Fogbugzd's Favorite Techdirt Posts Of The Week
from the rebuilding-the-internet dept
By J. Evan Noynaert, Assistant Professor of Computer Science, Missouri Western State University
This was a short week at Techdirt thanks to the Labor Day holiday in the United States. Even though it was a short week, we may eventually see it as a pivotal week in the emerging NSA revelations. We started seeing some push-back against the scope of the snooping when we saw the author of the Patriot Act, Jim Sensenbrenner, and members of the Church Commission tell a court that the NSA had gone too far. Even more surprising is that they did it in support of an ACLU lawsuit (and Sensenbrenner's brief was with the EFF); the NSA/FISA scandal is making strange bedfellows. The government continues to face push-back from other sources. Some of these were symbolic, such as the Brazilian President's threat to cancel a US visit over NSA spying. She also backed it up with a threat to cancel four billion dollars worth of contracts with US companies. That is just the sort of thing that tends to get real attention in Washington these days.
And apparently the scandal is getting some attention in the Obama administration as well as in the NSA itself. The NSA review board is now accepting comments on aspects of the scandal that the rest of the NSA won't even acknowledge. The White House CIO seemed to be refuting the claims that we shouldn't worry because "just metadata was collected" He gave a great explanation about how much can be revealed by "just metadata," especially if you collect vast quantities of it. Even President Obama got in on the act by wavering ever so slightly. True, he is still in denial about many aspects of the situation, but the acknowledgment that we may need some changes is at least a glimmer of hope. So the administration as a whole seems to be entering the schizophrenic phase of policy development. It is going to be interesting in the coming weeks to see how they resolve the issue. We can hope that they come down on the side of openness, but there is still a great danger that they will manage to gag the dissenters and go back to stonewalling.
I had a real dilemma when Mike asked me to write this week's favorites. I didn't have a favorite post for my "Favorite Posts" post. Then I awoke to my salvation. Mike published "Online Security isn't Over; It's Just Beginning." It is the call to arms that we need. Mike quoted Micah Lee:
Giving up and deciding that privacy is dead is counterproductive. We need to stop using commercial crypto. We need to make sure that free software crypto gets serious security and usability audits.The NSA scandal should be a wake-up call to everyone involved in technology (basically everyone). There are things we can do now. We should probably start by assuming that every commercial cryptography product has been compromised. Every commercial operating system is suspect. The NSA seems to have gotten backdoors introduced into just about every major commercial security product including many that are not US based companies. We have to assume that if NSA can get in, then so can others. Apparently one of the NSA's surprises when they bugged the UN was that the Chinese were already there. Perhaps the most troubling thing about the NSA's methods is that they preferred to have backdoors installed in the software. An NSA backdoor makes life simple for the NSA. But backdoors almost always compromise the security of the software overall. Backdoors can often be opened by others; they are one more lock that can be picked by an intruder. Backdoors also tend to be patches on existing security systems. Given the fine-tuning that goes on in the design of security systems, tacking on a backdoor often involves some sloppy methods that give attackers additional soft spots that can be exploited.
If we do this right we can still have privacy in the 21st century. If we give up on security because of this we will definitely lose.
If people start turning their backs on commercial security solutions they will probably have to embrace some of the excellent open source security solutions. It is much harder if not impossible to build backdoors into software that the open source community obsesses over as it goes line-by-line through the code. But that's not to say that open source is fully safe. I will admit to being one of the conspiracy nuts who has been concerned that the NSA has influenced the development of some protocols and has managed to sneak in some subtle tells and weaknesses. The open source community needs to revisit all of its software systems and look for hidden weaknesses and vulnerabilities. Techdirt has been calling for rebuilding the Internet since at least 2003. This brings me to my penultimate favorite article of the week, "The US Government Has Betrayed the Internet; It's Time to Fix That Now." The title aptly sums up our current situation. The US Government has betrayed the Internet as well as the Constitution, the Bill of Rights, American Citizens, and our allies. The easiest to repair of all those betrayals is the Internet. As technology leaders we can start that process now. Ironically, the NSA has served up the perfect opportunity to make it very difficult to spy on the Internet.
So it will be interesting to see what will come in the week ahead. One thing that surprised me as I looked back through the week's posts, we hadn't heard from Team Prenda, and it felt like we really needed that kind of comic relief. Thankfully, just as I was finishing this post, Team Prenda delivered.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Can't we just open source the government instead of having it go proprietary and hide all that shite?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
'we want to be able to spy on all your customers.
we wont help you!
you will do as you're told or you will be forced out of business!'
how can you even think about trusting those politicians, those agencies or the government ever again? instead of looking after the people, they are totally fucking them! even now, they cant speak a true word, especially the likes of Clapper, Rogers and Feinstein!
[ link to this | view in chronology ]
i cant understand how someone can be sent to prison for uploading/downloading a couple of movies but bankrupt a country and all you get is a telling off and not even lose your job or have to repay anything! i guess it shows who is the more powerful. a country can do without having any money but cant do without having movies to watch. strange that!!
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Denial
The president is not in denial. He's merely paying lip service to privacy concerns without committing to significant changes in the NSA's programs.
He said: "I think there are legitimate questions that have been raised about the fact that as technology advances and capabilities grow, it may be that the laws that are currently in place are not sufficient to guard against the dangers of us being able to track so much."
So there are "legitimate questions" which he does nothing to address and which stem not from the NSA's current surveillance programs but from those the NSA may adopt "as technology advances and capabilities grow". He also doesn't question whether the NSA should be "able to track so much" in the first place: He thinks the government should be able to keep track of everything, with only policy to prevent them from abusing such capabilities.
"We promise not to use these privacy-shattering technologies against you" is no longer an acceptable answer to the domestic surveillance problem.
[ link to this | view in chronology ]
typo s/he
[ link to this | view in chronology ]
Re: typo s/he
[ link to this | view in chronology ]
Fascist
[ link to this | view in chronology ]
Note to the Pesident
[ link to this | view in chronology ]