Ars Technica: Top European court to snooping governments: Mass surveillance needs judicial oversight »
Archive | January, 2016
Routers, a tool for Big Brother?
Routers, for example, capture ‘chatter’ from smartphones, tablets and wearables, including successful and failed attempts to log onto a network, as well as the time they attempted to connect.
In addition, routers capture a media access control (MAC) address from mobile devices, which are unique identifiers for each phone, laptop or tablet that try to connect to the network.
EFF @ 32c3: Crypto Wars Part II
Here is an interesting video from the 32c3 congress in Hamburg in December: Crypto Wars Part II — The Empires Strike Back.
Speaker: Kurt Opsahl, EFF
https://youtu.be/BweBCNBxJxM
Description:
Governments around the world are seeking to put a stop to secure end-to-end encryption, from the UK’s Data Retention and Investigatory Powers Act, to Australia’s Defence Trade Controls Act, to India’s draft proposal to require plain text copies of all secure messages, to the United States’ Federal Bureau of Investigation’s public pressure on global companies like Apple and Google to weaken their security and provide law enforcement access to plain text content.
Yet it is impossible to give these governments what they want without creating vulnerabilities that could be exploited by bad actors. Moreover any attempt to prevent people from writing and publishing strong encryption without backdoors conflicts with the right to freedom of expression enshrined in Article 19 of the Universal Declaration of Human Rights.
This presentation will address the history of crypto wars, update the audience with the latest information on government proposals from around the world, and discuss how we can fight for a future that will allow for secure communications for everyone. The discussion will also include information about EFF’s effort to protect and promote strong encryption, including the Secure Messaging Scorecard, Encrypt the Web report and the Who Has Your Back reports.
The presentation will explain how the unintended consequence of these efforts to provide law enforcement unfettered access to communications for users’ privacy and the security of the Internet far exceeds the benefits that would be gained. The proposals are often made in the name of protecting national security, but are likely to have severe economic, political and social consequences for these nations and their citizens, while doing little to protect their security. Contrary to these government proposals, encryption has a critical role to play in national security by protecting citizens against malicious threats. The harm to the public that can be presented by lax digital security has been illustrated too many times: weak or flawed cryptography led to vulnerabilities such as Logjam and FREAK that compromised the transport layer security protocols used to secure network connections worldwide. Encryption is not only essential to protecting free expression in the digital age – it’s also a critical part of national security.
This presentation will address the history of crypto wars, update the audience with the latest information on government proposals from around the world, and discuss how we can fight for a future that will allow for secure communications for everyone. The discussion will also include information about EFF’s effort to protect and promote strong encryption, including the Secure Messaging Scorecard, Encrypt the Web report and the Who Has Your Back reports.
Highligts from Chaos Communication Congress 2015 — 32c3
A threat against freedom of association and assembly
Data retention might be used by the authorities to connect the dots between people, creating sociograms.
But it’s not only about who you talk with on the phone, text or e-mail. Data retention also includes people’s mobile positions. This makes it easy to draw conclusions about who you are meeting with, where and when.
While data retention makes it possible to determine people’s general positions, there are even more precise tools such as IMSI-catchers a.k.a. “Stingrays“. Small, portable fake cell phone base stations like these are perfect for identifying people participating in a political meeting, a rally or a debating society.
This is a law enforcement dream coming trough. But it’s also obviously problematic when it comes to freedom of association and assembly.
This equipment opens the door for wholesale registration of people’s political affiliations.
The freedoms of association and assembly are essential in a democratic society. It is a prerequisite for the existence of traditional political parties. It is necessary to make political activism possible. And it is fundamental to the people’s right to organise, protest and oppose those in power.
What intelligence organisation or government could resist using such a tool to keep track of opponents and dissidents? And if not today, what about tomorrow?
This is not only about possible government abuse of power. It can just as well be used by foreign powers. Or by criminals and terrorists, as IMSI-equipment is available on the open market. Imagine the damage that can be done. (It is possible to collect identities and print a hit-list almost instantly.)
This is not some dystopian prediction. Data retention is very real and Stingrays are most certainly already in the wrong hands. All you can do to protect yourself is to leave your mobile at home. But I guess people won’t.
/ HAX
Britain’s Secret Surveillance
A trailer for the upcoming Vice documentary Britain’s Secret Surveillance.
Meanwhile, in Germany…
(T)he publishers insisted that Google’s News search was somehow illegal and taking money away from them, and thus they demanded money from Google. When Google responded, instead, by removing the snippets providing summaries to their stories, the publishers claimed it was unfair and blackmail. In short, not only do these German publishers want Google to pay them to send them traffic, they want such payments and traffic to be mandatory. (…)
If you thought the situation was over, you underestimated the short-sightedness of VG Media and the German publishers. They’ve now apparently filed a lawsuit against Google over all this, taking the issue into court. Again: this is all because Google is sending their websites traffic… for free.
German Publishers Still Upset That Google Sends Them Traffic Without Paying Them Too; File Lawsuit »
Turning friends into threats
By HAX on January 6, 2016 in Big Brother, Data Protection, Data Retention, Facebook, Google, Privacy, surveillance
Some weeks ago there was some attention and upset reactions about the Chinese concept of “Sesame Credits”. It’s all about what you say, read, buy and do on the Internet. Your credit status then might decide if you can get e.g. a bank loan or permission to travel abroad.
Nasty indeed. But what make the whole thing really upsetting is that your credit status also will be affected by what your friends do online. This really is a diabolic tool for “social control”. (Video»)
It is easy to believe that it is only those communists in China and such anti-democratic regimes that could apply a system like this.
But, actually, most western democracies can easily do the same thing with data retention. This is a perfect tool for building sociograms. A sociogram is a map showing who is connected to who when it comes to the internet and telecommunications. How the authorities look at you can be determined by the friends you have (and by what friends they have).
So, even if you have “nothing to hide” — you still certainly do have something to fear.
And it’s not just about data retention. The same (or even more detailed) information is collected by Facebook and Google. It most certinly can be obtained by the authorities — and is probably also for sale out there. It would be very strange if various intelligence agencies don’t already have access to this information.
In this way, Big Brotherism is breaking down trust between people in our societies. And that is a very bad thing.
/ HAX
Why people should care
Robin Doherty: Why privacy is important, and having “nothing to hide” is irrelevant »
Dutch government backs encryption
Confidence in secure communication and storage data is essential for the future growth potential of the Dutch economy, which is mainly in the digital economy.
Dutch government backs strong encryption, condemns backdoors »