Category: Big Brother

Bruce Schneier on NSA and WannaCry

People inside the NSA are quick to discount these studies, saying that the data don’t reflect their reality. They claim that there are entire classes of vulnerabilities the NSA uses that are not known in the research world, making rediscovery less likely. This may be true, but the evidence we have from the Shadow Brokers is that the vulnerabilities that the NSA keeps secret aren’t consistently different from those that researchers discover. And given the alarming ease with which both the NSA and CIA are having their attack tools stolen, rediscovery isn’t limited to independent security research.

Bruce Schneier in Foreign Affairs: Why the NSA Makes Us More Vulnerable to Cyberattacks »

Social media vetting now in effect for US visas

“The U.S. is buttressing its paperwork walls with new requirements for social media disclosures as part of revised visa applications.” (…)

“The new questionnaire will ask for social media handles dating back over the last five years and biographical information dating back 15 years.” (…)

“Quoting an unnamed State Department official, Reuters reported that the additional information would only be requested when the department determines that ‘such information is required to confirm identity or conduct more rigorous national security vetting’.”

Techcrunch: US approves social media background checks for visa applicants »

Reuters: Trump administration approves tougher visa vetting, including social media checks »

The real cost of free WiFi?

EU Observer:

The European Commission, Parliament and Council (representing member states) agreed on Monday to a €120-million plan to install free wi-fi services in 6,000 to 8,000 municipalities across the EU by 2020. The scheme had been proposed by EU commission president Jean-Claude Juncker last September. How the system will be funded will have to be discussed and agreed before local authorities can start applying to it.

How kind. I guess a lot of people will be happy. But there might be unintended and unwanted consequences.

First of all, there is no such thing as a free lunch. In the end, this is €129M that somehow, forcefully will be taken from taxpayers.

Second, there must be much merriment within various mass surveillance organizations. This will make controlling the people that much easier.

And if you read the parliaments statement, there is mention of a »single authentication system valid throughout the EU«. This will have huge privacy implications. Can we please have a discussion about this first?

Third, it usually doesn’t end well when politicians start to meddle with what is supposed to be a free market. Is this at all fair competition? What will the consequences be when it comes to developing better and quicker commercial connections?

Finally, communal WiFi run by your local bureaucracy. What can possibly go wrong? Will it even work? How will surplus metadata that you generate be used? By whom? Wich web pages will be blocked?

/ HAX

War on terror: We are doing it wrong

Time and time again it turns out that terrorists have been known to authorities before their attacks.

In the tragic Manchester case, there had been numerous reports on the perpetrator. But these warnings were ignored. (This also happened under PM Theresa Mays watch as UK Secretary of State for the Home Department.)

• Manchester attack: UK authorities missed several opportunities to stop suicide bomber Salman Abedi »
• Manchester Bomber Was Repeatedly Reported to Authorities Over Five Years »
• Manchester attacks: MI5 probes bomber ‘warnings’ »

Despite of this – governments insist that the way to fight terrorism is more mass surveillance, infringing on ordinary, decent peoples right to privacy.

This approach is counterproductive – and will make us all less safe.

Clearly, surveillance should be focused on people we have reason to believe are dangerous to others.

And most of these people can be identified, e.g. by their association with others or after having traveled to places of certain types of war and conflict.

Authorities refusal to take a reasonable approach to this issue raises questions about the real purpose of government surveillance schemes.

/ HAX

UK to move against end-to-end encryption after general election

Once again there are indications the UK government intends to use the law to lean on encryption. A report in The Sun this week quoted a Conservative minister saying that should the government be re-elected, which polls suggest it will, it will move quickly to compel social media firms to hand over decrypted data.

Techcrunch: Could the UK be about to break end-to-end encryption? »

G7 Group unite to limit free speech

Dear all,

Please take notice that the G7 meeting just decided to beef up censorship and control of the Internet.

If you make censorship possible at all – sooner or later it will be used by sinister minds.

Please – do not limit the freedom of speech. We cannot silence or put people in prison, simply because we do not agree with whatever they are saying. (Unless they are a direct threat to other people’s immediate security. And if so, only after a fair trial respecting fundamental human rights.)

Giving Big Government and Big Data control over the freedom of the word – that must not happen.

/ HAX

EU member states pushing for video censorship and cultural protectionism

In the EU, member states are pressing on for censorship of online video:

European Union ministers have approved proposals to make social media companies such as Facebook, Twitter and Google’s YouTube tackle videos with hate speech on their platforms.

The proposals, which would be the first legislation at EU level on the issue, still need to be agreed with the European Parliament before becoming law.

And, under the same scheme, there is a totally unrelated proposal for cultural protectionism:

The proposals also include a quota of 30 per cent of European films and TV shows on video streaming platforms such as Netflix and Amazon Prime Video.

Member states will also be able to require video-sharing platforms to contribute financially to the production of European works in the country where they are established and also where they target audiences.

Daily Mail: EU ministers approve plans to force Facebook, YouTube and Twitter to tackle hate speech videos »

»Theresa May to shut down the internet as we know it«

“Some people say that it is not for government to regulate when it comes to technology and the internet,” it states. “We disagree.”

The Independent: Theresa May to Crete New Internet that would be Controlled and Regulated by Government »

Pull the various tech-related manifesto pledges together and – if the polls are correct and May wins a majority in next month’s election – the Conservatives could have a mandate from the British public for a significant extension of internet regulation, all based on the idea that a government’s duty to protect citizens exists just as much on the internet as it does in the real world.

Buzzfeed: Theresa May Wants To Regulate The Internet »

“Balances” freedoms? Freedoms aren’t supposed to be “balanced.” They’re supposed to be supported and protected. And when you have your freedoms protected, that also protects users. Those two things aren’t in opposition. They don’t need to be balanced. As for “obligations for businesses and platforms” — those five words are basically the ones that say “we’re going to force Google and Facebook to censor stuff we don’t like, while making it impossible for any new platform to ever challenge the big guys.” It’s a bad, bad idea.

Techdirt: Theresa May Plans To Regulate, Tax And Censor The Internet »

WannaCry: NSA knew about the dangers

It appears the NSA finally engaged in the Vulnerabilities Equity Process — not when it discovered the vulnerability, but rather when it became apparent the agency wouldn’t be able to prevent it from being released to the public. (…)

Officials called it “fishing with dynamite.” The exploit gave the NSA access to so much on compromised computers, the agency obviously couldn’t bear the thought of voluntarily giving up such a useful hacking tool. But when it was first deployed, some inside the agency felt the vulnerability might be too powerful to be left undisclosed.

Techdirt: NSA Was Concerned About Power Of Windows Exploit Long Before It Was Leaked »

The future of profiling

Even worse, profiling and similar techniques are increasingly used not just to classify and understand people, but also to make decisions that have far-reaching consequences, from credit to housing, welfare and employment. Intelligent CCTV software automatically flags “suspicious behaviour”, intelligence agencies predict internet users’ citizenship to decide they are foreign (fair game) or domestic (usually not fair game), and the judicial system claims to be able to predicts future criminals.

As someone once said: it’s Orwell when it’s accurate and Kafka when it’s not.

Privacy International » Cambridge Analytica Explained: Data and Elections »