68240741
submission
Nicola Hahn writes:
In the past several days stalwarts of the corporate media like the New York Times, Wall Street Journal, and Washington Post have all cited unnamed officials claiming that North Korea is responsible for the recent attack on Sony. They have done so with very little visible skepticism. There is one exception: Kim Zetter at Wired has decried the evidence as flimsy and vocally warns about the danger of jumping to conclusions. Surely we all remember high-ranking, ostensibly credible, officials warning about the smoking gun that comes in the form of a mushroom cloud? This underscores the ability of the agenda-setting elements of the press to frame issues and control the acceptable limits of debate. Some would even say that what’s happening reveals tools of modern social control.
67565167
submission
Nicola Hahn writes:
Over the course of the Snowden revelations there have been a number of high profile figures who've praised the merits of encryption as a remedy to the quandary of mass interception. Companies like Google and Apple have been quick to publicize their adoption of cryptographic countermeasures in an effort to maintain quarterly earnings. This marketing campaign has even convinced less credulous onlookers like Glenn Greenwald. For example, in a recent Intercept piece Greenwald claimed:
"It is well-established that, prior to the Snowden reporting, Silicon Valley companies were secret, eager and vital participants in the growing Surveillance State. Once their role was revealed, and they perceived those disclosures threatening to their future profit-making, they instantly adopted a PR tactic of presenting themselves as Guardians of Privacy. Much of that is simply self-serving re-branding, but some of it, as I described last week, are genuine improvements in the technological means of protecting user privacy, such as the encryption products now being offered by Apple and Google, motivated by the belief that, post-Snowden, parading around as privacy protectors is necessary to stay competitive."
So while he concedes the role of public relations in the ongoing cyber security push Greenwald concurrently believes that encryption is a "genuine" countermeasure. In other words, what we're seeing is mostly marketing hype... except for the part about strong encryption.
With regard to the promise of encryption as a privacy cure-all, history tells a markedly different story. Guarantees of security through encryption have often proven illusory, a magic act. There are subtle currents flowing beneath the surface of the body politic and seeking refuge in a technical quick fix can be hazardous for a number of reasons.
66852429
submission
Nicola Hahn writes:
In his latest Intercept piece Glenn Greenwald considers the recent defeat of the Senate's USA Freedom Act. He remarks that governments "don’t walk around trying to figure out how to limit their own power." Instead of appealing to an allegedly irrelevant Congress Greenwald advocates utilizing the power of consumer demand to address the failings of cyber security. Specifically he argues that companies care about their bottom line and that the trend of customers refusing to tolerate insecure products will force companies to protect user privacy, implement encryption, etc.
All told Greenwald’s argument is very telling: that society can rely on corporate interests for protection. Is it true that representative government is a lost cause and that lawmakers would never knowingly yield authority? Looking back at the past couple of decades have Silicon Valley companies demonstrated that they view security as anything other than a marketing scheme? Noise for rubes. After all of the lies can we trust hi-tech vendors to be honest? There are people who think that advising citizens to devolve into consumers is a dubious proposition.
66535103
submission
Nicola Hahn writes:
Recently Laura Poitras, the documentary filmmaker who directed the movie Citizenfour, spoke with the Danish media outlet NRC Handelsblad. Near the end of her interview she told NRC:
"I think certainly a change in consciousness has come after Snowden. Google's servers are secure: that's a big change. This protects the privacy of people. Apple brings a secure phone on the market, that frustrates the FBI again"
There are recurring themes if one analyzes the basic talking points of Greenwald, Poitras, and Snowden: that corporations were victimized by a government run amok, that we can safeguard our civil liberties by going out and getting the latest app. Is it any surprise that all three of the above people are linked somehow to a man named Pierre Omidyar? Could a form of subtle manipulation be at work? Hints of betrayal?
66284495
submission
Nicola Hahn writes:
The Guardian reports that law enforcement officials in Europe and the United States have been busy taking down hundreds of tor-protected “.onion” domains in an extensive campaign that spans the Darknet. The resulting flurry of arrests raises an interesting question: how did they do it? Isn’t Tor supposed to offer hidden service operators anonymity?
The cops aren’t giving away anything. When Wired asked the head of the European Cybercrime Center about this he replied:
“This is something we want to keep for ourselves The way we do this, we can’t share with the whole world, because we want to do it again and again and again.”
Again, and again, and again? Bad news for users who are putting all their eggs in the Tor Basket.
65408127
submission
Nicola Hahn writes:
The former editor of Frankfurter Allgemeine Zeitung, one of Germany's larger papers has come forward to admit that he worked closely with the CIA. Udo Ulfkotte indicates, among other things, that U.S. intelligence is set on fomenting military conflict with Russia:
"I am very fearful of a new war in Europe, and I don't like to have this situation again, because war is never coming from itself, there is always people who push for war, and this is not only politicians, it is journalists too. ...We have betrayed our readers, just to push for war. ...I don't want this anymore; I’m fed up with this propaganda. We live in a banana republic, and not in a democratic country where we have press freedom"
Of course the CIA’s long-standing connections to the press are part of the public record. As are its attempts to sway public opinion. But this sort of infiltration and subversion aren’t limited to newspapers. Intelligence agencies have shown a talent for undermining everything from hi-tech products to entire power structures. Such clandestine machinations raise a question: are spies and their covert programs compatible with democracy? Paging Mr. Snowden...
64712131
submission
Nicola Hahn writes:
Both Google and Apple scored headlines at the Washington Post with articles that laud recent efforts to implement strong device-level encryption. The implication being that purchasing the latest mobile release will safeguard users from warrants issued by the U.S. Government as vendors would be unable to access encrypted data (never mind data stored in the Cloud). While device-level encryption can be interpreted as a positive step in the right direction there’s also the risk that it might provide users with a false sense of security. Contrary to popular belief there are a multitude of ways for vendors to quietly undermine device-level encryption and an equally long list of reasons why they might do so. Caveat emptor, assurances of high-security are sometimes just noise for rubes and a cover for highly leveraged spies.
64564949
submission
Nicola Hahn writes:
The Washington Post has reported that during secret court hearings the government threatened Yahoo with a "massive" $250,000 per day fine if the company failed to hand over user data to the NSA. Journalists have depicted Yahoo’s legal actions as part of an ongoing “battle” with the government. Yahoo’s general counsel has asserted on the company tumblr that:
“Users come first at Yahoo. We treat public safety with the utmost seriousness, but we are also committed to protecting users’ data. We will continue to contest requests and laws that we consider unlawful, unclear, or overbroad.”
This coverage creates the impression that Yahoo is an intrepid champion of human rights. But is this really the case? Is filing a law suit really the best that Yahoo could’ve done? Lavabit’s founder, Ladar Levison, decided that he’d rather shutter his business when confronted with government demands for information. Keep in mind that in the past Yahoo cooperated with the Chinese government, handing over information on political dissidents who were subsequently imprisoned and tortured. Are these the actions of a company that “battles” for civil liberties? Or perhaps they indicate that executives are more interested in obeying the law to maintain quarterly profits?
64178789
submission
Nicola Hahn writes:
NATO leaders are meeting in Wales to discuss, among other things, a joint defense pledge regarding cyberattacks.
There are serious issues with this kind of scheme. It’s no secret that the military is actively working on deception technology. False flag attacks are hardly a thing of the past (cyber or otherwise). A few months back a recording surfaced of high-level officials in Turkey plotting an operation to justify military strikes in Syria.
Given that NATO members have shown a habit of conducting false flag operations online and unleashing cyber campaigns against each other, does it even make sense to ratify a joint defense agreement or are world powers simply keeping up appearances?
64019157
submission
Nicola Hahn writes:
In recent coverage of events taking place in the Ukraine, the New York Times refers to the country as being under the sway of a group of oligarchs:
“The ultra-wealthy industrialists wield such power in Ukraine that they form what amounts to a shadow government, with empires of steel and coal, telecoms and media, and armies of workers.”
Note the mention of a “shadow government,” also known as a “Deep State.” This terms was originally coined in Turkey to refer to an entrenched cabal of spies, politicians, and organized crime bosses who manipulated events to maintain political control.
Does this sound familiar? You might have noticed the mass death sentence passed down by a court in Egypt. Very odd, how could 500 people be responsible for killing a single police officer? Thus leading journalists at FRONTLINE to suggest that Egypt is also under the influence of a deep state.
There are those who postulate that deep states aren’t limited to third-world nations. Readers might notice that none of the bankers involved in the 2008 financial collapse have gone to prison. Or that officials like DNI James Clapper and CIA Director John Brennan are able to flout the law with little or no consequences. Not to mention our leadership's cognitive dissonance over the origins of ISIS and the quandary of self-perpetuating conflict in the Middle East. Is the beast of the American Deep State peeking its head above the surface of the body politic?
63440889
submission
Nicola Hahn writes:
Kim Zetter of Wired Magazine has recently covered Dan Greer’s keynote speech at Black Hat USA. In his lengthy address Greer, representing the CIA’s venture funding arm, suggested that one way that the United States government could improve cyber security would be to use its unparalleled budget to buy up all the underground’s zero-day vulnerabilities.
While this would no doubt make zero-day vendors like VUPEN and middlemen like the Grugq very wealthy, is this strategy really a good idea? Can the public really trust the NSA to do the right thing with all those zero-day exploits? Furthermore, recall the financial meltdown of 2008 where the public paid the bill for Wall Street’s greed. If the government pays for information on all these unpatched bugs would society simply be socializing the cost of hi-tech’s sloppy engineering? Whose interests does this "corner-the-market" approach actually serve?
63253265
submission
Nicola Hahn writes:
Despite the long line of covert operations that Ed Snowden’s documents have exposed public outcry hasn’t come anywhere near the level of social unrest that characterized the 1960s. Journalists like Conor Friedersdorf have suggested that one explanation for this is that the public is “informed by a press that treats officials who get caught lying and misleading (e.g., James Clapper and Keith Alexander) as if they're credible.”
Certainly there are a number of well-known popular venues which offer a stage for spies to broadcast their messages from while simultaneously claiming to “cultivate conversations among all members of the security community, both public and private.” This year, for instance, Black Hat USA will host Dan Greer (the CISO of In-Q-Tel) as a keynote speaker.
But after all of the lies and subterfuge is it even constructive to give voice to the talking points of intelligence officials? Or are they just muddying the water? As one observer put it, “high-profile members of the intelligence community like Cofer Black, Shawn Henry, Keith Alexander, and Dan Greer are positioned front and center in keynote slots, as if they were glamorous Hollywood celebrities. While those who value their civil liberties might opine that they should more aptly be treated like pariahs”
62761493
submission
Nicola Hahn writes:
A recent Forbes article reports that an Internet arms dealer, Exodus Intelligence, has unearthed zero-day exploits in TAILS, Ed Snowden's favorite OS. Exodus plans to disclose the issues to TAILS "in due time." In other words, as the article notes, "That means customers could use the vulnerability however they see fit, possibly for de-anonymising anyone a government considers a target."
And if that weren't bad enough, a close look at TAILS project 2013 income statement reveals that the project, like Tor is funded by Uncle Sam. Granted, jumping to hasty conclusions would be falling prey to guilt-by-association syndrome, but isn't it interesting that several of these alleged anonymity tools are somehow linked to each other and also the United States military?
62461097
submission
Nicola Hahn writes:
If you lived in a police state where political activism could get you killed, would using Tor be enough to safeguard your identity? The general sympathy conveyed by privacy advocates is that “Tor still works.” But are these Tor supporters soft-pedaling the potential pitfalls? There are cynics in the crowd, researchers who feel that the users are being given a false sense of security, that people are depicting Tor as the digital equivalent a reinforced concrete barrier when in practice it can often be little more than a speed bump to trained spies. There’s evidence that while the NSA thinks that
“Tor Stinks” there are also well-grounded reasons why spies don’t want to scare people away from using it
60791667
submission
Nicola Hahn writes:
Thought the Review Board at squelched Bill Blunden's presentation on Chinese cyber-espionage, and the U.S. government has considered imposing visa restrictions to keep out Chinese nationals, Bill has decided to post both the presentation's slide deck and its transcript online.
The talk focuses on Mike Rogers, in all his glory, a former FBI agent who delivers a veritable litany of hyperbolic misstatements (likely to be repeated endlessly on AM radio). Rather than allow the DEFCON Review Board to pass judgement as supposed .gov "experts", why not allow people to peruse the material and decide for themselves who is credible and who is not?
