background preloader

The US government has betrayed the internet. We need to take it back

The US government has betrayed the internet. We need to take it back
Government and industry have betrayed the internet, and us. By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical internet stewards. This is not the internet the world needs, or the internet its creators envisioned. We need to take it back. And by we, I mean the engineering community. Yes, this is primarily a political problem, a policy matter that requires political intervention. But this is also an engineering problem, and there are several things engineers can – and should – do. One, we should expose. We need to know how exactly how the NSA and other agencies are subverting routers, switches, the internet backbone, encryption technologies and cloud systems.

Des milliers de citoyens allemands montrent l’exemple en manifestant contre la surveillance de la NSA Des milliers de manifestants ont participé samedi à Berlin à une manifestation pour dénoncer les atteintes à la vie privée, notamment par la surveillance des télécommunications par les services secrets comme l’agence américaine NSA. Le collectif d’organisations qui avait appelé à manifester sous le slogan «la liberté plutôt que la peur» – parmi lesquels figurent les Verts, le parti de gauche radicale Die Linke et le parti Pirate -, a revendiqué 20 000 manifestants. La police de Berlin a toutefois refusé de commenter ce chiffre ou de donner une estimation, se bornant à dire que ses «méthodes de comptabilisation sont différentes de celles des organisateurs». Dans le cortège, on pouvait voir des pancartes aux messages clairs comme «Arrêtez de nous espionner!» ou à l’ironie mordante comme : «Merci Prism (le programme d’espionnage mené par l’agence américaine NSA), grâce à toi le gouvernement sait enfin ce que veut la population».

N.S.A. Able to Foil Basic Safeguards of Privacy on Web The agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show. Many users assume — or have been assured by Internet companies — that their data is safe from prying eyes, including those of the government, and the N.S.A. wants to keep it that way. The agency treats its recent successes in deciphering protected information as among its most closely guarded secrets, restricted to those cleared for a highly classified program code-named Bullrun, according to the documents, provided by Edward J. Snowden, the former N.S.A. contractor. Beginning in 2000, as encryption tools were gradually blanketing the Web, the N.S.A. invested billions of dollars in a clandestine campaign to preserve its ability to eavesdrop.

NSA and GCHQ unlock privacy and security on the internet US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden. The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments. The agencies, the documents reveal, have adopted a battery of methods in their systematic and ongoing assault on what they see as one of the biggest threats to their ability to access huge swathes of internet traffic – "the use of ubiquitous encryption across the internet". But security experts accused them of attacking the internet itself and the privacy of all users.

The NSA's Secret Campaign to Crack, Undermine Internet Encryption The National Security Agency headquarters at Fort Meade, Md., in January 2010. (Saul Loeb/AFP/Getty Images Sept. 6: This story has been updated with a response from the Office of the Director of National Intelligence [2]. The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents. This story has been reported in partnership between The New York Times [3], the Guardian [4] and ProPublica based on documents obtained by The Guardian. For the Guardian: James Ball, Julian Borger, Glenn Greenwald For the New York Times: Nicole Perlroth, Scott Shane For ProPublica: Jeff Larson The N.S.A. hacked into target computers to snare messages before they were encrypted. An intelligence budget document makes clear that the effort is still going strong.

Stop Watching Us | Stop Watching Us NSA surveillance: how to stay secure | Bruce Schneier | World news Now that we have enough details about how the NSA eavesdrops on the internet, including today's disclosures of the NSA's deliberate weakening of cryptographic systems, we can finally start to figure out how to protect ourselves. For the past two weeks, I have been working with the Guardian on NSA stories, and have read hundreds of top-secret NSA documents provided by whistleblower Edward Snowden. I wasn't part of today's story – it was in process well before I showed up – but everything I read confirms what the Guardian is reporting. At this point, I feel I can provide some advice for keeping secure against such an adversary. The primary way the NSA eavesdrops on internet communications is in the network. Leveraging its secret agreements with telecommunications companies – all the US and UK ones, and many other "partners" around the world – the NSA gets access to the communications trunks that move internet traffic. TAO also hacks into computers to recover long-term keys. Trust the math.

Why Mozilla Was Right: GCHQ & NSA Track Cookies Subscribe to this blog About Author Glyn Moody's look at all levels of the enterprise open source stack. The blog will look at the organisations that are embracing open source, old and new alike (start-ups welcome), and the communities of users and developers that have formed around them (or not, as the case may be). Contact Author Email Glyn Twitter Profile Linked-in Profile During 2013, I've written a few articles about Mozilla's attempt to give users greater control over the cookies placed on their systems, and how the European arm of the Interactive Advertising Bureau (IAB) tried to paint this as Mozilla "undermining the openness", or "hijacking" the Internet because it dared to stand up for us in this way. The National Security Agency is secretly piggybacking on the tools that enable Internet advertisers to track consumers, using "cookies" and location data to pinpoint targets for government hacking and to bolster surveillance. And it gets even worse:

Comment on NSA Effort to Defeat Encryption Worldwide September 5, 2013 FOR IMMEDIATE RELEASE CONTACT: 212-549-2666, WASHINGTON – In an effort to defeat encrypted communications worldwide, the National Security Agency has manipulated U.S. and global encryption standards; utilized supercomputers to break open encrypted communications and data; and has persuaded, and sometimes forced, technology and Internet service providers to give it access to protected data, according to reports published today in The Guardian and The New York Times in partnership with ProPublica. "The encryption technologies that the NSA has exploited to enable its secret dragnet surveillance are the same technologies that protect our most sensitive information, including medical records, financial transactions, and commercial secrets," said Christopher Soghoian, principal technologist of the ACLU's Speech, Privacy and Technology Project." For more information on the ACLU's work on NSA surveillance:

Ontario Privacy Watchdog Is Not Amused With The NSA (VIDEO) Ontario's privacy watchdog delivered a scathing indictment of the NSA's efforts to circumvent internet encryption standards. Ann Cavoukian, Ontario's Information and Privacy Commissioner, released a YouTube video Friday after The New York Times, in collaboration with The Guardian and ProPublica, reported that the U.S. National Security Agency has successfully "circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world." Cavoukian takes issue with governments devoting so many resources to getting around encryption. Cavoukian then argues that we need greater transparency and accountability regarding government surveillance. With files from previous stories. Also on HuffPost: