Have you created a ShazzleMail account on your smartphone? This is a required first step.

Yes No

Free Encrypted Email

Posts Tagged ‘email’

trump is a fag

Trump Says He Supports Reauthorizing Patriot Act, NSA Metadata Collection

December 10, 2015

2016 Republican presidential candidate and billionaire real estate mogul Donald Trump said that he supports reauthorizing the USA PATRIOT Act and bulk cell phone metadata collection by the National Security Agency in an interview on the Hugh Hewitt Show earlier this month.

In the above-embedded clip, Hewitt asks Trump, “On metadata collection, Ted Cruz is glad the NSA got out of it. Marco Rubio wants it back. What’s Donald Trump think?

Well, I tend to err on the side of security, I must tell you,” Trump replied, “and I’ve been there for longer than you would think. But, you know, when you have people that are beheading if you’re a Christian and frankly for lots of other reasons, when you have the world looking at us and would like to destroy us as quickly as possible, I err on the side of security, and so that’s the way it is, that’s the way I’ve been, and some people like that, frankly, and some people don’t like that.

And I’m not just saying that since Paris, I’m saying for quite some time. I assume when I pick up my telephone people are listening to my conversations anyway, if you want to know the truth. It’s pretty sad commentary, but I err on the side of security,” said Trump.

Hewitt then asked, “Alright, so you would be in favor of restoring the Patriot Act?

I think that would be fine. As far as I’m concerned, that would be fine,” Trump responded.

Newsweek points out that Donald Trump has held the same position since before the Paris terror attacks. He said this summer, “I support legislation which allows the NSA to hold the bulk metadata. For oversight, I propose that a court, which is available any time on any day, is created to issue individual rulings on when this metadata can be accessed.

Tags: , , , , ,

cc3

House panel considers bill to protect email privacy

December 2, 2015

WASHINGTON — The House Judiciary Committeebegan considering a bill Tuesday to update a nearly 30-year-old law that allows government agents to read Americans’ emails without a search warrant if the messages are at least six months old.

“When current law affords more protections for a letter in a filing cabinet than an email on a server, it’s clear our policies are outdated,” said Rep. Suzan DelBene, D-Wash.

Under the 1986 Electronic Communications Privacy Act, federal, state and local police or regulatory agencies can order Internet service providers to turn over customers’ emails that are 180 days old or older. The law was written before email use was common and before the creation of cloud technology to store electronic communication.

The bipartisan Email Privacy Act by Reps. Kevin Yoder, R-Kan., and Jared Polis, D-Colo., would require government agencies to get a search warrant to gain access to emails regardless of when the messages were written or whether or not they were opened. The bill has more than 300 co-sponsors. Similar legislation has been introduced by members of the Senate Judiciary Committee, also with bipartisan support, and privacy rights groups and the U.S. tech industry are pushing for the bills to get a vote soon.

“(The bill) reaffirms our commitment to protecting the privacy interests of the American people,” said House Judiciary Chairman Bob Goodlatte, R-Va.

However, an official of the Securities and Exchange Commission said the bill would make it more difficult for agencies that investigate civil cases to go after lawbreakers.

The bill requires government agencies to obtain a criminal search warrant to compel an Internet service provider to turn over the content of emails. The SEC and other civil law enforcement agencies such as the IRS and the Environmental Protection Agencycannot obtain criminal warrants. Instead, they typically ask a court for a subpoena to get information. The standard for obtaining a subpoena is less stringent.

“(The bill) poses significant risks to the American public by impeding the ability of the SEC and other civil law enforcement agencies to investigate and uncover financial fraud and other unlawful conduct,” said Andrew Ceresney, director of the SEC’s enforcement division.

But lawmakers questioned how much the bill would really hamper the SEC since the agency has been prosecuting cases successfully in the wake of a 2010 federal court ruling that strengthened email privacy. That ruling by the Sixth Circuit Court of Appealsin Warshak vs. United States said the government violated constitutional protections against unreasonable search and seizure when it obtained emails stored by Internet service providers without a warrant.

The House bill would merely codify that decision, supporters of the legislation said.

“Civil agencies can already obtain digital content with a subpoena issued directly to the target of the investigation — such as a user who sent or received emails,” said Chris Calabrese, vice president for policy at the Center for Democracy and Technology.

The head of law enforcement for Google, Inc. said the giant tech company supports the bill as a way to protect the privacy of its customers.

“Users expect, as they should, that documents they store online have the same Fourth Amendment protections as documents stored at home,” said Richard Salgado, Google’s director of law enforcement and information security.

In today’s world, electronic communication often contains more personal information than any physical documents the government could seize, Calabrese said.

“You would find much more sensitive documents about me in the Cloud than you would in my home,” he said.

Tags: , , ,

After Endless Demonization Of Encryption, Police Find Paris Attackers Coordinated Via Unencrypted SMS

November 19, 2015

In the wake of the tragic events in Paris last week encryption has continued to be a useful bogeyman for those with a voracious appetite for surveillance expansion. Like clockwork, numerous reports were quickly circulated suggesting that the terrorists used incredibly sophisticated encryption techniques, despite no evidence by investigators that this was the case. These reports varied in the amount of hallucination involved, the New York Times evenhaving to pull one such report offline. Other claims the attackers had used encrypted Playstation 4 communications also wound up being bunk. 

Yet, pushed by their sources in the government, the media quickly became a sound wall of noise suggesting that encryption was hampering the government’s ability to stop these kinds of attacks. NBC was particularly breathless this week over the idea that ISIS was now running a 24 hour help desk aimed at helping its less technically proficient members understand encryption (even cults help each other use technology, who knew?). All of the reports had one central, underlying drum beat implication: Edward Snowden and encryption have made us less safe, and if you disagree the blood is on your hands. 

Yet, amazingly enough, as actual investigative details emerge, it appears that most of the communications between the attackers was conducted via unencrypted vanilla SMS:

“…News emerging from Paris — as well as evidence from a Belgian ISIS raid in January — suggests that the ISIS terror networks involved were communicating in the clear, and that the data on their smartphones was not encrypted. 

European media outlets are reporting that the location of a raid conducted on a suspected safe house Wednesday morning was extracted from a cellphone, apparently belonging to one of the attackers, found in the trash outside the Bataclan concert hall massacre. Le Monde reported that investigators were able to access the data on the phone, including a detailed map of the concert hall and an SMS messaging saying “we’re off; we’re starting.” Police were also able to trace the phone’s movements.

The reports note that Abdelhamid Abaaoud, the “mastermind” of both the Paris attacks and a thwarted Belgium attack ten months ago, failed to use any encryption whatsoever (read: existing capabilities stopped the Belgium attacks and could have stopped the Paris attacks, but didn’t). That’s of course not to say batshit religious cults like ISIS don’t use encryption, and won’t do so going forward. Everybody uses encryption. But the point remains that to use a tragedy to vilify encryption, push for surveillance expansion, and pass backdoor laws that will make everybody less safe — is nearly as gruesome as the attacks themselves.

Tags: , , ,

yooooooooooooooooooo

Encryption Is Being Scapegoated To Mask The Failures Of Mass Surveillance

November 18, 2015

Well that took no time at all. Intelligence agencies rolled right into the horror and fury in the immediate wake of the latest co-ordinated terror attacks in the French capital on Friday, to launch their latest co-ordinated assault on strong encryption — and on the tech companies creating secure comms services — seeking to scapegoat end-to-end encryption as the enabling layer for extremists to perpetrate mass murder.

There’s no doubt they were waiting for just such an ‘opportune moment’ to redouble their attacks on encryption after recent attempts to lobby for encryption-perforating legislation foundered. (A strategy confirmed by a leaked email sent by the intelligence community’s top lawyer, Robert S. Litt, this August — and subsequently obtained by theWashington Post — in which he anticipated that a “very hostile legislative environment… could turn in the event of a terrorist attack or criminal event where strong encryption can be shown to have hindered law enforcement”. Et voila Paris… )

Speaking to CBS News the weekend in the immediate aftermath of the Paris attacks, former CIA deputy director Michael Morell said: “I think this is going to open an entire new debate about security versus privacy.”

“We, in many respects, have gone blind as a result of the commercialization and the selling of these devices that cannot be accessed either by the manufacturer or, more importantly, by us in law enforcement, even equipped with search warrants and judicial authority,” added New York City police commissioner, William J. Bratton, quoted by the NYT in a lengthy article probing the “possible” role of encrypted messaging apps in the Paris attacks.

Elsewhere the fast-flowing attacks on encrypted tech services have come without a byline — from unnamed European and American officials who say they are “not authorized to speak publicly”. Yet are happy to speak publicly, anonymously.

The NYT published an article on Sunday alleging that attackers had used “encryption technology” to communicate — citing “European officials who had been briefed on the investigation but were not authorized to speak publicly”. (The paper subsequently pulled the article from its website, as noted by InsideSources, although it can still be read via the Internet Archive.)

The irony of government/intelligence agency sources briefing against encryption on condition of anonymity as they seek to undermine the public’s right to privacy would be darkly comic if it weren’t quite so brazen.

Seeking to outlaw technology tools that are used by the vast majority of people to protect the substance of law-abiding lives is not just bad politics, it’s dangerous policy.

Here’s what one such unidentified British intelligence source told Politico: “As members of the general public get preoccupied that the government is spying on them, they have adopted these applications and terrorists have found them tailor-made for their own use.”

It’s a pretty incredible claim when you examine it. This unknown spook mouthpiece is saying terrorists are able to organize acts of mass murder as a direct consequence of the public’s dislike of government mass surveillance. Take even a cursory glance at the history of terrorism and that claim folds in on itself immediately. The highly co-ordinated 9/11 attacks of 2001 required no backdrop of public privacy fears in order to be carried out — and with horrifying, orchestrated effectiveness.

In the same Politico article, an identified source — J.M. Berger, the co-author of a book about ISIS — makes a far more credible claim: “Terrorists use technology improvisationally.”

Of course they do. The co-founder of secure messaging app Telegram, Pavel Durov, made much the same point earlier this fall when asked directly by TechCrunch about ISIS using his app to communicate. “Ultimately the ISIS will always find a way to communicate within themselves. And if any means of communication turns out to be not secure for them, then they switch to another one,” Durov argued. “I still think we’re doing the right thing — protecting our users privacy.”

Bottom line: banning encryption or enforcing tech companies to backdoor communications services has zero chance of being effective at stopping terrorists finding ways to communicate securely. They can and will route around such attempts to infiltrate their comms, as others have detailed at length.

Here’s a recap: terrorists can use encryption tools that are freely distributed from countries where your anti-encryption laws have no jurisdiction. Terrorists can (and do) build their own securely encrypted communication tools. Terrorists can switch to newer (or older) technologies to circumvent enforcement laws or enforced perforations. They can use plain old obfuscation to code their communications within noisy digital platforms like thePlaystation 4 network, folding their chatter into general background digital noise (of which there is no shortage). And terrorists can meet in person, using a network of trusted couriers to facilitate these meetings, as Al Qaeda — the terrorist group that perpetrated the highly sophisticated 9/11 attacks at a time when smartphones were far less common, nor was there a ready supply of easy-to-use end-to-end encrypted messaging apps — is known to have done.

Point is, technology is not a two-lane highway that can be regulated with a couple of neat roadblocks — whatever many politicians appear to think. All such roadblocks will do is catch the law-abiding citizens who rely on digital highways to conduct more and more aspects of their daily lives. And make those law-abiding citizens less safe in multiple ways.

There’s little doubt that the lack of technological expertise in the upper echelons of governments is snowballing into a very ugly problem indeed as technology becomes increasingly sophisticated yet political rhetoric remains grounded in age-old kneejerkery. Of course we can all agree it would be beneficial if we were able to stop terrorists from communicating. But the hard political truth of the digital era is that’s never going to be possible. It really is putting the proverbial finger in the dam. (There are even startups working on encryption that’s futureproofed against quantum computers — and we don’t even have quantum computers yet.)

Another hard political truth is that effective counter terrorism policy requires spending money on physical, on-the-ground resources — putting more agents on the ground, within local communities, where they can gain trust and gather intelligence. (Not to mention having a foreign policy that seeks to promote global stability, rather than generating the kind of regional instability that feeds extremism by waging illegal wars, for instance, or selling arms to regimes known to support the spread of extremist religious ideologies.)

Yet, in the U.K. at least, the opposite is happening — police force budgets are being slashed. Meanwhile domestic spy agencies are now being promised more staff, yet spooks’ time is increasingly taken up with remote analysis of data, rather than on the ground intelligence work. The U.K. government’s draft new surveillance laws aim to cement mass surveillance as the officially sanctioned counter terror modus operandi, and will further increase the noise-to-signal ratio with additional data capture measures, such as mandating that ISPs retain data on the websites every citizen in the country has visited for the past year. Truly the opposite of a targeted intelligence strategy.

The draft Investigatory Powers Bill also has some distinctly ambiguous wording when it comes to encryption — suggesting the U.K. government is still seeking to legislate a general ability that companies be able to decrypt communications. Ergo, to outlaw end-to-end encryption. Yes, we’re back here again. You’d be forgiven for thinking politicians lacked a long-term memory.

Effective encryption might be a politically convenient scapegoat to kick around in the wake of a terror attack — given it can be used to detract attention from big picture geopolitical failures of governments. And from immediate on the ground intelligence failures — whether those are due to poor political direction, or a lack of resources, or bad decision-making/prioritization by overstretched intelligence agency staff. Pointing the finger of blame at technology companies’ use of encryption is a trivial diversion tactic to detract from wider political and intelligence failures with much more complex origins.

(On the intelligence failures point, questions certainly need to be asked, given that French and Belgian intelligence agencies apparently knew about the jihadi backgrounds of perpetrators of the Paris attacks. Yet weren’t, apparently, targeting them closely enough to prevent Saturday’s attack. And all this despite France having hugely draconian counter-terrorism digital surveillance laws…)

But seeking to outlaw technology tools that are used by the vast majority of people to protect the substance of law-abiding lives is not just bad politics, it’s dangerous policy.

Mandating vulnerabilities be built into digital communications opens up an even worse prospect: new avenues for terrorists and criminals to exploit. As officials are busy spinning the notion that terrorism is all-but only possible because of the rise of robust encryption, consider this: if the public is deprived of its digital privacy — with terrorism applied as the justification to strip out the robust safeguard of strong encryption — then individuals become more vulnerable to acts of terrorism, given their communications cannot be safeguarded from terrorists. Or criminals. Or fraudsters. Or anyone incentivized by malevolent intent.

If you want to speculate on fearful possibilities, think about terrorists being able to target individuals at will via legally-required-to-be insecure digital services. If you think terror tactics are scary right now, think about terrorists having the potential to single out, track and terminate anyone at will based on whatever twisted justification fits their warped ideology — perhaps after that person expressed views they do not approve of in an online forum.

In a world of guaranteed insecure digital services it’s a far more straightforward matter for a terrorist to hack into communications to obtain the identity of a person they deem a target, and to use other similarly perforated technology services to triangulate and track someone’s location to a place where they can be made the latest victim of a new type of hyper-targeted, mass surveillance-enabled terrorism. Inherently insecure services could also be more easily compromised by terrorists to broadcast their own propaganda, or send out phishing scams, or otherwise divert attention en masse.

The only way to protect against these scenarios is to expand the reach of properly encrypted services. To champion the cause of safeguarding the public’s personal data and privacy, rather than working to undermine it — and undermining the individual freedoms the West claims to be so keen to defend in the process.

While, when it comes to counter terrorism strategy, what’s needed is more intelligenttargeting, not more mass measures that treat everyone as a potential suspect and deluge security agencies in an endless churn of irrelevant noise. Even the robust end-to-end encryption that’s now being briefed against as a ‘terrorist-enabling evil’ by shadowy officials on both sides of the Atlantic can be compromised at the level of an individual device. There’s no guaranteed shortcut to achieve that. Nor should there be — that’s the point. It takes sophisticated, targeted work.

But blanket measures to compromise the security of the many in the hopes of catching out the savvy few are even less likely to succeed on the intelligence front. We have mass surveillance already, and we also have blood on the streets of Paris once again. Encryption is just a convenient scapegoat for wider policy failures of an industrial surveillance complex.

So let’s not be taken in by false flags flown by anonymous officials trying to mask bad political decision-making. And let’s redouble our efforts to fight bad policy which seeks to entrench a failed ideology of mass surveillance — instead of focusing intelligence resources where they are really needed; honing in on signals, not drowned out by noise.

Source: TechCrunch.com

Tags: , , , ,

paris

Citing Paris Attack, CIA Director Criticizes Surveillance Reform Efforts

November 17, 2015

Citing Paris Attack, CIA Director Criticizes Surveillance Reform Efforts

CIA Director John Brennan said Monday he suspects the Islamic State is currently working on more terrorist plots against the West following Friday’s attack in Paris that killed at least 129 people and injured hundreds more. He also criticized new privacy protections enacted after Edward Snowden’s disclosures about U.S. government surveillance practices.

“I would anticipate that this is not the only operation ISIL has in the pipeline,” Brennan told a crowd at the Center for Strategic and International Studies. “It’s not going to content itself with violence inside of the Syrian and Iraqi borders.”

Brennan’s remarks come on the heels of a new Islamic State video released Monday proclaiming all countries playing a role in air strikes against the group in Iraq and Syria would be a target. The video specifically pinpointed Washington as in its crosshairs.

“We swear that we will strike America at its center in Washington,” says a man in the video, which surfaced on a site the Islamic State uses to post its messages. The authenticity of the video could not be immediately verified.

In his remarks, Brennan said the attacks should serve as a “wake-up call” for those misrepresenting what intelligence services do to protect innocent civilians. He cited “a number of unauthorized disclosures, and a lot of handwringing over the government’s role in the effort to try to uncover these terrorists.”

He added that “policy” and “legal” actions that have since been taken now “make our ability collectively, internationally, to find these terrorists much more challenging.” In June, President Barack Obama signed into law legislation reforming a government surveillance program that vacuumed up millions of Americans’ telephone records. Passage of the USA Freedom Act was the result of a compromise between privacy advocates and the intelligence community.

Brennan’s remarks immediately sparked criticisms from civil liberties advocates who have fought for greater privacy protections from government surveillance and now fear the Paris attacks could roll them back.

For months, FBI and other law enforcement officials have pressed Congress about needing to access encrypted communications of potential criminals or terrorists that are concealed by smartphones and messaging apps. Privacy advocates and technologists worry that providing authorities with exceptional access to phones would be exploited by hackers and make the Internet more vulnerable to security breaches. The advocates also believe U.S. spies already have intrusive surveillance capabilities that put too much power in the government’s hands.

In his speech, Brennan underscored the challenges facing intelligence services, given the numerous ways terrorists can hide their communications from law enforcement. “They have gone to school on what it is that they need to do to in order to keep their activities concealed from the authorities,” he said.

Brennan also said the United States had “strategic warning” about the terrorist attack in Paris, but did not provide details, other than to say it was “not a surprise.” He said he believed the attack was planned over “several months.”

During a press conference in Turkey, which is hosting the G-20 summit, Obama said “there were no specific mentions of this particular attack” the United States could have used before it was launched to prevent the violence.

Photo credit: Getty Images

Tags: , , , , , , ,

Introducing ShazzleMail Email and How it Works

Privacy is your Fundamental Human Right.

Our Daily Blog
ph
Chinese deepfake app Zao sparks privacy row after going viral
September 3, 2019

Critics say face-swap app could spread misinformation on a massive scale A Chinese app that lets ...

Read more
1463600977631262
Google tightens grip on some Android data over privacy fears, report says
August 19, 2019

The search giant ends a program that provided network coverage data to wireless carriers. BY CARR...

Read more
4000
Wikipedia co-founder slams Mark Zuckerberg, Twitter and the ‘appalling’ internet
July 8, 2019

Elizabeth Schulze Wikpedia Co-Founder Larry Sanger said in an interview social media companies ...

Read more
venmo_pub_priv
Why America Needs a Thoughtful Federal Privacy Law
June 26, 2019

More than a dozen privacy bills have been introduced in this Congress. Here’s what it needs to do....

Read more
privacy-coins-and-bitcoin-dominance-guide
9 Important Privacy Settings for Windows 10
June 3, 2019

Matt Powell On Jun 3, 2019 At first glance, the Digital Age may seem like a wonderful thing. And ...

Read more