The government lost the crypto-wars. Crypto is now freely available, but in a sense they won because there are so many ways at people’s data that bypass the cryptography. What we’re learning from the Snowden documents is not that the NSA and GCHQ can break cryptography but that they can very often render it irrelevant… They exploit bad implementations, bugs in hardware and software, default keys, weak keys, or they go in and break systems and steal data.
- Bruce Schneier
What are the odds that the NSA, GCHQ, etc. do not spy on the elected officials that oversee them?
What prevents subsequent blackmail of said officials by said agencies, other than policies that would be utterly trivial for agency officials to violate at whim?
“Company officials will be trapped in a catch-22. They can lay off as many people as they want because of Obamacare. But because they’ll have to swear to the IRS that their decisions had nothing to do with Obamacare, they can’t speak publicly about what’s happening. What a great way to silence the people who are on the front lines of dealing with Obamacare’s horrific effects.”
On the continuing delightful rollout of the Affordable Care Act in the US. Giving politically sensitive stuff to the Internal Revenue Service: what could possibly go wrong? Again, as many others have observed, the saga comes straight out of Ayn Rand’s Atlas Shrugged.
As for the way in which this whole disaster has progressed, perhaps one of the worst aspects has been how Obama has more or less junked any pretence at worrying about the rule of law to minimize the political damage to himself. But should any of this be surprising to anyone now? Tim Sandefur has some thoughts on the constitutional damage done by ACA, and Obama’s conduct before, during and since the passage of this legislation.
My reservation about the quote at the top is that surely any ban on stating why a person has been made redundant violates the First Amendment. It might be nice to see this issue tested. (Please try not to giggle at the back of the class.)
Do you think Apple helped [the NSA] build that? I don’t know. I hope Apple will clarify that… Here’s a problem: I don’t really believe that Apple didn’t help them. I can’t really prove it, but they [the NSA] literally claim that anytime they target an iOS device, that it will succeed for implantation. Either they have a huge collection of exploits that work against Apple products, meaning that they are hoarding information about critical systems that American companies produce and sabotaging them, or Apple sabotaged it themselves. Not sure which one it is. I’d like to believe that since Apple didn’t join the PRISM program until after Steve Jobs died, that maybe it’s just that they write shitty software.
- Jacob Applebaum
A colleague of mine sent me this item, from the BBC:
Some HSBC customers have been prevented from withdrawing large amounts of cash because they could not provide evidence of why they wanted it, the BBC has learnt. Listeners have told Radio 4′s Money Box they were stopped from withdrawing amounts ranging from £5,000 to £10,000. HSBC admitted it has not informed customers of the change in policy, which was implemented in November. The bank says it has now changed its guidance to staff.
How jolly decent of them.
Mr Cotton cannot understand HSBC’s attitude: “I’ve been banking in that bank for 28 years. They all know me in there. You shouldn’t have to explain to your bank why you want that money. It’s not theirs, it’s yours.”
Well, he now knows differently. A person with a bank account does not own the cash contained by the bank and has total control over it. (I am not aware of any line in my bank contract saying as such.) A deposit is a credit to the bank, and under modern banking laws, with the system as it operates, a bank is not obliged to instantly hand that over, no questions asked. (Under fractional reserve banking, the only kind of guarantee is by deposit protection, but that is usually only up to a certain limit.) In a full free market of course, people could make whatever kind of agreements with banks that they wanted, even consenting in some cases, perhaps, to having to give information to a banker to prevent fraud. However, government regulations in the UK (and certain other nations) being what they are (such as controls to stop money laundering and tax dodging), banks are increasingly operating as proxies for government agencies.
According to HSBC, the issue is to combat financial crime. Maybe that is true but this is not the whole picture:
HSBC has said that following customer feedback, it was changing its policy: “We ask our customers about the purpose of large cash withdrawals when they are unusual and out of keeping with the normal running of their account. Since last November, in some instances we may have also asked these customers to show us evidence of what the cash is required for.”
“The reason being we have an obligation to protect our customers, and to minimise the opportunity for financial crime. However, following feedback, we are immediately updating guidance to our customer facing staff to reiterate that it is not mandatory for customers to provide documentary evidence for large cash withdrawals, and on its own, failure to show evidence is not a reason to refuse a withdrawal. We are writing to apologise to any customer who has been given incorrect information and inconvenienced.”
One of the ironies of the situation is that HSBC last year was hit by a massive fine for anti-money laundering offences (stuff to do with Iranian sanctions and drugs); hitting long-standing clients with this sort of intrusive crap will not do much for that bank’s brand reputation. It is right to stop fraudsters taking money out of accounts of clients, but perhaps the bank should be more frank with clients on why it makes these kind of demands and what is driving this situation. To a considerable extent, banks are no longer really part of any free market, capitalist system.
[The state of Oklahoma will] refuse material support, participation or assistance to any federal agency which claims the power, or with any federal law, rule, regulation or order which purports to authorize the collection of electronic data or metadata of any person pursuant to any action not based on a warrant…
- Draft Bill SB1252
Maybe we should start emailing each other copies of the Constitution, so we can know that the government has read it.
- seen on Facebook by Instapundit
So will this be an apologia filled with ‘but’ and ‘trade off’ or a genuine inquiry into the growing global panopticon?
Independent commission to investigate future of internet after NSA revelations. Two-year inquiry headed by Swedish foreign minister, set up by Chatham House and CIGI thinktanks, is announced at Davos…
Sayeth the Guardian, listing all manner of statist worthies who will be a part of this.
Worth watching methinks.
It was disappointing, however, to see that many of the recommendations offered by Obama’s own Surveillance Review Group were either neglected or specifically rejected. While the unconstitutional permanent gag orders attached to National Security Letters will be time-limited, they will continue to be issued by FBI agents, not judges, for sensitive financial and communications records.
Nor did the president address NSA’s myopic efforts to degrade the security of the Internet by compromising the encryption systems relied on by millions of innocent users. And it is also important to realize that changing one controversial program doesn’t alter the broader section 215 authority, which can still be used to collect other types of records in bulk—and for all we know, may already be used for that purpose.
- Julian Sanchez
So in the next 18 months the US intelligence community will have cleaned up its act. Britain, almost alone in the West, has been remarkably complacent about the astonishing way that the NSA has, with GCHQ assistance, used an extremely loose interpretation of the law to go on a fishing expedition through the phone, internet and e-mail records of its own and allied citizens. Even if we accept that it is tolerable for British citizens to have a much poorer standard of privacy than Americans, the economic consequences of our complacency are likely to prove unpalatable at very least.
Distrust is on the rise. E-mail companies are already setting up in countries with strong privacy protection, such as Germany, to take advantage of the loss of credibility of US companies. The internet makes up about 12 per cent of Britain’s economy. If we do not act to make our intelligence-gathering systems as focused and accountable as the Americans have, the shadow of distrust could shift from them to us. That means that fewer IT-based companies will come here, and some will migrate abroad.
British industry and the British economy have benefited hugely from our country’s reputation for trust and integrity. It would be a terrible paradox if our intelligence communities’ well-intentioned efforts to protect our physical security ended up undermining our economic security.
- David Davis
…even if I am sceptical, to say the least, that the NSA will have ‘cleaned up its act’ in any meaningful way whatsoever.
… and nothing much will change.
There is only one group of people that the NSA is spying on that matters to most Americans. And that is other Americans. So what will happen is even more of that particular function… spying on Americans… will be outsourced to the British GCHQ, which already effectively acts an arms length subsidiary of the NSA, bought and payed for with US taxpayers money.
But the rules will be re-written to make it theoretically harder for the NSA to engage in mass surveillance of Americans, at least the ones in America. This will mollify enough of US public opinion to take away the pressure for any actual reduction in budget and capabilities. Indeed capabilities will continue to be expanded now that the NSA has been seen to be ‘brought under control’. Not that it was ever actually out of control.
And if you are not an American, you will just have to get used to the idea that the USA will be logging your mobile phone and internet meta-data… at least until enough of the internet gets fragmented into national enclaves which are capable of keeping the data secure from the Americans (at the baleful expense of making it easier for one’s own national government to control things).
And even people who were previously well disposed towards America will start see the institutions of the USA’s government as a threat rather than an ally. Reflexive anti-Americans will beat that drum long and hard and sadly it will be impossible to refute them, because for once they will be quite correct.
This will of course materially change the internet, and indeed the world, for the worse.
But most Americans will not give a damn as the net will still seem to work just fine in the USA and who cares if the US government is logging who calls who in Germany and Brazil?
But the upside, which is already happening, is new methods and approaches to security will appear and that is actually a ‘long war’ that the NSA and GCHQ cannot possibly win. I suspect Edward Snowdon’s lasting legacy will be simply making far more people aware that they were in a different battle for security than the one they thought they were in, and that means there are some rather interesting market opportunities for many different kinds of security.
But whatever ‘reforms’ for the NSA that get trotted out over the next few months and years, I would be very surprised indeed if anything really changes. The deck will get shuffled but the game and the stakes will remain the same.
Here is a splendid explanation of why you really do not want to trust any government with wide un-targeted surveillance powers.
I mean, who knows where that might lead eh?