RSA takes one for the team, but which team?

RSA_EMCEdward Snowden says (according to Reuters) that RSA Security accepted $10 million from the National Security Agency in exchange for installing (or allowing to have installed) a secret backdoor so the NSA could decrypt messages as it pleased. Hell no says RSA (a division of storage vendor EMC), stating in very strong terms that this was not at all the case. But then in a second day look at the RSA/EMC statement bloggers began to see the company as dissembling, their firm defense as really more of a non-denial denial. So what’s the truth here and what’s the lesson?

For the truth I reached deep into the bowels of elliptic […]

By |December 24th, 2013|2013, Government, Industry, Internet, Politics, Privacy and Security, Public Relations, Technology, Uncategorized|53 Comments
Read More

Gallows humor for the NSA privacy debate

williamsessionsIt’s hard to believe sometimes, but I began writing this column — in print back then — during the Reagan Administration. It was 1987 and the crisis du jour was called Iran-Contra, remember it? Colonel Oliver North got a radio career out of breaking federal law. The FBI director back then was William Sessions, generally called Judge Sessions because he had been a federal judge. I interviewed Sessions in 1990 about the possibility that American citizens might have their privacy rights violated by an upcoming electronic surveillance law. “What would keep an FBI agent from tapping his girlfriend’s telephone?” I asked, since it would shortly be possible to do so from the agent’s desk.

“It would never […]

By |December 16th, 2013|2013, Government, Privacy and Security|35 Comments
Read More

The Google File System makes NSA’s hack blatantly illegal and they know it

nsa_google_snoopThe latest Edward Snowden bombshell that the National Security Agency has been hacking foreign Google and Yahoo data centers is particularly disturbing. Plenty has been written about it so I normally wouldn’t comment except that the general press has, I think, too shallow an understanding of the technology involved. The hack is even more insidious than they know.

The superficial story is in the NSA slide (above) that you’ve probably seen already. The major point being that somehow the NSA — probably through the GCHQ in Britain — is grabbing virtually all Google non-spider web traffic from the Google Front End Servers, because that’s where the SSL encryption is decoded.

Yahoo has no such encryption.

The major point […]

By |November 2nd, 2013|Breaking News, Government, Internet, Privacy and Security|44 Comments
Read More

Privacy is dead and here’s how

privacy-do-not-disturb

My friend Dave Taht, who battles bufferbloat for us all, pointed me today to a document from the Wireless Internet Service Provider Association. It’s the WISPA CALEA Compliance Guide, which details most of the rules that wireless ISPs are required to follow by CALEA — the Communications Assistance for Law Enforcement Act of 1994. These rules, variants of which apply to all telcos and to ISPs of all kinds (not just wireless), say what those companies are required to do to comply with the law. More directly, it specifies how they can be required to intercept customer communications and relay that content to law enforcement agencies.

Read it if you have a moment. The document, which is […]

By |October 21st, 2013|2013, Government, Internet, Privacy and Security, Technology|56 Comments
Read More

What if Marissa Mayer went to jail?

Dai SuganoWednesday at the TechCrunch Disrupt conference in San Francisco, Yahoo CEO Marissa Mayer presented her company’s side of fighting the National Security Agency over requests to have a look-see at the data of Yahoo users. It’s a tough fight, said Mayer, and one that takes place necessarily in private. Mayer was asked why tech companies had not simply decided to tell the public more about what the U.S. surveillance industry was up to. “Releasing classified information is treason and you are incarcerated,” she said.

Go directly to jail?

No.

How would that work, exactly? Would black helicopters — silent black helicopters — land at Yahoo Intergalactic HQ and take Marissa Mayer away in chains? Wouldn’t that defeat the […]

By |September 12th, 2013|2013, Breaking News, Government, Internet, Privacy and Security|52 Comments
Read More