|
Oh wow, other interesting stuff in that Der Spiegel report: They're using MITM attacks as droppers for smartphone malware, which can turn your phone into a roving microphone. loving called it. quote:This also relates to an issue that the British have made a focal point of their intelligence-gathering activities: the most comprehensive access possible to worldwide mobile networks, the critical infrastructures for the digital age. Slide deck: I thought that was supposed to be absolutely impossible, particularly on a wide scale. It appears that intelligence services don't pay attention to the opinion of random naysayers, who would have imagined? Paul MaudDib fucked around with this message at 17:48 on Nov 12, 2013 |
# ? Nov 12, 2013 17:03 |
|
|
# ? Apr 27, 2024 09:33 |
|
Forums Terrorist posted:Man, where's Eripsa? I remember him pushing the tech will set us free line. I never claimed tech would set us free. I only claimed it would allow us to organize outside of the constraints of traditional economic and political hierarchies. Surely the leaks and public response confirms the need for such alternative organizational structures. We are witnessing the slow death of the state. Everyone understands that we need alternatives to our existing political structure. Events like this surely hasten the move away from those traditional organizations and towards new alternatives. An entire generation of techies has become completely soured on the government because of these leaks. Is anyone arguing that these leaks, and the political developments they've generated, are actually good for technocratic state capitalism? Does anyone think our system is actually stronger now because of our existing surveillance strategies? Is there anyone credible left defending the existing order of things?
|
# ? Nov 12, 2013 18:58 |
|
Define "good for". Increased ability to monitor the activity of the population is certainly advantageous to stability, as is how technology makes real-life social networks transparent in numerous ways (GPS tracking, network analysis, etc). During the Arab Spring, governments would identify key troublemakers on social networks and take various steps to make them less troublesome. Even our own government arrests key activists in advance of Occupy protests. That's the future of internet-driven political activity. That stuff is scrub-league compared to what our government could do if it chose. As an example with today's release: if you really wanted to go full , you could probably target a cell tower in New York with a MITM, and either wait for GPS coordinates to flow through or drop some malware on everyone's phone and make it send coordinates every couple minutes (which would give you higher resolution). Everyone's cell phone has GPS nowadays because of E911 requirements. Then if you know one troublemaker, you know everyone they meet with, and you can turn the troublemaker's microphone on and hear what they're planning in advance. There's a fundamental dichotomy between activism and making yourself a target. The better you spread the message, the more you interact with other people who are targets, the more you make yourself a target. But low levels of messaging are unlikely to break people away from the Xbox or whatever. Yes, you can "organize better", but they can see you doing that and pick it apart faster than you can organize if they chose. And "going off the grid" attracts attention all on its own. Everyone basically carries around their own little tracking device nowadays, and it's socially normal to the point where not doing it is weird and suspicious. Paul MaudDib fucked around with this message at 19:40 on Nov 12, 2013 |
# ? Nov 12, 2013 19:31 |
|
Paul MaudDib posted:Define "good for". Increased ability to monitor the activity of the population is certainly advantageous to stability, as is how technology makes real-life social networks transparent in numerous ways (GPS tracking, network analysis, etc). The only way to fight back is by aggressively publicizing the methods and acts of repression, although it helps greatly to have sympathetic advocates inside the established power structure to vouch for you if you get into trouble. This was why Occupy was so easy to squelch.
|
# ? Nov 12, 2013 20:01 |
|
Big ol' The Verge article summarizing everything. I generally recommend The Verge stories as it's a site that synthesizes high and low culture well, in my opinion.
|
# ? Nov 12, 2013 20:41 |
|
The DHS just lost a lawsuit and is now required to disclose its operating procedures regarding an internet shutdown.quote:The Department of Homeland Security (DHS) must disclose its plans for a so-called Internet “kill switch,” a federal court ruled on Tuesday.
|
# ? Nov 14, 2013 21:49 |
|
So I just learned that the university I work for is planning to give Edward Snowden an honorary doctorate
|
# ? Nov 14, 2013 22:38 |
|
Buzzfeed has a very good article about David Miranda and his detention: http://www.buzzfeed.com/natashavc/david-miranda-is-nobodys-errand-boy quote:David Miranda and I are debating whether or not to take off our shirts in the middle of a throbbing dance floor inside the heart of gay Rio de Janeiro. Silvery blue lights and men the size of sparrows swirl around us as we gauge the euphoria of the crowd. “It’s not that kind of party, honey!” Miranda shouts hoarsely over the Brazilian dance mix of Ke$ha’s “Die Young.”
|
# ? Nov 15, 2013 14:52 |
|
Tezzor posted:Buzzfeed has a very good article about David Miranda and his detention: “Now everyone in the world is watching, bitches!” #mirandizeme
|
# ? Nov 15, 2013 17:27 |
|
Jeremy Hammond got 10 years for hacking Stratfor. If only he had been smart and just laundered billions for the cartels he wouldn't be in this mess.
|
# ? Nov 15, 2013 18:43 |
|
HTTP/2 working group of the Internet Engineering Task Force is set to recommend that all web traffic be encrypted.quote:A vastly larger percentage of the world's Web traffic will be encrypted under a near-final recommendation to revise the Hypertext Transfer Protocol (HTTP) that serves as the foundation for all communications between websites and end users. quote:As Nottingham acknowledged, there are major advantages and disadvantages for each option. Proposal A would be easier for websites to implement because it wouldn't require them to authenticate their servers using a digital certificate that is recognized by all the major browsers. This relaxation of current HTTPS requirements would eliminate a hurdle that stops many websites from encrypting traffic now, but it also comes at a cost. The lack of authentication could make it trivial for the person at an Internet cafe or the spy monitoring Internet backbones to create a fraudulent digital certificate that impersonates websites using this form of relaxed transport layer security (TLS). That risk calls into question whether the weakened measure is worth the hassle of implementing.
|
# ? Nov 15, 2013 18:44 |
|
Anyone wonder why Google is encrypting internal data at a much faster clip than the rest of the affected companies? Trade secrets? My cynicism prevents me from saying respect for civil liberties, considering how their business model works.
|
# ? Nov 17, 2013 04:27 |
|
I'd imagine fear of losing business because as it stands they obviously cannot maintain the confidentiality of their hosted data even if they want to. Fear of backlash from the EU or some other company would probably be another option. Generally I think they're sensing that customer sentiments (individual and business) are not really with the NSA here and are trying to get out ahead of that before it hits their bottom line too hard (not out of the goodness of their hearts). People are projecting the business impacts from this, it's not immense on a national scale but I'd say it's worrying if you're a business that provides data services. quote:In surveying its members this summer about the NSA disclosures, the Cloud Security Alliance - which develops security standards for Internet firms - found that 10 percent of the 207 foreign respondents had "canceled a project to use U.S.-based cloud providers" and 56 percent were "less likely" to use U.S. cloud providers in the future.
|
# ? Nov 17, 2013 05:36 |
|
It's a good thing the NSA is protecting us like this. I wonder how many jobs will be growing in Europe/Asia instead of the USA as a result of those losses. It's not like the demand will go away, the supply will simply be located elsewhere.
|
# ? Nov 17, 2013 08:13 |
|
Aurubin posted:Anyone wonder why Google is encrypting internal data at a much faster clip than the rest of the affected companies? Trade secrets? My cynicism prevents me from saying respect for civil liberties, considering how their business model works. They were also personally insulted by the NSA with a god drat smiley. I'd imagine they want to return the favor and turn it into a little frowny face on the next set of slides.
|
# ? Nov 17, 2013 23:00 |
|
Sudo Echo posted:They were also personally insulted by the NSA with a god drat smiley. I'd imagine they want to return the favor and turn it into a little frowny face on the next set of slides. Well I'm glad something good came of
|
# ? Nov 18, 2013 06:09 |
|
Aurubin posted:Anyone wonder why Google is encrypting internal data at a much faster clip than the rest of the affected companies? Trade secrets? My cynicism prevents me from saying respect for civil liberties, considering how their business model works. It's PR. Just as Google is particularly notorious among tech companies for vacuuming up as much data as possible, they try to counter the negative implications of that image by putting more work into looking like safe and responsible stewards of your data who give you full control over what is stored and how it's used. It's often a false impression, but Google moves fast on any opportunity to look like they're prioritizing their users' privacy.
|
# ? Nov 18, 2013 07:04 |
|
Google's been also pushing pretty hard to get companies onto their web app platform for the office stuff, so I think they also have more to lose. While the general population might be quite apathetic to their cat pictures being spied on, organizations might not be so happy about exposing their data not only to Google, but also the NSA and possibly their competitors. And if they don't freak out on their own, the EU is already pissed off as it is and trying to put restrictions on data storage in the US, so they're probably in damage control mode over this as well.
|
# ? Nov 18, 2013 13:09 |
|
This seems like a big development.The Guardian posted:Fisa court order that allowed NSA surveillance is revealed for first time Pretty good illustration of the "chilling effect" affecting judges as much or maybe more than journalists. Give them an inch and they'll just take a mile. Source.
|
# ? Nov 19, 2013 21:05 |
|
Maddening thing about that release is that it was the result of a EFF FOIA lawsuit, not Obama's "commitment to transparency."
|
# ? Nov 20, 2013 16:35 |
|
Aurubin posted:Maddening thing about that release is that it was the result of a EFF FOIA lawsuit, not Obama's "commitment to transparency." Is anyone still pretending this was more than an empty promise?
|
# ? Nov 20, 2013 19:57 |
|
Orange Devil posted:Is anyone still pretending this was more than an empty promise? The ODNI?
|
# ? Nov 20, 2013 20:04 |
|
Orange Devil posted:Is anyone still pretending this was more than an empty promise? It's just illustrating how much power Obama has over these agencies. Anything the president, congress or any judge says is simply taken as a suggestion.
|
# ? Nov 20, 2013 20:06 |
|
Internet Webguy posted:It's just illustrating how much power Obama has over these agencies. Anything the president, congress or any judge says is simply taken as a suggestion. That's actually one of the biggest aspects of a president's power. In addition to signing bills or executive orders and whatnot, they also set the "tone" of the administration and it carries down into the lower levels of government even in places where he's not directly influencing decisions or making them outright.
|
# ? Nov 21, 2013 03:47 |
|
Truth be told, I was really surprised this passed: UN surveillance resolution goes ahead despite attempts to dilute language Wonder if this speaks to how little power the UN has though, since something will actually get to the floor.
|
# ? Nov 22, 2013 00:16 |
|
Aurubin posted:Inch, mile, and all that: I find it hard to understand why any leader would be ok with a foreign country, especially an ally, spying on their country.
|
# ? Nov 22, 2013 01:07 |
|
Maybe they feel they can't do anything about it. America is still a rather powerful country. Or maybe they drunk the same kool-aid the rest of the world leaders have about Terrorism. Maybe they just don't give a poo poo.
|
# ? Nov 22, 2013 01:23 |
|
I would assume it's some combination of "nothing to hide" and "political realities."
|
# ? Nov 22, 2013 01:28 |
|
Either way the Opposition parties are lapping it up (:
|
# ? Nov 22, 2013 02:37 |
|
One of the early headlines was that surveillance could practically "see your thoughts form as you typed". Interesting article on how even something as minor as the way you type and use the mouse can uniquely identify you.quote:Researchers have built a continuous authentication platform that can accurately identify users based on their typing patterns.
|
# ? Nov 22, 2013 19:00 |
|
In early September, the FISA court released this statement:FISA statement posted:In view of these circumstances, and as an exercise of discretion, the Court has determined that it is appropriate to take steps toward publication of any Section 215 Opinions that are not subject to the ongoing FOIA litigation, without reaching the merits of the asserted right of public access under the First Amendment. Now: FISA statement posted:After careful review of the Opinion by senior intelligence officials and the U.S. Department of Justice, the Executive Branch has determined that the Opinion should be withheld in full and a public version of the Opinion cannot be provided. Nothing to see here, people. Move along. Source with links to both of the quoted documents.
|
# ? Nov 22, 2013 22:18 |
|
The more that gets released/leaked, the more likely the whole program will be fundamentally changed. I can at least count on Edward Snowden to release the relevant documents where the US government is unwilling.
|
# ? Nov 22, 2013 22:30 |
|
Renesys reports that large-scale MITM attacks are now a reality. Not even just from the NSA. HTTP/2 with mandatory end-to-end encryption is sounding better and better all the time. Someone's done a good analysis of the QUANTUM packet injection system, recommended by Bruce Schneier. One of the most basic yet most versatile exploits: quote:So for any webmail service that doesn’t require HTTPS encryption, QUANTUMCOOKIE also allows the wiretap to log in as the target and read the target’s mail. QUANTUMCOOKIE could also tag users, as the same redirection that extracts a cookie could also set or modify a cookie, enabling the NSA to actively track users of interest as they move across the network — although there is no indication yet that the NSA utilizes this technique. In hilariously petty news, the NSA is suing to stop production of t-shirts that mock them. quote:he U.S. National Security Agency and the Department of Homeland Security have threatened legal action to block the sale of T-shirts that ridicule these two powerful government agencies. But the T-shirt designer says NSA and DHS are the ones breaking the law by assaulting free speech, a pillar of democratic society. Good thing too, I was getting tired of reading those lame Federal Body Inspector t-shirts, which will certainly be next on the priority list, right? Paul MaudDib fucked around with this message at 01:17 on Nov 23, 2013 |
# ? Nov 22, 2013 22:51 |
|
truther posted:NZ's PM after telling the Nation he's sure the NSA doesn't spy on NZ because 'why would they bother' has now changed his tone to 'I don't and won't ever comment on intelligence information.' Quid Pro Quo. You think these intelligence agencies give a poo poo about the privacy of their peasants? Probably just one more thing to be traded for other info. Now, if the leaders themselves are being spied on, expect them to be pissed off.
|
# ? Nov 23, 2013 01:00 |
|
Paul MaudDib posted:Renesys reports that large-scale MITM attacks are now a reality. Not even just from the NSA. HTTP/2 with mandatory end-to-end encryption is sounding better and better all the time. I think they're used to getting companies to fall in line by bluffing them with stern letters. They're not used to going to real court, just secret court.
|
# ? Nov 23, 2013 15:37 |
|
New from Greenwald et al:Huffington Post posted:Top-Secret Document Reveals NSA Spied On Porn Habits As Part Of Plan To Discredit 'Radicalizers' So to recap: We have a program of "de-legitimization" of "radicalizers," based solely on their speech. The program is being discussed outside the NSA, with the DOJ and the DEA. None of the targets are "involved in terror plots." The NSA also analyzed the social graph of the targets and found... nothing particularly interesting. The program appears to operate in conjunction with the FBI, much like the way the NSA partners with GCHQ to get around its own limitations. The language that has landed these people under the NSA microscope is what scares me the most. I know Snowden's documents only tell part of the story, but it doesn't seem like they're accused of saying anything much more radical than what you'd find here in D&D. The idea that by idly stating I think the NSA is ushering in an Orwellian state could lead the NSA to start compiling a dossier on my porn habits is terrifying. The moral of the story seems to be: Don't have a funny sounding name and anti-American opinions. Burn the NSA to the ground, salt the remains.
|
# ? Nov 27, 2013 08:32 |
|
It's ok tho it's more humane than outright imprisoning/killing them so we should do it. I wonder if intel guys really are brainwashed into thinking they're American heroes or something.
|
# ? Nov 27, 2013 14:29 |
|
Kobayashi posted:Burn the NSA to the ground, salt the remains. We also have these sort of surveillance systems being sold. As I look out of the door-window of my second floor apartment into one of the many parking lots of this lovely "gated community" I cannot help but envision a time in the not to distant future when places like this become "gated corporate compounds" with their own behavior rules, security force, and the occasional knock on the door or email from the office that my online movements or expressed thoughts are a concern as they do not fit in line with encouraged group-think of the neighborhood. Is that an unreasonable vision?
|
# ? Nov 27, 2013 14:55 |
|
|
# ? Apr 27, 2024 09:33 |
|
Sancho posted:It's ok tho it's more humane than outright imprisoning/killing them so we should do it. I wonder if intel guys really are brainwashed into thinking they're American heroes or something. They don't need to be brainwashed - most of them genuinely thought they were from the beginning. They think they're providing security for the nation and they'll happily trade (other people's) liberty for that security.
|
# ? Nov 27, 2013 16:57 |