Security Category Archives
conventions only become conventions if they work
14 July 2015 | Cryptography, Privacy, Security, Software | No Comments
или, например, хороший Мокси Марлинспайк о GPG:
Eventually I realized that when I receive a GPG encrypted email, it simply means that the email was written by someone who would voluntarily use GPG. I don’t mean someone who cares about privacy, because I think we all care about privacy. There just seems to be something particular about people who try GPG and conclude that it’s a realistic path to introducing private communication in their lives for casual correspondence with strangers.
Increasingly, it’s a club that I don’t want to belong to anymore.
все так. вот и получается, что с одной стороны криптогфрафия жизненно необоходима каждому, а с другой — что пользоваться этими продуктами нет совершенно никакой возможности.
V for Vendetta
14 July 2015 | Politics, Privacy, Security | 3 Comments
The president of the German domestic secret service has filed criminal charges with the public prosecutor because of two of our (netzpolitik.org — me) articles. The accusation: leaking state secrets. We have learned that from a brodcast on public broadcasting radio station Deutschlandfunk on Saturday.
The investigation’s cause are the articles „mass data processing of the Internet’s content“ and „a new unit for expanding internet surveillance“ executed by the Federal Office for the Protection of the Constitution whereof we had reported with the aid of the original documents.
We have reported on this matter because we deem it necessary to start a social debate. Two years after after Snowden’s revelations, the Federal Government has no better ideas than spending more and more money and responsibilities on largely uncontrolled secret services instead of ensuring a better control of secret services and reducing the system of total surveillance.
утро красит нежным светом стены древнего Кремля
21 May 2015 | Culturology, Politics, Privacy, Security | No Comments
The Center for Research in Legitimacy and Political Protest claims to have developed software that will search Russian social media posts for signs of plans by political opposition to the government to stage unapproved protests or meetings. Described by an Izvestia report as “a system to prevent mass disorder,” the software searches through social media posts once every five minutes to catch hints of “unauthorized actions” and potentially alert law enforcement to prevent them.
кто в космос, кто по грибы, а кто — и дальше трястись в извечном страхе за свою мерзкую шкуру.
it’s about us
20 May 2015 | Politics, Privacy, Security | 1 Comment
круговорот событий:
Two weeks ago, a federal appeals court ruled that the first N.S.A. program [Edward Snowden] disclosed, which collects the phone call records of millions of Americans, is illegal. Last week, the House of Representatives voted overwhelmingly to transform the program by keeping the bulk phone records out of government hands, a change President Obama has endorsed and the Senate is now debating. And Apple and Google have angered the F.B.I. by stepping up encryption, including on smartphones, to scramble communications and protect customers from the kind of government surveillance Mr. Snowden exposed.
<...>
He was edged out by Pope Francis as Time magazine’s Person of the Year for 2013, and a campaign on Facebook and by Norwegian politicians to put him forward for the Nobel Peace Prize fell short. But he has given a hip, young face to the abstract anxiety shared by many people in the United States and beyond about the menace posed by government snooping when it is fully empowered by technology.
или вот из подборки его высказываний в Esquire:
Мы постоянно слышим фразу «национальная безопасность», но когда государство начинает следить за нашим общением, фиксируя его без веских подозрений, юридического основания и без какой-либо видимой цели, мы должны задать себе вопрос: они и в самом деле защищают национальную безопасность или они защищают свою собственную?
<...>
В девяти случаях из десяти аналитикам совершенно не важно, что именно было сказано по телефону. То, что их интересует — это метаданные, потому что метаданные не могут врать. Даже невинный поиск результатов спортивного матча в Гугле способен многое о тебе рассказать. Так, вы владеете английским. Возможно, американец. Интересуетесь этим видом спорта. Посмотрим, из какой точки мира вы этот запрос отправили. Отправили ли вы его, находясь в поездке? Или отправили, сидя дома? Где вы сейчас? Когда просыпаетесь? Когда ложитесь спать? Какие телефонные номера сейчас рядом с вами? Вы сейчас с кем-то, кто не является вашей женой? Или вы сейчас там, где вас не должно быть?
а дальше изгнание в логове убийц, в одной из самых оруэллианских стран мира, без какой-либо обозримой перспективы вернуться домой.
вообще, говоря про Эдварда Сноудена, неизменно вспоминаю o Джей-Ди Шейпли — глупо сравнивать живого человека и даже не персонаж, но обстановку в одном из романов, смешно искать какие-то параллели в столь разных жизнеписаниях, но дело, в общем-то, и не в них самих, но в нас — в том, как старательно мы пытаемся убить тех, кто приходит нас спасать.
голосуй или проиграешь
22 March 2015 | Politics, Privacy, Security | No Comments
Брюс Шнайер в очередной колонке снова пишет, что не бывает выборочной безопастности:
The thing about infrastructure is that everyone uses it. If it’s secure, it’s secure for everyone. And if it’s insecure, it’s insecure for everyone. This forces some hard policy choices.
<...>
We can’t choose a world where the US gets to spy but China doesn’t, or even a world where governments get to spy and criminals don’t. We need to choose, as a matter of policy, communications systems that are secure for all users, or ones that are vulnerable to all attackers. It’s security or surveillance.
кто бы сомневался, разумеется. вот только выбор этот за нас давно уже сделали.
the domestic population can become a great danger if not controlled
10 February 2015 | Politics, Privacy, Security | No Comments
или вот яростная статья по мотивам так называемых реформ в области слежки за собственными гражданами:
What we’re witnessing is Reform Theater, a sort of kabuki act intended to provide the impression that, in the wake of Snowden’s revelations, something is being done. Officials create the perception of action by occupying themselves with narrow aspects of mass interception and this is intentional. They wouldn’t dare do anything substantial that would threaten the gears of the surveillance state. Instead they’ll leave Big Brother’s infrastructure in place and dither around the edges.
Nor would they dare establish metrics to quantify the usefulness of mass interception. Doing so would only expose U.S. counter terrorism initiatives for the frauds that they are, leading the public to question the NSA’s global panopticon or the FBI’s habit of cultivating terrorism plots. Whose national security do these secret programs safeguard?
все так.
on “modern liberal democracies”
13 January 2015 | Politics, Privacy, Security | No Comments
If he wins the election, David Cameron said he would increase the authorities’ power to access both the details of communications and their content.
Mr Cameron said the recent attacks in Paris showed the need for such a move.
He was “comfortable” it was appropriate in a “modern liberal democracy”.
<...>
There should be no “means of communication” which “we cannot read”, he said.
о каких к черту атаках он говорит, когда сегодня любому доступно какое угодно сильное шифрование? иными словами, переписку действительных террористов они уж конечно не прочтут. а вот нашу с вами обычную — это всенепременно, с обязательной папочкой компромата затем на каждую и каждого.
исключительнейшая мразь. ну, да хоть ясно, против кого точно надо голосовать.
добавлено: ну да, само собой:
The Prime Minister said today that he would stop the use of methods of communication that cannot be read by the security services even if they have a warrant. But that could include popular chat and social apps that encrypt their data, such as WhatsApp.
Apple’s iMessage and FaceTime also encrypt their data, and could fall under the ban along with other encrypted chat apps like Telegram.
into the great wild open
27 December 2014 | Internet, Privacy, Security | No Comments
суровое напоминание:
Nothing you say in any form mediated through digital technology — absolutely nothing at all — is guaranteed to stay private. Before you type anything, just think: How will this look when it gets out? What will Angelina Jolie think if she finds out about this? If Angelina won’t like it, don’t send it. Because Angelina will find out. So will the rest of the world.
и дальше, хорошее:
“Everyone is so excited about the cloud, but the cloud is really a drunken Xerox machine making copies of pretty much everything that everyone has said anywhere and spewing it all over the place,” said Howard Lerman, the co-creator of Confide, a messaging app that works like the corporate version of Snapchat.
ага.
верхушка айсберга
20 November 2014 | Google, Privacy, Security | No Comments
не забывайте время от времени глянуть на то, что именно знает о вас Google — или, по-крайней мере, в чем он хотя бы официально признается.
противостояние
27 October 2014 | Apple, Politics, Privacy, Security | No Comments
очень хорошее и столь же информативное эссе Брюса Шнайера о личной безопастности, о нас и них:
They tried and failed to ban strong encryption and mandate back doors for their use. The FBI tried and failed again to ban strong encryption in 2010. Now, in the post-Snowden era, they’re about to try again.
We need to fight this.