PRISM
Latest
How to Disappear (almost) Completely: the illusion of privacy
Can anyone ever really leave the internet? And if you had the choice, is that something that you'd want to do? After all, abandoning the connected world might help you reclaim some privacy, but even if you smashed your PC, burned your tablet and tossed your smartphone, you might still not be able to escape constant surveillance. In our three-part series How To Disappear, we're going to look at why you'd think about going offline, what you can do to tidy up your digital footprint and what happens to those who have made the leap into the darkness.
The NSA's mass surveillance program for phone call metadata is still going
Despite last night's vote by the House of Representatives and various plans for reform, the NSA is still peeking into places many think it shouldn't. The Office of the Director of National Intelligence just revealed that yesterday, the program that scoops up bulk metadata on phone calls has been renewed again. In February, the Foreign Intelligence Surveillance Court approved some new limits on the program forcing the NSA to request court approval to pull records, and limiting it to info for people within two degrees of a target. Those restrictions are still in place, and this latest 90-day renewal extends the program until September 12th. For now, the changes proposed by President Obama are currently tied to the "gutted" USA Freedom Act that's being considered by the Senate.
House passes amendment to cut NSA's 'backdoor search' funding
Following a push from several Representatives, the House has pushed through an amendment -- tagged on to the Fiscal Year 2015 Department of Defense Appropriations Act (H.R. 4870) -- to stop at least some of the surveillance programs at the National Security Agency. Mark Rumold, a lawyer for the Electronic Frontier Foundation, said "the House of Representatives took an important first step in reining in the NSA." On Monday, Representative Justin Amash said the bill was a chance to stop the security agency's "unconstitutional spying on Americans." The backdoor searches that the amendment would stop includes emails, browsing and chat history, which can currently be parsed and searched without a warrant. The amendment would curb this in two ways: it would cut off funding for the search of government databases for information on US citizens while also prohibiting both the NSA and CIA from requiring "backdoors" in online services and products. It's not a done deal just yet: now that it's passed the House, it needs to go through the Senate before it can become a reality.
China's state media wants Apple and Google to be 'severely punished' for NSA spying
Today has seen a sudden spike in anti-American sentiment in Chinese state-owned media, with Apple, Google, Microsoft and Facebook all being described as "pawns" of the US government (aka the "high-level hooligan"). Articles in the China Daily and People's Daily call for these companies to be "severely punished" for their alleged roles in the PRISM scandal, but there's no obvious trigger to explain the timing of their publication. One possible factor is today's date: June 4th marks the bloody end of the Tiananmen Square protest of 1989, when government forces killed hundreds of pro-democracy activists in the streets of Beijing. Google and other sources of international news are being subjected to extra censorship in order to control discussion of the Tiananmen anniversary within China, which implies that these outlets are currently even more irksome to the Communist Party than they usually are.
Oliver Stone is making his own movie about the Edward Snowden saga
Between W., Nixon, JFK, Born on the Fourth of July and Platoon, it's safe to say that Oliver Stone has a reputation as being a political film-maker. It shouldn't come as a surprise, therefore, to see that the director has signed up to helm a movie based on Edward Snowden and Glenn Greenwald's exposure of the NSA's PRISM program. The Snowden Files is based upon Luke Harding's account of the story, and will compete with No Place to Hide, which is based on Greenwald's book of the same name. In a statement, Stone said that "this is one of the greatest stories of our time," which explains why we need two films on the same subject -- just like Armageddon and Deep Impact, or Volcano and Dante's Peak, or Mission to Mars and Red Planet, or Mirror/Mirror and Snow White and the Huntsman...
Edward Snowden wants you to call him what he is: a trained government spy
Edward Snowden has been called a variety of things: whistleblower, patriot, traitor. But when it comes to his technical expertise, he's usually just referred to as a hacker, contractor or some flavor of system administrator. That, Snowden says, doesn't do his role and background justice. In an excerpt of an NBC interview, Snowden asserts that he's a technical expert "trained as a spy in sort of the traditional sense of the word," worked undercover and overseas for the CIA and NSA, lectured at a counterintelligence training academy and implemented systems for the government "at all levels." According to the infamous whistleblower, he qualifies as a spy in the classic sense since he "lived and worked undercover overseas -- pretending to work in a job that I'm not -- and even being assigned a name that was not mine."
Snowden leaks and NSA reporting win Pulitzer Prizes
Both The Guardian and The Washington Post were announced as Pulitzer Prize winners today in the public service category. The prizes were awarded for The Guardian's Edward Snowden work, which revealed dozens of details about the United States government spying on citizens the world over, and for Washington Post's ongoing National Security Agency coverage, which uncovered Prism and myriad other surveillance overreaches. Of the 14 awards given, only two were given for reporting on NSA surveillance and Edward Snowden's leaks.
Over 200 NSA documents collected and made searchable, from Snowden to Prism
When Edward Snowden made a name for himself last June by leaking classified NSA information, he did so by working with The Guardian and a documentary filmmaker. As such, the public learned of much of the NSA's surveillance measures through the medium of a single media outlet. In the ensuing months, much more has come to light, and today the American Civil Liberties Union is unveiling "NSA Documents Database," a searchable, categorized database of just over 200 previously classified NSA documents. That includes everything from the initial Snowden leaks through Mystic (and more). The collection comprises "all of the documents released since [June 5, 2013], both by the media and the government," and the ACLU promises more documents will be added as they become available. In so many words, if you're looking to dig in and bone up on the current government surveillance debate, this is gonna be your jam.
Companies would be in charge of phone records under Obama's new data collection proposal
The extent to which the NSA collects bulk phone call metadata has been one of the most prominent topics within the ongoing government-surveillance scandal. President Barack Obama promised reform, and not long after, a court approved measures that meant the NSA had to begin formally requesting access to records, and could only stray two degrees of separation from the original target. Today, news from the White House explains how the program could change further (much of which was revealed unofficially a couple of days ago). The proposal, which was drafted following a full review of the program, puts telecom companies in charge of the data, not the government. They'd keep it for no longer than they currently do (around 18 months), but would be "compelled" under court orders to provide records in a "timely manner" and a "usable format."Once a data request has been court-approved, the powers that be have a window of time in which to solicit records without needing repeated approvals. The hope is that, if approved "with the passage of appropriate legislation," this tweaked program will alleviate some privacy concerns by taking the data out of the government's hands, while still keeping the intel available for when it's needed. As the proposal is only under consideration, the Obama administration will ask the Foreign Intelligence Surveillance Court (FISC) for a 90-day renewal of the current phone metadata collection program, February amendments included.
MIT develops new platform to spy-proof websites
You're all likely aware by now that identity thieves and hackers aren't the only ones who surreptitiously collect people's private info. In an effort to keep them (and you know, certain government agencies) at bay, a group of MIT researchers have created Mylar -- a new platform for building secure websites, services and applications. According to MIT's Technology Review, anything built using Mylar keeps your data encrypted all the time in its servers. That data's only decrypted when it's accessed from your computer with the right password, though Mylar can also issue encryption keys if you want to share data with other people.
Bipartisan bill will stop NSA's bulk phone call data collection, but it might not go far enough
Following Edward Snowden's leaks about the NSA collecting massive amounts of data about phone calls flowing through several companies, President Obama announced limitations on the use of that data in January and said more reforms would follow. Now, the New York Times, Wall Street Journal and Washington Post report a bipartisan bill is about to be unveiled that makes several large changes to the NSA's controversial bulk collection of phone call metadata. A bill that will be unveiled tomorrow in the House of Representatives by Mike Rogers (R-MI) and "Dutch" Ruppersberger (D-MD) will instead see phone companies store the data only as long as they normally would (18 months or so, under other federal regulations). If the NSA suspects a terrorism link, it can make requests for information from specific phone numbers, and related records up to two hops away. What's likely to disappoint privacy advocates however, is that the NSA is only required to send a copy of the directive to a court for review after record collection has already started. On the other hand, according to the Post, it would have the make a determination if a number is linked to terrorism "promptly" and if it does not decide that it's linked "agent of a foreign power," it will be expunged. We should find out exactly what's in the bill when it's introduced tomorrow but there's one other note to remember -- 90-day approval for the NSA's current bulk collection program ends Friday, and is likely to be renewed at least one more time while this and other bills are sorted out.
Leaked documents detail how and why NSA targets network admins
With the amount of NSA-related information that's been leaked to the press, one may wonder if the feds will have anything new to share whenever the agency's first transparency report releases. The latest info is that the NSA was targeting foreign network administrators to gain access to the networks they control, as late as 2012. Edward Snowden gave The Intercept a handful of screengrabs from an internal agency message board that, among other things, detail how the NSA can monitor calls and emails moving through a foreign telco's network simply by having access to the system admin's PC. The steps for that apparently include grabbing the admin's IP address, and from there hacking the user's Facebook or web-mail accounts to gain full access to their computer via surveillance malware.
NSA claims that technology firms are aware of its data collection
If you ask technology leaders like Apple or Google, the NSA has been snooping on their customers without permission. However, the NSA has a very different story. Agency general counsel Rajesh De tells an oversight board that these companies are fully aware of and assisting data collection under the PRISM surveillance program, whether it targets servers or internet traffic. There's a "compulsory legal process" for the firms involved, the attorney says. If accurate, the statement at least partly contradicts repeated claims from these companies that the NSA leaves them in the dark. With that said, it's still possible for both sides to be right. Leaks from last June suggest that company staff handling these government requests are required to keep the details secret, even when speaking to coworkers -- higher-ups won't necessarily hear about cooperation with the intelligence community.
Prism for iOS is a new unique filter based editor for your photos
Prism (U.S. $2.99) takes a unique spin on applying photo filters. You load an image, and the app checks to see what colors make up your photo. It then displays a filter wheel, and as you move around the outer edge and explore the central parts of the wheel you will see a variety of effects. Some are subtle, others are pretty wacky. Of course, the ultimate filter selection is up to you. Prism also lets you engage the iPhone camera and snap away with filters applied. There isn't a help menu, but you can view how it all works in an online video. I would put the app in the "you figure it out by exploring" category. There's nothing wrong with that, but some people might be frustrated. Even selecting photos isn't exactly standard. When you start, the latest item in your camera roll appears. You can swipe to the next one, or use the wheel to rapidly move in your library. The app really is a clever way of applying filters, and you'll get a lot of ideas exploring the many permutations offered. Prism provides 14 color-based filter groups and 128 filters. Your images are saved at full resolution. Prism is a great way to explore the possibilities in each photo you take. You'll have to invest some time learning how the app works, but with that investment comes the power to create some really expressive images. Prism is not a universal app, so it's best for the iPhone or iPod touch. It requires iOS 7.0 or greater, and it's optimized for the iPhone 5.
Zuckerberg responds to 'frustrating' reports of NSA spoofing Facebook, while the agency denies them
Yesterday a report from The Intercept exposed NSA documents apparently showing how it could infect "millions" of computers with malware and even masquerade as a Facebook server. Now, Facebook CEO Mark Zuckerberg and the NSA have both published responses, with decidedly different takes on the situation. Zuckerberg took to the site to discuss how important trust is on the internet, calling the reports confusing and frustrating, and said he called President Obama directly (pictured above speaking to President Francois Hollande of France last week) to express those feelings. While he waits for "true full reform," he says Facebook is working on making its services more secure with encryption, secure protocols for traffic, and helping others resolve issues in their services. Meanwhile, or perhaps in response to Zuck's direct call, the NSA's Public Affairs office posted a statement (PDF) calling the reports inaccurate. According to the agency: "NSA does not use its technical capabilities to impersonate U.S. company websites. Nor does NSA target any user of global Internet services without appropriate legal authority." Check out the full statement and see how it compares to the documents published yesterday for yourself, but after the last year or so of leaks, it's pretty tough to just take the NSA's words at face value. [Image credit: Official White House Photo by Pete Souza]
WSJ: Four ways to distance the NSA from phone records that'll be considered by government
President Obama has his work cut out for him as he tries to restore faith in the US government following the whole NSA spying scandal. He first talked of surveillance reform last year, then in a January 2014 speech promised to revamp the NSA's program for collecting phone records. While the agency must now seek court approval to access phone data, The Wall Street Journal is reporting that "administration lawyers" have finished drafting several proposals that would bring about more radical changes to the program by taking the database out of the NSA's hands. These are said to be part of a wider report due in March, in which other scenarios that strip some power from the government spy agency will be explored. One of the proposals would see phone companies responsible for managing the records, which the NSA would then request on a case-by-case basis. Apparently the idea hasn't gone down too well, with companies wary of being inundated with data requests from elsewhere; not to mention they haven't been involved in crafting the proposals. (Besides, do you trust AT&T and Verizon anymore than the government?) Another idea would see a different government entity such as the FBI (which is allegedly a contender, despite its own indiscretions) or Foreign Intelligence Surveillance Court be put in charge. It's also been suggested a new independent organization be created that would technically be neither a part of the government nor a phone company. Though, the concern there is any newly created body would ultimately end up serving as an extension of the NSA. Of course, there's always the last option of doing away with the phone surveillance altogether, which we're sure many would celebrate, but seems highly unlikely. There's always the possibility that another solution is agreed upon, but for now these seem to be the primary options available to the Commander in Chief.
Meet Rebecca Richards, the NSA's new Privacy Officer
It's safe to say that the NSA will need more than a pressure hose to wash away the scandals of 2013. As part of the plan to rehabilitate its image, the NSA advertised for a privacy officer back in September, and now the role has been filled by Rebecca Richards. Currently working in Homeland Security's privacy office, Richards' job will be to advise the NSA's director on ways to ensure that civil liberties aren't being ignored by the data-hungry agency. We were going to post the new executive's mugshot, but it appears that she's already gotten the hang of this online privacy lark.
British government reportedly tracking YouTube and Facebook data without permission
While the NSA has been busy scouring the Angry Birds leaderboards, newly leaked documents report that its British counterpart -- the GCHQ -- has been monitoring the flow of social media in real-time. The General Communications Headquarters can apparently keep track of YouTube traffic, which links are liked on Facebook and even which Blogger or Blogspot pages are visited. This all comes via documents taken by Edward Snowden that were obtained by NBC News. NBC's sources also say that the British spies have been able to physically tap the lines carrying global web traffic to extract key data about specific users as well. This initiative, called Squeaky Dolphin, intends to put broad data trends into context with world events and give the intelligence community a heads up for future anti-government happenings -- not for spying on a person-by-person level. What's more, the GCHQ reportedly shares this information with the US. The GCHQ has issued a statement claiming that all of its work is carried out within the limits of the law, while the NSA says that it's only interested in the communication activities of valid foreign intelligence targets. For their part, Google and Facebook say that the spying on unencrypted information was done with out their respective knowledge, and neither company had given the UK government permission to access the data -- something we've heard before.
Apple says it received less than 250 National Security Orders in the first half of 2013
Following the terms of an agreement announced today between government agencies and a number of tech companies, Apple has released an updated report on National Security and Law Enforcement requests. Current through June 30th, 2013, it updates the data released last November and in June by breaking out the number of National Security Orders, which falls somewhere in the range between 0 and 250, "regardless of geography." Apple stated it had not received any requests for bulk data collection -- mentioning once again that personal conversations over iMessage and Facetime are encrypted -- echoing statements by CEO Tim Cook this weekend that it does not provide the government a backdoor to its servers. The other data it can now reveal includes exact numbers for account information requests by law enforcement. That includes 2,330 accounts specified in requests, which resulted in information being disclosed for 747 accounts. All in all, the numbers and ranges support claims by the industry that the amount of data requested is very small, but as we've learned, the NSA isn't always concerned with asking about how to get what it wants from accounts, networks and/or mobile devices.
Independent federal review board calls for NSA to end 'illegal' phone call data collection
Following up on what we've learned about the NSA's various spying activities over the last year, the aptly-named Privacy and Civil Liberties Oversight Board is apparently ready to issue a report on the mess. Established in 2004 (but only fully operational since November) within the executive branch to serve as an independent source of advice to the president on... privacy and civil liberties, it has arrived somewhat late to the party (President Obama announced reform plans last week, but has said its recommendations will be considered going forward), and delivering a split opinion which leans in favor of ending the NSA's bulk collection of information about phone calls (phone numbers, call times and duration). The 238-page report will be released later today but reporters for the New York Times and Washington Post got an early peek and have highlighted the key points.The board has concluded that the NSA's phone metadata program does not meet the legal standard of the Patriot Act, raises serious privacy threats and is only of limited value at best. It's also opposed to a tweak proposed by the president's appointed panel that would see data held by a third party instead. Pointing out specific cases where other methods could have been used, it's recommending ending the program and making sure any government requests for data are tied to specific investigations. So far the program has continued on even after its existence was revealed and declassified, we'll see if these and other opinions have any affect the next time it's up for consideration.
