The Cypherpunk Manifestos

24/06/2018

Reading a lot about privacy and anonymity and cryptography and cryptocurrency and Darknet hidden services and Tor lately.  Something that has caught my attention is the Cypherpunk movement, and their manifestos.

bitcoin

Without anonymous currency, we don’t have real anonymity

The earliest one seems to be The Crypto Anarchist’s Manifesto, written by Timothy C May in 1988.  Here’s a link to it.  Written thirty years ago, but very of the moment even now.  Read how it opens:

Computer technology is on the verge of providing the ability for individuals and groups to communicate and interact with each other in a totally anonymous manner. Two persons may exchange messages, conduct business, and negotiate electronic contracts without ever knowing the True Name, or legal identity, of the other. Interactions over networks will be untraceable, via extensive re-routing of encrypted packets and tamper-proof boxes which implement cryptographic protocols with nearly perfect assurance against any tampering. Reputations will be of central importance, far more important in dealings than even the credit ratings of today. These developments will alter completely the nature of government regulation, the ability to tax and control economic interactions, the ability to keep information secret, and will even alter the nature of trust and reputation.

A cypherpunk’s manifesto” by Eric Hughes, is also very relevant, even though it is 26 years old.  Here’s a bit:

Cypherpunks write code. We know that someone has to write software to defend privacy, and since we can’t get privacy unless we all do, we’re going to write it. We publish our code so that our fellow Cypherpunks may practice and play with it. Our code is free for all to use, worldwide. We don’t much care if you don’t approve of the software we write. We know that software can’t be destroyed and that a widely dispersed system can’t be shut down.

Cypherpunks deplore regulations on cryptography, for encryption is fundamentally a private act. The act of encryption, in fact, removes information from the public realm. Even laws against cryptography reach only so far as a nation’s border and the arm of its violence. Cryptography will ineluctably spread over the whole globe, and with it the anonymous transactions systems that it makes possible.

This is stuff that could have been written yesterday.  The technologies required for true anonymity have broken out fairly recently: encryption, cryptocurrency, all this has come to a head now.  If we don’t seize this opportunity, maybe we don’t deserve it.

bmc-yellow


Darknet Part 1: What is the darknet and why should I care?

23/06/2018

 

Welcome to Part 1 of my guide to the Darknet.  Well, I say “mine” but it’s actually by many people.  And, just so you all know I’m not trying to pass off this guide as my own words, I’m going to show the words actually coming out of their true creators’ mouths, thanks to the miracle of video streaming over the internet! Thanks be to Youtube,eh!!

Okay, part 1 of this series is a primer on the Deep Web and the Darknet.  It’s a TEDx talk by Alex Winter (of Bill & Ted fame), entitled “The Darknet isn’t what you think”.  There are some misconception about what illegal services were available through the Silk Road website.  For instance child pornography was banned.  Stolen goods weren’t allowed.  Ads for contract killers weren’t allowed.

Anyway, check out the vid.  Enjoy!

Next time: A film about the rise and fall of the Silk Road

 


Apple closes security loophole in iPhones and other iOS devices

14/06/2018

Today Apple is closing a security loophole in iPhones and other iOS devices that enabled law enforcement to hack into criminals’ devices, inculding one of the San Bernadino killers.

They have introduced “Restricted USB Mode”, which will stop hackers from extracting data through an iPhone’s lightning port an hour after being locked.  It is believed that this is how the FBI were able to read data from the iPhone belonging to a gunman involved in the shootings in San Bernadino.

Apple says this is part of their usual security reviews, and is not aimed at thwarting law enforcement but is to protect users from criminals.

GreyKey-box

The GreyKey device that hacks into locked iPhones via its Lightning port

This will protect iPhones from the iPhone hacking tool GreyKey.

The new default settings will have a feature Apple call a “USB restricted mode” which has been present in developer betas for both iOS 12 and iOS 11.4.1. With this feature, all communication through a Lightning port to USB connection will be blocked on unlocked and dormant devices.

US law enforcement uses a tool called a GrayKey, which is a small box with two Lightning cables that can unlock password encryptions on iPhones and extract data from  iPhones.  The Restricted USB Mode will cut off the GreyKey’s access.

hacked-iphone

The GreyKey device reveals a locked iPhone’s passcode in as little as 30 seconds

Of course the cops believe this is aimed firmly at law enforcement, and will result in criminals and terrorists getting away with serious crimes.

“I think that privacy protections are on a collision course with responsible law enforcement actions to conduct legitimate investigations,” said Ronald Hosko, a former assistant director of the FBI who is now president of the Law Enforcement Legal Defense Fund, which raises money to defend officers accused of misconduct. “Terrorists or other criminal organizations will do something that’s heinous, in a way that is blocked from lawful law enforcement view. They will to some extent get away with it. We will lose lives, we will lose infrastructure in a big way, and then we will be having a different conversation.”

bmc-orange


Want some privacy and security online? Check out ibVPN!

04/07/2015

I’ve been using using ibVPN for a while, and I think it’s great.  In case you don’t know, “VPN” means Virtual Priivate network.  To use Webopedia’s definition:

VPN is pronounced as separate letters and is short for virtual private network.

VPN is a network that is constructed by using public wires — usually the Internet — to connect to a private network, such as a company’s internal network. There are a number of systems that enable you to create networks using the Internet as the medium for transporting data. These systems use encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

At ibVPN they delete their logs after 10 days, which no doubt frustrates the police.  But they need to learn: Not all users of VPNs and other privacy tools are terrorists or drug traffickers.  Using a VPN, or encryption tools like PGP/GPG is like putting a letter in an envelope rather than sending a postcard that anyone can see.  I think having a private life is an essential human right.

In fact, I’ll offer Cameron and his cronies a deal: if they start posting their private emails, texts, Instant Messages and letters on a website for all to read, I’ll stop using a VPN.  I’m not talking about secret government correspondence.  Just their private, personal communications.

We got a deal, Dave?  Hmm, I guess not.


‘We can intercept your Google and Facebook activity all we want, so screw you!’ says UK government

17/06/2014

The British government has for the first time spelt out why it thinks it has the right to snoop on our Google, Facebook and other internet traffic all it wants.

Charles Farr, the Director General of the Office for Security and Counter Terrorism, has made a statement (available here) that claims according to UK law the security services only need to get warrants to snoop on communications from one UK party to another. Traffic to and from services like Google (which includes Gmail) and Facebook are classed as “external communications”, for which no warrants are required.

This is horrendous. The internet is a network of networks, many of which are in other countries. So a large amount of our online activity will be transferred via networks in the USA and other countries even if the activity is practically domestic. If you send an email via Gmail to another UK citizen, the government classes it as an “external communication”. The same will be true of activity on Facebook, Twitter, and a great many other services, even though your intention is to communicate or share with other UK residents. Tempora, the program run by the British snooping agency GCHQ, gathers data and metadata, then shares it with the NSA. This means that practically all our online activities are stored, and can be used in fishing expeditions, even though GCHQ or NSA do not suspect you of any potentially criminal activity. Tempora is a “buffer” which stores internet data for 3 days and metadata for 30 days. GCHQ’s computers sift through all this data, storing anything that is “of interest”, which means that online privacy really is nonexistent. Which is what many of us have assumed for ages (especially after Edward Snowden’s revelations), but now it’s official.

What really exasperates me is that major criminals and terrorists will be taking steps to avoid this already, for example by using a VPN (Virtual Private Network). The real victims of GCHQ’s activities are us ordinary joes who are not engaged in criminal conspiracies but who want privacy (like people who send letters in sealed envelopes rather than postcards). We could encrypt our communications; but how many of us want to do this? and I’ll bet Tempora looks out for encrypted traffic and logs it as suspect.

The law needs changing. But that’s not going to happen. Why would the government give up these powers? So, I’m going to use my VPN account when I go online, and I advise everyone else to do the same. Tempora’s alarms will be set off by my suspicious activity; but if everyone is doing it GCHQ’s systems will overload. I hope. Remember, GCHQ has supercomputers and massive storage facilities. Big Brother, man! 1984 man!

Locations of visitors to this page


free web stat


Privacy really is (nearly) dead

16/06/2013

Should government agencies be able to track your email traffic, internet browsing, physical location, when you have a crap? Pretty redundant question really. As Bruce Schneier has written, the Prism programme, run by the NSA, has been going on for some time… we only know about it because the unbelievably brave whistle-blower Edward Snowden revealed it to carefully chosen journalists, who have blown the lid on the gig. The NSA have been collecting info on whoever they choose – American, British, whoever – for quite some time, with no judicial oversight at all. That means, the NSA has been spying on the entire world, without even having to get a warrant!

I don’t think there’s much we can do about this. Extraordinary rendition, third-party torture, secret prisons run by the CIA all over the world: this is the status quo. The genie is out of the bottle, and it’s pretty much impossible to cram the bastard back in. All we can do is look to our own privacy and that of our friends, as well as we can (and remember: the NSA has been constructing a massive data storing/trawling centre in Utah; so they can collect as much as they like without worrying about storage capacity – they could conceivably spy on all of us, every person with a phone line or other internet connection, anytime, anywhere.

The other thing we can do is support whistle blowers like Snowden, Bradley Manning, Julian Assange… and all the others out there. As Schneier says in his article on the matter (and I really do urge you to follow his blog
):

The U.S. government is on a secrecy binge. It overclassifies more information than ever. And we learn, again and again, that our government regularly classifies things not because they need to be secret, but because their release would be embarrassing.

Knowing how the government spies on us is important. Not only because so much of it is illegal — or, to be as charitable as possible, based on novel interpretations of the law — but because we have a right to know. Democracy requires an informed citizenry in order to function properly, and transparency and accountability are essential parts of that. That means knowing what our government is doing to us, in our name. That means knowing that the government is operating within the constraints of the law. Otherwise, we’re living in a police state.

We need whistle-blowers.

Leaking information without getting caught is difficult. It’s almost impossible to maintain privacy in the Internet Age. The WikiLeaks platform seems to have been secure — Bradley Manning was caught not because of a technological flaw, but because someone he trusted betrayed him — but the U.S. government seems to have successfully destroyed it as a platform. None of the spin-offs have risen to become viable yet. The New Yorker recently unveiled its Strongbox platform for leaking material, which is still new but looks good. This link contains the best advice on how to leak information to the press via phone, email, or the post office. The National Whistleblowers Center has a page on national-security whistle-blowers and their rights.

Leaking information is also very dangerous. The Obama Administration has embarked on a war on whistle-blowers, pursuing them — both legally and through intimidation — further than any previous administration has done. Mark Klein, Thomas Drake, and William Binney have all been persecuted for exposing technical details of our surveillance state. Bradley Manning has been treated cruelly and inhumanly — and possibly tortured — for his more-indiscriminate leaking of State Department secrets.

The Obama Administration’s actions against the Associated Press, its persecution of Julian Assange, and its unprecedented prosecution of Manning on charges of “aiding the enemy” demonstrate how far it’s willing to go to intimidate whistle-blowers — as well as the journalists who talk to them.

But whistle-blowing is vital, even more broadly than in government spying. It’s necessary for good government, and to protect us from abuse of power.

We need details on the full extent of the FBI’s spying capabilities. We don’t know what information it routinely collects on American citizens, what extra information it collects on those on various watch lists, and what legal justifications it invokes for its actions. We don’t know its plans for future data collection. We don’t know what scandals and illegal actions — either past or present — are currently being covered up.

We also need information about what data the NSA gathers, either domestically or internationally. We don’t know how much it collects surreptitiously, and how much it relies on arrangements with various companies. We don’t know how much it uses password cracking to get at encrypted data, and how much it exploits existing system vulnerabilities. We don’t know whether it deliberately inserts backdoors into systems it wants to monitor, either with or without the permission of the communications-system vendors.

And we need details about the sorts of analysis the organizations perform. We don’t know what they quickly cull at the point of collection, and what they store for later analysis — and how long they store it. We don’t know what sort of database profiling they do, how extensive their CCTV and surveillance-drone analysis is, how much they perform behavioral analysis, or how extensively they trace friends of people on their watch lists.

We don’t know how big the U.S. surveillance apparatus is today, either in terms of money and people or in terms of how many people are monitored or how much data is collected. Modern technology makes it possible to monitor vastly more people — yesterday’s NSA revelations demonstrate that they could easily surveil everyone — than could ever be done manually.

Whistle-blowing is the moral response to immoral activity by those in power. What’s important here are government programs and methods, not data about individuals. I understand I am asking for people to engage in illegal and dangerous behavior. Do it carefully and do it safely, but — and I am talking directly to you, person working on one of these secret and probably illegal programs — do it.

If you see something, say something. There are many people in the U.S. that will appreciate and admire you.

For the rest of us, we can help by protesting this war on whistle-blowers. We need to force our politicians not to punish them — to investigate the abuses and not the messengers — and to ensure that those unjustly persecuted can obtain redress.

It must be really scary, blowing the whistle when you see things going on that just shouldn’t be happening. But we have to blow the whistle nevertheless. Otherwise, governments and their corporate buddies will just become more and more untouchable. They will be able to do what they want to whoever they want whenever, wherever and however they want. Is that the world you want to live in?

That very nearly is the world we’re living in. Only the glare of publicity can stop our world evolving into a massive police state. Do you want that?

Locations of visitors to this page


free web stat


Robin Walker – what a nasty piece of Tory to find on the sole of your shoe!

01/05/2013

I am a member of online campaign groups like 38 Degrees and Open Rights Group. These are groups that ask members what campaigns it should get involved with, then the group will call on its members to send to local MPs. ministers and other such, so our will is focused and targeted and helps ensure that the government and others can’t just ignore us. Divided we are nothing. United we can do anything… well, the government can’t just ignore us.

My local MP is the Tory Robin Walker. Incidentally, his late father Peter Walker (1932-2010) was MP for Worcester until 1992, when he resigned as MP and was sent to the House of Lords to do his masters’ work. Robin has been a pretty engaged MP – he has replied to every email I’ve sent him (he uses official House of Commons writing paper and envelopes – you would have thought that Parliament had discouraged use of snail mail) but only once has he expressed agreement with my point, about the Defamation Bill). Most recently he sent me a (probably form) letter telling me how important it was that the government keep my communication and other logs for all eternity just in case I were a terrorist or paedophile. He wrote:

Communications data is vital for the police in their fight against crime, including serious offences, such as child abuse, drug-dealing and terrorism.

Note the use of the “big 3″: child abuse, drug-dealing and terrorism”. The suggestion is that opposing the Data Communications Data Bill is, or supports, nonces, pushers and suicide bombers. Thanks Robin; yet another reason to avoid voting for him when the general election comes round.

Right now, I don’t have a clue who’ll get my vote: it won’t be the Conservatives, the Lib Dems are no longer a viable choice…if Ed Miliband can drag Labour back to the left I might put my mark by his name; but how likely will that happen?

Brits are wage-slaves, with mortgages and their children’s educations keeping the populace keeping their nose to the stone, while bankers, corporate directors and other vested interests keep their money in tax havens. But don’t worry: the Conservatives want your personal data, phone logs, emails, bowel movements, whatever, stored for all eternity in a massive computer system that probably fail (as do most government-contracted computer systems do). We’re stuck with this situation unless someone does something about it.

Who’s your MP? Does he care about you? I’d love to see along string of Comments to this post, telling us how our MPs act for our best interests. And my current voting advice regarding the next election: go to the voting station, spoil your ballot (I like to write at the bottom of the voting card “None of the above” and a X in a box next to it), put it in the black box, and be on your way. This is not apathy, this is showing the establishment that the status quo must end.

Locations of visitors to this page


free web stat


%d bloggers like this: