Friday, 31 October 2014

The extent of this surveillance

Cross-posted at lookatthestateofthat and evilwednesday. Seems to fit with both.

Zoe Williams writes in The Guardian

The first compensation award, of £425,000, has been made to Jacqui, one of the women impregnated in the mid-90s by a police officer pretending to be an activist. She said last year that it felt as though she had been raped by the state

Jacqui says:

“Did he report every contraction back to the police? What use was that for information purposes? That is a moment so intimate, and I shared it with a ghost.”

She said that she felt as though she’d been raped by the state and I can see her point.  Presumably the police officer, Bob Lambert, reported with some regularity to his superiors who saw nothing wrong in beginning and maintaining this relationship through to and beyond childbirth.  As Williams says:

The language doesn’t exist to describe this crime, and that consigns us to imperfect analogies: it is an invasion beyond privacy and beyond sex, into a person’s destiny, holding them hostage forever to the love of a child conceived as the byproduct of state reconnoitre.

How would you feel if your partner – with whom you share a life and a child – turned out to be leading another life, too?  Not ‘just’ something relatively commonplace like an affair but a completely different life, such as having another family with someone else or having lied about their job?  It’s hard to imagine. But to know that the deception was sanctioned and maybe even encouraged by the state in order to catch some criminals who didn’t exist in the first place is a whole new level of unreality. It must be massively dehumanising; the feeling of being used – of being thought of as a tiny cog in a large and futile game – must be devastating. I don’t know what feelings, if any, Lambert had for Jacqui.  But she doesn’t either. All she knows is that the police didn’t. The state that sanctioned their activities didn’t.  She was unwittingly used: and used as part of a surveillance system aimed at the people and ideals she cared most about.The £425k compensation seems meagre at best.

Williams points out something I hadn’t considered:

The impact on Bob Lambert, the police officer, cannot be ignored. His life has been completely denatured by this duplicity. Surveillance, like torture, brutalises the agent as much as it violates the victim

Well, perhaps, but I’m struggling to summon any sympathy. He didn’t have to form a romantic relationship with Jacqui. He sure as shit didn’t have to father her child. He didn’t have to form any kind of intimate relationship – sexual or otherwise with her – in order to do his job. And he didn’t have to do that job.  I feel safe in my assumption that either he thought his actions were justified or even correct, or that he didn’t care whether they were or not.  And he certainly got off lighter than Jacqui in any case.

[…] at some point, it must have been obvious that this woman was not a threat to the state. One day, using average human judgment, of a woman he knew inside out, Lambert must have known that Jacqui was not a terrorist but rather a person of radical views. The thing we will never know is how long after that penny had dropped he continued to spy on her. One year? Three? Five?

I don’t know whether the ‘investigation’ was about Jacqui or her circle of friends and contacts.  But the point is important either way.  How much time, effort and money are the police prepared to spend in investigating a lead that’s leading nowhere? And how many lives are they prepared to ruin in the process?

When, for that matter, did MI5 realise that Eric Hobsbawm had no intention of defecting to Russia, and was simply agitating for radical left possibilities within UK politics? When did it realise that Christopher Hill was not intending to restart the English civil war, with a mind to recreating a Leveller revolution three centuries later? These two men were academics and communists, and last week it emerged that they were trailed by security services for more than three decades. The extent of this surveillance is still considered too incendiary to be released fully into the public domain, with sections still redacted.

Williams suggests two explanations. The first is that – to the police and state – the possession of radical views is tantamount to a crime in itself.  I think that’s almost true.  I think it’s a case of the means justifying the means: circular logic being let out to run riot.  Unlike youths in a town local to me: police are “clamping down” on large gangs of youths gathering in public parks on the grounds that – in their view – no good can come of it. It’s unfortunate for the police that the officer issuing threats against youths and their parents that cannot be legally enforced is called Inspector Button. Aaaaawwww. Anyway, large groups are bound to contain a bad apple and they’re all so close together! If we watch a large group long enough, a crime is certain to occur eventually and we can justify our intolerance of crowds! I’m not sure that the state (at least this state) thinks that activists are automatically evil, but that some of them are likely to be and that catching one justifies enormous taxpayer expense (that’s enormous expense, not necessarily an enormous taxpayer) and the devastation of innocent people’s lives.

I agree more closely with Williams’ second explanation:

Once you start spying on somebody, it is incredibly difficult to stop

This seems about right. We humans love nothing more than to throw money after bad. It’s the basis of the Gambler’s Ruin. We’ve spent so much without results that someone – and it might be me – is going to get in trouble. So we show progress in ever finer detail but rarely have the guts to call it quits. I’ve done it in various roles as an academic, a software engineer, a project manager and a human being. But in addition to that, Williams suggests that the police and other authorities just really love spying on people and don’t want to stop. I think that’s true too. I mean both spying in general and spying on individuals.

Once you’ve started, the piece of evidence that comprehensively proves innocence doesn’t exist. All that exists is absence, the lack of definitive proof of guilt. One more push might be all it takes.

Yes. This is true regardless of whether authorities view dissent itself as guilt. As I said, some people think that the means justifies the means. The means exist in anticipation of an end but they don’t seem to rely on one. Hence surveillance in the wider context, too.

Williams writes a lot of nonsense about Russell Brand, for some reason. He hasn’t been “monstered” as she suggests. He’s been told off in the papers because of his immature and ill-considered views, but has been lionised in about equal measure. He hasn’t been vanished or curtailed, he’s been granted podia at which to air his views regardless of never having earned it by, for instance, actually having something to say. Let’s not consider him someone who’s been demonised because of his off-centre beliefs. If anything, the opposite is true.

But I liked some of the things Williams said that were not about Russell Brand.  Every time we allow our government to spy on us a little bit more… Well, you know the rest.

The extent of this surveillance

Cross-posted at lookatthestateofthat and evilwednesday. Seems to fit with both.

Zoe Williams writes in The Guardian

The first compensation award, of £425,000, has been made to Jacqui, one of the women impregnated in the mid-90s by a police officer pretending to be an activist. She said last year that it felt as though she had been raped by the state

Jacqui says:

“Did he report every contraction back to the police? What use was that for information purposes? That is a moment so intimate, and I shared it with a ghost.”

She said that she felt as though she’d been raped by the state and I can see her point.  Presumably the police officer, Bob Lambert, reported with some regularity to his superiors who saw nothing wrong in beginning and maintaining this relationship through to and beyond childbirth.  As Williams says:

The language doesn’t exist to describe this crime, and that consigns us to imperfect analogies: it is an invasion beyond privacy and beyond sex, into a person’s destiny, holding them hostage forever to the love of a child conceived as the byproduct of state reconnoitre.

How would you feel if your partner – with whom you share a life and a child – turned out to be leading another life, too?  Not ‘just’ something relatively commonplace like an affair but a completely different life, such as having another family with someone else or having lied about their job?  It’s hard to imagine. But to know that the deception was sanctioned and maybe even encouraged by the state in order to catch some criminals who didn’t exist in the first place is a whole new level of unreality. It must be massively dehumanising; the feeling of being used – of being thought of as a tiny cog in a large and futile game – must be devastating. I don’t know what feelings, if any, Lambert had for Jacqui.  But she doesn’t either. All she knows is that the police didn’t. The state that sanctioned their activities didn’t.  She was unwittingly used: and used as part of a surveillance system aimed at the people and ideals she cared most about.The £425k compensation seems meagre at best.

Williams points out something I hadn’t considered:

The impact on Bob Lambert, the police officer, cannot be ignored. His life has been completely denatured by this duplicity. Surveillance, like torture, brutalises the agent as much as it violates the victim

Well, perhaps, but I’m struggling to summon any sympathy. He didn’t have to form a romantic relationship with Jacqui. He sure as shit didn’t have to father her child. He didn’t have to form any kind of intimate relationship – sexual or otherwise with her – in order to do his job. And he didn’t have to do that job.  I feel safe in my assumption that either he thought his actions were justified or even correct, or that he didn’t care whether they were or not.  And he certainly got off lighter than Jacqui in any case.

[…] at some point, it must have been obvious that this woman was not a threat to the state. One day, using average human judgment, of a woman he knew inside out, Lambert must have known that Jacqui was not a terrorist but rather a person of radical views. The thing we will never know is how long after that penny had dropped he continued to spy on her. One year? Three? Five?

I don’t know whether the ‘investigation’ was about Jacqui or her circle of friends and contacts.  But the point is important either way.  How much time, effort and money are the police prepared to spend in investigating a lead that’s leading nowhere? And how many lives are they prepared to ruin in the process?

When, for that matter, did MI5 realise that Eric Hobsbawm had no intention of defecting to Russia, and was simply agitating for radical left possibilities within UK politics? When did it realise that Christopher Hill was not intending to restart the English civil war, with a mind to recreating a Leveller revolution three centuries later? These two men were academics and communists, and last week it emerged that they were trailed by security services for more than three decades. The extent of this surveillance is still considered too incendiary to be released fully into the public domain, with sections still redacted.

Williams suggests two explanations. The first is that – to the police and state – the possession of radical views is tantamount to a crime in itself.  I think that’s almost true.  I think it’s a case of the means justifying the means: circular logic being let out to run riot.  Unlike youths in a town local to me: police are “clamping down” on large gangs of youths gathering in public parks on the grounds that – in their view – no good can come of it. It’s unfortunate for the police that the officer issuing threats against youths and their parents that cannot be legally enforced is called Inspector Button. Aaaaawwww. Anyway, large groups are bound to contain a bad apple and they’re all so close together! If we watch a large group long enough, a crime is certain to occur eventually and we can justify our intolerance of crowds! I’m not sure that the state (at least this state) thinks that activists are automatically evil, but that some of them are likely to be and that catching one justifies enormous taxpayer expense (that’s enormous expense, not necessarily an enormous taxpayer) and the devastation of innocent people’s lives.

I agree more closely with Williams’ second explanation:

Once you start spying on somebody, it is incredibly difficult to stop

This seems about right. We humans love nothing more than to throw money after bad. It’s the basis of the Gambler’s Ruin. We’ve spent so much without results that someone – and it might be me – is going to get in trouble. So we show progress in ever finer detail but rarely have the guts to call it quits. I’ve done it in various roles as an academic, a software engineer, a project manager and a human being. But in addition to that, Williams suggests that the police and other authorities just really love spying on people and don’t want to stop. I think that’s true too. I mean both spying in general and spying on individuals.

Once you’ve started, the piece of evidence that comprehensively proves innocence doesn’t exist. All that exists is absence, the lack of definitive proof of guilt. One more push might be all it takes.

Yes. This is true regardless of whether authorities view dissent itself as guilt. As I said, some people think that the means justifies the means. The means exist in anticipation of an end but they don’t seem to rely on one. Hence surveillance in the wider context, too.

Williams writes a lot of nonsense about Russell Brand, for some reason. He hasn’t been “monstered” as she suggests. He’s been told off in the papers because of his immature and ill-considered views, but has been lionised in about equal measure. He hasn’t been vanished or curtailed, he’s been granted podia at which to air his views regardless of never having earned it by, for instance, actually having something to say. Let’s not consider him someone who’s been demonised because of his off-centre beliefs. If anything, the opposite is true.

But I liked some of the things Williams said that were not about Russell Brand.  Every time we allow our government to spy on us a little bit more… Well, you know the rest.

Wednesday, 29 October 2014

A day without data

The BBC’s Technology correspondent, Rory Cellan-Jones, on A day without data. It’s a somewhat contrived story about some of the ways we leave a digital footprint, but reasonably informative.

Monday, 27 October 2014

Knox is broken

Update: I’m told that the UK government has accredited Knox as a security product. Haven’t time to check whether that’s true, but it’s from a source that ought to know.

Samsung's Knox security layer for Android generates weak encryption keys, stores passwords locally and gives users login hints in a fatal "security by obscurity" design "compromising the security of the product completely," a researcher has detailed.

It says here

The US government ordered lots of Samsung devices using Knox and the CEO said this “proves the unmatched security of Samsung Galaxy devices supported by the KNOX platform."

Knox uses a PIN solely to facilitate the password hint, which is used if you forget your password.  Both the PIN and the password hint are stored in plaintext on the device and the password hint is some letters from and length of your password!

See the (quite long) article for details. 

Sunday, 26 October 2014

The EFF of surveillance self-defence

I’ll report back when I’ve looked at it.

Update: the title should have read “on” not “of”.  I’ve taken a look at and recommend it. It’s nicely written and contains a lot of good information.

It has sections:

  • Ovetviews: Intro to threat modelling, choosing tools, creating strong passwords, keeping data safe and encryption
  • Tutorials: lots of stuff including encrypting devices, deleting data securely, use of various tools and technologies
  • Briefings: public key cryptography, how to do protests, VPNs, protecting yourself on social media and more.

Life sentence for using a computer to damage the economy

The Tories in the UK are proposing a computer crime bill which includes a life sentence for “[using] a computer in the commission of an offense that damages national security, human welfare, the economy or the environment.” That’s not very specific. The major concern is that governments will use the law to bully whistleblowers.

Twitpic deletes your photographs

Twitpic is going out of business and deleting everyone’s photos.

Which crowdfunded privacy routers are worthy of your trust?

http://boingboing.net/2014/10/24/which-crowdfunded-privacy-rout.html

There are a few promising-looking ones.

Tuesday, 21 October 2014

Police ‘tackle’ group of people for being a group of people

This happened in a town near me. Around 200 youths supposedly met in a park. The police didn’t like it one little bit.  Fortunately, it seems like all the police did was tweet about it, strongly implying that the group was up to no good.  There are plenty of places where they’d have been gassed.

Sunday, 19 October 2014

Call for teens to self-regulate net use

By the BBC. It’s not really a call, though. It’s a report of some research the authors did. Why do journalists always insist on calling research reports and opinions “reports”?  Anyway, if the article is accurate (The BBC doesn’t link to the report and I don’t have time to track it down right now), the research doesn’t say anything startling:

Their report came to three main conclusions:

  • Children who have positive offline relationships with their parents are more likely to navigate the web in a sensible way
  • Supportive and enabling parenting has a more positive impact than restricting or monitoring internet use
  • Teenagers left to self-regulate their internet and social media use are more likely to teach themselves new skills online and maintain positive online relationships

In other words, blocking and monitoring is no substitute for good parenting.

I’m all for this.  (Good) Parents are already used to negotiating with their children over bedtimes, what parties they can go to, how long they can stay, whether or how much they should drink…  A parent might not have a good appreciation of the dangers their children face on the Internet.  Perhaps this makes them bad parents, I’m not exactly qualified to judge. 

But I think there’s a place for software that blocks and monitors children’s access to the internet: how else are they going to learn how to break it?  How else are they going to learn how to resist surveillance or even that they can resist surveillance?

Theresa May defends mass data collection of citizens, says it’s not surveillance

The UK Home Secretary Theresa May has defended the government’s mass collection of its citizen’s phone and internet traffic, according to the BBC.

"If you are searching for the needle in the haystack, you have to have a haystack in the first place," she said.

This is a disingenuous statement at best and at odds with what she said next:

Mrs May argued that collecting and storing phone and internet records was not the same as "mass surveillance" because "most of the data will not be looked at at all, will not be touched".

The government is either mining this data (to find the needles, they need to examine every bit of hay) or they’re specifically targeting people they have legitimate reason to suspect.  Which is it?  If it’s the latter, they don’t need to collect everyone else’s data along with that of the people they suspect.  The best they can say is that if they collect everyone’s data, they’ll have historic data of terrorists, which might conceivably help the investigation. Except that they probably won’t. I think terrorists are going to be pretty careful about their communications.

May’s statements ignore some pretty big considerations:

  • How is the data going to be used?  Will the government only look at the data where there is an existing suspicion of wrongdoing or will they use the data to generate suspicion?  Am I automatically a suspect if someone calls me from a suspect’s phone?  Does that mean they get to examine all my traffic metadata? Does it mean that they have a legitimate reason to tap the contents of my communications?
  • How effective is the mass collection of data in foiling terrorist plots?  In fact, May doesn’t just leave this unanswered, she explicitly refuses to answer and rules out ever answering in the future.
  • What guarantee do we have that mission creep will not occur?  It’s surely inevitable even if such guarantees were in place.  The government had no qualms about secretly (and illegally) collecting this data in the first place.  Why should it be any more honest about how that data is being used and will be used in the future?

She said:

"I think there is - not a contract entered into - but an unwritten agreement between the individual and the state that the state is going to do everything they can to keep them safe and secure."

Well that just makes me feel less safe. The only reasons for such an agreement to remain unwritten is so that we, the citizens, don’t get to decide what’s too big a price to pay for ‘safety’; don’t get to know what that ‘safety’ actually entails or how effective the measures have been; and that the government can change the meaning of can in “everything they can” whenever they feel like it.

She said commercial companies also collected large quantities of data to target advertising at consumers.

Yes they do and many have abominable practices. But this – as May surely understands – is completely different. First, we get to choose whether we use those companies or not (at least in principle) and second, the agreement with those companies is not “unwritten”.  Sure, companies can and do change their T&Cs all the time and without warning. Sure, this can and does lead to infringements of privacy and our freedom to use the things we’ve bought as we wish, but we do have a choice and a legal system within which we can pursue complaints.  We can also limit the amount of information some companies collect about us.  We might use Google for email and Microsoft for instant messaging, O2 for work calls and EE for personal calls.

This is not the same as non-consensual and until recently covert mass collection of all our data, to be used for reasons we’re not told about, apparently without judicial oversight.

She said there was a clear difference between examining data - the time and location of phone calls, for example - and snooping on the contents of calls and emails.

There is a difference, yes. But that’s a false distinction.  It doesn’t make one benign and the other dangerous.  Besides, if they use metadata to generate targets of suspicion, they can just go and get permission to tap those people’s comms.  May says she agrees to almost all requests so there is no practical difference.

She said there was a need to educate the public about why bulk data collection was needed

and then refused to say why it was and ruling out doing so in the future.

But back to this point, in closing:

Mrs May argued that collecting and storing phone and internet records was not the same as "mass surveillance" because "most of the data will not be looked at at all, will not be touched".

Studies have shown (unsurprisingly) that people behave differently when they think they are being watched or – crucially – when they think they might be watched at any time.  When we change our behaviour because we think someone might be watching, we are accepting surveillance in dribs and drabs. 

And we can’t back out. 

South Korea considering re-building its ID system from scratch

The BBC reports that since 2004, an estimated 80% of South Korea’s 50 million people have had their personal details stolen.  There are a number of problems: 

  • Identity numbers started to be issued in the 1960s and still follow the same pattern. The first few digits are the user's birth date, followed by either a one for male or two for female
  • Their usage across different sectors makes them master keys for hackers, say experts
  • If details are leaked, citizens are unable to change them
  • The government required net-users who wanted to deal with banks or shops online to use a Microsoft product, ActiveX, to provide a digital signature but critics say it was a simple password that could easily be duplicated

So they’re thinking of rebuilding it from scratch.  An (uncited) expert told the BBC that it might take up to a decade.  I’d call that optimistic.

Saturday, 18 October 2014

Nintendo will kill your Wii U

Nintendo recently changed the EULA for the Wii U.  If you don’t agree to the new version, your console is bricked.  People who bought the console under the original T&Cs have no choice but to agree to the new ones if they want to continue using it. 

When we buy objects, we expect to own them.  It’s perfectly reasonable to expect that we can use them however we like.  As the EFF says:

He may have expected that, like users of the original Wii and other gaming consoles, he would have the option to refuse software or EULA updates and continue to use his device as he always had before. He might have to give up online access, or some new functionality, but that would be his choice. That’s a natural consumer expectation in the gaming context – but it didn’t apply this time.

This is a worrying trend and is not limited to consoles.

Last month, the New York Times reported that some auto loans are accompanied by "starter interrupter" devices that can shut down your car if you're a few days late with a payment or drive out of a designated area. People were suddenly prevented from driving their children to the doctor, stranded when they tried to escape domestic abuse, and in some cases had their cars deactivated while they were on the road. These extreme consequences came without judicial process, and often without notice.

This is bad news for customers because it shifts the balance of power between suppliers and consumers in a direction unfavourable to consumers.  Suppliers can rewrite their contracts with consumers at any time and force their customers to accept it.

Passenger privacy in the NYC Taxi dataset

A researcher shows that the anonymous dataset isn’t all that anonymous.

How to enable two-step authentication on everything

Two-step authentication requires that you enter some additional information after your password.  In most implementations, a service will send you a text message when you try to log in.  The message contains a code, which you then enter into the site.  This improves security in an obvious way: attackers will need your phone as well as your password.

Gizmodo has an article about how to turn on two-step authentication for lots of sites including Apple, Google, Facebook, Twitter and more.

TOR 4.0

TOR has released version 4.0 of its secure, anonymous, private browser.  It has new stuff to get around The Great Firewall of China.

My privacy hurts :(

The Guardian reports that the Whisper app, which promises an anonymous social media experience doesn’t.  From Whisper’s blurb:

With Whisper, you can anonymously share your thoughts and emotions with the world.

Claims like this are likely to create certain expectations in users.  Few people a great deal of thought on what concepts like anonymity mean, but it’s reasonable to assume that ‘anonymous sharing’ is largely consequence-free.  If you share secrets anonymously, nobody should be able to identify you.  Indeed, Whisper users cannot identify other Whisper users under most circumstances.  There is no persistent username between posts so even if users opt in to location sharing, it would be difficult for users to identify most other users.  Location data is only accurate to within 500m and is intended to identify the street or neighbourhood of the user, but probably not their house (other than in rural areas).  So far, so good.  Whisper considers itself a safe haven for people with secrets, including dangerous ones.  It considers itself a safe haven for whistle blowers

But Whisper’s goal of anonymity is at odds with its other identity as a sort of news provider.  Some of the secrets posted – whistle-blowing secrets in particular – are newsworthy. Whisper writes articles about them.  But since the posters are anonymous, how can Whisper tell if they’re lying?  By checking up on their location.  If a user is blowing the whistle about bullying in the army, Whisper checks their location. Their claim might be considered more credible if they are posting from an army base.

To do this, Whisper maintains a huge database (there are 2.5 million Whisper posts a day) of posts, which it retains indefinitely. This includes the locations of users who have opted in to location sharing.  For the estimated 20% who have opted out, it stores their IP address.  IP location lookup isn’t always accurate or reliable, but it could certainly cause problems for someone with a dangerous secret, especially since Whisper seems inclined to share their database and back-end tools to partners (such as news companies), potential partners (which is how the Guardian knows about this) and with the US Department of Defence.  Although the public can’t connect individual posts by users, the back-end tools can so that Whisper can track users’ past activity to better assess their credibility.

When a service advertises itself as anonymous, users have certain expectations of privacy and I don’t think they are being met with Whisper.