flwyd: (transparent ribbon for government accoun)
Obama's speech about surveillance last week featured the following paragraph which gets modern cybersecurity totally backwards:
We cannot prevent terrorist attacks or cyberthreats without some capability to penetrate digital communications, whether it's to unravel a terrorist plot, to intercept malware that targets a stock exchange, to make sure air traffic control systems are not compromised or to ensure that hackers do not empty your bank accounts. We are expected to protect the American people; that requires us to have capabilities in this field.
This train of thought made sense during the cold war. Communication systems built by and used in the Soviet Union were different than those built in the U.S. So if the NSA could simultaneously find and keep secret flaws in a Russian phone system while ensuring security flaws in American phone systems got fixed.

On the Internet, that game doesn't work anymore. Tech companies, open source groups, and standards bodies sell and distribute hardware, software, and protocols globally. Countries and companies throughout the world use the same routers, the same operating systems, and the same secure communications protocols. Every undisclosed security hole and every undetected backdoor that the NSA has at its disposal to "penetrate digital communications" is a tool that attackers have to harm the targets Obama claims the NSA is trying to protect. The stock exchanges and air traffic control systems and banks are using the same networking gear, the same database software, the same VPNs, and the same web browsers as the plotting terrorists, hacking criminals, and enemy governments.

Even if the NSA only uses their powers for good, the more "capabilities in [the digital spying] field" they have the less safe American interests are from foreign spies, criminals, and terrorists. The nation will be more secure if our communications technologies are robustly secure than if we can listen in on all the world's chatter. And by making American communications more secure, the world's communications will be more secure.
flwyd: (mail.app)
According to additional details from Snowden leaks published by The Guardian, GCHQ, the UK's counterpart to the NSA, is wiretapping all or most transatlantic cables which terminate in Britain, i.e., most traffic between Europe and the U.S.

In a sense, this sort of traffic interception is well-known in Internet security, though the scale is new. Internet traffic often travels over untrusted links, from coffee shop WiFi to backbones owned by hostile governments. Good network security design doesn't try to ensure that every step your packet takes is secure. Instead, it focuses on end-to-end security of the data, such as encrypting the transmission and requiring authentication to access hosts. Intercepts can still learn what nodes are communicating (metadata like "you went to a Google web page"), but not the content of the transmission (like the budget spreadsheet you're editing).

Given news and leaks about spy programs in the last several years, we should assume that any internet traffic is monitored. Use https (the secure web protocol) whenever possible, and complain to websites that don't support https. Assume that a government spy agency can intercept any email you send, though emails with sender and recipient on the same system (e.g. gmail to gmail) may be safe. Unfortunately, email encryption like GPG isn't easy to use for most people. For secure communication, consider using an authenticated online document editor from a company you trust, like Google Docs or Office 365. Share the document with a generic title (like "Conversation with Bob, 2013-06-22") and type your message. I believe this approach is more robust to intercept-style snooping than email or phone conversations. However, a saved document (like an email) can be subpoenaed in an investigation or court case and can be read by anyone who gets your account credentials, like a hacker or a spy agency that installed a keylogger on your account.

The first filter immediately rejects high-volume, low-value traffic, such as peer-to-peer downloads, which reduces the volume by about 30%. Others pull out packets of information relating to "selectors" – search terms including subjects, phone numbers and email addresses of interest. Some 40,000 of these were chosen by GCHQ and 31,000 by the NSA. Most of the information extracted is "content", such as recordings of phone calls or the substance of email messages. The rest is metadata.
GCHQ taps fibre-optic cables for secret access to world's communications, The Guardian, 2013-06-21
September 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 2017

Most Popular Tags

Expand Cut Tags

No cut tags


RSS Atom
Page generated Sunday, September 24th, 2017 05:05 am
Powered by Dreamwidth Studios