Real NSA Reform

President Obama kicked off a meek and week NSA reform effort. The EFF has described what real reform would involve. [Reposted with creative commons permission by the EFF): 1. Stop mass surveillance of digital communications and communication records. It doesn’t matter what legal authority is being cited—whether it’s the Patriot Act, the FISA Amendments Act, or an executive order—the government should not be sweeping up massive amounts of information by and about innocent people first, then sorting out whether any of its targets are included later. The NSA has disingenuously argued that simply acquiring this data isn’t actually "collecting" and that no privacy violation can take place unless the information it stores is actually seen by a human or comes up through an automated searches of what it has collected. That’s nonsense. The government’s current practices of global dragnet surveillance constitute general warrants that violate the First and Fourth Amendments, and fly in the face of accepted international human rights laws. Obama needs to direct the NSA to engage only in targeted surveillance and stop its programs of mass surveillance, something he can do with a simple executive order. 2. Protect the privacy rights of foreigners. The NSA's surveillance is based upon the presumption that foreigners are fair game, whether their information is collected inside the US or outside the US. But non-suspect foreigners shouldn't have their communications surveilled any more than non-suspect Americans. The review group recommended limited protections for non-US persons and while that is a good start, the president should do more to ensure that actual suspicion is required before either targeted or untargeted surveillance of non-US persons. 3. Don’t turn communications companies into the new Big Brother: no data retention mandate. Obama’s review group recommended ending the NSA’s telephone records program, which we strongly agree with, but then indicated that a reasonable substitute would be to force American communications companies to store the data themselves and make it available to the government. The group ultimately recommended a data retention mandate if companies won’t comply voluntarily. But companies shouldn’t be pressed into becoming the NSA’s agents by keeping more data than they need or keeping it longer than they need to. To the contrary, companies should be working on ways to store less user data for less time—decreasing the risks from data breaches and intrusions like the one that just happened to Target. Data retention heads in the wrong direction for our security regardless of whether the government or private parties store the information. 4. National Security Letters need prior judicial review and should never be accompanied by a perpetual gag order. One recommendation of the review group we heartily endorse is reining in National Security Letters. The FBI uses these letters to demand user data from communications service providers with no judicial review. Providers are forbidden from talking about receiving NSLs, which means the letters also serve as perpetual gag orders. EFF was successful in convincing a federal judge to strike down these NSLs last year. The case is on appeal but Obama can remedy the situation more quickly by instructing the FBI not to issue NSLs without prior judicial review, and to limit its use of gag orders. 5. Stop undermining Internet security, weakening encryption, and infiltrating companies. Recent revelations show that the NSA is undermining Internet encryption, making us all less secure when we use technology. These practices include weakening standards, attacking technology companies, and preventing security holes from being fixed. As the president’s review group recognized, this has serious consequences for any industry that relies on digital security—finance, medicine, transportation, and countless others, along with anyone in the world who relies on safe, private communication. Obama should follow the recommendations of his review group and immediately stop the NSA’s efforts to undermine or weaken the security of our technologies. [More]

Continue ReadingReal NSA Reform

Is there anyone out there still defending the NSA?

Is there anyone out there still defending the NSA and criticizing Edward Snowden? The NSA is thoroughly corrupt.  Why the fuck do they think that law abiding citizens put locks on our doors and carefully employ passwords when we use our devices on the internet? This is arrogant and illegal activity--just because their big budget has allowed them to invade our privacy ubiquitously doesn't make it legal. Hundreds or thousands of NSA operatives should be escorted out in handcuffs, starting with those at the top. Consider today's report by Der Spiegel--it is a detailed article filled with red flags:

Sometimes it appears that the [NSA's] spies are just as reliant on conventional methods of reconnaissance as their predecessors. Take, for example, when they intercept shipping deliveries. If a target person, agency or company orders a new computer or related accessories, for example, TAO can divert the shipping delivery to its own secret workshops. The NSA calls this method interdiction. At these so-called "load stations," agents carefully open the package in order to load malware onto the electronics, or even install hardware components that can provide backdoor access for the intelligence agencies. All subsequent steps can then be conducted from the comfort of a remote computer. These minor disruptions in the parcel shipping business rank among the "most productive operations" conducted by the NSA hackers, one top secret document relates in enthusiastic terms. This method, the presentation continues, allows TAO to obtain access to networks "around the world."

Continue ReadingIs there anyone out there still defending the NSA?

Sign of the times regarding government surveillance

Back in June, ProPublica published an article advising methods for communicating over the Internet while maintaining privacy. Edward Snowden's revelations have now caused ProPublica to issue a big red flag on its article. Encryption might no longer be effective. How did we get to this point where it is obviously illegal for the government to break into my house and rummage through my drawers without probable cause, but they rummage through my data with the help of and coercion of corporate communications companies? They do it because they CAN do it. These revelations also point out that in the political world explanations are streams of sounds (or scribbles) that would lack any punch except that they are created by entities that can threaten violence. In the case of the NSA, it is the violence of the police state. It is a violence so pronounced that it has ruined the possibility of investigative journalism which, until recent times, was the People's best chance to keep their government in check.

Continue ReadingSign of the times regarding government surveillance

Encryption tools for journalists

Glenn Greenwald recently answered questions on Reddit, including the following: Reddit comment: "Thanks for doing this. At the university I work at, we are putting together a workshop for Media Professionals, including journalists regarding IT security. We plan on covering: PGP, truecrypt, TOR, OTR, and strongbox. What tools, concepts, or techniques should we be teaching aspiring journalists?" Glenn Greenwald: "That's so great to hear. One of the most gratifying things I've seen since this all started is how many journalists now communicate using PGP, Pidgen, OTR, TOR and similar instruments of encryption. Just as was true for me, so many national security journalists - including some of the most accomplished ones at large media outlets, the ones who work on the most sensitive materials - had no idea about any of that and used none of it. Now they do. In this age of a War on Whistleblowers and sources and ubiquitous surveillance, it's absolutely vital that journalists learn advanced encryption methods and use it." It's a shame that modern day journalists need to spend so much time learning about and using encryption technology to protect their sources from spying by the United States and other governments. What would the founding fathers have said about this more than 200 years ago, that the federal government is spying on its own citizens without probable cause and even spying on journalists?

Continue ReadingEncryption tools for journalists