Post by woodyz on Aug 3, 2013 13:53:54 GMT -7
Keys, Immunity, And Valuation
Published 1, August 3, 2013 Politics 24 Comments
-Submitted by David Drumm (Nal), Guest Blogger
The U.S. government has demanded that internet companies turn over their master encryption keys that are used to secure Web communication. Web encryption is active when an HTTPS appears on the URL. The technique is called SSL, or Secure Sockets Layer. For example, HTTPS encrypts communications only between the browser and Gmail’s servers. With the master keys, decryption of the contents of the intercepted communication is possible. “Strongly encrypted data are virtually unreadable,” according to NSA director Keith Alexander. The internet is fast becoming an encrypted model as more internet companies adopt SSL.
The internet companies are refusing to say if the government has requested their master keys. A Google spokesperson said that Google has “never handed over keys” to the government. A more impressive response came from Richard Lovejoy, a director of the subsidiary FastMail, who said “Our interpretation is that we are prohibited by law from releasing our SSL key. In the event that we received such a request, we would refuse, for both legal and ethical reasons.”
Meanwhile, NSA director Keith Alexander has been working Congress to get them to provide blanket immunity to any internet service that helps the government fight cyberattackers. The concern for civil libertarians is that the immunity would be used to cover the companies violating privacy laws when giving the NSA data. A previous telecom immunity bill, supported in an about-face by then candidate Barack Obama, has left a bad taste in the mouths of many. One source has characterized Alexander’s requests for bill language that’s “as ill-defined as possible.”
Leading the Obama Administration’s charm offensive to convince us to love the surveillance state is John C. Inglis, the deputy director of the NSA. He had grand stories to impress on us that the billions spent spying on Americans are merited. Inglis picked two episodes to highlight the “contributions” provided by NSA programs. In the first case, several men in San Diego were sending money to a Somali terrorist group. In the second case, the NSA discovered that a suspect in a subway bomb plot, who was already under scrutiny, was using a different phone.
In the words of Jed Clampett: “Pitiful … just pitiful.”
A suspect under scrutiny means a suspect under surveillance. There are cheaper ways that spoof a cell phone into thinking it’s talking to a cell tower and collect the phone’s metadata.
Claims regarding the thwarting of 54 terrorist events and the capture of 300 terrorists are often cited to justify the effectiveness of NSA programs. However, these figures are from programs that target noncitizens abroad and have apparently been quite valuable. The success of foreign operations is often conflated with domestic surveillance programs to make it appear that domestic programs provide a valuable contribution. When the domestic program is isolated, as above, its real merit is expectedly dismal.
Published 1, August 3, 2013 Politics 24 Comments
-Submitted by David Drumm (Nal), Guest Blogger
The U.S. government has demanded that internet companies turn over their master encryption keys that are used to secure Web communication. Web encryption is active when an HTTPS appears on the URL. The technique is called SSL, or Secure Sockets Layer. For example, HTTPS encrypts communications only between the browser and Gmail’s servers. With the master keys, decryption of the contents of the intercepted communication is possible. “Strongly encrypted data are virtually unreadable,” according to NSA director Keith Alexander. The internet is fast becoming an encrypted model as more internet companies adopt SSL.
The internet companies are refusing to say if the government has requested their master keys. A Google spokesperson said that Google has “never handed over keys” to the government. A more impressive response came from Richard Lovejoy, a director of the subsidiary FastMail, who said “Our interpretation is that we are prohibited by law from releasing our SSL key. In the event that we received such a request, we would refuse, for both legal and ethical reasons.”
Meanwhile, NSA director Keith Alexander has been working Congress to get them to provide blanket immunity to any internet service that helps the government fight cyberattackers. The concern for civil libertarians is that the immunity would be used to cover the companies violating privacy laws when giving the NSA data. A previous telecom immunity bill, supported in an about-face by then candidate Barack Obama, has left a bad taste in the mouths of many. One source has characterized Alexander’s requests for bill language that’s “as ill-defined as possible.”
Leading the Obama Administration’s charm offensive to convince us to love the surveillance state is John C. Inglis, the deputy director of the NSA. He had grand stories to impress on us that the billions spent spying on Americans are merited. Inglis picked two episodes to highlight the “contributions” provided by NSA programs. In the first case, several men in San Diego were sending money to a Somali terrorist group. In the second case, the NSA discovered that a suspect in a subway bomb plot, who was already under scrutiny, was using a different phone.
In the words of Jed Clampett: “Pitiful … just pitiful.”
A suspect under scrutiny means a suspect under surveillance. There are cheaper ways that spoof a cell phone into thinking it’s talking to a cell tower and collect the phone’s metadata.
Claims regarding the thwarting of 54 terrorist events and the capture of 300 terrorists are often cited to justify the effectiveness of NSA programs. However, these figures are from programs that target noncitizens abroad and have apparently been quite valuable. The success of foreign operations is often conflated with domestic surveillance programs to make it appear that domestic programs provide a valuable contribution. When the domestic program is isolated, as above, its real merit is expectedly dismal.