Blog

  • Microsoft Makes Skype Easier To Monitor

    posted by Keito
    2012-07-27 19:51:49
    "New surveillance laws being proposed in countries from the United States to Australia would force makers of online chat software to build in backdoors for wiretapping. For years, the popular video chat service Skype has resisted taking part in online surveillance—but that may have changed. And if it has, Skype’s not telling.

    Historically, Skype has been a major barrier to law enforcement agencies. Using strong encryption and complex peer-to-peer network connections, Skype was considered by most to be virtually impossible to intercept. Police forces in Germany complained in 2007 that they couldn’t spy on Skype calls and even hired a company to develop covert Trojans to record suspects’ chats. At around the same time, Skype happily went on record saying that it could not conduct wiretaps because of its “peer-to-peer architecture and encryption techniques.”

    Recently, however, hackers alleged that Skype made a change to its architecture this spring that could possibly make it easier to enable “lawful interception” of calls. Skype rejected the charge in a comment issued to the website Extremetech, saying the restructure was an upgrade and had nothing to do with surveillance. But when I repeatedly questioned the company on Wednesday whether it could currently facilitate wiretap requests, a clear answer was not forthcoming. Citing “company policy,” Skype PR man Chaim Haas wouldn’t confirm or deny, telling me only that the chat service “co-operates with law enforcement agencies as much as is legally and technically possible.”
    "

    As reported on Slashdot: "Skype has gone under a number of updates and upgrades since it was bought by Microsoft last year, mostly in a bid to improve reliability. But according to a report by the Washington Post, Skype has also changed its system to make chat transcripts, as well as users' addresses and credit card numbers, more easily shared with authorities."

    ***

    'Hacker groups and privacy experts have been speculating for months that Skype had changed its architecture to make it easier for governments to monitor, and many blamed Microsoft, which has an elaborate operation for complying with legal government requests in countries around the world.

    “The issue is, to what extent are our communications being purpose-built to make surveillance easy?” said Lauren Weinstein, co-founder of People for Internet Responsibility, a digital privacy group. “When you make it easy to do, law enforcement is going to want to use it more and more. If you build it, they will come.’’'

    http://www.washingtonpost.com/business/economy/skype-makes-chats-and-user-data-more-available-to-police/2012/07/25/gJQAobI39W_story.html?hpid=z1

    http://www.slate.com/blogs/future_tense/2012/07/20/skype_won_t_comment_on_whether_it_can_now_eavesdrop_on_conversations_.html
  • Why Shouldn't I Work for the NSA? (Good Will Hunting)

    posted by Keito
    2012-07-26 21:32:31
  • An Open Letter to Defcon Hackers: Don’t Sell Out to the NSA (2011)

    posted by Keito
    2012-07-26 21:32:59
    Dear Hackers,

    Word on the internet is that the National Security Agency (NSA)—of which I’m sure you’re well aware—has very publicly stated it’s setting up shop at Defcon alongside corporations to recruit hackers to the dark side.

    As reported by Reuters, Richard “Dickie” George, technical director of the NSA’s Information Assurance Directorate (cyber defense wing)–we’ll henceforth call him Simply Dick—is looking to recruit you to work on the “hardest problems on Earth.” They’re appealing to your ego, your vanity. Simply Dick is looking for hackers only in it for the game; those willing to become pro-state, or at least ideologically neutral.

    In short, they are looking for those willing to sell out. The deal? No threat of prison and a steady paycheck doing the power’s bidding.

    Let’s briefly consider some of the hard problems you’ll be working on. You’ll be part of an immense bureaucratic apparatus that operates in the United States, spying on its own citizens through warrantless wiretaps, except you won’t be wiretapping phones, you’ll be tapping American citizens’ emails, search results and other communications. And there are domestic projects that the NSA keep secret and thus beyond our current awareness.

    Maybe some of you already hack average American citizens and you’ll have no problem doing such work for a government spy agency or a corporation. Then the NSA or Bank of America is probably where you belong. Good luck.

    You’ll be disrupting state and individual sovereignty daily in foreign countries, all to ensure political, economic and military hegemony; though you will be told that it’s simply to combat terrorism. Maybe you’ll have some fun going after Chinese hackers, but couldn’t you just as easily do this from the comfort of your own home without a suit telling you what to do?

    But none of this concerns me as much as the idea that people with the talent to hold government to account would so willingly join its ranks.

    In the future, hackers will be integral to dissent—in a sense, you already are in light of WikiLeaks, Anonymous and LulzSec.

    Those of us without hacking expertise do expect that some of you will work for the state, whether it’s because you’re ideologically neutral or you’re a patriot and want to smoke the evildoers out of their caves. But, we also hope far more of you won’t sell out—that you will maintain the counter-culture and grow it.

    Indeed, we hope that most of you stay out of the NSA’s monolithic spy palace to keep the assholes in our government honest.

    Simply Dick knows that you have the capabilities to check power or even threaten its very existence. Simply Dick is counting on the NSA’s power of persuasion.

    Don’t let him whisper sweet nothings in your ears.

    Best,

    D. J. Pangburn
  • NSA Chief To Address Hackers At DEF CON

    posted by Keito
    2012-07-24 20:15:08
    "Later this week, the NSA's organizational leader and head of the U.S. Cyber Command – General Keith Alexander — will address an audience of hackers at DEF CON. News of General Alexander's talk at Def Con broke on Friday. Up until that point, the 12:00 Track 1 slot was kept secret, leaving attendees to the world's largest hacker conference to speculate. The buzz was that it would be something interesting – if only because this year is Def Con's 20th anniversary. General Alexander will be giving a talk titled 'Shared Values, Shared Responsibility,' which is outlined as a presentation that will focus on the shared core values between the hacker community and the government's cyber community. Namely, the vision of the Internet as a positive force, the fact that information increases value by sharing, the respect and protection of privacy and civil liberties, and the opposition to malicious and criminal behavior."

    Yes, you read that right... The NSA's organizational leader and head of the U.S. Cyber Command – General Keith Alexander — will lecture others on 'Shared Values', 'Shared Responsibility', protection of privacy and civil liberties, and the opposition to criminal behaviour.

    In other news, 'hypocrisy' is to be redacted out of the dictionary from 2012 onward.

    As Tubesteak on Slashdot quite rightly states... "Since when does the NSA respect privacy?
    From MINARET and SHAMROCK to ECHELON, Stellar Wind, and warrantless wiretapping, they've done nothing but disrespect privacy.

    Shit. FISA was passed into law specifically because the NSA was spying on Americans.
    And then Bush came along and did his best to piss all over the minimal protections provided by FISA [wikipedia.org]
    And Congress helped by giving retroactive immunity to the Telecoms for illegally enabling the NSA's surveillance.

    The Director of the NSA is in for a tough time if he's really going to claim that the NSA respects privacy."

    http://news.slashdot.org/story/12/07/24/0016240/nsa-chief-to-address-hackers-at-def-con