Zara’s Space on the Web – Musings

December 4, 2013

A summary of the article that made me care about the NSA issue

Filed under: Computers,Geekery,Politics — zarazilla @ 8:33 am
Tags: , ,

I’m going to admit that I didn’t really care that much about the whole NSA spying thing for a while.  Maybe because I’d assumed it was always already kinda happening.

Then I read an article by the New York Times, which made me care, as it explained exactly how the NSA had managed to do all this spying, including weakening international cryptography standards, which I found most alarming.  If you have time, I highly recommend reading the article, N.S.A. Able to Foil Basic Safeguards of Privacy on Web, by Nicole Perlroth, Jeff Larson and Scott Shane (September 5, 2013).

If not, I’ve attempted to summarise the main points here, with a little restructuring of information to get around newspaper format, which can be repetitive and/or confusing.  I’ve copied text straight from the article when convenient and skipped parts people might already have known/suspected.

Introduction

In the 1990s the NSA attempted to legally insert a government ‘back door’ into all encryption (the Clipper Chip).  This means that they would be able to bypass encryption efforts so that they would be able to access anything they’d want, but the proposition was deeply unpopular and they eventually backed down in 1996.  But rather than stopping there, they went on to try to gain access to anything they wanted through stealth and trickery.

Working with, coercing and deceiving companies

The NSA hacked into computers to retrieve messages before they were encrypted, used super fast computers (I take it they mean supercomputers) to break codes and worked with technology companies in the US and abroad into building in back doors into their security.  Some say they were coerced, and there are cases where companies shut down rather than compromise themselves and their customers.  Lavabit, an e-mail encryption company closed while Silent Circle ended its e-mail service.

According to a leaked intelligence budget document, the NSA spends more than $250 million a year on its Signit Enabling Project, which “actively engages the U.S. and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs” to make the “exploitable”.  In one instance after learning that a foreign intelligence target had ordered new computer hardware, the American manufacturer agreed to insert a back door into the product before it was shipped.

Still others have been compromised without them knowing it.  In 2012 GCHQ (the British NSA counterpart) had developed new ‘access opportunities’ into Google’s systems.  Google denied giving any government access and said it had no evidence its systems had been breached (This later article describes what might have happened).

The agency maintains an internal database of encryption keys for specific commercial products, which can automatically decode many messages.  Independent cryptographers say many of the keys are probably acquired by hacking into companies’ computer servers where they are stored.  To hide what the NSA were doing, only keys that have been acquired through legal means (i.e. not hacking) could be shared with other agencies.

Weakening Cryptography standards

Another tool the NSA have been attempting to use to aid them in obtaining information is to introduce weaknesses into encryption standards followed by hardware and software developers around the world. This is a dangerous game for the NSA to play, because although by weakening cryptography standards they are able to access communications from potential enemies, they’re also compromising the security of American communications.

The NSA wrote a standard for cryptography which was adopted by the National Institute of Standards and Technology in 2006 and later by the International Organization for Standardization, of which 163 countries are members.  In 2007 Microsoft cryptographers found fatal weakness in the standard, which classified NSA memos appear to confirm were engineered by the agency.  The article claims the standard was aggressively pushed on the international group.

Advertisements

June 22, 2011

Protecting the internet’s freedom of information

Filed under: Computers,Geekery,Politics — zarazilla @ 8:37 pm
Tags: ,

A while back I was sitting on the tube, and a woman sat down next to me who was perusing a Daily Mail app on her phone. It was only then that it occured to me that none of my friends or colleagues actually read the Daily Mail (apart from to make fun of it). It was then that I realised just how much I live in my own little bubble, where my friends agree with me on most of my political views. I mean sure I have an ex-classmate on facebook who is a member of the Tea Party and a friend who has recently come out on the Austrian side of economics, but he still believes in many of the same things I do and she and I agree on…

Okay. There is not much politically that the Tea Party member and I agree on, including abortion, immigration and climate change. We do, however, agree on at least one thing – the freedom of the internet.

And that is what I am writing about here because, unfortunately, her views and posts on all these things are slowly getting erased from my facebook News feed. I say ‘unfortunately’ unsarcastically (if that is a word) because I believe in looking at all sides of the debate for informed opinions and her posts have kept me informed on the Tea Party arguments. I may not click on 99% of them, but I like having them amongst pictures of babies and cousins’ vanity pictures and vague status updates about the night before to peruse.

Of course if you’re on Facebook you know that they have a very select filtering process. I have 476 ‘friends’ (it’s a TCK thing) and there is no way I am seeing facebook updates from, say, 90% of them. So when I’m not clicking on the posts on guns and why Obama is an asshole, Facebook decides her posts are not worth my time and starts filtering them out of my news feed.

This, however, is not merely a Facebook phenomenon. My main search engine, Google, has been busily filtering things specifically for me too. Pushing things it thinks would be more interesting to me up the search results.

This, to me, is a huge threat to the internet that promised so much in the past decade with the ability to give the average layperson (in a relatively developed country) free information and opposing viewpoints in order to make informed decisions – on purchses and politics (and probably other things but I can’t think of them right now!). The provision of comparison sites have made markets in music, flights and insurance (to name a few) much more competitive, the provision of information from global sources has been a lifeline to many in propaganda-pushing countries.  No wonder one of the first things Egypt’s beseiged government did during the Egyptian demonstrations was cut off the internet. It’s also why I think internet astroturfing is such a huge threat.

But this ‘filter bubble’ is a threat too – because unless we are actively looking for information or views outside of what we are normally exposed to, or are happy with, we won’t get it. How many people will say they actively look for it? This is a danger because many opinions on subjects we are not very informed about are formed through what we, probably unconsciously, pick up from the people and information that surrounds us.

I listened to a great talk on this subject by Eli Pariser, who recently released the book ‘The Filter Bubble: What the internet is hiding from you‘. One thing I found particularly interesting is the danger of the Facebook ‘like’ button – and the use of the word ‘like’!

You can download the podcast from the LSE website.

If you are interested, Pariser has also given 10 tips on how to get as unfiltered an internet experience as possible.

February 25, 2011

Thoughts on fighting internet astroturfing

Filed under: Geekery,Hippiery,Politics — zarazilla @ 11:48 pm

A bit on the late side as usual, I read this article by George Monbiot tonight on the bus (coincidentally while going around Parliament Square) and was immediately outraged.  For those of you who can’t be bothered to read the article, the summary is thus:

For a while now, PR companies (and the Chinese government) have been paying people to go on the internet and promote products (or ideologies) subtly – i.e. not as an obvious advertisement, but more like Jane Doe goes on a message board and tells everyone how much she loves using hair product K or a Chinese citizen getting upset and abusing a criticism of the Chinese government. What’s even more worrying though, is that lately organisations (companies and other types of organisations including the US Airforce) are now paying dedicated companies who are creating multiple fake people to do the same thing.  Two quotes from the article:

“I was contacted by a whistleblower… part of a commercial team employed to infest internet forums and comment threads on behalf of corporate clients, promoting their causes and arguing with anyone who opposed them… He posed as a disinterested member of the public. Or, to be more accurate, as a crowd of disinterested members of the public: he used 70 personas, both to avoid detection and to create the impression there was widespread support for his pro-corporate arguments.”

“This software creates all the online furniture a real person would possess: a name, email accounts, web pages and social media. In other words, it automatically generates what look like authentic profiles, making it hard to tell the difference between a virtual robot and a real commentator… Human astroturfers can then be assigned these “pre-aged” accounts to create a back story, suggesting that they’ve been busy linking and retweeting for months.”

As somebody who feels like she grew up with the internet, believes in democracy and free speech and participated in online forums, this absolutely outraged me.  I’m always one for thinking I can help make a change.  So I started writing an e-mail to the George Monbiot discussion group.  The rest of this post is an edited version (for clarity) of this e-mail which turned out into a mini manifesto of what we as individuals can do to fight back against internet astroturfing.

The first thing is to raise awareness.  Being an ex-computer scientist and now working in the environmental sector, I feel like I should have heard about this by now, but it came as a huge shock (although, “oh, that makes sense” did make itself heard at the back of my mind).  So perhaps what we can do is post this on any popular message boards we frequent, make people aware and solicit opinions.  Tweet it, post it on facebook and reddit.

Which brings me to the second thing.  The article mentions ‘social media’ a lot.  It may mean other services, but to me the largest social media networks are Twitter, Facebook and Reddit.  I’ve never actually read the terms and conditions of any of these services (and I can’t afford the time to right now), but the first question should be if what these companies are doing are contravening these services’ terms and conditions. Same goes for the targets of these companies: the newspaper websites, popular forums, etc.  If they are, great.  If not, we need to write to these websites to make them aware of what is happening – maybe they are already, maybe they’re not.  But I’m guessing that none of them want their websites used in the manner by which astroturfers are attempting to. They’ll need to rewrite their terms and conditions, and they’ll need to put people onto the case to figure out how they can detect and stop it.

This will be the difficult part for these companies.  The Daily Kos reports that HB Gary are recruiting from “many different agencies and top universities like MIT”. The social media companies will have to stay ahead of these guys, but I’m sure they can do it. I know they, too, are recruiting from top universities and stealing staff from each other.

I’d love to have a discussion on this and hear anybody’s thoughts.  In the meantime, I’ve posted George’s article to my facebook wall and tweeted it as per my suggestions. :)

—Links

The article that kicked this post off

George Monbiot’s first article on astroturfing

The Daily Kos report on an e-mail from one of the astroturf companies

May 10, 2010

Let’s stop pretending the world is black and white

I was just watching the BBC Election Special and was shocked by how all the political commentators distilled issues down so much that it seemed like they had decided the world was black and white:

  • David Dimbleby kept on referring to Labour and the Liberal Democrats as the ‘losing parties’. He fretted that a coalition government would be formed out of the ‘losing parties’. – It is clear that none of the parties has ‘won’ as none have an absolute majority, and none of the parties that have as many seats as the Liberal Democrats and Labour do have ‘lost’. BNP, UKIP, Christian Democrats are all ‘losing parties’ because they don’t have a single seat.  If Labour and Lib Dem did form a coalition with other parties, it wouldn’t be a coalition of losers, because they would have managed to come to an agreement to become a coalition with an absolute majority, the ‘goal’ they have to reach for a stable government, therefore they would have ‘won’ through working together.
  • John Reid said that 74% of people had voted against proportional representation, his thinking being that since the Liberal Democrats were the only party that made PR one of their main issues and only 26% of the population voted for them, therefore 74% had voted against proportional representation. – There are of course a million other issues at stake while voting for your member of parliament including local issues, and painting the general election as a vote for or against proportional representation is clearly ridiculous.
  • Everyone says that Nick Clegg is playing the ‘Kingmaker, as he and the rest of the Liberal Democrats decide whether they will form a coalition with Labour or Conservatives, therefore helping to grant them an absolute majority. The truth is that Nick Clegg is only playing the ‘Kingmaker’ because Labour and Conservatives cannot possibly conceive of working together.  Everyone is seeing this situation as black and white, either Conservative wins or Labour wins. It is not conceivable at all that they attempt to work together? As far as I know, the Liberal Democrats have been speaking to both of them, however Labour and Conservatives have not been speaking to each other.  This means that the power is in the hands of the party with the least votes between the three main parties. Maybe I’m being idealistic to imagine that Labour and Conservatives could try and work something out, that they would actually have to discuss things with each other and try to bring the members of one over to the point of view of the members of the other in order to pass things through the various houses, rather than sneer, jibe and name-call each other all the time. It would probably make for much more informed discussion happening, which can only be a good thing.

I can see why it is easier to distill things down so that they look black and white, and this perhaps works for really complicated issues in less important areas. However for perhaps more important issues such as the future government of the UK, lets try and keep discussion at a level where biases aren’t formed from the distillation, all options can be seen, and outright lies aren’t told.

April 24, 2010

Who should I vote for?

Filed under: Politics — zarazilla @ 10:44 pm
Tags: , , , ,

As I’m sure you already know, the UK general election has been called for Thursday 6th May.  I do believe it is very important for people to go out and vote.  But even more importantly is that people figure out who it is they should vote for according to their views.  I had a friend at university who voted BNP in a local election because it was the only party that said ‘British’ on it instead of  ‘Scottish’…. we lived in Edinburgh.  When she found out what the BNP stood for she was horrified!  Far better had she stayed away from the polls than vote for a party that was against what she wanted.

You want more? Here’s some with humour.

Not many of us have the time or inclination to read through manifestos and try and decide whether parties have generally stuck to what they’ve said before.  Luckily for us, we live in an age of modern conveniences and where people dedicated to the cause of helping people choose which party to vote for, no matter their views, have come up with some tools!  I’m going to test run a few of those here and tell you how time consuming it is, how likely it is to be accurate, and, scarily, what parties they suggest to me!

Okay. First off, Vote Match!  Vote Match is an ‘Unlock Democracy‘ project in association with The Telegraph, Goldsmiths University of London, and The Joseph Rowntree Reform Trust.

It is very easy to use and definitely for those who don’t want to spend too much time reading things. After telling it which country you live in, you go straight into 30 questions about how you feel about things. You can either agree, disagree, or remain ‘Open Minded’. The only thing I didn’t like about this was there were a few questions where you could’ve done with a bit more information or a button which said ‘It depends’. Next it asks you to select your priorities over 12 issues, what you feel are the most important and least important issues.  It the asks you to select the parties you’d like to be compared with and includes that for accurate results, not to include any part you would never consider voting for. I like to think I’m a pretty open minded person, so I select all parties apart from the BNP. Because lets face it, if the BNP were ever in power I wouldn’t have the power to vote. Next, they offer to email you to remind you to vote. I reckon I probably won’t need reminding, so I skip the option.

Apart from various frustrations with the limited answers you can give to the questions, VoteMatch is very straightforward and easy to use.  My result? UKIP!  UKIP???? UKIP!!!!  I am worried…. but as I look through the answers to the questions I can see why. The quesions where I got frustrated the most with the limited answers have aligned themselves with UKIP… in exactly the ways I was thinking they shouldn’t.  My next match is with the Liberal Democrats, then the Green Party, and then I am tied with the Labour Party and the Conservative Party. Interesting.

Next up: Vote for Policies.

The idea behind Vote for Policies is that it keeps you a number of points from each parties manifesto and asks you to choose from the sets of policies, rather than the personalities. It’s a good idea, but actually doesn’t really work in the context its presented in as the points are quoted ad verbatim and it is obvious who some of the parties are due to the language used, or some points which have been brought up in the press.

Nevertheless, Vote for Policies gives you a much more indepth look and is for people who want to spend more time on choosing who they want to vote for. They start off with asking you what issues, out of a selection of 9, you are interested in. I choose all 9.

The sets of policies make for long reading, and you do get torn between a few of them. It would be nice if they had an optional ranking system.  It takes quite a while to get through them, but after the fourth section I start skipping some once I start reading vile things.

My result? Liberal Democrats. I come out Liberal Democrats on Health/NHS, Democracy, Environment, Europe and Welfare. Green on Crime and Immigration (funny, as I didn’t vote Green for MEPs because of their immigration policies, I guess they must’ve toned them down), Labour on Economy, and funnily enough, UKIP on Education.

There may be a few more quizzes out there, but for now I’m heading for bed!

Blog at WordPress.com.