Telecom Crimes & Punishment
Telecom Crimes
Violation of the Fourth Amendment to the Constitution
Violation of the First Amendment to the Constitution
Unlawful electronic surveillance or disclosure or use of information obtained by electronic surveillance in violation of 50 U.S.C. §1809.
Unlawful interception, use or disclosure of Class communications in violation of 18 U.S.C. § 2511
Unlawful solicitation and obtained disclosure of the contents of communications in violation of 18 U.S.C. § 2702(a)(1) or (a)(2)
Unlawful solicitation and obtained disclosure of non-content records or other information in violation of 18 U.S.C. § 2702(a)(3)
Violation of the Administrative Procedures Act
Violation of the constitutional principle of separation of powers
Telecom Punishment
Congress votes to immunize lawbreaking telecoms, legalize warrantless eavesdropping
Yet again, George Bush and Dick Cheney get everything they want from the Democratic-led Congress, this time to put a permanent, and harmless, end to their illegal spying scandal.
By Glenn Greenwald, Wednesday, Jul 9, 2008 11:11 AM PDT, Salon.com
(updated below – Update II)
The Democratic-led Congress this afternoon voted to put an end to the NSA spying scandal, as the Senate approved a bill -- approved last week by the House -- to immunize lawbreaking telecoms, terminate all pending lawsuits against them, and vest whole new warrantless eavesdropping powers in the President. The vote in favor of the new FISA bill was 69-28. Barack Obama joined every Senate Republican (and every House Republican other than one) by voting in favor of it, while his now-vanquished primary rival, Sen. Hillary Clinton, voted against it. John McCain wasn't present for any of the votes, but shared Obama's support for the bill. The bill will now be sent to an extremely happy George Bush, who already announced that he enthusiastically supports it, and he will sign it into law very shortly.
Prior to final approval, the Senate, in the morning, rejected three separate amendments which would have improved the bill but which, the White House threatened, would have prompted a veto. With those amendments defeated, the Senate then passed the same bill passed last week by the House, which means it is that bill, in unchanged form, that will be signed into law -- just as the Bush administration demanded.
The first amendment, from Sens. Dodd, Feingold and Leahy, would have stripped from the bill the provision immunizing the telecoms. That amendment failed by a vote of 32-66, with all Republicans and 17 Democrats against (the roll call vote is here). The next amendment was offered by Sen. Arlen Specter, which would have merely required a court to determine the constitutionality of the NSA spying program and grant telecom immunity only upon a finding of constitutionality. Specter's amendment failed, 37-61 (roll call vote is here). The third amendment to fail was one sponsored by Sen. Jeff Bingaman, merely requiring that the Senate wait until the Inspector General audits of the NSA program are complete before immunizing the telecoms. The Bingaman amendment failed by a vote of 42-56 (roll call vote here). Both Obama and Clinton voted for all three failed amendments.
The Senators then voted for "cloture" on the underlying FISA bill -- the procedure that allows the Senate to overcome any filibusters -- and it passed by a vote of 72-26. Obama voted along with all Republicans for cloture. Hillary Clinton voted with 25 other Democrats against cloture (strangely, Clinton originally voted AYE on cloture, and then changed her vote to NAY; I'm trying to find out what explains that).
With cloture approved, the bill itself then proceeded to pass by a vote of 69-28 (roll call vote here), thereby immunizing telecoms and legalizing warrantless eavesdropping. Again, while Obama voted with all Republicans to pass the bill, Sen. Clinton voted against it.
Obama's vote in favor of cloture, in particular, cemented the complete betrayal of the commitment he made back in October when seeking the Democratic nomination. Back then, Obama's spokesman -- in response to demands for a clear statement of Obama's views on the spying controversy after he had previously given a vague and noncommittal statement -- issued this emphatic vow:
To be clear: Barack will support a filibuster of any bill that includes retroactive immunity for telecommunications companies.
But the bill today does include retroactive immunity for telecommunications companies. Nonetheless, Obama voted for cloture on the bill -- the exact opposition of supporting a filibuster -- and then voted for the bill itself. A more complete abandonment of an unambiguous campaign promise is difficult to imagine. I wrote extensively about Obama's support for the FISA bill, and what it means, earlier today.
With their vote today, the Democratic-led Congress has covered-up years of deliberate surveillance crimes by the Bush administration and the telecom industry, and has dramatically advanced a full-scale attack on the rule of law in this country. As I noted earlier today, Law Professor and Fourth Amendment expert Jonathan Turley was on MSNBC's Countdown with Rachel Maddow last night and gave as succinct an explanation for what Democrats -- not the Bush administration, but Democrats -- have done today. Anyone with any lingering doubts about what is taking place today in our country should watch this:
What is most striking is that when the Congress was controlled by the GOP -- when the Senate was run by Bill Frist and the House by Denny Hastert -- the Bush administration attempted to have a bill passed very similar to the one that just passed today. But they were unable to do so. The administration had to wait until Harry Reid, Nancy Pelosi and the Democrats took over Congress before being able to put a corrupt end to the scandal that began when, in December of 2005, the New York Times revealed that the President had been breaking the law for years by spying on Americans without the warrants required by law.
Yet again, the Democratic Congress ignored the views of their own supporters in order to comply with the orders and wishes of the Bush administration. It is therefore hardly a surprise that, yesterday, Rasmussen Reports revealed this rather humiliating finding:
Congressional Approval Falls to Single Digits for First Time Ever
The percentage of voters who give Congress good or excellent ratings has fallen to single digits for the first time in Rasmussen Reports tracking history. This month, just 9% say Congress is doing a good or excellent job. Most voters (52%) say Congress is doing a poor job, which ties the record high in that dubious category.
The Congress, with a powerful cast of bipartisan lobbyists and the establishment media class lined up behind telecom immunity and warrantless eavesdropping, looked poised to pass this bill back last December, but a large-scale protest was organized -- largely online -- by huge numbers of American who were opposed to warrantless eavesdropping and telecom immunity, and that protest disrupted that plan (the movement borne of opposition to this bill is only beginning today, not ending, here). Today, Sen. Chris Dodd, the leader of the opposition effort along with Russ Feingold, said this on the Senate floor:
Lastly, I want to thank the thousands who joined with us in this fight around the country -- those who took to the blogs, gathered signatures for online petitions and created a movement behind this issue. Men and women, young and old, who stood up, spoke out and gave us the strength to carry on this fight. Not one of them had to be involved, but each choose to become involved for one reason and one reason alone: Because they love their country. They remind us that the "silent encroachments of those in power" Madison spoke of can, in fact, be heard, if only we listen.
Today, the Democratic-led Senate ignored those protests, acted to protect the single most flagrant act of Bush lawbreaking of the last seven years, eviscerated the core Fourth Amendment prohibition of surveillance without warrants, gave an extraordinary and extraordinarily corrupt gift to an extremely powerful corporate lobby, and cemented the proposition that the rule of law does not apply to the Washington Establishment.
* * * * *
I was on the Brian Lehrer Show this morning debating the FISA bill with former Clinton National Security Advisor Nancy Soderberg (who favors the bill). Because of some technical difficulties, I wasn't on the show until roughly 7:30 in. That debate can be heard here. Tomorrow, at 10:00 a.m. EST, I'll be on NPR's On Point to discuss the Obama campaign and the FISA vote. That can be heard here.
UPDATE: The ACLU announced today that it will challenge this bill in court as soon as it is passed on the ground that its warrantless eavesdropping provisions violate the Fourth Amendment:
In advance of the president's signature, the ACLU announced its plan to challenge the new law in court.
"This fight is not over. We intend to challenge this bill as soon as President Bush signs it into law," said Jameel Jaffer, Director of the ACLU National Security Project. "The bill allows the warrantless and dragnet surveillance of Americans' international telephone and email communications. It plainly violates the Fourth Amendment."
EFF, the other non-profit organization behind the telecom lawsuits, announced the same, emphasizing the unconstitutionality of the grant of immunity. That challenge will likely be on the ground that by resolving these pending lawsuits in favor of the telecoms, Congress has usurped the judicial function -- one which the Constitution, in Article III, assigns to the courts, not to Congress or the President ("The judicial Power of the United States, shall be vested in one supreme Court, and in such inferior Courts as the Congress may from time to time ordain and establish").
The effort to target those responsible for this travesty is here.
Those wishing to donate to the campaign (the objectives and strategies of which I detailed here) in advance of the August 8 Money Bomb can do so here.
UPDATE II: Democrats generally, and especially the vocal minority of all-justifying Obama supporters, defend behavior such as today's vote by arguing that it prevents the Republicans from depicting them as "weak" (see, for instance, this classic in that genre). Here are the headlines which, as usual, Democrats generated today with their full-scale complicity and capitulation:
Will Democrats ever learn that the reason they are so easily depicted as "weak" isn't because they don't copy the Republican policies on national security enough, but rather, because they do so too much, and thus appear (accurately) to stand for nothing? Of course, many Democrats vote for these policies because they believe in them, not because they are "surrendering." Still, terms such as "bowing," "surrendering," "capitulating," and "losing" aren't exactly Verbs of Strength. They're verbs of extreme weakness -- yet, bizarrely, Democrats believe that if they "bow" and "surrender," then they will avoid appearing "weak." Somehow, at some point, someone convinced them that the best way to avoid appearing weak is to be as weak as possible.
http://www.salon.com/2008/07/09/fisa_vote/
Senate Approves Telco Amnesty, Legalizes Bush's Secret Spy Program
by Ryan Singel 02.12.08 2:59 PM, wired.com
The Senate overwhelming voted Tuesday evening to legalize President Bush's warrantless wiretapping program and grant amnesty to the phone companies that helped out with the domestic spying..
The 68 to 29 vote is a major step in radically re-configuring 30 year-old limits on how the nation's spying services operate inside America's borders. The vote also deals a severe blow to civil liberties groups that are suing companies such as AT&T and Verizon for turning over millions of American's phone records to the government, and for helping the government wiretap American's phone and internet communications without a court order.
The bill, which expires in six years, allows the government to install permanent wiretapping outposts in telephone and internet facilities inside the United States without a warrant. However, if those wiretaps are used to target Americans inside or outside of the country, the government would have to get a court order. However, if the target is a foreigner or a foreign corporation, and they call an American or an American calls them, no warrant is required.
Prior to this summer, the intelligence community was forbidden by law from wiretapping phone and internet switches inside the United States, unless they had a particular target in mind and applied for a court order from the secretive Foreign Intelligence Surveillance Court. That court largely rubber stamps such applications -- it approved 2,072 in 2005 and required modifications to only 61 of those.
But government spies say the paperwork is too onerous and that the process is ill-fitted to the wider surveillance the president launched in October 2001.
Before the changes to the Foreign Intelligence Surveillance Act becomes law, however, the Senate must reconcile it with a corresponding bill from the House.
Currently the House bill, known as the Restore Act, more sharply limits the government's authority to spy inside the United States without a warrant. It also does not include a telecom amnesty provision. The House now faces the option of adopting the Senate's version, or horse-trading immunity for more limits on the nation's spooks.
Senator Christopher Dodd (D-Connecticut), one of the bill's most outspoken opponents, had vowed to filibuster the bill, but that opportunity was lost Tuesday with a cloture vote that limited debate on the final bill to just four hours. Dodd's filibuster threat worked to delay passage in December, but on Tuesday, he told reporters it was time for the debate to move to the House.
"You run out of string on these things," Dodd said.
"I'd just as soon have this go to the House floor. I'm going to move this thing along. We are not getting anywhere here," Dodd said, referring to the Democrat-controlled Senate where his amendment to remove immunity needed 20 more votes to pass.
This summer the Congress reacted to extreme statements from the Administration and gave the government wide powers to spy inside America with the passage of the Protect America Act in August.
But that bill was set to expire on Feb.1., and through a short term extension early this month, now expires on Feb. 16.
Republicans and the White House oppose another extension and hope the time crunch will force the House to abandon its bill and simply adopt the Senate version as its own.
Immunity opponents, such as Electronic Frontier Foundation attorney Kevin Bankston, hope the House will stand firm.
"It's time for Speaker Pelosi to draw a line the sand, and make clear to the president that this House of Representatives is never going to pass any bill that includes immunity for lawbreaking telecoms," Bankston said.
The administration says that its surveillance program that targeted Americans and foreigners using facilities and services based in the United States was legal. Administration lawyers cite as justification, both the Authorization to Use Military Force to attack Al Qaeda and the president's war-making powers under the Consitution.
Opponents and even former Justice Department lawyer Jack Goldsmith says those arguments are flimsy, and that the president's wartime powers to wiretap inside the United States are curtailed by the Foreign Intelligence Surveillance Act.
Though the administration initially admitted that the existence of the wiretapping program after a December 2005 story in the New York Times, it has refused to disclose the extent of the operation. Officials have repeatedly denied the program is a "dragnet" that searches communications for keywords.
But statements from administration figures over the past year suggest the program is closer to a vacuum cleaner that sucks in communications and stores them in bulk. Those statements suggest many of the sucked-in communications aren't ever looked at but are available for data-mining and social networking analysis -- and inspection by NSA analysts based on that analysis or other evidence.
Under the bill passed by the Senate today, the government could order companies such as AT&T or Google to turn over all phone calls and emails where one party is reasonably believed to be outside the United States.
The Senate also shot down a proposal from Sen. Dianne Feinstein (D-California) to include strong language affirming that the Foreign Intelligence Surveillance Act was the only way that the government could spy on Americans. That amendment got 57 votes, but due to an agreement by Senate Majority Leader Harry Reid (D-Nevada) that amendment had to get 60 votes to pass.
If the immunity provision is passed into law, the Attorney General can write a letter to the judges overseeing the anti-warrantless wiretapping suit and have them dismissed. Once that happens, expect that the plaintiffs, such as the Electronic Frontier Foundation, will challenge the immunity provision as unconstitutional.
Democrats voting for the bill:
Evan Bayh (D-IN), Tom Carper (D-DE), Robert Casey (D-PA), Kent Conrad (D-ND), Daniel Inouye (D-HI), Mary Landrieu (D-LA) Joe Lieberman (ID-CT), Blanche Lincoln (D-AR), Claire McCaskill (D-MO), Barbara Mikulski (D-MD), Bill Nelson (D-FL), Ben Nelson (D-NE), Mark Pryor (D-AR), Jay Rockefeller (D-WV), Ken Salazar (D-CO), Jim Webb (D-VA), Sheldon Whitehouse (D-RI)
All Republican senators voted for the bill, except for Lindsey Graham (South Carolina) who did not vote.
Democrats voting against the bill:
Daniel Akaka (D-HI), Joe Biden (D-DE), Jeff Bingaman (D-NM), Barbara Boxer (D-CA), Sherrod Brown (D-OH), Robert Byrd (D-WV), Maria Cantwell (D-WA), Ben Cardin (D-MD), Chris Dodd (D-CT), Byron Dorgan (D-ND), Dick Durbin (D-IL), Russ Feingold (D-WI), Dianne Feinstein (D-CA), Tom Harkin (D-IA), Edward Kennedy (D-MA), John Kerry (D-MA), Amy Klobuchar (D-MN), Frank Lautenberg (D-NJ), Pat Leahy (D-VT), Carl Levin (D-MI), Robert Menendez (D-NJ), Patty Murray (D-WA), Jack Reed (D-RI), Harry Reid (D-NV), Bernie Sanders (I-VT), Charles Schumer (D-NY), Debbie Stabenow (D-MI), John Tester (D-MT), Ron Wyden (D-OR)
Neither Sen. Hillary Clinton (D-New York) nor Sen. Barack Obama (D-Illinois) voted on the bill, though Obama did vote earlier in the day to support removing telecom immunity.
http://blog.wired.com/27bstroke6/2008/02/senate-approves.html
Wiretapping, Telecom Companies, and You | The Legality
Written by: Jeff W. Richards
Researched by: Matthew A. Schroettnig
Edited by: Lauren E. Trent and Steve Glista
The current wiretapping debate in Congress, and the media circus surrounding it, has focused on the expiration of the Protect America Act of 2007 (initially passed last August). The more pressing and oft forgotten issue, however, is the administration's longstanding violation of the Foreign Intelligence Surveillance Act (FISA).
On December 17, 2005, President Bush revealed that the National Security Agency had been conducting domestic electronic surveillance for at least the four previous years. This so-called "Terrorist Surveillance Program" (TSP) was created to execute wiretaps against United States citizens and residents suspected of contacting foreign terrorist groups. The administration has avoided any substantive discussion of whether the program violates the Fourth Amendment by claiming that the details must remain secret. TSP began, and continues, on the sole authorization of the President. In an alarming violation of U.S. law, this program has allowed the NSA to spy on U.S. citizens without obtaining a warrant.
In order to conduct electronic surveillance operations, the NSA required cooperation from U.S. telecommunications companies. Any telecom companies that provided wiretap access to the NSA without requiring a warrant have violated FISA and exposed themselves to substantial liability.
There are other statutes that can authorize wiretapping of U.S. citizens, such as 18 U.S.C. §§ 2510-2522, which allows federal courts to issue warrants for wiretapping U.S. citizens for law enforcement purposes. However, all of these statutes require the agency requesting the wiretap to obtain a warrant from a federal court. By couching the War on Terror in terms of national security and by designating terrorist organizations as foreign powers, the administration has moved the TSP out of the standard federal court system and into the jurisdiction of FISA.
The FISA Court
Time for some background. The United States Foreign Intelligence Surveillance Court (FISC) is a United States federal court authorized by the FISA legislation. The FISC reviews requests for warrants to conduct electronic surveillance (wiretapping and other similar activities) on foreign entities, but only when there is a substantial likelihood that the surveillance will impact United States persons. Initially, FISA only covered foreign surveillance, such as spying on communists, but under the USA PATRIOT Act of 2001, Congress expanded FISA to include terrorism and terrorist-related activities of either U.S. citizens or foreigners.
When the United States Government Can Wiretap its Own Citizens Under FISA
Normally, it is difficult for the government to authorize wiretapping of its own citizens. Enter FISA § 1802(a), which allows the President, through the Attorney General, to authorize electronic surveillance of foreign powers without a court order. If there is a substantial likelihood of picking up communications of a U.S. citizen, however, the Attorney General must obtain a warrant from the FISA court.
This hurdle is, in effect, a mere formality, because the FISA court approves nearly every application it receives. According to the Electronic Privacy Information Center, the Foreign Intelligence Surveillance Court rejected only five (that's right, just five) out of more than 20,000 applications between 1979 and 2006. Additionally, the Act allows federal officers to start a wiretap before obtaining a warrant in emergency situations so long as they obtain one retroactively within 72 hours; a provision that allows urgent matters to go through while formalities are left for later.
The repeated failures of the administration to follow these FISA application procedures are at the center of the telecom liability debate. The government could legally wiretap communications originating or terminating in the United States by complying with the Act. What the government cannot do is conduct long-term warrantless wiretapping of American citizens. Warrantless wiretaps violate the Fourth Amendment guarantee of freedom from unreasonable searches, as well as the plain language of FISA.
What the Government Requested of the Telecoms
That's the legal background, so here's where it gets juicy. The telecom companies have a powerful ally in the U.S. federal government: officers of the federal government who approved wiretaps without a warrant may face widespread civil or criminal liability if any wrongdoing comes out in court. The law takes abuse of power very seriously, and under 50 U.S.C. § 1809, an agent of the government who monitors an illegal wiretap or uses information obtained from unlawful surveillance can be punished with a fine of $10,000, five years in jail, or both.
It's currently impossible to determine the extent of the telecom industry's complicity in warrantless wiretapping activities. The administration has long hedged its statements, saying only that companies like AT&T "allegedly" cooperated with the NSA. However, during an unusual moment of clarity and openness in mid-February of 2008, administration spokeswoman Dana Perino stated that the telecom companies "certainly helped us and they helped us save lives." Days later, during an interview with Renee Montagne on February 15, 2008, the Director of National Intelligence Michael McConnell stated that the main issue driving the administration's recent push for FISA reform was liability protection for the private sector. Intense disagreement about whether to grant the telecoms retroactive immunity for participating in illegal spying split the Congress in early February, and resulted in the Protect America Act expiring without a new amendment for FISA being passed.
The reason the government is so worried about telecom immunity is the ongoing lawsuit of Hepting v. AT&T. This lawsuit, filed by the Electronic Frontier Foundation, alleges that AT&T assisted the government in performing illegal electronic surveillance. The administration has an incentive to block the EFF's lawsuit (and others like it) by asserting "state secrets," as it's likely that a trial would reveal evidence of criminal wrongdoing on the part of government officials. Another twist that sets the EFF's case apart came from former AT&T employee Mark Klein, who provided the EFF attorneys with documents that revealed the installation of a secret room at AT&T's San Francisco hub in early 2003. These documents purportedly show that the NSA has the ability to copy all of the internet traffic that passes through AT&T's network. If Klein's statements are true, and assuming similar installations were conducted at other hubs, the NSA may have examined nearly every communication that has traveled over U.S. networks since 2003. On the other hand, if the complaint is dismissed because a court decides that it poses too great a risk to national security, the incriminating evidence may never see the light of day.
Liability of the Telecom Industry
Here's where it gets expensive. If the EFF's suit is allowed to proceed, and it reveals more widespread violations of the FISA laws, what can Americans do about it? FISA provides financial remedies for people who have been illegally wiretapped. Code provision 50 U.S.C. § 1810 imposes civil liability on any person (or entity) for each violation of FISA. Victims of illegal surveillance are entitled to recover $100 for each day they were wiretapped, or actual damages over $1000, whichever is greater. Additionally, FISA provides compensation for attorney's fees and other costs of litigation. This is good news for private citizens and their lawyers who contemplate facing off against well-funded corporations with truly staggering financial liability at stake.
As you may imagine, one hundred dollars per day, per person adds up over four years. If the Hepting lawsuit is successful, AT&T could face damages of over $36,500 per claimant per year. Nearly every person with a computer or phone in the United States could be impacted. If AT&T is liable to just their own customers, with over 70 million wireless subscribers, one year of warrantless wiretaps could amount to more than two and a half trillion dollars in statutory damages. The recently expired Protect America Act may protect telecom companies from liability for the period between August 2007 through 2008 or 2009, when the final year-long authorizations expire. While it was active, it enabled the Director of National Intelligence or the Attorney General to authorize warrantless acquisition of call records and related information.
The Rule of Law
When faced with accusations of such widespread and systematic disregard for FISA, the administration's preferred defense appears to involve invoking the "state secrets" privilege as often as possible. The argument claims that merely confirming the existence of the program could give America's enemies important information about one of the weapons we're using in the battle against them.
Wiretapping of United States citizens without a warrant is prohibited by law, and both the United States government and the telecommunications companies that enabled it have exposed themselves to both criminal sanctions (50 U.S.C. § 1809) and civil liability (50 U.S.C. § 1810). Unless Congress caves and grants telecoms a free pass on the lawsuits through retroactive immunity legislation (which is currently being debated in the House of Representatives), AT&T and others will face significant penalties.
A democratic government must always maintain a fine balance between security and privacy. Straying too far in either direction invites disaster. If the government is too cautious with the privacy of its citizens, it will be unable to protect them from threats. At the same time, excessive surveillance will inevitably erode the very freedoms that the government strives to protect. Granting retroactive immunity to companies that have violated the law only serves to encourage further transgressions, but enforcing the laws as they currently stand could bankrupt some of the biggest companies in the U.S. No matter which choice the legislature makes, future policy is being written - and corporate America is watching.
http://www.thelegality.com/2008/02/20/wiretapping-telecom-companies-and-you/
Top Internet Threats: Censorship to Warrantless Surveillance
By David Kravets
The internet is filled with threats real and imagined, from malicious hackers to government censors.
Beyond the hacks and cracks -- and in celebration of Sunshine Week -- we've compiled a brief list of some of the biggest public and private threats facing the internet.
Warrantless Government Monitoring: Following the Sept. 11 terror attacks, the practice of wiretapping all internet traffic began in the United States with the Bush administration, and is now being defended in court by the Obama administration. All of the nation's major internet service providers are accused of funneling Americans' online traffic to the National Security Agency without warrants.
Private Censorship: From the mundane to the frightening, the examples run rampant. Wikipedia, the world's most trafficked online reference tool, is subject to shameful spin from trusted names of news organizations to the not so trustworthy engines of commerce. Among the examples, The Boston Globe enhanced the biography of a columnist while deleting information about his alleged plagiarism. Diebold excised an entire section critical of the company's voting machines.
Government Censorship: Reporters Without Borders reported last week that 12 nations -- China, Burma, North Korea, Vietnam, Egypt, Iran, Syria, Saudi Arabia, Turkmenistan, Uzbekistan, Cuba and Tunisia restrict internet access and often prosecute users for what they post online.
Even in democratic countries, censorship rears its ugly head. On Thursday, a secret blacklist surfaced detailing 2,395 web pages the Australian government is planning to filter from the internet. While about half of them dealt with illegal pornography, the remainder did not. Some of the sites were about gambling, dentists and even dog kennels.
In December, Wikipedia couldn't be edited by users in Britain. The entire site was put on a blacklist because it linked to the 1976 album cover of Virgin Killer by the Scorpions, which featured a nude young girl.
In the United States, a federal judge last year blocked WikiLeaks from operating in the country for a week after the renegade site posted allegedly stolen documents detailing individuals' Swiss bank accounts.
Deep Packet Inspection: Several U.S. internet service providers, including giants like Comcast and Cox Communications, have started inspecting the contents of internet packets, a practice (.pdf) allowing them to monitor, filter and ultimately control the traffic that passes through their pipes. In addition, online advertising services like NebuAd are paying ISPs to let it eavesdrop on web users via DPI.
ISP Tiered Pricing: Major ISPs, including AT&T, Time Warner and Comcast have moved or are gravitating toward pricing services based on the amount of bandwidth individuals use. Theoretically, the plans could unlock the internet door to low-income users. But we suspect the plans are designed to increase profits for ISPs as bandwidth use skyrockets -- all of which may have a chilling effect on internet usage.
Recording Industry Association of America Proposes "Three-Strikes" Policy: The record labels are pushing for ISPs to ban service to customers the RIAA claims are file-sharing copyrighted music. Overseas, industry groups like the International Federation of the Phonographic Industry are pursuing similar efforts.
Digital Millennium Copyright Act Abuses: Unwarranted YouTube takedown notices by misguided copyright holders comes immediately to mind -- including assertions by Universal Music that it need not consider whether a video, under the DMCA, makes a "fair use" of the copyrighted works in question. Google says 57 percent of takedown notices it received were sent by business targeting competitors and 37 percent were not valid copyright claims.
Tell us what you think are the most threatening threats to the internet:
Continue Reading at: http://blog.wired.com/27bstroke6/2009/03/wireds-top-inte.html
Cybersecurity Act Would Give President Power to 'Shut Down' Internet
By Greg Fulton
April 14, 2009 "Rawstory" -- A recently proposed but little-noticed Senate bill would allow the federal government to shut down the Internet in times of declared emergency, and enables unprecedented federal oversight of private network administration.
The bill's draft states that "the president may order a cybersecurity emergency and order the limitation or shutdown of Internet traffic" and would give the government ongoing access to "all relevant data concerning (critical infrastructure) networks without regard to any provision of law, regulation, rule, or policy restricting such access."
Authored by Democratic Sen. Jay Rockefeller of West Virginia and Republican Olympia Snowe of Maine, the Cybersecurity Act of 2009 seeks to create a Cybersecurity Czar to centralize power now held by the Pentagon, National Security Agency, Department of Commerce and the Department of Homeland Security.
While the White House has not officially endorsed the draft, it did have a hand in its language, according to The Washington Post.
Proponents of the measure stress the need to centralize cybersecurity of the private sector. "People say this is a military or intelligence concern," says Rockefeller, "but it is a lot more than that. It suddenly gets into the realm of traffic lights and rail networks and water and electricity."
Snowe added, "America's vulnerability to massive cyber-crime, global cyber-espionage and cyber-attacks has emerged as one of the most urgent national security problems facing our country today. Importantly, this legislation loosely parallels the recommendations in the CSIS [Center for Strategic and International Studies] blue-ribbon panel report to President Obama and has been embraced by a number of industry and government thought leaders."
Critics decry the broad language, and are watchful for amendments to the bill seeking to refine the provisions. According to opencongress.com, no amendments to the draft have been submitted.
Organizations like the Center for Democracy and Technology fear if passed in its current form, the proposal leaves too much discretion of just what defines critical infrastructure. The bill would also impose mandates for designated private networks and systems, including standardized security software, testing, licensing and certification of cyber-security professionals.
"I'd be very surprised if it doesn't include communications systems, which are certainly critical infrastructure," CDT General Counsel Greg Nojeim told eWEEK. "The president would decide not only what is critical infrastructure but also what is an emergency."
Adds Jennifer Granick, civil liberties director of the Electronic Frontier Foundation, "Essentially, the Act would federalize critical infrastructure security. Since many systems (banks, telecommunications, energy) are in the hands of the private sector, the bill would create a major shift of power away from users and companies to the federal government."
Source: http://informationclearinghouse.info/article22410.htm
Manipulation Accomplished
Public Knowledge Rejects: Telecom Industry Assault on Consumers
For Immediate Release: February 22, 2010, Public Knowledge
Background: The major companies and trade groups in the telecommunications industry earlier today sent a letter to FCC Chairman Julius Genachowski rejecting the idea of putting Internet access services under some form of consumer protection rules.
The following statement is attributed to Gigi B. Sohn, president and co-founder of Public Knowledge:
"This is a transparent attempt to bully the FCC. The industry wants to have a Federal Communications Commission (FCC) that has no power to safeguard consumer privacy, to promote deployment and adoption of high-speed Internet access, to require transparency and truth in billing and any number of consumer protections.
"The telecommunications industry has now shown that it cares nothing for consumers. Its letter is simply one long argument against the government having any ability to protect consumers from any type of harmful behavior that companies may inflict.
"The result is the industry wants to control the Internet without any recourse for consumers, government agencies or any other authority. We trust the FCC will see this argument as simply ludicrous and reject it out of hand.
"In addition, the industry tries to argue that any attempt to impose those protections, or even to impose a limited regulatory structure would ‘plunge the industry into years of litigation.' Given that the telecom companies are the ones who usually do that plunging, this is a self-fulfilling prophesy at best, and disingenuous at least."
http://www.publicknowledge.org/node/2916
Death Of The Internet: Unprecedented Censorship Bill Passes in UK
by Steve Watson
Global Research, April 11, 2010
Infowars.net - 2010-04-08
A draconian Internet censorship bill that has been long looming on the horizon finally passed the house of commons in the UK yesterday, legislating for government powers to restrict and filter any website that is deemed to be undesirable for public consumption.
The Digital Economy Bill was rushed through parliament in a late night session last night after a third reading.
In the wake of the announcement of a general election on May 6, the government has taken advantage of what is known as the wash-up process, allowing the legislative process to be speeded up between an election being called and Parliament being dissolved.
Only a pitiful handful of MPs (pictured below) were present to debate the bill, which was fully supported by the opposition Conservative party, and passed by 189 votes to 47 keeping the majority of its original clauses intact.
The bill will now go back to the House of Lords, where it originated, for a final formal approval.
The government removed a proposal in clause 18 of the bill, which openly stated that it could block any website, however it was replaced with an amendment to clause 8 of the bill which essentially legislates for the same powers.
The new clause allows the unelected secretary of state for business, currently Lord Mandelson, to order the blocking of a location on the internet which the court is satisfied has been, is being or is likely to be used for or in connection with an activity that infringes copyright.
Opposing MPs argued that the clause was too broad and open ended, arguing that the phrase likely to be used could be used to block websites without them ever having been used for activity that infringes copyright. Other MPs argued that under the bill, whistleblower websites, such as Wikileaks, could be targeted.
The legislation will also allow the Home Secretary to place "a technical obligation on internet service providers to block whichever sites it wishes.
Under clause 11 of the proposed legislation "technical obligation is defined as follows:
A "technical obligation, in relation to an internet service provider, is an obligation for the provider to take a technical measure against particular subscribers to its service.
A "technical measure is a measure that -- (a) limits the speed or other capacity of the service provided to a subscriber; (b) prevents a subscriber from using the service to gain access to particular material, or limits such use; (c) suspends the service provided to a subscriber; or (d) limits the service provided to a subscriber in another way.
In other words, the government will have the power to force ISPs to downgrade and even block your internet access to certain websites or altogether if it wishes.
The legislation is part of an amplified effort by the government to seize more power over the internet and those who use it.
For months now unelected Secretary of State Lord Mandelson has overseen government efforts to challenge the independence of the of UK's internet infrastructure.
The Digital Economy Bill will also see users' broadband access cut off indefinitely, in addition to a fine of up to £50,000 without evidence or trial, if they download copyrighted music and films. The plan has been identified as potentially illegal by experts.
The legislation would impose a duty on ISPs to effectively spy on all their customers by keeping records of the websites they have visited and the material they have downloaded. ISPs who refuse to cooperate could be fined £250,000.
As Journalist and copyright law expert Cory Doctrow has noted, the bill also gives the Secretary of State the power to make up as many new penalties and enforcement systems as he likes, without Parliamentary oversight or debate.
This could include the authority to appoint private militias, who will have the power to kick you off the internet, spy on your use of the network, demand the removal of files in addition to the blocking of websites.
Mandelson and his successors will have the power to invent any penalty, including jail time, for any digital transgression he deems Britons to be guilty of.
Despite being named the Digital Economy Bill, the legislation contains nothing that will actually stimulate the economy and is largely based on shifting control over the internet into government hands, allowing unaccountable bureaucrats to arbitrarily hide information from the public should they wish to do so.
Mandelson began the onslaught on the free internet in the UK after spending a luxury two week holiday at Nat Rothschild's Corfu mansion with multi-millionaire record company executive David Geffen.
Over 20,000 members of the public have written to their MPs in the last week to lobby against the bill being rushed through, however, their concerns have fallen on deaf ears and the government has been allowed to deal a devastating blow to the last real vestige of free speech in this country.
The Wider Agenda Of Internet Control
The Digital Economy Bill is intrinsically linked to long term plans by the UK government to carry out an unprecedented extension of state powers by claiming the authority to monitor all emails, phone calls and internet activity nationwide.
IN 2008, the government announced its intention to create a massive central database, gathering details on every text sent, e-mail sent, phone call made and website visited by everyone in the UK.
The programme, known as the Interception Modernisation Programme, would allow spy chiefs at GCHQ, the government's secret eavesdropping agency, the centre for Signal Intelligence (SIGINT) activities (pictured above), to effectively place a "live tap on every electronic communication in Britain in the name of preventing terrorism.
Following outcry over the announcement, the government suggested that it was scaling down the plans, with then Home Secretary Jacqui Smith stating that there were absolutely no plans for a single central store of communications data.
However, as the climbdown was celebrated by civil liberties advocates and the plan was replaced by new laws requiring ISPs to store details of emails and internet telephony for just 12 months, fresh details emerged indicating the government was implementing a big brother spy system that far outstrips the original public announcement.
The London Times published leaked details of a secret mass internet surveillance project known as Mastering the Internet (MTI).
Costing hundreds of millions in public funds, the system is already being implemented by GCHQ with the aid of American defence giant Lockheed Martin and British IT firm Detica, which has close ties to the intelligence agencies.
A group of over 300 internet service providers and telecommunications firms has attempted to fight back over the radical plans, describing the proposals as an unwarranted invasion of people's privacy.
Currently, any interception of a communication in Britain must be authorised by a warrant signed by the home secretary or a minister of equivalent rank. Only individuals who are the subject of police or security service investigations may be subject to surveillance.
If the GCHQ's MTI project is completed, black-box probes would be placed at critical traffic junctions with internet service providers and telephone companies, allowing eavesdroppers to instantly monitor the communications of every person in the country without the need for a warrant.
Even if you believe GCHQ's denial that it has any plans to create a huge monitoring system, the current law under the RIPA (the Regulation of Investigatory Powers Act) allows hundreds of government agencies access to the records of every internet provider in the country.
In publicly announced proposals to extend these powers, firms will be asked to collect and store even more vast amounts of data, including from social networking sites such as Facebook.
If the plans go ahead, every internet user will be given a unique ID code and all their data will be stored in one place. Government agencies such as the police and security services will have access to the data should they request it with respect to criminal or terrorist investigations.
This is clearly the next step in an incremental program to implement an already exposed full scale big brother spy system designed to completely obliterate privacy, a fundamental right under Article 8 of the European Convention on Human Rights.
Death Of The Internet In Europe, Australia, New Zealand and the U.S.
Similar efforts to place restrictions on the internet are unfolding in Australia where the government is implementing a mandatory and wide-ranging internet filter modeled on that of the Communist Chinese government.
Australian communication minister Stephen Conroy said the government would be the final arbiter on what sites would be blacklisted under "refused classification.
The official justification for the filter is to block child pornography, however, as the watchdog group Electronic Frontiers Australia has pointed out, the law will also allow the government to block any website it desires while the pornographers can relatively easily skirt around the filters.
Earlier this year, the Wikileaks website published a leaked secret list of sites slated to be blocked by Australia's state-sponsored parental filter.
The list revealed that blacklisted sites included online poker sites, YouTube links, regular gay and straight porn sites, Wikipedia entries, euthanasia sites, websites of fringe religions such as satanic sites, fetish sites, Christian sites, the website of a tour operator and even a Queensland dentist.
The filter will even block web-based games deemed unsuitable for anyone over the age of fifteen, according to the Australian government.
In neighbouring New Zealand, the government has quietly implemented an internet filter and is urging the leading ISPs in the country to adopt the measure, in a move that would give the authorities the power to restrict whichever websites they see fit.
The New Zealand Department of Internal Affairs (DIA) reportedly turned on the internet filter on February 1st without making any announcement, prompting critics to charge that the measure had been activated in stealth.
It was no coincidence that around the same time the government's Internet filter went live, Infowars began receiving notification from readers in New Zealand that their access to Alex Jones' flagship websites Infowars.com and Prisonplanet.com had been suddenly blocked.
The broad attack on the free internet is not only restricted to the UK, New Zealand and Australia.
The European Union, Finland, Denmark, Germany and other countries in Europe have all proposed blocking or limiting access to the internet and using filters like those used in Iran, Syria, China, and other repressive regimes.
In 2008 in the U.S., The Motion Picture Association of America asked president Obama to introduce laws that would allow the federal government to effectively spy on the entire Internet, establishing a system where being accused of copyright infringement would result in loss of your Internet connection.
In 2009 the Cybersecurity Act was introduced, proposing to allow the federal government to tap into any digital aspect of every citizen's information without a warrant. Banking, business and medical records would be wide open to inspection, as well as personal instant message and e mail communications.
The legislation, introduced by Senators John Rockefeller (D-W. Va.) and Olympia Snowe (R-Maine) in April, gives the president the ability to "declare a cybersecurity emergency and shut down or limit Internet traffic in any "critical information network "in the interest of national security. The bill does not define a critical information network or a cybersecurity emergency. That definition would be left to the president, according to a Mother Jones report.
During a hearing on the bill, Senator John Rockefeller betrayed the true intent behind the legislation when he stated, "Would it have been better if we'd have never invented the Internet" ... while fearmongering about cyber attacks on the U.S. government and how the country could be shut down.
Watch the clip below.
Video Missing and last known address was:
http://www.youtube.com/embed/OF_fuV7iNYU?rel=0
Everytime it appears, it quickly disappears
~ try searching using the above quote. ~
The Obama White House has also sought a private contractor to crawl and archive data such as comments, tag lines, e-mail, audio and video from any place online where the White House maintains a presence - for a period of up to eight years.
Obama has also proposed scaling back a long-standing ban on tracking how people use government Internet sites with cookies and other technologies.
Recent disclosures under the Freedom Of Information Act also reveal that the federal government has several contracts with social media outlets such as Youtube (Google), Facebook, Myspace and Flickr (Yahoo) that waive rules on monitoring users and permit companies to track visitors to government web sites for advertising purposes.
The U.S. military also has some $30 Billion invested in it's own mastering the internet projects.
We have extensively covered efforts to scrap the internet as we know it and move toward a greatly restricted internet 2" system. All of the above represents stepping stones toward the realisation of that agenda.
The free internet is under attack the world over, only by exposing the true intentions of our governments to restrict the flow of data can we defeat such efforts and preserve what is left of the last vestige of independent information.
Lieberman Bill Gives Feds ‘Emergency' Powers to Secure Civilian Nets
By Noah Shachtman June 2, 2010 | 2:07 pm
Joe Lieberman wants to give the federal government the power to take over civilian networks' security, if there's an "imminent cyber threat. It's part of a draft bill, co-sponsored by Senators Lieberman and Susan Collins, that provides the Department of Homeland Security broad authority to ensure that "critical infrastructure stays up and running in the face of a looming hack attack.
The government's role in protecting private firms' networks is one of the most contentious topics in information security today. Several bills are circulating on Capitol Hill on how to keep power and transportation and financial firms running in the event of a so-called "cybersecurity emergency.
Last week, Deputy Defense Secretary William Lynn floated the idea of extending a controversial cybersurveillance program to hacker-proof the firms. Meanwhile, the military's new Cyber Command is readying itself to march to these companies' aid.
Lieberman and Collins' solution is one of the more far-reaching proposals. In the Senators' draft bill, "the President may issue a declaration of an imminent cyber threat to covered critical infrastructure. Once such a declaration is made, the director of a DHS National Center for Cybersecurity and Communications is supposed to "develop and coordinate emergency measures or actions necessary to preserve the reliable operation, and mitigate or remediate the consequences of the potential disruption, of covered critical infrastructure.
"The owner or operator of covered critical infrastructure shall comply with any emergency measure or action developed by the Director, the bill adds.
These emergency measures are supposed to remain in place for no more than 30 days. But they can be extended indefinitely, a month at a time.
The DHS cybersecurity director has to ensure that the emergency measures "represent the least disruptive means feasible and that "the privacy and civil liberties of United States persons are protected, according to the bill. It also allows the private firms to handle network threats on their own -- if DHS approves of the measures.
Senate staffers familiar with the bill acknowledge that it grants broad powers over private businesses; the staffers couldn't think of an analog in the physical world, except for the Federal Aviation Administration's authority to ground air traffic after 9/11. But the staffers say that the emergency powers will only apply to a relatively small number of companies, and only in the most extreme cases -- when an electronic exploit might cause "catastrophic regional or national damage resulting in "thousands of lives or billions of dollars lost.
In order for the President to declare such an emergency, there would have to be knowledge both of a massive network flaw -- and information that someone was about to leverage that hole to do massive harm. For example, the recent "Aurora hack to steal source code from Google, Adobe and other companies wouldn't have qualified, one Senate staffer noted: "It'd have to be Aurora 2, plus the intel that country X is going to take us down using that vulnerability.
A second staffer suggested that evidence of hackers looking to leverage something like the massive Conficker worm -- which infected millions of machines and was seemingly poised in April 2009 to unleash something nefarious -- might trigger the bill's emergency provisions. "You could argue there's some threat information built in there, the staffer said.
The Lieberman/Collins bill is hardly the the most extreme cybersecurity proposal that's circulated on Capitol Hill in recent years. That dubious distinction belongs to a bill from Senators Jay Rockefeller and Olympia Snowe that empowered the feds to "order the disconnection of any Federal Government or United States critical infrastructure information systems or networks in the interest of national security. That provision was neutered after a public outcry. Now, it calls on the U.S. government to "develop and rehearse detailed response and restoration plans in the event of a major network threat.
9 Reasons Wired Readers Should Wear Tinfoil Hats
By David Kravets, November 24, 2011, Article Source
The FBI's Digital Collection System connects FBI offices and telecom providers around the
country to coordinate collection of phone taps for investigations of all sorts.
There's plenty of reason to be concerned Big Brother is watching.
We're paranoid not because we have grandiose notions of our self-importance, but because the facts speak for themselves.
Here's our short list of nine reasons that Wired readers ought to wear tinfoil hats, or at least, fight for their rights and consider ways to protect themselves with encryption and defensive digital technologies.
We know the list is incomplete, so if you have better reasons that we list here, put them in the comments and we'll make a list based off them.
Until then, remember: Don't suspect a friend; report him.
Warrantless Wiretapping
The government refuses to acknowledge whether the National Security Agency is secretly siphoning the nation's electronic communications to the National Security Agency without warrants, as the Electronic Frontier Foundation alleges. The lawsuit was based on evidence provided by a former AT&T technician Mark Klein that showed that AT&T had installed a secret spying room in an internet hub in San Francisco. The spying got so bad that Attorney General Ashcroft threatened to resign over it.
When a federal judge said a lawsuit on that issue could go forward, Congress passed legislation stopping the case in its tracks. Two American lawyers for an Islamic charity did, however, prevail in their suit that they were wiretapped without warrants, but the Administration is appealing. Much of the program was legalized in 2008 by the FISA Amendments Act.
The FBI has also built a nationwide computer system called the Digital Collection System, connected by fiber optic cables, to collect and analyze wiretaps of all types, including ones used in ultra-secret terrorism investigations.
Warrantless GPS Tracking
The Obama administration claims Americans have no right to privacy in their public movements. The issue surfaced this month in a landmark case before the U.S. Supreme Court to determine if law enforcement agents should be required to obtain a probable-cause warrant in order to place a GPS tracking device on a citizen's car. The government admitted to the Supreme Court that it thinks it would have the power to track the justices' cars without a warrant.
The invasive technology allows police, the FBI, the Drug Enforcement Administration and other agencies to engage in covert round-the-clock surveillance over an extended period of time, collecting vast amounts of information about anyone who drives the vehicle that is being tracked. The Justice Department has said that law enforcement agents employ GPS as a crime-fighting tool with "great frequency," and GPS retailers have told Wired that they've sold thousands of the devices to the feds.
Tracking Devices in Your Pocket
That mobile phone in your pocket chronicles almost everything. Once-secret software developed by a private company pretty much chronicles all you do on your smartphone and sends it to the carriers. The carriers themselves keep a wealth of information, such as text messages, call-location data, and PINs -- though none of them disclose to their customers what data they store or how long they keep the data.
Law enforcement can get at much of that historical data -- and often get real-time tracking information without proving probable cause to a judge.
Fake Cell Phone Towers
You make a call on your cellphone thinking the only thing standing between you and the recipient of your call is your carrier's cellphone tower. In fact, that tower your phone is connecting to just might be a boobytrap set up by law enforcement to ensnare your phone signals and maybe even the content of your calls.
So-called stingrays are one of the new high-tech tools that authorities are using to track and identify you. The devices, about the size of a suitcase, spoof a legitimate cellphone tower in order to trick nearby cellphones and other wireless communication devices into connecting to the tower, as they would to a real cellphone tower.
The government maintains that the stingrays don't violate Fourth Amendment rights, since Americans don't have a legitimate expectation of privacy for data sent from their mobile phones and other wireless devices to a cell tower. While the technology sounds ultra-new, the feds have had this in their arsenal for at least 15 years, and used a stingray to bust the notorious hacker Kevin Mitnick in 1995.
The Border Exception
The Fourth Amendment doesn't exist along the U.S. border. You know that if you're a close supporter of WikiLeaks or a friend of alleged WikiLeaks leaker Bradley Manning. You're no doubt very familiar with the U.S. government's laptop border search policy, which allows Customs and Border Protection agents to seize and search a laptop belonging to anyone crossing a border into the U.S.
Agents can search through files on a traveler's laptop, phone or other mobile device, read e-mail or view digital snapshots to uncover incriminating evidence, and they don't need any reason to do so.
The government argues, and the 9th U.S. Circuit Court agrees that searching through a person's laptop for copyright violations is no different than looking through their suitcase for cocaine -- and thus fits squarely with what is known as the 'border exception' to the Fourth Amendment. That means a border agent doesn't need reasonable suspicion, probable cause or even a hunch to open your laptop, seize it and make copies of your data.
At least three supporters of WikiLeaks, including security researcher Jacob Appelbaum. have been subject to the policy and had devices seized and searched as they re-entered the U.S. from foreign trips. U.S. Customs and Border Patrol seem to particularly like searching Appeblaum's devices and questioning him, despite the fact that Wikileaks has never been charged with a crime in the U.S..
The "6 Months and It's the Government's" Rule
If you're already not wanting a dose of Prozac, consider that the law allows the government to obtain Americans' e-mails, without a warrant, if it's stored on some other company's servers for more than six months. The Electronic Communications Privacy Act, adopted in 1986, turned 25 this year. When written, the law assumed e-mails left on a server for that long were abandoned.
In the age of Gmail, that's simply ridiculous. A proposal to demand a court warrant for any and all e-mail never got a Senate hearing and was opposed by the Obama administration.
The Patriot Act
No paranoia list would be complete without including the Patriot Act, the now 10-year-old law adopted in the wake of September 11. The act, which has remained largely the same since former president George W. Bush signed the legislation six weeks after 9/11, gives the government, among other things, the power to acquire phone, banking and other records via the power of a so-called "national security letter," which does not require a court warrant.
National security letters, perhaps the most invasive facet of the law, are written demands from the FBI that compel internet service providers, financial institutions and others to hand over confidential records about their customers, such as subscriber information, phone numbers and e-mail addresses, bank records and arguably websites you have visited.
The FBI need merely assert, in writing, that the information is "relevant" to an ongoing terrorism or national security investigation. Nearly everyone who gets a national security letter is prohibited from even disclosing that they've received one. More than 200,000 letters have been issued by the FBI, despite a series of stinging reports from the Justice Department's internal watchdog, who found FBI agents weren't just routinely sloppy; they also violated the law.
Moreover, a decade after Bush's signature, information is sketchy about how the law is being used in practice. For instance, Sen. Ron Wyden (D-Oregon) claims the government applies a far broader, and classified, legal interpretation of the Patriot Act's power to let the government seize most anything it deems relevant to an investigation (Section 215).
"We're getting to a gap between what the public thinks the law says and what the American government secretly thinks the law says," the Senate Intelligence Committee member said in a recent interview with Wired. "When you've got that kind of a gap, you're going to have a problem on your hands."
Government Malware
It's little known, but governments have their own malware/spyware that it deploys against suspected lawbreakers. The FBI's version, the last time we checked, was called CIPAV. Once an FBI agent convinced a target to install it (by clicking an e-mail attachment or link on the web), the spyware reports back everything that computer does online.
German states recently came under fire for misusing a similar program that reportedly could turn on a computer's camera and take screenshots. And a recent Wall Street Journal story catalogs a surveillance software company which trumpeted its ability to infect users via a fake iTunes update. The company sells its wares to governments around the world.
Known Unknowns
Former Secretary of Defense Donald Rumsfeld took an unfair amount of abuse for his deployment of the phrase "known unknowns." And it's these known unknowns that might be the most disturbing part of the list. For instance, does the government think the Patriot Act allows it to force Google to turn over information about anyone who has searched for certain keywords using orders that come with a gag order? Is the NSA sucking up everything we say on our phones and that we do online, under the theory it pushed in a court case that it's not a search until a human actually looks at the data? How often do police investigating a crime ask wireless providers to give them a list of all the people whose phones were in use in the area when they think a crime was committed? What kind of sweeping surveillance orders have been issued under the 1998 law that Congress passed to legalize much of the warrantless wiretapping of Americans? And finally, how long is the government storing all this data, and how can we be sure that our future governments won't start using this data to target Americans based on activities protected by the First Amendment?
And no -- a tinfoil hat won't help you at all.
TAP
Law Enforcement Appliance Subverts SSL
By Ryan Singel, at Wired.com, March 24, 2010, 1:55 pm, Categories: Surveillance, Threats
That little lock on your browser window indicating you are communicating securely with your bank or e-mail account may not always mean what you think its means.
Normally when a user visits a secure website, such as Bank of America, Gmail, PayPal or eBay, the browser examines the website's certificate to verify its authenticity.
At a recent wiretapping convention, however, security researcher Chris Soghoian discovered that a small company was marketing internet spying boxes to the feds. The boxes were designed to intercept those communications -- without breaking the encryption -- by using forged security certificates, instead of the real ones that websites use to verify secure connections. To use the appliance, the government would need to acquire a forged certificate from any one of more than 100 trusted Certificate Authorities.
The attack is a classic man-in-the-middle attack, where Alice thinks she is talking directly to Bob, but instead Mallory found a way to get in the middle and pass the messages back and forth without Alice or Bob knowing she was there.
The existence of a marketed product indicates the vulnerability is likely being exploited by more than just information-hungry governments, according to leading encryption expert Matt Blaze, a computer science professor at University of Pennsylvania.
"If the company is selling this to law enforcement and the intelligence community, it is not that large a leap to conclude that other, more malicious people have worked out the details of how to exploit this," Blaze said.
The company in question is known as Packet Forensics, which advertised its new man-in-the-middle capabilities in a brochure handed out at the Intelligent Support Systems (ISS) conference, a Washington, D.C., wiretapping convention that typically bans the press. Soghoian attended the convention, notoriously capturing a Sprint manager bragging about the huge volumes of surveillance requests it processes for the government.
According to the flyer: "Users have the ability to import a copy of any legitimate key they obtain (potentially by court order) or they can generate ‘look-alike' keys designed to give the subject a false sense of confidence in its authenticity." The product is recommended to government investigators, saying "IP communication dictates the need to examine encrypted traffic at will." And, "Your investigative staff will collect its best evidence while users are lulled into a false sense of security afforded by web, e-mail or VOIP encryption."
Packet Forensics doesn't advertise the product on its website, and when contacted by Wired.com, asked how we found out about it. Company spokesman Ray Saulino initially denied the product performed as advertised, or that anyone used it. But in a follow-up call the next day, Saulino changed his stance.
"The technology we are using in our products has been generally discussed in internet forums and there is nothing special or unique about it," Saulino said. "Our target community is the law enforcement community."
Blaze described the vulnerability as an exploitation of the architecture of how SSL is used to encrypt web traffic, rather than an attack on the encryption itself. SSL, which is known to many as HTTPS, enables browsers to talk to servers using high-grade encryption, so that no one between the browser and a company's server can eavesdrop on the data. Normal HTTP traffic can be read by anyone in between -- your ISP, a wiretap at your ISP, or in the case of an unencrypted Wi-Fi connection, by anyone using a simple packet-sniffing tool.
In addition to encrypting the traffic, SSL authenticates that your browser is talking to the website you think it is. To that end, browser makers trust a large number of Certificate Authorities -- companies that promise to check a website operator's credentials and ownership before issuing a certificate. A basic certificate costs less than $50 today, and it sits on a website's server, guaranteeing that the BankofAmerica.com website is actually owned by Bank of America. Browser makers have accredited more than 100 Certificate Authorities from around the world, so any certificate issued by any one of those companies is accepted as valid.
To use the Packet Forensics box, a law enforcement or intelligence agency would have to install it inside an ISP, and persuade one of the Certificate Authorities -- using money, blackmail or legal process -- to issue a fake certificate for the targeted website. Then they could capture your username and password, and be able to see whatever transactions you make online.
Technologists at the Electronic Frontier Foundation, who are working on a proposal to fix this whole problem, say hackers can use similar techniques to steal your money or your passwords. In that case, attackers are more likely to trick a Certificate Authority into issuing a certificate, a point driven home last year when two security researchers demonstrated how they could get certificates for any domain on the internet simply by using a special character in a domain name.
"It is not hard to do these attacks," said Seth Schoen, an EFF staff technologist. "There is software that is being published for free among security enthusiasts and underground that automate this."
China, which is known for spying on dissidents and Tibetan activists, could use such an attack to go after users of supposedly secure services, including some Virtual Private Networks, which are commonly used to tunnel past China's firewall censorship. All they'd need to do is convince a Certificate Authority to issue a fake certificate. When Mozilla added a Chinese company, China Internet Network Information Center, as a trusted Certificate Authority in Firefox this year, it set off a firestorm of debate, sparked by concerns that the Chinese government could convince the company to issue fake certificates to aid government surveillance.
In all, Mozilla's Firefox has its own list of 144 root authorities. Other browsers rely on a list supplied by the operating system manufacturers, which comes to 264 for Microsoft and 166 for Apple. Those root authorities can also certify secondary authorities, who can certify still more -- all of which are equally trusted by the browser.
The list of trusted root authorities includes the United Arab Emirates-based Etilisat, a company that was caught last summer secretly uploading spyware onto 100,000 customers' BlackBerries.
Soghoian says fake certificates would be a perfect mechanism for countries hoping to steal intellectual property from visiting business travelers. The researcher published a paper on the risks (.pdf) Wednesday, and promises he will soon release a Firefox add-on to notify users when a site's certificate is issued from an authority in a different country than the last certificate the user's browser accepted from the site.
EFF's Schoen, along with fellow staff technologist Peter Eckersley and security expert Chris Palmer, want to take the solution further, using information from around the net so browsers can eventually tell a user with certainty when they are being attacked by someone using a fake certificate. Currently, browsers warn users when they encounter a certificate that doesn't belong to a site, but many people simply click through the multiple warnings.
"The basic point is that in the status quo there is no double check and no accountability," Schoen said. "So if Certificate Authorities are doing things that they shouldn't, no one would know, no one would observe it. We think at the very least there needs to be a double check."
EFF suggests a regime that relies on a second level of independent notaries to certify each certificate, or an automated mechanism to use anonymous Tor exit nodes to make sure the same certificate is being served from various locations on the internet -- in case a user's local ISP has been compromised, either by a criminal or a government agency using something like Packet Forensics' appliance.
One of the most interesting questions raised by Packet Forensics' product is how often do governments use such technology and do Certificate Authorities comply? Christine Jones, the general counsel for GoDaddy -- one of the net's largest issuers of SSL certificates -- says her company has never gotten such a request from a government in her eight years at the company.
"I've read studies and heard speeches in academic circles that theorize that concept, but we never would issue a ‘fake' SSL certificate," Jones said, arguing that would violate the SSL auditing standards and put them at risk of losing their certification. "Theoretically it would work, but the thing is we get requests from law enforcement every day, and in entire time we have been doing this, we have never had a single instance where law enforcement asked us to do something inappropriate."
VeriSign, the net's largest Certiicate Authority, echoes GoDaddy.
"Verisign has never issued a fake SSL certificate, and to do so would be against our policies," said vice president Tim Callan.
Matt Blaze notes that domestic law enforcement can get many records, such as a person's Amazon purchases, with a simple subpoena, while getting a fake SSL certificate would certainly involve a much higher burden of proof and technical hassles for the same data.
Intelligence agencies would find fake certificates more useful, he adds. If the NSA got a fake certificate for Gmail -- which now uses SSL as the default for e-mail sessions in their entirety (not just their logins) -- they could install one of Packet Forensics' boxes surreptitiously at an ISP in, for example, Afghanistan, in order to read all the customer's Gmail messages. Such an attack, though, could be detected with a little digging, and the NSA would never know if they'd been found out.
Despite the vulnerabilities, experts are pushing more sites to join Gmail in wrapping their entire sessions in SSL.
"I still lock my doors even though I know how to pick the lock," Blaze said.
Update 15:55 Pacific: The story was updated with comment from Verisign.
Image: Detail from Packet Forensics brochure Via Wired
Source: http://www.wired.com/threatlevel/2010/03/packet-forensics/
Time for a Corporate Death Penalty
by Bruce A. Dixon
There are more than 40 federal offenses for which the death penalty can be applied to human beings, most of them connected to homicide of one kind or another. But countless homicides committed by the artificial persons we call corporations go unpunished every day. Apparently "personal responsibility applies only to humans who are not operating behind the legal shield of corporate personhood. - Continue Reading
He Said It, So It Must Be True!!!
Add the above video to your page
Copy and Paste the following code between <body> and </body> on your main page:
<p align="center">
<object type="video/quicktime" width="400" height="325" data="http://www.flyingsnail.com/images/hesaidit.mov">
<param name="movie" value="http://www.flyingsnail.com/images/hesaidit.mov" />
<param name="autoplay" value="false" />
<param name="controller" value="true" />
</object>
</p>
Closing Argument
Drop Dead ~ Telecom Crimes ~ Patriot Act ~ Denialist ~ Are you better off?
Alan Shore: When the weapons of mass destruction thing turned out to be not true, I expected the American people to rise up. Ha! They didn't.
Then, when the Abu Ghraib torture thing surfaced and it was revealed that our government participated in rendition, a practice where we kidnap people and turn them over to regimes who specialize in torture, I was sure then the American people would be heard from. We stood mute.
Then came the news that we jailed thousands of so-called terrorists suspects, locked them up without the right to a trial or even the right to confront their accusers. Certainly, we would never stand for that. We did.
And now, it's been discovered the executive branch has been conducting massive, illegal, domestic surveillance on its own citizens. You and me. And I at least consoled myself that finally, finally the American people will have had enough. Evidentially, we haven't.
In fact, if the people of this country have spoken, the message is we're okay with it all. Torture, warrantless search and seizure, illegal wiretapping's, prison without a fair trial - or any trial, war on false pretenses. We, as a citizenry, are apparently not offended.
There are no demonstrations on college campuses. In fact, there's no clear indication that young people seem to notice.
Well, Melissa Hughes noticed. Now, you might think, instead of withholding her taxes, she could have protested the old fashioned way. Made a placard and demonstrated at a Presidential or Vice-Presidential appearance, but we've lost the right to that as well. The Secret Service can now declare free speech zones to contain, control and, in effect, criminalize protest.
Stop for a second and try to fathom that.
At a presidential rally, parade or appearance, if you have on a supportive t-shirt, you can be there. If you are wearing or carrying something in protest, you can be removed.
This, in the United States of America. This in the United States of America. Is Melissa Hughes the only one embarrassed?
*Alan sits down abruptly in the witness chair next to the judge*
Judge Robert Sanders: Mr. Shore. That's a chair for witnesses only.
Alan: Really long speeches make me so tired sometimes.
Judge Robert Sanders: Please get out of the chair.
Alan: Actually, I'm sick and tired.
Judge Robert Sanders: Get out of the chair!
Alan: And what I'm most sick and tired of is how every time somebody disagrees with how the government is running things, he or she is labeled un American.
U.S. Attorney Jonathan Shapiro: Evidentially, it's speech time.
Alan: And speech in this country is free, you hack! Free for me, free for you. Free for Melissa Hughes to stand up to her government and say "Stick it"!
U.S. Attorney Jonathan Shapiro: Objection!
Alan: I object to government abusing its power to squash the constitutional freedoms of its citizenry. And, God forbid, anybody challenge it. They're smeared as being a heretic. Melissa Hughes is an American. Melissa Hughes is an American. Melissa Hughes is an American!
Judge Robert Sanders: Mr. Shore. Unless you have anything new and fresh to say, please sit down. You've breached the decorum of my courtroom with all this hooting.
Alan: Last night, I went to bed with a book. Not as much fun as a 29 year old, but the book contained a speech by Adlai Stevenson. The year was 1952. He said, "The tragedy of our day is the climate of fear in which we live and fear breeds repression. Too often, sinister threats to the Bill of Rights, to freedom of the mind are concealed under the patriotic cloak of anti-Communism."
Today, it's the cloak of anti-terrorism. Stevenson also remarked, "It's far easier to fight for principles than to live up to them."
I know we are all afraid, but the Bill of Rights - we have to live up to that. We simply must. That's all Melissa Hughes was trying to say. She was speaking for you. I would ask you now to go back to that room and speak for her. ~ Boston Legal ~ Stick It ~ Season 2 ~ Episode 19 ~ [Video at link] ~ Written by David E. Kelley & Janet Leahy ~ Directed by Adam Arkin.
One Can Lead A Horse To Water, But ....
Until there is a solution for this, where one solution has been provided, Nobody will bring Peace to Our Times, feed the hungry, care for the sick, and bake apple pie better than Mom. (otoh) If None of the Above was on voter ballots, it would be a huge step towards recovering U.S. political control, and Nobody gets it.
American Dream ~ George Carlin/L.I.L.T ~ http://vimeo.com/72719973
NONE OF THE ABOVE = Should Be A Choice On Voter Ballots
