Prev-IndexNL-Next

Nederlog


  September
6, 2013
Crisis: NSA revealed again, no encryption, Schneier, Grayson, anti-war
  "Those who sacrifice liberty for
   security deserve neither."
   -- Benjamin Franklin [1]
    "All governments lie and nothing
    they say should be believed.
"
   -- I.F. Stone.








Prev- crisis -Next

Sections
Introduction
1. Revealed: How US and UK spy agencies defeat internet privacy and security
2.
Not Even Encryption Will Save You, Snowden Documents Show
3.
The US government has betrayed the internet. We need to take it back
4. Rep. Alan Grayson: Congress Should Reject "Warmongering" and Focus on Problems at Home
5. What Happened to the Anti-War Movement?

About ME/CFS

Introduction

Today there was a new revelation from Snowden, relayed by Greenwald plus two collaborators, with some follow up by Kelly, followed by comments by Schneier, that I, while liking the spirit, cannot believe will be practised. There also is a file with a link to an interview with Congressman Grayson, about Syria, and a file by Sirota, who seems to have been a bit more idealistic than I am.

1. Revealed: How US and UK spy agencies defeat internet privacy and security

To start with, a paper by James Ball, Julian Borger and Glenn Greenwald in the Guardian, that documents yet another Snowden finding. Also, this was "reported in partnership with the New York Times and Pro Publica" - which I find interesting and commendable:

This starts as follows:
US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden.

US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden.
And here is what the files reveal:

• A 10-year NSA program against encryption technologies made a breakthrough in 2010 which made "vast amounts" of data collected through internet cable taps newly "exploitable".

• The NSA spends $250m a year on a program which, among other goals, works with technology companies to "covertly influence" their product designs.

• The secrecy of their capabilities against encryption is closely guarded, with analysts warned: "Do not ask about or speculate on sources or methods."

• The NSA describes strong decryption programs as the "price of admission for the US to maintain unrestricted access to and use of cyberspace".

• A GCHQ team has been working to develop ways into encrypted traffic on the "big four" service providers, named as Hotmail, Google, Yahoo and Facebook.

There is also this:

But security experts accused them of attacking the internet itself and the privacy of all users. "Cryptography forms the basis for trust online," said Bruce Schneier, an encryption specialist and fellow at Harvard's Berkman Center for Internet and Society. "By deliberately undermining online security in a short-sighted effort to eavesdrop, the NSA is undermining the very fabric of the internet." Classified briefings between the agencies celebrate their success at "defeating network security and privacy".

"For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies," stated a 2010 GCHQ document. "Vast amounts of encrypted internet data which have up till now been discarded are now exploitable."

Let me state again that this is illegal, or if president Obama has some classified report in which some secret court has declared it isn't anymore,  it should be.

The reason is mostly what Schneier said - and note that I am not saying the NSA should not try to unravel some secret communications: what I am saying it should not try to unravel most, and especially not without a specific warrant.

The Fourth Amendment still fully applies, and to pretend it does not - as do Obama and Alexander - is like breaking in and pleading, when caught, that you do not know the law.

Then there is the Sigint program:

Funding for the program – $254.9m for this year – dwarfs that of the Prism program, which operates at a cost of $20m a year, according to previous NSA documents. Since 2011, the total spending on Sigint enabling has topped $800m. The program "actively engages US and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs", the document states. None of the companies involved in such partnerships are named; these details are guarded by still higher levels of classification.

Among other things, the program is designed to "insert vulnerabilities into commercial encryption systems". These would be known to the NSA, but to no one else, including ordinary customers, who are tellingly referred to in the document as "adversaries".

Note that again these are, or should be, illegal efforts, that either should be completely forbidden or require a specific warrant, while there is neither: You should not be capable of influencing "commercial products' designs", as a spying institution.

And this:
The document also shows that the NSA's Commercial Solutions Center, ostensibly the body through which technology companies can have their security products assessed and presented to prospective government buyers, has another, more clandestine role.

It is used by the NSA to "to leverage sensitive, co-operative relationships with specific industry partners" to insert vulnerabilities into security products. Operatives were warned that this information must be kept top secret "at a minimum".

Note this again is or should be clearly illegal: That the NSA's Commercial Solutions Center is trying to "insert vulnerabilities into security products". It also means that the NSA's public role is totally false i.e. other than it is claimed to be.

Next, the Brits have a HOT (Humint Operations Team) about which it is said:

This GCHQ team was, according to an internal document, "responsible for identifying, recruiting and running covert agents in the global telecommunications industry."

"This enables GCHQ to tackle some of its most challenging targets," the report said. The efforts made by the NSA and GCHQ against encryption technologies may have negative consequences for all internet users, experts warn.

Quite so: this means that no security expert can trust any other security expert. Well done, NSA!

There is a lot more under the last dotted link, which I recommend you read all.


2. Not Even Encryption Will Save You, Snowden Documents Show

Next, here are some of the lessons learned from the above document. This is by Alexander Reed Kelly on Truth Dig:
It starts thus:

The NSA has thwarted many of the encryption safeguards currently relied on to protect the online activities, communications and data of governments, banks, hospitals and hundreds of millions of private citizens, major news outlets in possession of classified documents provided by whistle-blower Edward Snowden report.

The revelation by The New York Times, The Guardian and ProPublica undercuts a key promise made by Internet companies to their customers: “that their data is safe from prying eyes, including those of the government,” The New York Times reports. The NSA wants Internet users to go on assuming such shields exist. “The agency treats its recent successes in deciphering protected information as among its most closely guarded secrets,” the Times notes. The documents do not tell which companies have participated.

Right - and that is just it: Anyone's information about anything is their target. It all happens on the pretext of "anti-terrrorism", but I can, meanwhile, see no other reason to do so than to be able to control anyone, and to bring about the perfect police state, though the perpetrators will name it quite otherwise.

There is also this, which underlines my last point:
(..) the NSA in 2000 began a successful stealth campaign “over setting of international encryption standards, the use of supercomputers to break encryption with ‘brute force’ and—the most closely guarded secret of all—collaboration with technology companies and internet service providers themselves,” The Guardian reports. Through those partnerships, the agencies inserted secret vulnerabilities into commercial encryption software. Those weaknesses provided entry points into the products and sometimes the host machines.
It would be interesting to know who are the partners in these "partnerships".

3. The US government has betrayed the internet. We need to take it back

Next, a piece by Bruce Schneier, the security expert mentioned above, who writes for the Guardian:

This has a subtitle, which is as follows:

The NSA has undermined a fundamental social contract. We engineers built the internet – and now we have to fix it

The question is: how? Here is the start of his article:

Government and industry have betrayed the internet, and us.

By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical internet stewards.

This is not the internet the world needs, or the internet its creators envisioned. We need to take it back.

And by we, I mean the engineering community.

This does not sound very realistic, especially for those who know something about Free Open Source: Very few people use it, and even fewer restrict themselves to it. But OK - the times are difficult, and nearly always were, nearly everywhere.

Bruce Schneier has several points:
One, we should expose.
(...)
We need to know how exactly how the NSA and other agencies are subverting routers, switches, the internet backbone, encryption technologies and cloud systems. I already have five stories from people like you, and I've just started collecting. I want 50. There's safety in numbers, and this form of civil disobedience is the moral thing to do.

This I quite agree with - except that I do not know how reliable and honest Schneier is. I am willing to suppose he is, but the next question is: Will his findings remain anonymous? If he gets investigated?

But OK, you need to start somewhere, and in principle this is a good start. Next:

Two, we can design. We need to figure out how to re-engineer the internet to prevent this kind of wholesale spying. We need new techniques to prevent communications intermediaries from leaking private information.

We can make surveillance expensive again. In particular, we need open protocols, open implementations, open systems – these will be harder for the NSA to subvert.

I am afraid this is hopeless. There is a good system, that is better - by quite a lot - than MS Windows, and is wholly free. It is called Linux. Well... between 1 and 2 % of the total users of internet use it. For most of the rest, the hurdle is too high.
Three, we can influence governance. (...) We need to figure out new means of internet governance, ones that makes it harder for powerful tech countries to monitor everything. For example, we need to demand transparency, oversight, and accountability from our governments and corporations.
I am afraid this is also hopeless: "Our governmetns and corporations" are the problem. And they do not want, and what is more: usually can block any attempt to make them more transparent, better overseen or more accountable.

Note please that I am not against what Bruce Schneier proposes: I am for it. But I do not think it will happen, not by "engineers", for there are too few who are willing and able to do such an enormous project, and also not by "ordinary people", who just have no idea.

There is considerably more in Bruce Schneiers article, but not more points. He ends as follows:
To the engineers, I say this: we built the internet, and some of us have helped to subvert it. Now, those of us who love liberty have to fix it.
All I can say to this is: I do not see it happen - unless half of the people using Windows now switch to Linux, and it seems this is just too difficult for the majority to even contemplate, even though there are now very easy Linux-systems.

4. Rep. Alan Grayson: Congress Should Reject "Warmongering" and Focus on Problems at Home

Next, here is Alan Grayson, talking to Democracy Now!:

Here is a small part of what he said:
REP. ALAN GRAYSON: Well, let's talk about what our responsibilities are not. Our responsibilities are not to ignore the United Nations. Our responsibilities are not to ignore NATO or the Arab League. Our responsibility is not to ignore the international court of The Hague. Our responsibility is not to make vague remarks about red lines and to follow them up with equally vague remarks about violating international norms, which is a cover for saying that they have it that the Syrians have not violated international laws. I'm very disturbed by this general idea, this notion, that every time we see something bad in the world, we should bomb it. And, in fact, the president himself has criticized that mindset, and now he's adopted it. It's simply not our responsibility to act alone and punish this. I'll give you an example. There is substantial evidence right now, which the Russians have chosen to actually present to the United Nations, unlike the United States at this point, of the rebels using poison gas. Are we going to bomb both sides? .
Indeed. Also, a point I made earlier remains standing: Whoever the U.S. are going to "help" is an enemy of them, whether it is Assad or his opponents, that would be described as "Al Qaeda" if it weren't Syria.

Anyway... there is a lot more under the last dotted link. Incidentally, Congressman Grayson has founded a website that seeks signatures for a petition in Congress:
5. What Happened to the Anti-War Movement?

Finally, a somewhat interesting lesson about practical politics. This is on Truth Dig! and is by David Sirota:

It starts as follows:

A mere 72 hours after President Obama delivered an encomium honoring the life of Dr. Martin Luther King, he announced his intention to pound yet another country with bombs. The oxymoron last week was noteworthy for how little attention it received. Yes, a president memorialized an anti-war activist who derided the U.S. government as “the greatest purveyor of violence in the world.” Then that same president quickly proposed yet more violence—this time in Syria.

Among a political press corps that rarely challenges the Washington principle of “kill foreigners first, ask questions later,” almost nobody mentioned the contradiction. Even worse, as Congress now debates whether to launch yet another military campaign in the Middle East, the anti-war movement that Dr. King represented—and that so vigorously opposed the last war—is largely silent.

And that last point, the silence of anti-war protestors is at issue:

So what happened to that movement? The shorter answer is: It was a victim of partisanship.

Sirota expands on that answer, but that is what it comes to: Those who were anti-war were anti-war only (mostly) because it was a war that was being led by a person who was not of their party. Now it is led by someone who is of their party, and they are either pro-war or don't care.

Here is Sirota's conclusion:

An anti-war movement is supposed to be a check on such reflexive bloodlust. It is supposed to be a voice of reason interrupting the partisan tribalism. When it, too, becomes a victim of that tribalism, we lose something more than a political battle. As the distorted debate over Syria proves, we lose the conscience that is supposed to guide us through the most vexing questions of all.

I agree - up to a point, which is this: It has always been like this. That is, ordinary people have always made their opinions and choices dependent not on what they knew or could know the facts are, and also not on reason, but on what their party leaders told them. This may be quite sad (I agree it is), but is also quite normal. Besides, it is normal to attribute motives to oneself that are nobler than the motives one actually has.

There are a few for whom this is different, and even - may be - more than a few, but they will not be members of political parties.

So - to end on a somewhat positive note - nothing much has been lost, for it never was there to loose.
---------------------------------
P.S. Sep 7, 2013: Made a few small corrections.
Note
[1] Here it is necessary to insist, with Aristotle, that the governors do not rule, or at least, should not rule: The laws rule, and the government, if good, is part of its executive power. Here I quote Aristotle from my More on stupidity, the rule of law, and Glenn Greenwald:
It is more proper that law should govern than any one of the citizens: upon the same principle, if it is advantageous to place the supreme power in some particular persons, they should be appointed to be only guardians, and the servants of the laws.
(And I note the whole file I quote from is quite pertinent.)

About ME/CFS (that I prefer to call M.E.: The "/CFS" is added to facilitate search machines) which is a disease I have since 1.1.1979:
1. Anthony Komaroff

Ten discoveries about the biology of CFS(pdf)

2. Malcolm Hooper THE MENTAL HEALTH MOVEMENT:  
PERSECUTION OF PATIENTS?
3. Hillary Johnson

The Why  (currently not available)

4. Consensus (many M.D.s) Canadian Consensus Government Report on ME (pdf - version 2003)
5. Consensus (many M.D.s) Canadian Consensus Government Report on ME (pdf - version 2011)
6. Eleanor Stein

Clinical Guidelines for Psychiatrists (pdf)

7. William Clifford The Ethics of Belief
8. Malcolm Hooper Magical Medicine (pdf)
9.
Maarten Maartensz
Resources about ME/CFS
(more resources, by many)



       home - index - summaries - mail