snowden-manning-heros

Snowden-Manning Heros?

DISCLAIMER: I have no first hand knowledge of the NSA PRISM program.  This is just my personal opinion of Edward Swowden’s release of classified information and the impacts.

What is PRISM:

PRISM is the code name for the data collection program which was born out of the Protect America Act.

Recently Mr. Edward Snowden released classified information to the international media and fled the U.S.  He was working on the PRISM program and felt that the right thing to do was to tell U.S. citizens about their loss of privacy.

 snowden-manning-heros

snowden-manning-heros

SHH!! Don’t tell anybody this.. but privacy has BEEN gone if you are on Facebook, Google or any other social network.  These organization are storing our private data.  But what do these organizations do with that data?

  • Do they try to protect your data?
  • Do they sometime release it to third parties?
  • Can certain data you store on their system be used against you in a court of law?
  • All of the Above 🙂

Encrypt your data.  That is the only real way to have privacy to a trusted party.   Don’t use FB or Google for stuff you want hidden.

The Need for Some Sort of PRISM:

Spies get a very very bad rap lately.  Analysts are unsung heros.   It that world nothing is what it seems.  The media presents one side of everything.  You have to dig and cross reference to get facts.  Intelligence provides a proactive answer to security.  I am speaking from the perspective of someone who has done security defensively.  There is a need for gathering data within the U.S. infrastructure.  Once data is gathered, it can be correlated to detect patterns of potential threats.

So I think we MUST have something like PRISM (especially in the US) due to the exposure of our assets and the subsequent likelihood of attack. We have a high risk.  And the greatest risk is from INSIDERS (ironically enough PRISM cannot protect itself).

There are three main issues with the programs current setup:

1.  Lack of Oversight & Transparency: There seems to be very little transparency and  oversight that represents US citizens regarding privacy and controlling how far the government can go.  US Senators are led away from what is really going on.

2.  Total Information Awareness:  This system may be too DAMN powerful as far as what it is capable of.  In fact, it seems to be like using GOD Mode 24/7 to gather information.  Snowden mentioned that it can track ANY email.. is this on a whim?  does there need to be some sort of probable cause or “reason to believe” or is this left to the discretion of the guy with his finger on the button.. this leads to the next issue..

3. The Patriot Act II + Protect America Act =  Its too DAMN politically powerful.  This program has the legal backing to do anything with NO checks and balances.

Is SNOWDEN A HERO?

Would I call Snowden/Manning heros/martyrs?  I would not group Snowden with Manning.  The information that Snowden released (so far) is showing a the capability of NSA spying (something that was done by whistle blower William Binney in 2002).  PVT First Class Bradley Manning leaked a lot of war material that risked a lot of people’s lives:

videos of the July 12, 2007 Baghdad airstrike and the 2009 Granai airstrike in Afghanistan; 250,000 United States diplomatic cables; and 500,000 army reports that came to be known as the Iraq War logs and Afghan War logs. It was the largest set of restricted documents ever leaked to the public. — http://en.wikipedia.org/wiki/Bradley_Manning

The problem with this is that it actually endangered the lives of informants, and some people that were on the ground in Afghan/Iraq.  Manning fucked up big time.  Snowden is a hacktivist who will have to spend sometime in prison or in Iceland evading the US government unless the American public rallies to sway the politicians.

Whistleblower Protection:

My hope is that there is due care taken on this issue.  Because there is a real concern regarding the Constitution, Privacy and uncheck powers of the government.  If not, perhaps the next administration will take up the call of the people.  SarbanesOxley Act of 2002 has a Whistleblower Protection Act that would be helpful if such a law could apply to Snowden.  I am not so sure about that.

Transparency & Accountability

I know their needs to be transparency and accountability. But I think its naive to think that we should release all information on all classified data to the world as the Wikileaks crowd believes.  

Why?

Organizations & States have an obligation to maintain Confidentiality of critical data.

That means databases with witness protection programs must be kept Confidential, bank transactions must be protected..

Nations have some serious enemies (ESPECIALLY the US).  The US governments duty is to protect its people from those enemies (foreign or domestic).

Consider this:  Certain information on the physical/logical locations of weapons systems, pattens on lethal biochemicals, information on the capabilities of a nation are very effective tools in the hands of really bad people.

Its naive to think that opening up all classified data is going to set the world free.  I wish humanity was in a kinder, gentler situation.. but the reality is some crazy people want to kill as many people as possible.

Yes!  I agree that governments with unrestricted power can be MUCH more dangerous.  Some transparency with check and balances are necessary.

 

WAR OF INFORMATION

The post modern war conflict is a fight over ideology. Its less about my nation versus your nation and more and more about belief systems.  

RIGHT NOW there is someone with the intent to kill as many people as possible.  With the capability and opportunity they would strike.  There IS an enemy and they are anywhere and everywhere.  You can no longer point at a map and say “All these people are my enemy.”

Now there is an enemy willing to kill you over what you believe, what you represent and what they think you are.  And more than likely, THEY are living in your city.   Who are “THEY”?

Figuring out who THEY are.. is where data mining and correlation comes in.

The threat-source can be from ANY country, race, creed, or religious faction. They are more and more likely to have a citizenship in your country for the sake of having free reign to make the most damage on the most people that represent what they seek to destroy.

Its sounds crazy until a bomb goes off in the middle of a Boston Marathon with the attackers on their way to Time Square.  Luckily, there was surveillance to help deter further killings.

How do we fight against these threats?
Threats can be detected via patterns within information.

Solution:  The government should allow the program manager of the system to explain why its necessary, provide proof of its usefulness.  Limit the use and extent of PRISMs power.

I hope the president will listen to the Internet community on this.  I hope that some political party will hear the cries of thousands of potential constituents then take an intelligent look at the public’s concerns.  Realistically, the American public voted on the reps that backed the laws that created this system.  They accepted it by proxy.  But the shock is from the alleged reach of this program.  Its too bad it took Snowden is risking years away from home and possibly prison for the US to wake up and start talking about something that was leaked years ago.

Google to Provide the World’s Social Network

Google is no Joke!!

Google+ seems to bring everything together. All Google’s products and services are being reigned in the the power of +You.

For example, if you use Googles Picasa, Google+ enhances the service by fully integrating the content of Picasa into the their social network. If you use Android, you’ll be able to take a picture, load it into Picasa, then make it available to your “Circle” in Google+. The name Picasa supposedly changing to Google Photos but for now its just a rumor.

Other fully integrated services and products include (but are not limited to): Gmail & Youtube.

Facebook has some major competition brewing!

google plus infiltration.. i mean invitation

I am trying to infiltrate google’s newest project!!

Google is getting into facebook’s swimlane.. again.

They tried with Google Wave and Google Buzz and now they have a new secret weapon… google+.
You have experienced their incredibly useful tools displayed

We “google” everything. Their tools are a household name as handy as any appliance in our homes. The tabs on the google page are etched in our minds: Web | Images | Video | Maps | News | Shopping .. etc

Google+ will add “YOU” to the tab. This will allow us to completely personalize and compartmentalize our contacts. One of the weakness’ of Facebook is its clumsy means sharing information. For example, when you accept a friend they are automatically able to shared all the data you put up. You can group friends into groups, but it is not transparent. Google Circles will hopefully fix that. From the horses mouth: Circles will be “The easiest way to share some things with college buddies, others with your parents, and almost nothing with your boss.”

Other tools in the YOU tab will include:
Hangout:
Let friends know you’re free for a video hangout, any time, anywhere. Then catch up, watch YouTube, or… just hangout.

Sparks:
A feed of just the stuff you’re really into, so when you’re free, there’s always something waiting to be watched, read, or shared.

Huddle:
Texting is great, but not when youre trying to get six different people to decide on a movie. Huddle turns all those different conversations into one simple group chat, so everyone gets on the same page all at once. Your thumbs will thank you.

Instant Upload:
Taking photos is fun. Sharing photos is fun. Getting photos off your phone is pretty much the opposite of fun. With Instant Upload, your photos and videos upload themselves automatically, to a private album on Google+. All you have to do is decide who to share them with.

For more info on google Plus check them out here
http://www.google.com/intl/en/+/demo/

I hope it does well 🙂

7/7/2011, 1am: I am in Google+. My access is very very limited and I cannot invite yet, but so far I must say LOL.. its beautiful.
Google is really doing it right. Facebook, Microsoft and others will have to follow their lead on this one. Wow!!!



google’s Safe Browsing Alerts

The all seeing eye of Google is upon Safe browsing and and alerts for your network. I think this is proof that Google is not “evil” as some say. Some believe that Google is “evil” just because they want to organize all of the worlds data. To this I say, “stop, hatin’!”

Google has taken steps toward protecting is users from malware and phishing attacks by alerting webmasters of malicious content and bad URLs.

Now Google offers a service for Network Administartors that allows system owners to receive early notifications for malicious content on their network. Its called “Google Safe Browsing Alerts“. As an example of how powerful this can be, imagine an Internet Service Provider have such a service.

I can already hear the “nayers of google” crying, “what about the privacy of the networks and your users?” To this I say, “SHUT THE HELL UP!” Google loves you. Google died for your sins. Repent, for the kingdom of Google is at hand.
http://safebrowsingalerts.googlelabs.com/

That is all.

http://googleonlinesecurity.blogspot.com/2010/09/safe-browsing-alerts-for-network.html

Evil Plug-ins

I love plug-ins! I love them on Firefox, WordPress, Dreamweaver and now on Chrome. It has crossed my mind that some of these plug-ins could be created and distributed by very smart people with criminal or mischievous intent. But the reality of bad plug-ins didn’t hit me until I noticed a link on digg.com about Stealing Logins using Google Chrome Extensions. I am no programmer but understand enough to see how cleaver it is.

Basically, someone creates a innocent looking extension or plug-in, they distribute it and the innocent looking plug-in/extension sends your personal information to where ever.

How can a person avoid this?! I guess the safest way would be to not use ANY plug-ins and extensions.. but that is over kill.
I know that I am pretty paranoid about WordPress extensions/plug-ins but the open source community is pretty good about peer reviewing, testing and reviewing some of the more popular plug-ins. When it comes to software I depend heavily on reviews of others who have used the product. If there are no reviews (even on forums or dev/plug-in sites), I usually consider the app to risky.

Sometimes what I do is try the app/extension/plug-in on a site/blog I don’t care as much about. In the case of browser plug-ins, I use a single trusted browser with minimal plug-ins to do important sensitive/personal transactions. Most of the stuff I do on the web does not require so much scrutiny.

Unfortunately, there is always a risk with plug-ins, apps, and extensions. All we can really do is manage the risk, by being careful and suspicious.

Thanks Mr. Grech for the knowledge.

I always feel like GOOGLE is watching meeee

If Google was woman I would make sweet passionate love to her. And she’d be a psycho-stalker.

I love Google, but it conflicts with my finely honed skill of not trusting. I use Google for just about everything knowing they have a dangerous amount of information about me and everything else readily available in a search friendly little package.

Google showed up as the most conspicuous tracker on third-party sites. Google Analytics, a free product that allows online publishers to gather statistics about visitors to their sites, was used on 81 of the top 100 sites. Cookies from the advertising company DoubleClick, which is owned by Google, were present on 70 of those sites. When combining trackers from those two services, Google had a presence on 92 of the top 100 sites. Others weren’t far behind. Cookies from Atlas, Microsoft’s DoubleClick rival, appeared on 60 sites, and trackers from two other analytics companies, Quantcast and Omniture, showed up on 54 sites.

Ny time

I still love Google and I still believe, perhaps foolishly, that they are not evil. Even so, one day I think Google will turn evil, not unlike any empire that has become too powerful. The culture of the company will change in a generation and a new dynasty will reign using personal information as a weapon rather than a useful tool for making better searching. I hope I am very, very wrong.

Encrypt ALL gmail traffic

Another great post from dmiessler:
Everyone loves Google. They want to be everything to everyone, and they’re getting pretty damn good at it. Once you start using their services it gets easier and easier to migrate more of your life to them. But there’s a slight problem.

Google, like any other legitimate service provider, encrypts login traffic, but not your content. So the moment you’re signed in they switch to plain-text communications and send everything to you in the open.

http://dmiessler.com/blogarchive/why-you-should-encrypt-all-of-your-google-activities-poc

Google Space

Google has an unorthodox style of business that continues to astound me. For one thing they started giving out 2 gigs of free space while Yahoo/MSN and others were still giving 250M and closing out accounts after 30 days of no activity. They also give 1gig of space for pictures with Picasa. Now they give 6gigs for hard drive space for a measily $20/year.

There were some rumors about them doing something called “gdrive” which would be an application that would use a bit a space on personal computer around the world. Genius! I can be quite secure too. I saw some technology built into the Sidewinder Firewall that effectively seperated every service in its own area of hard drive so that if that service was comprimised it would not do damage to the rest of the system.