British politicians are no more delusional that US
politicians.
The
Terrorist Justification for Mass Surveillance
The
UK government's attempts to ease the passage of the hugely
controversial Investigative Powers Bill continued this week with a
Telegraph opinion piece
from William Hague (former First UK Secretary of Sate and former
leader of the Conservative Party): The Brussels attacks show the need
to crack terrorist communications.
In
this piece Hague continues the usual confused approach over
encryption while concentrating on the need for bulk data collection
and retention. Discussing the Brussels terrorists he comments, "the
mobile phones they carried had evidently not been used before and
showed no record of texts, chat or emails. Whatever means of
co-ordination they used, it was sufficiently private or encrypted
that the authorities do not seem to have been aware of it."
Nevertheless
he continues on the standard theme that what amounts to mass
surveillance will help the intelligence agencies discover what he has
just admitted wasn't there, while simultaneously demonizing the
Snowden whistleblowing. Lee Munson, a researcher with Comparitech
suggests that Hague is 'sadly deluded'.
Security
expert and commentator David Harley is more measured. Hague, he
suggests is basing his arguments on at least two assumptions.
Firstly, that "since intelligence agencies weren't aware of
whatever messages may have been passed between the terrorists, they
must have been been using super-private, super-encrypted technology.
Actually it’s at least as
likely that they were communicating by such lo-tech routes that they
didn’t show up on the authority’s radar."
… The
second concern is that Hague is trying to differentiate bulk
collection from mass surveillance when it is effectively, if not
semantically, the same thing. Even then, wonders Harley, "if
bulk data interception didn’t pick up relevant traffic on this
occasion, will spending more money on it help? Or will we have to
lean further in the direction of mass surveillance?"
Perhaps they can try those “don't tell the
judge” agreements they used for intercepting cellphones?
FBI weighs
if it can share hacking tool with local law enforcement
The FBI and Justice Department are debating
whether the hacking tool that helped the bureau unlock the iPhone of
one of the San Bernardino, Calif., terrorists can be used to help
state and local law enforcement, officials said Friday.
That will be a
challenge because the bureau has classified the tool, making it
difficult to use in state and local criminal prosecutions requiring
disclosure of evidence to defendants, officials said.
… Moreover, the tool itself likely will have a
shelf life of only a few months, as tech companies may find and fix
the vulnerabilities that the tool exploits, and they periodically
update the underlying software.
The firm that helped the bureau — not the
Israeli company Cellebrite, as had been widely rumored — charged a
one-time flat fee, officials said.
The bureau is not releasing the company’s name
and has declined to discuss details of the solution.
… To referee the issue, the government has an
interagency process headed by the attorney general to decide which
capabilities should be classified. This is separate from the
“vulnerabilities equities process” managed by the White House,
which decides which software flaws should be disclosed to the
software maker. [So if the
White House says “share” the DoJ can say “Classified?” Bob]
My Data Management students were wondering about
that.
Exclusive:
Egypt blocked Facebook Internet service over surveillance - sources
Egypt blocked Facebook Inc's (FB.O)
Free Basics Internet service at the end of last year after the U.S.
company refused to give the Egyptian government the ability to spy on
users, two people familiar with the matter said.
… The Egyptian
government suspended the service on Dec. 30 and said at the time that
the mobile carrier Etisalat had only been granted a temporary permit
to offer the service for two months.
Two sources with direct
knowledge of discussions between Facebook and the Egyptian government
said Free Basics was blocked because the company would not allow the
government to circumvent the service's security to conduct
surveillance. They declined to say exactly what type of access the
government had demanded or what practices it wanted Facebook to
change.
Interesting.
How would they make it work?
The Music
Industry Has Had It With The Digital Millennium Copyright Act
The music
industry is tired of playing whack-a-mole and is appealing to the
U.S. Copyright Office and Congress to help. Hundreds of artists,
managers and industry organizations signed petitions sent to the U.S.
Copyright Office Thursday demanding reform of the Digital Millennium
Copyright Act, a law they say has placed undue burdens on them to
scour the internet for people and websites illegally sharing their
work.
… “It’s impossible for tens of thousands
of individual songwriters and artists to muster the resources
necessary to comply with its application.”
… Rightsholders and other artists claim this
growth is proof of a dizzying responsibility that they cannot be
expected to handle while continuing to make art. Yet other
stakeholders frame that growth as proof the system is working.
The Computer and Communications Industry
Association, a trade group that counts Google, Amazon and Yahoo among
its members, filed its own comments on the DMCA this week making that
exact point, saying filing takedown requests has grown easier,
cheaper and more efficient.
For my
Computer Security students.
Survey:
With all eyes on security, talent shortage sends salaries sky high
The
industry that makes students smarter?
Hack
Education Weekly News
… Via
the Mail and Guardian Africa: “An Africa first! Liberia
outsources entire education system to a private American firm. Why
all should pay attention.” The United Nations Special Rapporteur
on the right to education, Kishore Singh, has said
that “Such arrangements are a blatant violation of Liberia’s
international obligations under the right to education, and have no
justification under Liberia’s constitution.” The company in
question is Bridge International Academies, which has received
funding from the Gates Foundation, Learn Capital, and Mark
Zuckerberg’s investment company the Chan Zuckerberg Initiative
(among others). [But, what
if it works? Bob]
… From
the Detroit Free Press: “In its latest crackdown on school
corruption in Detroit, the federal government today dropped a legal
bomb on 12 current and former principals, one administrator and a
vendor – all of them charged with running a nearly $1-million
bribery and kickback scheme involving school supplies that were
rarely ever delivered.” [See
above? Bob]
… Via
The Wall Street Journal: “Judge Says Bankrupt Law Grads Can
Cancel Bar Loans.” Federal student loans cannot be discharged by
declaring bankruptcy, so this is an interesting ruling.
… “Getting banned from Facebook can have
unexpected and professionally devastating consequences,” writes
the EFF’s Jillian York.
… Via
NPR: “Software Flags ‘Suicidal’ Students, Presenting
Privacy Dilemma.”
… Via
the Star Tribune: “Two faculty unions are up in arms over
a new rule that would allow Minnesota’s state colleges and
universities to inspect employee-owned cellphones and mobile devices
if they’re used for work. The unions say the rule,
which is set to take effect on Friday, would violate the privacy of
thousands of faculty members, many of whom use their own cellphones
and computers to do their jobs.”