There is a growing dissatisfaction with software and hardware vendors who believe that licensing their intellectual property grants them an almost unlimited right to monitor your activities and behaviors in the guise of providing a better user experience and fixing problems. And, beyond monitoring, the right to “push” software updates to your system without fully disclosing the content of these updates and/or enhancements. We are not speaking of companies providing free or discounted hardware or software in exchange for aggregating and selling your information to advertisers for targeted and responsive advertising because that is a knowing bargain that you have accepted. We are speaking of those who do not make their data uploads and downloads transparent and controllable by the system’s user.

Since we are now seeing an exponential increase in government snooping, both authorized and unauthorized, the following story is of the utmost interest to those who want to keep their personal and professional information confidential … 

Now FBI wants back door to all software -- But leading security experts say strategy would help enemies

The FBI is unhappy that there are communications technologies that it cannot intercept and wants to require that software makers and communications companies create a back door so they can listen in when they desire. But a team of technology experts warns the move would hand over to the nation’s enemies abilities they are not capable of developing for themselves.

The Washington Post reported the issue is being raised by the FBI because “there is currently no way to wiretap some of these communications methods easily, and companies effectively.” The solution, according to the FBI, is to fine companies when they fail to comply with wiretap orders, essentially requiring all companies to build a back door for wiretap capabilities into all their communications links.

“The FBI’s desire to expand CALEA mandates amounts to developing for our adversaries capabilities that they may not have the competence, access, or resources to develop on their own,” the report said. CALEA is the Communications Assistance for Law Enforcement Act, which already requires some electronic surveillance possibilities. It’s the plan the FBI wants to expand to all digital forms of communication, including Skype and VoIP services.

The London Daily Mail recently reported that those technologies are hard to track because they convert analogue audio signals into digital data packets, which would have to be retrieved and reassembled. The team of experts said that besides allowing criminals and terrorists into the networks, the strategy would require software companies to have employees do the wiretapping or give away their company secrets to law enforcement agencies.

“Finally, the wiretap capability that the FBI seeks will be ineffective because it is easily disabled and because knock-off products that lack the wiretap functionality can be readily downloaded from websites abroad. Because many of the tools that people use to communicate are built on open standards and open source software, it will be trivial to remove or disable wiretap functionality,” the report said. Source: Now FBI wants back door to all software

The “Open Source” answer …

As software and hardware vendors become more intrusive – perhaps in exchange for government contracts and indemnities against consumer actions – open source software is looking better and better as it is open and transparent to the security researchers and bug fixes and design flaws can be rolled-out faster to the community without regard for reputational and monetary costs.

It is well known in the software world that Hollywood’s content creators and distributors (primarily the Walt Disney Companies) have done much to subvert our copyright rights and to impose legislated security safeguards in content distribution -- which handed government unprecedented access to our systems and the tagging of all files and many printed documents with globally unique identifiers that can fingerprint systems and files, as well as the creator/user of these files. This unholy alliance between the protectors of intellectual property and the government has turned Orwellian.

Best practices included encrypting your data and tightly controlling the encryption key – a process that can be easily compromised by both the commercial and government spies by watching your system as you encrypt your files. This is the type of backdoor access which is often detected by the open source security researchers. 

What is really needed …

First, a law which makes the access of any computer system by any government employee, contractor, agent, or confidential informant a crime, punishable by imprisonment and substantial fine if the data is used for personal, commercial, political, or unauthorized use.

Second, a law which makes the access of any computer system by any commercial hardware or software vendor without the explicit permission (opt-in, not opt-out) of the user a civil cause of action resulting in substantial fines and penalties, a portion of which should be paid directly to the user. This would eliminate unilateral contracts that absolve companies of all responsibilities for their actions.

Third, additional non-political oversight of governmental entities by non-partisan, non-union, non-affiliated Inspectors General whose sole responsibility is to continually review systems and procedures and to challenge the handling of data with appropriate test inquiries sufficient to detect potential data breeches. To present this information to both the Department of Justice and the appropriate Congressional oversight committees. And, to the media in a summary or redacted format, should the DOJ and Congress fail to remedy the situation after a specified period of time.

Why these laws are needed …

Documents: U.S. mining data from 9 leading Internet firms; companies deny knowledge

The National Security Agency and the FBI are tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio and video chats, photographs, e-mails, documents, and connection logs that enable analysts to track one target or trace a whole network of associates, according to a top-secret document obtained by The Washington Post.

The program, code-named PRISM, has not been made public until now. It may be the first of its kind. The NSA prides itself on stealing secrets and breaking codes, and it is accustomed to corporate partnerships that help it divert data traffic or sidestep barriers. But there has never been a Google or Facebook before, and it is unlikely that there are richer troves of valuable intelligence than the ones in Silicon Valley.

Equally unusual is the way the NSA extracts what it wants, according to the document: “Collection directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.”  Dropbox, the cloud storage and synchronization service, is described as “coming soon.”  <Source>

Can the “Court” be trusted?

“I would just push back on the idea that the court has signed off on it, so why worry?” said Jameel Jaffer, deputy legal director of the American Civil Liberties Union. “This is a court that meets in secret, allows only the government to appear before it, and publishes almost none of its opinions. It has never been an effective check on government.” <Source>

I am for data-mining technologies …

I support looking for links among the massive amounts of data if it will keep America safer and I have great faith and trust in the NSA – but not the same level of trust for the more politically-oriented FBI. Therefore it is important to heavily sanction government employees, contractors, agents, etc. if they use intercepted material for political, commercial or personal use. It appears that members of Congress have been briefed on the programs, but appear to have exerted no effective oversight or revealed wrongdoing associated with these clandestine programs. The fact that the American public suspects that data-mining is occurring means that they should also expect periodic bulk reports on government malfeasance.

I also have my doubts that some of these programs are effective as the United States does not have enough translators to sift through the data – even when keywords are flagged. And while algorithmic search capabilities have improved, it is unlikely they will correctly decode and interpret coded language such as “I lost my ball at the beach today.”

Bottom line …

We have enough laws on the books. However, many of them are deliberately conflicting, overlapping, or have loopholes crafted by special interest lobbyists and lawyers. It is time to perform a comprehensive review of existing laws and repeal and replace those which no longer serve an analog and digital world. To this end, I suggest you may wish to support the Electronic Frontier Foundation (www.eff.org) whose efforts in aligning both the analog and digital laws are protecting our freedoms from those who would steal them quietly in the night.

If you decide to sacrifice your data security for convenience or cost – beware.

-- steve

“Nullius in verba.”-- take nobody's word for it!

“Beware of false knowledge; it is more dangerous than ignorance.”-- George Bernard Shaw

“Progressive, liberal, Socialist, Marxist, Democratic Socialist -- they are all COMMUNISTS.”

“The key to fighting the craziness of the progressives is to hold them responsible for their actions, not their intentions.” – OCS

"The object in life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." -- Marcus Aurelius

“A people that elect corrupt politicians, imposters, thieves, and traitors are not victims... but accomplices” -- George Orwell

“Fere libenter homines id quod volunt credunt." (The people gladly believe what they wish to.) ~Julius Caesar

“Describing the problem is quite different from knowing the solution. Except in politics." ~ OCS