Motivation & Examples

Snowden on Governments and Information Security 2014

Each time you pick up the phone, dial a number, write an email, make a purchase, travel on the bus carrying a cellphone, swipe a card somewhere, you leave a trace – and the government has decided that it’s a good idea to collect it all, everything. Even if you’ve never been suspected of any crime.

Edward Snowden, Interview with Hubert Siebel (NDR/ARD), 2014-01-22.

Source: Snowden's website

What are the issues: Some Problems

Why should you care?

  1. Protect yourself, your information, your sources
    • Your account could be hacked, and all your information deleted
    • Your communication with sources could be monitored
  2. Learn about it, in case you really need it
    • When Greenwald was first contacted by Snowden, there was some delay because Greenwald did not have the required software and expertise
  3. Network effect: The more people use it, the more useful
    • For example, the "Signal" app allows you to make free, encrypted calls -- but only to other people that have it installed!
  4. Make it normal, rather than a "red flag"
    • The rumor is that the NSA records ALL encrypted communication it encounters

Also see this TED talk: "Why Privacy Matters", by Glenn Greenwald

What are the issues: Some Examples

GCHQ captured emails of journalists from top international media. Snowden files reveal emails of BBC, NY Times and more. Agency includes investigative journalists on ‘threat’ list.

Source: The Guardian

The US Justice Department is scooping up data from thousands of mobile phones through devices deployed on airplanes that mimic cellphone towers, a high-tech hunt for criminal suspects that is snagging a large number of innocent Americans [..].

Source: WSJ

[Hackers linked to North Korea?] penetrated Sony’s systems, shut down its networks and put the studio’s films online for free. [Possibly] to destroy systems rather than just steal data

Source: Bloomberg Source: BusinessWeek

There do not appear to be any legal restrictions on what the NSA can do with the communications of non-U.S. persons. Since a substantial fraction of the world’s Internet data passes through the United States, or its allies, the U.S. has the ability to observe and record the communications of much of the world’s population.

Source: ProPublica

Hackers used luxury hotel Wi-Fi to steal business executive's data [...] across Japan, China, and Russia.

Source: The Guardian

British agents spied on Yahoo users' 'intimate' webcam images, Snowden files reveal.

Source: The Independent

Snowden only wanted to communicate securely using PGP encryption, for which Greenwald didn’t have the proper software installed [...] Greenwald didn't know what his would-be source had (or didn't have) and continued to prioritize other stories instead.

Source: HuffPo

Some senior executives have been duped into clicking on links sent from the accounts of longtime clients, in which the supposed client reveals that they found an employee’s negative comments about the executive in an investment forum. [...] the links or attachments redirect their victim to a fake email login page, designed to steal the victim’s credentials, so that the attacker can log into and read the contents of their emails.

Source: NY Times

Whisper app tracks ‘secret’ users. [...] Whisper was sharing user information with a suicide prevention study run by the Pentagon, based on smartphones the social media app can pinpoint to military bases.

Source: The Guardian

The powerful and famous -- from Oliver North back in 1987 to Anthony Weiner in 2011 -- have been brought down by e-mails, texts, tweets and posts they thought private.

Source: CNN

[T]he NSA can eavesdrop on most of the world's cell phone networks, and [...] it tracks location data. [...] [A company] sells a system that can "locate and track any phone number in the world...undetected and unknown by the network, carrier, or the target."

Source: Bruce Schneier's Blog