While it’s certainly not definitive, and it doesn’t walk you through using each and every tool, Edwards has a good high-level overview piece that is worth reading.
Categories
Category: Links
There genuinely are bad people in the world, individuals and agents who largely exist to cause serious harm to citizens around the world in democratic states. These individuals cannot, however, be permitted to destabilize an entire population nor operate as reasons for totalizing mass surveillance. In the UK an incredibly senior and prominent security and intelligence expert, Sir David Omand, has nevertheless called for the following:
In a series of recommendations to the government, Sir David – the Cabinet Office’s former Security and Intelligence co-ordinator – said out-dated legislation needed to be reformed to ensure an ethical and legal framework for such intelligence gathering, which was clear and transparent.
The report recommends that social media should be divided into two categories, the first being open source information which public bodies could monitor to improve services while not identifying individuals without permission.
On the more contentious category of monitoring private social media, Sir David said it needed to be properly authorised – including the need for warrants when it was considered “genuine intrusion” – only used as a last resort when there was substantial cause and with regard to “collateral damage” to any innocent people who might have been in contact with a suspect.
It must repeatedly, and emphatically, be stated that ‘transparency’ in the intelligence world does not mean that citizens will actually know how collected data is used. Neither does codifying surveillance practices in law minimize citizens’ concerns around surveillance. No, it instead operates as a legal shield that protects those engaged in oft-times secretive actions that are inappropriately harmful to innocent citizens. Such changes in law must be incredibly carefully examined by the public and opposed or curtailed whenever there is even the slightest possibility of abuse or infringement of citizens’ reasonable normative expectations of privacy from state intrusion and surveillance.
The Guardian has an excellent bit of coverage on UK-led rendition practices. These practices entailed collaborating with Libya and China to turn over members of the Libyan Islamic Fighting Group, an anti-Gaddafi organization. Ian Cobain, the journalist, precisely notes the kinds of experiences that UK and American agents subjected members of the organization to during their capture and transit to Libya.
It’s a harrowing read, but important, as it details the significance and associated dangers of the state’s secret extension of powers. It also recognizes that states will ‘turn’ on individuals and groups that they had once supported on the basis of building economic relations with a new ‘friend’. Perhaps most ominously, the article outlines how the secret court processes – where neither the accused nor their counsel are permitted to view or argue about evidence against the accused – have had their rulings ignored. Even the judges in these secret cases cannot impose their power on the state, indicating that arms of the government are entirely divorced from the accountability required for democratic institutions to (normatively) survive.
The only way to stop these kinds of practices is for the public to stop quietly ignoring the erosion of their democracies, civil liberties, and basic freedoms. It remains unclear how this can be done, but given the expansion of the state’s perception of its executive powers, it is imperative that citizens vigorously and actively begin protecting their democracies before the last shreds of democracy are truly lost.
Categories
Guide to Hardening iOS 5
The Australian Department of Defence, Intelligence and Security division, has produced a particularly good walkthrough for hardening the iOS environment (.pdf). I’d recommend it to the curious and for system administrators who are interested in evaluating/contrasting their own iOS deployments.
Valve’s Handbook for New Employees has made its way to the Internet. While such handbooks are normally incredibly dull – I mean, really, who hasn’t almost fallen asleep or committed suicide to escape reading one? – Valve’s is excellent.
It lays out corporate culture, modes of engaging with other employees, identifying tasks worth doing, and how the company actually functions. It doesn’t take itself too seriously and is scattered with jokes. Valve has, effectively, created a whimsical and useful document that embraces employees. Employers could learn from what Valve has done.
Categories
Fixing Some of Gmail’s Design Problems
I’ve used Google Apps for years and absolutely despise the new UI changes. Jason Crawford has some suggestions about undoing some of the horror. If you use Gmail, and hate the changes as I do, his walkthrough will likely be of interest.
While not related strictly to technology, Forbes has a good breakdown of why Kobe beef that is sold outside of Japan is (effectively) never the famed Kobe beef that myths are written about. It’s a good, direct, blunt piece. The kind of journalism I think we can, and want to, all support.
It (re)raises important questions that implicate technology. Wireless technologies are sometimes called “4G” but this is only true under revised ITU regulations. Originally 4G technologies were meant to be transformative – they referred predominantly to LTE and beyond – but this was revised in 2010 to refer to “3G technologies substantially better in performance and capability than earlier 3G technologies.”
Similar legal issues arise around the definition of public domain: with different international bodies possessing different copyright terms, the variance could lead to jurisdictional disputes around what is(n’t) public domain. Such disputes may lead to the removal of content if it happens to be stored or accessible in nations with the more onerous copyright terms.
These are just two areas where ‘labelling’ is important. In all three cases – beef, wireless speeds, and copyright – it’s legal terms that enable variable terminology associated with common goods. For consumers in a globalized world, who are often unable to spend the time to track down the ‘truth’ behind the labels, such labels can be incredibly confusing. We can do better, and we should do better, and find a means of rectifying confusions that arise from domestic labelling.
Bruce Schneier, talking about the social and economic threats to the Internet’s infrastructure
Brian Snow, the (now) ex Technical Director of the NSA’s Information Assurance Directorate, speaking on Cybersecurity. Actual talk begins at 2:10.
A group of my colleagues and I are always on the hunt for affordable, easy-to-use, secure drive encryption tools that can be deployed to non-technically savvy individuals. The most recent piece of software we’ve come across is LaCie’s Public-Private encryption which, as far as I can tell, is a pretty front-end for TrueCrypt.
I’ve reached out to the company in the hopes of learning what, if anything, they’ve done in making TrueCrypt a tiny bit easier for people to use. TrueCrypt is one of the more secure means of protecting data. LaCie’s software itself is free – available here – and runs on any USB drive, so you can use the software without having to purchase anything from the company. The only deficit that I’ve come across thus far is that you can only create 4GB partitions; this means that if you want to encrypt everything on an 8GB drive then you’ll need to establish two separate partitions.
I’ll be updating this site once/if I hear back from the company.
Excited Pixels 