Liberty News

 2015: Oct-Dec



 Offsite Article: GCHQ can hack your systems at will...


Link Here 29th December 2015  full story: Snooper's Charter...Tories re-start massive programme of communications snooping
gchq logo Thanks to soft touch oversight. Privacy International battle exposes bulk warrants

See article from theregister.co.uk

 

 Update: Any offence, no matter how small...

Theresa May states the internet snooping powers won't be restricted to serious crimes but will be used to target internet insults, trolling and bullying


Link Here 26th December 2015  full story: Snooper's Charter...Tories re-start massive programme of communications snooping
Theresa May The governments invasive mass snooping laws will be used to bring online bullies and trolls to justice, the Home Secretary says.

Theresa May reportedly says that surveillance powers, unveiled under the Investigatory Powers Bill last month, will be used by police and spooks to track down and identify anonymous cyberbullies. The Times reports that 'officials'  will be able to unmask users going by various aliases.

Previously the government has maintained that the far reaching Snooper's Charter would be restricted to tracking serious crimes such as terrorism and child abuse.

Offsite Article: Theresa May wants to see your internet history, so we thought it was only fair to ask for hers

26th December 2015. See  article from independent.co.uk

The Independent requested the Home Secretary's work browsing history for the last week of October under the Freedom of Information Act.

The Home Office has refused to make Theresa May's internet browsing history public under freedom of information rules, arguing that a request to do so is vexatious .

... Read the full article from independent.co.uk

 

 Offsite Article: Internet Snooping Providers...


Link Here 23rd December 2015  full story: Snooper's Charter...Tories re-start massive programme of communications snooping
ispa logo How the Investigatory Powers Bill will affect ISPs

See article from openrightsgroup.org

 

 Update: Endangering British People...

Apple asks if the risk of your bank account being cleared out by hackers is a price worth paying for the government being able to snoop on your personal messages


Link Here 22nd December 2015  full story: Snooper's Charter...Tories re-start massive programme of communications snooping
Apple logo Apple has called for changes to the UK government's investigatory powers bill, over fears it would weaken the security of personal data of millions of law-abiding citizens .

In a submission to the bill committee the company expressed major concerns and called for wholesale changes before the bill is passed. It siad:

We believe it would be wrong to weaken security for hundreds of millions of law-abiding customers so that it will also be weaker for the very few who pose a threat. In this rapidly evolving cyber-threat environment, companies should remain free to implement strong encryption to protect customers

Apple highlighted the main areas of the bill that it wants to see changed. It told the committee that passages in the bill could give the government the power to demand Apple alters the way its messaging service, iMessage, works. The company said this would weaken encryption and enable the security services to eavesdrop on iMessage for the first time. In its submission, Apple said:

The creation of backdoors and intercept capabilities would weaken the protections built into Apple products and endanger all our customers. A key left under the doormat would not just be there for the good guys. The bad guys would find it too.

Apple said it was worried about the scope of the bill as many of the provisions in the bill apply to companies regardless of where they are based, giving the bill international scope, despite being a purely domestic piece of legislation. It also runs the risk of placing companies in a damned if they do, damned if they don't position. The company said:

Those businesses affected will have to cope with a set of overlapping foreign and domestic laws. When these laws inevitably conflict, the businesses will be left having to arbitrate between them, knowing that in doing so they might risk sanctions. That is an unreasonable position to be placed in.

 

 Offsite Article: Preston...


Link Here 18th December 2015  full story: Internet Snooping in the US...Prism and secret internet snooping
thames house The history of the establishment of UK communication snooping facilities

See article from theregister.co.uk

 

 Offsite Article: The White House Back Door...


Link Here 17th December 2015  full story: Internet Snooping in the US...Prism and secret internet snooping
Electronic Frontier Foundation The EFF debates encryption with the White House

See article from eff.org

 

  Targeted Stop and Search...

Thailand will add income details to the National ID card database for police use but decides not to encode it on the card for public access


Link Here 14th December 2015
Mock up Thai ID card Thailand's Interior Minister Anupong Paojinda has responded to public criticism and scrapped the dreadful idea to include occupation and salary details on people's ID cards.

Social media exploded on Saturday after the military ruler, prime minister Prayut Chan-o-cha, suggested that inclusion of wage and occupation data should be included on Thai ID cards by 2017.

Today, however, General Anupong clarified that such information would only be included in an internal ministry database. He claimed that use of the data would not violate people's rights and the extra information was somehow being collected solely for the name of the public interest.

Human rights advocates opposed Gen Prayut's idea, calling it an invasion of privacy and violation of basic human rights. They argued people's salary and occupation were personal data and should not be displayed on ID cards, even to electronic readers. The disclosure of such sensitive information could spur discrimination and put people at risk of exploitation by criminals.

Gen Anupong said minimal additional funds would be needed to collect salary and occupation data, as only surveys were required, not the production of new ID cards or reader systems. Gen Prayut on Monday said minimum-wage earners would remain exempt from taxes, but their incomes would still need to be recorded.

 

 Campaign: My Car My Data...

European Automobile federations get together to campaign about another Brexit inducing EU policy that will see snooping devices inflicted on drivers from 2018


Link Here 10th December 2015
my car my data logo

Thousands of Europe's drivers will be spied upon by their cars from 2018 when every vehicle sold could alert advertisers, insurers, councils, tax authorities, traffic wardens and police to their habits and locations, a European motoring organisation is warning.

The Federation International de l'Automobile (FIA), a Brussels-based consumer body representing 111 motoring and touring clubs and 38 million drivers, has launched a campaign urging greater safeguards for the use of information on drivers gathered by tracking devices that will soon become compulsory in all new cars. FIA spokeswoman Andrea Campbell said its:

My car, my data campaign reflected the fact that information gleaned from cars is not protected by European data legislation.

From 2018, every new car will have a wireless box for road safety, and there is talk of retro-fitting telematics boxes into older cars. It's only a small step to offering infotainment, traffic information and rest stop promotions.

Manufacturers can track you, and lock you in to their terms and conditions. So we are pushing for dedicated privacy legislation for consumer data protection, greater consumer awareness, and a fair after-market for services.

Britain's AA motoring organisation is to join the campaign. Its president, Edmund King, said:

Connected cars offer drivers a vast array of new and exciting services and they can also help with breakdowns and crashes. But drivers may be unaware of just what information is collected, how it is used, who owns it and how is it protected. We support the FIA's campaign aimed at ensuring greater transparency.

Data-connected cars gather information on driving styles, including the duration of journeys, speeds, acceleration and sudden braking, as well as details of where cars park, refuel or charge their batteries, and latest destinations entered into on-board navigation systems.  Smart systems can identify driving violations and mobile phone use, record the number of passengers and relay information about engine trouble to emergency services. Such data can be sold to third parties.

 

  Liberte, Egalite, Fraternite...2 out of 3 ain't bad...

France looks to ramping up state surveillance


Link Here 7th December 2015

dgse logo The French government is looking towards some of the powers enabled by the current state of emergency and is proposing several ideas to increase state surveillance, including blocks on encrypted Internet connections and a ban on public Wi-Fi networks.

According to the newspaper, Le Monde, the extension of the state of emergency could also stretch to requiring all rental cars to carry GPS, expansion of public video surveillance, two-year telecommunications data retention, and approval for police to use IMSI-catchers (like the Stingray devices used in America to intercept mobile communications).

French news site Numerama.com adds that the matters under debate also include forced provision of messaging encryption keys. The proposals could be up for enacting in law as soon as January, Numerama says.

The proposals stretch beyond shutting off the Wi-Fi at Parisian cafes to banning shared connections with criminal sanctions as enforcement. It would seem that the French authorities want to be better able to correlate individuals with their internet communications by making sure that knowledge of an IP address ties down the communication to known and identified individual.

The proposals also indicate a desire to snoop on VoIP conversations, again with encryption keys to be given to the police.

 

 Offsite Article: GCHQ can hack your systems at will...


Link Here 2nd December 2015  full story: Snooper's Charter...Tories re-start massive programme of communications snooping
privacy international logo Thanks to soft touch oversight. Privacy International battle exposes bulk warrants

See article from theregister.co.uk

 

 Offsite Article: Unwanted Friends...


Link Here 1st December 2015
Facebook logo Banks, insurers and even the taxman are trawling Facebook and other sites looking for information about you

See article from telegraph.co.uk

 

 updated: Detailed Surveillance...

Offsite articles outlining details of the Snooper's Charter


Link Here 13th November 2015  full story: Snooper's Charter...Tories re-start massive programme of communications snooping

Spiked logo The Tory war on privacy

13th November 2015. See article from spiked-online.com

The Investigatory Powers Bill should be ripped up. By Tom Slater

What the Investigatory Powers Bill will mean for your internet use

10th November 2015. See  article from theregister.co.uk

So who REALLY knows what I access?

the register logo The Register details what ISPs will and will not be able to determine from your internet usage. However the article should be read with a little caution. Eg just because an ISP cannot determine which of your family members is accessing the websites on the log doesn't mean the authorities can't. In fact the bill mentions specific capabilities to use context and tracking cookies etc to determine which family member access which sites.

Apple logo UK surveillance bill could bring very dire consequences , warns Apple chief

10th November 2015. See article from theguardian.com

Any back door is a back door for everyone, says Tim Cook of proposals to allow authorities to track citizens' internet use without requiring warrant

UK Surveillance Bill a Threat to Privacy

9th November 2015. See  article from hrw.org

Human Rights Watch logo Key aspects of the bill include:

  • The bill would preserve current blanket data retention requirements for communications data and add a new requirement for communications service providers to retain users' "Internet connection records" for up to 12 months. As described in the government's explanatory notes, this requirement means that the government could get a list of all the websites a person visits or online services they use for up to a year. Even though this would not provide access to the specific pages of a website the person visited, it would be highly revealing of a person's online activity and could result in self-censorship with a chilling effect on free expression. It would also breach the right to privacy and to information, given that it applies to all users regardless of whether they are under suspicion. Intelligence agencies and police would be able to access such communications data without a warrant or review by a judge. Although judicial approval is required for police to gain access to journalists' sources, it would not be required for intelligence agencies to get this access.

Request Filters...

5th November 2015. See  article from theregister.co.uk

T the register logo he Snooper's Charter Bill reveals how the state will maintain a separate datebase entry for every internet user, even when they share an internet connection

Commenting on the government spin about the snooper's charter...

5th November 2015. See article from theguardian.com .

comment is free logo The surveillance bill is as big a threat to state security as to personal liberty. By Simon Jenkins

Surveillance Q&A what web data is affected and how to foil the snoopers...

5th November 2015. See article from theguardian.com .

The Guardian Critics call it a revived snooper's charter, because the government wants police and spies to be given access to the web browsing history of everyone in Britain.

However, Theresa May says her measures would require internet companies to store data about customers that amount to simply the modern equivalent of an itemised phone bill .

Who is right? And is there anything you can do to make your communications more secure?

Will UK spy bill risk exposing people's porn habits? ...

bbc news logo 5th November 2015. See article from bbc.co.uk .

So, the bill proposes the authorities be given the right to retrospectively check people's internet connection records without having to obtain a warrant.

That means, for example, they would be allowed to learn someone had used Snapchat at 07:30 on their smartphone at home and then two hours later visited Facebook's website via their laptop at work.

It may sound fairly innocuous - but of course many people have internet habits that are legal but nevertheless very private. So, is their privacy being put at risk?

 

 Updated: So strong encryption will be banned after all...

More propaganda from Theresa May and co shown to be bollox


Link Here 4th November 2015  full story: Snooper's Charter...Tories re-start massive programme of communications snooping

Theresa May Internet and social media companies will be banned from putting customer communications beyond their own reach under new laws to be unveiled on Wednesday.

Companies such as Apple, Google and others will no longer be able to offer encryption so advanced that even they cannot decipher it when asked to, the Daily Telegraph can disclose.

Measures in the Investigatory Powers Bill will place in law a requirement on tech firms and service providers to be able to provide unencrypted communications to the police or spy agencies if requested through a warrant. A Home Office spokessnoop said:

The Government is clear we need to find a way to work with industry as technology develops to ensure that, with clear oversight and a robust legal framework, the police and intelligence agencies can access the content of communications of terrorists and criminals in order to resolve police investigations and prevent criminal acts.

That means ensuring that companies themselves can access the content of communications on their networks when presented with a warrant, as many of them already do for their own business purposes, for example to target advertising. These companies' reputations rest on their ability to protect their users' data.

Update: The impact of a ban on encryption

4th November 2015. See  article from publicaffairs.linx.net

Contrary to recent promises by Ministers that the government will not attempt to weaken or undermine encryption, the new obligation would require companies to ensure that they had the capability to decrypt any data they stored. This would particularly impact cloud-based companies like Apple and Facebook, which have won consumer trust for the integrity of their Facetime and WhatsApp communications services by designing them with encryption that protects customer data even from the company itself.

End-to-end encryption means, for communications, that the message is encrypted by the sender with a key known only to the intended recipient. Thus Alice can Facetime Bob safe in the knowledge that Apple cannot access the communication, even though Facetime communications need to be sent through servers run by Apple. End-to-end encryption also applies for data storage in the cloud: a business storing its corporate data in a cloud service like Amazon S3 or Google Glacier will encrypt that data with a key that it knows and Amazon or Google does not.

The ability to support end-to-end encryption has been a crucial factor enabling adoption of cloud-based services as a viable alternative to traditional applications run by corporate IT departments. Quite apart from any consumer backlash, prohibiting this capability would give pause to more security-sensitive businesses, that have a duty to protect the integrity of their customer data: if storing data in the cloud means exposing customer data to the cloud-service provider, use of cloud services becomes much riskier. Recent high-profile breaches at TalkTalk, Vodafone and credit-rating agency Experian have greatly raised sensitivity to risk.

 

 Update: Council Jobsworths and their dogs will be able to snoop on your browsing history...

Time to write a bot to visit millions of random sites to obscure your actual browsing


Link Here 2nd November 2015  full story: Snooper's Charter...Tories re-start massive programme of communications snooping

Theresa May Councils, the taxman and dozens of other public bodies will be able to search the internet and social media activity of everyone in Britain, The Telegraph can disclose.

Technology firms will be required to keep records of the websites and apps which people have used and details of when they accessed them for 12 months under new powers unveiled this week.

The new powers, contained in legislation which is published on Wednesday , will primarily be used by police and the security services in pursuit of suspected terrorists and serious criminals.

Nominally they will not be allowed to see which pages people have viewed or their searches while on the websites and apps, or the content of any messages, without a warrant, however it would seem likely obtaining a warrant will be a rubber stamp exercise.

The Telegraph understands that a total of 38 bodies will also be entitled to access the records for the purpose of detecting or preventing crime .

A government source claims that access will be limited, targeted and strictly controlled and overseen by a new Investigatory Powers Commissioner, but such 'oversight' has never ever done anything to reign in the authorities in any previous incarnation of snooping laws.

Ministers are also planning to introduce a new offence to deter the abuse of powers which will result in significant fines. Councils will also be required to get requests signed off by a magistrate before they are authorised, but it seems unlikely that a magistrate would ever side with anyone accused of a crime.

The authorities will be able to see which websites were visited, but not the exact page that they viewed.

The intelligence agencies, police and the National Crime Agency will be the obvious users of the capability but other bodies including the Financial Conduct Authority, HMRC, councils, the Health and Safety Executive and the Department for Work and Pensions will be able to access the information.

 

 Offsite Article: Do you prefer snooping on you to be rubberstamped by judges or politicians?...


Link Here 2nd November 2015  full story: Snooper's Charter...Tories re-start massive programme of communications snooping
open democracy logo The Investigatory Powers Bill is our chance to publicly set the rules around surveillance. By Julian Huppert

See article from opendemocracy.net

 

 Offsite Article: Volkswagen, Encryption and Backdoors...


Link Here 2nd November 2015
Novelty Come Doormat 60x40cm Outdoor Volkswagen's lesson on encryption software. By Nadim Kobeissi

See article from opendemocracy.net

 

 Offsite Article: Don't be fooled by spook propaganda...


Link Here 1st November 2015  full story: Snooper's Charter...Tories re-start massive programme of communications snooping
Henry Porter The state still wants licence to pry. By Henry Porter

See article from theguardian.com

 

  Tor Messenger...

Beta release of messaging app that will later provide secure comms


Link Here 31st October 2015
tor messenger logo A new chat tool has been launched in an effort to improve the security of online messaging.

Tor Messenger allows users to chat over the Tor (The Onion Router) network in a way which hides the location of participants. It means that the contents of messages will only be visible to the participants. The service will also work with platforms like Facebook even in countries where they are banned.

The tool is currently in beta and will undergo security tests.  It is not yet recommended for users with current security requirements.

Users wishing to remain anonymous or access chat clients blocked in their own country could use Tor Messenger to chat via services like Facebook Chat, Google Talk, Twitter, Yahoo and Internet Relay Chat.

 

 Update: Human Rights Defender...

European Parliament passes resolution to support Edward Snowden


Link Here 30th October 2015  full story: Internet Snooping in the US...Prism and secret internet snooping
European Parliament logo The European Parliament voted Thursday in support of a resolution that calls on member states to protect Edward Snowden from extradition.

The vote, which has no legal force, was 285-281. The resolution urges nations to drop criminal charges and consequently prevent extradition or rendition by third parties, in recognition of his status as whistle-blower and international human rights defender.

On Twitter, Snowden repsonded

This is not a blow against the US Government, but an open hand extended by friends. It is a chance to move forward.

In response to Thursday's vote, U.S. State Department spokesman John Kirby said the U.S. policy on Snowden has not changed:

He needs to come back to the United States and face the due process and the judicial process here in the United States. That's been our position from the beginning. It's our belief that the man put U.S. national security in great danger and he needs to be held account to that.

 

 Offsite Article: Controversial Cybersecurity Bill Passed By Senate...


Link Here 29th October 2015
US Senate Explaining the latest CISA bill facilitating US mass snooping

See article from techtimes.com

 

 Offsite Article: Surveillance, privacy, and the British press...


Link Here 27th October 2015
open democracy logo In the surveillance versus privacy debate that followed Snowden's revelations, the UK government and the British press have been rather strange bedfellows. By Jonathan Heawood

See article from opendemocracy.net

 

  When your government or police take a liking to your account...

Facebook will notify users when they are targeted by nation-states


Link Here 19th October 2015
Facebook logo Alex Stamos, Chief Security Officer at Facebook, explains its new Notification for targeted attacks:

The security of people's accounts is paramount at Facebook, which is why we constantly monitor for potentially malicious activity and offer many options to proactively secure your account. Starting today, we will notify you if we believe your account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state.

While we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored. We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts.

It's important to understand that this warning is not related to any compromise of Facebook's platform or systems, and that having an account compromised in this manner may indicate that your computer or mobile device has been infected with malware. Ideally, people who see this message should take care to rebuild or replace these systems if possible.

To protect the integrity of our methods and processes, we often won't be able to explain how we attribute certain attacks to suspected attackers. That said, we plan to use this warning only in situations where the evidence strongly supports our conclusion. We hope that these warnings will assist those people in need of protection, and we will continue to improve our ability to prevent and detect attacks of all kinds against people on Facebook.

 

 Update: Claims of shorter retention times...

Germany passes new internet mass snooping law, after all they now have an awful lot of Syrians to keep an eye on


Link Here 17th October 2015  full story: Internet Snooping in the US...Prism and secret internet snooping
Germany flag Germany's Bundestag has voted for a new version of the data retention law that caused so much controversy in the past.

The new law will force telcos to store call and email records for 10 weeks, as well as metadata including information about who called or emailed whom and when, and call duration. IP addresses will also be logged. Mobile phone location data will only be stored for four weeks.

The data is only to be used in the investigation of terrorism and other serious crimes (but all crimes are defined as 'serious' crimes these days) and police must get a judge's consent before rifling through personal metadata, and the individual in question must be notified.

Justice Minister Heiko Maas defended the new law, saying that it was proportionate, in contrast to earlier legislation, as less data would be stored and retained for a shorter time.

 

 Offsite Article: Are you a traitor?...


Link Here 17th October 2015  full story: Internet Snooping in the US...Prism and secret internet snooping
bbc panorama 2013 logo The BBC Panorama interview with Edward Snowden

See article from opendemocracy.net

 

  Cameron looks into Obama's backdoor...

The Obama administration will not pursue requirements for government backdoor into encrypted communications


Link Here 16th October 2015

Barack Obama The Obama administration has announced that it will not be pursuing legislation to force tech companies to introduce encryption backdoors. National Security Council spokesman Mark Stroh said:

As the president has said, the United States will work to ensure that malicious actors can be held to account -- without weakening our commitment to strong encryption. As part of those efforts, we are actively engaged with private companies to ensure they understand the public safety and national security risks that result from malicious actors' use of their encrypted products and services.

The announcement came in the same week that Wikipedia founder Jimmy Wales called the British Prime Minister's anti-encryption rhetoric moronic . He said:

It's too late, David. ...The genie is out of the bottle. ...It is not feasible in any sense of the word for the UK to ban end-to-end encryption. It's a completely moronic and stupid thing to do. We all have a very strong interest in a safe and secure internet.