Author: Christopher Parsons

Policy wonk. Torontonian. Photographer. Not necessarily in that order.

Categories
Links

Leaked documents reveal Canada’s cyber warfare tools

Leaked documents reveal Canada’s cyber warfare tools :

Implanting malware on computer networks, disabling enemy computer systems, disrupting and grabbing control of an adversary’s infrastructure.

It all sounds so un-Canadian, but these are among the cyber warfare tools developed by the country’s Communications Security Establishment (CSE), according to documents obtained by the Canadian Broadcasting Communications. The CSE is Canada’s electronic spy agency.

The documents indicate that Canada’s computer networks have “been turned into a battlefield without any Canadian being asked: Should it be done? How should it be done?” said Christopher Parsons, surveillance expert with Citizen Lab, an international research group at the University of Toronto’s Munk School of Global Affairs.

Categories
Links

Toronto Police Chief Bragged About Monitoring Protesters and Anonymous Is Pissed

Toronto Police Chief Bragged About Monitoring Protesters and Anonymous Is Pissed:

In his speech, Blair bragged about the Toronto Police Service’s (TPS) ability to monitor an Israel/Palestine demonstration in 2012, which happened on the same day as Toronto’s Grey Cup celebration.

VICE contacted Christopher Parsons, a cybersurveillance researcher at the University of Toronto’s Citizen Lab, to discuss this line between legality and ethics.

“The legality of monitoring public communications isn’t entirely black and white… but it doesn’t strike me that what [Bill Blair described] was necessarily illegal,” said Parsons in an emailed statement. “That authorities are monitoring public communications, where authorities are not considered to be a ‘member of the audience,’ really gets to the heart of many contemporary privacy debates: under what conditions is something private or not?”

Parsons said the legal situation is similar to the context of a barroom.

“Bars are public places,” he said. “People talk loudly and are overheard by strangers at neighbouring tables. But we have a privacy-based expectation that when we speak to our friends or colleagues the people three tables down aren’t just overhearing (they might have to if I’m being loud!) but recording the communication for purposes I wouldn’t approve of.”

Categories
Links Quotations

La NSA espionnerait les communications de Rogers et RBC

L’Agence nationale de sécurité américaine (NSA) tente de tracer la carte du trafic des communications de plusieurs entreprises mondiales, dont le géant des télécommunications canadien Rogers et la Banque Royale du Canada (RBC), selon un document secret, a rapporté le Globe and Mail mardi.

«C’est une préparation du champ de bataille, afin de pouvoir l’investir plus tard, croit Christopher Parsons, un chercheur de l’université de Toronto interrogé par le quotidien. Il s’agit d’observer l’entrée et la sortie des communications d’un réseau et de dire “Okay, voici les endroits où nous devons entrer.”»

Rogers et RBC disent n’avoir aucune raison de croire que leurs systèmes informatiques ou données de clients ont été compromises. «Si une telle surveillance a réellement lieu, nous trouverions cela très troublant», a néamoins affirmé Patricia Trott, porte-parole pour Rogers.

La NSA espionnerait les communications de Rogers et RBC
Categories
Links

NSA trying to map Rogers, RBC communications traffic, leak shows

NSA trying to map Rogers, RBC communications traffic, leak shows :

The U.S. National Security Agency has been trying to map the communications traffic of corporations around the world, and a classified document reveals that at least two of Canada’s largest companies are included.

Christopher Parsons, a researcher at the University of Toronto’s Citizen Lab, who reviewed the leaked document with The Globe, said the activity described could help determine useful access points in the future: “This is preparing the battlefield so it could later be used.

“This is … watching communications come in and out of a network and saying, ‘Okay, these are the places we need to go in.’”

Categories
Links

Are internet service providers keeping tabs on your browsing? | Toronto Star

Are internet service providers keeping tabs on your browsing?:

What does your internet service providers know about your internet browsing habits?

Christopher Parsons, from the University of Toronto’s Citizen Lab said the range in the responses to the Star’s questions may have to do with how each company defines the word “logging.”

“I suspect that some companies may be using terms differently,“ Parsons said.

As for how long an IP address would be associated with a customer’s account, Bell said that in January they began logging IP addresses for a year in order to comply with the Copyright Act that just came into force.

Rogers said the company doesn’t “maintain a list of past IP addresses for each customer, but in some cases we can manually retrieve them for a period of time (generally not further than a year back).”

Abramson , TekSavvy’s lawyer, said via email the company keeps a log of sessions for the previous 30 days.

 

Categories
Links Quotations

What’s the big deal about Hillary using her personal email at work?

What’s the big deal about Hillary using her personal email at work?

Christopher Parsons, a Toronto-based cybersecurity expert with the think tank Citizen Lab, explained the security difference between a personal and official government email.

“The core security advantage is that the U.S. government will be attuned to the risk of her communications being deliberately targeted and, as such, would have a chance to maximize protections afforded to her communications,” Parsons said. “Moreover, data sent and received in U.S. government systems could be protected according to the sensitivity of the communications. So when sending classified or secret documents, a higher standard of care could have been provided.”

I would note that I don’t work at a think tank: I work at the University of Toronto, within the Munk School of Global Affairs.

Categories
Links

CSE monitors your emails to the government: What you need to know

CSE monitors your emails to the government: What you need to know:

CSE declined to give CBC more specific information about the amount of email and metadata collected and when it is deleted. The agency told CBC such information “could assist those who want to conduct malicious cyberactivity against government networks.”

“The key issue is understanding how CSE retains data. Is it the case that when I email my MP they store it for one to four months? Or if it passes the buffer it’s deleted in days,” Chris Parsons, a cyber security expert at Citizen Lab who viewed the document for CBC, told Global News.

Another concern Parsons raised is what happens to law abiding citizens who happen to have malware on their computers. If they email their MP – with no malicious intent – and unintentionally pass along a virus, what happens to their information?

“How is that information treated? Are you treated like someone with a random virus, or are you classified as something?” Parsons asked.

 

Categories
Links

Le Canada scrute environ 400 000 courriels des Canadiens chaque jour

Le Canada scrute environ 400 000 courriels des Canadiens chaque jour:

Chris Parsons, un expert de la sécurité sur Internet basé à Toronto affirme qu’il y a des raisons légitimes pour l’Agence de surveiller les communications des Canadiens avec leur gouvernement.

« Mais vous devriez être en mesure de communiquer avec votre gouvernement sans la crainte que ce que vous dites… pourrait revenir vous hanter de manière inattendue », dit Parsons.

« Lorsque nous recueillons des volumes énormes d’information, ce n’est pas seulement utilisé pour suivre les méchants. Cela se retrouve dans des banques de données pendant des années ou des mois à la fois et cela peut être utilisé à n’importe quel moment dans l’avenir « .

 

Categories
Links

Canadian Spies Collect Domestic Emails in Secret Security Sweep

Canadian Spies Collect Domestic Emails in Secret Security Sweep:

Chris Parsons, an internet security expert with the Toronto-based internet think tank Citizen Lab, told CBC News that “you should be able to communicate with your government without the fear that what you say … could come back to haunt you in unexpected ways.”

Parsons said that there are legitimate cybersecurity purposes for the agency to keep tabs on communications with the government, but he added: “When we collect huge volumes, it’s not just used to track bad guys. It goes into data stores for years or months at a time and then it can be used at any point in the future.”

In a top-secret CSE document on the security operation, dated from 2010, the agency says it “processes 400,000 emails per day” and admits that it is suffering from “information overload” because it is scooping up “too much data.”

First time (I think…) that I’ve been quoted in The Intercept.

Categories
Links

CSE monitors millions of Canadian emails to government

CSE monitors millions of Canadian emails to government:

The program to protect government servers from hackers, criminals and enemy states is raising questions about the breadth of the collection, the length of retention and how the information could be shared with police and spy partners in other countries.

Chris Parsons, an internet security expert who viewed the document, said there are legitimate purposes for the agency to monitor your communications with the government.

“But you should be able to communicate with your government without the fear that what you say … could come back to haunt you in unexpected ways,” says Parsons, a postdoctoral fellow at Citizen Lab, a unit at the University of Toronto’s Munk School of Global Affairs.

“When we collect huge volumes, it’s not just used to track bad guys. It goes into data stores for years or months at a time and then it can be used at any point in the future.”