Sunday, December 03, 2017

'Security'

Tweet (Yasha Levine) (remember when Newt was the acknowledged 'expert' on such things?):
"Ha-ha. "They" (that's the US government) gave the Internet to corporations in late 1980s. If you want to be a pendant about it, Internet privatization as a very specific policy plan by the NSF began in 1987 and concluded in 1995. PS: Almost no one knows this, though.Ha-ha. "They" (that's the US government) gave the Internet to corporations in late 1980s. If you want to be a pendant about it, Internet privatization as a very specific policy plan by the NSF began in 1987 and concluded in 1995. PS: Almost no one knows this, though."
Tweet (Yasha Levine):
"In my experience, more American lefties know about the privatization of Yeltsin's Russia than they do about the privatization of the Internet that happened right here in America, under their noses. (That included me until I recently.)"
"The Crypto- Keepers: How the politics-by-app hustle conquered all" (Levine) (on how the 'security' fetishists, led by Snowden, replaced politics with tech technique):
"Back in 2013, it seemed like we could be on the verge of a global movement that would galvanize people to push for meaningful privacy laws that would not only curb government surveillance, but put limits on Silicon Valley’s unrestricted data collection practices, as well. But things went a different way.

Now, four years after the Snowden leak, we can see that all that energy and outrage and potential for civic action has been redirected into a narrow band of mass-politics-by-app. The new consensus, bruited loudly in and around Silicon Valley, holds that all we need to do to protect ourselves from surveillance is download whatever crypto chat app is in vogue at the moment, and run it on our iPhones. Instead of finding political and democratic solutions to the government and corporate surveillance crisis plaguing our society, the privacy movement somehow ended up in a libertarian rut. In remarkably short order, online privacy advocates had abandoned the idea that people and politics could change the world for the better, and instead chased something closer to an NRA fantasy: the idea that if everyone was equipped with a crypto weapon powerful enough, they could single-handedly take on both corporations and powerful spy agencies like the NSA. They could use technology to guarantee their own privacy on their own terms.

Edward Snowden himself has been the principal promoter of this idea, never missing an opportunity to tell people that collective politics is useless, and that arming yourself with technology is where it’s at. He shrugged off the for-profit surveillance that powered the businesses of Silicon Valley, pithily telling the Washington Post that “Twitter doesn’t put warheads on foreheads.” Instead, he saw private companies like Apple and Facebook as allies—perhaps the only places that offered even a modicum of safety in the dangerous wilderness of the internet. To him, private developers and software engineers were the true protectors of the people, and he called on them to rise up against government oppression. “If you want to build a better future, you’re going to have to do it yourself. Politics will take us only so far and if history is any guide, they are the least reliable means of achieving the effective change . . . at the end of the day, law is simply letters on a page. They’re not gonna jump up and protect your rights,” he told the audience at Fusion’s 2016 Real Future Fair in Oakland via video-robot link from Moscow. To Snowden—now a leaker-
turned-political-philosopher—political movements and collective action were fickle, merely human endeavors that offered no guarantees; encryption and computer technology was a sure thing, based on the laws of math and physics. “Technology works differently than law,” the fugitive leaker told the crowd at the Real Future Fair. “Technology knows no jurisdiction.”

It was an absurd position. Substitute “technology” with “assault rifle” and Snowden’s speech turns into something you’d hear at a Republican CPAC conference. Still, Snowden got a standing ovation at the Real Future Fair. And why not? From the moment Snowden appeared on the scene, his tech-centric worldview has been backed up by a chorus of award-winning journalists, privacy activists, left-leaning think-tankers, and powerful advocacy groups like the Electronic Freedom Foundation and the ACLU. Silicon Valley supported Snowden’s call to arms, as well. A brave new cohort of app developers backed very narrow technological privacy solutions that they claimed would protect their users from government snooping, all while shamelessly tracking these very same users for private profit and gain.

As it happened, Snowden’s call to encryption-arms helped inspire Pavel Durov to build Telegram. “I am far from politics and cannot lobby for a ban on total surveillance,” he wrote in October 2013, a few months after Snowden fled to Moscow and right before Durov in turn had to flee Russia. “But there is something that we as IT-entrepreneurs and programmers can do. We can develop and finance technologies aimed at making total surveillance technically impossible.”

In America, the initial movement to take the anti-surveillance fight to Silicon Valley fizzled and turned into something else that was at once bizarre and pathetic: privacy activists working with Google and Facebook to fight the NSA with privacy technology. This made precisely as much sense as siding with Blackwater (or Xe or Acadami or whatever the Pentagon contractor calls itself now) against the U.S. Army. Yet this trend of politics-by-app went into overdrive after Donald Trump was elected president. You saw it everywhere: civil libertarians, privacy advocates, and demoralized liberals arose to proclaim that encryption—even the stuff rolled out by Silicon Valley surveillance giants—was the only thing that could protect us from a totalitarian Trump administration.

“Trump Is President. Now Encrypt Your Email,” urged New York magazine’s technology editor Max Read in an opinion piece published in the New York Times in March. “In the weeks after Donald J. Trump won the election, a schism threatened to break my group of friends in two. Not a political argument brought about by the president-elect, or a philosophical fight over the future of the country, but a question of which app we should be using to chat. . . .” Buzzfeed concurred: “Here’s How To Protect Your Privacy In Trump’s America: Easy tips to shield yourself from expanded government surveillance,” wrote the outlet, offering its millennial readers a listicle guide to “going dark” on the net."
and (the punchline, of course, is that the 'security' isn't secure, and has been made and backdoored by the very people you think you are hiding from!):
"Over the next several years, the BBG, backed by the State Department, expanded the Internet Freedom initiative into a $50 million a year program funding hundreds of projects targeting countries across the world—China, Cuba, Vietnam, and Russia. And here things, yet again, took a turn for the surreal: the Internet Freedom apparatus was designed to project power abroad—yet it also emerged as the primary mover and shaker in America’s domestic privacy movement. It funded activists and privacy researchers, worked with the EFF and ACLU and even companies like Google. Wherever you looked, privacy tools funded by this agency dominated the scene. That included the most ardently promoted privacy products now on offer: Tor, the anonymous internet browsing platform that powers what’s known as the “dark web,” and Signal, the chat app championed by Edward Snowden. Both of them took in millions in government cash to stay afloat."
Signal, what the experts, including CIA-asset Snowden, encourage you to use for 'security': "Invented by a self-styled radical cryptographer who goes by the name of Moxie Marlinspike (although his real name may or may not be Matthew Rosenfeld or Mike Benham), Signal was brought to life with funding from the BBG-supported Open Technology Fund (which has pumped in almost $3 million since 2013), and appears to rely on continued government funding for survival.":
"But for an app designed to hide people from the prying eyes of the U.S. government, Signal’s architecture has given some security and crypto experts pause. Its encryption algorithm is supposed to be flawless, but the app’s backend runs as a cloud service on Amazon, which is itself a major CIA contractor. The program also requires that users connect the app to a real mobile phone number and give access to their entire address book—strange behavior for an app that is supposed to hide people’s identities. Signal also depends on Google and Apple to deliver and install the app on people’s phone, and both of those companies are surveillance partners of the NSA. “Google usually has root access to the phone, there’s the issue of integrity. Google is still cooperating with the NSA and other intelligence agencies,” wrote Sander Venema, a developer who trains journalists on security. “I’m pretty sure that Google could serve a specially modified update or version of Signal to specific targets for surveillance, and they would be none the wiser that they installed malware on their phones.” And given Signal’s narrow marketing to political activists and journalists, the app works like a flag: it might encrypt messages, but it also tags users as people with something to hide—a big fat sign that says: “WATCH ME, PLEASE.”

And anyway, Signal or no Signal, if your enemy was the United States government, it didn’t really matter what crypto app you used. A recent dump of CIA hacking-tool documents published by WikiLeaks revealed that the agency’s Mobile Devices Branch has developed all sorts of goodies to grab phone data, even when it’s quarantined by the firewalls of apps like Signal and WhatsApp or even Telegram. “These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide, and Cloackman by hacking the ‘smart’ phones that they run on and collecting audio and message traffic before encryption is applied,” wrote WikiLeaks."
The main problem for the keepers of the Panopticon is too much information. The NSA would have to hire half the world's population to monitor the conversations of the other half! What do you do if you are sitting on 45,000,000 conversations of two grandmothers discussing chocolate chip cookie recipes, one of which is two terrorists discussing bomb making in code?  Simple.  You let the terrorists winnow themselves out by providing 'security' apps that only the paranoid will bother to use.  Now you have 45 recipe discussions, many of which are probably hinky.  I don't know why this technique should be so hard to understand.

Of course, the bigger problem is when the technique of using the apps replaces real politics.

Levine is consistently one of the best writers on real politics.  His Russian background seems to be clarifying.
blog comments powered by Disqus