An instructive story – Suppression, Conspiracy, Intrigue, Incredible, unfortunately True

This is a tale of three individuals focusing on the less known of the three, and her struggles with a country bent on suppressing information required of its citizens to participate in, direct, and obtain democracy. It would be quite a movie trailer or book sample text, yet perhaps too unbelievable.

Editor’s Note: The three most basic issues upon which all others depend are media reform, the rule of law, and election integrity. If I could waive a wand and magically choose just one, it would be media reform – with media reform election integrity and the rule of law would be possible and likely, without it election integrity is of little consequence. I spend my time on election integrity because the problems and workable solutions come naturally to me based on my knowledge, education, and experience.” Today, I would add a third basic issue upon which all others depend, the rule of law and not of people [or corporations. Two previous book reviews focus on the rule of law and media reform/freedom.

Highly recommended reading. New York Times magazine, yesterday: How Laura Poitras Helped Snowden Spill His Secrets <read>

This is a tale of three individuals Laura Poitras, Glenn Greenwald, and Edward Snowdon focusing on the less known of the three, Poitras, and her struggles with a country bent on suppressing information required of its citizens to participate in, direct, and obtain democracy. It would be quite a movie trailer or book sample text, yet perhaps too unbelievable. As reality it is deeply disturbing, a profound call to action. Well written and engaging we recommend reading the entire article.

Once again we are in agreement with a Hartford Icon:

“It’s no wonder that truth is stranger than fiction. Fiction has to make sense.” – Mark Twain

*******Update #1.The intimidation spreads to family and to the UK, Glenn Greenwald writes: Detaining my partner: a failed attempt at intimidation <read>

This is obviously a rather profound escalation of their attacks on the news-gathering process and journalism. It’s bad enough to prosecute and imprison sources. It’s worse still to imprison journalists who report the truth. But to start detaining the family members and loved ones of journalists is simply despotic. Even the Mafia had ethical rules against targeting the family members of people they felt threatened by. But the UK puppets and their owners in the US national security state obviously are unconstrained by even those minimal scruples.

If the UK and US governments believe that tactics like this are going to deter or intimidate us in any way from continuing to report aggressively on what these documents reveal, they are beyond deluded. If anything, it will have only the opposite effect: to embolden us even further. Beyond that, every time the US and UK governments show their true character to the world – when they prevent the Bolivian President’s plane from flying safely home, when they threaten journalists with prosecution, when they engage in behavior like what they did today – all they do is helpfully underscore why it’s so dangerous to allow them to exercise vast, unchecked spying power in the dark.

******** Update #2. Meanwhile a “journalist” by everyone’s definition but the media’s dishes it out but cannot take it: Assassination TIME: Sr. journalist ‘can’t wait’ to justify drone strike that will kill Assange <read>

We can fix this and improve election integrity

Verified Voting Recommendations to the Presidential Commission on Election Administration

Verified Voting Recommendations to the Presidential Commission on Election Administration <read>

Way back when, President Obama, observing the long lines on election night said, We need to fix this those problems. Resulting in two letters to the President from voting integrity advocates. Now his commission is meeting and it is time they considered appropriate, reasonable remedies. We emphasize several points in the Verified Voting recommendations:

Optical scan systems provide superior performance to DRE (Touch Screen) systems when it comes to capacity. We had long lines in Connecticut with optical scanners, yet the problem was not scanners it was insufficient check-in lines, resulting from inadequate planning by election officials, compounded by squabbling, coupled with a lack of action when the problem became apparent.
A call for more and better pollworker training. Here in Connecticut that should include more and better training of supervisors and registrars. It was not the pollworkers that caused the major problems here.
Outlining the risks of Internet voting. Sadly, next year, Connecticut will be added to the list of states allowing return of ballots over the Internet.
Optical scan and paper ballots need to be accompanied with adequate audits and recounts to achieve their promised value, provide integrity, provide confidence, and protect the democracy under “We the People”.

We can fix this and improve election integrity. Will we?

They know what you think and how your vote will be recorded

NY Review of Books has a article by James Bamford, a true expert on the NSA: They Know Much More Than You Think which ends with an insightful quote from the late Senator Frank Church, which we paraphrase for the coming of Internet voting to Connecticut.

NY Review of Books has a article by James Bamford, a true expert on the NSA: They Know Much More Than You Think <read> which ends with an insightful quote from the late Senator Frank Church, which we paraphrase for the coming of Internet voting to Connecticut:

That capability at any time could be turned around on the American people and no American would have any privacy left, such [is] the capability to monitor everything: telephone conversations, telegrams, [how you voted, what you think, what you said in your you youth, who you “paled around with”,] it doesn’t matter. There would be no place to hide. If this government ever became a tyranny, if a dictator ever took charge in this country, the technological capacity that the intelligence community has given the government could enable it to impose total tyranny, [elect their chosen candidates, pass/defeat initiatives, make you look bad, unpatriotic, untrustworthy,] or defeat the most careful effort to combine together in resistance to the government, no matter how privately it was done, is within the reach of the government to know. Such is the capability of this technology…. I don’t want to see this country ever go across the bridge. I know the capacity that is there to make tyranny total in America, and we must see to it that this agency and all agencies that possess this technology operate within the law and under proper supervision, [while avoiding reliance on technology that the government and others could use to compromise elections,] so that we never cross over that abyss. That is the abyss from which there is no return.

We add “first they came for the Military’s vote, then they came for my vote, but then there was no empowerment left to restore democracy”.

We recommend reading Bamford’s entire piece to understand what they can know about you, now or when they choose in the future, should you do something they would like to prevent by discrediting you or someone you know.

Student hijacks election, case highlights internet voting vulnerability

Another challenge for Secretary of the State Denise Merrill and the state Military Department in creating a safe online voting system for Connecticut. We would add that one of the key (pun intended) vulnerabilities in online voting is in the user id’s and passwords required for voting.

A former Cal State student was sentenced to one year in jail for hacking a student election, to gain positions which pay much better than most town council positions in Connecticut. Two excellent articles by Doug Chapin: Cautionary Tale: Student Gets Jail Time for Stealing Online School Election <read> and a follow-up by David Jefferson: <read>

The gist of the story from Chapin:

Technically, this isn’t the kind of election news I usually blog about (because it doesn’t involve a public election) but I thought it was worth sharing … From UTSanDiego:

A former Cal State San Marcos student who rigged a campus election by stealing nearly 750 student passwords to cast votes for himself and friends was sentenced Monday in federal court to a year in prison …Weaver, 22, of Huntington Beach was a third-year business student when he carried out the elaborate plan to win election as president of the school’s student council in March 2012. He pleaded guilty this year to three federal charges, including wire fraud and unauthorized access to a computer …

The plan to steal the election was months in the making.

On Weaver’s computer, authorities found a PowerPoint presentation from early 2012, proposing that he run for campus president and that four of his fraternity brothers run for the four vice president spots in the student government. The presentation noted that the president’s job came with an $8,000 stipend and the vice presidents each got a $7,000 stipend.

Weaver also had done a bit of research, with computer queries such as “how to rig an election” and “jail time for keylogger.”

A month before the election, Weaver purchased three keyloggers — small electronic devices that secretly record a computer user’s keystrokes [pictured above – ed.].

Authorities said Weaver installed keyloggers on 19 school computers, stole passwords from 745 students and cast ballots from the accounts of more than 630 of those victims.

The plot was discovered, however, when technicians spotted unusual activity on the last day of the election period:

Using remote access, technicians watched the computer user cast vote after vote. They also watched as the user logged into the account of a university official and read an email from a student complaining that the system would not let her vote.Weaver had already cast a ballot from the student’s account, which was why she couldn’t vote.

The techs called campus police, who found Weaver at the school computer. He had keyloggers with him and was arrested.

The student didn’t help himself when he engaged in an elaborate cover-up afterwards

Jefferson adds several cautionary concerns that the hacker could have been a bit smarter and been less likely to be caught or the hack discovered, and that a similar public election hack would have been more difficult to discover, concluding:

In the many debates on the subject of Internet voting it is important not to allow anyone to use this Cal State San Marcos student election experience to argue that online public elections can be made safe because those who would cast phony votes will be caught. Mr. Weaver’s actions were detected because he was voting from computers controlled by the university IT staff, and he was identified and caught because he was not even minimally technically skilled in the techniques that could have distanced him from the crime. In a high stakes public election we will not be so lucky.

What would we add?

We would add that one of the key (pun intended) vulnerabilities in online voting is in the user id’s and passwords required for voting.

What if Matthew Weaver had spent his time getting a job in the computer lab and obtained the list of passwords from a central server and then made some timely changes to alter logs of the ip addresses used for voting?

The now famous D.C. Hack among other things demonstrated that even outsiders have the possibility of gaining a list of voters and their passwords.

One of those pesky details that would confront Connecticut Secretary of the State, Denise Merrill and the Sswtate Military Department when they design a safe online voting system for Connecticut. If they choose web based voting, how in the age of Bradley Manning access can they insure that military computers and individuals’ computers are safe for internet voting? How can they assure that passwords sent through the mail arrive in time, to the intended recipient, and uncompromised?

1117=620 and other inaccuracies of NationalPopularVote.org

Although Every Vote Equal is touted as a 630 page book, a detail apparently unchanged from the original version, the fourth edition is now an increasingly redundant 1117 pages. Unfortunately, no matter to what lengths the authors go, it can never be enough to successfully defy logic and informed common sense. On the other hand I have to appreciate their work to use a small portion of that space in an effort to discredit yours truly.

This spring marked the fourth edition of Every Vote Equal, a large and expanding essay apparently aimed at convincing readers and book-lifters that the weight of evidence is on the side of passing the National Popular Vote Agreement/Compact.

I have yet to read the forth version, as reading every page of the third version was a tough enough slog. I will stick with the movie going forward. But one of the authors had promised that my myths about the Compact would be refuted in this version. So I hunted and found only one reference, taking a half a page or so, starting on page 582. It claimed to refute a statement in an old blog post:

In an article entitled “Lawmakers Seek to Change Presidential Elections to Make Them More Risky, Reduce Confidence,” Luther Weeks of Connecticut says:

“There is no official national popular vote number complied and certified nationally that can be used to officially and accurately determine the winner in any reasonably close election.” [Emphasis added(by Every Vote Equal)]
Of course, the vote counts recorded on the states’ Certificates of Ascertainment are used under the current system to award electoral votes. Moreover, these vote counts are considered “official” enough and “accurate” enough to elect the President of the United States under the current system.

In particular, the 537-vote lead (out of 5,963,110 votes) recorded on Florida’s Certificate of Ascertainment in 2000 was considered “official” enough and “accurate” enough to elect a President. One wonders why Weeks thinks that these state-produced Certificates of Ascertainment (and the legal process behind the “final determinations” reported in these certificates) would suddenly become “more risky” if used to elect a President under the National Popular Vote compact. Why would they suddenly “reduce confidence?”

Superficially, it sounds like they have done the job. But they have not. Let me point out a couple of things they missed or overlooked.

I was not saying that their was not a “popular vote number complied and certified nationally”. I am of course, aware of the Certificates of Ascertainment.
I was implying it is not true that the Certificates “can be used to officially and accurately determine the winner”. I am sticking by that.
I also did not say that “Certificates of Ascertainment are used under the current system to award electoral votes.” I said they could not be used under the Compact to determine the winner.

Several times after my original statement was made, I refuted their contention in blog debates. I also changed what I was saying to make by contention clearer by adding two words, “in time”. For instance, here is my testimony to the Connecticut Legislature in 2011 and again in this year in 2013. I said pretty much the same thing both times:

Fact or Myth?

There is no official national popular vote number compiled in time, such that it could be used to officially and accurately determine the winner in any close election.

According to NationalPopularVote.org:

20.1 MYTH: There is no official count of the national popular vote.

It is sometimes asserted that there is no official national vote count for President and, therefore, the National Popular Vote bill would be impossible to implement. Contrary to this assertion, existing federal law (section 6 of Title 3 of the United States Code) requires that an official count of the popular vote from each state be certified and sent to various federal officials in the form of a “certificate of ascertainment…

Reality:

Yes: There is an official, unaudited, national popular vote number which can be determined by examining data posted by the federal government at: http://www.archives.gov/federal-register/electoral-college

Reality: The number is not compiled and available in time, such that states could use the number to determine, under the Compact, how to allocate their electoral votes. Looking at the details for 2008,
http://www.archives.gov/federal-register/electoral-college/state_responsibilities.html#vote2
We find:

States must prepare a Certificate of Ascertainment listing electors and the votes that they received: “The original Certificate and two certified copies (or duplicate originals) should be sent to the Archivist as soon as possible after the November 4 election results are finalized. At the very latest, they must be received by the electors on the statutory deadline of December 15, 2008 and submitted to the Archivist no later than December 16, 2008.”

“On the first Monday after the second Wednesday in December (December 15, 2008), the electors meet in their respective States. Federal law does not permit the States to choose an alternate date for the meeting of electors – it must be held on December 15, 2008… At this meeting, the electors cast their votes for President and Vice President.”

Since states are not required to submit electors and their official unaudited vote totals to the Archivist until December 16^th, the national popular vote number obviouisly could not be guaranteed to be available on December 15^th. And since the Certificate cannot be created until after the electors of a state have voted, the final official unaudited national popular number could not be official until all states electors have already voted. But wait…

“Any controversy or contest concerning the appointment of electors must be decided under State law at least six days prior to the meeting of the electors.”

So, each state must actually appoint its electors six (6) days before they must meet and vote which is seven (7) days before each state is required to send the state’s official unaudited popular vote numbers to Washington. But wait…

“The statutory deadline for the designated Federal and State officials to receive the electoral votes is December 24, 2008. Because of the very short time between the meetings of the electors in the States on December 15 and the December 24 statutory deadline, followed closely by the counting of electoral votes in Congress on January 6, 2009, it is imperative that the Certificates be mailed as soon as possible.”

So, the real deadline for each state’s popular vote number arriving in Washington, would be nine (9) days after the vote for electors, and fifteen (15) days after electors have to be deterimed. Presumably some time is also needed to accurately post that information so that the official, unaudited numbers would be available for state officials to review.

Let me suggest reading the other myths and arguments in the 2013 testimony for more of what Every Vote Equal chose not to even attempt to discredit.

Common Sense: Why should audits be Independent?

Why do we need independent audits for elections just as we have for other business and government functions?

Note: This is the seventh post in an occasional series on Common Sense Election Integrity, summarizing, updating, and expanding on many previous posts covering election integrity, focused on Connecticut. <previous> <next>

In the last few weeks, since the revelations of Edward Snowdon, we have seen the limits of Congressional “Oversight”, when a small number of legislators have access to the “facts” of the implementation of the Patriot Act, FISA, and NSA. But these facts seem to be “we assure you we are not doing anything wrong”, “our warrants are reviewed by a Court (with the facts of the warrants being secret, and the Court apparently rubber stamping every proposed warrant)” etc.

This situation is not much different from audits that lack independence. One of the requirements of the Principles and Best Practices for Post-Election Audits is Independent Audits.

The authority and regulation of post-election audits should be independent of officials who conduct the elections. The actual work of post-election audits may be best performed by the officials who conduct the elections and their designees.

a. The independence of authority and regulation may be satisfied from resources inside or outside state government.

b. The actual work of post-election audits—i.e. the handling and counting of ballots and reporting the results—may be best performed by the officials who conduct the elections.

We do not find that Connecticut’s Post-Election Audits meet that criteria, since the authority and regulation of our audits are under the control of the Secretary of the State who is also the Chief Elections Official and responsible for selection and approval of election equipment in the State. What we have seen from Official Post-Elecction Audit reports is the dismissal of all differences between audit counts and machine counts as “human error”, largely without investigation. An independent audit should be expected to provide a thorough investigation of questionable results, rather than providing excuses.

We do not audit our own taxes and send the results in to the IRS. They audit our taxes and expect us to be able to justify random items. The IRS does not attribute differences in their information or calculations to their own counting errors! Similarly businesses often have internal independent auditors and external independent auditors to protect the interests of the shareholders. It does not always work but it often does. Given human nature, we could hardly expect non-independent auditors to approach being equally effective.

Other areas of government conduct independent audits often uncovering serious problems, like recent internal audits in the City of Hartford: <read>

The audit, by Chief Auditor H. Patrick Campbell for the city’s Internal Audit Commission, focused on the revenue management unit of the city finance department, which is responsible for the oversight of general fund revenue due the city, about $550 million this year. The auditors found a number of problems, including:

• Poor control of lease agreements, rental properties and other revenue-producing arrangements. For example, one city parking lease had not been renegotiated since 2000, for reasons that are unclear, the auditors report.

Lease issues are troubling because they were identified in an earlier audit, which supposedly spurred corrective action. The position of asset manager was created to oversee and manage leases, and a lease, licensing and contract database was to be created.

In this review, the auditors discovered that the asset manager position was eliminated and the database was never completed. Eliminating positions that bring in revenue is eating the seed corn.

• 151 bounced checks totaling more than $392,000. More than half of these checks had not been followed up and resolved. Nor was it clear whether late or insufficient-fund fees were being charged. Many fees and charges are handled by individual departments; the auditors recommend they be centralized. You can’t have people bouncing checks at city hall and getting away with it.

• Missing documentation. The department is supposed to keep track of actual vs. budgeted revenues, to determine what might be causing any discrepancies. The finance department did reviews, apparently, but “documentation to support the reviews and follow-up performed is not maintained on file,” the auditors wrote.

Another example comes form the Connecticut Office of State Ethics audit of Statements of Financial Interests filed by state legislators and other officials.<read> It serves as an example of a positive report, yet finds exceptions, and areas for improvement.

Would we really expect a report as critical as the one in Hartford if it was done by the managers and staff of the department making these significant errors? Would we expect legislators and employees to correctly evaluate and report on the accuracy of their own disclosure statements? Would we trust the results of a positive report written by the individuals involved? Would we expect them to find the suggestions for improvement?

That is why we need independent audits for elections just as we have for other business and government functions.

But when it comes to elections, are independent audits sufficient? Not really. We need public transparency and verifiability as well. The subject of a future post.

4th of July Reading

“The right to vote… is the primary right by which other rights are protected” – Thomas Paine

This weekend is a great time to [re-]read the Declaration of Independence. We find it very inspiring to read it sometime around the 4th of July each year. As we have discussed before, some believe that the right to vote is more fundamental than the Constitution. Here is a link to a copy for your reading <Declaration of Independence>

The Declaration of Independence asserts our rights to determine and change our form of government – without voting integrity we lose that most fundamental of rights.

“The right to vote… is the primary right by which other rights are protected” – Thomas Paine

A Positive Note: There is much we can do to improve elections

Looking over our recent posts, they are focused on warnings about risky ideas proposed in the Connecticut Legislature and risks to our elections nationwide from cyber attack and actual absentee ballot fraud, often from insiders. We want to remind readers of the many positive improvements that can be made in elections in Connecticut and nationwide.

As the General Assembly was heading for the season of considering bills by the Senate and House we made our recommendations on a raft of election bills, several of which we recommend be passed:

Committee Approves 39 Bills In Last Meeting

Bills Approved Earlier by the GAE Committe

Then responding to President Obama’s suggestion that “we can fix that” we suggested several suggestions for national voting integrity, Connecticut voting integrity, and for improving elections beyond integrity:

Basic and Bold Steps To Improve Connecticut Elections

Basic and Bold Steps To Improve U.S. Elections

Bold Steps Beyond Integrity To Improve U.S. Elections

With other advocates, we helped create and signed on to two letters to the President taking him up on his challenge.

Mr. President: Improve voting, shorten lines with optical scanning. Avoid the risks of Internet Voting

We recognize that things move slowly in Washington and in Connecticut. But they move, not always in the best direction. So we will be back encouraging the General Assembly in the direction of positive reform next year. And in the meantime watching and reporting on election integrity here in Connecticut.

U.S. says it will not export tools to interfere in politics

Even the cicadas must know by now that the U.S. is engaged in massive collection of data on phone calls, emails, web access, and banking transactions. Those who a week ago were criticized as ‘conspiracy theorists’ for claiming the Government had such massive secret spying programs will now be criticized as ‘naive’ for not knowing this was going on all along. What more can we say? What can we add that has relevance to elections and election integrity?

Today, there are two articles, an op-ed, and an engaging cartoon in the New York Times:

U.S. Helps Allies Trying To Battle Iranian Hackers <read>
How The U.S. Delved Deeper Via Technology <read>
Your Smartphone is Watching You <read>
The Strip: Secret Agent Smartphone <read>

Restating the Obvious

Internet voting is unsafe and not guaranteed to be secret. Our voting is most vulnerable to insiders.

Iranian, Chinese, or Al Qaeda hackers attempting to compromize a U.S. election have a more difficult job changing votes.
Foreign and outsider efforts are likely to be detected if they change votes or disrupt a Federal election – detected and reversed or mitigated.
I really don’t care if foreign governments or terrorists know who I voted for, not sure they care, few would be intimidated by their potential to find out.
But insiders are are another matter. They have an easier job. Their legitimate access and sanctioned unconstitutional or illegal access is less likely to be detected or prosecuted.

We can only suggest that anyone who trusts politicians and other insiders to never use every tool available, or trusts that Internet voting is somehow immune from compromise has a serious case of cognitive dissonance. Unfortunately, when it comes to Internet voting that virus has infected our entire state Legislature. While we are pleased that Connecticut’s entire Congressional Delegation have expressed concerns with the NSA spying, we doubt that they are convinced that Internet voting is unsafe.

Thanks For Small Assurances

In the 1st article, we learn:

Officials pledge that computer hardware and software eventually provided to allied nations will be evaluated to avoid providing the type of defensive systems that also can be used for domestic surveillance or to punish political opponents.

We find nothing particularly surprising in this statement. Yet, for ‘naive’ readers, let me regain the skeptical mantle of ‘conspiracy theorist’ by pointing out:

This assurance is presumably given by some of those same “officials” who until a few days ago claimed that the U.S. does not have these secret spying programs, that now claim that they are not a big deal, yet hid their existence and still hide the questionable legal justifications.
I’d love to see how systems that allow foreign surveillance can be released that cannot be used for domestic surveillance. For the technically challenged, consider that Saudi Arabia could ‘rendition’ its domestic spying or political manipulation to Japan or South Korea in return for a bit of oil.
Are we saving the software that allows domestic surveillance and punishing opponents for our own domestic use?
Since it is not mentioned, are we exporting software that could manipulate election results?
Would a country that would work to overthrow foreign leaders through a coup, and openly work to change election results, hesitate to punish foreign politicians, or manipulate foreign election results? (Hint e.g.: Google “Chavez Coup CIA”)
Would insiders from top leaders, to individuals with the keys to the kingdom, hesitate to manipulate U.S. elections?

Once again, those who would call this farfetched have little knowledge of U.S. History and the fallibility of human nature. Our Democracy was designed to defeat human nature with checks and balances, with the bill of rights, including transparency, individual privacy, and a subsidized free press.

What Can They Know And How Can They Use It?

The op-ed provides a chilling summary, including:

It is at least possible to participate in online culture while limiting this horizontal, peer – to – peer exposure. But it is practically impossible to protect your privacy vertically — from the service providers and social media networks and now security agencies that have access to your every click and text and e – mail. Even the powerful can’t cover their tracks, as David Petraeus discovered. In the surveillance state, everybody know s you’re a dog.

And every looming technological breakthrough, from Google Glass to driverless cars, promises to make our every move and download a little easier to track. Already, Silicon Valley big shots tend to talk about privacy in roughly the same paternalist language favored by government spokesmen. “If you have something that you don’t want anyone to know,” Google’s Eric Schmidt told an interviewer in 2009, “maybe you shouldn’t be doing it in the first place.”

The problem is that we have only one ma jor point of reference when we debate what these trends might mean: the 20th – century totalitarian police state, whose every intrusion on privacy was in the service of tyrannical one – party rule. That model is useful for teasing out how authoritarian regimes will try to harness the Internet’s surveillance capabilities, but America isn’t about to turn into East Germany with Facebook pages.

For us, the age of surveillance is more likely to drift toward what Alexis de Tocqueville described as “soft despotism” o r what the Forbes columnist James Poulos has dubbed “the pink police state.” Our government will enjoy extraordinary, potentially tyrannical powers, but most citizens will be monitored without feeling persecuted or coerced.

So instead of a climate of pervasive fear, there will be a chilling effect at the margins of political discourse, mostly affecting groups and opinions considered disreputable already. Instead of a top – down program of political repression, there will be a more haphazard pattern of politically motivated, Big Data – enabled abuses. (Think of the recent I.R.S. scandals, but with damaging personal information being leaked instead of donor lists.) In this atmosphere, radicalism and protest will seem riskier..

The second article some chilling details:

Accompanying that explosive growth has been rapid progress in the ability to sift through the information. When separate streams of data are integrated into large databases — matching, for example, time and location data from cellphones with credit card purchases or E – ZPass use — intelligence analysts are given a mosaic of a person’s life that would never be available from simply listening to their conversations. Just four data points about the location and time of a mobile phone call, a study published in Nature found, make it possible to identify the caller 95 percent of the time…

Industry experts say that intelligence and law enforcement agencies also use a new technology, known as trilaterization, that allows tracking of an individual’s location, moment to moment. The data, obtained from cellphone towers, can track the altitude of a person, down to the specific floor in a building. There is even software that exploits the cellphone data seeking to predict a person’s most likely route. “It is extreme Big Brother,” said Alex Fielding, an expert in networking and data centers…

So,

They can find every candidate we have contributed to. Every email we have sent. Pretty much every event, protest, or meeting we have attended.
Every ‘conspiracy theory’ we have believed or investigated along with ‘naive’ views we have held, every contradictory statement, and link us to others with all sorts of views we may or may not agree with.
Every donation, medical condition, every mistake, or misstatement we have ever made.
Bad enough that they will know every Facebook post and every (sort of) public statement, but also anything written or said candidly, casually, or unthinkingly.
Are we sure that potential employers or potential friends or allies will not find this information or be given that information to harm us or them?

GMO Danger: CALEA II (Government Modified Operating system)

Last week a group of computer security experts issued a warning about a proposed expansion of government spying know as CALEA II (Communications Assistance For Law Enforcement Assistance) being considered for “wire” tap expansion.

The report if anything understates the risks. Further, if you believe that, in general, government can be incompetent, that makes this plan even less effective and more risky.

Abstract: The U.S. government is proposing to expand wiretap design laws broadly to Internet services , including voice over Internet protocol (VoIP) services and other peer – to – peer tools that allow communications in real – time directly between individuals. This report explains how mandating wiretap capabilities in endpoints poses serious security risks. Requiring software vendors to build intercept functionality into their products is unwise and will be ineffective, with the result being serious consequences for the economic well – being and national security of the United States

This is serious. The report if anything understates the risks. To me, this crux of the problem is summarized by the dangers to operating system end points:

All networks, software , and communication tools that support “lawful intercept” include features that are designed to breach the confidentiality of communications without detection by any party involved in the communication . When parties communicate using services with such features , there is a n increased likelihood that an unauthorized and/or malicious adversary with the right technical knowledge and access to the system could capture communications contents without detection. The general nature of CALEA – style mandates and the necessarily clandestine nature of intercept mechanisms increase security risks further.

The cleverest and most dangerous cyber – attackers are those who are able to not only compromise a system but also to evade detection. T hat is also precisely the objective of a government surveillance solution: to compromise communications without detection. W e know that communications networks and services are increasingly the subject of exploitation , often because of unintended and not very well – hidden vulnerabilities . Wiretap capabilities can be uniquely dangerous precisely because they are developed to be hidden, both in design and in application. Wiretaps are designed to be kept secret from both the parties involved in the communication and also from anyone else that does not have a “need to know” in order to execute the tap (including employees of the service provider who are on the alert for system compromises) . This requirement for obscurity increases the security risks further because it increases the possibility that a malicious communications intercept could be effectuated with low risk of discovery…

Furthermore, for the many products that are open source, it will be trivial for someone to build and redistribute software without the monitoring capability. This sort of “fork” is not exceptional, but rather common. The nature of Open Source software is that people take it, make small modifications, and redistribute. To provide two especially relevant examples, Iron is a fork of Google Chrome that focuses on improved privacy , and the Tor Project maintains its own version of Firefox that is designed to allow private anonymous communications on the Internet under extremely adversarial conditions, such as dissident users in Iran or China. If U.S. software vendors are forced to introduce wiretap capability , it seems certain that there will be non – U.S. forks of popular7open source communications packages that do not allow such access. Moreover, this likelihood of non – compliant forks being developed is not limited to open source software, but also potentially relevant to proprietary, closed – source products , albeit with more effort by the fork’s developers . For instance, just as it is possible to “jailbreak” proprietary phone operating system software by downloading a program that “tweaks” the software, disabling monitoring capability in wiretap – modified software may be as easy as clicking a link and running a small program that can disable intercept functionality.

It is important to understand that because these systems are built on open standards, modified software without lawful intercept capability will be able to interoperate with systems with the intercept capability and with unmodified systems. To take an extreme example, say that all U.S. – made Web browsers support CALEA II, thus allowing wiretapping of any WebRTC session. Two users who desire unmonitorable communications need only download secure foreign – made versions of one of the major browsers and they can make secure calls using exactly the same infrastructure as those that must use compliant versions . We should expect that any user who is concerned about monitoring — including many potential monitoring targets — would obtain and use a n unmonitorable version of a given product or service . Ironically, then, potential terrorists may easily be able to u se stronger security than the U.S. government, which is less likely to install non – U.S. forks of these programs.

So,

The bad guys and all of us good guys can easily find ways of defeating the risk of compromise.
But how many of us can be sure those safe versions actually are safe? They could block the government and open up our communications to others instead. Or maybe its just another trick version from the U.S.
But the government and perhaps most businesses regulated by business would likely be required to not protective actions
This would be a great tool for interfering with the electric grid, nuclear power plants, the communications grid, etc.
How about insider trading? A great tool for learning all sorts of information which will effect interest rates, stock, or commodity prices.

If you believe that, in general, government can be incompetent, that makes this plan even less effective and more risky.