You are currently browsing the tag archive for the ‘NSA’ tag.

Spying on YOU

Courtesy of Watchung Hills Regional High School District

Advertisements

You may have awakened this morning to news that the bill to curb the NSA failed to win its filibuster margin of 60 and proceed forward…

Do not be dissuaded. This is probably a good thing.  It was watered down considerably to get enough Republican votes to pass.

The good news, is that without renewal, in the next Republican Congress, it will expire if nothing is done to re-pass it.  And everyone knows, it is far easier for Republicans to vote “no” against weakening our defense against terrorism, than it is to vote “yes” to putting every American’s deepest private thoughts and spoken words on speaker phone.

The parts of the reauthorized Patriot Act which were interpreted to allow for the mass surveillance revealed by Snowden last year, expire midnight of June 1st of next year, if no action to reauthorize them is taken….

Had this bill been passed last night, they would have remained intact far longer.  As it is, next Spring there will not be enough votes in the House or Senate to pass a new Patriot Act based on the shake up that occurred in both houses this past election.

Actual conversation over April Cookout:

“So do you think the NSA was using the exploit in Heartbleed over the past two years?”

“Did they deny it yet?”

“Why yes, they just did…”

“Well, that confirms it.. They were.”

Guardian has confirmed that Project Optic Nerve, collected billions of streamed video off Yahoo, most of which was obviously pornographic.  That was shared among the Five Eyes…  America, Canada, Britain, Australia, and New Zealand…

Guess what… all those intimate moments… HA HA HA… are public….

Enjoy!  Can’t say we didn’t tell you so….

Governments should not use their offensive cyber capabilities to change the amounts held in financial accounts or otherwise manipulate financial systems….

Think back over the past 3 years…. 

Hmmmm.

 

I really didn’t give this report much respect coming out of the gate for the word-leaked-out, was that it does nothing to stop the NSA’s abuse.   However, I have deep respect for Richard Clarke who was one of the five, so I felt compelled to read the whole thing

Since I’m sure few of you will venture to read the entire report, If something jumps out, I jotted it down below…

1. The United States Government must protect, at once, two different forms of security: national security and personal privacy.

In addition to reducing risks to national security, public officials must consider four other risks:

• Risks to privacy;
• Risks to freedom and civil liberties, on the Internet and elsewhere;
• Risks to our relationships with other nations; and
• Risks to trade and commerce, including international commerce.

We recommend that Congress should end such storage and transition to a system in which such metadata is held privately for the government to query when necessary for national security purposes.

In our view, the current storage by the government of bulk meta-data creates potential risks to public trust, personal privacy, and civil liberty.

We recognize that the government might need access to such meta-data, which should be held instead either by private providers or by a private third party. This approach would allow the government access to the relevant information when such access is justified, and thus protect national security without unnecessarily threatening privacy and liberty.

We endorse a broad principle for the future: as a general rule and without senior policy review, the government should not be permitted to collect and store mass, undigested, non-public personal information about US persons for the purpose of enabling future queries…

We also recommend that legislation should be enacted authorizing telephone, Internet, and other providers to disclose publicly general information about orders they receive directing them to provide information to the government. Such information might disclose the number of orders that providers have received, the broad categories of information produced, and the number of users whose information has been produced…

We recommend that, in the absence of a specific and compelling showing, the US Government should follow the model of the Department of Homeland Security and apply the Privacy Act of 1974 in the same way to both US persons and non-US persons.

We recommend a series of organizational changes.  We believe that the Director should be a Senate-confirmed position, with civilians eligible to hold that position; the President should give serious consideration to making the next Director of NSA a civilian. NSA should be clearly designated as a foreign intelligence organization….

The head of the military unit, US Cyber Command, and the Director of NSA should not be a single official.

We favor a newly chartered, strengthened, independent Civil Liberties and Privacy Protection Board (CLPP Board) to replace the Privacy and Civil Liberties Oversight Board (PCLOB)…

We recommend that Congress should create the position of Public Interest Advocate to represent the interests of privacy
and civil liberties before the FISC.

The US Government should take additional steps to promote security, by

(1) fully supporting and not undermining efforts to create encryption standards;

(2) making clear that it will not in any way subvert undermine, weaken, or make vulnerable generally available commercial
encryption; and

(3) supporting efforts to encourage the greater use of encryption technology for data in transit, at rest, in the cloud, and in
storage.

The use of “for-profit” corporations to conduct personnel investigations should be reduced or terminated.

There then follow forty-six recommendations, most of which were mentioned above… They start on page 26 and continue until page 44,  For the most part, these are where the complaints that the report is too soft, lie.  The report states things should be in a certain way, and like the Articles of Confederation, there is no teeth to back them up….  For instance it states we recommend that private third parties turn over data only if it is necessary to the security of the United States… Easily setting up this scenario… “Hi, can you give me info on Ms Murphy.  Appears we have some trousers in some soup…” ” Is it a national emergency?” “Yes, sure is”… “Ok here are all their calls…” Essentially unless teeth are added, this allows the same actions as go on today, to progress further.

Teeth such as:  any third party who gives, or any governmental employee who asks for private confidential information for purposes other than an immediate physical threat to national security, may be sued in court for any damages such misuse of information may cause…. etc…

It is our sincere hope, that one, this power is removed from the government.  Private corporations cannot arrest one in the middle of the night, and that with this data in the hands of private entities, that those private entities are at risk if any wrong information falls into anyone’s wrong hands…

Most of us would still trust our privacy in that scenario…  “What?  Someone just told my spouse I was sexting Miley Cyrus?  Oh well, (sigh) with the judgment of $68 million I’ll eventually receive, I’m much better off if I’m divorced before I receive it… ..”

A federal judge in Washington, D.C. today declared that the NSA’s mass phone records surveillance is likely unconstitutional, ruling that the plaintiff’s data should be purged from the system and prohibiting the NSA from collecting further phone records from the plaintiffs.

 “I cannot imagine a more ‘indiscriminate’ and ‘arbitrary invasion’ than this systematic and high-tech collection and retention of personal data on virtually every single citizen for purposes of querying it and analyzing it without judicial approval,”

The order was stayed pending appeal, but if the appeal does not overturn his decision, the injunction will go in effect at that time.

As is expressed by those NSA officials, including General Alexander, it’s head, a reading of the decision does indeed show the acquisition of every American’s personal data, was not accomplished by standing on any legal ground…

The excuses offered by the US Government, are extremely flimsy….

The judge noted:  the NSA’s data base has never truly served the purpose of rapidly identifying terrorists in a time sensitve investigation.

The Fourth Amendment is violated with every sweep…. .

Today the Brits are putting up a motion to curb their end of the spying racket…  The proponent putting up the piece that should get wide spread support, is of course… a liberal democrat….

The bill –  would make sure Britain’s spy agencies could never intercept calls or data without a specific warrant . Furthermore, is sets up a demand that the parliamentary regulatory body which oversees intelligence gathering, be made up not of secret appointees, but be chosen by an open election on the floor of the House of Commons.

“We’re very conscious of the need not to prevent the security services doing their work, but there are certainly gaps in the law. That much is clear.” says the pusher of that bill,  Mr.David Health.

Quotes from the Floor…

“But any surveillance and any clandestine operation in a democracy raises questions, he says. These can’t be answered by the agencies or the executivebut only by the legislature. Such as: where are the boundaries between privacy and legitimate intelligence gathering? What controls are in place to prevent abuse? Where are the limits of secrecy? How does our legislation and capability measure up to the latest technology? How comprehensive is the scrutiny and legal framework?”

“He has received assurances from ministers that the security services are not acting outside the law – but the law cannot keep up with their capabilities,”

“We need to deal not only with direct interception of communications but also collection of communications metadata. That is “an area where the law is silent.  We need to deal with the UK collection and that of allies,”

“The security services cannot police themselves”, he says.  “Their focus is on doing the best possible job – the job of parliament is to set the proper boundaries for their work”, he says.

===

In summary the ideas are sound… One cannot be unbiased when monitoring ones self.  That we ever thought so is madness.  It is therefore paramount that we follow some of the Brits’ ideas over here and make those who are in charge of our intelligence also be voted from the floor of Congress in a public debate as is any law or appointment,  and not be appointed in private by the head of  the legislative body with no accountability…

Furthermore,  having a true court hearing and not a rubber stamp session each time when approving the wiretapping or Constitutionality of data collection, would impact greatly on the credibility of any legitimate act of data extraction performed in the future….

This is the newest revelation from Snowden.  It should not be a surprise knowing what we already knew.

Essentially the NSA uses cookies to track your internet traffic.

Which brings up this moral question.

Cookies were allowed for commercial opportunity.  To find what you like, and then offer you ads for that activity.   That sort of benefits both advertisers and potential consumers.  if I as a consumer have to look at ads, aren’t i better served seeing ones I’m interested in, as opposed to ignoring all of them as I do in the News Journal?

Yes… I’ve benefited from cookies.

At the same time, someone out there, knows a lot about me.  And a lot about you…  Whereas computer technology can accurately predict where Peyton Manning will throw the ball on 3rd and 10, it can also predict when and what you will buy at Wal*mart with 90% accuracy…  One could get in big trouble if ones spouse ever got hold of that information….

But we were given ways of opting out of cookies, of removing them if we wished, and it continues to be allowed…

There are no laws against making bets on what someone will buy..   However.. THERE ARE LAWS AGAINST  government spying on you.   Against powers of prosecution innocent victims have no powers other than forcing prosecutors to produce evidence.   Now that evidence can be produce readily whether a person is guilty of anything or not,  there is no defense against state prosecution.

This disrupts commerce.  Now I can’t engage in commerce because my government may one day invade my domicile, grab my computer,  pull one or two bytes out of one or two gigabytes, and prosecute me.

So now, with the NSA, a government entity using cookies,  the actual use of cookies themselves may become under suspect of being illegal…

With continuous free use of cookies, using them to spy on you will continue.  Now is the time to  move to requiring cookie-use only with a court order, and hopefully, it must emanate from a court which has an advocate for privacy rights being the antagonistic force against the government’s claim for its right to spy….

So with the right advocacy, this crumbling cookie situation may lead to legislation ensuring our privacy is again under our control, and as a result… no longer forcing us to live like celebrities or former witches and fear Allan Loudell or the paparizzi  (of course, in the form of cookies)….   hiding in our bushes

When computers first started, vulnerabilities were not made public. Instead one alerted the maker of the vulnerability privately, so the bad guys would not find out about it.  But most often, those receiving the alert in secret, would be in no hurry to fix it.

Then vulnerabilities started to became public. As soon as one was found, it was posted and the makers were forced by public pressure to scramble and fix the flaw. So once a vulnerability was found, a temporary fix could be slapped together even if it meant taking the server off line.  Publishing made the Internet safer for us all.

The NSA does just the opposite.  Not only was it collecting data as it passed through its servers, but it has compromised a huge number of user’s computers and phones just like any hacker.  It has the potential to control almost any computer around the globe, according to the most recent release of data coming from Edward Snowden.

It has the unique ability to do so by its strategic location in the middle of the data stream. Many of the “401 File not found”s you have received from what you thought were up-and-running sites,  innocuously came from the NSA according to Snowden’s released data.  Once connected, the NSA then installs it’s own data directing all your flow to its secret servers, first before it gets passed on to where you were intending.

The ease with which your servers are compromised comes from NSA’s collusion it has with Verizon, Comcast, and the other servers who have access to the internal workings of your machine.  This, coupled with back doors manufactured expressly for the NSA, makes any computer susceptible to infiltration.

There is no way your IT guys can block them, because it is so secret.

And that is the problem.  Edwards Snowden left the NSA with tremendous amounts of information, and fortunately decided to make it public.  Computer surveillance has been in effect 10 years now.  One must wonder, how many service technicians working with the NSA, have left with that information, and who have not gone public, but chose to sell it to those to whom such information is important?

What if the Chinese already have all the codes the NSA uses to get into any American’s computer?  (All we have is the NSA’s words that they don’t.  But the NSA has rarely told the truth.)

In other words… because all these NSA codes and methods are top secret, any bad agent possessing that powerful secret, can wreak havoc far longer than he could if the IT community were able to pounce and scramble out a fix right away….

We are now at the point, where cyber infiltration is a far more serious threat to the USA than ragged desert terrorists jumping through hoops of fire in training videos.

The NSA needs to recognize this and turn to the IT community and publish their back doors and vulnerabilities.

It would make everyday spying on Americans much harder, but would protect our system of electronics against a devastating attack.

In layman’s terms, it is much easier to get away with murdering someone in a mountain cabin far from other people, than it is to do so in the middle of a police station…  If everyone is a cop, we are much safer than if we have something we think is a secret, but is turns out it is not.

Balanced against spying on American citizens, i think sealing up the NSA caused vulnerabilities to our system, is a no-brainer.