US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden.
The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments.
The agencies, the documents reveal, have adopted a battery of methods in their systematic and ongoing assault on what they see as one of the biggest threats to their ability to access huge swathes of internet traffic – "the use of ubiquitous encryption across the internet".
Is Any Private Data Safe from the Prying Eyes of Government?
Apparently not. From the Guardian:
What Do They Have on You?
A secretive consumer surveillance company is unveiling a new website that will let people see just what information has been collected on them. What do they have on you? From the New York Times:
Acxiom, one of the most secretive and prolific collectors of consumer information, is embarking on a novel public relations strategy: openness. On Wednesday, it plans to unveil a free Web site where United States consumers can view some of the information the company has collected about them, just as Mr. Howe did.It is quite a clever campaign since, in order to find out what information they have on you, you have to give them all your information.
The data on the site, called AbouttheData.com, includes biographical facts, like education level, marital status and number of children in a household; homeownership status, including mortgage amount and property size; vehicle details, like the make, model and year; and economic data, like whether a household member is an active investor with a portfolio greater than $150,000. Also available will be the consumer’s recent purchase categories, like plus-size clothing or sports products; and household interests like golf, dogs, text-messaging, cholesterol-related products or charities.
A Closer Look at the Syrian Electronic Army
From Krebs on Security:
A hacking group calling itself the Syrian Electronic Army (SEA) has been getting an unusual amount of press lately, most recently after hijacking the Web sites of The New York Times and The Washington Post, among others. But surprisingly little light has been shed on the individuals behind these headline-grabbing attacks. Beginning today, I’ll be taking a closer look at this organization, starting with one of the group’s core architects.
Earlier this year I reported that — in apparent observation of international trade sanctions against Syria – Network Solutions LLC. and its parent firm Web.com had seized hundreds of domains belonging to various Syrian entities. Among the domains caught in that action were several sites belonging to the SEA . . .
Labels:
hacking
Big Business and Big Government Working Together to Erode the Fourth Amendment
The war on drugs and the war on terror are in fact nothing more than a war on the Bill of Rights and the constitution of the United States. From the New York Times:
For at least six years, law enforcement officials working on a counternarcotics program have had routine access, using subpoenas, to an enormous AT&T database that contains the records of decades of Americans’ phone calls — parallel to but covering a far longer time than the National Security Agency’s hotly disputed collection of phone call logs.
The Hemisphere Project, a partnership between federal and local drug officials and AT&T that has not previously been reported, involves an extremely close association between the government and the telecommunications giant.The government pays AT&T to place its employees in drug-fighting units around the country. Those employees sit alongside Drug Enforcement Administration agents and local detectives and supply them with the phone data from as far back as 1987.
Homeland Security Is Going to Get in Your Face
If you thought Homeland Security checkpoints were intrusive, just wait until they start getting in your face. An oped in the New York Times:
the Department of Homeland Security is making considerable progress on a computerized tool called the Biometric Optical Surveillance System. The system, if completed, will use video cameras to scan people in public (or will be fed images of people from other sources) and then identify individuals by their faces, presumably by cross-referencing databases of driver’s license photos, mug shots or other facial images cataloged by name . . .
At the moment, there is little to no regulation or legal oversight of technologies like the Biometric Optical Surveillance System. We need to implement safeguards to protect our civil liberties — in particular, our expectation of some degree of anonymity in public.
The Department of Homeland Security is not the only agency developing facial-surveillance capacities. The Federal Bureau of Investigation has spent more than $1 billion on its Next Generation Identification program, which includes facial-recognition technology. This technology is expected to be deployed as early as next year and to contain at least 12 million searchable photos.
Facebook: "All Your Data Are Belong to Us"
Just in case there was any doubt, Facebook pwns your data. From the WSJ:
Goaded by a court decision, Facebook just wants to make it clear: they really can use everything they know about you – including your face.
The company announced Thursday that it was updating its privacy policies to clarify how the personal information of its more than 1 billion users gets collected and used by advertisers. In a blog post, Chief Privacy Officer Erin Egan outlined section-by-section changes to two legal documents, the Data Use Policy and the Statement of Rights and Responsibilities.
“As part of this proposed update,” Egan says, “we revised our explanation of how things like your name, profile picture and content may be used in connection with ads or commercial content to make it clear that you are granting Facebook permission for this use when you use our services.”
The Data Security Defense Race
Are we in for a defense and arms race between tech firms or groups dedicated to user privacy and government or corporate entities that seek to undermine that privacy? From Wired:
Technology companies are enabling security features that make certain types of government surveillance extremely difficult, and it’s a trend that’s set to continue. That’s why the U.S. government has long wanted laws that force tech companies to make their products wiretap friendly. . . .
In fact, advancements in the usability of cryptographic protocols have made anti-surveillance features relatively simple for technology companies to bake into their communications products. And public demand for greater security and privacy in the wake of Edward Snowden’s revelations may make it virtually obligatory for them to do so before new wiretapping laws can be introduced.
This heralds a looming standoff between technology companies and government . . .
Subscribe to:
Posts (Atom)