Archive | January, 2016

Routers, a tool for Big Brother?

Routers, for example, capture ‘chatter’ from smartphones, tablets and wearables, including successful and failed attempts to log onto a network, as well as the time they attempted to connect.

In addition, routers capture a media access control (MAC) address from mobile devices, which are unique identifiers for each phone, laptop or tablet that try to connect to the network.

Daily Mail: Forget fingerprints, ROUTERS could soon help police solve crimes: Data collected by Wi-Fi devices can find and identify criminals »

1

EFF @ 32c3: Crypto Wars Part II

Here is an interesting video from the 32c3 congress in Hamburg in December: Crypto Wars Part II — The Empires Strike Back.

Speaker: Kurt Opsahl, EFF

Description:

Governments around the world are seeking to put a stop to secure end-to-end encryption, from the UK’s Data Retention and Investigatory Powers Act, to Australia’s Defence Trade Controls Act, to India’s draft proposal to require plain text copies of all secure messages, to the United States’ Federal Bureau of Investigation’s public pressure on global companies like Apple and Google to weaken their security and provide law enforcement access to plain text content.

Yet it is impossible to give these governments what they want without creating vulnerabilities that could be exploited by bad actors. Moreover any attempt to prevent people from writing and publishing strong encryption without backdoors conflicts with the right to freedom of expression enshrined in Article 19 of the Universal Declaration of Human Rights.

This presentation will address the history of crypto wars, update the audience with the latest information on government proposals from around the world, and discuss how we can fight for a future that will allow for secure communications for everyone. The discussion will also include information about EFF’s effort to protect and promote strong encryption, including the Secure Messaging Scorecard, Encrypt the Web report and the Who Has Your Back reports.

The presentation will explain how the unintended consequence of these efforts to provide law enforcement unfettered access to communications for users’ privacy and the security of the Internet far exceeds the benefits that would be gained. The proposals are often made in the name of protecting national security, but are likely to have severe economic, political and social consequences for these nations and their citizens, while doing little to protect their security. Contrary to these government proposals, encryption has a critical role to play in national security by protecting citizens against malicious threats. The harm to the public that can be presented by lax digital security has been illustrated too many times: weak or flawed cryptography led to vulnerabilities such as Logjam and FREAK that compromised the transport layer security protocols used to secure network connections worldwide. Encryption is not only essential to protecting free expression in the digital age – it’s also a critical part of national security.

This presentation will address the history of crypto wars, update the audience with the latest information on government proposals from around the world, and discuss how we can fight for a future that will allow for secure communications for everyone. The discussion will also include information about EFF’s effort to protect and promote strong encryption, including the Secure Messaging Scorecard, Encrypt the Web report and the Who Has Your Back reports.

Youtube »

0

A threat against freedom of association and assembly

Data retention might be used by the authorities to connect the dots between people, creating sociograms.

But it’s not only about who you talk with on the phone, text or e-mail. Data retention also includes people’s mobile positions. This makes it easy to draw conclusions about who you are meeting with, where and when.

While data retention makes it possible to determine people’s general positions, there are even more precise tools such as IMSI-catchers a.k.a. “Stingrays“. Small, portable fake cell phone base stations like these are perfect for identifying people participating in a political meeting, a rally or a debating society.

This is a law enforcement dream coming trough. But it’s also obviously problematic when it comes to freedom of association and assembly.

This equipment opens the door for wholesale registration of people’s political affiliations.

The freedoms of association and assembly are essential in a democratic society. It is a prerequisite for the existence of traditional political parties. It is necessary to make political activism possible. And it is fundamental to the people’s right to organise, protest and oppose those in power.

What intelligence organisation or government could resist using such a tool to keep track of opponents and dissidents? And if not today, what about tomorrow?

This is not only about possible government abuse of power. It can just as well be used by foreign powers. Or by criminals and terrorists, as IMSI-equipment is available on the open market. Imagine the damage that can be done. (It is possible to collect identities and print a hit-list almost instantly.)

This is not some dystopian prediction. Data retention is very real and Stingrays are most certainly already in the wrong hands. All you can do to protect yourself is to leave your mobile at home. But I guess people won’t.

/ HAX

0

Meanwhile, in Germany…

(T)he publishers insisted that Google’s News search was somehow illegal and taking money away from them, and thus they demanded money from Google. When Google responded, instead, by removing the snippets providing summaries to their stories, the publishers claimed it was unfair and blackmail. In short, not only do these German publishers want Google to pay them to send them traffic, they want such payments and traffic to be mandatory. (…)

If you thought the situation was over, you underestimated the short-sightedness of VG Media and the German publishers. They’ve now apparently filed a lawsuit against Google over all this, taking the issue into court. Again: this is all because Google is sending their websites traffic… for free.

German Publishers Still Upset That Google Sends Them Traffic Without Paying Them Too; File Lawsuit »

0

Turning friends into threats

Some weeks ago there was some attention and upset reactions about the Chinese concept of “Sesame Credits”. It’s all about what you say, read, buy and do on the Internet. Your credit status then might decide if you can get e.g. a bank loan or permission to travel abroad.

Nasty indeed. But what make the whole thing really upsetting is that your credit status also will be affected by what your friends do online. This really is a diabolic tool for “social control”. (Video»)

It is easy to believe that it is only those communists in China and such anti-democratic regimes that could apply a system like this.

But, actually, most western democracies can easily do the same thing with data retention. This is a perfect tool for building sociograms. A sociogram is a map showing who is connected to who when it comes to the internet and telecommunications. How the authorities look at you can be determined by the friends you have (and by what friends they have).

So, even if you have “nothing to hide” — you still certainly do have something to fear.

And it’s not just about data retention. The same (or even more detailed) information is collected by Facebook and Google. It most certinly can be obtained by the authorities — and is probably also for sale out there. It would be very strange if various intelligence agencies don’t already have access to this information.

In this way, Big Brotherism is breaking down trust between people in our societies. And that is a very bad thing.

/ HAX

0