Tag Archives: privacy

Social Security Numbers Are Kinda Sorta National IDs 

C. G. P. Grey has a video on Social Security numbers, and how even though they were explicitly not meant to be used for identification — it used to plainly state that on the card — their  ubiquitness made it too tempting for the IRS and various financial companies to not use them for identification. So now, they’re national ID cards in all but name, and very very poor ones, because they are horribly insecure.

See also:

Furloughed NSA


If you’re reading this in the distant future, this is regarding the 2013 U.S. government shutdown and the NSA surveillance scandal

See also:

Via FAIL Blog

The NSA Eavesdrops On Everyone Because… There’s Money In It?

This is the “nobody expects the Spanish Inquisition” moment of the whole Snowden saga, except instead of the Inquisition, it’s the Defense Industry. Last week, the House of Representatives had a vote to de-fund the NSA’s eavesdropping ability. In the end, the vote did not go through and the NSA still has money to collect all our data; but it was pretty close: 217 to 205 votes. Wired wondered if money had anything to do with the outcome of the vote and had the non-partisan, non-profit political money tracker maplight.org look into the matter.

Defense Contributions Chart

The evidence is pretty damning: the Congressmen that voted to continue funding the NSA’s activities received twice as much money from the Defense Industry. Why? Because NSA personnel are but a fraction of the NSA workforce. The rest is made up of contractors from companies like Lockheed Martin, Northrop Grumman, and Booz Allen, where Snowden used to work. If NSA funding gets cut, the piece of the funding that goes to the contracts will also disappear, which obviously is not good for the defense contractors.

But it probably works the other way also: the more stuff the Department of Defense and Intelligence Community does, the more contractors they need, and the more profits the contracting companies make. Ergo, if the companies want to make more money, they need the government to do more stuff. And they can get the government to do more stuff by lobbying Congressmen and giving them a piece of the cut as donations. So, actual national security need aside, it behooves defense contractors if everyone believes that building systems which collect and analyze more data, better, and faster is a good thing. It’s like taking advantage of a fire to sell everyone in the neighborhood fire retardant furniture and clothing, which they probably don’t need. Except fire retardant wouldn’t threaten our civil liberties, the way being constantly monitored does.

And all of this, done on the taxpayer’s dime.

See also:

From Maplight, via Wired

NSA Whistleblower Might Be A Genius, Might Be An Idiot

Ok, “genius” is probably a stretch, but the guy does appear to be smart:

  • He rose through the ranks of the government from enlisted soldier to security guard, to IT guy, to really well-paid IT contractor guy in Hawaii in less than 10 years
  • He’s definitely well-spoken and looks pretty smart in the video
  • He had the foresight to nobly out himself, get the protection of the public, get a pat on the back from the Pentagon Papers whistleblower, and go down in the history books, rather than wait until the CIA renditioned him to Poland
  • He gave up a super-well paying job in paradise to protect our democracy

Then again, he may not be the sharpest tool in the shed:

  • He gave up a super-well paying job in paradise to protect our democracy
  • He fled to Hong Kong, which is apparently the second worst place to flee to, if you’re running from the US government
  • He apparently used his real name when checking in to his hotel in Hong Kong, pretended the journalists got the wrong guy when they called, and then checked out
  • He doesn’t even have his high school degree, and even failed to get his GED
Edward Snowden

Edward Snowden


So at this point, Edward Snowden (whose name, it has to be said, kinda sounds like a Game of Thrones character or two) is to us much like Schrödinger’s cat, at both times smart and dumb. As for the NSA, if he’s smart, then he might’ve bested the them. If he’s dumb, how dumb is the NSA to have hired him?

One final note as we find out more about him: while all of the above is hard to dispute because much of it came from Snowden himself, one must also keep in mind, that when the Pentagon Papers whistleblower, Daniel Ellsberg, came out, the Nixon administration tried to discredit him in all kinds of ways, going as far as breaking in to his psychiatrist’s office, and hashing a plan to drug with him LSD. Of course, that action caused Ellsberg’s mistrial and is the reason he’s a free man today. The Obama administration will likely not make such an error, meaning that unless he escapes extradition, Snowden’s best chance is jury nullification.

In the meantime, we should all at least thank him for revealing the actual Facebook privacy settings:

Facebook privacy settings, with NSA


See also:

Via The Wall Street Journal, Slate, NPR and Gawker and FAIL Blog

Obama Makes Distinction Between Light And Hardcore Surveillance

“Nobody is listening to your telephone calls.” The government collects “phone numbers … and duration of calls… they are not looking at people’s names and they are not looking at content.” – President Obama, today in San Jose, CA

That roughly translates into “we’re just kinda keeping an eye on you, not really… you know… super-monitoring your calls hardcore.” As if light surveillance is somehow okay in a free society and we should just get used to things being like this now. In a few more years, when persistent drones fly in our skies high above the clouds, and news breaks out that the feds are monitoring everyone’s movements on the ground, the response will be:

“Nobody is bugging your house. We’re just looking at where you go and for how long… we’re not looking at people’s names and we’re not watching you inside your own house.” – President Obama in the Panopticon of the future

Because that would be crossing some kind of line, whereas just keeping tabs on everyone is perfectly normal for a democratic government, composed by the people and for the people, to do.


Update, June 9th: The very next day, Obama added:

“You’ve got private companies that have a lot more data and and a lot more details about emails and phone calls than the federal government does,” he said.

“So we’re going to take that data from those private companies by force, because we realize that no one would sign up for a government-run Facebook.”

One nation, under surveillance

See also:


Relax, The NSA Snooping On You Is Perfectly Legal

Many of the people that found themselves living in Soviet America today believe that the administration overstepped its bounds when it gave the NSA permission to monitor all calls in the country made on Verizon (and likely, all other carriers) and to search anyone’s data on Google, Facebook, Skype, Yahoo, etc. But what’s more shocking than the fact that the NSA is doing it is the fact that it’s all on the up-and-up.

Can you hear me now? Then the wiretap is functioning properly.

The wiretapping is allowed by section 215 of the Patriot Act, which was the legislative overreaction to 9/11. (The feds already had all the information they needed to stop the attacks — they just hadn’t put all the pieces together yet.)  Originally, then-Senator Obama was against the KGB-like powers the bill gave to the government agencies, and in 2005, he even sponsored a bill that would’ve put an end to it all. But, in early 2006 the powers that be got to him, and he actually voted to extend the Patriot Act. In this video from his 2008 campaign, he explains why, starting at 3:15:


Long story short, he didn’t think the Patriot Act was all that bad anymore, he tried to make it better and promised to remove the illegal wiretapping via executive order, when he got to office. And so he did: now, the wiretapping still goes on, but it’s all legal. The feds secretly ask a secret court to issue a subpoena for vague “national security” reasons, and it happens. There’s Congressional-ish oversight, in that the 7% of Congressmen — those who sit on the Intelligence Committees — get biannual reports on the NSA’s actions. But, if they don’t like something, all they can do is make vague warnings because all the information they get in those reports is classified. With 93% of Congress in the dark, the rest under a gag order, and the secret court handing out blank checks, the system ensures that abuses of power can never see the light of day.

And again, it’s 100% legal: this is how terrorist wiretapping is supposed to work, under the Patriot Act. As for getting a backdoor to search all the data Google and Facebook have to offer, that’s also legal because it’s all voluntary-ish: the feds offer those companies legal immunity from lawsuits, and in return they get to snoop on everyone conversations. Let’s just hope they don’t accidentally leak more of Petraeus’ emails.

See also:

From NPR

Gay Marriage May Pave The Way For The Legalization Of Polygamy

In the US, marriage licenses were introduced the late 1800s in most states as a way to stop interracial marriages. By the early 1900s, the legal age of sexual consent was raised from 12 (roughly the age when puberty starts) to 16 — though some states still allow marriage as early as 14 years old. The marriage license was then also used to prohibit marriages with people that were too young. Also in the late 19th century, polygamy became illegal throughout the country in response to the rise of the Mormons, and marriage licenses were used to stop it as well. Finally, as homosexuality came out of the shadows in the 1970s, the licenses were used to prevent gay marriage.

marriage license

Since marriage is usually a religious rite, in a country with nearly unlimited religious freedom the government’s interest in marriage should only pertain to secondary issues of taxation and arbitration (inheritance, custody, distribution of assets, etc). Given that, the various prohibitions on marriage by government have never made any sense from the standpoint of civil rights. The issue first came to a head in the 1960s, when the Supreme Court invalidated miscegenation laws prohibiting interracial marriage. Almost fifty years later, the Court is now poised to invalidate the prohibition of gay marriage. If it does, marriage licenses will only have the power to prohibit polygamy and violations of age of consent.

A federal suit challenging Utah’s polygamy law was brought in 2011 by the cast members of the Sister Wives reality TV series, and a decision should come soon. Regardless of the outcome, an appeal will likely be made to the 10th Circuit, and then the Supreme Court. Which brings us back to the current gay marriage case: Justice Sotomayor, who will likely vote for legalization of gay marriage, asked attorney Ted Olson, who is arguing that gay marriage is a fundamental civil right, if any restrictions on marriage can exist. His answer was a “yes”: polygamy can be banned because it’s a law prohibiting conduct, whereas gay marriage bans are based on discrimination of a class of people based on their status as homosexuals. Given that both arguments can be applied to both gays and polygamists, it’s a very weak one.

The Brown Family, from TLC’s ‘Sister Wives’


Prohibition of interracial marriages was based on racism — the view that non-whites were lesser versions of humans, maybe even sub-human, and it would thus be almost as morally wrong for whites to marry them as it would be to marry animals. The prohibition of gay marriage and polygamy is based on religious beliefs. The concept of age of consent is based on a parental desire to prolong the chastity of childhood beyond its natural end at puberty. None of these legal prohibitions have anything to do with the government’s monetary and arbitrative interest in the private, and usually religious, institution of marriage. All four prohibitions are based on the moral fashions of certain periods in our history — fashions which are now changing. In fact, marriage itself is increasingly being seen as an outdated fashion, made pointless by the ease of divorce.

It’s also important to note that legal prohibitions of marriage have little bearing on reality. Whether or not they’re allowed to marry legally, interracial, gay, and polygamous couples/triples/etc still act like they are married for all purposes that matter: they live together, they have sex, they share expenses and have children. The only differences are legal, and therefore artificial: they have to jump through hoops to get certain rights like hospital visitations and power of attorney, and are denied certain benefits, like sharing insurance plans. It’s reminiscent of other toothless prohibitions, like those on alcohol and drugs. If 20th century legislation has taught us anything, it’s that it is almost impossible to legislate morality in a free country: as long as they have the right to privacy, the people will do what they want in their own homes.

Of course, our right to privacy is increasingly being threatened by technology, and it is now easier than ever for a fascist state to impose moral dictates on its population. Which in turn means that it is now more important than ever that our laws not curb the freedoms upon which America was founded.

See also:

via NPR

Petraeus Resignation Highlights The Importance Of Privacy, And Our Lack Of It

NPR has an interesting article on the privacy implications of the Petraeus scandal. The former commander of the US military’s Central Command and then-CIA director had been very carefully conducting an affair with a journalist. Rather than writing each other emails using their own addresses, they created a GMail account in which they would write draft emails: Petraeus would write a draft, log out, then Mrs. Broadwell would log in, read the draft, and write her own. Pretty crafty, but given that he knew all kinds of terrorist tricks from his manhunts, it was maybe not crafty enough. Regardless, the whole thing would’ve probably worked, except that the FBI got involved, and this is where the lack of our electronic privacy comes into focus.

David Petraeus and his wife, Holly Knowlton


We’ve seen before why everyone needs privacy from the government, and Petraeus is a prime argument for it: he did nothing illegal or even, as far as his job, unethical. Yet he was forced to resign because his mistress sent threats to another woman, which led the FBI to their draft GMail account. Very easily at that, because the feds have the power to read all your email that’s older than six months, just by asking. With a warrant, they can read anything of yours that’s online.

In this age, that basically means your whole life. David and Paula should’ve stuck to old-fashioned paper mail and burned the letters or even kept them — no warrant against Mrs. Broadwell would’ve covered searching Petraeus’ property. So in the leap from paper to electronic mail, our privacy has been eroded so much that one of the most powerful figures in the country was brought down by accident. Imagine how much damage the feds can do to you if they actually try.

David Petraeus and his mistress, Paula Broadwell


Of course, technology giveth as much as it taketh away. There are much better alternatives to clandestine communication than a draft folder in a bogus email account. Lifehacker and Gizmodo both have articles on what they could’ve done better:

  • Used a VPN to hide their IP addresses
  • Used encryption, perhaps through a service like Hushmail, to keep the FBI (or anyone) from reading the racy emails — at least for a few years, anyway, until they break the encryption
  • Used a disposable email account that automatically destroys emails after 10 minutes
  • Used text messages written in code and then deleted

But given the considerable hoops that they would’ve had to jump through just to not be accidentally outed, perhaps it’s time to revisit the extent of law enforcement’s snooping powers, and the ease with which they can be wielded. And given that just a month prior to this incident, several people’s homosexuality got outed by accident on Facebook, our everyday technology needs to have more privacy protection built in from the beginning also.

Oh, and if all this resonates with you like a tuning fork, donate to EPIC.

See also:


From NPR, Lifehacker and Gizmodo

That iPhone Is Probably The Most Secure Thing You Own

Ever since the 3GS model, iPhones have had built-in, automatic hardware encryption. That, coupled with a robust operating system with very few security flaws, makes it simple to keep anyone from getting to your data: just turn on password protection for the lock screen (Settings –> General –> Passcode Lock) and pick a strong password, which has more than 10 characters that aren’t words in the dictionary. Once the phone is powered off, it would take even the NSA 25 years to crack its security.


This is because Apple uses 256-bit AES encryption keys that are stored in the phone’s hardware — the same technology used by the government to store top-secret data. Each iPhone has its own key that is randomly generated and stored nowhere else in the world but on that phone. All the data stored on it is always encrypted using that key, meaning that if someone took its memory out manually and tried to read it, it would look like gibberish, unless they had the key with which to decrypt it. The only way to get that key is from the phone itself, while it’s running.

If the phone has no PIN set, getting the key is fairly trivial — but if it does have one, then the intruder would have to guess it first. Using software, PINs can be entered about 12x per second, so what makes breaking in take longer is how many passwords the intruder has to enter before guessing correctly. The longer the password, the more possible combinations of letters and numbers there are to try, and they grow exponentially: a 4-digit PIN takes 13 minutes to guess, a 6-digit one takes a day, and a 10-digit PIN takes 2.5 years.

The strong encryption key and PIN lock — combined with the option to wipe the phone’s data after 10 incorrect PIN entries and the Find My iPhone feature — most likely makes it the hardest consumer good from which to steal information, including safes. The only other smartphone with similar data protection is the once-mighty Blackberry. There are, however, two gotchas to watch out for, both related to data duplication:

  1. The cloud: almost all the information on the iPhone can and usually is pulled from or duplicated on a computer on the Internet. If someone breaks into that computer, they have access to it without going through your phone.
  2. Your home computer: when you sync the iPhones with iTunes, a popular option is to backup the phone’s contents on that computer. Someone could easily hack into that backup file and get all the data on your iPhone, without ever touching it. It might be a little out of date, but still a major treasure trove.

From Technology Review, via Slashdot

Facebook Eavesdrops And Tells On You To The Cops If You’re Bad

Like any good Big Brother, Facebook has to make sure you don’t do anything out of line. After all, as Spiderman taught us, with great power comes great responsibility — and it would be pretty irresponsible for Mark Zuckerberg to not stop statutory rape, drug deals, or movie piracy if he could. And can he ever! After all, everything you say and do on Facebook is stored forever in its metallic memory banks, along with who you said it to and how you know each other.


But thankfully, according to Reuters, our robot overlord tries to protect your privacy from the eyes of other humans and only alerts a warm-blooded person if something looks really suspicious — like if you were going to meet up with a 13 year old girl with no mutual friends after school for some statutory rape. And then, that helpful person calls the cops, sends them your entire Facebook history, and voila! Spiderberg saves another person from the menaces of society. If only cell phone carriers, Skype, Gmail, and heck, even the US Postal Service and UPS did the same thing — think how many lives it would save! Total, automatic surveillance: the utopian panopticon of the future. After all, if you have nothing to hide, what are you worried about?

See also:


From Reuters, via CNET