Category Archives: Politics

General Politics

NSA Bulk Metadata ruled likely unconstitutional

Posted on by

Today was a pretty big day for privacy fans. The NSA’s bulk collection of metadata has been ruled likely unconstitutional. Why is this a big deal? It’s “Just” metadata. Well, as the CBS 60 Minutes report showed the NSA is able to convert that information into a network. Networks show everyone that you talked with and despite assurances otherwise that phone numbers weren’t used, it’s fairly easy to unmask a person in a network based on the network characteristics. I wrote a blog post about this a while back that talked about a paper showing the power of metadata. I think it’s important to reiterate here what that is.

In the article, titled Using Metadata to find Paul Revere, the author explains by using who talks who it is possible to construct a large network and that it was likely to determine the major players of the US revolutionary war. Just using club membership, it wasn’t even what they talked about, just what groups they were members of and how they were all associated. Based on the metadata Paul Revere is a pretty central figure and knows a lot of the other leaders of the revolution.

The NSA would take this view and say, “See it could have caught those terrorists back before the revolution!” However, the judge in this case says that the government did not do a sufficient job showing that this actually worked. It is, in fact, likely that the British had some of this membership information but wasn’t able to put it to good use. In this case, the judge ruled that the collection of Bulk metadata is a violation of the 4th amendment.

What can we expect next? Well, the ACLU has a very similar case that is being heard. If the judge rules differently the Supreme Court may need to weigh in to deal with the problem once and for all. Which depending on how these cases are dealt with could be a good or bad thing.

It is unclear at this point how this will change the conversation in DC, it will likely just lead to more denials from the NSA and White House. They will argue it’s still legal and that they will appeal to the highest court that they can. If they lose this case, it will likely lead to a lot of other questions being asked and possibly calls for impeachment and resignations. I would not be surprised if some of the more extreme on the right call for Obama’s arrest as well.

The other piece that is of interest to me is the question about the companies that have been complicit with sharing of our metadata. Are they going to be in the clear or not? In the case of AT&T there was a law that protected them retroactively. I am interested to know if that will also be ruled unconstitutional as it enabled the government to break the law farther than it could have before.

In general this is something really good, but I believe it opens many more questions than it answers about the long term repercussions of this program. I will continue to blog about this topic!

Taking the long view

Posted on by

I read a great article today that I needed to write about. I think it’s going to influence the way that I write. It was Adam Curtis – WHAT THE FLUCK! which take a very different view on writing and journalism that really intrigued me. His article is really long, but well worth the read as it is something of a history of two types of journalism in the UK. On the one hand he discusses the rise of Tabloid journalism while on the other hand he discusses the origin of muckraking which helped to unseat the powerful in the 1930’s and helped get FDR elected leading to his trust busting.

Curtis argues that we’re at a similar inflection point in our society as we were at the turn of the 20th century. There have been revelation after revelation and the general public hasn’t figured out how to tie all of this together. I believe that there are a few journalists out there that have been pushing the current power structures and they’ve suffered from this a great deal. Glenn Greenwald and Julian Assange are two that have been the most vocal in challenging our current societal structure.

Aside from the history lesson on journalism the article is important because the author uses something similar to a popular research style in academia called Actor Network Theory. This pushes the actors and the people they interact with to the fore of historic events. It also reduces the importance of a single individual because they act within the constraints of their network. In many cases the most pivotal people are those that build the network to connect individuals in the network. In many of the history of companies books I’ve been reading lately this style is implicit in the writing.

What I took away from this article is that when I write I need to work to ensure including the longer view. Looking back more than just the past few weeks but to include events that precipitated the topics I’m writing about. This will help build credibility for my perspective as well as help convince skeptical readers through a consistent evidence and a broader story to explain the reasoning rather than just a reactionary response to an event.

Goofy Stock photos might not be so silly any more

Posted on by
Silly Stock photo

@NFEN and @Cheddarchezz having a conversation about “hacking”

I just saw a few people that I follow tweeting about trying to take over Youtube. There’s a Meme on Youtube right now that’s been going on for a while as a form of protest over some of the recent changes to the comment policy, copyright policy, integration with Google+ and probably a litany of other issues. To the gaming community Youtube is a dying platform.

What struck me about the conversation wasn’t really what they were talking about, but the stupid stock photos that are supposed to represent “hackers’ breaking into a network. For some absurd reason stock photography companies almost always put them in the same outfit they’d be wearing if they were breaking into a house, mugging someone, or doing some other nefarious activity. Clearly it’s just a ploy to help people understand that the person using the computer is up to no good, but it just looks ridiculous as almost no one wears any of those clothes while using the computer. So instead of making it look like a criminal it just make it look like an idiot. However, I think that with some recent revelations about the FBI and the hacking process called “RAT” these imagines are looking less absurd. Not that I’ll go out and buy clothes like this to work at my computer on.

One of the more recent Edward Snowden revelations has to do with breaking into personal computers by the US government. This isn’t really shocking, nor is what they do when they are on the computer. The FBI has admitted that they have the capabilities to hack into your computer and activate your webcam without turning on the indicator light. These capabilities aren’t new. In fact Ars Technica did a report on this in the kiddie hacker community called RAT. I imagine that some of the tools that my friends used to use while we were in highschool to remotely open a CD drive or type messages to each other operates in a similar fashion.

So, if you are hacking a computer does it make sense to take precautions against showing your face? It might or as the Ars article suggest, just cover up the camera.The difference is that you don’t know if you’re under surveillance or not. It’s also not clear if the FBI only means laptop webcams or if they are able to do the same to a smart phone or tablet. As the ACLU mentions in one article “we’ve never had discussion” about law enforcement hacking into computers. This is part of the reason there was a petition for We the People to update our privacy laws. Regular mail and packages are protected by the fourth amendment while email is not. Using a web cam with or without a web cam constitutes a much larger breach of privacy than just taking pictures through the camera. It’s likely that with access to the webcam the entire computer is open to the FBI, which means that a warrant for a web cam is a warrant for everything you do. If you have services that you’re always logged into like Drop Box or Tresorit those are also accessible through the computer you’re cam is being used on.

We need to have a conversation about the limits of searching and privacy. I don’t want to sit around in a ski mask or cover up my webcam. Users likely need to install firewalls, more passwords, and disconnect from services they aren’t actively using.

Government Shut Down

Posted on by

The government shut down is bad mmmkay? This is one of the examples as to why I’m glad my wife didn’t end up with a job at either a government research lab, government agency, university or any other place that relies on public funds to keep it’s doors open. That’s a lot of places. Between the sequestration and this shutdown, the US has turned into a horrible place for the sciences. However, it’s alright for us to keep the NSA up and running, but not the people that watch the watchmen. Basically, our government has different priories than most Americans, which of course is no surprise – well at least different from myself. Losing funding for science is a huge blow, especially the fact that they couldn’t continue to speak or publish any papers. It’s disconcerting because our scientific research is what allows the US to stay ahead of the rest of the world in our economic output. The results of scientific funding from the ’60s essentially gave rise to everything we’re doing on the internet. The funding from ARPA that lead to ARPAnet and then the internet, inadvertently lead to the great work I mentioned in my review of Dealers of Lightning. Many of the members of the team at Xerox were funded by ARPA during their PhD’s, their research at various universities, and in some cases even startups. This one government expenditure had massive positive impact in the one area of our economy that’s going gang busters.

So what’s going on with this shutdown? As this article points out the House did pass a budget, which is where all budget must start, however, the Senate didn’t pass it and countered with their own budget, which happens fairly often. This leads to negotiation between the two chambers in Congress. The problem that we’re experiencing in this case is that the “don’t match” portion happens to be Obamacare. The House did not fund Obamacare at all, while the Senate naturally did (being held by the Democrats). This required that the House and Senate come together to reconcile their differences, which aren’t possible to reconcile with everyone. Which is the Speaker’s problem right now. Almost a week ago, there were rumored to be enough votes in the House to pass the Senate version of the budget – as Republicans were defecting to support the Democrats. The House refused to allow a vote to be called. Bills that don’t have a chance to pass get votes all the time (many people have pointed out Obamacare repeal is a key example of that). So, I think that the article I linked above is a bit disingenuous either intentionally or is just intellectually dishonest. The author clearly knows what people mean by saying “law of the land.” It means that as we have obligation within the law we need to pay them. The House, Senate, President, and Supreme Court weighed in and it’s a legal bill. The House is unable to repeal it through legislative methods so created a plan to shutdown the government to stop the bill from taking effect – to defund the bill and “repeal” it that way. That’s what they are doing and why.

The reasons for why the Republicans believe this would work is beautifully laid out in an argument using Game Theory on the Harvard Business Review: every other time brinkmanship was used, it worked. Go with the strategy until it doesn’t work any more. The White House figured this out too and now cannot allow it to continue. Otherwise, the above author would be correct, the best way to kill a bill you don’t like that passed through everything is to simply defund it later or shutdown the government until the other people meet your demands. Toss some spin on their to make it seem like the other side is unreasonable and boom, you’ve gotten your way again.

The problem with brinkmanship is that it’s a zero sum game and if the government defaults, it’s going to be terrible for everyone. The bulk of US voters blame the republicans, this could cause massive damage to even safe areas for the republicans. Are there better ways to deal with Obamacare? Yes, if it’s as awful as the Republicans think it is, use that to get everyone out of office that voted for it. Run on that plank and push it to the hilt. If it kills jobs, causes people to go bankrupt use all that to get the Democrats out of office. Then once a majority is secured repeal the law. That’s how government should work. Sure you can work to undermine the law while you’re at it, but if you want to get rid of it, do it with votes so it’s clear the people have spoken. This shut down is bad for everyone. Let’s end it, figure out how to address long term debt, improve the job market, pay for more science, and address the structural problems we have as a nation. If Obamacare is a bad thing, we’ll figure it out really quick and then deal with that fall out. We need leaders now, not children.

The NSA, FBI, and Internet Security

Posted on by

Over the past few months we’ve learned a lot about how the US government looks at its own citizens. We’ve learned this through the actions of Edward Snowden. He’s done us a great service by forcing a conversation that the NSA and FBI didn’t want us to have. The NSA lied to the Senate recently by claiming that it never tracked US citizens through Cell Phones. We would never have known about these activities if it wasn’t for Snowden.

Snowden was using email to send information back and forth between himself and Glenn Greenwald. Since email is in one of those fuzzy gray areas of the law around data retention and government access to it this has caused a bit of a problem. It make things more difficult Snowden used an encrypted email service called Lavabit. It’s encryption was at such a level that when the FBI requested data from it, they were confounded and essentially attempted to blackmail (legally of course) the owner into handing over the encryption key. This would have effectively rendered the service these people were paying for worthless. They were paying to have their email traffic be secured from both public and private entities.

As we hear and more about how the US government has been behaving towards internet security, the more we’re learning that the NSA and other US agencies are doing their best to thwart it. They have worked with the NIST and weakened the encryption key they developed. The problem with these backdoors is that if it’s there for the “good guys” (whoever that might be) it’s also there for the “bad guys” (whoever that might be). This isn’t just general encryption keys, it’s things that we use every day without using it. Whenever we are using any website that includes “https” we are using a basic encryption protocol called SSL. Think about when you’re banking, you see the https. Google now allows you to use this when you send information to and from them. This encryption has also been broken by the NSA. This is our personal stuff and if it’s broken by the NSA it can be broken by other people. Now does this mean we’re likely to have a rash of new fraud cases or theft cases? No, as it’s been compromised for some time. However, people do know about it now and this of course is a greater cause for concern.

What can we do about this? Well, first, look into more secure encryption methods. I wouldn’t be surprised if Google and applications like HTTPS everywhere will change their algorithm in result. Second, contact your representative and your senator. I’m lucky my senator in Oregon is very vocal (Ron Wyden) not everyone is so please help inform your leaders. Third, buy from companies that you know haven’t given up data to the NSA, don’t use Facebook and the like and basically try to follow the great writing that Sean did several months ago over on KBMOD. He nailed it then and it’s even more pressing than before to keep up with security.