US tech giants knew of NSA data collection
The senior lawyer for the National Security Agency stated on Wednesday that US technology companies were fully aware of the surveillance agency’s widespread collection of data.
Rajesh De, the NSA general counsel, said all communications content and associated metadata harvested by the NSA under a 2008 surveillance law occurred with the knowledge of the companies – both for the internet collection program known as Prism and for the so-called “upstream” collection of communications moving across the internet. Guardian UK
Remember the shrieks and shrills of denial emitted from these companies?
Google's Larry Page and his lawyer released this statement:
"First, we have not joined any program that would give the US government – or any other government – direct access to our servers.
Apple denied knowledge as well. But, as most of us knew anyway, they were all lying.
In fact, as Al Jazeera revealed a few months ago, the NSA's Keith Alexander and the Google boys were good buddies. Here's one where Google CEO Eric Schmidt calls Keith Alexander "General Keith." How cute.
Exclusive: Emails reveal close Google relationship with NSA
“General Keith.. so great to see you.. !” Schmidt wrote. “I’m unlikely to be in California that week so I’m sorry I can’t attend (will be on the east coast). Would love to see you another time. Thank you !”
These revelations have, of course, been devastating to the image and sense of trustworthiness consumers have toward these companies.
Enter FBI chief Comey. Readers may remember that Comey was one of the ones in the Bush administration who was aware of Bush's illegal surveillance operations and, unlike some of his more honest peers, DIDN'T blow the whistel. This his very different career trajectory.
Anyway, these same big tech giants are all Big privacy advocates now. So FBI director Comey has expressed his grave concern that law enforcement will be unable to do its job.
Except that it's all complete bullshit. You privacy will not be protected. And the FBI will not be deterred.
For starters, most of the most valuable data about you is not even stored on you phone. Call records, GPS tracking data, text messages, these are all stored on Apple and Google's servers.
And as for the data that is stored on your phone, Jonathan Zdziarski offers a dose of reality - for Apple anyway. After saying that some of Apple's efforts do seem positive, he goes on to dispel the hype:
It’s important to take a minute, however, to note that this does not mean that the police can’t get to your data. What Apple has done here is create for themselves plausible deniability in what they will do for law enforcement. If we take this statement at face value, what has likely happened in iOS 8 is that photos, messages, and other sensitive data, which was previously only encrypted with hardware-based keys, is now being encrypted with keys derived from a PIN or passcode. No doubt this does improve security for everyone, by marrying encryption to the PIN (something they ought to have been doing all along). While it’s technically possible to brute force a PIN code, that doesn’t mean it’s technically feasible, and thus lets Apple off the hook in terms of legal obligation. Add a complex passcode into the mix, and it gets even uglier, having to choose any of a number of dictionary style attacks to get into your encrypted data. By redesigning the file system in this fashion (if this is the case), Apple has afforded themselves the ability to say, “the phone’s data is encrypted with a PIN or passphrase, and so we’re not legally required to hack it for you guys, so go pound sand”. I am quite impressed, Mr. Cook! That took courage… but it does not mean that your data is beyond law enforcement’s reach.
In a recent blog post, I outlined a number of measures Apple took with iOS 8 to prevent many forensic artifacts from being dumped off of the device by existing commercial forensics tools. These services had completely bypassed the user’s backup encryption password, affording the consumer virtually no protection from the many law enforcement forensics tools that took advantage of these vulnerabilities. Apple closed off many of these services in iOS 8. This was a great start to better securing iOS 8, but not everything has been completely protected.
In addition to what’s been fixed, I also outlined some things that haven’t yet been. What’s left are services that iTunes (and Xcode) talk to in order to exchange information with third party applications, or access your media folder. Apple wants you to be able access your photos and other information from your desktop while the phone is locked – for ease of use. This, unfortunately, also opens up the capability for law enforcement to also use this mechanism to dump:
-Your camera reel, videos, and recordings
-Podcasts, Books, and other iTunes media
-All third party application data
Existing commercial forensics tools can still acquire these artifacts from your device, even running iOS 8. I have tested with my own private forensics tools, as well, and confirmed this. I dumped all of my third party application data (including caches, databases, screenshots, etc), as well as my camera reel and other media… all within a few minutes and from my locked iPhone running iOS 8 GM.
You can dwell on the positives and ignore the negatives of Zdziarski's (he's not the only critic by the way. I'm just in a hurry.) Or you can dwell on the negatives.
But even a fair assessment, acknowledging both sides, leads one to conclude that this is, most probably a PR stunt, or at best, just highly misleading.
And the way it was framed by Kos is straight out of lappy land.
"FBI criticizes Apple and Google for giving people what they want: privacy"
I'm sorry, but even if we buy that these efforts are a step up, they are a far cry from the claim that Apple and Google are giving people privacy.
These are the same assholes who got caught illegally giving the NSA what the NSA wants - your data. They have never come clean about it and there's no evidence that they've changed their practices. So we have to assume they are STILL cooperating with the NSA.
The fact is, these companies, Google especially, constitute the greatest mass surveillance system in human history. Their phones can be invisibly, and with the flick of a switch, turned into the perfect audio/video surveillance devices.
They monitor and record where you go and when, who you talk to, who you communicate with and what websites you visit.
And they've been caught opening all that information up to an illegal, unconstitutional (same thing, I know) surveillance operation by the Wall Street subsidiary known as the NSA, or more accurately, NSA Inc.
But now people in the land of orange are supposed to believe that these companies are sincerely wanting to give us privacy?
Hahahahahaha. Call me skeptical.