NSA Backlash limps into action

Kudos to the Real News for that interview.

I’m still surprised and disappointed at the miserably subdued backlash against what the American authoritarians and their poodles have been getting away with against the citizens of the world.

But perhaps I’m just impatient and the Resistance is building. Today I hear that there are demonstrations in the streets of Washington, under the banner “Stop Watching Us“. No word yet on how many turned up.

That matters. If it’s a handful, the regime will read that as a green light to continue. It would need to be a several hundred thousand to have serious political impact.

Authoritarian defenders are crawling around trying to find ways to defend the indefensible. One of the most cringeworthy was Cameron’s puerile posing at yesterday’s EU summit

“What Snowden is doing – and to an extent, what the newspapers are doing in helping him doing what he is doing – is frankly signalling to people who mean to do us harm how to evade and avoid intelligence and surveillance,” he said. “That is not going to make our world safer.”

What the fuck has that got to do with listening in on Angela Merkel’s private telephone conversations?

The answer, of course, is “nothing whatsoever” but they haven’t got any kind of justification for that abuse, so, instead they fall back on a childlike reference to the reason they routinely give for snooping on everyone else, in the hope that somehow, the “bewildered herd” will conflate the two issues and conclude that spying on 35 world leaders is all necessarily part of the “War on Terror”

Well those 35 and many other members of the international political classes are beginning to smell the coffee. And they’re beginning to feel their blood pressure mounting as they take on board the extent of American (and British) hubris. This has already resulted in growing demands for NSA-proof communication systems between them and, as you’ll have seen in that Video, countries like Brazil are going a whole stage further and demanding communication channels which bypass America altogether.

This is a very welcome development for the politicians at least. Let’s hope they remember that any secure sauce considered good enough for the political goose is equally good for the citizen ganders.

None of the so-called “Revelations” are actually new…
Coincidentally, “Nothing Whatsoever” is also the answer to the question: how much does the average politician, including the British Prime Minister, understand about “Security”? He and many others we’ve seen squirming in recent weeks have frequently repeated that absurd argument quoted above.

As I’ve pointed out elsewhere, NOTHING in the Snowden revelations is new or unexpected. We have been able to read about it for years, and not just in conspiracy fetish forums where they don’t believe Man has ever walked on the Moon, but in well documented and highly respected sources like the trilogy of exposes written by James Bamford over the past 30 years (“Puzzle Palace” 1983, “Body of Secrets” 2002 and, with specific reference to all the web snooping, “Shadow Factory” 2009)

All Snowden has added to the picture is detail (like the name of the relevant program – PRISM) and some notion of scale. Mostly he has simply confirmed what we’d read in Shadow Factory. (Actually, in my case, I was 2/3 of the way through that book when the Snowden revelations hit the street. That made it somewhat more pressing and relevant!)

So the notion that the “evil-doers” didn’t already know this is utterly stupid and exactly the kind of misapprehension that those who do understand Security would NOT be labouring under. Such naiveté might have been widespread among terrorists at the turn of the century but after 12 years of targeted drone strikes and other successful assassination attempts, the spooks KNOW that their main genuine targets are very aware of the need for secure communications and, almost certainly, avoid using the web altogether (at least not for operational communications).

The only “terrorists” who are going to be caught through their web activity are the terrorist equivalent of those “script kiddies” who created a bunch of irritating but mostly harmless malware in the Nineties and Naughties. They’re the “wannabe jihadists” who, even if they aren’t caught, are rarely going to have the aptitude and experience to pose real threats.

Exposing the scale of the NSA dragnet has, therefore, done “nothing whatsoever” to alert the real bad guys. Which is not, however, to say that the exposure doesn’t help the terrorists. It does, but obviously the spooks haven’t bothered to tell the Prime Minister and other politicians how. Perhaps they think it’s too complicated for him and the rest of the bewildered herd to grok. Or perhaps they’re too embarrassed to admit that they’ve shot themselves in both feet.

How Snowden HAS Helped the Terrorists…
Here’s how Snowden’s high-profile confirmation is going to make life easier for the terrorists and the few other genuine anti-social bastards (like the paedophile network, or people traffickers) we really do need the security services to try to keep tabs on.

At the moment, none of the serious targets will ever be caught discussing anything (significant) online in plain text. If they use the web at all they’ll be using adequate encryption, almost certainly beyond NSA’s capacity to break. But it’s unlikely they’ll even use much in the way of encrypted emails because they will also be aware that even if their messages cannot be read, traffic analysis and the so-called “metadata” we keep hearing about provides a huge amount of significant data on its own, even without knowing the content.

The NSA have huge programs designed to trace the networks of connections between ANY given bunch of targets. As you can read in that link, they (and others) can easily create ad hoc network diagrams for any given targets. But they live in a “target rich environment”, so they have to spend most of their time focussed on those most likely to be sharing sensitive data. Thus they’re most interested in the connections between users of encrypted email. Because, they reason, if the senders are hiding something, it is probably worth reading, and definitely worth knowing who is talking to who.

And, at the moment, tracing those connections and compiling the relevant “organisation chart” is relatively simple. I doubt if, even globally, more than a hundred thousand email users regularly securely encrypt their messages. And mapping the links for that hundred thousand or so is well within the NSA reach.

But a major consequence of Snowden’s leaks is already beginning to be visible as the number of users of serious encryption begins to rise. And some significant political and commercial muscle is going into the mix. For example, Brazil, as we’ve heard, is now demanding a secure email system for their politicians and it’s quite likely they’ll make it available and recommend it for their citizens.

German entrepreneurs, meanwhile, have already come up with a partial solution and appeared within hours of the Merkel revelations, to exploit the advertising opportunity for their SecuSmart micro SD card “encryption dongle” – available for all smartphone users and in use by the German Government since July; which might be why we’re now hearing that Merkel was targeted from 2002 up until June this year. Once the card was fitted, NSA would have lost their ability to bug her – although not necessarily their ability to track who she was calling or being called by. Any communications between two users fitted with those cards can at least be confident that the content of their conversations is not being overheard (providing, of course, that the phones themselves haven’t been tampered with and they’re not bugged in any other way)

We can confidently expect a rash of genuinely secure phone and email products to appear on web pages near you in the near future. Who knows, Google and some of the other major players might even tweak their own services to make them snoop proof (by giving users the ability to add their own secret keys).

So there is a very real prospect that within, say, 5 years, instead of a hundred thousand secure emailers, there will be a hundred million and, as any fule kno, the complexity of a network diagram is proportional not to the number of nodes, but the square of that number (“Metcalfe’s Law”). So the NSA task isn’t going to be a mere thousand times more difficult, but around a million. And even their shiny new Utah Repository isn’t going to be able to cope with that.

Which means that it will shortly become much safer for terrorists and others to use their own encrypted emails. Fish are always safer swimming in the sea. Up till now, they’ve been forced to swim in a rather small pond and have, thus, been easy to target with a hand-held net. Snowden’s revelations, with the help of those media not afraid to talk truth to power, have already achieved far more exposure than Bamford’s. His book is currently languishing at number 72,169 in the Amazon sales rankings, which I reckon must mean that probably fewer people have so far read his (much more detailed) exposure than my guesstimate of the number of users who routinely encrypt their mail.

So the sharks we really do need to keep an eye on are about to get the comforting camouflage of another hundred million or so fish and the reasonably sized Sea they need to swim in more safely. This is what they call, in the trade, Blowback. Nice one NSA…

Ad Blocking Software – Strongly Recommended

Check out this pleading inanity from one of my (otherwise) favourite sites

Dearie me, am I to understand that it’s a problem for Physorg that I choose not to conform?

Idiots like this just don’t get it. Some of us are not just immune to advertising, we actively and passionately object to it as a manipulative abuse of bandwidth.

This antipathy is more prevalent, perhaps, in UK citizens than most because we have the Beeb, producing consistently high standards of broadcasting without commercial breaks. Before we had our hard-drive backed digital TV services we often had to wait two hours before getting to pee.

Nowadays, we can just pause the program, which neatly eliminates the one advantage that commercial breaks could boast. And boy does it make for a massive culture shock when we are exposed to American TV. That culture must be behind the sentiments expressed by this drivel.

They clearly believe it is their god given right to advertise to me. As my regular reader will know, I obviously don’t believe in god given rights. And, as it happens, I don’t believe in human rights either. I believe in Liberty – which is merely the absence of constraint – and Reciprocity – treat others as you would wish to be treated in return. That combination covers every conceivable ethical question you’ll ever confront; including whether or not to tolerate intrusive commercials on a web page.

And I see absolutely nothing which justifies any constraint whatsoever on my ability to install Adblock and not just ignore your adverts but remain blissfully unaware of their existence. Adblock is a free Firefox add-on – strongly recommended if you’re as allergic to ads as I am. And those who might be inclined to follow my recommendation will not confuse the previous sentence with “advertising” because they will know I have absolutely nothing to gain by that recommendation other than the knowledge I am spreading a little more contentment. My motives, are, therefore, entirely honorable. As I’m sure is true even of some commercials. But not many…

What Physorg and those who think like that obviously don’t understand is that if I was forced to suffer their sites with ads, I would simply exercise my liberty to avoid visiting those sites. How would that improve the human condition?