Archive | Uncategorized

Security for whom?

I have spent many years fighting for liberty for people in the old communist east block. There people who spoke their mind were imprisoned. The judicial system was mastered by the political elite. And government kept control by a system of intrusive surveillance.

Obviously, that system was built to protect the ruling political class from the people.

In the end that system fell apart and people got their civil liberties and personal freedoms back.

Disturbingly, today that system is in a state of resurrection. Right here.

In my home country, Sweden, laws against hate speech are increasingly suppressing freedom of speech. Just the other day some oddball artist who makes a point of annoying almost everyone was thrown in jail, just because of his art. In lower Swedish courts there is no separation of politics and the judiciary, as co-magistrates are appointed by the political parties. With the data retention program all citizens all phone calls, text messages, e-mails, internet connections and mobile positions are being logged.

And it’s not just Sweden. In the UK government officials shows up at a newspaper to smash a computer containing incriminating information. And the US is turning into some sort of police state.

It is obvious that we–in what used to be the free world–are building a new system to protect the ruling political class from the people.

This is extremely dangerous. Especially as our politicians and bureaucrats show no sign of restraint when it comes to introducing new laws and systems that infringe our privacy and curb our civil rights.

That is why the people must protect itself from the government. Encryption and new forms of secure communications are needed to defend our right to privacy; Bitcoins can move power over our money back from politicians to ordinary people and the market; Using free and open software will make it harder for those with a hidden agenda to invade our IT environment; Supporting consumer friendly and privacy minded Internet service providers will safeguard a free flow of information.

Now is the time for ordinary people to reclaim power from the government. And we have the tools to do it.

/ HAX

0

Mass surveillance in the EU: What to expect

Just before the European elections, the European Parliament dug into the controversy of mass surveillance. Short of time, the EP managed to pinpoint some of the relevant issues. But the outcome was mainly in form of sweeping resolutions, expressing concern.

Now, the EP is not allowed to propose any new regulations or reforms by it self. The Parliament can ask for change. But only the European Commission may introduce any actual proposals.

At the moment, there is no new Commision, only a president. When it comes to surveillance, we don’t yet know who will be commissioner for the “interior” (police, security and border control). The surveillance issue will also be dealt with by the new commissioners for legal affairs; industry; telecoms and possibly also by a new commissioner dealing with human rights issues.

After the European Court of Justice overthrowing the EU directive on data retention, we can assume that a new and revised directive will be put forward relatively soon.

In this process the European Council (the member states) will be the third player. And there the opinions are deeply divided. Some MS would like to scrap data retention, while others like the UK and Sweden (NSA partners) are very insistent on continuing to store data on all citizens all telecommunications.

It is hard to tell about the outcome, but one possibility is that if the Parliament, the Commission and the Council cannot agree–there will be no new directive. If so, every member state will have decide for itself. (Keeping in mind that the ECJ considers warrantless blanket mass surveillance being in breach of human rights.)

Then we have the issue of NSA global mass surveillance, member states cooperating with the NSA and various national surveillance programs. In these matters member states are very clear that they consider them to be national issues, outside EU competence.

In this they are correct. And we should be thankful that surveillance as such is not an EU issue. (Centralized EU surveillance and intelligence would be a nightmare.) However, human rights are. And on that note we should expect the EP to continue fight member states over privacy issues related to surveillance policies.

There are also internal market and competition issues related to national surveillance programs. Those will be covered in the EU Data Protection Package, now being in limbo between outgoing and incoming EU institutions.

There is a sense of urgency in the EU apparatus when it comes to issues mentioned above. In the present power vacuum the EU bureaucracy will continue to prepare these matters without sufficient democratic oversight. That is cause for concern.

On a positive note, a newly elected European Parliament is always sensitive about activism, public debate and publicity.

So, the present interruption in EU policy making might actually be a window of opportunity for privacy and civil rights activists to strengthen their case.

/ HAX

0

Creating blind spots

Often, the perception of reality matters more than reality itself.

That is why PR firms, spin doctors and advertising exist.

As long as it is a matter of adding information that is relevant in some way, there is little or no harm in image building. Normally this is a good thing–even though we should be aware that just about all information is selective.

Lies and disinformation is another matter. But still informed citizens, critical readers and the net community can tackle deception.

However there is something that is much worse than lies. That is to remove or censor information. It is very difficult criticize or scrutinize what is not there.

That is why pulling Google links according to the “right to be forgotten” is so damaging. It creates blind spots. That technique can be used for all kinds of disturbing purposes. And, apparently, it is.

Wikipedia founder: EU’s Right to be Forgotten is ‘deeply immoral’ »

/ HAX

0

Secrecy or democracy?

For democracy to be a meaningful concept the people need to know what their governments are up to. If this is not the case, the process of electing politicians will be pointless and holding those elected accountable will be impossible.

Power is carried out in more and more murky ways, becoming increasingly opaque. (Ironically, this happens at the same time as our governments roll out new systems of mass surveillance of the people.)

There are the things we know. Most laws are made this way. This makes it possible to participate in an open process, to influence and to have a constructive public debate.

Then we have what we know that we do not know. But when we know what it is we don’t know – at least we can relate to it, try to find out what’s going on and demand openness.

And then there are the things that we do not know that we do not know. Things completely going on in the dark. Things that the people is not supposed to be aware of at all. The dirty little secrets of the few and powerful.

Naturally, there are some things that ought to be kept secret. At least for some time. This could concern certain ongoing diplomatic discussions, ongoing military activities and data concerning private citizens. But most things should get out in the open, as soon as possible.

Consider the US Embassy Cables, made public by Wikileaks and Chelsea Manning.

The US government–elected by the people–has one official policy and another, secret one on important issues.

This nullifies the very purpose of democratic elections. What is the point in voting, if politicians have a secret agenda that voters are not informed about? How should you know who to vote for? And how could you ever be able to evaluate and keep an elected government accountable?

And the Iraq and Afghanistan war diaries: If war is conducted in name of our countries, our values and for our tax money–why should the people not be allowed to know what’s really going on? And how can we even assume that our western military forces are doing the right thing, if relevant information is blacked out? “Trust us” is not a satisfactory answer.

Then we have the Snowden files: Government keeping secret from the people what it is doing to the people. This is a democratic faux pas, if there ever was one.

Or take negotiations on international trade agreements (ACTA, TTIP etc.) that are held behind closed doors.

When government functionaries have come to an agreement, nothing can be changed. What is stated in these agreements often have the same effects as law. And elected politicians in our parliaments can only adopt or reject these agreements in one piece. Nothing can be changed. This creates a fait accompli that short circuits the open, democratic process.

This is about democracy. For real. Governments are trying to suffocate it–and whistleblowers are trying to reanimate it.

And, trust me, there are lots of shady government policies and actions that we don’t even know that we don’t know about. At least not yet.

/ HAX

2

The coming revolution must be user friendly

I’m into privacy issues and the fight for a free and open Internet from a political background. Even though I’m not a complete technical idiot, I really don’t know what’s going on under the hood. Show me a command line, and I will freeze without a clue what to do about it.

So, I’m like most people.

At the same time, the world badly needs some tech-based change. We need to build platforms for digital currencies, as alternative to government fiat-money. We need to rise the prize for surveillance by building decentralized systems, by making encryption the default option and by developing various P2P solutions.

At present, this is far beyond the ordinary user.

Ergo: We need to make privacy orientated technology user friendly.

Last year international information activist Smári McCarthy made this very point in his keynote at FSCONS 2013. A few extracts…

“Most people don’t care about technology, they care about doing the things that are meaningful to them. They don’t want to spend all day fiddling with GnuPG’s parameters or figuring out whether their XMPP session is being transferred over SSL. They don’t want to know about IPSec or AES.”

“No. They want to be farmers, or merchants, or dentists or doctors. They want to teach our children languages and mathematics. They want to build houses or spaceships or plumbing or bridges or roads. They don’t have time to work with bad technology that we made badly because we didn’t care about them.”

“What’s worse: when companies that don’t care about those people either give them highly usable software that doesn’t respect their fundamental rights, most people will go for it because despite its failings, it at least gets the job done. If what we offer them as an alternative is not at least as good in terms of getting the job done – from the perspective of a nontechnical user, it does not matter at all how ideologically pure our offering is.”

Spot on.

I like to believe that I’m at least as smart as people in general. Still, I prefer to have some qualified guidance when diving into these things.

As a matter of fact, I had Pirate Party founder Rick Falkvinge to install everything on my Linux laptop. And to guide me into PGP. And Swedish Internet icon (and 5 July chairman) Oscar Swartz to get my Mac to act in a reasonably safe way. I might have managed myself. But it would have been a slow and very painful process.

But people in general don’t give a fuck. They choose user friendliness before privacy. They are happy if whatever they get from the Mediemarkt shelfs works, no matter how exposed it is to government surveillance.

To fight back, privacy oriented options and solutions supporting an free and open internet must be the best ones. They must be ordinary peoples natural and carefree choice.

This said with the greatest respect for all the fine people who are putting their time and energy into fighting Big Brother command line by command line.

/ HAX

Smári McCarthy at FSCONS 2013: Engineering Our Way Out of Fascism »

3

A dark Orwellian irony

For years, politicians have claimed that we have to “give up liberties to be safe”.

What exactly does that mean? What liberties are we expected to give up? To what extent?

A clue might be the phrase “to strike a balance between fundamental rights and security”. That is an expression often used when the EU deliberate on mass surveillance issues.

Fundamental rights are called fundamental because they are. They are essential. They mark a red line, that should never be crossed in a democracy. They exist to protect citizens from politicians and from the state.

To “give up” civil liberties or to “balance” fundamental rights is always to restrict them–changing the rules to incapacitate the people, handing more power over to Big Government.

From my point of view, to give up liberties or fundamental rights is to make people less safe.

To give up privacy, to compromise on rule of law and to limit free speech does only make society more safe if you define “society” as politicians and their functionaries. But if you think of society as the people, as citizens or as an open dynamic system–this kind of “safety” or “security” is pure newspeak.

At the same time government is getting evermore opaque.

It seems that we are caught in some sort of dark, Orwellian irony.

/ HAX

4

UN Human Rights Commissioner takes a stand against mass surveillance

UN High Commissioner for Human Rights Navi Pillay has released a very interesting report on the right to privacy in the digital age.

Among other things he disapprove of “collect-it-all” mass surveillance, mandatory data retention, and tech backdoors. Read more about this at EFF. »

He also urges the US not to prosecute Edward Snowden. »

Read the Human Rights Councils report on the right to privacy in the digital age here (PDF). »

0

Down the surveillance state rabbit hole: manipulating information

We all know that the NSA, GCHQ and others are involved in gathering information by means of mass surveillance.

Information is power and mass surveillance is a gold mine for government institutions and politicians.

Now we learn that the british NSA affiliate GCHQ is involved in manipulating information on the Internet.

It is nothing new that western intelligence organisations sometimes use aggressive methods, such as IT-attacks. But that they manipulate, influence and change information on the net is. (At least in their own countries. Even though we might have suspected it.)

This is something different than surveillance. This is deception on a Mind Control scale. This is government trying to change the way the general public perceive the world. This is the ruling classes undermining citizens possibilities to make informed choices. This is Orwellian.

Such methods simply do not belong in a democratic society.

Government officials and civil servants ought to remember that their job is to to serve the public. Politicians should remember that they are in office to represent the people. But apparently they do not.

/ HAX

Links:
The Intercept: Hacking Online Polls and Other Ways British Spies Seek to Control the Internet »
The Guardian: GCHQ has tools to manipulate online information, leaked documents show »

1

A leaky ship

The Snowden files do not only expose serious breaches of peoples right to privacy. They also prove that information will always be leaked.

The Atlantic writes…

“The agency collected and stored intimate chats, photos, and emails belonging to innocent Americans—and secured them so poorly that reporters can now browse them at will.”

This is not unique for the NSA. It goes for intelligence organisations and law enforcement agencies all over the world.

In my fight against the Swedish NSA-associate FRA, I found myself in possession of nonsensical surveillance information about more than a hundred Swedes. This made it clear that the FRA gathers information about people who are no threat to national security whatsoever. They are not suspected of any wrongdoing at all. But still, the information is collected. And leaked.

Over and over again we hear about people in law enforcement using their databases and information from surveillance to check up on ex-girlfriends, neighbours and personal enemies. Sometimes they slip information to criminal networks. Information is power and will always be used.

Information about our air travel is frequently shared between transport industry and government authorities. I have been assured by Swedish government officials that such data, on an EU level, is used in a responsible way–by the Swedes. That might be, or not. But how is such data handled in other EU countries, with high levels of corruption and murky legal systems?

There are many other cases when data and surveillance information is being misused. The only way to tackle this problem is to reduce the amount of personal details being collected and stored.

There should be no surveillance without a reasonable suspicion of serious wrongdoing. This is not only an important principle. It is also essential to protect ordinary people from having their personal data ending up in the wrong hands.

/HAX

2