Tag: snooping

Facebook reveals government snooper requests

FacebookSocial media giant Facebook released a report on government requests for the first half of this year.

The report includes different government requests for data, as well as content it blocks in different countries that break local laws.

The company said there’s an increase in content restrictions and government requests for data.

Blocking grew 112 percent in the first half of this year compared to the second half of last year, and amounted 20,568 pieces of content.

And government requests increased globally by 18 percent during the period amounting to 41,214 asks.

Facebook says it scrutinises every request it receives for legal validity, wherever the request comes from.

“If a request appears to be deficient or overly broad, we push back hard and will fight in court, if necessary,” the company said.

You can find the full report here.

Tech companies are terrorist friendly, policeman says

Noblesville_elite_policmen_conduct_live_fire_shoot_house_training_at_Camp_Atterbury_Ind._DVIDS281323Britain’s top anti-terrorism top cop claims that some technology and communication firms building terrorist friendly software which helps them avoid being detected.

Mark Rowley, the national police lead for counter-terrorism, said companies needed to think about their “corporate social responsibility” in creating products that made it hard for the authorities to access material during investigations.

“Some of the acceleration of technology, whether it’s communications or other spheres, can be set up in different ways.”

Basically Rowley is concerned that technology companies are making products which his staff cannot break into. He did not say which technology companies were refusing to write rubbish products, but he seemed to be hinting at Google, Yahoo and Microsoft.

He added that the post-Snowden era has created an environment where some technology companies are less comfortable working with law enforcement and intelligence agencies.

“We all love the benefit of the internet and all the rest of it, but we need their support in making sure that they’re doing everything possible to stop their technology being exploited by terrorists. I’m saying that needs to be front and centre of their thinking and for some it is and some it isn’t.”

Rowley’s comments echo those made in January by John Sawers, the former head of Britain’s foreign intelligence service, who said trust between technology firms and governments had been shattered and needed to be rebuilt.

But he should not worry too much. Prime Minister David Cameron has promised to give him and the other security and intelligence services even more powers to monitor Internet communications should he win an election on May 7.

Judge tells off the snoops

A federal magistrate judge in the District of Columbia has denied a government warrant request to search an unnamed user’s mac.com e-mail address.

This is news because it so rarely happens as judges usually allow the government to snoop on who they like.

The case involves alleged corruption and conspiracy by a defence contractor.

Judge John Facciola said that the government was submiting overly broad warrants and made no effort to balance the law enforcement interests against the obvious expectation of privacy e-mail account holders have in their communications.

Federal authorities asked the court to grant the warrant request, which asked for “All records or other information stored by an individual using each account, including address books, contact and buddy lists, pictures, and files,” and logged IP addresses, billing details, and more.

However, the judge said that the government was really after e-mails from December to the present and nothing explicitly requested that Apple gives the government any e-mails.

Facciola thinks it this confusion was caused by poor drafting, but would allow the cops to take anything they like. He thought that the government was using language that has the potential to confuse Apple, which has the job of working out what information must be given to the government in the hope of getting more information.

He added that the court should not be placed in the position of compelling Apple to work out what the government actually seeks and until this application is clarified, it will be denied. 

New Zealand politicians face snooping backlash

Politicians in New Zealand are finding that their plans to mimic the UK government and spy on their citizens are going down like a dag sandwich.

For a while the government thought that it would get its new surveillance laws in without much of a fight. After all, Britain and the US seemed to have managed it.

But suddenly Prime Minister John Key is finding the plan extremely unpopular. There are nationwide protests and even a demonstration outside his home.

According to ZDNetAuckland town hall was actually packed with people who wanted to hear opponents to new and expanded spy powers. What must be worrying for the government is that New Zealanders rarely get out and protest about anything. When they do, such as when the Springboks toured New Zealand, things get very messy.

The crusade against snooping is being led by Kim Dotcom. Vikram Kumar, the chief executive of Kim Dotcom’s Mega, told the meeting that when the Telecommunications Interception Capability and Security Bill – the “TICS Bill” – becomes law, the New Zealand government plans to issue secret orders to force non-telco service providers, such as email, chat, and online voice services, to create interception capabilities for surveillance.

He showed documents that proved ministerial directives will be used to “secretly impose an obligation to create interception capabilities by individually named service providers”.

This will all be done in secret so as not to publicly announce a lack of capability in a particular service.

The plan has been already approved by the Cabinet, and is therefore official government policy.

Protest actions focus on the TICS Bill and a Government Communications Services Bureau Bill. The fear is that spooks will now be able to look at legitimate internal political activism, away from foreign threats, and undermine the integrity and privacy of online communications.

The government wants to use secret orders to specific service providers directing the creation of interception capability, allowing real-time access by surveillance agencies.

John Key claims that he would resign if GCSB undertook mass surveillance, even if he appears to have created a system where it is made possible.

The GCSB Bill will only be voted for by a majority of one in parliament and protestors hope that it will be possible to get politicians to see how unpopular they will become by voting for it. 

London's stalker rubbish bins scrapped – for now

The City of London Corporation has ordered that rubbish bins stop spying on its citizens.

A provider of recycling bins in London, Renew, was using its bins to monitor the phones of passers-by for targeted advertising purposes.

According to the Daily Telegraph after concerns over privacy emerged, the City of London asked Renew to halt the trial, and has referred the case to the Information Commissioner’s Office (ICO).

Renew CEO Kaveh Memari has stopped the trials until there is a comment from the ICO.

Writing in his blog, he said that during the initial trials a limited number of pods had been testing and collecting anonymised and aggregated MAC addresses from the street and sending one report every three minutes concerning total footfall data from the sites. Those trials have been stopped.

“A lot of what had been extrapolated is capabilities that could be developed and none of which are workable right now. For now, we no longer continue to count devices and are able to distinguish uniques versus repeats,” he wrote.

Some of the extrapolation was mostly because of Renew’s own marketing materials on the trail.

For example, Renew said that the test measured “variables in market share between mobile handheld providers within the City’s Square Mile”, but also promises to measure the speed and movement of individual phones.

It also claimed this could help shop and bar owners to map the total footfall percentage within a 3-4 min walking distance of the shop.

Renew has now promised to consult on future developments: “Come the time we discuss creating the future levels of protection, we can move to an improved service where we can bring better content to people,” Renew said.

The company said that its “firm intention” is to discuss progressions publicly first, and it pledged to collaborate with privacy groups like the EFF, but said it is still committed to leading the charge on the implementation of such technology.

Top HP cloud exec: snooping happening worldwide

A top Hewlett Packard cloud executive has revealed that there has not been a European kick-back in the wake of the NSA’s Prism spying revelations, suggesting there’s a shared understanding it is happening in “every country around the world”.

HP hasn’t seen “any adverse reaction as it relates to the cloud,” Steve Dietch, vice president, worldwide cloud at HP told TechEye. “Privacy and data sovereignty issues were there before the exposure of that – which to be frankly honest is happening in every country in the world”.

The comments come during a US backed manhunt for Edward Snowden, the whistleblower who exposed the extent of spying details to the Washington Post and the Guardian, which showed the United States’ secretive NSA, along with other western powers, was maintaining a security network that can intrude on almost everyone in the world.

Dietch suggested companies with sensitive data were already well aware that such dangers exist.

“If you’re in a highly regulated environment you are already dealing with privacy and security issues that come into play or are reinforced. If you’re an enterprise customer you’re already worried about the exposure of your data,” Dietch said.

Governments and business are affected because the majority of popular web services are hosted on American soil – and it appears there is a bilateral agreement between the United States and the United Kingdom to tap into each other’s data networks, effectively bypassing sovereign law and acquiring such data quasi-legally.

“There’s not much you can do if a government has access to your data and is being provided legally, or illegally, depending on the country you’re in, with access via your service providers,” Dietch said.

“You have to do everything to the best of your ability within your corporate guidelines to adhere to security and data sovereignty policies, that’s high on the list,” Dietch said. “Security and data sovereignty are a couple of the top issues when getting onto the cloud”.

NSA hopes US people can't add up

Top US spook General Keith Alexander, the head of the NSA, told Congress that spying on the internet connections of ordinary people managed to disrupt 50 terror attacks since September 11.

Alexander is a clever man, by touting a number like 50 it sounds rather a lot. It implies that if he was not spying on you, that is 50 airplanes which would have flown into buildings.

He must have been hoping that the members of congress he was explaining PRISM too, did not “do the math”.

The September 11 attacks happened nearly 12 years ago, which means that PRISM on average thwarts only a few “terror attacks” a year.

Alexander used the word “disrupt” not “stop” too. This means that the attackers plans just had to be changed because they realised they had been compromised. The number “50” at least seems to be true.

According to “Terrorism Since 9/11: The American Cases,” a book edited by John Mueller, a political scientist at Ohio State University, since the World Trade Centre attacks there have been 52 alleged Islamic plots to stage attacks on American soil or on planes bound for the United States. This did not include the Boston bombing.

Mueller said that most of these plots only got to the stage of talking before the authorities broke them up. He added that much of the talking was done with FBI agents. When the US does have a terror attack, it is mostly a shooting.

The big ones have been an Egyptian national who killed two people at the El Al ticket counter. At a Little Rock military recruitment centre, in 2009, an American convert to Islam killed a soldier. U.S. Army major Nidal Malik Hasan, a military psychiatrist, killed thirteen people. In total, sixteen people were killed in these attacks. Adding the fatalities in Boston, this means that nineteen people have been killed. What is telling about the attacks that did go through, was that they were pretty random events committed by loners which would not have been spotted by PRISM technology.

To people over the pond, and indeed in the US, that sounds like a large number of people dead and justification for Alexanders’ case for PRISM. In fact it has to be put in perspective with the rest of US crime.

In 2010, to take a year at random, there were 11,078 firearm homicides in the United States, there were 544 homicides by suffocation and 89 by fire, plus 79 intentional poisonings and 52 intentional drownings. Statistically you are more likely to die from malaria in the US than from terrorism.

So when Alexander quoted these figures it should have been seen as a confession. PRISM does not work, and the cost in terms of money, and loss of person freedom. It was created by an over-reaction to a practically non-existent problem which has not actually worked.

What is more alarming is that US officials and lawmakers spent hours publicly justifying the phone and internet monitoring programs as vital security tools and slamming NSA contractor Edward Snowden decision to leak documents about them to media outlets.

Alexander, the head of the NSA, said Snowden’s leaks had inflicted “irreversible and significant” damage to national security.

“I believe it will hurt us and our allies,” Alexander told the House Intelligence Panel (HIP), which helps oversee the vast surveillance efforts.

While it would be nice if this were true, it is incredibly unlikely. The Congress appears united behind the spying programme and President Barack Obama defended them.

There has been no move to roll them back.

US Representative Mike Rogers, the Republican chairman of HIP did the classic “people do not really understand what is going on” excuse when he chatted to reporters about it.

Alexander said that he would much rather be debating PRISM than explaining how he failed to prevent another 9/11. That would be fair enough if the echoes of the Boston Bombing were not echoing in people’s ears.

One cannot help but wonder if all this is worth it. If US people’s fear of terror is out of control, it is ruining a country which was once proud of its freedom.

To an outsider, it appears that the overreaction has done more damage to the US way of life than any dirty bomb. 

People love PRISM

US and UK citizens seem surprisingly relaxed about the news that its government is spying on their internet use.

After a defence contractor risked his freedom to expose the quasi-legal government snooping being carried out using PRISM, surveys show that a lot of US and the UK people think it is OK for the government to spy on them.

In the UK, a survey  shows more than four in 10 people think the security services should be able to break data laws in order to prevent terrorism. Nearly half of voters either backed the Coalition’s draft Communications Data Bill, or thought it did not go far enough.

In the US, a Pew Survey said that Big Brother has never been so popular. “A majority of Americans – 56 percent – say the National Security Agency’s (NSA) programme tracking the telephone records of millions of Americans is an acceptable way for the government to investigate terrorism”.

An overwhelming majority of Americans also feel, generally, that it’s more important to “Investigate Terrorist threats” than “Not intrude on privacy”.

This has been the status quo in the US for nearly six years and means that the government has backing for its snooper’s charter.

Americans are less enthusiastic about email snooping with a slight majority of 52 percent not wanting their emails read. However, all this means that generally the government can be sure of the backing of most of the country for this policy too.

This might explain why today instead of kicking any government for its snooping policy, Reuters is running stories about how it is bad for defence institutions to rely on outside contractors who might make its secrets public

Edward Snowden, who gave up a hot and flexible girlfriend to leak the information has gone missing  from his hotel room. It is not clear if he has been collected by NSA spooks or he has just given up on humanity. 

Big IT denies NSA spies on its servers

While President Barack Obama’s office defended moves by the NSA to monitor phone calls, Apple, Facebook, Microsoft and Google have denied claims that government spooks have direct access to their servers.

The claim was made in the Washington Post which reported that US National Security Agency and the FBI are “tapping directly into the central servers of nine leading US internet companies” through a secret program known as PRISM.

Huge amounts of data including audio, video, photographs, emails, documents and connection logs were stored by the Men In Black.

Google said that, despite previous reports that it had forged a “back door” for the government, it had never provided any such access to user data.

Microsoft said that it had not voluntarily participated in any government data collection and only complies “with orders for requests about specific accounts or identifiers”. The key word here is voluntarily.

Apple shocked the world by giving a quote on this particular question. Spokesperson Steve Dowling said the company had never heard of PRISM. It did not provide any government agency with direct access to its servers, Dowling said.

However, the Washington Post reported that Apple held out for more than five years after PRISM enlisted its first corporate partner, in May 2007, for “unknown reasons”.

Facebook and Yahoo said that they have never given the goverment direct access to their servers and they would only do so with a court order. Further they will slap anyone with a white glove who says otherwise.

While people in civilised countries might be putting down the whole issue as something you expect to hear from the United States, there are a lot of good reasons for all of us to be concerned.

If PRISM is working the way the Washington Post claims, it means that all data which passes through the US has been sniffed and stored by spooks.

Any corporate secrets, any personal data, which had the misfortune to cross US state lines can be read by the US’s intelligence agencies.

It is also important to note that the internet companies were pretty specific about saying that they did not share the data directly to the NSA or FBI. That does not rule out an “indirect” approach which can be just as effective, but allow the outfits deniability.

In another classified report obtained by the Post, the arrangement is described as allowing “collection managers to send content tasking instructions directly to equipment installed at company-controlled locations,” rather than directly to company servers.

NSA regarded the identities of its private partners as PRISM’s most sensitive secret, fearing that the companies would withdraw from the programme if they were exposed.

“98 percent of PRISM production is based on Yahoo, Google and Microsoft; we need to make sure we don’t harm these sources,” an NSA report leaked to the Post said. 

Californian governor vetoes privacy law for phone snooping

A Californian governor has decided that his citizens are better off with the police being allowed to know what they are doing every second.

Jerry Brown vetoed SB 1434, an EFF- and ACLU-sponsored bill that would have required law enforcement to apply for a search warrant in order to obtain location tracking information.

After all, it is jolly inconvenient for coppers to have to ask a judge for a warrant to track their former girlfriends to find out who they are seeing now.

Brown actually has a bit of explaining to do. The bill passed through the state legislature with overwhelming bipartisan support. Local newspapers thought it was a good idea and there was a lot of support for it.

As the EFF pointed out, Governor Brown instead decided to sell out privacy rights to law enforcement.

He did the same thing last year, killing a bill that would have required police to obtain a search warrant before searching an arrested individual’s mobile phone incident to arrest.

Brown said he knew that privacy laws needed to be updated, but he was not convinced that this bill strikes the right balance between the operational needs of law enforcement and individual expectations of privacy. In short it would make life too difficult for coppers who may want to track someone quickly.

It might also limit the Californian police’s ability to do contract work finding stolen Apple prototypes in their spare time.

There is some confusion about why Brown feels he needs to butter up the police. While some have hinted that it is something to do with powerful police unions, that does not really cut it. His long political career has been as a financial conservative but liberal in most other areas, so it is not clear how he comes on top by vetoing the bill.