Three Degrees of Separation from the NSA

If everyone is only six degrees of separation away from Kevin Bacon, according to the rules of the old game, how many degrees of separation do you think you are from a terrorist?  Officials at the NSA have admitted to a Congressional panel that they claim the prerogative to spy on everyone within three degrees of communicative separation from an individual they believe (with 51% certainty) may have a connection to some kind of terrorist activity.  That's a lot of people.  From the Guardian:

The National Security Agency revealed to an angry congressional panel on Wednesday that its analysis of phone records and online behavior goes exponentially beyond what it had previously disclosed.

John C Inglis, the deputy director of the surveillance agency, told a member of the House judiciary committee that NSA analysts can perform "a second or third hop query" through its collections of telephone data and internet records in order to find connections to terrorist organizations.

"Hops" refers to a technical term indicating connections between people. A three-hop query means that the NSA can look at data not only from a suspected terrorist, but from everyone that suspect communicated with, and then from everyone those people communicated with, and then from everyone all of those people communicated with.

Inglis did not elaborate, nor did the members of the House panel – many of whom expressed concern and even anger at the NSA – explore the legal and privacy implications of the breadth of "three-hop" analysis.

How Easy Is It to Hack a Cell Phone? Pretty Easy

From CNN:

An increasingly popular technology for extending cell-phone coverage ranges had a major security hole that went undetected for years, through which an attacker could eavesdrop on everything a target did on their phone, according to new research released on Monday.

The research brings to light previously unknown vulnerabilities in some models of femtocells, devices that mobile network operators use to bring wireless service to low-coverage zones. The compact boxes, which are typically as small as a standard cable modem, can be deployed in hard-to-reach spots like the top of an apartment building or a home in the mountains. Femtocells are also referred to as "network extenders," and analysts project that as many as 50 million of them will be in use by 2014.

Yahoo Wins Suit to Reveal Documents from Secret Court Proceedings

According to the Daily Dot, a court has ruled that documents relating to Yahoo's legal resistance to demands from the Federal government for access to its users' records will be declassified.  Excerpt:

Yahoo, initially vilified for being part of the PRISM program, which allows the National Security Agency (NSA) to tap it and other companies for users' information, is about to be vindicated.

A court ruled Monday that the Department of Justice must reveal classified documents from 2008 that Yahoo says will demonstrate that the company fought back against a secret court order to reveal their users' data.

"The Government shall conduct a declassification review of this Court's Memorandum Opinion of [Yahoo's case] and the legal briefs submitted by the parties to this Court," the ruling read. The Department of Justice has two weeks to estimate how long it'll take to declassify the documents and can still redact the parts it finds contains classified information.

Economic Fallout of the NSA Surveillance Scandal

From PC Mag:

Microsoft, despite denials, appears to be in bed with the NSA. Apparently all encryption and other methods to keep documents and discussions private are bypassed and accessible by the NSA and whomever it is working with. This means a third party, for whatever reason, can easily access confidential business deals, love letters, government classified memos, merger paperwork, financial transactions, intra-corporate schemes, and everything in between.

With that said, do you really want to buy a Microsoft product? Do you want to buy anything that gives easy access to snoops poking around at their leisure? If you'd think twice about this, then why would a foreign government rely on Microsoft Office with any confidence? Personally, if I were any foreign government or corporation, I'd stop using all Microsoft products immediately for fear of America spying on me. Nothing can be secret.

If I was a shareholder in any public company, I'd get up at the annual meeting and ask if the company was using Microsoft products and if so, I'd demand to know why it has not dumped them for something else . . . 

You've Been Skyped: Microsoft Provides NSA with Backdoor Access

The paranoiacs are proven right, yet again.  New documents reveal that Microsoft has provided the NSA with access to its users' audio and video chats on Skype, as well as email and message chat logs.  If you want secure messaging, you may have to revert back to carrier pigeons.  From Ars Technica:

Skype audio and video chats, widely regarded as resistant to interception thanks to encryption, can be wiretapped by American intelligence agencies, according to a new report in The Guardian. The report appears to contradict claims by Microsoft that it has not provided the contents of Skype communications to the government.

In a story published Thursday, based on documents leaked by former National Security Agency (NSA) contractor Edward Snowden, The Guardian offers some detail about extensive cooperation between the FBI, the National Security Agency, and Microsoft to enable government access to user communications via the intelligence tool known as PRISM. That cooperation included, according to the leaked NSA documents, enabling access to Outlook.com e-mails and chats, the SkyDrive cloud storage service, and Skype audio and video calls.

Anti-Tracking, Anonymous Search Engines Bloom in Aftermath of Mass Surveillance Leaks

If you're not using a search engine such as Duck Duck Go, then it is very likely that the search engine you are using is tracking your every move.  Search engines that value privacy and anonymity online are entering a boom following revelations of mass dragnet internet surveillance by government and business.  From The Guardian:

Gabriel Weinberg noticed web traffic building on the night of Thursday 6 June – immediately after the revelations about the "Prism" programme. Through the programme, the US's National Security Agency claimed to have "direct access" to the servers of companies including, crucially, the web's biggest search engines – Google, Microsoft and Yahoo.

Within days of the story, while the big companies were still spitting tacks and tight-lipped disclaimers, the search engine Weinberg founded – which pledges not to track or store data about its users – was getting 50% more traffic than ever before. That has gone up and up as more revelations about NSA and GCHQ internet tapping have come in.

"It happened with the release by the Guardian about Prism," says Weinberg, right, a 33-year-old living in Paoli, a suburb of Philadelphia on the US east coast. "We started seeing an increase right when the story broke, before we were covered in the press." From serving 1.7m searches a day at the start of June, it hit 3m within a fortnight.

Yet you've probably never heard of DuckDuckGo.

Florida Lawmakers May Have Made Internet Illegal

As if you needed any more evidence of the ineptitude of U.S. lawmakers, here's a story out of Florida on a lawsuit alleging that state lawmakers have inadvertently made computers and smart phones illegal in their zeal to crack down on gambling at internet cafes.  From PC Mag:

A law passed earlier this year, which was intended to crack down on illegal gambling at Internet cafes, is worded in such a way that some are concerned that it might actually allow for a ban of all smartphones and computers in the state.

A lawsuit filed by café owner Consuelo Zapata argues that, among other things, the bill "interfere[es] with the promotion of goods and services — computers with Internet access — that are used for the communication of information and ideas."

The bill in question - HB 155 - was signed in to law by Gov. Rick Scott on April 10 and bans "electronic gambling devices."