[T]he UK's interception regime is entirely compatible with the European Convention on Human Rights.
Entirely compatible? So there is a SOAP interface.
It's currently between your feet and your arse is against the wall.
The NSA and Britain's GCHQ hacked the world's biggest SIM card maker to harvest the encryption keys needed to silently and effortlessly eavesdrop on potentially millions of people. That's according to documents obtained by surveillance whistleblower Edward Snowden and leaked to the web on Thursday. "Wow. This is huge – it's …
I'm glad Snowden is releasing this info as a trickle, thus ensuring it gets regular headline coverage. Now we know that our government agencies essentially treat the electorate (whom they should serve) as the enemy, and the laws are bent or just ignored so they can do as they please. The only recourse ordinary folk have is at the ballot box, but what option do we have to change anything?
Is it too late to mount a national campaign to stand independents* in the upcoming general election, to fight for our rights? Would joe public actually vote for a candidate who truly represents them (as opposed to the interests of the elite) or just carry on voting the same old way?
* political parties are hierarchical structures open to corruption and infighting. Standing as independents but with a common campaign and set of policies would avoid those problems up front.
It's an intriguing concept but historically, independents basically stand a snowball's chance in hell of getting elected at the Federal level and the few that have been elected over the years are about as effective as that snowball since they are a super minority.. The electorate just follows along once things get beyond state level. The big reason is probably money. It takes some serious cash to be elected as a CongressCritter.
Sorry, didn't mean to shout.
Hold on to your teddies, make wishes to the stars, think nice thoughts about your leaders...
This is not a U.S.A. matter but worldwide. Along with someone (jest mebbe the NSA) planting rootkits in everyone's hard drives (and probably thumb and flash drives), we're all screwed.
Getting back to the OP, it really doesn't matter who you vote for. It has been written.
> The safest solution, albeit the more expensive solution, is to invest in a lock that requires a custom key that cannot be duplicated.
That was a US survey. British door locks are all made by one firm these days. Chubb, Union, Yale all in the same few factories.
Your best bet is to get two "Yale" locks and a five lever dead bolt on each door. Put the Yales within reach (top and middle, say) and the deadlock at the other extreme. Don't get caught in a fire though.
Unfortunately we just need to vote for the best of a bad bunch.
Right now neither Labour or Conservatives seem to care about freedom...
The world is a messed up place
For the first time in my lifespan (nearly 35 years) the USA has a sensible president who actually cares about freedom, how backwards is that!
The only party (in England) outside the current block is the Greens. They're a long way from perfect, but they're way, way better than the blue, red and yellow Tories. Someone worked out that if people voted for policies rather than parties, the Greens would be the biggest party in parliament.
Have a look at Vote for policies
"Most of UKIPs members are baying idiots. Genuine quote from a prospective UKIP member standing for election this year:"
In theory a lot of UKIP policies make sense, eg EU referendum. In practice a lot of them are a bunch of half witted muppets mixed in with a sprinkling of racists. Farage himself might be a sound bloke but one man isn't enough to run a party never mind a country, and unfortunately the people under him couldn't run a whelk stall.
"whereas the Greens policies are just bonkers e.g nuclear power"
The greens nowadays are just a far left party with some greenwash painted over them. And yes, their views on nuclear power are absurd as is their idiotic assertion that renewables could provide us will all our electrical power.
"It is an absurd assertion that non renewable could do that indefinitely. (By definition)"
Long enough for us and the next few generations, yes. With nuclear reprocessing - which naturally the hippies don't like either - we'd have enough nuclear fuel to literally last centuries and thats assuming we didn't find any new sources in the meantime. But unfortunately those feckin unwashed dimwits in their organic peace hats sitting up a tree knitting yoghurt still think civilian nuclear power is a subversive way by The Man to make more nuclear bombs.
Yes, the nuclear power bit is one of the main reasons I said that the Greens are a long way from perfect. But they don't deliberately leave people starving on the streets to give more money to their rich pals.
They are human. They do wrong things. They do stupid things. But they don't do vile things.
"Someone worked out that if people voted for policies rather than parties, the Greens would be the biggest party in parliament."
VoteForPolicies had over half a million people do its surveys, tens of thousands a week in recent weeks. Compare that with the few thousand people that the commercial pollsters ask. Until a few days ago the survey was based on policies from last time round.
Their results had the Greens in front on 27%, Labour in the low 20s, and the rest I can't remember.
The 2015 policy questions are now up (except for Northern Ireland).
Have a look, maybe even fill in the survey - but don't expect it to be quick if you want to make an informed choice.
No results (that I could see) as yet. Early days.
What a load of tosh that site is.
They lump a load of policies together and ask you to decide if you'd consider voting for them or not.
"Cut the number of MPs and make constituencies more equally sized to give everyone’s vote a more equal weight." does not go with "Maintain the First-Past-The-Post voting system that makes it easy to kick out unpopular politicians, and delivers stable government."
If they really want it to be representative, they should split them all up.
Incidentally, first past the post doesn't make it easy to kick anyone out, due to voter apathy and voting for parties, rather than policies/personalities
"What a load of tosh that site is.
They lump a load of policies together and ask you to decide if you'd consider voting for them or not."
Readers may like to have a look for themselves and see if this gentleman may perhaps have misunderstood.
The policies being offered to you on that site are de-branded, de-tribalised, summarised versions of published policies being offered by the major parties in the General Election.
Participants compare the policies that interest them (having perhaps ruled some out earlier on) and pick a winner for each policy sector of interest to them e.g. Education, Welfare, Environment.
Any apparent inconsistencies within a particular party's de-branded policy offering are (or should be) matched by inconsistencies in the corresponding party's published offerings.
Have a look. Don't take my word for it.
Someone worked out that if people voted for policies rather than parties, the Greens would be the biggest party in parliament.
Perhaps. Voting based on policy is very ideological and makes no difference unless parties were actually required to fulfill their policies and pre-election promises. As we all know the policies are not worth the paper they're written on as they only exist to try to gather the most votes without any intention to actually do any/some of it.
'...is the Greens. They're a long way from perfect...'
Yeah, perhaps. ...But like all pollies, put them into power and things change (as I've mentioned here in another post).
What's really wrong isn't so much the politicians (although many are far from perfect and we deserve better), but it's the system of the so-called democracy that we have today. For various and complex reasons, this form of representation simply doesn't work effectively anymore (that's if it ever did). By 'effectively' I mean that it doesn't work best for what most of us understand to be the citizenry.
It doesn't take Einstein to figure out that essentially all politicians are more susceptible to influence from those who already have power (through lobbying or whatever) than poor, just-about-disenfranchised Joe Bloggs voter. Similarly, no matter what a politician's persuasion, he/she's very brave to buck The Establishment. Of course, the establishment is many and varied--the truly powerful are not only large corporations, organizations etc. but especially senior public servants who wield very considerable 'hidden' power (and like Sir Humphrey are so very powerful).
Couple the Sir Humphreys with secrecy, scare tactics and FUD and the average politician is easily outwitted, outnumbered and out-powered--not to mention misled through omission, obfuscation and outright deception by smart public servants; thus it's a very 'brave' one who'll put his/her neck directly on the line. Experience shows most don't.
Gone are the days of great statesmen, Pitt et al, and of principle and what's right and best for citizens, and the Millian principle of utility/greatest good for the greatest number. Unfortunately, times have changed.
"Standing as independents but with a common campaign and set of policies would avoid those problems up front."
Yeah, nice idea. Sadly in the real world power corrupts and any independents would soon become exactly the same as the party wonks they replaced. I suggest you read Orwells Animal Farm.
Would joe public actually vote for a candidate who truly represents them
Don't be daft. People don't vote for candidates they want, they vote against the ones they don't want.
Anyway, spend 10 minutes in any crowded place and you'll realize that Joe Public doesn't give a damn about who listens to their phone conversations.
All you ever need to know about government is there in the "Yes, Minister" and "Yes, Prime Minister" BBC series.
It never was a comedy, but a detailed study on how we are on the gaff hook of bureaucracy.
Every time I hear any politician or bureaucrat talking, I just remember Jim Hacker, Sir Humphry Applebee and Bernard Wooley explaining the workings of government in detail.
Administration is eternal. Forever and ever. Amen.
With regard to security, FOI legislation etc., have you ever noticed what politicians say and promise when in opposition? These comments usually are about making the 'system' more transparent etc. but when in power they run scared and continually fail to implement them. It's not country specific either--well, anyway, certainly not in the English-speaking world.
It seems to me there's a secret, well-rehearsed magic script that security gnomes read to politicians (or more likely instruct them to follow) when they first get into government that scares the shit out of them and which simply puts the kibosh on any genuine well-intentioned plans.
Whatever it is would make Sir Humphrey very proud, methinks.
(Oh to be a fly on the wall at one of those briefings.)
It seems to me there's a secret, well-rehearsed magic script that security gnomes read to politicians (or more likely instruct them to follow) when they first get into government that scares the shit out of them and which simply puts the kibosh on any genuine well-intentioned plans.
I've often wondered about that myself so you could well be onto something.
"It seems to me there's a secret, well-rehearsed magic script that security gnomes read to politicians (or more likely instruct them to follow) when they first get into government that scares the shit out of them and which simply puts the kibosh on any genuine well-intentioned plans." -- RobHib
"I've often wondered about that myself so you could well be onto something." -- AbelSoul
Isn't it quite simple? "We know everything you've ever said, done, seen, searched for on the Internet. Do what we say and we'll get along fine. Cross us, and we'll ruin you for ever"
Late comment, but I know someone who was studying at one of the better Oxbridge colleges when Labour got into power in 1964 after thirteen years of Tory rule.
Various new ministers came to talk to them, and he particularly remembers Anthony Wedgwood Benn saying he'd been told some /very/ important things by civil servants and that he was /frightfully/ sorry that they were just too secret to share.
"Prosecute to hell and back."
I hate to break this shocking news to you - but governments reserve some powers for themselves that the ordinary citizen doesn't have. This includes breaking into computers as and when required. Now I'm not condoning what they've done, just giving you a bit of a reality check.
I hate to break it to you - when governments act like that, it's the end of the rule of law.
Government agencies are not above the law. They are allowed to do certain things, in certain circumstances, that private citizens are not - but it's not a carte blanche authorisation.
The Netherlands would certainly be well within their rights to prosecute any GCHQ agents they can tie to this break in... and the UK would have to extradite. The US generally considers that only its own laws are valid worldwide, anyway.....
"Government agencies are not above the law. They are allowed to do certain things, in certain circumstances, that private citizens are not - but it's not a carte blanche authorisation."
I think you'll find what they did was within the law, coming under the all encompassing anti terror legislation.
How the hell can we? The gnomes--paid for by our taxes--are secret, 'invisible' and unaccountable in any practical sense, and they'd be immune from prosecution anyway!
As Albert Jay Nock said in his 1935 book Our Enemy, the State* the true enemy of the citizenry is the State. The only difference 80 years on is that we're finding out the truth somewhat quicker with the Net.
* A quick Google will find it.
Nock's book Our Enemy the State was a fantastic insight and analysis into how elites, power coalitions and other pressure groups use government regulations to leverage themselves special favors, permissions etc. at the expense of the individual citizen.
It is something of a libertarian bible and ranks right up there with Orwell and co. Sad that it is so often ignored by the mainstream. The title was perhaps a little too radical for the 1930s and by extension, still too radical today.
He also valiantly tries to distinguish between "government" (agreed-on systems we mutually use to help govern our affairs as free citizens) and the "state" (a different beast altogether). Try to picture town hall politics vs the NSA/IMC, if you can.
You can find it online here:
Read it (a fairly quick read) to gain some serious perspective on how much the world has changed in about 100 years.
'---And as long as we keep on letting them, the ELITE, aka the controllers of the Five-Eyes worldwide spying network, will use this system in any way they can, as often as they can, without telling us a damn thing. ...........Watch CitizenFour (2014)...
'---Greenwald makes it patently clear to a Brazilian audience that their leaders are being spied upon by America to gain a competitive advantage. This is standard US policy against every competing country, economy, key politician, senior diplomat, and wealthy corporation!
'---Snowden makes the case that the global-spying-net exists as a 'method of control', to force people to self-censor. At the start of the movie, we see how this net can be used to quell protesters and activists, or any group that would dare challenge authority.
You're making the same mistake that everyone makes, blame the 5 Eyes members. What about China,Russia, North Korea, South Korea, Israel, Iran and all the other countries in the world with a semi technical literate intelligence service? The fact that Western democracies refuse to control in any material way their media outlets allows this type of story to come out. Meanwhile journalists in other countries are prohibited from publishing similar stories (to the extent that someone has not been killed before telling them) on risk of death or because the Govt controls what they print.
Billions are threatened by this but not because of the 5 Eyes members but because most intelligence services are doing it and those that aren't well they want to.
@Bluenose, you are comparing apples and screws. The difference is that the spying activities of China et.al. do not have a direct impact on my ability to protest in my own country.
The spying of my country's state aparatus on it's citizens en-masse is a tool of oppression.
Is your argument that 'because China does it' that it's ok for our spooks to do it? To their own citizens?
If so, then damn right I will blame the 5 eyes.
'The spying of my country's state aparatus on it's citizens en-masse is a tool of oppression.'
Too right. Since when and how did this pernicious, effectively unaccountable process enter democracy? I can't remember any detailed exposé explaining the 'benefits' to the citizenry in all those various texts from Locke, Rousseau, etc, etc.
Err, sorry, I forgot about the updated version: forget all that social contract nonsense and stuff, democracy's defn. is, of course, determined by those who hold the power (and it's no longer us--that's if it ever was).
"most intelligence services are doing it and those that aren't well they want to"
Heh. That would make a nice comedy sketch. "Because we currently lack technical means to record phonecalls, we kindly ask you to record all your phonecalls, and mail the tapes to the aforementioned address. CD and MP3 formats are also accepted. Thank you for your cooperation, citizen."
Actually I think the US and UK administrations find all this terrorism convenient, because it gives them a warped justification for all the snooping.
A cynical person might even suggest that their actions are deliberately stirring it up.
Steal one key and it's a 20 year felony, steal 200 million and it's a national security victory.
I suppose it's quite naive anymore to expect governments to abide by their own laws and Constitution.
I will work on simply accepting them for the crooked bastards and criminals they are.
I could see how focusing on a small subset of the worst and most violent terrorists might justify the thievery, somewhat.
But, they are collecting data from everyone and using it for any purpose they see fit, including trivial criminal enforcement, political intrigue and economic espionage.
It's not violent gangs you want to worry about. What if this country is invaded by a hostile nation?
Then the controlling powers would make the Gestapo or Stasi look like amateurs.
As we seem to be at war with Russia this scenario is not entirely far-fetched.
I can only hope that GCHQ has a self-destruct capability. A small nuke would be ideal.
All I was wondering was where is the line between theft and unauthorized copying...
I've seen on several sites (including this one) where people argue that downloading movies\TV isn't theft, yet in this case arguing that copying these keys is theft, and was wondering, as both are unauthorized copying of digital data, at what point this is considered to be theft.
As it is, all I am seeing is that no-one seems willing or able to provide an explanation as to where the line between this sort of action being theft or not actually is. It's a shame people consider down-votes to be some form of substitute for a discussion about the topic.
To be "theft" one has to permanently deprive the owner of something they own. "Possible revenue" doesn't count.
These bastards have permanently deprived billions of people of their right to a private life as enshrined in more laws than you can shake a stick at.
So yeah, "stolen the keys" is a bit of a misnomer - they have stolen something much more important.
Do you have evidence that the activities to undertake these steps were unauthorised? I am pretty certain that they will have the necessary legal sign off to obtain this type of material. Remember the Security agencies of any country are not directly bound by the laws of the land to the extent that the national governments have given them a specific objective to achieve using techniques and activities necessary to the achievement of the objective.
Someone downloading tv/music or any other copyrighted material for their own use without agreement from the seller or approval from their government is theft.
@Bluenose: You're so full of crap that I can't work out if you are trolling or really believe the stuff you are writing.
"I am pretty certain that they will have the necessary legal sign off to obtain this type of material. Remember the Security agencies of any country are not directly bound by the laws of the land "
If they aren't bound by the laws of the land, why would you assume that they have legal sign-off?
I suppose you haven't heard that the spooks have recently been identified as having been in breach of the ECHR for over a decade (up until the point their secret spying became public knowledge which somehow made it magically 'legal')
@Brictoria As it is, all I am seeing is that no-one seems willing or able to provide an explanation as to where the line between this sort of action being theft or not actually is.
The line is between the government and the people. People do all sorts of things, some of which can be discussed as good or bad, that's how it is. However, the government must not lie or steal - under any circumstances. When that happens, it is time for some serious evaluation about the state of the country.
Just so you know, I don't download files because I don't watch TV or movies. I'm just a cranky old guy with other ways to keep busy and serious concerns about an out of control state. I'm sure there are some filesharing people here, but it is just not an issue in this thread. The important issue is a corrupt government, and that greatly overshadows any discussion about copyright.
PS: Although it's been beaten to death, you're right that the copyright discussion is worth having. Where you're getting all the downvotes is because you're mixing up something small with something very big.
--- When you see the stunts they pull, and with the recent revelations about Lenovo, Samsung and LG etc..... At some point the Five Eyes of Sauron are clearly gong to have access to everything they could ever possibly want from your TV, Smartphone, PC or IoT....
--- That kind of power is absolute power. Not one of these criminal organizationals has backed off since Snowden either. Its always the same stance: Terrorism, Terrorism, Terrorism (saving lives)... After hearing this for a while it starts to sound like a mantra, like a fanatical religious mantra, by power-hungry elites obsessed with control and worshiping at the Temple-of-Technology.
--- Its nearly as fanatical as the terrorists they 'claim' to be hunting. But both groups are more alike than they realize, because they care little for their own people! They harm the vulnerable and ignore real issues like poverty and lack of education!
--- What is America doing to reduce crime in local cities? Is more spent on the Military Industrial Complex or on educational programs for the poor? It costs a lot to run this Spynet. If those in power cared, I mean really cared about the lives of ordinary Americans, wouldn't they spend NSA / Military cost-center billions on making America's cities safer?
--- Ask yourself how many Americans die in shootings every year versus how many die at the hands of terrorists? Then ask, how much does it cost to fight terrorism? ... Do the numbers stack up? You'll never see this mentioned on TV, because big media is complicit in the debate. After years of consolidation of the industry, and ownership by defense contractors, expect nothing more than more Monday-Night football.
Sorry you missed some players of your list, what about FSB and the spy agencies of every other country in the world? Do you really believe that only the 5 Eyes have done this? Do you really think that criminals have not also sought to get this information? In many ways your post is symptomatic of this idea that only a small group of countries is doing this. Such short sightedness is incredible when one looks outside of the local national borders at the people dying daily in Ukraine, Tibet, Thailand, Africa as a continent and pretty much every other war torn place on Earth.
In this world knowledge really is power and every country is determined to have that power which means that we are all under threat not from the US or the UK or even Australia but by every country with a functioning intelligence service, so please add India and Pakistan and pretty much every other country in the world to you list.
Excellent post by the originating Op.
Add to that this question. Who created this situation?
Answer: primarily European monarchies with their global conquest and colonisation, and then Jewish bankers in their unquenchable thirst for power. Subsequently US hegemony with European ex-monarchies apparently tagging along for the ride. However, it has all been controlled by the banking super-elite untouchables in the British City of London for the last century. Rothchilds are right at the top of the list. Controlling US Federal Reserve and US media. Walking hand in hand with WASP controlled military-industrial complex and global weapons trade corporations. Russia started too late to be a winning player. China and anyone else were never players to begin with.
The best way of handling telecommunications security is to assume that you've never had it and that everything you're currently doing to ensure it is ineffective or has been backdoored and bypassed.
The only thing you can do is attempt to prevent massive leakage to the lowest common denominators, but if you have anything that is wanted bad enough, it's already in someone else's hands.
Lenovo, NSA firmware hacks, now we know GSM was secure as the good old analog days if any intercept hardware was near. "May we live in interesting times!"
"How was the beheading of Charles the 1st right..."
Easy it wasn't. He was condemned by a kangaroo court set up by a Parliament that had seen most of it's Members excluded in "Prides Purge" (for the crime of voting the wrong way). Even the C-in-C of Parliament's Army didn't want to touch it and he was meant to be one of the
judges sorry commissioners.
Personally the more stuff comes out from Snowdon the more I worry that it's a sophisticated disinformation campaign by our spooks to appear more competent than they actually are. Either way I wouldn't put anything past them.
Read up on the principle of the 'Divine rights of Kings'. In many ways QE1 dying childless and James 1st inheriting provided the clash that became the English civil war, the restrictions on the Monarchy in England and the restrictions in Scotland were very different. A fundamental misunderstanding of this and a desire to replicate a Scottish type of Monarchy in England was a major influence in the start of the conflict.
As for people in the USA, you'll see a similarity between the concept of 'no taxation without representation' and Charles 1st using laws such as the Ships acts.
As for why it was justified (which in my opinion it was)
- Charles would not stop attempting a comeback
- Beheading was a standard form of punishment at the time
- Religion didn't have a major role as people would like to believe.
Now in 30 years time we may point to ISIS and say most of their actions were not based on religion but the standard reasons of power/money/sex; but at the moment they are claiming that they are religious motivated.
Apologies for the long post, but there are few jobs in history whereas IT is normally straightforward to get a job in.
"Read up on the principle of the 'Divine rights of Kings'.
You see, you can't both believe in the Divine Right of Kings and the Magna Carta principle that the King is subject to the law (err, particularly if you think that the MC was confirmed by at least a couple of Kings, even if one did have his fingers crossed behind his back when he signed up).
Chas I was a bit of a pillock, and he wouldn't have to have been a lot more reasonable to defuse the situation. Being reasonable wasn't in his nature, though.
Now, to make a slightly strained analogy with the current situation, being reasonable with personal privacy (and formalising it, in some kind of statement of rights) would be a big step forward.
A commercial for Snowden that is.
Given how easily GSM, UMTS, and LTE call encryption can and has been broken using fairly little computing power I'm surprised they even bothered trying to get the keys.
Why bother trying to steal someone's house keys when you can just jiggle the lock anyway?
(Euro cylinders seem to be the physical equivalent of mobile communication encryption.)
This is all clearly a disproportionate over-reaction. Please resume your normal telecommunication practices and, wherever possible, expand your social circles.
Have you called your mother today?
That phone number that pretty girl gave you the other day may actually be an out of town taxi company, but that doesn't mean you shouldn't call it!
Telemarketers, street food vendors, gentlemen's clubs - if they have a phone number, call it!
Ask them how they are. Ask them WHO they are. Ask them what they are doing and who they are doing it with. Talk, talk, talk!
Keep Calm and Enunciate Clearly
They should encrypt the traffic between phones in iOS 9, so the GSM encryption is rendered moot. Imagine the howling from the US government about how this aids terrorism like when they made it so they can't decrypt the phone's data. They have no one to blame but themselves, if they followed the law we wouldn't need to protect ourselves from our own government's intrusions!!
Yeah, it would only work between iPhones, and only if they're running iOS 9, but that would make a pretty big statement. Later Apple, Google and Microsoft can come together on a standard to support encrypted communication between all smartphones, and the NSA can hate Snowden even more for spoiling their illegal games.
Pretty sure I would trust Apple much less than I would trust GCHQ.
And I don't trust GCHQ at all. I mean... they're spies. It's kind of their job. It'd be like trusting James Bond with your secret plan. He's BOUND to act upon it even if he sleeps with you and promises not to tell anyone. (sob).
Later Apple, Google and Microsoft can come together on a standard to support encrypted communication between all smartphones, and the NSA can hate Snowden even more for spoiling their illegal games.
Or they could just *start* with a standards process and do it right first time. Cray idea I know.
Starting with a standards process is great, but not if it takes years for it to happen due to the carriers and governments trying to get in the middle of it and derail it. Much better to just to do it yourself in (relative) secrecy and drop it on the world, then it is fait accompli and too late to stop the momentum towards a standard that doesn't give the carriers/government any part of it.
As for the various apps that do secure communication, that's great, but only a tiny fraction of people will use them. It must be the default for every call (even if initially it is just iPhone -> iPhone or Android 5.2 -> Android 5.2) to make a difference.
Not saying what Apple did on their own would or should be taken as the future standard, just that having done it at all would grease the rails for a standard to happen. Apple doing it alone wouldn't prevent Google from going their own way, and two non-interoperable standards available soon is better than an interminable wait for an interoperable standard.
The standards process in crypto has far too much involvement from the US government. They would do everything they could to delay it and/or weaken the eventual standard, and to think otherwise is to be naive or in denial. We'd continue for years having easily tapped phones while we waited for this process to work, and in the end if we had a standard the US government was happy with would you really feel it is secure or that they're happy because they have built in a way around it?
read 'The Prince' by Nikolai Miachiavelli?
Really? if not, you should. It's all there from 500yrs ago.
Nothing really changes; just the techniques.
It's quite short but you need to read past the 'classical' style of exposition and illustrating your argument.
Oh, and there is a pithy bit about 'what the people want done' in their name to maintain stability/security of the state
I have but I reckon his Discourses on the First Ten Books of Livy (Gutenberg version) is better.
Nevertheless, I believe that, as a rule, disorders are more commonly occasioned by those seeking to preserve power, because in them the fear of loss breeds the same passions as are felt by those seeking to acquire; since men never think they hold what they have securely, unless when they are gaining something new from others. (Chapter V)
When I was involved in working with mobile phone companies, there was no need for the various governments to get access to keys to be able to listen to mobile phone calls. The SIM card manufacturers supplied SIMs to the MNOs with the 16 most significant bits of the key set to 0. Which meant that it was trivial to decrypt in real time. Requests to cease this practice were refused, repeatedly, and 'lost' by the EU.
I was just going to down vote you but I decided that you are so wrong you need a reply.
How would you like me to follow you around all day and night and write down every thing you said and everyone you met, talked to, passed in the street.
Now assume that one of those people who you bumped into is a person of interest.
So as you bumped into them and as I'm a GCHQ bod I wonder why of all the people he passed that morning you where the only person he bumped into.
So I go back over all you life, and I do have a record of your life, and discover that while you where a student you attended a rally against the Government.
So now you are a person of interest so I get one of my colleges to break into your house and steal all your computers and your TVs.
First off I now have your electronic life that I can scan at my leisure.
Secondly the insurance agency delivers replacement goods riddled with spy ware so I can keep tabs on you.
Are you scared yet. Your life is an open book to me. I know who you are. I know where you work. I know that you smile at the receptionist every morning, interesting is there some latent romantic leanings there that I can use to get leverage against you. I know where your wife gets her hair done and the route your children take on the way home from school. I know which magazines you read, which websites you visit, that you long to holiday in Turky. I know that one of your children thinks they are gay but is afraid to come out to you. I know everything about you.
Cardinal Richelieu allegedly said
If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him.
I have your life
Whoever down voted you is obviously a West is Wrong/Baddie fan. Of course other spy agencies are doing this and they probably won't think twice about actually killing people to get the information (or did Litvinienko die of natural causes) or giving them some money to buy the information (might be cheaper than hacking in but leaves someone to tell the tale so revert to former point).
Back in the 80s when Terry Waite and co were all locked up in cells in Lebanon, someone kidnapped a couple of Russians. When this was discovered the KGB identified the perpetrators, captured their family members and threatened to shoot them unless the Russians were released. Hey presto prisoners released and no need for years of negotiations.
The Western spy agencies are not white than white and I disagree with a lot of the things they say they need to do, but compared to the intelligence agencies of Russia, China, Pakistan, India and most other countries I would say they are probably the whitest of the white amongst their brethren.
" Back in the 80s when Terry Waite and co were all locked up in cells in Lebanon, someone kidnapped a couple of Russians. When this was discovered the KGB identified the perpetrators, captured their family members and threatened to shoot them unless the Russians were released. Hey presto prisoners released and no need for years of negotiations. "
Back in the eighties the spying activities of the Securitate, the Stasi, and the KGB led to them being reviled by their own people.
NSA and GCHQ are doing exactly what I'd expect them to do
Expect or should be doing. You're right in it's what people half expected them to do but it isn't what they should be doing. By rights Gemalto should effectively be out of business (how they're surviving I have no clue) because banks should be deleting their root trust under the assumption all the company's keys are compromised - what they should have been doing was helping Gemalto shore up their defences for the common security and "economic well-being" (see: all the relevant law on this) of the US, UK and the EU as opposed to attacking the very basics of everybody's security.
What they've done here is certainly in the UK illegal in certainly the spirit of the law; if not the letter. GCHQ are supposed to be working to secure us against outside threats not weaken us.
I suspect the legality of this is a grey area - governments involved in Five Eyes (Australia, Canada, New Zealand, the United Kingdom, and the United States) or the various extensions (including European countries) have been monitoring international traffic since the 1940's and most (all?) governments have had the ability to monitor local communications providers for law enforcement and security purposes. The grey area is if this monitoring is done (largely) in secret, exactly what is acceptable, where is the oversight and is it sufficient to balance the public's needs (i.e. the elected government) with the watcher's abilities (i.e. the security agencies)?
The big differences between when these systems were first put in place and now is how people communicate (both frequency and type of calls) - monitoring phone calls before mobile phones got the monitoring down to a group of people at a single location - but phone calls went from unusual (and therefore possibly suspicious) to common for local communication to common for national communication to the current day where International calls are common. Mobile phones and the ability to monitor mobile phone calls gave governments the ability to both monitor and track an individual. Now with most Internet services being based in International locations, suddenly everything is a "legitimate" target....
Almost all of what I mentioned above has been publicly disclosed in some way or another by mainstream media (think high profile criminal cases where Police uses mobile information or IRA cases from the 80's involving phone taps) - the real difference with the information provided by Snowden is that it has the authority of an insider and the details for how it is done.
Although I have to admit that the stealing of the encryption keys versus decryption using algorithmic weaknesses or brute force is impressive - I can imagine Q asking "should we build another enormous data centre or should we just get Bond to steal the keys?"
'[Govts] ...have been monitoring international traffic since the 1940's...'
Very true, but in the old days pre digital AXE telephone exchanges, we had Strowger/SXS (step-by-step) and cross-point/crossbar exchanges which required considerably more effort and manpower by government to monitor. (You'll have probably seen old B/W cops and robbers movies where the crooks are trying to get away and some telephone exchange techie with the police looking on is hastily tracing their phone call along the sequential stepping of Strowger switches to get their phone number before they rang off—in those days the only 'call log' was the charging meter impulse.)
What's happened with the introduction of AXE and similar computerized exchanges is nothing short of an almighty huge paradigm shift—no exaggeration whatsoever. An AXE exchange enables authorized persons to sit at a remote location—even in another country—and monitor/trace calls at will, not to mention to do so with considerable ease; furthermore, blanket surveillance monitoring is essentially automatic—that's until the 'machinery' signals 'juicy bits have arrived'. This computerized technology empowers The State's ability for general surveillance more than it ever possibly dreamt of 50 years ago.
Moreover, it's not just the automatic logging/recording of AXE-type computerized switching equipment that's important, behind it are all the trappings of professional data management infrastructures. Extend this to the internet and the mega collection centers run by the likes of GCHQ, NSA, ASIO etc. and we've the huge extent of state surveillance as it is today.
Just by computerizing the exchanges alone, The State has found itself with a very considerable advantage over its citizens, it now knows more about us than ever before, and more knowledge inevitably means more power and control over our lives by government. Couple this with the new laws covering surveillance and security and that telcos are forced to install government surveillance access points—usually at the telco's expense, then there's no doubt that what we've witnessed over the past 50 years is a huge shift of power to The State.
Essentially, technology has enabled The State to do whatever it damn well wants in the security and privacy areas of citizens' lives, and it damn well has—without our permission. Moreover, it's done so through omission, obfuscation, FUD and misinformation. Failure of governments to explain clearly and succinctly to all citizens that the telephone is no longer private is aided and abetted by the fact the average punter has difficulties in understanding the huge significance / ramifications of changing from electromechanical switching to computer based systems (Strowger to AXE etc.) is also part of the problem. Effectively, it has meant that there's been a huge and manifold increase in the ease by which governments can monitor citizens, and they've gotten away with it at ease.
Governments have introduced this hugely enabling and powerful monitoring technology without any public debate. Here's some instances: when did you hear ANY government say to its citizens—through say big type in the front of phone books, TV ads, advertising campaigns etc.:
(a) that government has cheap and easy means to conduct surveillance on you and all citizens, it does so now and it has every intention of continuing to so do, and;
(b) the government will carry out surveillance on you and other citizens whenever it wants to so do, either by listening to or monitoring your conversations and activities or by any other means at its disposal such as the collection of your metadata, whether you protest about it or not, and;
(c) it will do so in utmost secrecy without your knowledge and without having to tell you—and if you find out by accident that you're under surveillance and tell others of the fact, then you'll be charged with subversion and or sedition even if you've never committed any criminal act nor intend to do so—just by telling others you're under surveillance (or you tell of others who are), then you've committed a criminal act, and;
(d) that the government will conduct blanket monitoring/surveillance across the state at will—even if you're not a suspect or have never been a suspect in any illegal or nefarious activities, you will, nevertheless, likely be under surveillance, your activities will be recorded at will by the government—and if it doesn't like what you are doing or even what you are thinking then its general monitoring will metamorphose into outright heavy-duty surveillance of your person as well as your friends, relatives and contacts—just on that information alone, and;
(e) that the private information that the government collects about you through its surveillance of you may and probably will be shared with governments of other countries—governments that you've never voted for, and;
(f) that governments have never issued in advance of commencing general blanket surveillance any publicity to warn you and all fellow citizens of the very real dangers posed by state surveillance, nor have they proffered sensible advice such as how not to draw attention to yourself and how NOT to incriminate yourself, your family, friends or contacts etc. by saying silly things over the telephone or internet or discussing, implying and or even mentioning anything that's controversial or that may be misconstrued as controversial, criminal or subversive—even in jest? After all, in the first instance, it ought to be the proper responsibility of government to keep its citizens out of trouble!
Not that long ago such spying activities by democratic governments on its own citizens would have been unthinkable, as that was the stuff of dictatorships, not democracies; but in recent times tragically it has ACTUALLY happened in our democracies without a whimper of public debate (that of itself ought to be remarkable, but these days secrecy, spin and propaganda is managed by governments with considerable finesse). That governments have acted this way is nothing less than authoritarian action by deliberate stealth against their citizens; there is no simpler way of putting it, facts are facts. As a citizen, I consider such authoritarian action by my government as a basic and fundamental threat to our democratic freedoms, and that's an understatement.
Even in wartime (WWII for instance), the general public was made well aware of the special wartime needs for secrecy and other special wartime laws etc. Here, with nationwide surveillance, we're not told anything, nor have we ever been properly informed. And that our leaders are now actually discussing such matters at all, albeit with their usual wont of absolutely minimal information, is only because the secrecy surrounding them has been blown by whistleblowers, Snowden and others.
In WWII, millions of our citizens died to protect our democracies from authoritarian rule, now we're entering it little by little, by stealth in fact. Such inaction and inability by society to deal with problems of magnitude, such as governments getting beyond their calling and lording it over their citizens, is what a high ranking military commander, who years ago was my boss for a while, aptly called 'the creeping paralysis problem'. It's a core and fundamental issue facing modern democracies, it underpins why those in charge can wield so much power without riots occurring.
Today, we live in fear of losing those tragically hard-won gains for freedom. How else can we read it when, in the eyes of our leaders and the powerful elites, we citizens command such little respect and trust that they will not even discuss such key democratic issues with us? Clearly, the writing's on the wall for democracy (at least as we knew it) when these elites flatly refuse to debate matters of such fundamental importance with us 'plebs'. Moreover, the animosity is made considerably worse by the twaddle and unmitigated lies rolled out 'that mum's the word in the name of security you know', even a five-year-old knows operational matters aren't the same as why you conduct them.
Looking at our democracies holistically, any reasonable person has to conclude that these bastards really do have a damn fucking hide to treat us citizens in such a dismissive and cursory way. Crunch time has to come sooner or later; the big question is whether we citizens can muster enough gumption or have the balls to win.
When governments retort to criticisms with clichés such as 'it's all for your own safety' and similar patronizing twaddle then the inevitable question must be asked: the world, at least as I once knew it some years back, wasn't such a dangerous place, so who was in charge, either just fiddling or causing the problem, such to let it get in such a damnable mess. Right, it's the same pack of miserable bastards who are now leading us down the path towards totalitarianism.
Again, damn them! There, I've said it—and the clock's yet to strike thirteen.
(Let's hope Room 101's walls are painted in tasteful colours.)
"It is longstanding policy that we do not comment on intelligence matters. [T]he UK's interception regime is entirely compatible with the European Convention on Human Rights."
Nobody is allowed to know anything about what we do, but we are all sweet and innocent. No, we're not going to give you any evidence of that. Yes, we've been proved to break those rules over and over in the past, but we don't do it now - because we say we don't, so there. Trust us!
This might go a LONG way towards explaining why US law enforcement are so reluctant to explain how stingrays work that they'll drop cases or risk LEOs being jailed on contempt charges, rather than have to put it out in the open in court.
You don't need encryption to ping a phone and get its response for RDF location purposes but once you go deeper than that, being able to snoop on conversations without running stuff via your potentially detectable fake cell base makes a lot of sense.
It is sort of their job, after all.....
If they really have managed to nab the things without anyone noticing, that's a bloody good day's work in that business.
If you don't like the idea of being spied on, probably best not to have a shedload of spies on the public payroll. As for the "Aha, but they broke the rules" complaint, breaking rules is also an important part of the job, so don't act all surprised when you find that some of the ones they broke weren't the ones you wanted them to.
 Also in the job description.
 Also, now it's open knowledge that this can be and has been done, anyone thinking that only the US and UK have this information should probably have their bumps felt.
Britain lets GCHQ get up to these antics, and shares the fruits with the USA. Meanwhile, America sells intercontinental ballistic missiles to the UK. You may find this morally dubious, but if *you* were PM would you *really* put a stop to it? Thank heavens I need never make such decisions in my little life.
"A more pertinent question is if you were PM *could* you really put a stop to it? Or, conversely, if you wanted to put a stop to it, could you really become PM?"
There are some dunderheads in this thread that seem to think that because some other foreign spy agencies might be able to get their hands on my cell phone transcripts that this somehow justifies the potential misuse of such data by our own security services.
Perhaps GCHQ should be putting more effort into preventing exploitable weaknesses in our communications systems rather than just driving a fucking great JCB through them at 80mph.
Government FOR the people, not OF the people.
The more and more stuff that comes out from Snowden, it makes me wonder....how did he get to be privy to *so much* information?
In anything larger than a modest-sized organisation, you're likely to have an awareness of the project(s) you're assigned to. Normally, you might have an inkling of what other project teams do, but not a lot of detail. If the work being done is highly secretive or even illegal, then I don't imaging management hold regular all-hands briefings so that everyone knows what everyone else is up to. I work in regular defense contracting, and knowledge share here is on a need-to-know basis.
So, did Snowden work on just about every project that ever happened, or is he just a publicity whore who is now making stuff up?
In anything larger than a modest-sized organization, there is normally some sort of management structure and responsibility and many people who are good at their job and have some sort of commitment to the organization.
In very large organizations, nobody gives a toss, they are just there to compete against other departments, demonstrate that they have aligned with the buzzword of the day and so get promotion.
Government is the biggest organization of them all
If some manager decided to outsource all their IT to the cheapest contractor in order to demonstrate they that had made x% cuts to the in-house IT cost center then well done, have a promotion.
"Snowden apparently had admin rights on a number of systems and used these rights to slurp up lots of information."
Shame it wasn't encrypted so that it was only meaningfully accessible to those with demonstrated Need To Know, and access to the relevant decryption stuff. You can back up the files and do sysadmin stuff without needing to be able to read the data (many of us know this, but maybe some don't). Still, too late now. And maybe it's a bit circular asking for the NSA to encrypt its own internal data anyway?
Then again, there's an outfit called Palantir which makes a software product (products?) allegedly used by security agencies to make sure that sensitive data is only accessible to people who are supposed to be able to access it. Wonder what went wrong here.
Speaking of Palantir, Alex Karp, Palantir founder and CEO, is a longstanding regular at Bilderberg. Purely coincidence, obviously; all this Bilderberg talk is just tinfoil hattery isn't it.
"You can back up the files and do sysadmin stuff without needing to be able to read the data"
Well, yes, but there is a part that's frequently overlooked. Temporary copies that are routinely created and destroyed. Quite a lot can happen to these copies during their short lifetime, without anyone really noticing.
"Temporary copies that are routinely created and destroyed. Quite a lot can happen to these copies during their short lifetime, without anyone really noticing."
An interesting point, worth remembering.
But if those temporary files are on a B1 or similar secure system, or Compartmented Mode Workstation, or Trusted Solaris, or similar, surely the data's security is labelled on the data, and security automagically propagates with the data (if the rules are followed)?
Of course if some top level PHB dictates that Windows is 'cheaper' with no evidence to support the theory except "because Bill says so", and throws all the properly secure systems away (and all the people that understood them too), all bets are off. And they did. And we are where we are.
No idea whether a modern Linux does (or even can) have these or similar capabilities, with or without SELinux. Anyone?
"But if those temporary files are on a B1 or similar secure system"
There they are probably subject to same access restrictions as normal files. I was thinking about raw volume-level copies, like storage system snapshots. If (and that's a big if, as we can only use speculation and educated guesses on this matter) these copies will be mounted to a different server, which doesn't quite honour the restriction system? Or an extra duplicate gets made somewhere on the way? Point is, restrictions embedded into the data are not sufficient. Backup and test systems have to have a similar level of scrutiny than production ones. But rarely have.
A crude example closer to home. If I can get a volume dump from a Windows machine, I can happily mount this volume via Linux ntfs-3g driver, and presto - Windows ACL's that are set on files are ignored, all files, including ntuser.dat files, are readable. And nothing gets logged into the Windows audit log. Therefore a good chunk of normal security measures are already bypassed.
Oh, well. Whatever security measures you can think of - they are not absolute. There are plenty of cracks for a BOFH to slip through. And if they're not wide enough, a stolen bulldozer will help.
Database dumps can be a real treasure trove. And usual tricks like access restrictions and audit trails may not be effective against an admin, whose daily job is to juggle short-lived database copies around.
It is a good thing to be sceptical, asking questions and seeking answers. If the intentions are honourable and the questions are fair. Are they?
"So, did Snowden work on just about every project that ever happened, or is he just a publicity whore who is now making stuff up?"
If you haven't been living in a bog for the past couple of years (either the latrine variety or the swampy variety - take your pick), you would have known that Snowden had secretly copied a bunch of files detailing the criminal activities that the NSA and its partners in crime have been engaged in. Those files have been handed over to a few trusted journalists who are releasing findings at regular intervals after they have been vetted and redacted to protect the guilty.
So no, Snowden is not a publicity whore - he's probably had more publicity than he could handle.
What happens when less friendly agencies spy their way into all of this treasure?
Just as the Ruskies got nuclear thanks to Brit and Yank traitors & double agents, so they and other red flagged countries might get enough techie skeleton keys to sink IT across the relatively free world. They'll be trying via the traditional spying route or simply code their way into this in a way that was not possible before.
I don't normally worry much about our own security services doing bad things with all this - it's the other ones getting hold of it that concerns me.
And yes, I do use Russian security programs as they seem the best. More fool me?
"Just as the Ruskies got nuclear thanks to Brit and Yank traitors & double agents,"
BOLLOCKS. They got nuclear exactly one year in advance of their own program due to the spies. It made no difference in the scheme of Russian nuclear tech or the cold war. So your argument is one without a point.
So...spies are known to engage in spying. That should hardly be headline news. What certainly shouldn't be headline news is disclosure of how they do it.
Here's something to ponder....earlier this week, someone was found guilty for conspiring to behead a British soldier. How did the authorities find out about his conspiracy and bring him to justice? By gathering intelligence and building a case against him. The same goes for all of the terrorism suspects that the security services have their eye and ears on.
Let's say for a minute that the authorities didn't have the means to keep track of villains like this....some innocent guy gets attacked and his severed head paraded around. Would you want to be the one to say to his loved ones, "yeah...he got brutally hacked to death in the street just because he wanted to serve his country, but at least the spying agencies aren't doing any spying"?
Get real...the world is in a s**t state, and that means stuff has to get done to try and make it less s**t.
>.spies are known to engage in spying.
Who are they spying on and who is engaging them?
30 years ago we had a miners strike. How did the authorities find out the unions plans and defeat them - MI5.
20 Years ago we faced the threat of Labour winning elections. How did the authorities deal with them - MI5.
1 year ago we had a Scottish referendum, How did the authorities find the SNP plans and defeat them ?
Now we face the threat of UKIP winning marginal seats. How will the authorities find out their plans ?
It would just be interesting to know if MI5 is always working for the party in power, or the party that represents their chums from school.
If you have the older type of secure phone (the ones that work without needing WiFi or 3G), it basically runs two SIM cards, one for the operator, and one for the crypto. Whoever codes those crypto SIMs better starts thinking about generating new keys from scratch..
It is simple, anyone paid by the taxpayer who is invading our privacy just mumbles the word "terrorism" and he can do anything without question.
Just like any cleric during the inquisition could arrest and torture anyone for heresy without question.
Unless WE change, and fight for our privacy rights, nothing changes.
Technical solutions will not help, since about any solution providing fake security, we will find out a few years later.. yeah there was this key / this bad random generator / this subroutine that was inserted at gunpoint....
sure isn't 99 percent of the nice guys. as long as you're a 'nice guy', they tend to let you screw yourself among your peers. the target of this is usually (and i say that cautiously nonetheless) the 'bad guys', who tend to screw everyone anytime for their own best interests. how often do you collaborate among your peers to arrange financing for purchase of C4 explosives, body wraps for suicide bombs or travel tickets to locations to 'soft targets"? or is your chatter just the senile nonsensical BS across Twitter, ******-a-gram or other, raving about the best sushi shop, the kewlest iPhone app or your last great orgasm? if so then fob off, 'they' don't care about you or your non-existent lifestyle.
As my most confidential comms go out encrypted and none of the smartphones have SIMs - WiFi only.
We also have a maintenance contract for the new MESH radio system on the electric grid - so we piggy-back on that and have a few Nodes through which we access the PSTN.
I also use Silent Circle whenever I need voice.
"Did NSA, GCHQ steal the secret key in YOUR phone SIM? "
no, they didn't.
They did not have to steal anything since Gemalto Chairman is himself a NSA/CIA guy !!!
Alex Mandl is the name. Before Gemalto he was member of the board of the Inqtel company, (quoting Wikipedia) "a not-for-profit venture capital firm that invests in high-tech companies for the sole purpose of keeping the Central Intelligence Agency, and other intelligence agencies, equipped with the latest in information technology in support of United States intelligence capability."
Biting the hand that feeds IT © 1998–2019