There has been more written on this hack by David Kearn (a known propeller-head in identity management) in his blog Virtual Quill. Read what he has to say if you are interested.
Hacked! BOYI and Risks
Bring Your Own Identity (BYOI) is on the band-wagen with BOYD (Bring Your Own Device). Wired journalist relays a sobering story of how his digital identity got stolen through trusting third-party identity providers.
Basically Hackers were able to swipe his mac, iPhone and hack into his twitter account to send twitters that were damaging to Mat Honan’s reputation. He was using iCloud, the hackers hacked into his iCloud account, and they got in because Apple uses the last 4 digits of his credit card as a form of authentication. They got the last 4 digits that are incidentally stored as clear-text by Amazon through a bit of social engineering. Know I bet you want to read the whole story? Read more here.
More on Snowden
There has been another Guardian exclusive – online access to Snowden Q&A that is worth a look if you’re just a little intrigued by all the excitement. Make yourself a cup of coffee first though 😉
What seems to be clear is that when Snowden says NSA has direct access to the 9 main Internet services, he means direct access. When questioned about denials made by Google, Facebook, Apple, etc., his response was that they had no choice. It seems they have some sort of ‘gagging’ order and break the law by admitting to these top-secret operations.
MSIPR, SIPRM, PIRMS, IPMSR? No it’s PRISM!
Yes so in whatever form PRISM does exist. I talked about it… well more rolled over this in previous posts. Now everything that you may want to know about PRISM to date, that is by 12 June can be found here.
Now there are two parts here, or maybe three.
1) collection of communications that happens to be passing over the wires
2) collection of social, other online activities of US citizens
3) collection of a) communications, b) social, other online activities; of non-US citizens.
Now PRISM is about (2) and (3b). PRISM is a system the NSA uses to gain access to the private communications of users of nine popular Internet services including Google, Facebook and Apple. It seems to be that an official request for information of a particular individual can be made to any of these services, and they will comply if the request is legally valid. These Internet service deny strongly that NSA has direct access to their servers.
So apparently NSA does not have direct access to the 9 most popular Internet Services, but what is the breath of their power to collect data on US-citizens?
Well the FISA Amendments Act (Section 702) does not require the government to show probable cause to believe that the target of surveillance has committed a crime. This is only for non-US citizens. Instead of showing probable cause to a judge, Section 702 of FISA allows senior Obama administration officials to “authorize” the “targeting of persons reasonably believed to be located outside the United States.” The surveillance may not “intentionally target” an American, but the NSA can obtain the private communications of Americans as part of a request that officially “targets” a foreigner. There is some use of the Patriots Act for this. I am not sure how the FISA Section 702 and the Patriots Act overlap though.
Ha! So if you as a US-citizen are communicating with an individual that is outside of the US and deemed as a threat to national security, your data is being collected. You could be a supporter of Greenpeace for example, they were targeted for surveillance in the past.
So what is my take on PRISM. It seems perfectly reasonable that in the name of national security requests for data on individuals can be collected by government intelligence. Same as officials upholding the law would request for a search warrant. However, PRISM should not be secret. That this is happening should be transparent to all US citizens and non-citizens. Why keep a secret? The supermarkets are pretty transparent about collecting our personal buying habits, maybe the package the justification in fancy packaging, but the reason is clear, to make money. So why does the government have to go around pretending still that it does not do these things? Has it not yet realized that the Cold War is over, and has been for quite some years now?
Dilemmas concerning privacy
There’s a really fun article written by Daniel Sandström in the Svd Culture section (16 June). SvD is one of the two main Swedish national newspapers. It is in main about the dilemmas we face as 1) a citizen and, 2) consumer. It is about how our selfish choices made in the guise of (2) are in fact contrary to what we demand as (1).
For you non-Swedish speakers – The first paragraph talks about how Amazon dealt with the news that they had illegally allowed an e-book to be on their site. They removed it from all devices. It is quite funny because it was George Orwell’s 1984 😀
He discusses briefly PRISM, this I mention at the end of my previous post. This is an agreement between the main cloud, social networking spaces on logging/tracking. Main companies included are: Google, Facebook, Apple….. yep, all those places you share your personal information, including who is your family, who is your close friends vs. FB friends, maybe who you are drinking, sleeping with… oh my what a gold mine for our governments! And we share this information with pleasure. It really is irrelevant on your privacy settings here because the US government via the Patriot Act can request this personal information about you. He doesn’t mention this last part though.
Daniel talks about the choices he has made, i.e. he purchased a digital reader, after he forgot the ethical implications of what Amazon had done a couple of years ago. He states he placed his personal comfort over his principles.
He then continues to discuss how we as citizens want the cheapest food and share our buying habits for this privilege, but then complain that the government is tracking our communications! He says how we want cheap clothes for our children, but then protest at the atrocities going on in the sweat houses in India, etc., to produce these products. We still continue to purchase cheap clothes
Daniel’s leaving point is potent and true. He says that for himself he needs to think more seriously if he really will live for his comfort, or live as he has learnt, i.e. by principles. Clearly Snowden’s name popped up in this article, as he lived as a citizen and for freedom of the citizen.
Inspiration for the mobile workforce today, for the future
This is where I see the future in mobile computing. Apple’s iPad that accommodates the mobile workforce, and the apps application that makes it easy to download company approved apps onto your device, and this combined with the Google Chrome approach, everything Internet-based in that cloud.
Take a look at Wired article by Steven Levy on the release of the iPad, and the following promotional video. Be, and feel inspired 🙂