omnibus PRISM/NSA/free Edward Snowden/encryption tutorial thread

fun in Fort Greene Park

http://mashable.com/2015/04/07/edward-snowden-hologram-statue-brooklyn/

oh, Clapper!

http://thehill.com/policy/technology/241508-spy-head-had-absolutely-forgotten-about-nsa-program

i guess for a few hours at least, the government isn't collecting our metadata

let's plot something

oh, naivete; the Zombie Patriot Act goes on.

http://www.thedailybeast.com/articles/2015/05/31/zombie-patriot-act-will-keep-u-s-spying-even-if-the-original-dies.html

I'm still irked that people don't remember that USA PATRIOT Act is an acronym.

http://en.wikipedia.org/wiki/Acronym#Contrived_acronyms

Pierce:

Let me say for the record that, because I am not five-years-old, I do not believe for a moment that the NSA has stopped collecting that data while Mitch McConnell tries to tease a vote out of his unruly caucus, nor do I believe for a moment that it will cease to do so if and when the compromise passes. The NSA's messianic delusions about its role in the world, which is something it has in common with the rest of the heroes of our intelligence community, will sustain it through these minor eruptions of actual democracy.

The one ray of hope to come out of the windbaggery yesterday is the fact that, for the first time since the attacks of 9/11, the national legislature came out from under the bed and confronted, however meekly, the idea that in the freedom-vs.-security debate, the sides ought to be at equal strength. For this, we have to thank Senator Aqua Buddha, who forced the issue. His performance was choppy and, occasionally, incoherent. The blog's Five Minute Rule was in effect throughout his presentation. For example, he found himself consistently incapable of pronouncing "Tsarnaev," and he botched (for his own rhetorical purposes) James Madison's famous quote from Federalist 51...

http://www.esquire.com/news-politics/politics/news/a35380/rand-paul-patriot-act/

As Washington weighs new cybersecurity steps amid a public backlash over mass surveillance, U.S. tech companies warned President Barack Obama not to weaken increasingly sophisticated encryption systems designed to protect consumers' privacy.

In a strongly worded letter to Obama on Monday, two industry associations for major software and hardware companies said, "We are opposed to any policy actions or measures that would undermine encryption as an available and effective tool."

The Information Technology Industry Council and the Software and Information Industry Association, representing tech giants, including Apple Inc, Google Inc, Facebook Inc, IBM and Microsoft Corp, fired the latest salvo in what is shaping up to be a long fight over government access into smart phones and other digital devices.

Obama administration officials, led by the FBI, have pushed the companies to find ways to let law enforcement bypass encryption to investigate illegal activities, including terrorism threats, but not weaken it so that criminals and computer hackers could penetrate the defenses.

So far, however, the White House has not spelled out specific regulatory or legislative steps it might seek.

http://www.reuters.com/article/2015/06/09/us-cybersecurity-usa-encryption-idUSKBN0OP09R20150609

find ways to let law enforcement bypass encryption to investigate illegal activities, including terrorism threats, but not weaken it so that criminals and computer hackers could penetrate the defenses

as anyone with any knowledge of information security will tell you, this is literally impossible

A digital network that would only allow the pure of heart to access its records, employing safeguards to restrict potential security breaches by Hacktivists and Vagabonds.

Obama has built quite a base by promising the literally impossible and doing what he wants

Meanwhile: British spies removed from operations after Russia and China crack codes to leaked Snowden files

(whether or not that story is even valid is entirely up to you)

seems it isn't, on evidence beyond "Murdoch-owned"

http://blog.erratasec.com/2015/06/how-we-really-know-sunday-times-story.html#.VX4WqtVVhBc

https://firstlook.org/theintercept/2015/06/14/sunday-times-report-snowden-files-journalism-worst-also-filled-falsehoods/

Summary of XKEYSCORE so far: https://firstlook.org/theintercept/2015/07/01/nsas-google-worlds-private-communications/

Not only does the document-leaker in Fort Leavenworth prison face limits on what she can read, but the banned books are often literary classics.

http://www.thestar.com/news/gta/2015/08/21/chelsea-mannings-banned-book-list-shockingly-long-dimanno.html

hey Brits

The mass surveillance operation — code-named KARMA POLICE — was launched by British spies about seven years ago without any public debate or scrutiny. It was just one part of a giant global Internet spying apparatus built by the United Kingdom’s electronic eavesdropping agency, Government Communications Headquarters, or GCHQ.

The revelations about the scope of the British agency’s surveillance are contained in documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden. Previous reports based on the leaked files have exposed how GCHQ taps into Internet cables to monitor communications on a vast scale, but many details about what happens to the data after it has been vacuumed up have remained unclear.

Amid a renewed push from the U.K. government for more surveillance powers, more than two dozen documents being disclosed today by The Intercept reveal for the first time several major strands of GCHQ’s existing electronic eavesdropping capabilities.

One system builds profiles showing people’s web browsing histories. Another analyzes instant messenger communications, emails, Skype calls, text messages, cell phone locations, and social media interactions. Separate programs were built to keep tabs on “suspicious” Google searches and usage of Google Maps.

https://theintercept.com/2015/09/25/gchq-radio-porn-spies-track-web-users-online-identities/

"According to Snowden's lawyer, Ben Wizner of the ACLU, @Snowden himself will be controlling the account."

https://theintercept.com/2015/09/29/edward-snowden-twitter-snowden/

https://www.youtube.com/watch?v=t3r51QI4Ctw

this is the best thing which has ever occurred

All morning I've been singing "and there won't be Snowden in Africa this Christmas ..."

So i rewatched Citizenfour, and i think it's Greenwald in either the David Carr interview or the outtakes on the DVD who points out that we now prefer to say PRIVACY for what we invariably used to refer to as LIBERTY.

So if we no longer "should have any expectation of privacy/liberty," as DJP has often suggested, what is the putative organizing principle of the country? I know we've been lying to ourselves about all kinds of shit for 239 years, but one needs a good cover story for a national credo. What is the Latin for "Retweeting Taylor Swift"?

"pecuniam tuam semper habe"

What's another word for pirate treasure ?

revenueoftheClintonFoundation

A constitution of "With privacy and justice for all" sure would make things different.

Also, turns out Snowden likes Harvey Danger.

"Paranoia, paranoia / Everybody's coming to get me"

i'm going underground with the moles digging holes

wow I'm glad I wasn't around for this thread.

I don't think we no longer "should have any expectation of privacy/liberty," FWIW my colleagues and I spend a LOT of time on privacy (liberty) protections and we serve as a counterweight in a lot of policy discussions about what cops/spies want vs. what citizens are entitled to. I think that after 9/11 when Cheney told DIRNSA and DNI "whatever it takes" we swung the pendulum back out towards Alien and Sedition Act territory, on bogus and shortsighted executive statutory flim flam, and now we're swinging back.

I think that the administration backed down from the "golden key" stuff that DHS and FBI and NSA leadership were publicly asking for from silicon valley types is a pretty good indicator that we're moving in a direction to restore a lot of what was lost in the fire.

(And maybe then some. And maybe even past the point where it's a good idea and where it really does make some legitimate (...to taste) law enforcement and intelligence activities impossible)

Tombot, you kinda gotta speak to what it is you and your colleagues do; it's been a while.

www.us-cert.gov

the "about us" page needs an update

I am pretty sensitive to having my ramblings here tied back to my professional self. but everything is going to bite all of us in the pants one day, so

one concrete example - I get CC'd on email notices every time one of our network signatures for catching malware, etc. unintentionally captures personal data, and the analysts have to go clean it up. I can also say that having spent time inside multiple "3 letter agencies" that this place has more required training on handling sensitive information than anywhere else, and that's not the classified stuff - everybody gets trained on handling that - it's about protected private citizen and company information, which we are, as above, incredibly concerned with. the whole business is about trust.

it's Metadon't Day

https://theintercept.com/2015/11/28/snowden-effect-in-action-nsa-authority-to-collect-bulk-phone-metadata-expires/

Some Senate Republicans, led by Sen. Tom Cotton of Arkansas and 2016 presidential candidate Sen. Marco Rubio of Florida, tried to delay the program’s official end this month in the wake of the Paris terrorist attacks. But despite support from Senate Majority Leader Mitch McConnell (R-Ky.), the effort got no traction in Congress.

http://www.politico.com/blogs/under-the-radar/2015/11/nsa-bulk-phone-snooping-program-shuts-down-216228#ixzz3t0Ek8s14

Clinton, the Democratic presidential frontrunner, gave a talk at the Brookings Institution where she urged tech companies to deny ISIS “online space,” and waved away concerns about First Amendment issues.

“We’re going to have to have more support from our friends in the technology world to deny online space. Just as we have to destroy [ISIS’s] would-be caliphate, we have to deny them online space,” she said.

“And this is complicated. You’re going to hear all of the usual complaints, you know, freedom of speech, et cetera. But if we truly are in a war against terrorism and we are truly looking for ways to shut off their funding, shut off the flow of foreign fighters, then we’ve got to shut off their means of communicating. It’s more complicated with some of what they do on encrypted apps, and I’m well aware of that, and that requires even more thinking about how to do it.”

A “senior administration official” told Reuters that the White House intends to talk to tech companies in the coming days about developing a “clearer understanding of when we believe social media is being used actively and operationally to promote terrorism.” Major social media sites are already deeply engaged in combating online propaganda and recruitment by Islamic militants.

https://theintercept.com/2015/12/07/obama-hints-at-renewed-pressure-on-encryption-clinton-waves-off-first-amendment/

you know, freedom of speech, et cetera

Ugh.

https://alexcabal.com/creating-the-perfect-gpg-keypair/

please encrypt your emails to me

https://alexcabal.com/creating-the-perfect-gpg-keypair/

If you're new to PGP, please don't follow that advice, stick with the defaults.

Everyone always thinks I'm joking about $10,000-a-night hookers,
incidentally. I'm not. If someone were to give me a $100,000 budget to
acquire a secret worth $1,000,000, hiring a high-class call girl for two
weeks would be a *damned* tempting attack vector. People spend so much
time obsessing over technical minutiae of crypto, and so little time
realizing the weakest part of the system is always the human being... so
why not hire an expert in manipulating human beings?

love these guys

Cyberhawk, Yellowstone, Blackfin, Maximus, Cyclone, and Spartacus!

In the catalogue, each device is listed with guidelines about how its use must be approved; the answer is usually via the “Ground Force Commander” or under one of two titles in the U.S. code governing military and intelligence operations, including covert action.

But domestically the devices have been used in a way that violates the constitutional rights of citizens, including the Fourth Amendment prohibition on illegal search and seizure, critics like Lynch say. They have regularly been used without warrants, or with warrants that critics call overly broad. Judges and civil liberties groups alike have complained that the devices are used without full disclosure of how they work, even within court proceedings.

“Every time police drive the streets with a Stingray, these dragnet devices can identify and locate dozens or hundreds of innocent bystanders’ phones,” said Nathan Wessler, a staff attorney with the Speech, Privacy, and Technology Project of the American Civil Liberties Union.

https://theintercept.com/2015/12/17/a-secret-catalogue-of-government-gear-for-spying-on-your-cellphone/

Pretty sure those are all members of MASK
http://upload.wikimedia.org/wikipedia/en/a/a9/MASK_Logo.JPG

Chris Christie accused Cruz of opposing the NSA’s bulk collection of metadata for political, not philosophical, reasons. “He went for the easy political vote at a time when it looked like it was a popular thing to do,” the New Jersey governor said on Morning Joe. “With all those dead Parisians, it doesn’t look so popular!”

oy veh

http://nymag.com/daily/intelligencer/2015/12/consorting-with-foreign-government-a-scandal-too.html

There's a lot we don't know beneath The Wall Street Journal's report today that the National Security Agency picked up intelligence on meetings with U.S. members of Congress and domestic political groups while spying on the Israeli government after credible reports (subsequently validated by the surveillance) that the Israelis were collecting and leaking intelligence on the sensitive U.S.-Iran nuclear talks.

The story has many dimensions. But, so far, virtually all of the reaction involves two questions: (1) Should the U.S. be spying on our ally Israel? (This was raised immediately if cautiously by Marco Rubio, who's in a bit of a quandary because he's normally a fan of surveillance.) And (2) should the Executive branch be spying, even incidentally, on the Legislative branch? (Former House Intelligence Committee chairman Peter Hoekstra called for an investigation of this possibility and for indictments if it turned out to be true.) These are both important and complex issues. But there should be a third question raised as well: Should members of Congress be consorting with agents of a foreign government to thwart U.S. diplomacy?

who's zoomin' who?

eh. obv i am a biased commentator here but ultimately isn't he arguing that congress should not meet w/ foreign leaders when they disagree w/ the president's policy? that means that, eg, mccain should not have had a relationship w/ saakashvili's gov during the time that he was advising a US military response to Russia encroachment on Georgia while Bush's policy was not military? like do we really believe that there's no place for members of congress to a) 'consort' with foreign leaders and b) disagree w/ the POTUS at the same time? seems both impossible + undesirable and really only an issue here bc a) omg israel and b) don't look but the WH just spied on congress.

like do we really believe that there's no place for members of congress to a) 'consort' with foreign leaders

Dems have gotten grief for this too, from Pelosi on back through the Reagan years, on issues from Central America to Iran...

Here the Republicans were arguably trying to undermine ongoing treaty negotiations and not just disagreeing with the President, Commander in Chief...I think Kilgore is arguing that there's no place for members of Congress to do that.

i agree that both parties have done this over the years - it seems like a consequence of how we've split foreign affairs power between the executive and legislative branches and probably a bit silly to bemoan. until it's illegal for congress to try to undermine the executive branch's diplomacy this kind of thing will continue to happen - esp when the branches are split by party.