Tag Archive: BLARNEY


Let’s Build A More Secure Internet

 

 

 

 

” Can we ever trust the Internet again?

  In the wake of the disclosures about the National Security Agency’s surveillance programs, considerable attention has been focused on the agency’s collaboration with companies like Microsoft, Apple and Google, which according to leaked documents appear to have programmed “back door” encryption weaknesses into popular consumer products and services like Hotmail, iPhones and Android phones.

  But while such vulnerabilities are worrisome, equally important — and because of their technical nature, far less widely understood — are the weaknesses that the N.S.A. seems to have built into the very infrastructure of the Internet. The agency’s “upstream collection” capabilities, programs with names like Fairview and Blarney, monitor Internet traffic as it passes through the guts of the system: the cables and routers and switches.

  The concern is that even if consumer software companies like Microsoft and telecommunications companies like AT&T and Verizon stop cooperating with the N.S.A., your online security will remain compromised as long as the agency can still take advantage of weaknesses in the Internet itself.

  Fortunately, there is something we can do: encourage the development of an “open hardware” movement — an extension of the open-source movement that has led to software products like the Mozilla browser and the Linux operating system.

  The open-source movement champions an approach to product development in which there is universal access to a blueprint, as well as universal ability to modify and redistribute the blueprint. Wikipedia is perhaps the best-known example of a product inspired by the movement. Open-source advocates typically emphasize two kinds of freedom that their products afford: they are available free of charge, and they can be used and manipulated free of restrictions.

  But there is a third kind of freedom inherent in open-source systems: the freedom to audit. With open-source software, independent security experts can scrutinize the code for vulnerabilities — whether accidentally or intentionally introduced. The more auditing by the programming masses, the better the security. As the open-source software advocate Eric S. Raymond has put it, “given enough eyeballs, all bugs are shallow.”

 

 

Source: Mercatus.org

 

 

 

 

 

U.S., British Intelligence Mining Data From Nine U.S. Internet Companies In Broad Secret Program

 

 

 

 

” The program, code-named PRISM, has not been made public until now. It may be the first of its kind. The NSA prides itself on stealing secrets and breaking codes, and it is accustomed to corporate partnerships that help it divert data traffic or sidestep barriers. But there has never been a Google or Facebook before, and it is unlikely that there are richer troves of valuable intelligence than the ones in Silicon Valley.

Equally unusual is the way the NSA extracts what it wants, according to the document: “Collection directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.”

London’s Guardian newspaper reported Friday that GCHQ, Britain’s equivalent of the NSA, also has been secretly gathering intelligence from the same internet companies through an operation set up by the NSA.

According to documents obtained by The Guardian, PRISM would appear to allow GCHQ to circumvent the formal legal process required in Britain to seek personal material such as emails, photos and videos from an internet company based outside of the country.”

 

 

Despite the spate of corporate denials it would appear that they are all willing participants … shame .

 

 

In exchange for immunity from lawsuits, companies such as Yahoo and AOL are obliged to accept a “directive” from the attorney general and the director of national intelligence to open their servers to the FBI’s Data Intercept Technology Unit, which handles liaison to U.S. companies from the NSA. In 2008, Congress gave the Justice Department authority for a secret order from the Foreign Surveillance Intelligence Court to compel a reluctant company “to comply.”

In practice, there is room for a company to maneuver, delay or resist. When a clandestine intelligence program meets a highly regulated industry, said a lawyer with experience in bridging the gaps, neither side wants to risk a public fight. The engineering problems are so immense, in systems of such complexity and frequent change, that the FBI and NSA would be hard pressed to build in back doors without active help from each company.

 

The money quote …

 

As it is written, there is nothing to prohibit the intelligence community from searching through a pile of communications, which may have been incidentally or accidentally been collected without a warrant, to deliberately search for the phone calls or e-mails of specific Americans,” Udall said.

 

 

 

Related:

Google CEO Larry Page On PRISM: ‘What The…?’

Apple: ‘We Have Never Heard Of PRISM’

Dissecting Big Tech’s Denial of Involvement in NSA’s PRISM …

Google and Facebook Double Down on Prism Denials

PRISM’s NSA fallout: Apple, Google, Facebook issue denials …

Evolution Of The PRISM Denials: This May Be Why They Seem …

Apple, Google, Facebook, Yahoo, Microsoft, Paltalk, AOL issue …

Liberal England: PRISM: Should we believe the internet companies …

 

 

 

 

 

 

 

 

—-