to try to take control of the narrative.

    4. Why is the Foreign Office not mentioned as a source?

    It seems like a pedantic point, but one that could offer an insight into the manoeuvring inside the higher reaches of government. The Foreign Office is repsonsible for MI6, but the Home Office is quoted in the story. Is it that the Home Office and individuals within the department rather than the Foreign Office are most exercised about the potential transfer of surveillance warrant approval from the home secretary, the proposed scrapping of existing legislation covering surveillance and other potential reforms?

    5. What about the debatable assertions and at least one totally inaccurate point in the Sunday Times piece?

    The Sunday Times says Snowden "fled to seek protection from Vladimir Putin, the Russian president, after mounting one of the largest leaks in US history". In fact he fled Hong Kong bound for Latin America, via Moscow and Cuba. The US revoked his passport, providing Russia with an excuse to hold him in transit.

    The Sunday Times says it is not clear whether Russia and China stole Snowden's data or "whether he voluntarily handed over his secret documents in order to remain at liberty in Hong Kong and Moscow". The latter is not possible if, as Snowden says, he gave all the documents to journalists in Hong Kong in June 2013.

    The Sunday Times also reports that "David Miranda, the boyfriend of Guardian journalist Glenn Greenwald, was seized at Heathrow in 2013 in possession of 58,000 'highly-classified' intelligence documents after visiting Snowden in Moscow".

    This is inaccurate. Miranda had in fact been in Berlin seeing the film-maker Laura Poitras, not in Moscow visiting Snowden. It is not a small point.

    The claim about Miranda having been in Moscow first appeared in the Daily Mail in September under the headline "An intelligence expert's devastating verdict: Leaks by Edward Snowden and the Guardian have put British hostages in even greater peril". It was written by Professor Anthony Glees, the director of the centre for security and intelligence studies at the University of Buckingham, and has never been corrected. Maybe the Sunday Times can do better.

    [Jun 14, 2015] UK Said To Withdraw Spies After Russia, China Hack Snowden Encryption, Sunday Times Reports

    Jun 14, 2015 | Zero Hedge

    Following what are now daily reports of evil Russian hackers penetrating AES-encrypted firewalls at the IRS, and just as evil Chinese hackers penetrating "Einstein 3" in the biggest US hack in history which has allegedly exposed every single federal worker's social security number to shadowy forces in Beijing, the message to Americans is clear: be very afraid, because the "evil hackers" are coming, and your friendly, gargantuan, neighborhood US government (which is clearly here to help you) will get even bigger to respond appropriately.

    But don't let any (cyber) crisis go to waste: the porous US security firewall is so bad, Goldman is now pitching cybersecurity stocks in the latest weekly David Kostin sermon. To wit:

    The meteoric rise in cybersecurity incidents involving hacking and data breaches has shined a spotlight on this rapidly growing industry within the Tech sector. Cyberwar and cybercrime are two of the defining geopolitical and business challenges of our time. New revelations occur daily about compromised financial, personal, and national security records. Perpetrators range from global superpowers to rogue nation-states, from foreign crime syndicates to petty local criminals, and from social disrupters to teenage hackers. No government, firm, or person is immune from the risk.

    Because if you can't profit from conventional war, cyberwar will do just as nicely, and as a result Goldman says "investors seeking to benefit from increased security spending should focus on the ISE Cyber Security Index (HXR)."

    The HXR index has outperformed S&P 500 by 19pp YTD (22% vs. 3%). Since 2011, the total return of the index is 123pp higher than the S&P 500 (207% vs. 84%). The relative outperformance of cybersecurity stocks versus S&P 500 matches the surge in the number of exposed records (see Exhibit 2).

    Goldman further notes that "the frequency and seriousness of cyberattacks skyrocketed during 2014. Last year 3,014 data breach incidents occurred worldwide exposing 1.1 billion records, with 97% related to either hacking (83%) or fraud (14%). Both incidents and exposed records jumped by 25% during the last year. The US accounted for 50% of total global incidents and exposed records. Businesses accounted for 53% of all reported incidents followed by government entities at 16%. Exhibit 1 contains a list of selected recent high-profile cyberattacks."

    It is almost as if the US is doing everything in its power to make life for hackers that much easier, or alternatively to make Goldman's long HXR hit its target in the shortest possible time.

    Or perhaps the US is merely giving the impression of a massive onslaught of cyberattacks, one which may well be staged by the biggest cybersecurity infringer, and false flag organizer of them all, the National Security Administration in conjunction with the CIA

    We won't know, however just to make sure that the fear level spread by the Department of "Developed Market" Fear hits panic level promptly, overnight the UK's Sunday Times reported via Reuters, "citing unnamed officials at the office of British Prime Minister David Cameron, the Home Office (interior ministry) and security services" that Britain has pulled out agents from live operations in "hostile countries" after Russia and China cracked top-secret information contained in files leaked by former U.S. National Security Agency contractor Edward Snowden.

    MI6 building in London.

    It is unclear how the unknown source at MI6 learned that Russia has hacked the Snowden files, but what is clear is that after the US admitted Snowden's whistleblowing in fact was warranted and even led to the halt of NSA spying on US citizens (replaced since with spying by private telecom corporations not subject to FOIA requests courtesy of the US Freedom Act), it was long overdue to turn up the PR heat on Snowden, who is seen increasingly as a hero on both sides of the Atlantic.

    British Foreign Secretary Philip Hammond said Snowden had done a huge amount of damage to the West's ability to protect its citizens. "As to the specific allegations this morning, we never comment on operational intelligence matters so I'm not going to talk about what we have or haven't done in order to mitigate the effect of the Snowden revelations, but nobody should be in any doubt that Edward Snowden has caused immense damage," he told Sky News.

    Reading a little further reveals that in the modern world having your spies exposed merely lead to invitations for coffee and chocolates.

    An official at Cameron's office was quoted, however, as saying that there was "no evidence of anyone being harmed." A spokeswoman at Cameron's office declined to comment when contacted by Reuters.

    So Russia and China knew the identities and locations of UK spies but they neither arrested them, nor harmed them in any way. How cultured.

    Meanwhile, the soundbite propganda keeps building:

    A British intelligence source said Snowden had done "incalculable damage". "In some cases the agencies have been forced to intervene and lift their agents from operations to stop them being identified and killed," the source was quoted as saying.

    Needless to say, the timing of this latest "report" is no coincidence. Just like in the US where the NSA seemingly just lost a big battle to the Fourth Amendment, so the UK is poised for a big debate on the manufactured "liberty vs security" debate.

    The revelations about the impact of Snowden on intelligence operations comes days after Britain's terrorism law watchdog said the rules governing the security services' abilities to spy on the public needed to be overhauled. Conservative lawmaker and former minister Andrew Mitchell said the timing of the report was "no accident".

    "There is a big debate going on," he told BBC radio. "We are going to have legislation bought back to parliament (...) about the way in which individual liberty and privacy is invaded in the interest of collective national security.

    "That's a debate we certainly need to have."

    Cameron has promised a swathe of new security measures, including more powers to monitor Briton's communications and online activity in what critics have dubbed a "snoopers' charter".

    And because Britain's terrorism laws reviewer David Anderson said on Thursday the current system was "undemocratic, unnecessary and - in the long run - intolerable" and called for new safeguards, including judges not ministers approving warrants for intrusive surveillance, saying there needed to be a compelling case for any extensions of powers, this is precisely why now was the right time for some more "anonymously-sourced" anti-liberty propaganda.

    So between the IRS and the OPM hacks, not to mention the countless other US hacks and data breaches shown on the top chart, allegedly almost exclusively by Russia and China, which have revealed not only how much US citizens make, spend and save, but the SSN, work and mental history of every Federal worker, the two "isolated" nations now know as much if not more about the US than the US itself.

    If this was even remotely true, then the US would long ago have been in a state of war with both nations.

    casey13

    http://notes.rjgallagher.co.uk/2015/06/sunday-times-snowden-china-russia...

    All in all, for me the Sunday Times story raises more questions than it answers, and more importantly it contains some pretty dubious claims, contradictions, and inaccuracies. The most astonishing thing about it is the total lack of scepticism it shows for these grand government assertions, made behind a veil of anonymity. This sort of credulous regurgitation of government statements is antithetical to good journalism.

    James_Cole

    The sunday times has already deleted one of the claims in the article (without an editors note) because it was so easily proved wrong. Whenever governments are dropping anonymous rumours without any evidence into the media you know they're up to some serious bullshit elsewhere as well, good coverage by zh.

    MonetaryApostate

    Fact A: The government robbed Social Security... (There's nothing left!)

    Supposed Fact B: Hackers compromised Social Security Numbers of Officials...

    suteibu

    Just to be clear, Snowden is not a traitor to the people of the US (or EU).

    However, it is perfectly appropriate for the governments and shadow governments of those nations to consider him a traitor to their interests.

    One man's traitor is another man's freedom fighter.

    Renfield

    <<The New Axis of Evul.>>

    Which is drastically stepping up its propaganda effort to justify aggressively attacking the rest of the world, in an effort to start WW3 and see who makes it out of the bunkers.

    Fuck this evil New World Order.

    https://www.youtube.com/watch?v=GNHOUrYFj70

    It took a long time to build and set in place, and it sure as hell isn't going to be easy taking it down. They couldn't be any clearer that they have their hand poised over the nuke button, just looking for any excuse to use it. I think they know they've lost, so they've resorted to intimidate the rest of the world into supporting the status quo, by showing just how desperate they are and how far they are willing to go. The USUK government, and its puppet governments in Europe, Canada, Australia, and Japan -- are completely insane. Ukraine is acting out just who these people are. They would rather destroy the whole world than not dominate everyone else. The 'West' is run by sociopaths.

    <<It is unclear how the unknown source at MI6 learned that Russia has hacked the Snowden files, but what is clear is that after the US admitted Snowden's whistleblowing in fact was warranted and even led to the halt of NSA spying on US citizens (replaced since with spying by private telecom corporations not subject to FOIA requests courtesy of the US Freedom Act), it was long overdue to turn up the PR heat on Snowden, who is seen increasingly as a hero on both sides of the Atlantic... So Russia and China knew the identities and locations of UK spies but they neither arrested them, nor harmed them in any way. How cultured. Meanwhile, the soundbite propganda keeps building... Needless to say, the timing of this latest "report" is no coincidence. Just like in the US where the NSA seemingly just lost a big battle to the Fourth Amendment, so the UK is poised for a big debate on the manufactured "liberty vs security" debate... So between the IRS and the OPM hacks, not to mention the countless other US hacks and data breaches shown on the top chart, allegedly almost exclusively by Russia and China, which have revealed not only how much US citizens make, spend and save, but the SSN, work and mental history of every Federal worker, the two "isolated" nations now know as much if not more about the US than the US itself. If this was even remotely true, then the US would long ago have been in a state of war with both nations.>

    Bighorn_100b

    USA always looks for a patsy.

    Bravo, Tyler. This is truth very clearly written. It is incredible how the onslaught of propaganda is turning into deluge. I'm glad you have the integrity to call it what it is. Propaganda is also an assault on journalism.

    chunga

    That's true but gov lies so much moar and moar people don't believe any of it.
    The Sunday Times' Snowden Story is Journalism at its Worst - and Filled with Falsehoods
    https://firstlook.org/theintercept/2015/06/14/sunday-times-report-snowde...


    This is the very opposite of journalism. Ponder how dumb someone has to be at this point to read an anonymous government accusation, made with zero evidence, and accept it as true.

    (greenwald rants mostly about media sock puppets with this)

    HowdyDoody
    And the US SFM86 files contained details of British spies? Consider this bullshitish.

    foghorn leghorn

    Goldman is looking to make a fast buck off the stupid uninformed public trying to cash in on totalitarianism. If Goldman is running this pump and dump I suggest waiting till the price looks like a hockey stick. As soon as it starts to cave in short the hell out of it but only for one day. Government Sacks is the most crooked bank in the history of the whole entire world from the past up till now. In case you are wondering about the Fed well Gioldman Sachs runs the joint.

    talisman

    "Snowden encryption"???
    Just more US Snowden-bashing propaganda.

    You mean US has not tightened up its encryption since Snowden's whistleblowing two years ago??
    Shame -- ! !....
    Snowden information likely had nothing to do with the latest hacks, but the blame goes on--
    Blaming Snowden a lot simpler than figuring out how to solve the basic problem
    of overwhelming US Homeland Security incompetence

    The other day, Eugene Kaspersky noted:

    "We discovered an advanced attack on our own internal networks. It was complex, stealthy, it exploded several zero-day vulnerabilities, and we're quite confident that there's a nation state behind it."

    The firm dubbed this attack Duqu 2.0, named after a specific series of malware called Duqu, considered to be related to the Stuxnet attack that targeted Iran in 2011.

    It is, of course, now well-known that Stuxnet originated as a Israel/US venture; however this time it would appear that CIA/Mossad may have got a bit overconfident and shot themselves in the foot when they inserted very advanced spyware into Kaspersky's system…

    Kaspersky is not just some simple-minded backward nation state; rather they are the unquestioned world leader in advanced cybersecurity systems, so when they found this malware in their own system, of course they figured it out, and of course got a bit pissed-so, since they are in the business of providing advanced cybersecurity to various nations---they very legitimately passed on the critical encryption information to their clients, and it is not at all inconceivable that some of the clients decided to take the system for a spin and see what it could do….

    And, of course, a bit later at the opportune moment after they let the cat out of the bag, to rub a bit of salt in the wound Kaspersky mentioned: "And the attackers are now back to the drawing board since we exposed their platform to the whole IT security industry. "They've now lost a very expensive technologically-advanced framework they'd been developing for years,"

    an interesting background article:

    https://eugene.kaspersky.com/2011/11/02/the-man-who-found-stuxnet-sergey-ulasen-in-the-spotlight/

    kchrisc

    Am I still the only one that sees this whole Snowden thing as a CIA ruse?

    My favorite is the strategic "leaking" out of information as needed by a Jewish reporter working for a noiZ-media outlet. I have even read Greenwald's book, No Place to Hide, and I'm still not buying it.

    I'm not buying any of it, but then I'd prefer to not ask for a "refund."

    My personal opinion is that the CIA, in their ongoing battle with the Pentagon, penetrated the NSA, then tapped a photogenic young man in their mitts to serve as the "poster boy" for the ensuing "leaks." Once they have the attention of the sheeple, they can then claim anything, as any NSA defense will not be believed.

    Liberty is a demand. Tyranny is submission..

    "They lie about everything. Why would they lie about this?"

    Christ Lucifer

    Either Snowden read the play for some decade to come and took the key pieces of info with him that he keeps secret but those pieces of intel currently allow him to access and control all covert govt surveillance including that adapted due to being compromised, there maybe some grains of truth in this in a cyber dependant organization created in an incorrectly perceived superiority complex. Or maybe his name is synonymous with modern spying, the geek who made good for the people, and his credibility is used to market a large amount of information releases for public digestion. A figurehead if you will. Not to say that some years on, the shockwaves from his actions reverberating around the planet coincide in specific places as various imperatives are displaced by the dissolution of the foundation he cracked, while the public are still only really concerned about their dick pics, which apparently women do not enjoy so much anyway.

    Promoted as a storm in a teacup by those who suffer to the transparency he gave, but it is the woodchips the show the direction of the wind, not the great lumps of timber, and when the standing trees fall it is the woodchips that have shown the truth, such is the way that key figures move the static behemoths of overstated self importance ignorant to the world they create. The hemorrhage has been contained but for some reason it continues to bleed out at a steady rate, slowly washing the veil from the eyes who suffer the belief of attaining prosperity or power through subjecting themselves to the will of others.

    He's good, but was he that good? What else is playing in his favour, or the favour of his identity?

    [May 30, 2015] Rand Paul declares surveillance war and hints at filibuster for NSA reform

    "By collecting all of your records, we're wasting so much money, so much time, and the haystack's so large we can't find the terrorists," Paul said. "I'm for looking at all of the terrorists' records – I just want their name on the warrant and I just want it to be signed by a judge just like the constitution says."
    Spiegel said it is Expired.... And they are a NSA Fish Wrap..... http://m.spiegel.de/politik/ausland/a-1036475.html
    Notable quotes:
    "... With controversial provisions of the Patriot Act scheduled to run out at midnight on Sunday, Paul, the Kentucky senator and Republican presidential hopeful, fielded questions about how he intended to win privacy campaigners a long hoped-for victory. ..."
    "... "I think a lot of people in America agree with me," Paul said, "that your phone records should not be collected by your government, unless they suspect you of a crime and unless they call a judge and unless a warrant has your name on it." ..."
    "... Apparently the real problem is Executive Order 12333, under which almost all of the mass surveillance is "authorized". ..."
    "... By the time someone is a party candidate, they've already been bought off. National write-in. ..."
    "... politicians listen to corporations and shareholders. What corporations dictate, their political lapdogs obediently listens. ..."
    "... Please, tell me that porn sites are involved in this. Cut off Congress's porn access and they will be putty in our hands. ..."
    "... "This is a blackout," read the site to which computers from congressional IP addresses were redirected. "We are blocking your access until you end mass surveillance laws." ..."
    May 29, 2015 | The Guardian

    Rand Paul indicated his intention on Friday to filibuster a surveillance reform bill that he considers insufficient, as privacy advocates felt momentum to tear the heart out of the Bush-era Patriot Act as its Snowden-era expiration date approaches.

    With controversial provisions of the Patriot Act scheduled to run out at midnight on Sunday, Paul, the Kentucky senator and Republican presidential hopeful, fielded questions about how he intended to win privacy campaigners a long hoped-for victory.

    ... ... ...

    "By collecting all of your records, we're wasting so much money, so much time, and the haystack's so large we can't find the terrorists," Paul said. "I'm for looking at all of the terrorists' records – I just want their name on the warrant and I just want it to be signed by a judge just like the constitution says."

    ... ... ...

    "Right now we're having a little bit of a war in Washington," Paul said at the rally on Friday. "It's me versus some of the rest of them – or a lot of the rest of them."

    ... ... ...

    In the middle is a bill that fell three votes shy of a 60-vote threshold. The USA Freedom Act, supported by Obama, junks the NSA's bulk collection of US phone records in exchange for extending the lifespan of the Patriot Act's controversial FBI powers.

    While McConnell, Obama and many Freedom Act supporters describe those powers as crucial, a recent Justice Department report said the expiring "business records" provision has not led to "any major case developments". Another power set to expire, the "roving wiretap" provision, has been linked to abuse in declassified documents; and the third, the "lone wolf" provision, has never been used, the FBI confirmed to the Guardian.

    ... ... ...

    The White House has long backed passage of the USA Freedom Act, calling it the only available mechanism to save the Patriot Act powers ahead of expiration now that the House has recessed until Monday.

    Obama on Friday chastised what he said were "a handful of Senators" standing in the way of passing the USA Freedom Act, who he alleged risked creating an intelligence lapse.

    James Clapper, the director of national intelligence whom Paul has criticized for lying to Congress about surveillance, issued a rare plea to pass a bill he has reluctantly embraced in order to retain Patriot Act powers.

    "At this late date, prompt passage of the USA Freedom Act by the Senate is the best way to minimize any possible disruption of our ability to protect the American people," Clapper said on Friday.

    At the Beacon Drive-in diner in Spartanburg, Paul chastised proponents of the Patriot Act for arguing the law would prevent another 9/11. "Bull!" a woman in the crowd exclaimed, as others groaned at the national security excuse cited by more hawkish lawmakers.

    "I think a lot of people in America agree with me," Paul said, "that your phone records should not be collected by your government, unless they suspect you of a crime and unless they call a judge and unless a warrant has your name on it."

    Multiple polls released this month have found overwhelming public antipathy for government surveillance.

    Still, it remains unclear if the USA Freedom Act has the votes to pass. Senate rules permit Paul to effectively block debate on the bill until expiration. Few who are watching the debate closely felt on Friday that they knew how Sunday's dramatic session would resolve.

    But privacy groups, sensing the prospect of losing one of their most reviled post-9/11 laws, were not in a mood to compromise on Friday.

    "Better to let the Patriot Act sunset and reboot the conversation with a more fulsome debate," said Anthony Romero, the executive director of the American Civil Liberties Union.

    See also:

    Trenton Pierce -> phrixus 30 May 2015 21:18

    He opposes indefinite detention in the NDAA, he opposes TPP and the fast track. He opposes the militarization of local police. He opposes the secrecy of the Federal Reserve. He opposes unwarranted civil asset forfeiture. He opposes no-knock home searches. He opposes the failed drug war. He opposes war without congressional approval. What is it about him you don't like?

    Trenton Pierce -> masscraft 30 May 2015 21:14

    Then line up behind Rand. He polls the best against Hilary. The era of big government Republican is over. Realize that or get ready for your Democrat rule.

    Vintage59 -> Nedward Marbletoe 30 May 2015 16:20

    The machine would chew him up and spit him out and he's smart enough to know that.

    ripogenus 30 May 2015 07:47

    Just listened to NPR's On the Media. They did a special podcast just on the patriot act and the consequences if it expires. Apparently the real problem is Executive Order 12333, under which almost all of the mass surveillance is "authorized".

    seasonedsenior 29 May 2015 22:20

    New technology is beginning to equal the playing field somewhat whether it be video of police misconduct or blocking out Congress from 10,000 websites to stop NSA spying. This part of technology is a real positive. There are too many secrets in our democracy-light that should be exposed for the greater good. There is too much concentrated power that needs to be opened up. I am happy to see these changes happening. Keep up the good work.

    AmyInNH cswanson420 29 May 2015 22:12

    By the time someone is a party candidate, they've already been bought off. National write-in.

    Viet Nguyen -> cswanson420 29 May 2015 17:44

    politicians listen to corporations and shareholders. What corporations dictate, their political lapdogs obediently listens.

    Best examples? Retarded laws that discriminate against gay people in states like Indiana. When major corporations such as Wal-Mart and Apple, who only cares about money, condemn such retarded laws with potential boycotts, their political lackeys quickly follow in line.

    I am waiting for another multinational corporation to declare the NSA process detrimental to businesses, and see how many former government supporters of the NSA do a complete 180 degree stance flip.

    EdChamp -> elaine layabout 29 May 2015 17:22

    Please, tell me that porn sites are involved in this. Cut off Congress's porn access and they will be putty in our hands.

    Congratulations! You win the award of the day for that one gleaming guardian comment that truly made me smile.

    Repent House 29 May 2015 16:13

    "This is a blackout," read the site to which computers from congressional IP addresses were redirected. "We are blocking your access until you end mass surveillance laws."

    This is so freekin awesome... mess with the bull you get the horns as I always say! They seem to under estimate the strength, knowledge, tenacity, of the "AMERICAN PEOPLE" This is what we need to do on a wider scale for a number of things wrong! Awesome!

    [Apr 19, 2015] Twitter Moves Non-US Accounts To Ireland, and Away From the NSA<

    Apr 19, 2015 | slashdot.org

    timothy on Saturday April 18, 2015 @08:31AM

    Mark Wilson writes Twitter has updated its privacy policy, creating a two-lane service that treats U.S. and non-U.S. users differently. If you live in the U.S., your account is controlled by San Francisco-based Twitter Inc, but if you're elsewhere in the world (anywhere else) it's handled by Twitter International Company in Dublin, Ireland. The changes also affect Periscope. What's the significance of this? Twitter Inc is governed by U.S. law; it is obliged to comply with NSA-driven court requests for data. Data stored in Ireland is not subject to the same obligation. Twitter is not alone in using Dublin as a base for non-U.S. operations; Facebook is another company that has adopted the same tactic. The move could also have implications for how advertising is handled in the future.

    [Apr 19, 2015] The Upsides of a Surveillance Society

    Apr 18, 2015 | slashdot.org
    timothy on Saturday April 18, 2015 @03:27PM
    theodp writes Citing the comeuppance of ESPN reporter Britt McHenry, who was suspended from her job after her filmed ad-hominem attack on a person McHenry deemed to be beneath her in terms of appearance, education, wealth, class, status went viral, The Atlantic's Megan Garber writes that one silver lining of the omnipresence of cameras it that the possibility of exposure can also encourage us to be a little kinder to each other. "Terrible behavior," Garber writes, "whether cruel or violent or something in between, has a greater possibility than it ever has before of being exposed. Just as Uber tracks ratings for both its drivers and its users, and just as Yelp can be a source of shaming for businesses and customers alike, technology at large has afforded a reciprocity between people who, in a previous era, would have occupied different places on the spectrum of power. Which can, again, be a bad thing - but which can also, in McHenry's case, be an extremely beneficial one. It's good that her behavior has been exposed. It's good that her story going viral might discourage similar behavior from other people. It's good that she has publicly promised 'to learn from this mistake.'" Read the 98 comments

    Taco Cowboy (5327) on Saturday April 18, 2015 @07:29PM (#49502139) Journal

    Ask the former residents of East Germany (Score:2)

    They were under constant watch of the Stasi

    Why don't you guys go ask the former residents of the East Germany and see if they prefer to be "kinder to each others" when under surveillance or to have their liberty back ... even if they have to endure the consequence of having more people being rude to each others

    TFA should be a warning sign - that TPTB is actively trying to inject a meme / an idea into people's mindset that the society would be somehow *nicer* if everybody are under surveillance

    I thought you guys are supposed to have above average IQ, but looking at the way you guys are commenting ... sigh !

    Anonymous Coward on Saturday April 18, 2015 @06:48PM (#49501945)

    Kinder... on camera, assholes off (Score:1)

    There are societies like Iran where people have two personalities. What is shown outside and what is in the compound (which can be one home, or others attached by private passages.)

    Same stuff happens here. Want to see proof? Play a modern FPS in multiplayer mode. The 13 year olds can curse well enough it will make a Marine gunnery sargent blush.

    Having to have two personas also causes people to crack. This is why we have had more lone wolf attacks against targets in the past two years than we have in the preceding two decades.

    So, yes, people will adopt a sheepish, "yessa, massa" persona... but as soon as those cameras as gone, they are going to act like the kids out of "Lord of the Flies", pigsticker up the hog's ass and everything.

    Jack Griffin (3459907) on Sunday April 19, 2015 @01:06AM (#49503227)

    Re:no... just no (Score:3)

    Its not making people be nicer, its helping lonely people harass others

    Actually it's both. I've seen plenty of cases first hand of bullies getting their comeuppance thanks to casual surveillance, and we've all seen cases of abuse. Like the car, it can be both a tool and weapon. It would be foolish to write off it's benefits just because of the odd car crash. As long as we manage the new era of the surveillance society, I think it can deliver a net gain.

    scottbomb (1290580) on Saturday April 18, 2015 @03:49PM (#49501233) Journal

    I wouldn't call that a "surveillence society" (Score:2)

    To do so implies that a camera is always trained on me when in fact, that's almost never the case. The article itself does make an interesting point about people being more reluctant to act like a fool when they know a stranger with a camera is likely to catch it all. But to call that a "surveillance society" is false sensationalism.

    Opportunist (166417) on Saturday April 18, 2015 @06:45PM (#49501915)

    I wouldn't call that a "surveillence society" (Score:5, Insightful)

    In 1984, people also weren't always under observation by their telescreen. Actually, they almost never were. What made them "behave" was simply that they didn't know when they would be.

    So just not having a camera "trained on you" every second of your life doesn't make the total surveillance any less invasive. When you cannot tell whether you have privacy, you have none.

    Karmashock (2415832) on Saturday April 18, 2015 @03:54PM (#49501255)

    Why is this a good thing again? (Score:5, Insightful)

    Yes, people shouldn't be raging assholes but in what way is shaming the occasional raging asshole justification for a surveillance society?

    This like... pros and cons of an alien invasion from outer space.

    On the down side we're all going to be slaves.

    But on the plus side we have ray guns now. We don't control the ray guns... they're mostly pointed at us and our overlords exploit their advantages ruthlessly... but hey... ray guns.

    I mean seriously, do we control these cameras at all? No. They're not controlled by the public. The public in fact didn't even want them. They were IMPOSED and they serve the whims of whomever is in charge of the security system.

    So we're told "hey good news guys, the upside of the alien invasion is that your alien overlords will occasionally disintegrate the occasionally asshole of your pathetic squishy species. ALL HAIL YOUR TENTACLE MASTERS!"

    What the actual fuck.

    fuzzyfuzzyfungus (1223518) on Saturday April 18, 2015 @04:07PM (#49501301) Journal

    And on the minus side... (Score:4, Insightful)

    While this sometimes pays off, when circumstances line up correctly, it is vital to keep the limitations in mind:

    Lower cost has made it much more likely that random bystanders have some level of video recording, rather than none; but entities with ample resources also take advantage of reduced costs, which is why, say, nontrivial areas of the developed world are effectively saturated with automated LPR systems. There is a win for those cases where it previously would have been the word of someone who counts vs. the word of some nobody; but elsewhere reduced costs and improve capabilities make having a big budget and legal power even more useful.

    Improved surveillance only changes the game at the 'evidence' stage. If legal, public, or both, standards aren't sufficiently in your favor, improved evidence is anywhere from irrelevant to actively harmful. You can have all the evidence you want; but if the DA refuses to indict, or the 'viral' pile-on targets the victim rather than the aggressor, it doesn't help you much. Had McHenry's tirade been a bit cleverer, or her target a shade more unsympathetic, odds are good that the attendant in question would be being hounded as we speak.

    Dunbal (464142) * on Saturday April 18, 2015 @04:11PM (#49501319)

    False premise (Score:3)

    Honestly I think the kind of person who is likely to go off on such a petty rant isn't going to give a damn if there's a camera there or not.

    Their sense of superiority and ego is such that they don't actually think at any moment that they are wrong, so what difference would a camera make? It's like saying that the guy with anger issues will not have a road rage episode because of a camera.

    He's not thinking about the camera - he's off in his own little rage world temporarily but completely disconnected from reality.

    Anonymous Coward on Saturday April 18, 2015 @04:29PM (#49501369)

    The Reporter Video Wasn't Even An Upside (Score:5, Insightful)

    It's great that you can walk in to a private business that has forced you to do business with it (car-towing company), lose your temper in this essentially private setting because they are (in all probability) treating you like shit and/or ripping you off, and have that business post a video of this on the internet without your consent, having edited out the parts of the video where they said/did things that incited you in the first place.

    That reporter clearly just lost her temper and was trying to say whatever seemed like it would be most hurtful. It's not clear at all that she is any more elitist than most people in positions of prestige. For all we know, her sentiment could have been justified, and given the apparently predatory towing company she was dealing with, it probably was. If the employee was "just doing her job", but that job involves ripping people off, I have no sympathy. Pretty crazy how people are calling for the reporter's head for this.

    rahvin112 (446269) on Saturday April 18, 2015 @08:00PM (#49502257)

    Car towing is legalized theft (Score:2)

    Car Towing is legalized theft. Though I'm sure there are some by the book towers in my experience the vast majority are a bunch of thieving crooks. They will take cars that aren't even in violation and don't even get me started on the storage fees.

    Britt likely had a very good reason for what she did. Her car was stolen and only given back to her after paying a huge blackmail fee.

    redelm (54142) on Saturday April 18, 2015 @04:39PM (#49501403) Homepage

    High-tech "An armed society is a polite society" (Score:4, Interesting)

    ... from Robert Heinlein. In both cases, the consequences of rude behaviour are much greater.

    I worry most about the years-later consequences of surveillence on politicians and other leaders. They all seem to have sordid episodes, and this leaves them highly succeptible to hidden blackmail/pressure by data-holders. We will never know how they are manipulated and abuse their wide discretionary powers.

    Not to protect "the little children" but to protect "the pervy pols."

    Bob9113 (14996) on Saturday April 18, 2015 @04:45PM (#49501437) Homepage

    You Are, But So Are They (Score:4, Insightful)

    TL;DR: The upside of being under continuous surveillance is that everyone else is too. It is the same argument as, "Because terrorists might get caught."

    Here's just one example of the downside: Alcoholics Anonymous, Narcotics Anonymous, and similar will all have zero attendance as soon as employers stop hiring people who have been seen at an AA/NA meeting. That will be a reality within ten years, as private license plate tracking databases come online.

    Doubt it? Ask yourself this: Would a typical "profit over everything" manager hire someone he knew was in NA? That guy is going to abuse these databases as they come online. That is reality.

    cfalcon (779563) on Saturday April 18, 2015 @04:47PM (#49501451)

    It's nowhere close to that rosy (Score:4, Interesting)

    It's nowhere close to as nice as OP portrays.

    The example brought up- the ludicrous cuntly behavior of Britt going off on some poor schmuckette- is gratifying because she's "getting hers". But, lets consider a few things:

    1- Britt had no reason to suspect she was being recorded (beyond the general assumption that any building or person in America *could* be "taping" you now). She acted based on assumptions that weren't true.

    2- Britt has a job where public relations are extremely important, and is a celebrity (not "was", I'm certainly a lot more interested in someone who openly shits on tow companies, notoriously sketchy organizations that damage vehicles and will tow legal vehicles if they can claim that the little whatever that lets you park legally could be argued to not be perfectly visible, or if can be dislodged in towing- so if she pops up and rants about stuff, hey, I'll watch)

    3- Who controls the cameras is the big deal. What if, in addition to the rant delivered by her, we saw EVERYTHING that happened in that business, from the cabs of the tow trucks to the office politics in the back to their normal customer relations? By selecting just what your foes do at a specific time, you obviously gain a great deal of control, because your shit is flushed and theirs is on youtube forever.

    The medium benefits of cameras seem to be what we see in Russia from dash cams- inability of insurance companies to welch on payments, and greater evidence of actually criminal dealings on the road.

    The biggest benefits of cameras will be their effect on law enforcement, and if we want to actually reap those benefits (instead of just making people who can have a short temper unemployable in even more jobs than they already are), we'll need protections for the numerous police who routinely order people to stop filming (this should not ever be something a policeman can say), attack people legally and extralegally for putting up their crimes, and actually hold them accountable for the absurd beatings that they suddenly started dealing out to poor people and anyone who wouldn't normally be believed in court- beatings that seemingly began the moment that everyone got cameras. Probably those two related, hrm, what's that correlation...

    So it doesn't matter that some hot tempered cutie with a media job went off on some random people. That's not really helping society that she can't keep her ESPN job.

    The workaround for (1) is that people will act like they are being recorded, which naively means that they will switch from aggression to bating and passive aggression. If they ALSO have cameras (and hidden cameras are cheap, and will become moreso), then the goal becomes to bait the other party to either committing a crime (easier in some situations than others) or crucifying themselves in the court of public opinion. We can laugh at the people who haven't adapted to this new ruleset fast enough, but it's STILL a game, and it will still be won by the same sociopaths that always are good at these games.

    (2) is an issue because more and more jobs will fall into this category, resulting in minor altercations yielding a harsh streak of unemployment into a society already hellbent on assuming that ability is immediately rewarded with steady employment. While celebrities have a huge amount of support systems to fall back on ("celebrity does a heel-turn" is not a death knell by any means to their public life), many people do not. The natural assumption of the video seems to be that if someone is caught doing something on tape, that this is representative of their entire life, a brief 30 second temper tantrum serving as a summary of their entire life. This background assumption is based on what USED to be the truth, and the same logic that the legal system uses to dole out large punishments for minor violations- that cameras (observing agents in general) were so rare that if someone got caught ranting on camera (or speeding on some empty highway) that it serves as a *representation of that person in general*. That the ranter probably ranted routinely, over and over again, with no camera, or that the speeder was likely speeding and endangering people on the regular, justifying the harsh grilling or hugely out of proportion fine (out of proportion assuming it was actually isolated, not necessarily out of proportion assuming that it was a reasonable sample of that person's behavior).

    - Simply put, we have to stop assuming that people being taped doing something unusually angry, sexy, or kind, is a typical representation of those people. Cameras aren't rare anymore, but emotionally everyone feels that they are. This will take awhile to happen.

    (3) is covered by other posters mostly. Those with the recording devices have the power to define the reality of the recorded, after all.

    EmeraldBot (3513925) on Saturday April 18, 2015 @08:16PM (#49502311)

    You know... (Score:5, Insightful)

    I've once had the fortune (misfortune?) of living in East Germany for a year, back when the Berlin Wall existed. Do you want to know what living surveillance state is like?

    It's a place where you are ALWAYS on guard. You can never be honest with anyone - your teacher in school could be with the government, your best friend could be undercover, even your own family could be recruited.

    You have to bottle up everything inside yourself, and you present this lovely facade to the public. Many, especially those of us from the west, often wonder why people from Russia are so guarded. You want to know why? Because the alternative is rotting in jail, or even being assassinated.

    What this idiotic, moronic , IGNORANT author proposes is a complete regression of 300 years of progress towards a free society, and not just in America. If he can't stand people being impolite, then very well - I expect him to thank me when he is inside a gulag for going to a gay rights meeting, just as he had to thank me when I hauled off his grandmother for being related to him (she's equally guilty by being in his immediate family). THAT is the society he will live in, but at least he'll never half to bear the terrible injustice of someone calling him an idiot. And now I think I know why he's called that.

    Mandrel (765308) on Saturday April 18, 2015 @10:04PM (#49502703)

    Re:You know... (Score:3)

    I've once had the fortune (misfortune?) of living in East Germany for a year, back when the Berlin Wall existed. Do you want to know what living surveillance state is like? It's a place where you are ALWAYS on guard. You can never be honest with anyone - your teacher in school could be with the government, your best friend could be undercover, even your own family could be recruited. You have to bottle up everything inside yourself, and you present this lovely facade to the public.

    This need to be too nice is also true of non-anonymous forums like Facebook, where there's a split between anodyne comments and over-the-top complaints. The former comes about because no-one wants to be accused of being a hater or a whinger, and wants to maximize their "likes", so nearly all comments are content-free sunshine and roses. But once the target is a corporation or a prominent person who may have done something wrong, everyone smugly gangs up and lets loose.

    The middle path of polite and measured criticism is lost, which is where the meat is in any discussion.

    [Apr 11, 2015] Surveillance Valley Rise of the Google-Military Complex

    Apr 11, 2015 | Politics in the Zeros
    Yasha Levine has launched a Kickstarter campaign for his upcoming book, Surveillance Valley, which will detail the deep ties between supposedly libertarian, freedom-loving Silicon Valley companies and the national security apparatus. In truth, these companies are way too cozy with NSA et al, watch us constantly, are seriously not our friends, engage in seriously sleazy if not criminal behavior, and more.

    Not surprisingly, Levine, an experienced investigative reporter, has found traditional book publishers show interest at first, then back off. That's why he's self-funding. I just contributed to his Kickstarter campaign. If you care about freedom, you should too.

    Because what is going on is murky and scary indeed.

    I have exposed Google's deep ties to US intelligence agencies and investigated Google's role as a global for-profit intelligence agency - an entity that aims to capture and monetize as much of our activity in the real and online world as possible. I reported on the murky and criminal world of digital data brokers, and investigated the detailed dossiers that big tech companies compile on all of us. I have looked at Silicon Valley's conflicted connections to tech watchdogs like EFF and privacy activists - people and organizations that are supposed to be fighting for our interests, not those of global tech. I have also revealed how the Pentagon and other US intel agencies are heavily involved in funding grassroots privacy activists and encryption technology - including just about every privacy tool endorsed by Edward Snowden.

    EFF, including Tor, has always been heavily financed by the government. This should give anyone pause and indeed needs to be investigated in depth. Especially considering recent revelations show Tor to be not secure.

    The book will…

    Blow the lid off the Google-Military Surveillance Complex: It will investigate Google's close relationship with US National Security State.

    Explore the Silicon Valley arms race: It will look at how other Silicon Valley companies - Amazon, eBay, Facebook, Microsoft - are in a race to dominate the lucrative military and intelligence contracting market.

    Detail exactly what Silicon Valley knows about us: Companies like Google and Facebook aggressively mine user data to compile complex and detailed dossiers.

    Examine how Internet giants make money off invading our privacy:

    Reveal how Silicon Valley polices our lives: There is a common misconception that no matter how much Silicon Valley companies spy on us, at least they don't have the power to arrest and jail us. Truth is, they can and do.

    [Apr 11, 2015] Surveillance Valley: The Rise of the Google-Military Complex

    Surveillance Valley

    A book by Yasha Levine about how Silicon Valley turned the Internet into the greatest surveillance apparatus in the history of mankind.

    Paulo Sa Elias on March 2

    And remember: "Those who spies doesn't need to tell you they do, unless they are just looking to spread the fear of exposure."

    [Apr 03, 2015] Random findings

    Personal details of world leaders accidentally revealed by G20 organisers Guardian. Schadenfreude alert.

    Tor reportedly hires Verizon's PR firm to fight back against Pando's reporting Yasha Levine, Pando

    Before leak, NSA mulled ending phone program Associated Press (furzy mouse)

    NSA Tried to Roll Out Its Automated Query Program Between Debates about Killing It Marcy Wheeler

    Obama's Intelligence Oversight Board a Corporate Lot PEU Report

    [Mar 14, 2015] Clinton defence of personal email server fails to placate critics

    Mar 14, 2015 | The Register

    Phil Barnett, a VP at mobile device management vendor Good Technology, questioned Clinton's data management practices.

    "Personal and highly sensitive corporate data are very different and should be treated as such," Barnett said. "But that's not to say you can't have them on the same device. The user experience must be high quality to keep data secure – if your corporate security model is too heavy, people will find a way around it.

    "Separating and containerising sensitive data allows one device to do both jobs while balancing usability and security. And the more sensitive the data, the more critical this approach becomes," he added.

    The affair has created issues around using personal vs. government issued e-mail addresses, as well as the preservation requirements that apply to each case. The incident has also thrown up regulatory, compliance and storage/e-discovery issues.

    Mark Noel, a former litigator for Latham & Watkins who went on to co-found an electronic discovery software firm before moving onto Catalyst Repository System, is more sympathetic to Clinton's DIY email set-up, arguing that there's a good chance that historically significant data will be recovered one way or another.

    "The use of a personal email account doesn't necessarily mean there's any intent to hide things," Noel said. "It's very common for busy professionals to try to funnel everything into one email account or one device, because multiple devices or accounts are too much of a pain to deal with and take up way too much time. When the government or corporate system isn't set up to allow that kind of efficiency, people often craft their own solutions purely for the sake of getting their jobs done."

    Emails sent or received by Clinton might still be accessible even if here or her staff either deleted or lost them for any reason. There are always copies at the other end, the managing director of professional services at Catalyst Repository System pointed out.

    "Analysts who are complaining that 'there's no way we can know if there's anything missing' aren't quite right," Noel said. "We do this all the time in civil litigation and government investigations. Emails tend to leave copies on every server they touch, so even if a sender doesn't keep a copy of it, the receiver's email system probably did. If Ms. Clinton emailed other government issued accounts, those emails are very likely preserved – just in a different location."

    Gaps in the record might also be revealed via practices common in commercial litigation, according to Noel.

    "Additionally, there are other types of analysis, such as 'gap analysis' that can reveal whether email is likely missing, based on the usual pattern and quantities of email and whether there appear to be 'holes' in the emails that are preserved. These types of analyses are also quite common in civil litigation and government investigations where it is suspected that someone is intentionally hiding or deleting evidence," he concluded. ®

    [Mar 14, 2015] UK says comms metadata can kill personal privacy by Simon Sharwood

    Mar 12, 2015 | The Register
    Post-Snowden Parliamentary inquiry calls for tighter safeguards on spooks' access to metadata

    ... ... ...

    The inquiry also rejects use of the term "metadata", which it feels is not helpful because it is too vague. Instead the UK prefers the term "Content-Derived Information" because it is felt a more nuanced approach to the collection of data about communications is required.

    The report (PDF) therefore offers the four-level definitions of data that can be gleaned from details of an individual's electronic communications:

    Type of information Example (ie in relation to a telephone call
    Communications Data The numbers and date/time of a telephone call.
    Communications Data Plus' Details of the person or organisation called, which could reveal details about a person's private life (e.g. if it was a call to a particular medical helpline, or a certain type of dating or sex chat line).
    Content-derived information The accent of an individual speaking during the call.
    Content What was said during the call

    The report goes on to say that Communications Data Plus "would encompass details of web domains visited or the locational tracking information in a smartphone" and to make the following observation about how it should be handled:

    "However, there are legitimate concerns that certain categories of Communications Data – what we have called 'Communications Data Plus' – have the potential to reveal details about a person's private life (i.e. their habits, preferences and lifestyle) that are more intrusive. This category of information requires greater safeguards than the basic 'who, when and where' of a communication."

    A little backfill: the report says it has no problem with UK intelligence agencies collecting communications data through intercepts and does not recommend tighter controls on its collection and use. The call for more safeguards on Communications Data Plus is therefore notable in the Australian context, as the antipodean communications data collection proposal requires no warrant for access.

    The UK report says local legislation should therefore define three levels of metadata, under the following definitions:

    Communications Data should be restricted to basic information about a communication, rather than data which would reveal a person's habits, preferences or lifestyle choices. This should be limited to basic information such as identifiers (email address, telephone number, username, IP address), dates, times, approximate location, and subscriber information.

    Communications Data Plus would include a more detailed class of information which could reveal private information about a person's habits, preferences or lifestyle choices, such as websites visited. Such data is more intrusive and therefore should attract greater safeguards.

    Content-Derived Information would include all information which the Agencies are able to generate from a communication by analysing or processing the content. This would continue to be treated as content in the legislation.

    ... ... ...

    [Mar 10, 2015] CIA worked to break into Apple devices for years – Snowden docs

    March 10, 2015 | RT USA

    Researchers working for the CIA were involved in a "multi-year, sustained effort" to crack security measures and undermine encryption on Apple devices, The Intercept reports, citing top secret documents leaked by Edward Snowden.

    The documents were presented at one of clandestine annual security conferences known as the "Jamboree." The CIA-sponsored forums took place annually for nearly a decade, while the leak covers the period of 2006 to 2013.

    Though the report does not provide the details of any successful operations waged against Apple, the documents describe several methods US intelligence officers were using to attempt to infiltrate the tech giant's products.

    One of the most egregious revelations detailed by The Intercept was an attempt to create a dummy version of Xcode - the tool used to create many of the apps sold the Apple App Store. If successful, this could allow spies to insert surveillance "backdoors" into any app created using the compromised development software.

    The docs also claim that the CIA was actively working to crack encryption keys implanted into Apple mobile devices that secured user data and communications.

    The news has spurred backlash amongst security experts on Twitter and will likely prompt heighted security audits from Apple developers. The revelations are expected to strain already tense relations between the company and the US government.

    A spokesperson for Apple pointed to previous statements by company CEO Tim Cook on privacy, but did not comment further on the breach.

    "I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services," Cook wrote last year. "We have also never allowed access to our servers. And we never will."

    Previously Apple was said to have cooperated with the US government's Prism program, a legal backdoor which allowed the NSA and other security agencies to obtain user information.

    However, following the first batch of Snowden revelations about NSA surveillance, Apple said it ramped up its efforts to protect user privacy aiming to restore user trust. Last fall, the company changed its encryption methods for data stored on iPhones, a move it said meant it had no longer had a way to extract user data, even if ordered to with a warrant.

    Security researchers warned that the tactics would set a dangerous precedent for mobile privacy.

    "Every other manufacturer looks to Apple. If the CIA can undermine Apple's systems, it's likely they'll be able to deploy the same capabilities against everyone else," Matthew Green, a Johns Hopkins cryptographer, told The Intercept. "Apple led the way with secure coprocessors in phones, with fingerprint sensors, with encrypted messages. If you can attack Apple, then you can probably attack anyone."

    US President Barack Obama as well British Prime Minister David Cameron expressed disapproval at such measures, cautioning that increased privacy for users may prevent governments from tracking extremists planning attacks.

    [Mar 07, 2015] Under the Radar, Big Media Internet Giants Get Massive Access to Everything About You By Jeffrey Chester

    March 5, 2015 | alternet.org

    A White House-backed bill would give the corporate elite control over how our data is used.

    Editor's note: The following is the latest in a new series of articles on AlterNet called Fear in America that launched this March. Read the introduction to the series.

    The Internet and our digital media are quietly becoming a pervasive and manipulative interactive surveillance system. Leading U.S. online companies, while claiming to be strong supporters of an open and democratic Internet, are working behind the scenes to ensure that they have unlimited and unchecked power to "shadow" each of us online. They have allied with global advertisers to transform the Internet into a medium whose true ambition is to track, influence and sell, in anever-ending cycle, their products and political ideas. While Google, Facebook and other digital giants claim to strongly support a "democratic" Internet, their real goal is to use all the "screens"we use to empower a highly commercialized and corporatized digital media culture.

    Last Thursday was widely viewed as a victory for "Internet Freedom" and a blow to a "corporatized" Internet as the Federal Communications Commission (FCC) endorsed a historic public utility framework for Network Neutrality (NN). It took the intervention of President Obama last year, who called for "the strongest possible rules to protect net neutrality," to dramatically transform the FCC's plans. Its chairman, Thomas Wheeler, a former cable and telecom lobbyist, had previously been ambivalent about endorsing strong utility-like regulations. But feeling the pressure, especially from the president, he became a "born again" NN champion, leading the agency to endorse "strong, sustainable rules to protect the Open Internet."

    But the next day, the Obama White House took another approach to Internet Freedom, handing the leading online companies, including Google, Facebook, and their Fortune-type advertising clients, a major political victory. The administration released its long-awaited "Consumer Privacy Bill of Rights" legislation. The bill enables the most powerful corporations and their trade associations to greatly determine what American privacy rights will be. By giving further control over how data are gathered and used online, the administration basically ceded more clout to a corporate elite that will be able to effectively decide how the Internet and digital applications operate, today and in the near future.

    How do privacy rules impact the openness of the Internet, and the ability to promote and sustain progressive and alternative perspectives? While much of the public debate on pervasive data mining has focused on the role of the NSA and other intelligence agencies that were exposed by Edward Snowden, there has not been as much discussion on the impact of the commercial data system that is at the core of the Internet today. Google, Facebook, and others use our data as the basis of an ever-expanding global system of commercial surveillance. This information is gathered from our mobile devices, PCs, apps, social networks, and increasingly even TVs-and stored in digital profiles. These far-reaching dossiers-which can be accessed and updated in milliseconds-can include information on our race/ethnicity, financial status, health concerns, location, online behavior, what our children do, whom we communicate with on social media, and much more.

    The major online companies are continually expanding their commercial data gathering practices. They now merge and use our online and offline data (what we do online and information collected from store loyalty cards, etc.); track us across all the devices we use (PCs, mobile, etc.); and amass even more data about us supplied by a vast network of data broker alliances and partnerships (such asFacebook with its myriad of data partners, including Acxiom and Epsilon). A U.S. digital data industry "arms race," with companies vying to own the most complete set of records on every consumer, has also led to a wave of mergers and acquisitions, where companies that have already compiled huge datasets on Americans (and global consumers) being swallowed up by even larger ones.

    Leading corporations are investing vast sums to harvest and, in their own words, make "actionable" information we now generate nearly 24/7. So-called "Big Data" technologies enable companies to quickly analyze and take advantage of all this information, including understanding how each of us uses online media and mobile phones. A score of "Math Men and Women"-led advertising-technology companies have pioneered the use of super fast computers that track where we are online and, in milliseconds, crunch through lots of our data to decide whether to target us with advertising and marketing (regardless of whether we use a PC or mobile device and, increasingly, using our geolocation information).

    These machines are used to "auction" us off individually to the highest bidder, so we can be instantly delivered some form of marketing (or even political) message. Increasingly, the largest brands and ad agencies are using all this data and new tactics to sell us junk food, insurance, cars, and political candidates. For example, these anonymous machines can determine whether to offer us a high-interest pay day loan or a lower interest credit card; or an ad from one political group versus another.

    But it's not just the ability to harvest data that's the source of increased corporate clout on the Internet. Our profiles are tied to a system of micro-persuasion, the 21st century updating of traditional "Madison Avenue" advertising tactics that relied on "subliminal" and cultural influence. Today, online ads are constructed by connecting our information to a highly sophisticated digital marketing apparatus. At places like Google's BrandLab, AT&T's Adworks Lab, or through research efforts such as Facebook IQ, leading companies help their well-heeled clients take advantage of the latest insights from neuromarketing (to deliberately influence our emotions and subconscious), social media monitoring, new forms of corporate product placement, and the most effective ways to use all of our digital platforms.

    The online marketing industry is helping determine the dimensions of our digital world. Much of the Internet and our mobile communications are being purposely developed as a highly commercialized marketplace, where the revenues that help fund content go to a select, and largely ad-supported, few. With Google, Facebook, major advertisers and agencies all working closely together throughout the world to further commercialize our relationship to digital media, and given their ownership over the leading search engines, social networks, online video channels, and how "monetization" of content operates, these forces pose a serious obstacle to a more democratic and diverse online environment.

    One of the few barriers standing in the way of their digital dominance is the growing public concern about our commercial privacy. U.S. companies have largely bitterly opposed proposed privacy legislation-in the U.S. and also in the European Union (where data protection, as it is called, is considered a fundamental right). Effective regulations for privacy in the U.S. would restore our control of the information that has been collected about us, versus the system now in place that, for the most part, enables companies to freely use it. But under the proposed Obama plan, Google, Facebook and other data-gathering companies would be allowed to determine the rules. Through a scheme the White House calls a "multi-stakeholder" process, industry-dominated meetings-with consumer and privacy groups vastly outnumbered and out-resourced-would develop so-called self-regulatory "codes of conduct" to govern how the U.S. treats data collection and privacy. Codes would be developed to address, for example, how companies can track and use our location information; how they compile dossiers about us based on what we do at the local grocery store and read online; how health data can be collected and used from devices like Fitbit; and more. This process is designed to protect the bottom line of the data companies, which the Obama White House views as important to the economy and job growth. (Stealing other people's data, in other words, is one of America's most successful industries). Like similar self-regulatory efforts, stakeholder codes are really designed to sanction existing business practices and enable companies to continue to accumulate and use vast data assets unencumbered. The administration claims that such a stakeholder process can operate more effectively than legislation, operating quickly in "Internet time." Dominated by industry as they are, stakeholder bodies are incapable of doing anything that would adversely impact their own future-which currently depends on the ability to gather and use all our data.

    The administration's bill also strips away the power of the Federal Trade Commission (FTC), which now acts as the leading federal watchdog on privacy. Instead of empowering the FTC to develop national rules that enable individuals to make their own privacy decisions, the bill forces the agency to quickly review (in as little as 90 days) the proposed stakeholder codes-with little effective power to reject them. Companies become largely immune to FTC oversight and enforcement when they agree to abide by the self-regulatory policies their lobbyists basically wrote. In a rare rebuke to the administration, the FTC, leading Congressional Democrats, and the majority of consumer and privacy organizations rejected the White House's privacy plan. But the administration does not appear to be willing, for now, to change its support for the data companies; and as we know, Silicon Valley and their business allies have strong support in Congress that will prevent any privacy law from passing for now.

    To see how the online lobby has different views on Internet Freedom, compare, for example the statements of the "Internet Association"-the lobbying trade organization that represents Google, Facebook, Amazon and dozens of other major online data-gathering companies-on last week's two developments. It praised the FCC NN decision for creating "strong, enforceable net neutrality rules … banning paid prioritization, blocking, and discrimination online." But the group rejected the Administration's privacy proposal, as weak as it was, explaining that "today's wide-ranging legislative proposal outlined by the Commerce Department casts a needlessly imprecise net." At stake, as the Internet Association knows, is the ability of its members to expand their businesses throughout the world unencumbered. For example, high on the agenda for the Internet Association members are new U.S. brokered global trade deals, such as the Transatlantic Trade and Investment Partnership, which will free our digital giants from having to worry about strong privacy laws abroad.

    While the NN battle correctly viewed Comcast, Verizon, and other cable and phone giants as major opponents to a more democratic digital media environment, many of the online companies were seen as supporters and allies. But an "open" network free from control of our cable/telco monopolies is just one essential part for a more diverse and public interest-minded online system. Freedom must also prevent powerful interests from determining the very structure of communications in the digital age. Those companies that can collect and most effectively use our information are also gatekeepers and shapers of our Internet Future.

    The NN victory is only one key step for a public-interest agenda for digital media. We also must place limits on today's digital media conglomerates, especially their ability to use all our data. The U.S is one of the only "developed" countries that still doesn't have a national law protecting our privacy. For those concerned about the environment, we must also address how U.S. companies are using the Internet to encourage the global public to engage in a never-ending consumption spree that has consequences for sustainability and a more equitable future.

    There is ultimately an alignment of interests between the so-called "old" media of cable and the telephone industry with the "new" online media. They share similar values when it comes to ensuring the media they control brings eyeballs and our bank accounts to serve them and their advertising clients. While progressive and public interest voices today find the Internet accessible for organizing and promoting alternative views, to keep it so will require much more work.

    Jeffrey Chester is executive director of the Center for Digital Democracy ( www.democraticmedia.org).

    [Feb 21, 2015] Chip Maker to Investigate Claims of Hacking by N.S.A. and British Spy Agencies by MARK SCOTT

    Feb 20, 2015 | NYTimes.com

    Gemalto, a French-Dutch digital security company, said on Friday that it was investigating a possible hacking by United States and British intelligence agencies that may have given them access to worldwide mobile phone communications.

    The investigation follows news reports on Thursday that the National Security Agency in the United States and the Government Communications Headquarters in Britain had hacked Gemalto's networks to steal SIM card encryption codes.

    The claims - reported on a website called The Intercept - were based on documents from 2010 provided by Edward J. Snowden, the former N.S.A. contractor.

    The American and British intelligence agencies are said to have stolen the encryption key codes to so-called smart chips manufactured by Gemalto, which are used in cellphones, passports and bank cards around the world.

    Gemalto is the world's biggest maker of SIM cards, the small chips in cellphones that hold an individual's personal security and identity information.

    By gaining access to the chips, the British and American agencies are said to have been able to look up large amounts of mobile voice and data communications without the permission of governments or telecommunications providers like Verizon Wireless and AT&T.

    "We cannot at this early stage verify the findings of the publication and had no prior knowledge that these agencies were conducting this operation," Gemalto said in a statement on Friday.

    ... ... ...

    [Jan 29, 2015] 'Anonymized' Credit Card Data Not So Anonymous, MIT Study Shows

    Jan 29, 2015 | slashdot.org

    timothy January 29, 2015 @05:12PM

    schwit1 writes Scientists showed they can identify you with more than 90 percent accuracy by looking at just four purchases, three if the price is included - and this is after companies "anonymized" the transaction records, saying they wiped away names and other personal details. The study out of MIT, published Thursday in the journal Science, examined three months of credit card records for 1.1 million people.

    "We are showing that the privacy we are told that we have isn't real," study co-author Alex "Sandy" Pentland of the Massachusetts Institute of Technology, said in an email.

    [Jan 29, 2015] Snowden Documents CSE Tracks Millions of Downloads Daily

    January 28, 2015 Slashdot

    Advocatus Diaboli writes

    Canada's electronic spy agency sifts through millions of videos and documents downloaded online every day by people around the world, as part of a sweeping bid to find extremist plots and suspects, CBC News has learned. Details of the Communications Security Establishment project dubbed 'Levitation' are revealed in a document obtained by U.S. whistleblower Edward Snowden and recently released to CBC News.

    Under Levitation, analysts with the electronic eavesdropping service can access information on about 10 to 15 million uploads and downloads of files from free websites each day, the document says.

    [Jan 27, 2015] Secret 'BADASS' Intelligence Program Spied on Smartphones By Micah Lee

    Advertisement agencies with their advertizing frameworks are the Trojan horse installed on PC, smartphones and most Websites. And Google is the largest of them. Blocking Javascript and wiping cookies on daily basis is the only way to ensure some minimum level of privacy, but even this is not enough
    The Intercept

    British and Canadian spy agencies accumulated sensitive data on smartphone users, including location, app preferences, and unique device identifiers, by piggybacking on ubiquitous software from advertising and analytics companies, according to a document obtained by NSA whistleblower Edward Snowden.

    The document, included in a trove of Snowden material released by Der Spiegel on January 17, outlines a secret program run by the intelligence agencies called BADASS. The German newsweekly did not write about the BADASS document, attaching it to a broader article on cyberwarfare. According to The Intercept's analysis of the document, intelligence agents applied BADASS software filters to streams of intercepted internet traffic, plucking from that traffic unencrypted uploads from smartphones to servers run by advertising and analytics companies.

    Programmers frequently embed code from a handful of such companies into their smartphone apps because it helps them answer a variety of questions: How often does a particular user open the app, and at what time of day? Where does the user live? Where does the user work? Where is the user right now? What's the phone's unique identifier? What version of Android or iOS is the device running? What's the user's IP address? Answers to those questions guide app upgrades and help target advertisements, benefits that help explain why tracking users is not only routine in the tech industry but also considered a best practice.

    For users, however, the smartphone data routinely provided to ad and analytics companies represents a major privacy threat. When combined together, the information fragments can be used to identify specific users, and when concentrated in the hands of a small number of companies, they have proven to be irresistibly convenient targets for those engaged in mass surveillance. Although the BADASS presentation appears to be roughly four years old, at least one player in the mobile advertising and analytics space, Google, acknowledges that its servers still routinely receive unencrypted uploads from Google code embedded in apps.

    For spy agencies, this smartphone monitoring data represented a new, convenient way of learning more about surveillance targets, including information about their physical movements and digital activities. It also would have made it possible to design more focused cyberattacks against those people, for example by exploiting a weakness in a particular app known to be used by a particular person. Such scenarios are strongly hinted at in a 2010 NSA presentation, provided by agency whistleblower Edward Snowden and published last year in The New York Times, Pro Publica, and The Guardian. That presentation stated that smartphone monitoring would be useful because it could lead to "additional exploitation" and the unearthing of "target knowledge/leads, location, [and] target technology."

    The 2010 presentation, along with additional documents from Britain's intelligence service Government Communications Headquarters, or GCHQ, showed that the intelligence agencies were aggressively ramping up their efforts to see into the world of mobile apps. But the specifics of how they might distill useful information from the torrent of internet packets to and from smartphones remained unclear.

    Encrypting Data in Transit

    The BADASS slides fill in some of these blanks. They appear to have been presented in 2011 at the highly secretive SIGDEV intelligence community conference. The presentation states that "analytics firm Flurry estimates that 250,000 Motorola Droid phones were sold in the United States during the phone's first week in stores," and asks, "how do they know that?"

    The answer is that during the week in question, Flurry uploaded to its own servers analytics from Droid phones on behalf of app developers, one phone at a time, and stored the analytics in their own databases. Analytics includes any information that is available to the app and that can conceivably help improve it, including, in certain instances with Flurry, the user's age and gender, physical location, how long they left the app open, and a unique identifier for the phone, according to Flurry materials included in the BADASS document.

    By searching these databases, the company was able to get a count of Droid phones running Flurry-enabled apps and, by extrapolating, estimate the total number of Droids in circulation. The company can find similar information about any smartphone that their analytics product supports.

    Not only was Flurry vacuuming sensitive data up to its servers, it was doing so insecurely. When a smartphone app collects data about the device it's running on and sends it back to a tracking company, it generally uses the HTTP protocol, and Flurry-enabled apps were no exception. But HTTP is inherently insecure-eavesdroppers can easily spy on the entire digital conversation.

    If the tracking data was always phoned home using the HTTPS protocol-the same as the HTTP protocol, except that the stream of traffic between the phone and the server is encrypted-then the ability for spy agencies to collect tracking data with programs like BADASS would be severely impeded.

    Yahoo, which acquired the analytics firm Flurry in late 2014, says that since acquiring the company they have "implemented default encryption between Flurry-enabled applications and Flurry servers. The 2010 report in question does not apply to current versions of Flurry's analytics product." Given that Yahoo acquired Flurry so recently, it's unclear how many apps still use Flurry's older tracking code that sends unencrypted data back to Yahoo's servers. (Yahoo declined to elaborate specifically on that topic.)

    The BADASS slides also use Google's advertisement network AdMob as an example of intercepted, unencrypted data. Free smartphone apps are often supported by ads, and if the app uses AdMob then it sends some identifying information to AdMob's servers while loading the ad. Google currently supports the ability for app developers to turn on HTTPS for ad requests, however it's clear that only some AdMob users actually do this.

    When asked about HTTPS support for AdMob, a Google spokesperson said, "We continue our ongoing efforts to encrypt all Google products and services."

    In addition to Yahoo's Flurry and Google's AdMob, the BADASS presentation also shows that British and Canadian intelligence were targeting Mobclix, Mydas, Medialets, and MSN Mobile Advertising. But it's clear that any mobile-related plaintext traffic from any company is a potential target. While the BADASS presentation focuses on traffic from analytics and ad companies, it also shows spying on Google Maps heartbeat traffic, and capturing "beacons" sent out when apps are first opened (listing Qriously, Com2Us, Fluentmobile, and Papayamobile as examples). The BADASS presentation also mentions capturing GPS coordinates that get leaked when opening BlackBerry's app store.

    In a boilerplate statement, GCHQ said, "It is longstanding policy that we do not comment on intelligence matters. Furthermore, all of GCHQ's work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight." Its Canadian counterpart, Communications Security Establishment Canada, or CSEC, responded with a statement that read, in part, "For reasons of national security, CSE cannot comment on its methods, techniques or capabilities. CSE conducts foreign intelligence and cyber defence activities in compliance with Canadian law."

    Julia Angwin, who has doggedly investigated online privacy issues as a journalist and author, most recently of the book "Dragnet Nation," explains that "every type of unique identifier that passes [over the internet] unencrypted is giving away information about users to anyone who wants it," and that "the evidence is clear that it's very risky to be throwing unique identifiers out there in the clear. Anyone can grab them. This is more evidence that no one should be doing that."

    Building Haystacks to Search for Needles

    The BADASS program was created not merely to track advertising and analytic data but to solve a much bigger problem: There is an overwhelming amount of smartphone tracking data being collected by intelligence agencies, and it's difficult to make sense of.

    First there are the major platforms: iOS, Android, Windows Phone, and BlackBerry. On each platform, a range of hardware and platform versions are in use. Additionally, app stores are overflowing; new apps that track people get released every day. Old apps constantly get updated to track people in different ways, and people use different versions of apps for different platforms all at once. Adding to the diversity, there are several different ad and analytics companies that app developers use, and when those companies send tracking data back to their servers, they use a wide variety of formats.

    With such an unwieldy haystack of data, GCHQ and CSEC, started the BADASS program, according to the presentation, to find the needles: information that can uniquely identify people and their devices, such as smartphone identifiers, tracking cookies, and other unique strings, as well as personally identifying information like GPS coordinates and email addresses.

    BADASS is an an acryonym that stands for BEGAL Automated Deployment And Survey System. (It is not clear what "BEGAL" stands for, in turn.) The slideshow presentation is called "Mobile apps doubleheader: BADASS Angry Birds," and promises "protocols exploitation in a rapidly changing world."

    Exploiting Protocols in a Rapidly Changing World

    Analysts are able to write BADASS "rules" that look for specific types of tracking information as it travels across the internet.

    For example, when someone opens an app that loads an ad, their phone normally sends an unencrypted web request (called an HTTP request) to the ad network's servers. If this request gets intercepted by spy agencies and fed into the BADASS program, it then gets filtered through each rule to see if one applies to the request. If it finds a match, BADASS can then automatically pull out the juicy information.

    In the following slide, the information that is potentially available in a single HTTP request to load an ad includes which platform the ad is being loaded on (Android, iOS, etc.), the unique identifier of the device, the IMEI number which cell towers use to identify phones that try to connect to them, the name and version of the operating system that's running, the model of the device, and latitude and longitude location data.

    Similar information is sent across the internet in HTTP requests in several different formats depending on what company it's being sent to, what device it's running on, and what version of the ad or analytics software is being used. Because this is constantly changing, analysts can write their own BADASS rules to capture all of the permutations they can find.

    The following slide shows part of the BADASS user interface, and a partial list of rules.

    The slideshow includes a section called "Abusing BADASS for Fun and Profit" which goes into detail about the methodology analysts use to write new BADASS rules.

    By looking at intercepted HTTP traffic and writing rules to parse it, analysts can quickly gather as much information as possibly from leaky smartphone apps. One slide states: "Creativity, iterative testing, domain knowledge, and the right tools can help us target multiple platforms in a very short time period."

    Privacy Policies That Don't Deliver

    The slides also appear to mock the privacy promises of ad and analytics companies.

    Companies that collect usage statistics about software often insist that the data is anonymous because they don't include identifying information such as names, phone numbers, and email addresses of the users that they're tracking. But in reality, sending unique device identifiers, IP addresses, IMEI numbers, and GPS coordinates of devices is far from anonymous.

    In one slide, the phrase "anonymous usage statistics" appears in conspicuous quotation marks. The spies are well aware that despite not including specific types of information, the data they collect from leaky smartphone apps is enough for them to uniquely identify their targets.

    The following slides show a chunk of Flurry's privacy policy (at this point it has been replaced by Yahoo's privacy policy), which states what information it collects from devices and how it believes this is anonymous.

    The red box, which is present in the original slides, highlights this part: "None of this information can identify the individual. No names, phone numbers, email addresses, or anything else considered personally identifiable information is ever collected."

    Clearly the intelligence services disagree.

    "Commercial surveillance often appears very benign," Angwin says. "The reason Flurry exists is not to 'spy on people' but to help people learn who's using their apps. But what we've also seen through Snowden revelations is that spy agencies seek to use that for their own purposes."

    The Web has the Exact Same Problems

    While the BADASS program is specifically designed to target smartphone traffic, websites suffer from these exact same problems, and in many cases they're even worse.

    Websites routinely include bits of tracking code from several different companies for ads, analytics, and other behavioral tracking. This, combined with the lack of HTTPS, turns your web browser into a surveillance device that follows you around, even if you switch networks or use proxy servers.

    In other words, while the BADASS presentation may be four years old, and while it's been a year and a half since Snowden's leaks began educating technology companies and users about the massive privacy threats they face, the big privacy holes exploited by BADASS remain a huge problem.

    Recommended Links

    Google matched content

    Softpanorama Recommended

    Top articles

    Oldies But Goodies

    Sites



    Etc

    Society

    Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers :   Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy

    Quotes

    War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotesSomerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose BierceBernard Shaw : Mark Twain Quotes

    Bulletin:

    Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 :  Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method  : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law

    History:

    Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOSProgramming Languages History : PL/1 : Simula 67 : C : History of GCC developmentScripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

    Classic books:

    The Peter Principle : Parkinson Law : 1984 : The Mythical Man-MonthHow to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Hater’s Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

    Most popular humor pages:

    Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor

    The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D


    Copyright © 1996-2021 by Softpanorama Society. www.softpanorama.org was initially created as a service to the (now defunct) UN Sustainable Development Networking Programme (SDNP) without any remuneration. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.

    FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.

    This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...

    You can use PayPal to to buy a cup of coffee for authors of this site

    Disclaimer:

    The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the Softpanorama society. We do not warrant the correctness of the information provided or its fitness for any purpose. The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

    Last modified: March, 29, 2020