Fogbugzd's Favorite Techdirt Posts Of The Week

from the rebuilding-the-internet dept

By J. Evan Noynaert, Assistant Professor of Computer Science, Missouri Western State University

This was a short week at Techdirt thanks to the Labor Day holiday in the United States.   Even though it was a short week, we may eventually see it as a pivotal week in the emerging NSA revelations.  We started seeing some push-back against the scope of the snooping when we saw the author of the Patriot Act, Jim Sensenbrenner, and members of the Church Commission tell a court that the NSA had gone too far.  Even more surprising is that they did it in support of an ACLU lawsuit (and Sensenbrenner's brief was with the EFF); the NSA/FISA scandal is making strange bedfellows. The government continues to face push-back from other sources.  Some of these were symbolic, such as the Brazilian President's threat to cancel a US visit over NSA spying. She also backed it up with a threat to cancel four billion dollars worth of contracts with US companies.  That is just the sort of thing that tends to get real attention in Washington these days. 

And apparently the scandal is getting some attention in the Obama administration as well as in the NSA itself.  The NSA review board is now accepting comments on aspects of the scandal that the rest of the NSA won't even acknowledge.  The White House CIO seemed to be refuting the claims that we shouldn't worry because "just metadata was collected"   He gave a great explanation about how much can be revealed by "just metadata," especially if you collect vast quantities of it.  Even President Obama got in on the act by wavering ever so slightly.  True, he is still in denial about many aspects of the situation, but the acknowledgment that we may need some changes is at least a glimmer of hope.  So the administration as a whole seems to be entering the schizophrenic phase of policy development.  It is going to be interesting in the coming weeks to see how they resolve the issue.   We can hope that they come down on the side of openness, but there is still a great danger that they will manage to gag the dissenters and go back to stonewalling.

I had a real dilemma when Mike asked me to write this week's favorites.  I didn't have a favorite post for my "Favorite Posts" post.  Then I awoke to my salvation.  Mike published "Online Security isn't Over; It's Just Beginning."  It is the call to arms that we need.  Mike quoted Micah Lee:

Giving up and deciding that privacy is dead is counterproductive. We need to stop using commercial crypto. We need to make sure that free software crypto gets serious security and usability audits.

If we do this right we can still have privacy in the 21st century. If we give up on security because of this we will definitely lose.
The NSA scandal should be a wake-up call to everyone involved in technology (basically everyone).  There are things we can do now.  We should probably start by assuming that every commercial cryptography product has been compromised.  Every commercial operating system is suspect.    The NSA seems to have gotten backdoors introduced into just about every major commercial security product including many that are not US based companies.   We have to assume that if NSA can get in, then so can others.  Apparently one of the NSA's surprises when they bugged the UN was that the Chinese were already there.   Perhaps the most troubling thing about the NSA's methods is that they preferred to have backdoors installed in the software.  An NSA backdoor makes life simple for the NSA.  But backdoors almost always compromise the security of the software overall.   Backdoors can often be opened by others; they are one more lock that can be picked by an intruder.   Backdoors also tend to be patches on existing security systems.   Given the fine-tuning that goes on in the design of security systems, tacking on a backdoor often involves some sloppy methods that give attackers additional soft spots that can be exploited.

If people start turning their backs on commercial security solutions they will probably have to embrace some of the excellent open source security solutions.  It is much harder if not impossible to build backdoors into software that the open source community obsesses over as it goes line-by-line through the code.  But that's not to say that open source is fully safe.  I will admit to being one of the conspiracy nuts who has been concerned that the NSA has influenced the development of some protocols and has managed to sneak in some subtle tells and weaknesses.  The open source community needs to revisit all of its software systems and look for hidden weaknesses and vulnerabilities.  Techdirt has been calling for rebuilding the Internet since at least 2003.  This brings me to my penultimate favorite article of the week, "The US Government Has Betrayed the Internet; It's Time to Fix That Now."  The title aptly sums up our current situation.  The US Government has betrayed the Internet as well as the Constitution, the Bill of Rights, American Citizens, and our allies.   The easiest to repair of all those betrayals is the Internet.  As technology leaders we can start that process now.  Ironically, the NSA has served up the perfect opportunity to make it very difficult to spy on the Internet.

So it will be interesting to see what will come in the week ahead.  One thing that surprised me  as I looked back through the week's posts, we hadn't heard from Team Prenda, and it felt like we really needed that kind of comic relief. Thankfully, just as I was finishing this post, Team Prenda delivered.



Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Sep 7th, 2013 @ 12:21pm

    If only we could make the government look like open source, with multiple agencies competing for something and if one becomes crazy it is forked and another is created in its place.

    Can't we just open source the government instead of having it go proprietary and hide all that shite?

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Sep 7th, 2013 @ 2:42pm

    one of the biggest problems is that the courts, either willingly or under orders, are doing their best to aid the security forces by stopping things from being released to the public. considering the role they are supposed to play, ie, upholding the law, it appears they are more prepared to aid the government in implementing a 'Police State'!

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Sep 7th, 2013 @ 2:48pm

    another extremely frightening thing is how the security forces are able to get operating systems makers and software manufacturers to build 'back doors' for them to use. if the makers refused, they were seriously threatened! that is absolutely disgraceful behaviour!

    'we want to be able to spy on all your customers.
    we wont help you!
    you will do as you're told or you will be forced out of business!'

    how can you even think about trusting those politicians, those agencies or the government ever again? instead of looking after the people, they are totally fucking them! even now, they cant speak a true word, especially the likes of Clapper, Rogers and Feinstein!

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Sep 7th, 2013 @ 2:57pm

    dont forget the USG has been ably assisted by the UKG! it has the same contempt for it's people! it seems to me that we would all feel safer, even if we actually weren't, if all these so called security agencies were just disbanded! i would hope though, that the various heads were sued, unlike the top bankers!

    i cant understand how someone can be sent to prison for uploading/downloading a couple of movies but bankrupt a country and all you get is a telling off and not even lose your job or have to repay anything! i guess it shows who is the more powerful. a country can do without having any money but cant do without having movies to watch. strange that!!

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Yeah Right, Sep 7th, 2013 @ 6:14pm

    I hope Mike is taking a look at Google in all of this. I've been a fan of him for ages, the tech industry's collusion is too important to expose.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Skeptical, Sep 7th, 2013 @ 6:22pm

    Denial

    "Even President Obama got in on the act by wavering ever so slightly. True, he is still in denial about many aspects of the situation, but the acknowledgment that we may need some changes is at least a glimmer of hope."

    The president is not in denial. He's merely paying lip service to privacy concerns without committing to significant changes in the NSA's programs.

    He said: "I think there are legitimate questions that have been raised about the fact that as technology advances and capabilities grow, it may be that the laws that are currently in place are not sufficient to guard against the dangers of us being able to track so much."

    So there are "legitimate questions" which he does nothing to address and which stem not from the NSA's current surveillance programs but from those the NSA may adopt "as technology advances and capabilities grow". He also doesn't question whether the NSA should be "able to track so much" in the first place: He thinks the government should be able to keep track of everything, with only policy to prevent them from abusing such capabilities.

    "We promise not to use these privacy-shattering technologies against you" is no longer an acceptable answer to the domestic surveillance problem.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Sep 7th, 2013 @ 8:27pm

    typo s/he

    Brazilian President should be She, not He.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Sep 8th, 2013 @ 2:59am

    Re: typo s/he

    You are mistaken there was no typo there.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anzablazer, Sep 8th, 2013 @ 9:43am

    Fascist

    Fascist Authoritarian Police State. They will never release control now that they have it.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Sep 8th, 2013 @ 11:17am

    Note to the Pesident

    Do you wonder what happened to you creditability and public support? Every time you, your fellow politicos and underlings lie your stock takes another dive, it is now the equivalent of a penny stock and rapidly headed for delisting. There is no value left, you have spent all reserves and amassed an unrecoverable credibility deficit. It is time for you and your entire administration and supporting hacks to resign. You have violated your oath of office, The Constitution and committed uncounted crimes against the entire population of the USA. You can spin this all you want but WE GET IT!

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This