Snoopers Charter Could Have Harmful Effect on Smaller Businesses

Previously we’ve reported on the Snooper Charter (the official name of which is the Investigatory Power Bill). The focus for the snooper charter has been on large companies, with groups like Facebook and Microsoft coming out with some observations over just how bad an impact the charter might have on companies working in the UK. Even  the NSA’s ex-director warned that it could “kill people”. Worst may be yet to come, with Theresa May clarifying not only the extent, but also that the Snooper Charter could cost a lot more than initially thought.

Theresa May stated the cost of the snooper charter may, in fact, exceed the original estimate of 240 million pounds. With companies like EE and Vodaphone saying that the cost to them may be that figure alone in order to meet the bill’s requirements.

One of the initial thoughts regarding the bill was that small-scale internet providers might be excluded from the requirement, but this isn’t the case. The defence and security industries, alongside the information commissioner, asked for a “sunset clause”. This clause would mean that after five to seven years the bill would be revisited because of the rapid pace of technological change, May rejected this thought saying that the bill was fit for a rapidly changing world and was “technology neutral”.

An issue brought up by groups like Facebook and Microsoft was the dealing of extra-territorial warrants. In the current bill, a notice could be provided to a company with employees in the UK for data stored abroad, a topic which has been at the forefront of data request issues for years now.

It was then asked if the government would have a limit on the finances available, the answer to which was that they were going to work on a “cost recovery basis”. This means that  companies could seek back the cost for installing the hefty systems needed and that they will “have reasonable cost recovery when we require these companies to provide these capabilities”. Not only could the bill mean worrying levels of powers and data stored about people, but it also seems like we will also be footing the bill for it.

Ex-NSA Director Warns UK Snooper’s Charter Will Kill People

The former Technical Director of the NSA has warned that should the UK Investigatory Powers Bill – nicknamed the Snooper’s Charter – pass into law that it will result in the deaths of innocent people. Bill Binney says that the sheer quantity of information that GCHQ analysts will be forced to sift through will actually distract them from protecting citizens, leaving the country more vulnerable to attack.

“It is 99 per cent useless,” Binney said in a letter to MPs leaked by human rights group Liberty (via InfoSecurity). “Who wants to know everyone who has ever looked at Google or the BBC?  We have known for decades that that swamps analysts,” adding that mass surveillance “costs lives, and has cost lives in Britain because it inundates analysts with too much data.”

While mass surveillance data has proved useful in the aftermath of, say, the World Trade Center attacks, to provide further background on the perpetrators, Binney argues that the act of collecting that data makes such an attack more likely to slip through the net.

“The net effect of the current approach is that people die first, even if historic records sometimes can provide additional information about the killers (who may be deceased by that time),” Binney wrote. “The alternative approach based on experience is to use social networks as defined by metadata relationships and some additional rules to smartly select data from the tens of terabytes flowing by.  This focused data collected around known targets plus potential developmental targets and represented a much smaller set of content for analysts to look through.”

Binney, who left the NSA in 2011 in protest at its mass surveillance program and became a whistleblower, will be speaking to MPs at the Joint Committee today (6th January) about the ineffectiveness of GCHQ’s BLACK HOLE data collection system which will support the IP Bill.

Image courtesy of The Independent.

Congressman on One-Man Mission to Repeal CISA

The Cybersecurity Information Sharing Act, the controversial bill that allows intelligence agencies the power to obtain user data from companies beyond the rule of law, was signed off by President Obama a fortnight ago after being forcibly bundled with a vital Federal funding bill – together known as the “Omnibus” bill – that was guaranteed to pass. One man, however, intends to challenge this chicanery, even if he has to do it alone.

Republican Congressman Justin Amash plans to introduce legislation to remove the controversial CISA from the Omnibus bill, branding it “unconstitutional”:

Amash later released a statement regarding the above tweet to The Daily Dot. “Many of my colleagues remain unaware that a massive surveillance bill was snuck into the omnibus,” Amash said. “And if they are aware, they may have been misled into believing this bill is about cybersecurity.”

Amash has been a vocal opponent of CISA ever since the bill was muted, even before it formed a part of the Omnibus bill, branding it “anti-privacy legislation.” While Congress ultimately passed the bill, the Congressman – who also opposed the Patriot Act and failed in an attempt to strip powers from the NSA following the Snowden leaks in 2013 – feels he has a right to at least challenge its inclusion in Omnibus when reconvenes in January.

NSA and GCHQ Worked Together to Hack Juniper Firewalls

Spies from the UK intelligence services worked with the US National Security Agency to hack firewalls developed by top internet security firm Juniper Networks, according to documents leaked by NSA whistleblower Edward Snowden. GCHQ, wanting to crack Juniper’s encryption, specifically sought help from the NSA for that task, Russia Today reports. A series of secret documents, dating back to 2011, show that the pair were complicit in targeting Juniper – an industry leader in firewall technology in certain parts of the world – to compromise its systems.

The first document, entitled “Assessment of Intelligence Opportunity – Juniper”, outlines how GCHQ and NSA targeted Juniper in order to maintain its mass surveillance programs without being impeded.

“The threat comes from Juniper’s investment and emphasis on being a security leader,” the document reads. “If the SIGINT community falls behind, it might take years to regain a Juniper firewall or router access capability if Juniper continues to rapidly increase their security.”

The documents also shed light on why Juniper specifically was chosen as GCHQ’s prey: its firewalls are popular in countries Pakistan, Yemen, and China, all of which are of great interest to US and UK intelligence.

Snowden himself commented on the story, tweeting that the story had seemingly been suppressed by US news outlets.

HTTP/2 Opens New Connections With the Word ‘PRISM’

Since whistleblower Edward Snowden revealed the extent of the US National Security Agency’s mass surveillance program, the word Prism has taken on a sinister meaning. The NSA’s PRISM program collected the internet communications of its citizens via nine major internet companies, including Google, Microsoft, Apple, and Yahoo. Now, John Graham-Cumming, a British coder and tech writer, has discovered a curious quirk within HTTP/2 connections: the opening protocol contains the word PRISM.

This is how HTTP/2 connection protocols begins, when unravelled from a 24-octet sequence:

PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n

Otherwise written as:

PRI * HTTP2.0

SM

The verb PRI was, until 8th July, 2013, FOO. What happened during the Summer of 2013 to motivate such a change? Edward Snowden’s NSA leak. Coincidence?

While conspiracy theorists could have a field day with the revelation, it seems to be little more than a sly Easter egg included by the cheeky programmers.

Danish developer Poul-Henning Kamp wrote at the time about his concerns for HTTP/2 in the wake of the PRISM revelations. “I think PRISM is ample evidence that [adding more encryption to HTTP/2 to fight back against the NSA] will have the 100% certain result is that all encryption will be circumvented, with bogus CA certs all the way up to PRISM and designed-in backdoors, and the net result is less or even no privacy for anybody everywhere,” Kamp wrote to his colleagues in the HTTP Working Group.

The inclusion of the word PRISM in the HTTP/2 protocol is like a knowing middle finger to the NSA, and a reminder to us that not every internet entity is colluding with intelligence agencies.

Image courtesy of Soft.net

Paris Attackers Allegedly Used PS4s and PSN to Communicate

In a development that is likely to place more pressure on the technology sector, reports are coming out that the perpetrators of the recent Paris attacks used Sony PS4s to communicate and coordinate their attack. This comes after authorities have taken away the PS4s from the attackers homes and Belgian home affairs minister has said that the PS4 was chosen due to its difficulty to track.

Games and consoles have always been on the radar for authorities in monitoring suspects. After all, Edward Snowden revealed that the NSA and GCHQ had agents embedded into MMORPG World of Warcraft and Second Life in order to monitor suspects. XBox Live was monitored and part of the reason many were hesitant about the always on functions of the new consoles and the once mandatory Kinect.

At that time, PSN, the Sony’s Playstation Network was not mentioned as a target for monitoring. If it turns out the PS4 was used, authorities will likely start looking into PSN communications as well. Given the myriad number of ways players can communicate with each other in game, the large volume of communications and the importance of context, whether or not extra monitoring would help remains to be seen.

Edward Snowden Explains Why he Supports Ad-Blockers

Edward Snowden, the whistleblower-turned-press freedom advocate exiled in Russia after leaking NSA documents that demonstrated the terrifying scope of its mass surveillance program, has publicly endorsed ad-blocking software and has encouraged every internet user to employ it.

Speaking to The Intercept’s Micah Lee, Snowden, responding to the question “Do you think people should use adblock software?”, said, “We’ve seen internet providers like Comcast, AT&T, or whoever it is, insert their own ads into your plaintext http connections. … As long as service providers are serving ads with active content that require the use of Javascript to display, that have some kind of active content like Flash embedded in it, anything that can be a vector for attack in your web browser — you should be actively trying to block these.”

“Because if the service provider is not working to protect the sanctity of the relationship between reader and publisher,” he added. “you have not just a right but a duty to take every effort to protect yourself in response.”

While there are ethical arguments against the use of ad-blockers – mainly that users of ad-blocking software are depriving site owners of revenue – it makes sense, purely from a security perspective, for Snowden to recommend ad-blocking for all: anything that could potentially provide a backdoor into your computer is a threat, much like the recent worrying revelation that advertisers are tracking users over multiple devices via inaudible sounds.

Image courtesy of The Guardian.

Researcher Makes Live Browser History Public to Show Impact of UK’s Surveillance Bill

Since details of the UK’s proposed Investigatory Powers Bill – a law nicknamed the Snooper’s Charter and that aims to open police and intelligence services’ mandate to, amongst other things, access and monitor the internet browser history of any UK citizen – there has been growing concern over the right to privacy of internet users. To illustrate just how intrusive the IP Bill would be, security researcher Brett Lempereur has launched ICREACHAround, a blog which shows a real-time list of websites he has visited.

“This page streams information about the pages I’m visiting on the internet in real-time. A public ICREACH on a really cheap domain name. Some of these links may be NSFW,” Lempereur writes. “This is an attempt to show the amount of information that will be available about you without and with a warrant if the new Investigatory Powers Bill comes into force in its current form.”

ICREACHAround is a play on ICREACH, an NSA search engine that allows US government agencies to navigate through phone records, mobile phone GPS, e-mails, and instant messaging history, the records for which total 850 billion. Lempereur hopes that, by sharing his own browser history, he can demonstrate the personal data that the UK Government would have access to if the surveillance bill is voted into law.

The browser extension that Lempereur uses to gather his own browsing data is available on GitHub if you want to try it for yourself. Lempereur has said that he is happy to field any questions regarding his endeavour via Twitter.

We Have Edward Snowden to Thank for The X-Files Revival

We’re but four months away from the much-hyped The X-Files revival, which reunites David Duchovny and Gillian Anderson as the iconic Mulder and Scully to investigate the paranormal and government conspiracies, but it seems we might have a real-world scandal to thank for inspiring the show’s return. The X-Files creator Chris Carter admits that the show’s new episodes owe a great debt to the revelations related to the mass surveillance program conducted by the NSA, as revealed by whistleblower Edward Snowden.

“It’s a perfect time to come back with The X-Files considering global politics,” Carter said during the premiere screening of the first new X-Files episode at the MIPCOM TV trade fair in Cannes this week, which earned rave reviews. “We’re trying to be honest with the changes dealing with digital technology: the capability of spying. Clearly we’re being spied on in the US – or at least spying on you – and there seems to be no shame in it.”

Despite the show being off the air for over 13 years, with just a single film in the interim – 2008’s The X-Files: I want to Believe – Carter says that he’s still been writing the show in his head all that time. “Every day I look at the newspaper and I see a possible X-Files episode,” he said. “I did it for a long time and you never quite lose the eye for what would be good X-Files storytelling.”

The six-episode The X-Files miniseries airs on FOX on 26th January, 2016.

Thank you The Guardian for providing us with this information.

Edward Snowden Twitter Notifications Resulted in 47GB of E-mails

NSA whistleblower and US exile Edward Snowden recently joined Twitter – his first act as a new member was to establish himself as the greatest troll of the 21st Century – and within three days he has already accrued a whopping 1.26 million followers, and a very warm welcome from the likes of Neil deGrasse Tyson, WikiLeaks, and Anonymous. His first message – “Can you hear me now?” – was, at the time of writing, retweeted 119,761 times and favourited 114,661 times.

Impressive work, and Snowden was sure to have been basking in his instant Twitter popularity… had he not neglected to stop e-mail notifications.

For every follow, favourite, and retweet, Snowden received an e-mail – and the guy even accepts direct messages from everyone, so imagine how many people have tried to contact him privately –  likely close to 2 million’s worth, filling up his inbox to the tune of 47GB.

Snowden, a former CIA employee and National Security Agency contractor has been exiled to Russia since 2013, when he leaked classified information revealing the scope of the NSA’s mass surveillance program. He is now director of the Freedom of the Press Foundation, a non-profit organisation which aims to protect the rights of journalists.

Whistleblower Who Posted Sensitive Materials to 4Chan Not Taken Seriously

A former employee of Australia’s Department of Defense, who held fellow countryman Julian Assange up as an idol, posted sensitive materials he stole from the workplace to 4chan, where no one took him seriously (and called him “newf*g”, presumably). 21-year-old Michael Scerba uploaded documents related to the Five Eyes spying program – which is an initiative that combines the surveillance powers of the NSA (US), GCHQ (UK), CSEC (Canada), ASD (Australia), and GCSB (New Zealand) and has existed since the end of the Second World War – to 4chan in October 2012. The post had only 14 replies, described by Scerba as “a bunch of ‘fake and gay’ remarks”. Classy guy, sounds like he would have fit in well there.

At the time, Scerba said of his leak, “I release(sic) what I feel should be in the media: bombings, civilian deaths, actions of the ‘terrorists’ that just aren’t reported in the media.” As his 4chan post didn’t hit in quite the way Scerba has hoped, it was unlucky for him that one of the few people to see it was an employee of Australia’s intelligence service, who then alerted authorities.

Scerba’s materials were genuine, though, and the now 25-year-old is facing a Supreme Court trial in Australia for accessing and leaking confidential information. Since the trial will feature confidential information as evidence, making at least some of the process private, with documents related to the case to be destroyed 28 days after the end of the hearing, which has stirred civil rights activists into quite the frenzy.

Thank you Engadget for providing us with this information.

NSA Surveillance Program Operating For a Very Long Time

NSA operations have been going on a long, long, long, long time, that is according to the latest revelations by both Edward Snowdon and also by a report from The Intercept, NSA/GCHQ’s top secret surveillance program “Project Echelon” has been spying on the US allies, enemies, and its citizens for last 50 years. It’s being called the first-ever automated global mass surveillance system.

A British investigative journalist by the name of Duncan Campbell wrote a magazine article in 1988 about the existence a surveillance program by the name of Echelon, which is essentially a giant and automated surveillance dragnet that indiscriminately intercepted phone and Internet data from communications satellites. This technique was a precursor to today’s tapping of undersea fibre optic cables by survey non-military targets; these include governments, organizations and businesses in virtually every corner of the world.

In 2000, the European Parliament appointed a committee to investigate the program which lead to the outcome of the same old “The NSA played by the rules” mantra. How do you sum these latest revelations up? A foreign affairs directorate special adviser managed it perfectly by concluding the following,

In the final analysis, the “pig rule” applied when dealing with this tacky matter: “Don’t wrestle in the mud with the pigs. They like it, and you both get dirty.”

If anyone attempts to challenge these practises then both parties will be slandered into oblivion, the only difference is, the good guy always looks worst. I am not surprised by these revelations because frankly, who the hell can be after so much has been leaked out. I also think there is now more than surveillance at stake, but the underpinning of democracy which is looking weaker by the day.

This is also where GCHQ and the NSA look stupid, if they are able to track everyone all of the time, how come the likes of Osama Bin Laden managed to hide for so long? How come there are many criminals, illegal activities and an escalation in gun violence in the US within a world which is perceived to be more under surveillance? After all, the perpetrator of the Charleston church shootings wrote a manifesto which was easily accessible online, if the words “It was obvious that George Zimmerman was in the right” does not look slightly psychopathic, then nothing will.

Thank You fossbytes and The Intercept for providing us with this information.

Former Homeland Security Secretary Speaks Out About Encryption Backdoors

While some governments are trying to ban end-to-end encryption or insert backdoors into encrypted systems, a prominent yet unexpected voice has spoken out in support of protecting people’s privacy. Michael Chertoff, the former Secretary of Homeland Security under the Bush administration from 2005 to 2009, told an audience at the 2015 Aspen Security Forum that compromising encryption would make users vulnerable to attack from both legitimate and malicious sources, and could even become a strategic weakness to the US, ripe for exploitation by its enemies.

“I think that it’s a mistake to require companies that are making hardware and software to build a duplicate key or a backdoor, even if you hedge it with the notion that there’s going to be a court order,” Chertoff said.

Chertoff’s comments come in the wake of FBI Director James Comey warning the US Senate Judiciary and Intelligence Committees that without a backdoor into encrypted systems the country would be at risk of terrorist attack (yawn), because stuff like that really helps. Comey claims that encryption makes his job harder, as though the world should open its metaphorical doors to make sure he gets to go home by 5. He said, “In universal strong encryption, I see something that is with us already and growing every day that will inexorably affect my ability to do that job,” failing to acknowledge that, in accordance with human rights, privacy, and basic decency, it should be hard to spy on people.

Thank you DefenseOne for providing us with this information.

UK’s WhatsApp Ban Ruled Unlawful

UK Prime Minister David Cameron plans to ban any online messaging platform that uses end-to-end encryption, such that it would be unreadable by the country’s intelligence services, has been deemed “inconsistent with [European Union] law”. Messaging apps that use end-to-end encryption, such as the popular WhatsApp, Apple’s iMessage, and image sharing platform Snapchat, are protected under the EU’s Article Eight of the European Convention on Human Rights. Home Secretary Teresa May, creator of the Data Retention and Investigatory Powers Bill – or ‘Snooper’s Charter’ – has, however, appealed the decision.

The ‘Snooper’s Charter’ has been met with vocal opposition from both users and tech companies alike. Apple CEO Tim Cook declared that his company has “never worked with any government agency from any country to create a backdoor in any of our products or services […] and we never will.”

“In our country, do we want to allow a means of communication between people which, even in extremis, with a signed warrant from the home secretary personally, that we cannot read?” David Cameron said back in January. “Are we going to allow a means of communication where it simply isn’t possible to do that? And my answer to that question is no we must not. The first duty of any government is to keep our people and our country safe,” he added, using the age-old trick of citing terrorism prevention to infringe on civil liberties, despite the fact it doesn’t work.

Even MP for Uxbridge and South Ruislip and Nazi poster boy Boris Johnson is towing the Tory Party line of not giving a damn about human rights, saying, “I’m not interested in this civil liberties stuff. If they’re a threat, I want their emails and calls listened to.”

For all its faults, the European Union is the only body standing up for privacy and human rights in the face of Owellian levels of mass surveillance. Long may that continue.

Thank you The Express for providing us with this information.

Hacking Team Release Ludicrous Statement

This story is so preposterous that I am going to play a little game called; “who are the hypocrites here.” Hacking Team, who recently fell to a cyber attack have released a statement claiming to be victims and have bluntly claimed that they have “always operated with the law and regulation in an ethical manner.”

You heard it right, when government officials start inventing ludicrous laws which state that hacking citizen’s phones and computers for data is actually legal, you arrive at the juncture where the Italian spyware firm claim that “there was only one Violation of Law in this entire event, and this was “the massive cyber attack on the Hacking Team”

Now I don’t condone hacking, well I do in this case where rival decent hackers exposed nearly 50GB of data, this included internal documents such as internal emails, hacking tools zero day exploits, surveillance tools, source code for Spyware and a spreadsheet listing and every government client with date of purchase and amount paid.

Out of balance and to be fair to Hacking Team, I have viewed their statement and what really stands out is the following few lines.

“The company has always sold strictly within the law and regulation as it applied at the time any sale was made. That is true of reported sales to Ethiopia, Sudan, Russia, South Korea and all other countries”

Well, those are true democracies which really do underpin Hacking Teams morals. The scary thing is, if you give a despot surveillance tools, this could have well led to deaths and suffering of citizens.

There are no winners in these revelations with perceived democratic countries also using these tools along with many dodgy dictators. Hacking Team also state that “there had not been “access to the data collected by company’s clients using purchased spying software, as such information is only stored on the customer’s systems and can’t be accessed by the company itself.”

This is the tip of a seedy and unethical Iceberg, which in the long run, will not protect against every terrorist eventuality, but to only virtually incarcerate the whole world. Anyone who sells spying software to countries which have a habit of executing dissenters is either desperate for cash or completely void of conscious. A sale is possibly within the law, but so is selling a pint of beer to a 16-year-old if bought by an adult with a meal. The only difference is, a pint normally does not result in potential war crimes and more… usually.

Thank you to Hacker News for providing us with this information

Image courtesy of ilquotidianoitaliano

UK Privacy and Apps Under Threat

Let me just jump on my soapbox for a minute with regards to this subject, according to reports, the newly elected Conservative Government wants to again reintroduce the Snoopers Charter, sorry, I mean the new fangled “Investigatory Powers Bill” which if enacted would allow the government and security services for example M15 access to everyone’s communications.

To add insult to injury the plans would also make end to end encrypted apps for example Snapchat and WhatsApp technically illegal, unless a backdoor is installed or communications are handed over. All in the name of terrorism and extremists, now I am not being flippant and I am aware that groups such as IS exist, but I do not believe everyone’s communications should be spied upon.

This bill if passed would also require all ISP (Internet Service Providers) to retain all information on every citizens browsing habits, sites which are looked at and information which is sent, with the aim of making this information available to the security services.

So what do the tech experts believe? They have stated that these laws are draconian, anti free speech and would put the whole Internet at risk from hackers. Who would be able to crack any backdoor laid before them by the powers that be. Opposition includes Tim Cook who is the boss of Apple who said citizens should be entitled to a private life; academics from MIT and the UK have both dismissed these proposals as a disaster.

So what can we do about it? The only thing as citizens we can do, make our voices heard, I believe there should be a limit to what governments can collect, innocent people should not be spied upon in their own homes, I do think we need to track for example suspected terrorists movements, but I think in order to be under surveillance, you need evidence and a court of law to approve this, not simply cart blanch can we have your data and monitor everyone.

The mantra for governments is quite clear, “let us spy on you or you can only use certain communication tools approved by the state”. I think it would be impossible to ravage the internet of encryption, but I do think this bill is designed and will be able to collect more information on everyone.

I have started a petition on this over at change.org if you are interested in checking It out, link is below, will it work?  Hell I will be damned if I am going to lie down quietly and let the state turn into a whole new animal which polices everyone, which notion is brought to you by the good folks in China, North Korea and Russia among many.

Petition at Change.org

Thanks to BBC News, Huffington post  (who plan to encrypt their website further) and Facebook trends

Image Courtesy of automation

 

 

Julian Assange Compares Surveillance State to a Malevolent God

In an exclusive interview with Byline, Julian Assange spoke about the evolution from the surveillance state to the surveillance society, in which communities are complicit in being observed and reported on, and how it has become so omnipresent and controls citizens through fear of their terror of its vengeful eye.

Seung-yoon Lee, CEO and Co-founder of Byline, conducted the interview with Assange from his place of exile, the Ecuadorian Embassy in London. Assange, of course, cannot leave the embassy under threat of being arrested and extradited to Sweden, where he faces accusations of sexual misconduct, but suspects that Swedish authorities will hand him over to the US, where he is wanted for espionage.

Assange compares our “surveillance society” to communist East Germany, where its people were so afraid of the state’s watchful eye that they would inform on their neighbours:

“We’ve increasingly become accepting of the surveillance that exists at all levels of society.”

“At the level of national security this is still fresh. Other national intelligence agencies engage in bulk Internet monitoring. But over time there will arise an acceptance that this is simply how society is – as has already arisen with other forms of surveillance. At that point, society develops a type of self-censorship, with the knowledge that surveillance exists – a self-censorship that is even expressed when people communicate with each other privately.”

That was the situation in East Germany, not because of mass electronics surveillance, but because up to 10 per cent of people were at some stage of their lives informants for the state. A double language evolved where no one was saying what they really meant. And conformity was produced because of this low-level fear.

He then draws comparison with the Abrahamic God, casting the surveillance state as a malevolent deity that is everywhere, always listening, and constantly judging:

“Now finally Western civilization has produced a god, the god of mass surveillance. How is it like a god? It’s a little bit Abrahamic. If you look at most definitions, a god is omnipresent, omniscient, and omnipotent. In particular, god knows when you are doing something that you shouldn’t be doing and whether you are playing according to god’s rules. The conception of national security agencies and mass surveillance is that the overwhelming majority of communications are surveilled upon. Even conversations happening in person may be recorded through an Android phone, or through other electronic gadgets that are becoming increasingly sophisticated. Maybe your friend, although you just talked to them in person, can gossip over electronic media about what you said.”

Is there hope of breaking free of mass surveillance? Assange certainly thinks so, pointing to the democratic movements in South America as the way forward:

“In the past 10 years there has been this Orwellian rise in power of national security agencies like GCHQ and others. But it is precisely this period that has also seen the growing independence and democratization of Latin America – which is a US backyard. At the same time that the landscape gets Orwellian, with total surveillance power, in Latin America you have increasing independence away from the US.”

He also asserts the size and power of the large institutions that conduct mass surveillance can be to their detriment:

“They are so large they can’t react quickly. A concrete example is when we rescued Edward Snowden from Hong Kong. It was the largest intelligence manhunt the world has ever seen. We were going head to head with the National Security Agency. The Department of Justice, the White House, the CIA were all providing support for the NSA. I was in this embassy under intense surveillance myself. Through our knowledge of cryptography we managed to elude that surveillance. It is absurd to think that such a small international publisher – WikiLeaks – specialising in publishing things about war crimes, corruption, and intelligence agencies could go into a very clearly defined head to head contest against organisations with a combined budget of over a hundred billion dollars. But we did. I guess we have some brave and intelligent staff. But I think it is really that we are able to move much faster. We already understood the environment. We understood these organisations and how they behave. We have some ability to communicate in secret.”

The first part of the interview is available now on Byline.

Image courtesy of CoinDesk.

US Tech Companies Set to Lose $35 Billion Due to NSA Surveillance

A number of US companies are set to lose an estimated $35 billion collectively due to revelations regarding NSA surveillance, as uncovered by Edward Snowden two years ago, according to a report from the Information Technology and Innovation Foundation (ITIF). Companies that colluded with the NSA, revealing confidential user data to the US intelligence services, are expected to be shunned, especially by international users, with severe repercussions for their business.

“Foreign customers are shunning U.S. companies,” the report says, with some foreign governments also working to block American tech businesses from their countries.

Though the ITIF is a think tank founded by members of Congress, it is a non-partisan organisation that aims to look at the tech world impartially. The ITIF estimates that the fallout from the NSA’s PRISM program being leaked by Snowden will cost US firms between $21.5 and $35 billion – but “will likely far exceed $35 billion,” according to the report – with cloud computing companies, such as Dropbox, the worst affected.

The report, however, includes the following five suggestions for US companies to reverse the trend and win back customer confidence:

  1. Increase transparency surrounding U.S. surveillance activities, both at home and abroad.
  2. Strengthen information security by opposing any government efforts to introduce backdoors in software or weaken encryption.
  3. Strengthen U.S. mutual legal assistance treaties (MLATs).
  4. Work to establish international legal standards for government access to data.
  5. Complete trade agreements like the Trans-Pacific Partnership that ban digital protectionism and pressure nations that seek to erect protectionist barriers to abandon those efforts.

The reports concludes, “When historians write about this period in U.S. history, it could very well be that one of the themes will be how the United States lost its global technology leadership to other nations,” the report’s authors, Daniel Castro and Alan McQuinn, write. “And clearly one of the factors they would point to is the long-standing privileging of U.S. national-security interests over U.S. industrial and commercial interests when it comes to U.S. foreign policy.”

Thank you The Daily Dot for providing us with this information.

UK Government Wants to Monitor Social Networking

UK government ministers announced over the weekend that it has awarded contracts to five companies to monitor citizen’s online content and provide that information to Whitehall in real-time. The companies will be on the look-out for a government-approved list of keywords, collating information regarding people’s opinion of the government and related political issues.

“We monitor digital, social and traditional media so we understand what people are saying, identify their concerns and shape policies accordingly,” a government spokesperson told The Independent. “Departments have always monitored social media but this agreement means they can find the most appropriate way of doing this at the best price, ensuring good value for money for the taxpayer.”

One of the five providers, Precise Media Monitoring, calls its task “automated sentiment” analysis, saying, “We use advanced text analytics to generate automated analysis for all mainstream and social content. This includes analysis of the key topics being discussed, and hashtags being mentioned and the sentiment of conversations. The results can quickly enable a Contracting Body [such as a Government department] to get an idea of sentiment towards a subject and can act as an alert to potential issues at an early stage.”

Which is all just a fancy way of saying that UK citizens are now party to mass surveillance in real-time and are paying for the privilege of being spied on with their own taxes. How do you feel about  having your online movements watched, recorded, and scrutinised?

Thank you The Independent for providing us with this information.

‘Handful of Senators’ Blocking Patriot Act Extension

US President Barack Obama has blamed a “handful of senators” for blocking the USA Freedom Act, designed to extend the mass surveillance legislated by section 215 of the infamous Patriot Act, which expires on 1st June. Obama has told Senate Majority Leader Mitch McConnell that he expects senators who are standing in the way of the extension to fall in line before May comes to an end.

Last week, the Senate voted against The USA Freedom Act (57/42 votes) and a 60-day emergency extension to the existing Patriot Act (54/45 votes).

“I don’t want us to be in a situation in which for a certain period of time those authorities go away and suddenly we are dark,” Obama said. “And heaven forbid we’ve got a problem where we could have prevented a terrorist attack or apprehended someone who is engaged in dangerous activity but we didn’t do so simply because of inaction in the Senate.”

McConnell is expected to call the Senate into session on Sunday in an effort to push through the extension before it expires at midnight “to make every effort to provide the intelligence community with the tools it needs to combat terror,” according to his spokesman, Don Stewart.

“The only thing that is standing in the way is a handful of senators who are resisting these reforms despite law enforcement and the (intelligence community) saying ‘let’s go ahead and get this done,'” Obama added, putting the blame of any failure to extend the act squarely on the Senate.

If only they’d called it the Stars and Stripes and Apple Pie Act, it would have been a dead rubber.

Thank you Yahoo! Tech for providing us with this information.

Mozilla Protests Against France’s New Mass Surveillance Law

In a post on its blog, Mozilla has expressed its deep concern over the French National Assembly’s Projet de Loi Relatif au Renseignement, a new law which legitimises mass surveillance though the installation of “black boxes” among telecommunications operators devices. Mozilla, developer of the Firefox internet browser, says that “the bill threatens the integrity of Internet infrastructure, user privacy, and data security.”

According to the blog post, the surveillance bill authorises French intelligence services to:

  • Pervasively monitor and store user communications, metadata, and Web activity about all users in France and abroad;
  • Force Internet service providers (and potentially other technology companies) to install “black boxes” in their networks to collect massive amounts of data and use algorithms to search for “suspicious patterns”;
  • Intercept user communications, including reading emails and tapping phones, without meaningful due process or oversight; and
  • compromise Internet infrastructure in France and extraterritorially.

The bill came as a surprise to many, since France was one of the founding members of was a founding member of the Freedom Online Coalition, which was designed to stand against infringement on internet users’ rights, something that this surveillance bill spits upon.

Mozilla ends its blog post by saying, “we call on France, as an international leader in upholding human rights around the world, to set a positive example for other governments rather than continuing on a course of eroding protections for users and undermining the open Internet.”

Image courtesy of FreeVector.

Federal Court Rules NSA Mass Surveillance Illegal

In a huge victory for freedom, privacy, and human rights, the US Court of Appeals for the Second Circuit has ruled that bulk collection of telephone metadata undertaken by the National Security Agency (NSA) is illegal under federal law.

The scope of the NSA’s draconian mass surveillance was first revealed by former defense contractor Edward Snowden back in June 2013. Ever since leaking confidential information, Snowden has been in exile in Russia for fear of legal action should he return to the US.

Though many were keen to charge the NSA for actions that were unconstitutional, the Court of Appeals approached the bulk data collection from a much simpler angle: the actions of the NSA were found, remarkably, to be beyond the scope of section 215 of the Patriot Act – the legislation designed to legitimise and legalise such privacy violations – as passed by the US Congress after 11th September, 2001.

The case against the NSA was brought by the American Civil Liberties Union, and was taken to the Court of Appeals after initially being dismissed by a lower court in 2013. That dismissal has now been overturned, opening the NSA up to a full legal challenge for the methods it used to collect private data from citizens, both in the US and abroad.

Thank you Wired for providing us with this information.

Image courtesy of Wikimedia.

CIA Couldn’t Use NSA’s Surveillance Program as Analysts Didn’t Know it Existed

A 2009 CIA document – released courtesy of a victorious Freedom of Information lawsuit filed against the US Department of Justice and published by The New York Times – has revealed the US external intelligence service did not use the NSA’s controversial STELLAR WIND surveillance program, which allowed the government warrantless access to private data that it collected en masse, as CIA analysts were not even aware that it existed.

Dated June 2009, the document from the CIA Inspector General (IG), the intelligence service’s internal watchdog, though heavily redacted, claims that the President’s Surveillance Program (PSP, aka “The Program”) was so secretive that only top-level officials had access to it, leaving “CIA analysts and targeting officers” in the dark.

According to the CIA IG report, three “sets of data” were collected under PSP:

The first set included the content of individually targeted telephone and e-mail communications. The second set consisted of telephone dialing information—the date, time, and duration of calls; the telephone number of the caller; and the number receiving the call—collected in bulk [REDACTED]. The third data set consisted of e-mail transactional data [REDACTED] collected in bulk [REDACTED].

The reports goes on to outline exactly why the CIA did not use data from PSP – because most were unaware it was there, and the few who did had no training as to how to access and use it:

Several factors hindered the CIA in making full use of the capabilities of the PSP. Many CIA officers told us that too few CIA personnel at the working level were read into the PSP. [REDACTED] officials told us that CIA and targeting officers who were read in had too many competing priorities and too many other available information sources and analytic tools—many of which were more easily accessed and timely—to fully utilize the PSP. CIA officers also told us that the PSP would have been more fully utilized if and targeting officers had obtained a better understanding of the program’s capabilities. Many CIA officers noted that there was insufficient training and legal guidance concerning the program’s capabilities and the use of PSP-derived information. The factors that hindered the CIA in making full use of the PSP might have been mitigated if the CIA had designated an individual at an appropriate level of managerial authority, who possessed knowledge of both the PSP and CIA counterterrorism activities, to be responsible and accountable for overseeing CIA participation in the program.

The CIA did not implement procedures to assess the usefulness of the product of the PSP and did not routinely document whether particular PSP reporting had contributed to successful counterterrorism operations.

So, the CIA was reprieved from being sullied by reprehensibly unethical breaches of others privacy through sheer ignorance. That’s something, I suppose.

Thank you Ars Technica for providing us with this information.

Feds Tracking International Calls Since 1992, Didn’t Stop 9/11

Since the inception of the Patriot Act, and amplified since the Snowden leak, the oft-repeated justification for intelligence services running mass surveillance programs is that it helps fight terrorism or, more hyperbolically, “would have prevented 9/11”, an idea extolled by such luminaries as former FBI head Robert Mueller and Senator Dianne Feinstein, people in a position to know such a thing. Turns out, they were wrong, because the DEA had been monitoring international phone calls en masse since as early as 1992, and it wasn’t enough to prevent the attacks on the World trade Center.

It was revealed back in January that the DEA had its own database of phone call metadata of practically all calls from inside the US to foreign countries. After digging through the data, Brad Heath of USA Today discovered that the records date back to 1992, meaning that the federal government did have access to the intelligence that Mueller, Feinstein, et al, bemoaned was hampering their ability to tackle terrorism.

Heath writes:

The now-discontinued operation, carried out by the DEA’s intelligence arm, was the government’s first known effort to gather data on Americans in bulk, sweeping up records of telephone calls made by millions of U.S. citizens regardless of whether they were suspected of a crime. It was a model for the massive phone surveillance system the NSA launched to identify terrorists after the Sept. 11 attacks. That dragnet drew sharp criticism that the government had intruded too deeply into Americans’ privacy after former NSA contractor Edward Snowden leaked it to the news media two years ago.

There’s no hiding behind the idea that the DEA didn’t share that information with the NSA, as pointed out by an award-winning report by Eric Lichtblau, James Risen, and Scott Shane for the New York Times:

In the drug-trafficking operation, the N.S.A. has been helping the Drug Enforcement Administration in collecting the phone records showing patterns of calls between the United States, Latin America and other drug-producing regions. The program dates to the 1990s, according to several government officials, but it appears to have expanded in recent years. 

Officials say the government has not listened to the communications, but has instead used phone numbers and e-mail addresses to analyze links between people in the United States and overseas. Senior Justice Department officials in the Bush and Clinton administrations signed off on the operation, which uses broad administrative subpoenas but does not require court approval to demand the records.

The report also revealed that telecoms companies handed over the data via a simple administrative subpoena, which bypasses the courts, and were scared off from appealing by the Department of Justice:

The DEA obtained those records using administrative subpoenas that allow the agency to collect records “relevant or material to” federal drug investigations. Officials acknowledged it was an expansive interpretation of that authority but one that was not likely to be challenged because unlike search warrants, DEA subpoenas do not require a judge’s approval. “We knew we were stretching the definition,” a former official involved in the process said. 

Officials said a few telephone companies were reluctant to provide so much information, but none challenged the subpoenas in court. Those that hesitated received letters from the Justice Department urging them to comply. 

After Sprint executives expressed reservations in 1998, for example, Warren, the head of the department’s drug section, responded with a letter telling the company that “the initiative has been determined to be legally appropriate” and that turning over the call data was “appropriate and required by law.” The letter said the data would be used by authorities “to focus scarce investigative resources by means of sophisticated pattern and link analysis.”

The data was then stored in a secret database, concealing all knowledge of it from judges and defence lawyers:

To keep the program secret, the DEA sought not to use the information as evidence in criminal prosecutions or in its justification for warrants or other searches. Instead, its Special Operations Division passed the data to field agents as tips to help them find new targets or focus existing investigations, a process approved by Justice Department lawyers. Many of those tips were classified because the DEA phone searches drew on other intelligence data.

That practice sparked a furor when the Reuters news agency reported in 2013 that the DEA trained agents to conceal the sources of those tips from judges and defense lawyers. Reuters said the tips were based on wiretaps, foreign intelligence and a DEA database of telephone calls gathered through routine subpoenas and search warrants.

As a result, “the government short-circuited any debate about the legality and wisdom of putting the call records of millions of innocent people in the hands of the DEA,” American Civil Liberties Union lawyer Patrick Toomey said.

A cynic could think that those in power are using the emotive issue of the 9/11 attacks as unimpeachable rationale for violating the privacy of the people they claim to protect. As the US enters the period during which the renewal of the draconian Patriot Act (section 215, specifically) is debated, it is vital that the ineffectiveness of these privacy-violating policies are publicised.

Source: TechDirt

Wikipedia Sues the NSA

 

Wikipedia has filed a lawsuit against the US National Security Agency (NSA) over the anti-constitutional nature of its internet mass surveillance program, as revealed by whistleblower and former NSA employee Edward Snowden.

The suit, which also names the US Department of Justice (DoJ) as a defendant, accuses the government organisations of breaching the First and Fifth Amendments of the US Constitution, designed to protect free speech and protection against unreasonable search and seizure, respectively.

“By tapping the backbone of the Internet, the NSA is straining the backbone of democracy,” the Wikimedia Foundation’s Executive Director, Lila Tretikov, wrote in a related blog post. “Wikipedia is founded on the freedoms of expression, inquiry, and information. By violating our users’ privacy, the NSA is threatening the intellectual freedom that is central to people’s ability to create and understand knowledge.”

Wikipedia founder Jimmy Wales also wrote an accompanying op-ed piece for The New York Times, published the same day as the lawsuit was filed. Wales argues that the NSA’s “pervasive surveillance” of Wikipedia visitors is an act that “stifles freedom of expression and the free exchange of knowledge.”

Wales continued, “Whenever someone overseas views or edits a Wikipedia page, it’s likely that the N.S.A. is tracking that activity—including the content of what was read or typed, as well as other information that can be linked to the person’s physical location and possible identity,” Wales and Tretikov wrote. “These activities are sensitive and private: They can reveal everything from a person’s political and religious beliefs to sexual orientation and medical conditions.”

Wikipedia’s lawsuit against the NSA has been filed in partnership with Human Rights Watch and Amnesty International, and are being represented by the American Civil Liberties Union.

Source: National Journal

University of Toronto Creates Online Database of Leaked Snowden Documents

The University of Toronto, in partnership with Canadian Journalists for Free Expression (CJFE), has created an online searchable database of every document leaked by NSA whistleblower Edward Snowden that has been subsequently been published in the media. The Snowden Digital Surveillance Archive aims to “provide a tool that would facilitate citizen, researcher and journalist access to these important documents.”

Edward Snowden, a former NSA data analyst, leaked documents related to massive and pervasive illegal global surveillance programs run by the US National Security Agency (NSA) in conjunction with UK intelligence service GCHQ.

The CJFE is an organisation that “monitors, defends and reports on free expression and access to information in Canada and abroad.” The creation of the Snowden Archive is part of its remit to promote “free media as essential to a fair and open society” and the “free expression rights of all people”.

“We are extremely proud to launch the Snowden Archive as a tool for Canadians, and the world, to better understand the scope and scale of mass surveillance programs,” said CJFE Executive Director Tom Henheffer in a press release. “We believe this tool is just the start of many important stories to come, and hope this will help the public engage in conversation about government surveillance practices.”

The archive allows users to search by the following criteria:

  • Agency that created the document in question;
  • Journalist and media outlet that first broke the story from the document;
  • Full text of the document;
  • Keywords, surveillance program names and more.

Source: Canadian Newswire