Tag: 1984 was a Warning not a Blueprint

It Was Snowden All Along

In 2013 the Federal Bureau of Investigations (FBI) demanded Ladar Levison hand over the TLS keys to his Lavabit service. He did comply, by providing the key printed out in small text, but also shutdown his service instead of letting the key be used to snoop on his customers. The FBI threw a hissy fit over this and even threatened to kidnap Levison for shutting down his business. But one question that always remained was who the FBI was after. Everybody knew it was Edward Snowden but there was no hard evidence… until now.

Court documents related to the Lavabit case have been released. The documents are naturally heavily redacted but the censors missed a page:

In court papers related to the Lavabit controversy, the target of the investigation was redacted, but it was widely assumed to be Edward Snowden. He was known to have used the service, and the charges against the target were espionage and theft of government property, the same charges Snowden faced.

Now, what was widely assumed has been confirmed. In documents posted to the federal PACER database this month, the government accidentally left his e-mail, “Ed_snowden@lavabit.com,” unredacted for all to see. The error was noted by the website Cryptome earlier this week, and Wired covered it yesterday.

This revelation didn’t tell us anything we didn’t know before but it’s nice to have hard evidence in hand. Now we know with certainty that the FBI completely destroyed a business as retaliation for having Snowden as a customer. I say this was retaliatory because the court documents [PDF] clearly show that Levison was willing to cooperate with the FBI by surveilling the single target of the order. However, the FBI decided it would accept nothing less than the surrender of Lavabit’s TLS key.

Had the FBI been reasonable it would have had its tap. Instead its agents decided to be unreasonable fuckheads, which forced Levison to shutdown his business entirely instead of putting thousands of innocent users at risk. This case is also a lesson in never cooperating with terrorists. Levison offered to cooperate and still had his business destroyed. When the FBI comes to your door you should refuse to cooperate in any way. Cooperating will not save you. The only difference between cooperating and refusing to cooperate is that in the case of the latter your business will be shutdown before innocent users are put at risk.

Obama To South By Southwest: Fuck Your Privacy

I normally don’t follow South by Southwest too much but when Obama takes the stage to talk about privacy I can’t help but take note. Unfortunately his speech wasn’t surprising. It could be summed up as fuck your privacy:

President Barack Obama called on the tech community to build a safe encryption key to assist in law enforcement investigations, saying that if it failed, it could one day face a more draconian solution passed by a Congress that is less sympathetic to its worldview. The president said he could not comment on the FBI’s current fight with Apple over its demand that the company build software to unlock data on an iPhone used by one of the alleged San Bernardino shooters. But he spoke broadly about the need to balance privacy and security, and warned that absolutist views on both sides are dangerous.

Balance, in the case of privacy and security, means people like you and me get shitty crypto that the government, and anybody else with the master key, can break while the government gets to enjoy crypto we can’t break.

Obama warned against an absolutist view but crypto belongs to one of those very few things in the universe that is either black or white. There is no gray. Crypto is either effective, that is to say it has no known methods of attack that are faster than brute force, or it is ineffective. I’ve written extensively on this blog as to why this is.

The biggest problem with a master key is that anybody who holds that key can decrypt any data encrypted with a scheme that key can work for. If every iPhone was setup to decrypt the data with the government’s master key it would only be a matter of time, probably an alarmingly short period of time, before the key was leaked to the Internet and everybody in the world had the ability to decrypt any iPhone at will.

So we need an absolutist view because it’s the only view that offers any amount of security. But Obama heads one of the largest surveillance states in the world so it’s no surprise that he holds a total disregard for the security of us little people.

The Most Transparent Government In History

Nearly a decade ago Obama was campaigning on a platform of, amongst other things, transparency. After 9/11 the Bush administration went full Orwell (you never go full Orwell) and people were demanding change. Obama promised to deliver that change. But history repeated itself as it so often does. Like every other politician before him, Obama failed to deliver on most of the promises he made. He not only failed to deliver on his promises but he actually expanding what Bush was doing.

Decades will likely pass before we learn the full extent of the current administration’s expansions to the surveillance state. However, bits and pieces are already leaking out. A recent Freedom of Information Act (FOIA) request produced a wealth of information on how the current administration has been working to undermine FOIA requests:

The Obama administration has long called itself the most transparent administration in history. But newly released Department of Justice (DOJ) documents show that the White House has actually worked aggressively behind the scenes to scuttle congressional reforms designed to give the public better access to information possessed by the federal government.

The documents were obtained by the Freedom of the Press Foundation, a nonprofit organization that supports journalism in the public interest, which in turn shared them exclusively with VICE News. They were obtained using the Freedom of Information Act (FOIA) — the same law Congress was attempting to reform. The group sued the DOJ last December after its FOIA requests went unanswered for more than a year.

The documents confirm longstanding suspicions about the administration’s meddling, and lay bare for the first time how it worked to undermine FOIA reform bills that received overwhelming bipartisan support and were unanimously passed by both the House and Senate in 2014 — yet were never put up for a final vote.

It’s a lengthy article detailing several different ploys made by Obama’s administration in its quest to establish the most opaque government in history.

While the FOIA has revealed a great deal of the State’s dirty laundry it has always been a limited tool. When it was written a number of exemptions were included. Basically, at the judgement of the State, FOIA requests can be denied under several justifications. A FOIA request only reveals what the State is willing to reveal. However, the higher ups in the State have recognized that even with the number of exemptions put in place a lot of embarrassing information is still becoming public. That being the case, it’s not surprising to see the current administration working to add further restrictions on top of a bill that already includes numerous restrictions.

There is a lesson to be learned here. No matter what promises a politician makes up front they will almost invariably go unfulfilled if they win an election. Power seems terrible until you have it. Before becoming president I’m better Obama was being sincere in many of his promises. But when he gained the power he likely realized how good it felt. This is also why reforming the system through the voting process is doomed to fail. Even the most honest individuals can be corrupted with enough power.

Dianne Feinstein Planning To Propose Legislation To Enslave Tech Workers

Dianne Feinstein may be the Devil incarnate. Whenever there’s a glimmer of freedom slipping through the statists’ fingers she’s there to tighten the grip. Seeing Apple being allowed to fight the Federal Bureau of Investigation’s (FBI) demand to write a compromised version of iOS, Feinstein is rushing in with legislation that will punish disobedient companies:

WASHINGTON (Reuters) – Technology companies could face civil penalties for refusing to comply with court orders to help investigators access encrypted data under draft legislation nearing completion in the U.S. Senate, sources familiar with continuing discussions told Reuters on Wednesday.

The long-awaited legislation from Senators Richard Burr and Dianne Feinstein, the top Republican and Democrat on the Senate Intelligence Committee, may be introduced as soon as next week, one of the sources said.

Let’s call this proposal what it is: slavery. Under this legislation device manufacturers would be required to either perform labor when commanded or face severe punishment.

There should never be a circumstance under which you are forced to perform labor against your will. If law enforcers want to unlock a device and the manufacturer doesn’t want to help then they should be required to either do it themselves or hire somebody who wants to do it. But that’s a basic market principle and statism is the antithesis of the market.

Brining Fascism Back To Europe

You would think Europe would have learned its lesson about fascism during World War II. Of all the nations of Europe, you would expect France to have especially learned its lesson since it suffered under the boot of Nazi Germany for quite some time. Yet, in a rather ironic twist, France is leading the way to the fascism revival on that continent:

French parliamentary deputies, defying government wishes, have voted in favour of penalising smartphone makers which fail to cooperate in terrorism inquiries, entering a controversy that has pitted the FBI against Apple in the United States.

The move came in the form of an amendment to a penal reform bill that was receiving its first reading in parliament.

Part of me appreciates France’s honesty in its pursuit of absolute power over its people. While I completely disagree with such a philosophy I do prefer an opponent who is honest about their intentions. On the other hand, an honest government is often the most terrifying kind. When the State no longer sees a need to even pay lip service to the rights of individuals it quickly begins perpetrating heinous act after heinous act.

It’ll be interesting if this bill manages to pass into law. I’m sure the French government foresees it as an effective means of compelling smartphone manufacturers to kowtow to law enforcers. But it will likely convince smartphone manufacturers to take their business elsewhere. I can’t imagine many CEOs willing to risk being kidnapped because their company’s devices used effective cryptography. Especially when there are so many other countries around the world willing to take in money making companies.

The Busses Have Ears

Surveillance is pervasive in our society. You can hardly walk down a street without some nosey camera recording your movements or ride public transportation without some snoopy microphone recording your conversation:

MTA began using recording devices inside some of its buses in 2012, without seeking legislative approval. Nearly 500 of its fleet of 750 buses now have audio recording capabilities. Officials say the devices can capture important information in cases of driver error or an attack or altercation on a bus.

They can also record conversations so they can later be requested by law enforcers looking to nail somebody to a cross. The dangers of pervasive surveillance are almost always understated by statists. Surveillance fetishists always justify their spying by claiming it’ll protect the children, thwart terrorism, or otherwise help combat some overblown concern. What they leave out is that the data is also available to prosecute nonviolent individuals.

Imagine if two people were making a peaceful drug transaction on one of these surveillance buses. Without the microphones in place the transaction would probably go unnoticed. But because the data exists it would only take one law enforcer or concerned citizen to listen to it to turn that previously peaceful transaction into a violent home raid.

Surveillance is dangerous precisely because law enforcers are willing to use any collected data to ruthlessly enforce victimless crimes. That’s a reality that is never mentioned by the surveillance state’s proponents.

Brazilian Government Unable To Break WhatsApp’s Encryption, Retaliates By Kidnapping A Facebook Employee

This may be a preview of things to come here. The Brazilian government is a bit peeved that it is unable to bypass WhatsApp’s encryption. Furthermore, it has been unable to convince Facebook, the owner of WhatsApp, to include a backdoor in the software. In what appears to be an act of retaliation the government has decided to harass Facebook by kidnapping one of its employees:

The arrest was made at the request of officials from the state of Sergipe, in Brazil’s north-east. In a statement, the federal police said Facebook/WhatsApp had repeatedly failed to comply with court orders relating to an organized crime and drug-trafficking investigation.

[…]

WhatsApp said in a statement that it was disappointed at the arrest and is unable to provide information it does not have, due to the architecture of its service. “We cooperated to the full extent of our ability in this case and while we respect the important job of law enforcement, we strongly disagree with its decision,” the unit said.

I wish companies would stop including all the nonsense about understanding the important job of law enforcement. Enforcing laws isn’t important. Providing justice to victims is important but that’s not what law enforcers primarily do.

What makes this kidnapping even weirder is that WhatsApp is apparently a separate operational entity from Facebook so the Brazilian government didn’t even kidnap a person who is in any way responsible for the app:

Facebook issued a distinct statement, noting that WhatsApp is operationally separate from the mothership, making the arrest of a Facebook exec “extreme and disproportionate.”

This is what it looks like when a government throws a temper tantrum. Hopefully the Brazilian government will release the poor schmuck it kidnapped. Although it wouldn’t surprise me (OK, it would surprise me a little bit) if it decided to threaten to kill him if Facebook didn’t give in to its demands. Either way, if I were Facebook I’d strongly consider moving all operations out of Brazil. Operating in that country has obviously become a liability.

The Public-Private Surveillance Partnership Strike Again

As a history buff Ancestry.com has always interested me. I’d love to trace back my family lineage. But the public-private surveillance partnership has held me back.

I figured it was only a matter of time until government agents began demanding genetic records from services like Ancestry.com and 23andMe. Once again my paranoia turned out to be prophetic (not because I’m so smart but because it was so bloody obvious):

Now, five years later, when 23andMe and Ancestry both have over a million customers, those warnings are looking prescient. “Your relative’s DNA could turn you into a suspect,” warns Wired, writing about a case from earlier this year, in which New Orleans filmmaker Michael Usry became a suspect in an unsolved murder case after cops did a familial genetic search using semen collected in 1996. The cops searched an Ancestry.com database and got a familial match to a saliva sample Usry’s father had given years earlier. Usry was ultimately determined to be innocent and the Electronic Frontier Foundation called it a “wild goose chase” that demonstrated “the very real threats to privacy and civil liberties posed by law enforcement access to private genetic databases.”

[…]

Both Ancestry.com and 23andMe stipulate in their privacy policies that they will turn information over to law enforcement if served with a court order. 23andMe says it’s received a couple of requests from both state law enforcement and the FBI, but that it has “successfully resisted them.”

As a general rule I’m wary of any service that collects information the State wouldn’t normally have. I know any personal information collected on me by a service provider is a single court order away from being in the hands of the State.

This is a problem many libertarians fail to fully realize. They make a stark distinction between corporate and government surveillance and fail to realize the former becomes the latter at the whim of a judge. If it wasn’t for the State’s power to obtain private records I wouldn’t be as concerned with corporate surveillance since companies aren’t in a habit of sending armed goons to my door to shoot my dog and kidnap me.

Legalizing Slavery

The United States has a long history of slavery. Since the very beginning of this country through the end of the Civil War black individuals could be owned as slaves in many states. After that the rules were changed. Private ownership of slaves was deemed illegal (a very good thing) but the State gave itself permission to enslave anybody it arbitrarily labeled as a criminal (a very bad thing). Eventually the process was streamlined and Federal Prison Industries (UNICOR) was created so manage the federally owned slaves. Individual states used this precedence to establish their own government owned corporations to managed their slaves.

Now a congressman is looking to change the rules yet again by expanding the State’s ability to own slaves. If passed, this bill will allow the State to enslave anybody by issuing a simple court order:

Sen. Richard Burr (R-North Carolina), the chairman of the Senate Intelligence Committee, reportedly will introduce legislation soon to criminalize a company’s refusal to aid decryption efforts as part of a governmental investigation. The news was first reported Thursday afternoon by the Wall Street Journal.

Aiding decryption efforts requires labor. In the San Bernardino case the Federal Bureau of Investigations (FBI) is order Apple to create a custom version of iOS that removes several key security features. Apple has refused and it has every right to do so because nobody should be compelled into performing labor against their will. If the FBI wants the phone unlocked so badly it can either put in the effort itself or hire somebody willing to try.

We’re living in interesting times. The State is seeing less and less reason to conceal its intentions.

Doublethink

In George Orwell’s Nineteen Eighty-Four doublethink is described as, “The power of holding two contradictory beliefs in one’s mind simultaneously, and accepting both of them… To tell deliberate lies while genuinely believing in them, to forget any fact that has become inconvenient, and then, when it becomes necessary again, to draw it back from oblivion for just as long as it is needed, to deny the existence of objective reality and all the while to take account of the reality which one denies – all this is indispensably necessary.” That is the most accurate term to describe the White House’s claim that what the Federal Bureau of Investigations (FBI) is demanding of Apple isn’t a back door:

The White House says a court ruling asking Apple to help the FBI access data on a phone belonging to the San Bernardino gunman does not mean asking for a “back door” to the device.

By definition a backdoor, as it pertains to security, is a purposely placed mechanism that allows an unauthorized party to bypass security measures. What the FBI is asking Apple to develop is a special version of iOS that attempts to brute force the device’s password and doesn’t contain the increasing timed lockout functionality when entering incorrect passwords or the functionality that erases the phone after 10 incorrect passwords have been entered. The FBI is asking for a backdoor.

Just because the FBI is demanding this special firmware for a specific iPhone doesn’t mean the firmware isn’t a backdoor. But through the magic of doublethink the White House is able to claim what the FBI is demanding isn’t a backdoor.