Tag: 1984 was a Warning not a Blueprint

Never Call the Police

A lesson that bears repeating time and time again is that you should never call the police. Why? Because police forces are heavily populated with psychopaths who will make matters worse more often than not. Take this example. A woman called the police to investigate a car she and her roommate suspected was stolen. What did the police do when they arrive? Shot her dog, of course:

JONES COUNTY, GA — A woman says that her ten-month old puppy was shot in the head after asking officers not to shoot it — twice.

On September 22, Anna “Chrissy” Music-Peed, of Macon, GA, drove to the Jones County Sheriff’s Department to request an officer come to and investigate a vehicle that had been brought to her property by an acquaintance, that both she and her roommate strongly suspected to have been stolen. Music told policestateusa.com that it was a Nissan Xterra from Virginia Beach, VA. As Music wrote in a blog post, “I will not have that influence around my family,” saying she was trying to do the right thing by making a report. The acquaintance was still on the property and Music had not let on that she had gone to talk to the police.

Modern policing in the United States looks more like Judge Dredd than Andy Griffith. It seems as though one cannot call the police without somebody or something getting shot as a result. I believe part of this is due to the fact that police officers are seldom held accountable for misdeeds. Hell, in Minneapolis there have been 439 complaints filed against its police department and not a single disciplinary action has come of it. You can see how such an environment would attract psychopaths looking for a way to hurt people without getting punished.

The Legal Issue Regarding Fingerprints

I have mixed feelings about the iPhone 5S’s fingerprint reader. On the one hand I believe it would encourage users to enable the security features on their phones. On the other hand it makes things easier for law enforcement because forcing somebody’s finger onto a reader is much easier than coercing their password out of them. As it turns out there may be additional legal issues regarding Apple’s fingerprint reader:

Courts have given mixed messages about whether Americans are protected from being forced to divulge passwords or decrypt information for law enforcement officials. Civil liberties advocates argue defendants shouldn’t have to unlock their own computers for the cops. The logic: Under the Fifth Amendment, Police can’t force you to self-incriminate by testifying, or divulging something in your mind.

It’s unclear if that same protection applies if the password is your fingerprint.

“A fingerprint is entitled to less constitutional protection than a password known in your mind,” said Hanni Fakhoury, a staff attorney at the Electronic Frontier Foundation in San Francisco. “If police arrest you and ask you for a password, you could refuse and they’d be hard pressed to force you to divulge the password.”

Of course, police already collect fingerprints after booking a suspect. And the Supreme Court has also held that police don’t need a search warrant to collect fingerprints.

The combination of being able to collect fingerprints without a search warrant and the east of which a person’s finger can be forced onto a scanner creates a dangerous legal environment. It’s not stretch of the imagination to think of a situation where a police officer forces a suspects finger onto their phone’s scanner, finds incriminating evidence, and makes an arrest based on that evidence. During the court battle the office would argue that he is allowed to collect fingerprints without a search warrant, which is what he did.

General Alexander’s High-Budget B-Rated Starship Enterprise

If ever there was a reason to think Keith Alexander, head of the National Security Agency (NSA), was insane the recently leaked photographs of his Information Dominance Center (yes, that’s its actual name) would be it:

It has been previously reported that the mentality of NSA chief Gen. Keith Alexander is captured by his motto “Collect it All”. It’s a get-everything approach he pioneered first when aimed at an enemy population in the middle of a war zone in Iraq, one he has now imported onto US soil, aimed at the domestic population and everyone else.

But a perhaps even more disturbing and revealing vignette into the spy chief’s mind comes from a new Foreign Policy article describing what the journal calls his “all-out, barely-legal drive to build the ultimate spy machine”. The article describes how even his NSA peers see him as a “cowboy” willing to play fast and loose with legal limits in order to construct a system of ubiquitous surveillance. But the personality driving all of this – not just Alexander’s but much of Washington’s – is perhaps best captured by this one passage, highlighted by PBS’ News Hour in a post entitled: “NSA director modeled war room after Star Trek’s Enterprise”.

BRB Going to Space 1

BRB Going to Space 2

That thing looks like a Bollywood ripoff of the Starship Enterprise’s deck. I half expect several prominent Indian actors to appear periodically to perform random musical numbers and the crew to engage men wearing green rubber masks in an attempt to pass themselves off as aliens. What makes this depressing is that the Information Dominance Center looks Bollywood but has a cost that more accurate reflects Hollywood. It’s like somebody was given a massive budget and ended up turning out a shitty movie. I wonder if Kevin Costner is part of General Alexander’s command.

Perhaps it’s time to fun the construction of a great spaceship for Mr. Alexander. Even I would support such a project because it would give Mr. Alexander the spaceship he wants and get him off of my planet. That’s a win-win scenario if there ever was one.

Sharing Your Data with Everybody

Glenn Greenwald has become one of my favorite journalists. His scathing stories about the National Security Agency (NSA) are almost a daily thing now. The latest one has to be one of the best though. As it turns out, the NSA isn’t simply collecting information on every man, woman, and child in the United States. They’re also sharing that information with Israel:

Details of the intelligence-sharing agreement are laid out in a memorandum of understanding between the NSA and its Israeli counterpart that shows the US government handed over intercepted communications likely to contain phone calls and emails of American citizens. The agreement places no legally binding limits on the use of the data by the Israelis.

The disclosure that the NSA agreed to provide raw intelligence data to a foreign country contrasts with assurances from the Obama administration that there are rigorous safeguards to protect the privacy of US citizens caught in the dragnet. The intelligence community calls this process “minimization”, but the memorandum makes clear that the information shared with the Israelis would be in its pre-minimized state.

Why not? We share everything with Israel including fighter jets and palettes of money. At this point we might as well share private information about the people living here as well. I’m sure it makes Israel’s interrogation of American citizens entering their country easier.

This story does go to show how quickly information can circulate. As soon as you tell one other person a secret that secret can spread infinitely. Anonymity is important because it disconnects you from circulating data. You may not be able to control how quickly a secret spreads but, if you are able to initially share that secret anonymously, you may be able to prevent it from being tied to you. Once again I find myself stressing the need to use cryptographic and anonymizing tools. It’s not just the United States government that has access to your information. The NSA is sharing its information with at least one foreign country and it’s highly probably that we’ll learn that it’s sharing its information with other foreign governments.

Julian Assange is Tracking Spyware Contractors

Another weapon we have against the state’s surveillance apparatus is Julian Assange. Mr. Assange, through his Wikileaks project, has provided a platform whistle blowers can use to leak information and remain anonymous. Wikileaks has now announced another project called the Wikileaks Counterintelligence Unit, which will attempt to actively surveil surveillance contractors:

The inaugural release zeroes in on 19 different contractors as they travel visit countries like Bahrain, Kazakhstan, Spain, and Brazil. The location data displays only a time stamp and a country for each entry, but occasionally displays the message, “phone is currently not logged into the network,” indicating the data likely comes from some kind of cell-tracking service. The contractors in question work for Western companies like Gamma International, designer of the infamous FinFisher spyware tool — and as with previous Wikileaks releases marked as “Spy Files,” readers will also find marketing brochures for surveillance products to intercept and monitor web traffic.

I think this is a great idea and needs to be expanded. It would be great if we could eventually do to the surveillance apparatus what it has done to us. Imagine a world where anybody working to spy on us, whether they be private contractors or public National Security Agency (NSA) employees, was being spied on 24/7. Perhaps losing all sense of privacy would be enough to discourage people from working for these bastards.

Protect Yourself from the NSA

As I said, those of us who dwell on the Internet aren’t going to take the NSA and GCHQ’s attack lightly. We have more firepower than they realize and have unleashed one of our best weapons, Bruce Schneier. Mr. Schneier has been working with Mr. Greenwald for the last two weeks and has written a short list of things, based on the information provided by Mr. Snowden, you can do to keep yourself secure online:

1) Hide in the network. Implement hidden services. Use Tor to anonymize yourself. Yes, the NSA targets Tor users, but it’s work for them. The less obvious you are, the safer you are.

2) Encrypt your communications. Use TLS. Use IPsec. Again, while it’s true that the NSA targets encrypted connections – and it may have explicit exploits against these protocols – you’re much better protected than if you communicate in the clear.

3) Assume that while your computer can be compromised, it would take work and risk on the part of the NSA – so it probably isn’t. If you have something really important, use an air gap. Since I started working with the Snowden documents, I bought a new computer that has never been connected to the internet. If I want to transfer a file, I encrypt the file on the secure computer and walk it over to my internet computer, using a USB stick. To decrypt something, I reverse the process. This might not be bulletproof, but it’s pretty good.

4) Be suspicious of commercial encryption software, especially from large vendors. My guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well. It’s prudent to assume that foreign products also have foreign-installed backdoors. Closed-source software is easier for the NSA to backdoor than open-source software. Systems relying on master secrets are vulnerable to the NSA, through either legal or more clandestine means.

5) Try to use public-domain encryption that has to be compatible with other implementations. For example, it’s harder for the NSA to backdoor TLS than BitLocker, because any vendor’s TLS has to be compatible with every other vendor’s TLS, while BitLocker only has to be compatible with itself, giving the NSA a lot more freedom to make changes. And because BitLocker is proprietary, it’s far less likely those changes will be discovered. Prefer symmetric cryptography over public-key cryptography. Prefer conventional discrete-log-based systems over elliptic-curve systems; the latter have constants that the NSA influences when they can.

Mr. Schneier does rightly point out that many Internet users aren’t currently capable of doing all of these things. To those of you who don’t know how to use the above mentioned tools, learn. Information on all of the tools Mr. Scheneier mentioned is freely available online. If you’re still having trouble I’m more than happy to help. Shoot me an e-mail at blog [at] christopherburg [dot] com and I’ll give you as much assistance as I can. Together we can push back against the state’s surveillance apparatus and return the Internet to its original form, a network where those wanting to remain anonymous can do so.

How The NSA and GCHQ Defeat Privacy

Glenn Greenwald has done it again. With the help of Edward Snowden he has been buy leaking many of the National Security Agency’s (NSA) dirty little secrets. Yesterday he dropped another bomb as he laid out the methods used by the NSA and British Government Communications Headquarters (GCHQ) to destroy online privacy:

US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden.

[…]

The files, from both the NSA and GCHQ, were obtained by the Guardian, and the details are being published today in partnership with the New York Times and ProPublica. They reveal:

• A 10-year NSA program against encryption technologies made a breakthrough in 2010 which made “vast amounts” of data collected through internet cable taps newly “exploitable”.

• The NSA spends $250m a year on a program which, among other goals, works with technology companies to “covertly influence” their product designs.

• The secrecy of their capabilities against encryption is closely guarded, with analysts warned: “Do not ask about or speculate on sources or methods.”

• The NSA describes strong decryption programs as the “price of admission for the US to maintain unrestricted access to and use of cyberspace”.

• A GCHQ team has been working to develop ways into encrypted traffic on the “big four” service providers, named as Hotmail, Google, Yahoo and Facebook.

I think the most important thing to note is that, from the information leaked, it doesn’t appear as though the NSA or the GCHQ have actually broken common encryption algorithms. In cryptography terms an encryption algorithm is only broken if an attack finds a method of decrypting data encrypted with that protocol faster than can be done via brute force (guessing every possible decryption key). What the NSA and GCHQ are doing is buying off commercial entities to insert back doors into their security products. Keep this in mind as major media outlets wrongly (as far as we know) begin reporting about how the NSA is able to break all known encryption algorithms.

None of the information in this latest leak surprises me. It’s been apparent for a while that the state’s surveillance apparatus has been relying on a fascist marriage between private and public entities. The game is afoot and the NSA and GCHQ believe they can wage war on the Internet without suffering repercussions. Those of us who dwell may not be as agreeable as they think.

Some Suckers Invited Me to Participate in a Privacy Panel

Through, what I can only assume is, a complete lapse in judgement, I have been invited to participate in a panel discussion on privacy and surveillance later tonight (sorry for the late notice, the Facebook event was only posted last night). For those of you who don’t have access to Facebook the event will occur today, September 4th, at 19:00. The discussion will be held at 4200 Cedar Avenue in Minneapolis, Minnesota.

Although the details I have been given are slim, I do know that the panel discussion will center around the current state of privacy and surveillance. In other words, it should be entertaining. I do promise to bring a notable level of weirdness along with a fair amount of serious business (if you’ve ever heard me speak you know what to expect). Hopefully I’ll see some of you there.

The Vietnamese Government Doesn’t Understand How the Internet Works

I’m a fan of saying that statism is synonymous with halting progress. Statists always attempt to curtail advancements by forcing them into preconceived notions. A classic example of this mentality can be found in stories involving Japanese Samurai. Many works note that the Samurai believed firearms to be dishonorable weapons. Such a mentality made sense to an individual who spent decades learning the art of swordsmanship. All of the time spent mastering the sword became irrelevant when some peasant with little training could strike from many yards away. Instead of realizing that technology had advanced to a point where the importance of the sword was diminished, a master swordsman would be apt to argue that firearms aren’t honorable. Why change yourself when you can force everybody else to change to suit your desires?

Today we’re seeing this with the emergence of the Internet. Statists are trying to confine the Internet to their preconceived notions. They don’t believe anybody with a blog can be a journalist because journalists have traditionally been individuals who work for centralized state-recognized news organization. They don’t want to acknowledge that crypto-currencies are real currencies because it goes against their belief that money must be centrally issued paper notes. This is what leads governments around the world to implement stupid laws like this:

A controversial law banning Vietnamese online users from discussing current affairs has come into effect.

The decree, known as Decree 72, says blogs and social websites should not be used to share news articles, but only personal information.

The law also requires foreign internet companies to keep their local servers inside Vietnam.

A government could only issue such a decree if it lacked an understanding of how the Internet works. Enforcing laws requires that you can identify offenders. The beauty of the Internet is that one can maintain anonymity if they desire. How can the Vietnamese government enforce laws regulating blogs if those blogs are created on a computer that is connected to a random wireless network under a pseudonym and hosted on a location hidden service? Statists can pass whatever laws they want but reality isn’t going to reform itself to make enforcement of those laws possible.

The State’s “Black Budget”

When looking at the federal budget most self-proclaimed fiscal conservatives focus on money spent on the military, Medicare and Medicare, and Social Security. Those three items can give you an idea about the scale of government spending but it’s the specific items that can give you the juicy details. For example, thanks for Edward Snowden we know what the federal government’s “black budget” of $52.6 billion is being spent on:

The $52.6 billion “black budget” for fiscal 2013, obtained by The Washington Post from former intelligence contractor Edward Snowden, maps a bureaucratic and operational landscape that has never been subject to public scrutiny. Although the government has annually released its overall level of intelligence spending since 2007, it has not divulged how it uses those funds or how it performs against the goals set by the president and Congress.

The 178-page budget summary for the National Intelligence Program details the successes, failures and objectives of the 16 spy agencies that make up the U.S. intelligence community, which has 107,035 employees.

The Washington Post has censored the information they made available after consulting the government. That, in of itself, tells you a lot about the relationship media outlets have with the state. But the items made available are interesting. For example, a notable amount of money is being spent by the Central Intelligence Agency (CIA) and National Security Agency (NSA) to break into the computer systems of foreign nations. I’m sure those dollars are generating all kinds of hatred towards this country.

I would advise reading the entire article if you’re interested in either government spending or government spying. Detailed budget items tell a far better story if you’re interested in fiscal matters and knowing how much the government spends on various spying operations gives you some kind of idea of how pervasive the overall operation is.