CAT | Surveillance
Attorney General’s new war on encrypted web services – Security – Technology – News – iTnews.com.au
Australia’s Attorney-General’s department is proposing that all providers of Internet services ensure that they can decrypt user communications when so ordered. Any services where the provider has the keys will obviously be able to do this.
Australians may want to start to start taking steps to protect themselves now.
End to end encryption is your friend. At least that way, you need to be informed and compelled if they want access to your data.
Another important step is to get your “in the clear” communications into another jurisdiction using a VPN service like Anonymizer Universal.
Finally, let your voice be heard on this issue by reaching out to your members of parliament.
In episode 16 of the Privacy Blog Podcast for January, Twenty Fourteen I talk about:
Biological Advanced Persistent Threats
The Apps on your mobile devices that may be enabling surveillance
Why you may soon know more about how much information your service providers are revealing to the government
The total compromise of the TorMail anonymous email service
How the British government is using pornography as a trojan horse for Internet Censorship.
And finally why continued use of a deprecated cryptographic signature algorithm could undermine the security of the Web
Turkey already requests more takedowns from Google than any other country in the world, almost 1700 in the first half of 2013. They have a history of blocking popular websites like Youtube, and Vimeo, and Prime Minister Erdogan lashes out against Twitter at every opportunity.
Now the government is about to enact sweeping new powers to force providers to keep complete records of all user activity for 2 years, and give the government total access to that information.
This appears to be a reaction to citizen use of social media to coordinate protests and spread information about Turkish government corruption.
Unless they implement a ban on privacy technologies, VPN services like Anonymizer Universal will provide a way of getting around this kind of logging. I would strongly suggest that people in Turkey make a habit of always using VPNs, and moving to search engines, email, and social media platforms located outside of the country.
Google has adopted a privacy protecting policy of banning facial recognition apps from the Google Glass app store. I appreciate the effort to protect my privacy but facial recognition is probably the ONLY reason I would wear Google Glass.
I am hopeless at parties or networking events. I have no ability at all to remember names, and I know I am far from alone in this. The ability to simply look at someone and be reminded of their name, our past interactions, and any public information about their recent activities, would be absolute gold.
Obviously I am less enthusiastic about having third party ratings of my intelligence, integrity, hotness, or whatever, popping up to the people looking at me. As usual, humans are in favor of privacy for themselves but not for others.
A new app is coming out soon called Nametag, which is planned to do exactly this. On iOS, Android, and jail broken Glass, you will be able to photograph anyone and, using facial recognition, pull up all available social media information about them.
To opt out you will need to set up an account with NameTag, and I presume you will also need to upload some high quality pictures of yourself so they can recognize you to block the information. Hurm…..
Whatever we all think about this, the capability is clearly coming. The cameras are getting too small to easily detect, high quality tagged photos are everywhere, and the computing power is available.
While citizens have some ability to impact government surveillance cameras and facial recognition, it will be much harder to change course on the use of these technologies with private fixed cameras, phones, and smart glasses. Even if we convince device makers to block these applications, the really creepy people will jailbreak them and install them anyway.
For years I have said that the Internet is the least anonymous environment we inhabit. With this kind of technology, it may soon be much easier to hide yourself online than off. Police really don’t like you wearing masks.
In March of 2013 the Bureau of Diplomatic Security at the US State Department issued a travel advisory for Americans planning to attend the 2014 winter Olympics in Sochi, Russia.
As I blogged before, this is expected to be one of the most aggressively surveilled events ever.
The advice for cyber protection in the advisory is interesting:
Consider traveling with “clean” electronic devices—if you do not need the device, do not take it. Otherwise, essential devices should have all personal identifying information and sensitive files removed or “sanitized.” Devices with wireless connection capabilities should have the Wi-Fi turned off at all times. Do not check business or personal electronic devices with your luggage at the airport. … Do not connect to local ISPs at cafes, coffee shops, hotels, airports, or other local venues. … Change all your passwords before and after your trip. … Be sure to remove the battery from your Smartphone when not in use. Technology is commercially available that can geo-track your location and activate the microphone on your phone. Assume any electronic device you take can be exploited. … If you must utilize a phone during travel consider using a “burn phone” that uses a SIM card purchased locally with cash. Sanitize sensitive conversations as necessary.
Obviously this is not just good advice for attending the Olympics, but would also apply to China, or any other situation where it is important to protect your electronic information.
The ability to conduct sophisticated surveillance and cyber attack is widespread. If you are engaged in business that is a likely target of economic espionage, then you should be following these kinds of practices any time you travel anywhere, and perhaps even at home.