Jump to content
Sign in to follow this  
kuhla

If you've got nothing to hide, you've got nothing to fear.

Recommended Posts

Facebook hired a new general council - Jennifer Newstead.  Her previous credentials include: Drafting the patriot act in 2001, and she was previously the top legal adviser to Trump's state department. 

While I'm not normally one to engage with sensationalist headlines I will provide a few quotes. 

Quote

CNN:  F**k Privacy. Facebook’s Terrifying New Lawyer is an Architect of NSA Mass Surveillance

Washington Post:  She sold the Patriot Act to Congress. Her next job is defending Facebook.

The Hill:  Facebook taps lawyer who helped write Patriot Act as new general counsel

Politico:  Why Facebook hired a Patriot Act author and privacy activist

Link to Google News aggregator: https://news.google.com/stories/CAAqSQgKIkNDQklTTERvSmMzUnZjbmt0TXpZd1NoOGFIV1JxUmpWWVVIVkJSM1JTTms4dFRTMWFNMGRmZW5wSWExVnhVMkpOS0FBUAE

I suspect Facebook is hoping that Ms. Newstead will help them deal with various intelligence agency requests as well as buy them political capital with the Republican party and the current administration.  I also suspect that this will at best be a short-term solution and further signal the utter contempt Facebook has for any sort of user privacy protection. 

Share this post


Link to post
Share on other sites

translated article - https://translate.google.com/translate?sl=auto&tl=en&u=https%3A%2F%2Fwww.spiegel.de%2Fnetzwelt%2Fnetzpolitik%2Fhorst-seehofer-will-messengerdienste-zum-entschluesseln-zwingen-a-1269121.html

Germany

Quote

Federal Interior Minister Horst Seehofer (CSU) wants to give security authorities access to standard end-to-end encrypted chats and telephone calls. Messenger services such as WhatsApp or Telegram should be obliged to record the communications of their customers and to send them to authorities - in a readable form, ie unencrypted. As the SPIEGEL reports in its current issue, providers who do not fulfill this obligation should be banned by order of the Federal Network Agency for Germany. ( Read the whole story at SPIEGEL + here. )

Encryption is a crime.

Share this post


Link to post
Share on other sites

article - https://www.nbcnews.com/news/us-news/give-your-password-or-go-jail-police-push-legal-boundaries-n1014266

Quote


....

Five days later, after Montanez was bailed out of jail, a deputy from the Hillsborough County Sheriff’s Office tracked him down, handed him the warrants and demanded the phone passcodes. Again, Montanez refused. Prosecutors went to a judge, who ordered him locked up again for contempt of court.

“I felt like they were violating me. They can’t do that,” Montanez, 25, recalled recently. "F--- y’all. I ain’t done nothing wrong. They wanted to get in the phone for what?”

He paid a steep price, spending 44 days behind bars before the THC and gun charges were dropped, the contempt order got tossed and he pleaded guilty to a misdemeanor pot charge.
.....

 

Another one of these cases.

Share this post


Link to post
Share on other sites

article - https://apnews.com/7423e1ef65a144e6a47e4da63683b3c1

Quote

NEW YORK (AP) — Attorney General William Barr said Tuesday that increased encryption of data on phones and computers and encrypted messaging apps are putting American security at risk.

Barr’s comments at a cybersecurity conference mark a continuing effort by the Justice Department to push tech companies to provide law enforcement with access to encrypted devices and applications during investigations.

“There have been enough dogmatic pronouncements that lawful access simply cannot be done,” Barr said. “It can be, and it must be.”

The attorney general said law enforcement is increasingly unable to access information on devices, and between devices, even with a warrant supporting probable cause of criminal activity.

......

 

Encryption is a crime.

Share this post


Link to post
Share on other sites

article - https://www.vice.com/en_us/article/mb88za/amazon-requires-police-to-shill-surveillance-cameras-in-secret-agreement

Quote

Amazon's home security company Ring has enlisted local police departments around the country to advertise its surveillance cameras in exchange for free Ring products and a “portal” that allows police to request footage from these cameras, a secret agreement obtained by Motherboard shows. The agreement also requires police to “keep the terms of this program confidential.” 
....

article - https://abc7.com/news/lapd-pilot-program-uses-smartphone-app-to-reduce-burglaries/1262052/

Quote

 

WILSHIRE PARK, LOS ANGELES (KABC) -- The Los Angeles Police Department has partnered with a tech company to provide free doorbell cameras to homeowners in an effort to reduce burglaries.

The Santa Monica-based company Ring donated 500 of its video doorbells to neighborhoods in the Wilshire Park and Country Club Park communities of Los Angeles.
....

 

Not sure how I feel about this. Still digesting it.

Share this post


Link to post
Share on other sites

Yea it's one thing for police being able to request video from the owners of the home, it's another when they can secretly request data directly from ring without consulting the owners.  One security specialist said that this was akin to Amazon (owners of Ring) and the police departments created a decentralized surveillance network - which I think is hyperbole but not entirely untrue. 
Remember Amazon also tried rolling out their smart lock/camera pair that would allow deliveries to open your front door.  Of course the security on that was laughable, but I wouldn't be surprised if at some point they try to use facial recognition on a ring doorbell combined with a smart lock to do roughly the same thing with "added security."  The proliferation of facial recognition and biometric scraping it another issue entirely and genuinely terrifying. 

Recently some states have started cracking down on "porch pirates" and other theft of packages, upping the charges from simple misdemeanors to felonies.  That shows the trends some people are concerned about.
I think home surveillance is something people should invest in, but I disagree wholeheartedly with the idea of police being able to access that data without express consent from the homeowners. 

Share this post


Link to post
Share on other sites

i think im on the same boat with malaphax "I disagree wholeheartedly with the idea of police being able to access that data without express consent from the homeowners. "

i dont think ive lost  a package before but im waiting for wyze to release outdoor camera so i can put one in the front door.

Share this post


Link to post
Share on other sites

It's a long read (56 pages) but if you are curious what the US Department of Defense officially encourages for "identity and privacy protection" as of March 2019, then here it is (note the URL). They have sections on a lot of different topics, OSs, services, etc. Many sections encourage using encryption.

https://www.arcyber.army.mil/Portals/34/Fact Sheets/DoD_Identity_Awareness_Protection_Management_Guide_March2019.pdf?ver=2019-06-24-174833-227
 

Share this post


Link to post
Share on other sites

article - https://www.theregister.co.uk/2019/10/04/us_government_encryption/

I'm practically quoting the entire article but to save you a click....

Quote

 

The US government is renewing its efforts to talk tech firms out of using end-to-end encryption methods that would keep police from snooping on conversations.

The Department of Justice on Friday held what it dubbed the "Lawful Access Summit," a morning-long presentation aimed at convincing people that police must be able to see all conversations on messaging platforms in order to protect the public, specifically children, from predators.

"Outside the digital world, none of us would accept the proposition that grown-ups should be permitted to mingle in closed rooms with children they don’t know in order to groom them for sexual exploitation," offered US deputy attorney general Jeffrey Rosen.

"Neither would we ever accept the idea that a person should be allowed to keep a hoard of child sexual abuse material from the scrutiny of the justice system when all of society’s traditional procedures for protecting the person’s privacy, like the Fourth Amendment’s warrant requirement, have been satisfied. But in the digital world, that is increasingly the situation in which we find ourselves."

In particular, the DOJ has zeroed in on Facebook. The social network recently announced its intention to make all of its chat services, not just WhatsApp, end-to-end encrypted platforms that will place keys in the hands of the users themselves.

"We must find a way to balance the need to secure data with public safety and the need for law enforcement to access the information they need to safeguard the public, investigate crimes, and prevent future criminal activity," the DOJ says to the social network.

"Not doing so hinders our law enforcement agencies’ ability to stop criminals and abusers in their tracks."

Rather than demand the backdoor ability to decrypt communications on demand, the DOJ is suggesting tech firms instead offer a "front door" to let police present a warrant and receive copies of the conversations they wish to view. Unfortunately, the authorities don't seem to have any idea what that "front door" would actually look like in the context of an end-to-end encrypted service.
....

 

Think of the children.

Encryption is a crime.

Share this post


Link to post
Share on other sites

Some moderately positive news regarding the US customs and border patrol searching electronic devices.  A US district court judge issued a ruling which increased the standard (previously there was no standard) for searching electronic devices.  This case partially stems from the NASA/JPL employee that was told to hand over their company issued phone to some random CBP agent because "reasons" even though he's a US citizen enrolled in global entry and has worked for the federal government for 10+ years. 

As a caveat, the judge did not issue a ruling requiring probable cause, which is the standard that the ACLU and EFF were arguing for - the CBP will now only require reasonable suspicion. 

https://www.reuters.com/article/us-usa-immigration-privacy/u-s-judge-rules-suspicionless-searches-of-travelers-digital-devices-unconstitutional-idUSKBN1XM2O2?il=0

Edit - adding the EFF article about the ruling: https://www.eff.org/press/releases/federal-court-rules-suspicionless-searches-travelers-phones-and-laptops

It's a step in the right direction, I'm hoping that some of the increased pressure surrounding facial recognition (it's banned in certain cities like Berkley) might also put limits on the CBP's ability to collect seemingly endless amounts of data on both US and foreign nationals in US airports and border crossings. 
I suspect that this will end up in front of the Supreme Court eventually, I'm curious how that might play out. 

Share this post


Link to post
Share on other sites

https://www.nytimes.com/2020/02/10/podcasts/the-daily/facial-recognition-surveillance.html?showTranscript=1

Yesterday's The Daily podcast covered Clearview AI which scraped photos from the internet and built a giant database which is searchable and being sold to law enforcement.  Of course the people who built this database are absolutely clueless that it might at some point be abused or fall into the public's hands.  Here's a great excerpt:

Quote
kashmir hill - I mean, one point that I made when I was talking to him is that oftentimes, the tools that law enforcement use end up in the hands of the public.
kashmir hill - I just — I personally feel like you guys have opened the door to now this becoming more normalized, just because a lot of tools that law enforcement have eventually make their way into public hands.
hoan ton-that - Not always. Not everyone has a gun. [LAUGHS] Right? That would be —
kashmir hill - Anyone who wants one can get one in the U.S. basically, but —

kashmir hill - His response was strange. He said, well, look at guns. Law enforcement has guns, but not everybody has a gun. And I don’t know if that’s because he’s from Australia?

annie brown - Yeah, he’s proving your point, in a way.

kashmir hill - [LAUGHS] It did seem like he was proving my point, rather than rebutting it.

Share this post


Link to post
Share on other sites
On 4/28/2016 at 8:24 AM, kuhla said:

source - http://arstechnica.com/tech-policy/2016/04/child-porn-suspect-jailed-for-7-months-for-refusing-to-decrypt-hard-drives/

Quote

The suspect, a former Philadelphia Police Department sergeant, has not been charged with any child porn crimes. Instead, he remains indefinitely imprisoned in Philadelphia's Federal Detention Center for refusing to unlock two drives encrypted with Apple's FileVault software in a case that once again highlights the extent to which the authorities are going to crack encrypted devices. The man is to remain jailed "until such time that he fully complies" with the decryption order.

Encryption is a crime. That's it.

They finally released this guy, the federal appeals court ruled that no individual can be held in contempt of court for more than 18 months (original law stems from 1970s).  Of course I suspect this type of case might make it's way to the supreme court. 

https://arstechnica.com/tech-policy/2020/02/man-who-refused-to-decrypt-hard-drives-is-free-after-four-years-in-jail/

Share this post


Link to post
Share on other sites
20 minutes ago, Malaphax said:

Of course I suspect this type of case might make it's way to the supreme court. 

https://variety.com/2020/digital/news/whatsapp-2-billion-users-facebook-encryption-1203502120/

Quote

 

.....

But Facebook’s plans to more widely use strong encryption across its family of apps has drawn concern from government officials, including U.S. Attorney General William Barr, who fear the messaging tools could be used by criminals and terrorists. “Companies should not deliberately design their systems to preclude any form of access to content even for preventing or investigating the most serious crimes,” Barr, along with top law enforcement officials from the U.K. and Australia, wrote in a letter to Facebook CEO Mark Zuckerberg last fall.
....

 

I don't think the attack on encryption will stop anytime soon.

Share this post


Link to post
Share on other sites

Another day another damning report. 

https://www.eff.org/deeplinks/2020/02/california-auditor-releases-damning-report-about-law-enforcements-use-automated

Quote
  • The four agencies’ “[p]oorly developed and incomplete policies contributed to the agencies’ failure to implement ALPR programs that reflect the privacy principles” required by state law.
  • “Instead of ensuring that only authorized users access their ALPR data for appropriate purposes, the agencies we reviewed have made abuse possible by neglecting to institute sufficient monitoring.”
  • “A member of law enforcement could misuse ALPR images to stalk an individual or observe vehicles at particular locations and events, such as doctors’ offices or clinics and political rallies. Despite these risks, the agencies we reviewed conduct little to no auditing of users’ searches.”
    “[A]gencies have not based their decisions regarding how long to retain their ALPR images on the documented usefulness of those images to investigators, and they may be retaining the images longer than necessary, increasing the risk to individuals’ privacy.”
  • “We found that the three agencies storing ALPR data in Vigilant’s cloud—Fresno, Marin, and Sacramento—do not have sufficient data security safeguards in their contracts.”
  • While the California Department of Justice has guidelines on protecting police data from federal immigration enforcement activities, “agencies were either unaware of these guidelines or had not implemented them for their ALPR systems.”

Share this post


Link to post
Share on other sites

press release - https://www.justice.gov/opa/pr/attorney-general-william-p-barr-and-fbi-director-christopher-wray-announce-significant

Quote

....

Investigators sought and received court authorization to search the contents of Alshamrani’s iPhones within one day of the December 6, 2019 terrorist attack.  Unable to unlock the phones because of their security features, and having exhausted all readily available options, the FBI approached Apple for its assistance in early January 2020.  The company declined to assist.  
....

Attorney General Barr announced that the FBI recently succeeded in unlocking the phones of Alshamrani, who had attempted to destroy them while launching his attack.
....

[Barr] "The bottom line: our national security cannot remain in the hands of big corporations who put dollars over lawful access and public safety.  The time has come for a legislative solution.”
....
The company declined to assist.  FBI technical experts succeeded in accessing the phones’ contents over four months after the attack, revealing highly-significant evidence, including:

  • Alshamrani and his AQAP associates communicated using end-to-end encrypted apps, with warrant-proof encryption, deliberately in order to evade law enforcement.

....

Encryption is a crime.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...