Category: Links

Categories
Links

iCloud Keychain isn’t the same as Lightroom!

Jon Brodkin, writing for Ars Technica:

Unfortunately, it’s kind of a mess. iCloud Keychain does accomplish the most basic things you’d expect a password manager to do, but it often does so in an awkward manner. Important functionality is hard enough to find that it may be effectively hidden from the average user, particularly on iPhones and iPads.

Ultimately, iCloud Keychain can be put to good use if you’ve carefully examined what it does well and doesn’t do well. It works best as a complement to a complete service like 1Password or LastPass, but it just isn’t convenient and robust enough to act as a standalone password manager.

I think it’s a bit harsh to call it a “mess”, but Brodkin provides a good overview of what iCloud Keychain does. Complaining that it’s not as full-featured as 1Password is like complaining that iPhoto doesn’t do everything Lightroom or Aperture do.

Comparing iCloud Keychain and Lightroom is a bit odd. One helps to manage the security of one’s online life and is meant to resolve a security problem for anyone who uses the Web. Lightroom is a specialist product that caters to experts in a particular field. The two products may have an overlapping user base (i.e. individuals who want secured usernames and passwords) but otherwise bear little resemblance to one another.

Categories
Links Quotations

Andrew Coyne: Conservatives’ effort to hide from public only gains them more enemies

“…the Conservative tragedy grinds on. When your only principle is paranoia — when your central organizing proposition is that “everyone is out to get us” — when every criticism is merely confirmation of the essential rightness of that proposition, and every deviation is evidence of disloyalty, then you are less a party than a cult.”

Strong words, this time from Andrew Coyne.
Categories
Links Writing

Did Canadian Oil Companies Get a Tip-Off from CSEC?

The Globe and Mail reports on discussions in the Canadian Senate. Specifically, Liberal Senator Wilfred Moore asked:

“Can the [Senate] leader enlighten this chamber as to what was done with the data obtained by CSEC from the Brazilian Ministry of Mines and Energy?”

Alleging that CSEC’s “cyberhacking” was intended to probe Brazil’s claims about discovering billions of barrels of oil in a new offshore-field find, Mr. Moore noted that no Canadian or U.S. corporations have joined the bidding for drilling rights in an auction that was held earlier this week in Brazil.

This is an incendiary question. If it turns out that Canadian companies didn’t bid because CSEC found Petrobras has overestimated the oil reserves in the Libra field, or if CSEC found that it was going to be harder to extract the oil that stated by the Brazilian government, then it’s a very, very big deal on the basis that the Canadian government (and extension of the department of national defence) would then be engaging in espionage on the behalf of Canadian companies.

Categories
Links Writing

NSA Revelations Kill IBM Hardware Sales in China

For several months there have been warnings that the NSA revelations will seriously upset American technology companies’ bottom lines. Though not directly implicated in any of the leaks thus far it appears that IBM’s Chinese growth predictions have just been fed through a wood chipper. From Zerohedge:

In mid-August, an anonymous source told the Shanghai Securities News, a branch of the state-owned Xinhua News Agency, which reports directly to the Propaganda and Public Information Departments of the Communist Party, that IBM, along with Oracle and EMC, have become targets of the Ministry of Public Security and the cabinet-level Development Research Centre due to the Snowden revelations.

“At present, thanks to their technological superiority, many of our core information technology systems are basically dominated by foreign hardware and software firms, but the Prism scandal implies security problems,” the source said, according to Reuters. So the government would launch an investigation into these security problems, the source said.

Absolute stonewalling ensued. IBM told Reuters that it was unable to comment. Oracle and EMC weren’t available for comment. The Ministry of Public Security refused to comment. The Development Research Centre knew nothing of any such investigation. The Ministry of Industry and Information Technology “could not confirm anything because of the matter’s sensitivity.”

This is the first quantitative indication of the price Corporate America has to pay for gorging at the big trough of the US Intelligence Community, and particularly the NSA with its endlessly ballooning budget. For once, there is a price to be paid, if only temporarily, for helping build a perfect, seamless, borderless surveillance society. The companies will deny it. At the same time, they’ll be looking for solutions. China, Russia, and Brazil are too important to just get kicked out of – and other countries might follow suit.

Now, IBM et al. aren’t necessarily purely victim to the NSA’s massive surveillance practices: there likely are legitimate domestic market changes that are also affecting the ability of Western companies to sell product in China and other Asian-Pacific countries. But still, that NSA can be used to justify retreats from Western products indicates how even companies not clearly and directly implicated in the scandals stand to lose. One has to wonder whether the economic losses that will be incurred following the NSA revelations are equal to, or exceed, any economic gains linked to the spying.

Categories
Links

Greater Oversight Required for Canada’s Spy Agencies

This is the kind of introspection and critique that all backbenchers should be able to present to the public. They shouldn’t be forced to leave their party caucus to do so.

Source: Greater Oversight Required for Canada’s Spy Agencies

Categories
Aside Links

‘Betray’ the NSA at Your Own Peril

It’s important to not resist the NSA when it wants something, especially if you depend on them for key contracts. From the Washington Post:

Nacchio was convicted of selling of Qwest stock in early 2001, not long before the company hit financial troubles. However, he claimed in court documents that he was optimistic about the firm’s ability to win classified government contracts — something they’d succeeded at in the past. And according to his timeline, in February 2001 — some six months before the Sept. 11 terrorist attacks — he was approached by the NSA and asked to spy on customers during a meeting he thought was about a different contract. He reportedly refused because his lawyers believed such an action would be illegal and the NSA wouldn’t go through the FISA Court. And then, he says, unrelated government contracts started to disappear.

His narrative matches with the warrantless surveillance program reported by USA Today in 2006 which noted Qwest as the lone holdout from the program, hounded by the agency with hints that their refusal “might affect its ability to get future classified work with the government.” But Nacchio was prevented from bringing up any of this defense during his jury trial — the evidence needed to support it was deemed classified and the judge in his case refused his requests to use it. And he still believes his prosecution was retaliatory for refusing the NSA requests for bulk access to customers’ phone records. Some other observers share that opinion, and it seems consistent with evidence that has been made public, including some of the redacted court filings unsealed after his conviction.

Not only was Nacchio charged, but he was unable to mount a full defence in a public court on the basis that part of that defence depended on revealing classified information. That information, itself, concerned the CEO’s unwillingness to engage in what his counsel advised were illegal activities.

You don’t need secret courts to undermine the course of justice, or secret investigations. All you really need to do is establish that some evidence is too secret to be used in your defence. In effect, by precluding a full-throated defence of the accused the very legitimacy of the open court system is undermined.

Categories
Aside Links

PhDerp: What it feels like to wait (again) for feedback on your dissertation

gradstudentdrone:

image

Like Bellatrix in the gif above, simmering inside me is barely concealed agitation as I watch the days go by without really hearing from my committee. It has been almost a month since I turned in my second draft and the only comments I’ve received have been, “so far, so good, definitely…

I read this and give thanks to my committee which is generally excellent at turning around chunks of my dissertation (usually in 100-200 page blocks) within a week or two (and often within 48-72 hours).

Source: PhDerp: What it feels like to wait (again) for feedback on your dissertation

Categories
Links Writing

Secret Courts, Secret Evidence, and American Justice

Techdirt has recently covered a just shameful decision out of the US. The case involved an alleged domestic terror suspect who the FBI helped in every way to plan a bombing in Chicago. From the article:

Daoud’s lawyers made a much more thorough request for the evidence obtained via the FAA. As they note, there may be significant problems with the FISA information, including, but not limited to the FISA application for electronic surveillance may fail to establish probable cause that Dauoud was “an agent of a foreign power.” As they note, he was an American citizen and school student in suburban Chicago. They also suggest the FISA application may have contained material falsehoods or omissions and might violate the 4th Amendment. The surveillance also may have violated the FISA law. There are many other reasons they bring up as well.

The Justice Department (of course) argued that it shouldn’t have to hand over any of this info, in part because it’s classified and in part because they’re not going to use that evidence against Daoud.

Unfortunately, the court wasted little time in agreeing with the feds that they don’t need to turn over the evidence collected under FISA.

Just to be clear, this means that a secret court approved the secret surveillance of a domestically situated American citizen, and then refused to disclose the collected evidence. The American defendant, then, cannot know the totality of evidence that the state collected. This evidence might have played a key role in subsequent investigative efforts and, as a result, may have ‘poisoned’ the subsequent evidence.

Of course, we seemingly won’t ever know if such a poisoning theorem is true or not. All we’ll know is that American courts permit the state to engage in secret surveillance without disclosing what was collected to defence attorneys. And declare all subsequent proceedings as a ‘fair’ trial environment.

Categories
Links Writing

BBM as a Microsoft Product?

Dan Froomer has an interesting 20/20 piece in which he asks what would have happened if Microsoft bought Blackberry in 2009. While he points to the potential of combining Z10 hardware with Windows Phone software, plus the 2009-value of Blackberry’s enterprise market, those claims aren’t his most ambitious. No, the pie-in-the-sky claim, emphasized below, is:

a Microsoft-BlackBerry tie-up in 2009 could have been good! Just as Microsoft was starting to put together a really solid software platform in Windows Phone 7, BlackBerry needed a grownup OS. Plus the obvious overlap in enterprise, RIM’s worldwide distribution, and even a budding mobile social network in BBM. There’s a possibility that it could have been a good combination.

Now, while BBM may have had up to 25 million subscribers in 2009 I simply cannot imagine Microsoft deciding to toss Windows Live Messenger with its 500 million+ users for BBM. My perspective is that things like BBM go to die in companies like Microsoft. Regardless of whether there were actual synergies between Blackberry and Microsoft in 2007 – and whether they could have been realized by Microsoft – BBM almost certainly wasn’t one of them.

Categories
Links Quotations Writing

2013.8.23

Neither the GCSB nor a spokesperson for the Embassy of New Zealand in the United States immediately responded to Ars’ request for comment. In June 2013, New Zealand Prime Minister John Key evaded answering whether the GCSB uses or has access to the NSA’s PRISM system.

“I can’t tell you how the United States gather all of their information, what techniques they use, I just simply don’t know,” Key told TV3’s Firstline. “But if the question is do we use the United States or one of our other partners to circumvent New Zealand law then the answer is categorically no. We do exchange—and it’s well known—information with our partners. We do do that. How they gather that information and whether they use techniques or systems like PRISM, I can’t comment on that.”

Cyrus Farivar, “New Zealand appears to have used NSA spy network to target Kim Dotcom”

What’s often missing from reporting about whether intelligence agencies are asking five eyes partners to monitor the agencies’ own citizens is this: rarely would a formal request for such monitoring services be required.

You see, folks in the intelligence and security agencies train with one another. They go to international courses together, just like any other group of professionals. And, as anyone who attends professional events knows, informal networks of information sharing arise. In the context of NSA/CSEC/ASIO/GCHQ/etc this can take the form of one government official complaining about the inability to conduct domestic surveillance on X group(s) that are regarded as a problem and then – independent of a ‘formal’ request! – other partners just might collect information on X given that a problem for the complaining agency just might turn into a problem for all the five eyes partners.

As an example: when a CSEC or NSA official complains that domestic extremists could be plotting a terror attack, but that neither CSEC or NSA can legally conduct the surveillance, a partner might be motivated to conduct the surveillance because, you know, terrorism. And, to turn the intelligence into something that’s actionable the foreign service could turn the collected information to CSEC/NSA/agency that is domestically located.

The great thing about this approach is no formal request needs to have been made. Is this as efficient as “Hey, can you guys spy on X so we don’t break our national laws?” No. But it does have the effect of generating favours and goodwill between the very professionals who are often in close contact with one another. And it also lets information be shared without the clear violation of domestic laws that forbid most intelligence services from spying on their own citizens.