Metadata Is More Intrusive Than Direct Listening Of Phone Calls Says Snowden

Metadata Is More Intrusive Than Direct Listening Of Phone Calls Says Snowden

http://www.countercurrents.org/cc070414A.htm

07 April, 2014
Countercurrents.org

Government monitoring of “metadata” is more intrusive than directly listening to phone calls or reading emails, cautioned Edward Snowden, the US NSA whistleblower, and Glenn Greenwald, the reporter who disclosed leaks by Snowden about mass US government surveillance last year.

Moreover, on the “Cuban Twitter” campaign, the USAID program to topple Cuban government, citing top-secret documents Greenwald writes: “This sort of operation is frequently discussed at western intelligence agencies, which have plotted ways to covertly use social media for ‘propaganda’, ‘deception’, ‘mass messaging’, and ‘pushing stories’.” The top-secret documents have now been published by The Intercept.

A Reuter’s report [1] said:

“Snowden and Greenwald …appeared together via video link from opposite ends of the earth on [April 5, 2014] for what was believed to be the first time since Snowden sought asylum in Russia.”

In the video conference, they made the caution.

“Metadata includes which telephone number calls which other numbers, when the calls were made and how long they lasted. Metadata does not include the content of the calls.

“Amnesty International is campaigning to end mass surveillance by the US government and calling for Congressional action to further rein in the collection of information about telephone calls and other communications.”

“Snowden and Greenwald said that such data is in fact more revealing than outright government spying on phone conversations and emails.

“‘Metadata is what allows an actual enumerated understanding, a precise record of all the private activities in all of our lives. It shows our associations, our political affiliations and our actual activities,’ said Snowden, dressed in a jacket with no tie in front of a black background.

“‘My hope and my belief is that as we do more of that reporting and as people see the scope of the abuse as opposed to just the scope of the surveillance they will start to care more,’ he said.

“‘Mark my words. Put stars by it and in two months or so come back and tell me if I didn’t make good on my word.’”

A Reuters/Ipsos poll this week showed the majority of Americans were concerned that Internet companies were encroaching on too much of their lives.

The Chicago datelined report said:

“A sympathetic crowd of nearly 1,000 packed a downtown Chicago hotel ballroom at Amnesty International USA’s annual human rights meeting and gave Greenwald, who dialed in from Brazil, a raucous welcome before Snowden was patched in 15 minutes later to a standing ovation.”

The leaks of secret documents made by Snowden, who had been working at a NSA facility revealed a vast US government system for monitoring phone and Internet data. It deeply embarrassed the Obama administration, which in January banned US eavesdropping on the leaders of friendly countries and allies. However, Snowden faces arrest if he steps foot on US soil.

Greenwald has promised further revelations of government abuses of power at his new media venture the Intercept.

More on “Cuban Twitter”

The Associated Press has recently exposed a secret program run by the US Agency for International Development to create “a Twitter-like Cuban communications network” run through “secret shell companies” in order to create the false appearance of being a privately owned operation with the aim of toppling the Cuban government through a “Cuban Spring” like event.

On this campaign for toppling the Cuban government Glenn Greenwald writes:

“Unbeknownst to the service’s Cuban users was the fact that ‘American contractors were gathering their private data in the hope that it might be used for political purposes’–specifically, to manipulate those users in order to foment dissent in Cuba and subvert its government. According to top-secret documents published today [April 4, 2014] by The Intercept [3], this sort of operation is frequently discussed at western intelligence agencies, which have plotted ways to covertly use social media for ‘propaganda’, ‘deception’, ‘mass messaging’, and ‘pushing stories’.

“These ideas – discussions of how to exploit the internet, specifically social media, to surreptitiously disseminate viewpoints friendly to western interests and spread false or damaging information about targets – appear repeatedly throughout the archive of materials provided by NSA whistleblower Edward Snowden. Documents prepared by NSA and its British counterpart GCHQ – and previously published by The Intercept as well as some by NBC News – detailed several of those programs, including a unit devoted in part to “discrediting” the agency’s enemies with false information spread online.

“The documents in the archive show that the British are particularly aggressive and eager in this regard, and formally shared their methods with their US counterparts. One previously undisclosed top-secret document – prepared by GCHQ for the 2010 annual ‘SIGDEV’ gathering of the ‘Five Eyes’ surveillance alliance comprising the UK, Canada, New Zealand, Australia, and the US – explicitly discusses ways to exploit Twitter, Facebook, YouTube, and other social media as secret platforms for propaganda.

“The document was presented by GCHQ’s Joint Threat Research Intelligence Group (JTRIG). The unit’s self-described purpose is ‘using online techniques to make something happen in the real or cyber world’, including ‘information ops (influence or disruption).’ The British agency describes its JTRIG and Computer Network Exploitation operations as a ‘major part of business’ at GCHQ, conducting ‘5% of Operations.’

“The annual SIGDEV conference, according to one NSA document published today [April 4, 2014] by The Intercept, ‘enables unprecedented visibility of SIGINT Development activities from across the Extended Enterprise, Second Party and US Intelligence communities.’ The 2009 Conference, held at Fort Meade, included ‘eighty-six representatives from the wider US Intelligence Community, covering agencies as diverse as CIA (a record 50 participants), the Air Force Research Laboratory and the National Air and Space Intelligence Center.’

“Defenders of surveillance agencies have often insinuated that such proposals are nothing more than pipe dreams and wishful thinking on the part of intelligence agents. But these documents are not merely proposals or hypothetical scenarios. As described by the NSA document published today, the purpose of SIGDEV presentations is ‘to synchronize discovery efforts, share breakthroughs, and swap knowledge on the art of analysis.’
For instance: One of the programs described by the newly released GCHQ document is dubbed ‘Royal Concierge’, under which the British agency intercepts email confirmations of hotel reservations to enable it to subject hotel guests to electronic monitoring. It also contemplates how to ‘influence the hotel choice’ of travelers and to determine whether they stay at ‘SIGINT friendly’ hotels. The document asks: ‘Can we influence the hotel choice? Can we cancel their visit?’

“Previously, der Spiegel and NBC News both independently confirmed that the ‘Royal Concierge’ program has been implemented and extensively used. The German magazine reported that ‘for more than three years, GCHQ has had a system to automatically monitor hotel bookings of at least 350 upscale hotels around the world in order to target, search, and analyze reservations to detect diplomats and government officials.’ NBC reported that ‘the intelligence agency uses the information to spy on human targets through “close access technical operations”, which can include listening in on telephone calls and tapping hotel computers as well as sending intelligence officers to observe the targets in person at the hotels.’”

Greenwald writes:

“The GCHQ document we are publishing today expressly contemplates exploiting social media venues such as Twitter, as well as other communications venues including email, to seed state propaganda–GHCQ’s word, not mine–across the internet:

“(The GCHQ document also describes a practice called ‘credential harvesting’, which NBC described as an effort to ‘select journalists who could be used to spread information’ that the government wants distributed. According to the NBC report, GCHQ agents would employ ‘electronic snooping to identify non-British journalists who would then be manipulated to feed information to the target of a covert campaign’. Then, ‘the journalist’s job would provide access to the targeted individual, perhaps for an interview’. Anonymous sources that NBC didn’t characterize claimed at the time that GCHQ had not employed the technique.)

“Whether governments should be in the business of publicly disseminating political propaganda at all is itself a controversial question. Such activities are restricted by law in many countries, including the US. In 2008, The New York Times’ David Barstow won a Pulitzer Prize for exposing a domestic effort coordinated by the Pentagon whereby retired US generals posed as ‘independent analysts’ employed by American television networks and cable news outlets as they secretly coordinated their messaging with the Pentagon.

“Because American law bars the government from employing political propaganda domestically, that program was likely illegal, though no legal accountability was ever brought to bear (despite all sorts of calls for formal investigations). Barack Obama, a presidential candidate at the time, pronounced himself in a campaign press release ‘deeply disturbed’ by the Pentagon program, which he said ‘sought to manipulate the public’s trust.’

“Propagandizing foreign populations has generally been more legally acceptable. But it is difficult to see how government propaganda can be segregated from domestic consumption in the digital age. If American intelligence agencies are adopting the GCHQ’s tactics of ‘crafting messaging campaigns to go “viral”,’ the legal issue is clear: A ‘viral’ online propaganda campaign, by definition, is almost certain to influence its own citizens as well as those of other countries.

“For its part, GCHQ refused to answer any specific questions on the record, instead providing its standard boilerplate script which it provides no matter the topic of the reporting: ‘all of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight.’ The NSA refused to comment.

“But these documents, along with the AP’s exposure of the sham ‘Cuban Twitter’ program, underscore how aggressively western governments are seeking to exploit the internet as a means to manipulate political activity and shape political discourse.”

At the conclusion, he writes:

“Those programs, carried out in secrecy and with little accountability (it seems nobody in Congress knew of the ‘Cuban Twitter’ program in any detail) threaten the integrity of the internet itself, as state-disseminated propaganda masquerades as free online speech and organizing. There is thus little or no ability for an internet user to know when they are being covertly propagandized by their government, which is precisely what makes it so appealing to intelligence agencies, so powerful, and so dangerous.”

Source:

[1] April 6, 2014, “Snowden, Greenwald urge caution of wider government monitoring at Amnesty event”

[2] April 4, 2014, “The ‘Cuban Twitter’ Scam Is a Drop in the Internet Propaganda Bucket”, © First Look Productions

[3] The documents are: 1. “Full-Spectrum Cyber Effects”, and 2. “2009 SigDev Conference”

Journalists Who Broke News on N.S.A. Surveillance Return to the U.S.

Journalists Who Broke News on N.S.A. Surveillance Return to the U.S.

http://news.yahoo.com/2-reporters-probed-nsa-surveillance-back-us-165212692.html

NEW YORK (AP) — Two reporters central to revealing the massive U.S. government surveillance effort returned to the United States on Friday for the first time since the story broke and used the occasion to praise their exiled source: Edward Snowden.

Glenn Greenwald and Laura Poitras of The Guardian became a story of their own amid speculation they could be arrested upon arriving at Kennedy Airport. They were instead confronted by only reporters and photographers before fighting through traffic en route to a midtown Manhattan hotel to receive a George Polk Award for national security reporting.

In remarks before an audience of other journalists and editors, the pair credited the courage of Snowden, the former NSA contractor who leaked the information for their story.

"This award is really for Edward Snowden," Poitras said.

Greenwald said, "I hope that as journalists we realize not only the importance of defending our own rights, but also those of our sources like Edward Snowden."

The pair shared the award with The Guardian's Ewen MacAskill and Barton Gellman, who has led The Washington Post's reporting on National Security Agency surveillance. Revelations about the spy programs were first published in the two newspapers in June.

At the airport, Greenwald said he and Poitras were not "100 percent sure" they could enter the U.S. without being arrested. He said lawyers had been seeking assurance from the Justice Department "and they purposefully wouldn't give them any information about whether we were the target of a grand jury or whether there was already an indictment that was under seal."

Still, Greenwald said he "expected that they wouldn't be that incredibly stupid and self-destructive to try and do something that in the eyes of the world would be viewed as incredibly authoritarian."

After the award ceremony, Greenwald told reporters that he still speaks regularly to Snowden, who was granted asylum in Russia for a year. He said Snowden was aware Greenwald and Poitras were to be honored in New York and "was very supportive of that."

Republican U.S. Rep. Peter King, who leads the House Homeland Security subcommittee on counterterrorism and intelligence, called Greenwald "a disgrace to journalism and the country."

"No American should give Glenn Greenwald an award for anything," he said.

Snowden has been charged with three offenses in the U.S., including espionage, and could face up to 30 years in prison if convicted.

The disclosures have led to proposed overhauls of some U.S. surveillance programs, changes in the way the government spies on foreign allies, additional disclosures to defendants in some terrorism cases and demands from private companies to share details about government cooperation with their customers and shareholders.

Journalist alleges Ed Snowden claims CIA spies on charity organisations

Journalist alleges Ed Snowden claims CIA spies on charity organisations

Two of the journalists who helped the whistleblower Edward Snowden leak thousands of secret American documents are due to fly into New York later tonight - their first attempt to enter the USA since the story broke. Glenn Greenwald and Laura Poitras are hoping to to accept a prestigious journalism award for national security reporting. Mr Greenwald's partner David Miranda was detained at London's Heathrow last August and had his electronic equipment taken, before being released after a press outcry.

MARK COLVIN: Two of the journalists who helped the whistleblower Edward Snowden leak thousands of secret American documents are due to fly into New York later tonight - their first attempt to enter the USA since the story broke.

Glenn Greenwald and Laura Poitras are hoping to accept a prestigious journalism award for national security reporting.

Mr Greenwald's partner David Miranda was detained at London's Heathrow last August and had his electronic equipment taken before being released after a press outcry.

Meanwhile Edward Snowden himself appeared via video link before the European Council this week and said the American National Security Agency - the NSA - spied on major human rights organisations.

Luke Harding of the Guardian reported that story and he's the author of a new book, 'The Snowden Files'.

I asked him about the allegations of spying on organisations like Amnesty.

LUKE HARDING: We don't have the details, but what we do know about the NSA and human rights organisation is that, according to Edward Snowden, Skyped him from Moscow, the NSA is spying on human rights organisations: big ones, small ones, American ones.

He didn't actually name names, but he was asked specifically by a group of Council of Europe members whether the US was essentially eavesdropping on this highly sensitive communications of human rights groups like Amnesty International and Human Rights Watch, and he gave an emphatic answer: yes, absolutely they are, including within the borders of the United States.

MARK COLVIN: And Ken Roth of Human Rights Watch was actually in Australia during the last two weeks. He would have been spied on here then?

LUKE HARDING: One doesn't know, I mean we haven't seen the documents. It's highly possible. What we do know is that the NSA has a voracious appetite for all sorts of information and that it's kind of objective, it's kind of global objective, if you like, is to collect of the signals all of the time, in the words of General Alexander, the head of the NSA who's just retired.

In other words, they want everything. They want everybody's metadata; they want telephony records; they want the lot, and of course human rights organisations which work in some tricky parts of the world and have some quite interesting partners are a fairly obvious target.

But having said that, the way we've been covering this story, we journalists, Edward Snowden's media partners: the Guardian, New York Times, Spiegel and others, is that we've tried to get all the documents. In other words, we've only reported really what we've been able to prove and verify and which we think is in the public interest.

But, clearly, spying on human rights organisations is a matter of public interest.

MARK COLVIN: Well he also talked about a program called XKeyscore, which the NSA and its partners, which include Australia's intelligence agencies use to trawl through metadata. Could you explain a bit about that?

LUKE HARDING: It's a complex program. It's also an extremely powerful program. What was quite interesting about this is that this is something we wrote about, the Guardian, back in July of last year in a long story written by Glenn Greenwald, who then of course was working for us - now, isn't anymore.

But, in essence, it's a very powerful device which allows analysts, including Snowden, who said that he'd done this himself, to pick a selector if you like, which means a sort of keyword, and to search accordingly through vast quantities of emails, web chats, metadata - which means the who you're sending the email to, their address, your address and so on. And, I don't know if you remember, but at one point last year, Edward Snowden said that he, sitting at his desk, could actually search the private communications of everybody, including the president of the United States if he had a private email address for him.

Now the NSA have poo-pooed this and said this is not true. But it's clearly, according to Snowden on Tuesday, XKeyscore is the tool which allows essentially the NSA to surveil everybody on the planet.

MARK COLVIN: And, there's a been a lot of argument recently, particularly with police and intelligence agencies, arguing that they should have more access to metadata. Now, others are fighting back and saying that metadata can give those agencies a window into pretty much your whole life.

Who's right about that?

LUKE HARDING: I'm afraid the critics are right. Metadata is incredibly revealing. We're talking about what you search online; we're talking about who you contact; we're talking about people who, in the privacy of their own homes, will reveal their sexual orientation perhaps, their political affiliation, their religious views, who they're in contact with, using metadata - the record of your electronic transactions.

You can construct a rich electronic narrative of an individual's life: their predilections, their secrets, their joys, their sorrows. It's all there and, really, the spies are being disingenuous when they say, "Oh, it's not content; it doesn't count."

They can know practically everything about you.

MARK COLVIN: When Edward Snowden was talking to the Council of Europe, by what means was he talking and was it controversial that he was talking?

LUKE HARDING: The Council of Europe invited him and he spoke. The European Parliament, which is a slightly different body wanted to do this, but had chickened out in the end. I think that what's quite interesting is that we've seen a lot of online chats from Snowden in the past few weeks.

He's spoken to a couple of technology conferences in the United States. He spoke to an Amnesty International conference recently, and now he's talked directly to Europe, to this important human rights body, and I think that it's a sort of strategy change by Snowden who really for the first six months when he was stuck in Moscow, was pretty reclusive. He didn't meet anybody apart from his family. He met one reporter, Barton Gellman from the Washington Post in December.

But, since the beginning of this year, I think we've seen him try and make his case more and I think the strategic goal is actually to change the political climate in the United States so that, at some point, the White House - maybe not this White House - maybe a future White House will be in a position to give him clemency.

MARK COLVIN: Journalist, Luke Harding. His book is called 'The Snowden Files'.

Silicon Valley could force NSA reform, tomorrow. What’s taking so long?

Silicon Valley could force NSA reform, tomorrow. What's taking so long?

Tech CEOs are complaining, but bills are languishing. Time for internet companies to pull an OKCupid and call out the NSA, on every homepage

CEOs from Yahoo to Dropbox and Microsoft to Zynga met at the White House, but are they just playing for the cameras?

With Glenn Greenwald and Laura Poitras triumphantly returning to the US to accept the Polk Award with Barton Gellman and Ewan MacAskill yesterday, maybe it's time we revisit one of their first and most important stories: how much are internet companies like Facebook and Google helping the National Security Agency, and why aren't they doing more to stop it?

The CEOs of the major tech companies came out of the gate swinging 10 months ago, complaining loudly about how NSA surveillance has been destroying privacy and ruining their business. They still are. Facebook founder Mark Zuckerberg recently called the US a "threat" to the Internet, and Eric Schmidt, chairman of Google, called some of the NSA tactics "outrageous" and potentially "illegal". They and their fellow Silicon Valley powerhouses – from Yahoo to Dropbox and Microsoft to Apple and more – formed a coalition calling for surveillance reform and had conversations with the White House.

But for all their talk, the public has come away empty handed. The USA Freedom Act, the only major new bill promising real reform, has been stalled in the Judiciary Committee. The House Intelligence bill may be worse than the status quo. Politico reported on Thursday that companies like Facebook and are now "holding fire" on the hill when it comes to pushing for legislative reform.

The keepers of the everyday internet seem to care more about PR than helping their users. The truth is, if the major tech companies really wanted to force meanginful surveillance reform, they could do so tomorrow. Just follow the example of OKCupid from last week.

Mozilla, the maker of the popular Firefox browser, was under fire for hiring Brendan Eich as CEO because of his $1,000 donation in support of Prop 8 six years ago, and OKCupid decided to make a political statement of its own by splashing a message criticizing Mozilla before would-be daters could get to OKCupid's front page. The site even encouraged users to switch to another browser. The move made the already smoldering situation explode. Two days later, Mozilla's CEO was out of a job, and OKCupid got partial credit for the reversal.

The leading internet companies could easily force Congress' hand by pulling an OKCupid: at the top of your News Feed all next week, in place of Monday's Google doodle, a mobile push alert, an email newsletter: CALL YOUR MEMBER OF CONGRESS. Tell them to SUPPORT THE USA FREEDOM ACT and tell the NSA to stop breaking common encryption.

We know it's worked before. Three years ago, when thousands of websites participated in an unprecedented response to internet censorship legislation, the Stop Online Piracy Act (Sopa), the public stopped a once-invincible bill in its tracks. If they really, truly wanted to do something about it, the online giants of Silicon Valley and beyond could design their systems so that even the companies themselves could not access their users' messages by making their texting and instant messaging clients end-to-end encrypted.

But the major internet outfits were noticeably absent from this year's similar grassroots protest – dubbed The Day We Fight Back – and refused to alter their websites à la Sopa. If they really believed the NSA was the threat so many of them have claimed, they'd have blacked out their websites in protest already.

In an emblematic moment for the nonchalance at the executive level of tech companies, Dropbox named former Secretary of State Condoleezza Rice to its board of directors this week. Besides being an Iraq war architect and torture advocate, Rice notoriously defended George W Bush's outright illegal NSA warrantless wiretapping program when it first was revealed in 2005. Not exactly a vote of confidence to users worried about government intrusion. Rice actually had to the gall to say she would help Dropbox "navigate" the national debate about privacy.

Among the rank-and-file engineers in Silicon Valley, there is widespread affinity for Edward Snowden and genuine anger at the US government. One of the most indelible anecdotes in all the NSA reporting came when the Washington Post reported the NSA had broken into the links between their overseas data centers:

Two engineers with close ties to Google exploded in profanity when they saw the drawing. "I hope you publish this," one of them said.

"The initial reaction from employees and engineers at big companies like Google after the NSA leaks was sort of a resounding 'how dare you?,'" security expert Chet Wisniewski told Buzzfeed on Friday. "I imagine now that there's the possibility companies like Yahoo, Akamai, Amazon might have been vulnerable, there will be a very similar reaction."

Turns out they were. Millions of websites have been affected by the OpenSSL so-called Heartbleed bug that was revealed this week, putting billions of people's personal information at risk. Now Bloomberg is reporting that the NSA has secretly been exploiting the bug for two years. (The US government denies this claim.)

It's amazing that entire internet, including big companies like Google and Facebook rely on this tiny OpenSSL foundation, which manages the free encryption library. They have four developers working on the project, and only one full time. Maybe these multi-billion dollar companies could throw in some money to help preserve the future of the internet. As cryptographer Matthew Green told the New York Times, 'If we could get $500,000 kicked back to OpenSSL and teams like it, maybe this kind of thing won't happen again."

To be sure, Snowden's revelations have sparked these companies to dramatically improve their security, which protects customers against not only the NSA but also other governments and criminals. "For that reason alone, we owe Edward Snowden our thanks," the ACLU’s principal technologist has said.

But many of the companies were also just implementing practices that security experts had been advocating for years – and as the Heartbleed bug showed, they were not enough.

And what about that Edward Snowden, the man who brought us all this of information? Many of these CEOs can't bring themselves to praise him in public, despite being "outraged" by the government's "illegal" activity. Only Zynga's founder – Marc Pincus, the man seated next to President Obama in that photo above – was brave enough to advocate for a pardon of Snowden after he and some of his fellow CEOS went to the White House in December.

Both Greenwald and Poitras made clear at the Polk awards here in New York on Friday: without Snowden, we'd have known exactly none of this.

Many of the billion-dollar companies involved in the NSA mess have faced allegations that they are more than willing participants in at least some of the surveillance programs, and a recent poll showed people trust them even less than the IRS. Which is saying something. If they want to say to us that they're serious, it's time that they took some serious action.

Use of overseas NSA wiretaps in domestic criminal cases facing legal challenges

http://www.latimes.com/nation/la-na-nsa-americans-20140407,0,629951.story

Use of overseas NSA wiretaps in domestic criminal cases facing legal challenges

A Colorado man is the first person to challenge the constitutionality of a law allowing the National Security Agency to tap foreign phone and email conversations that involve Americans.

WASHINGTON — When federal prosecutors charged Colorado resident Jamshid Muhtorov in 2012 with providing support to a terrorist organization in his native Uzbekistan, court records suggested the FBI had secretly tapped his phones and read his emails.

But it wasn't just the FBI. The Justice Department acknowledged in October that the National Security Agency had gathered evidence against Muhtorov under a 2008 law that authorizes foreign intelligence surveillance without warrants, much of it on the Internet. His lawyers have not been permitted to see the classified evidence.

....
Continue reading

Congress on Privacy & Surveillance

Congress on Privacy & Surveillance [COPS]

A number of prominent international speakers will discuss your right to information self-determination, the politics of privacy, how to deal with the secret cosmopolitan state within a state, and how to go forward. It is a congress of individuals to represent what is not (yet?) represented by institutions.

Videos at links:

  • Caspar Bowden: FISA, PRISM and Data Protection
  • http://slideshot.epfl.ch/play/cops_bowden

  • Nikolaus Forgó: Privacy and European Law
  • http://slideshot.epfl.ch/play/cops_forgo

  • Axel Arnbak: The Question Lawyers Don't Ask: Can Law Address Total Transnational Surveillance?
  • http://slideshot.epfl.ch/play/cops_arnbak

  • Bruce Schneier: at Congress on Privacy & Surveillance
  • http://slideshot.epfl.ch/talks/179

  • Richard Hill: Internet Freedom, Snowden, and Dubai
  • http://slideshot.epfl.ch/talks/180

  • Bill Binney: Democracy and Surveillance Technology
  • http://slideshot.epfl.ch/talks/181

  • Jacob Appelbaum: at Congress on Privacy & Surveillance
  • http://slideshot.epfl.ch/talks/182

    Ten Steps You Can Take Right Now Against Internet Surveillance

    Ten Steps You Can Take Right Now Against Internet Surveillance

    https://www.eff.org/deeplinks/2013/10/ten-steps-against-surveillance

    One of the trends we've seen is how, as the word of the NSA's spying has spread, more and more ordinary people want to know how (or if) they can defend themselves from surveillance online. But where to start?

    The bad news is: if you're being personally targeted by a powerful intelligence agency like the NSA, it's very, very difficult to defend yourself. The good news, if you can call it that, is that much of what the NSA is doing is mass surveillance on everybody. With a few small steps, you can make that kind of surveillance a lot more difficult and expensive, both against you individually, and more generally against everyone.

    Here are ten steps you can take to make your own devices secure. This isn't a complete list, and it won't make you completely safe from spying. But every step you take will make you a little bit safer than average. And it will make your attackers, whether they're the NSA or a local criminal, have to work that much harder.

  • Use end-to-end encryption. We know the NSA has been working to undermine encryption, but experts like Bruce Schneier who have seen the NSA documents feel that encryption is still "your friend". And your best friends remain open source systems that don't share your secret key with others, are open to examination by security experts, and encrypt data all the way from one end of a conversation to the other: from your device to the person you're chatting with. The easiest tool that achieves this end-to-end encryption is off-the-record (OTR) messaging, which gives instant messaging clients end-to-end encryption capabilities (and you can use it over existing services, such as Google Hangout and Facebook chat). Install it on your own computers, and get your friends to install it too. When you've done that, look into PGP–it's tricky to use, but used well it'll stop your email from being an open book to snoopers. (OTR isn't the same as Google Chat's option to "Go off the record"; you'll need extra software to get end-to-end encryption.)
  • Encrypt as much communications as you can. Even if you can't do end-to-end, you can still encrypt a lot of your Internet traffic. If you use EFF's HTTPS Everywhere browser addon for Chrome or Firefox, you can maximise the amount of web data you protect by forcing websites to encrypt webpages whenever possible. Use a virtual private network (VPN) when you're on a network you don't trust, like a cybercafe.
  • Encrypt your hard drive. The latest version of Windows, Macs, iOS and Android all have ways to encrypt your local storage. Turn it on. Without it, anyone with a few minutes physical access to your computer, tablet or smartphone can copy its contents, even if they don't have your password.
  • Strong passwords, kept safe. Passwords these days have to be ridiculously long to be safe against crackers. That includes the password to email accounts, and passwords to unlock devices, and passwords to web services. If it's bad to re-use passwords, and bad to use short passwords, how can you remember them all? Use a password manager. Even write down your passwords and keeping them in your wallet is safer than re-using the same short memorable password -- at least you'll know when your wallet is stolen. You can create a memorable strong master password using a random word system like that described at diceware.com.
  • Use Tor. "Tor Stinks", this slide leaked from GCHQ says. That shows much the intelligence services are worried about it. Tor is an the open source program that protects your anonymity online by shuffling your data through a global network of volunteer servers. If you install and use Tor, you can hide your origins from corporate and mass surveillance. You'll also be showing that Tor is used by everyone, not just the "terrorists" that GCHQ claims.
  • Turn on two-factor (or two-step) authentication. Google and Gmail has it; Twitter has it; Dropbox has it. Two factor authentication, where you type a password and a regularly changed confirmation number, helps protect you from attacks on web and cloud services. When available, turn it on for the services you use. If it's not available, tell the company you want it.
  • Don't click on attachments. The easiest ways to get intrusive malware onto your computer is through your email, or through compromised websites. Browsers are getting better at protecting you from the worst of the web, but files sent by email or downloaded from the Net can still take complete control of your computer. Get your friends to send you information in text; when they send you a file, double-check it's really from them.
  • Keep software updated, and use anti-virus software. The NSA may be attempting to compromise Internet companies (and we're still waiting to see whether anti-virus companies deliberately ignore government malware), but on the balance, it's still better to have the companies trying to fix your software than have attackers be able to exploit old bugs.
  • Keep extra secret information extra secure. Think about the data you have, and take extra steps to encrypt and conceal your most private data. You can use TrueCrypt to separately encrypt a USB flash drive. You might even want to keep your most private data on a cheap netbook, kept offline and only used for the purposes of reading or editing documents.
  • Be an ally. If you understand and care enough to have read this far, we need your help. To really challenge the surveillance state, you need to teach others what you've learned, and explain to them why it's important. Install OTR, Tor and other software for worried colleagues, and teach your friends how to use them. Explain to them the impact of the NSA revelations. Ask them to sign up to Stop Watching Us and other campaigns against bulk spying. Run a Tor node, or hold a cryptoparty. They need to stop watching us; and we need to start making it much harder for them to get away with it.
  • Cops more likely to kill you than Terrorists

    Cops more likely to kill you than Terrorists


    http://randazza.wordpress.com/2013/08/07/cops-more-likely-to-kill-you-than-terrorists/

    The next time you hear some whining coward (by that, I mean the majority of the American public) apologizing for the loss of our civil liberties in the name of “safety” from “terrorism,” remind them of this fact: You are eight times more likely to be killed by a cop than by a terrorist.

    http://www.cato.org/blog/youre-eight-times-more-likely-be-killed-police-officer-terrorist

    It is a little more nuanced than that, but the point is well taken.

    http://politicalscience.osu.edu/faculty/jmueller//ABAFIN.PDF