Saturday, July 27, 2013

The Expanding Security State, or, Orwell Was An Optimist

The attempt by the House to reign in the NSA failed, by a fairly close vote. One of those responsible for killing the legislation was Nancy Pelosi.

The obituary of Rep. Justin Amash's amendment to claw back the sweeping powers of the National Security Agency has largely been written as a victory for the White House and NSA chief Keith Alexander, who lobbied the Hill aggressively in the days and hours ahead of Wednesday's shockingly close vote. But Hill sources say most of the credit for the amendment's defeat goes to someone else: House Minority Leader Nancy Pelosi. It's an odd turn, considering that Pelosi has been, on many occasions, a vocal surveillance critic.

But ahead of the razor-thin 205-217 vote, which would have severely limited the NSA's ability to collect data on Americans' telephone records if passed, Pelosi privately and aggressively lobbied wayward Democrats to torpedo the amendment, a Democratic committee aid with knowledge of the deliberations tells The Cable.

"Pelosi had meetings and made a plea to vote against the amendment and that had a much bigger effect on swing Democratic votes against the amendment than anything Alexander had to say," said the source, keeping in mind concerted White House efforts to influence Congress by Alexander and Director of National Intelligence James Clapper. "Had Pelosi not been as forceful as she had been, it's unlikely there would've been more Democrats for the amendment."
It should be a major embarrassment that only 94 Republicans voted to support the bill. The NSA's surveillance is one of the worst symptoms of Statism, and any Republican that voted against the bill should be investigated to determine if they are merely stupid, or a closet liberal. Or, perhaps, they are being blackmailed....

Unfortunately, even if Snowden safely sequestered in Russia, the hits just keep coming as to the extraordinary steps that the Feds have taken to monitor you and me--to map our personalities. CNET reports:

The U.S. government has demanded that major Internet companies divulge users' stored passwords, according to two industry sources familiar with these orders, which represent an escalation in surveillance techniques that has not previously been disclosed.
If the government is able to determine a person's password, which is typically stored in encrypted form, the credential could be used to log in to an account to peruse confidential correspondence or even impersonate the user. Obtaining it also would aid in deciphering encrypted devices in situations where passwords are reused.
... Some of the government orders demand not only a user's password but also the encryption algorithm and the so-called salt, according to a person familiar with the requests. A salt is a random string of letters or numbers used to make it more difficult to reverse the encryption process and determine the original password. Other orders demand the secret question codes often associated with user accounts.
... An attorney who represents Internet companies said he has not fielded government password requests, but "we've certainly had reset requests -- if you have the device in your possession, than a password reset is the easier way."

 The article indicates that the tech companies have refused to provide passwords, so far. Considering their cooperation in other matters, however, this seems doubtful.

The article goes on to discuss the encryption algorithms and the importance of long passwords using numbers and special symbols in addition to letters. However, there is a caveat:

Even if "the NSA is asking for access to hashed bcrypt passwords," Mazières said, "that doesn't necessarily mean they are cracking them." Easier approaches, he said, include an order to extract them from the server or network when the user logs in -- which has been done before -- or installing a keylogger at the client.
 And if you weren't paranoid enough, this article from Tech Dirt discusses how the Feds are able to track and monitor data streams (video or audio) from cell phones that the user has turned off. (This is actually something that I think people have been aware of for some time, but it is a good reminder, particularly since some phones--such as the IPhone--do not have removable batteries). Snowden asked reporters to place their phones in a refrigerator, which would probably be enough to muffle the voices of the people in the room.

No comments:

Post a Comment