"In a time of universal deceit telling the truth is a revolutionary act." -George Orwell

Posts Tagged ‘DIgital Communications’

Peeling The Onion: Almost Everyone Involved In Developing Tor Was (Or Is) Funded By The US Government

In Uncategorized on July 21, 2014 at 11:35 pm

tor-privacy-roger-dingledine-nsa-pentagon

Oldspeak: “None are more hopelessly than those who falsely believe they are free-Goethe.

YEEEESH…  i can’t say i’m surprised.  i’m more gullible than i thought.  Turns out TOR was/is a great way for governments to identify and track people who value their anonymity .  And was developed originally for spooks. Needless to say, don’t use Tor if you want to communicate and browse the internet securely. Or maybe this story is bullshit too, who the shit knows at this point. Le Sigh… ” -OSJ

By Yasha Levine @ Pando:

“The United States government can’t simply run an anonymity system for everybody and then use it themselves only. Because then every time a connection came from it people would say, “Oh, it’s another CIA agent.” If those are the only people using the network.”

—Roger Dingledine, co-founder of the Tor Network, 2004

***

In early July, hacker Jacob Appelbaum and two other security experts published a blockbuster story in conjunction with the German press. They had obtained leaked top secret NSA documents and source code showing that the surveillance agency had targeted and potentially penetrated the Tor Network, a widely used privacy tool considered to be the holy grail of online anonymity.

Internet privacy activists and organizations reacted to the news with shock. For the past decade, they had been promoting Tor as a scrappy but extremely effective grassroots technology that can protect journalists, dissidents and whistleblowers from powerful government forces that want to track their every move online. It was supposed to be the best tool out there. Tor’s been an integral part of EFF’s “Surveillance Self-Defense” privacy toolkit. Edward Snowden is apparently a big fan, and so is Glenn Greenwald, who says it “allows people to surf without governments or secret services being able to monitor them.”

But the German exposé  showed Tor providing the opposite of anonymity: it singled out users for total NSA surveillance, potentially sucking up and recording everything they did online.

To many in the privacy community, the NSA’s attack on Tor was tantamount to high treason: a fascist violation of a fundamental and sacred human right to privacy and free speech.

The Electronic Frontier Foundation believes Tor to be “essential to freedom of expression.” Appelbaum — a Wikileaks volunteer and Tor developer — considers volunteering for Tor to be a valiant act on par with Hemingway or Orwell “going to Spain to fight the Franco fascists” on the side of anarchist revolutionaries.

It’s a nice story, pitting scrappy techno-anarchists against the all-powerful US Imperial machine. But the facts about Tor are not as clear cut or simple as these folks make them out to be…

Let’s start with the basics: Tor was developed, built and financed by the US military-surveillance complex. Tor’s original — and current — purpose is to cloak the online identity of government agents and informants while they are in the field: gathering intelligence, setting up sting operations, giving human intelligence assets a way to report back to their handlers — that kind of thing. This information is out there, but it’s not very well known, and it’s certainly not emphasized by those who promote it.

Peek under Tor’s hood, and you quickly realize that just everybody involved in developing Tor technology has been and/or still is funded by the Pentagon or related arm of the US empire. That includes Roger Dingledine, who brought the technology to life under a series of military and federal government contracts. Dingledine even spent a summer working at the NSA.

If you read the fine print on Tor’s website, you’ll see that Tor is still very much in active use by the US government:

“A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently. Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web logs, and for security during sting operations.”

NSA? DoD? U.S. Navy? Police surveillance? What the hell is going on? How is it possible that a privacy tool was created by the same military and intelligence agencies that it’s supposed to guard us against? Is it a ruse? A sham? A honeytrap? Maybe I’m just being too paranoid…

Unfortunately, this is not a tinfoil hat conspiracy theory. It is cold hard fact.

Brief history of Tor

The origins of Tor go back to 1995, when military scientists at the Naval Research Laboratory began developing cloaking technology that would prevent someone’s activity on the Internet from being traced back to them. They called it “onion routing” — a method redirecting traffic into a parallel peer-to-peer network and bouncing it around randomly before sending it off to its final destination. The idea was to move it around so as to confuse and disconnect its origin and destination, and make it impossible for someone to observe who you are or where you’re going on the Internet.

Onion routing was like a hustler playing the three-card monte with your traffic: the guy trying to spy on you could watch it going under one card, but he never knew where it would come out.

The technology was funded by the Office of Naval Research and DARPA. Early development was spearheaded by Paul Syverson, Michael Reed and David Goldschlag — all military mathematicians and computer systems researchers working for the Naval Research Laboratory, sitting inside the massive Joint Base Anacostia-Bolling military base in Southeast Washington, D.C.

The original goal of onion routing wasn’t to protect privacy — or at least not in the way most people think of “privacy.” The goal was to allow intelligence and military personnel to work online undercover without fear of being unmasked by someone monitoring their Internet activity.

“As military grade communication devices increasingly depend on the public communications infrastructure, it is important to use that infrastructure in ways that are resistant to traffic analysis. It may also be useful to communicate anonymously, for example when gathering intelligence from public databases,” explained a 1997 paper outlining an early version of onion routing that was published in the Naval Research Labs Review.

In the 90s, as public Internet use and infrastructure grew and multiplied, spooks needed to figure out a way to hide their identity in plain sight online. An undercover spook sitting in a hotel room in a hostile country somewhere couldn’t simply dial up CIA.gov on his browser and log in — anyone sniffing his connection would know who he was. Nor could a military intel agent infiltrate a potential terrorist group masquerading as an online animal rights forum if he had to create an account and log in from an army base IP address.

That’s where onion routing came in. As Michael Reed, one of the inventors of onion routing, explained: providing cover for military and intelligence operations online was their primary objective; everything else was secondary:

The original *QUESTION* posed that led to the invention of Onion Routing was, “Can we build a system that allows for bi-directional communications over the Internet where the source and destination cannot be determined by a mid-point?” The *PURPOSE* was for DoD / Intelligence usage (open source intelligence gathering, covering of forward deployed assets, whatever). Not helping dissidents in repressive countries. Not assisting criminals in covering their electronic tracks. Not helping bit-torrent users avoid MPAA/RIAA prosecution. Not giving a 10 year old a way to bypass an anti-porn filter. Of course, we knew those would be other unavoidable uses for the technology, but that was immaterial to the problem at hand we were trying to solve (and if those uses were going to give us more cover traffic to better hide what we wanted to use the network for, all the better…I once told a flag officer that much to his chagrin).

Apparently solving this problem wasn’t very easy. Onion router research progressed slowly, with several versions developed and discarded. But in 2002, seven years after it began, the project moved into a different and more active phase. Paul Syverson from the Naval Research Laboratory stayed on the project, but two new guys fresh outta MIT grad school came on board: Roger Dingledine and Nick Mathewson. They were not formally employed by Naval Labs, but were on contract from DARPA and the U.S. Naval Research Laboratory’s Center for High Assurance Computer Systems. For the next several years, the three of them worked on a newer version of onion routing that would later become known as Tor.

Very early on, researchers understood that just designing a system that only technically anonymizes traffic is not enough — not if the system is used exclusively by military and intelligence. In order to cloak spooks better, Tor needed to be used by a diverse group of people: Activists, students, corporate researchers, soccer moms, journalists, drug dealers, hackers, child pornographers, foreign agents, terrorists — the more diverse the group that spooks could hide in the crowd in plain sight.

Tor also needed to be moved off site and disassociated from Naval research. As Syverson told Bloomberg in January 2014: “If you have a system that’s only a Navy system, anything popping out of it is obviously from the Navy. You need to have a network that carries traffic for other people as well.”

Dingledine said the same thing a decade earlier at the 2004 Wizards of OS conference in Germany:

“The United States government can’t simply run an anonymity system for everybody and then use it themselves only. Because then every time a connection came from it people would say, ‘Oh, it’s another CIA agent.’ If those are the only people using the network.”

The consumer version of Tor would be marketed to everyone and — equally important — would eventually allow anyone to run a Tor node/relay, even from their desktop computer. The idea was to create a massive crowdsourced torrent-style network made up from thousands of volunteers all across the world.

At the very end of 2004, with Tor technology finally ready for deployment, the US Navy cut most of its Tor funding, released it under an open source license and, oddly, the project was handed over to the Electronic Frontier Foundation.

“We funded Roger Dingledine and Nick Mathewson to work on Tor for a single year from November 2004 through October 2005 for $180,000. We then served as a fiscal sponsor for the project until they got their 501(c)(3) status over the next year or two.  During that time, we took in less than $50,000 for the project,” EFF’s Dave Maass told me by email.

In a December 2004 press release announcing its support for Tor, EFF curiously failed to mention that this anonymity tool was developed primarily for military and intelligence use. Instead, it focused purely on Tor’s ability to protect free speech from oppressive regimes in the Internet age.

“The Tor project is a perfect fit for EFF, because one of our primary goals is to protect the privacy and anonymity of Internet users. Tor can help people exercise their First Amendment right to free, anonymous speech online,” said EFF’s Technology Manager Chris Palmer.

Later on, EFF’s online materials began mentioning that Tor had been developed by the Naval Research Lab, but played down the connection, explaining that it was “in the past.” Meanwhile the organization kept boosting and promoting Tor as a powerful privacy tool:

“Your traffic is safer when you use Tor.”

Playing down Tor’s ties to the military…

The people at EFF weren’t the only ones minimizing Tor’s ties to the military.

In 2005, Wired published what might have been the first major profile of Tor technology. The article was written by Kim Zetter, and headlined: “Tor Torches Online Tracking.” Although Zetter was a bit critical of Tor, she made it seem like the anonymity technology had been handed over by the military with no strings attached to “two Boston-based programmers” — Dingledine and Nick Mathewson, who had completely rebuilt the product and ran it independently.

Dingledine and Mathewson might have been based in Boston, but they — and Tor — were hardly independent.

At the time that the Wired article went to press in 2005, both had been on the Pentagon payroll for at least three years. And they would continue to be on the federal government’s payroll for at least another seven years.

In fact, in 2004, at the Wizards of OS conference in Germany, Dingledine proudly announced that he was building spy craft tech on the government payroll:

“I forgot to mention earlier something that will make you look at me in a new light. I contract for the United States Government to built anonymity technology for them and deploy it. They don’t think of it as anonymity technology, although we use that term. They think of it as security technology. They need these technologies so they can research people they are interested in, so they can have anonymous tip lines, so that they can buy things from people without other countries knowing what they are buying, how much they are buying and where it is going, that sort of thing.”

Government support kept rolling in well after that.

In 2006, Tor research was funded was through a no-bid federal contract awarded to Dingledine’s consulting company, Moria Labs. And starting in 2007, the Pentagon cash came directly through the Tor Project itself — thanks to the fact that Team Tor finally left EFF and registered its own independent 501(c)(3) non-profit.

How dependent was — and is — Tor on support from federal government agencies like the Pentagon?

In 2007, it appears that all of Tor’s funding came from the federal government via two grants. A quarter million came from the International Broadcasting Bureau (IBB), a CIA spinoff that now operates under the Broadcasting Board of Governors. IBB runs Voice of America and Radio Marti, a propaganda outfit aimed at subverting Cuba’s communist regime. The CIA supposedly cut IBB financing in the 1970s after its ties to Cold War propaganda arms like Radio Free Europe were exposed.

The second chunk of cash — just under $100,000 — came from Internews, an NGO aimed at funding and training dissident and activists abroad. Tor’s subsequent tax filings show that grants from Internews were in fact conduits for “pass through” grants from the US State Department.

In 2008, Tor got $527,000 again from IBB and Internews, which meant that 90% of its funding came U.S. government sources that year.

In 2009, the federal government provided just over $900,000, or about 90% of the funding. Part of that cash came through a $632,189 federal grant from the State Department, described in tax filings as a “Pass-Through from Internews Network International.” Another $270,000 came via the CIA-spinoff IBB. The Swedish government gave $38,000, while Google gave a minuscule $29,000.

Most of that government cash went out in the form of salaries to Tor administrators and developers. Tor co-founders Dingledine and Mathewson made $120,000. Jacob Appelbaum, the rock star hacker, Wikileaks volunteer and Tor developer, made $96,000.

In 2010, the State Department upped its grant to $913,000 and IBB gave $180,000 — which added up to nearly $1 million out of a total of $1.3 million total funds listed on tax filings that year. Again, a good chunk of that went out as salaries to Tor developers and managers.

In 2011, IBB gave $150,00, while another $730,000 came via Pentagon and State Department grants, which represented more than 70% of the grants that year. (Although based on tax filings, government contracts added up to nearly 100% of Tor’s funding.)

The DoD grant was passed through the Stanford Research Institute, a cutting edge Cold War military-intel outfit. The Pentagon-SRI grant to Tor was given this description: “Basic and Applied Research and Development in Areas Relating to the Navy Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance.”

That year, a new government funder came the scene: Swedish International Development Cooperation Agency (SIDA), Sweden’s version of USAID, gave Tor $279,000.

In 2012, Tor nearly doubled its budget, taking in $2.2 million from Pentagon and intel-connected grants: $876,099 came from the DoD, $353,000 from the State Department, $387,800 from IBB.

That same year, Tor lined up an unknown amount funding from the Broadcasting Board of Governors to finance fast exit nodes.

Tor at the NSA?

In 2013, the Washington Post revealed that the NSA had figured out various ways of unmasking and penetrating the anonymity of the Tor Network.

Since 2006, according to a 49-page research paper titled simply “Tor,” the agency has worked on several methods that, if successful, would allow the NSA to uncloak anonymous traffic on a “wide scale” — effectively by watching communications as they enter and exit the Tor system, rather than trying to follow them inside. One type of attack, for example, would identify users by minute differences in the clock times on their computers.

The evidence came out of Edward Snowden’s NSA leaks. It appeared that the surveillance agency had developed several techniques to get at Tor. One of the documents explained that the NSA “pretty much guaranteed to succeed.”

Snowden’s leaks revealed another interesting detail: In 2007, Dingledine gave at a talk at the NSA’s HQ explaining Tor, and how it worked.

The Washington Post published the NSA’s notes from their meeting with Dingledine. They showed that Dingledine and the NSA mostly talked about the technical details of Tor — how the network works and some of its security/usability tradeoffs. The NSA was curious about “Tor’s customers,” and Dingledine ran down some of the types of people who could benefit from Tor: Blogger Alice, 8 yr. old Alice, Sick Alice, Consumer Alice, Oppressed Alice, Business Alice, Law Enforcement Alice…

Interestingly, Dingledine told the NSA that “the way TOR is spun is dependent on who the ‘spinee’ is” — meaning that he markets Tor technology in different ways to different people?

Interestingly, the Washington Post article described Dingledine’s trip to the NSA as “a wary encounter, akin to mutual intelligence gathering, between a spy agency and a man who built tools to ward off electronic surveillance.” Dingledine told the paper that he came away from that meeting with the feeling that the NSA was trying to hack the Tor network:

“As he spoke to the NSA, Dingledine said in an interview Friday, he suspected the agency was attempting to break into Tor, which is used by millions of people around the world to shield their identities.”

Dingledine may very well have been antagonistic during his meeting with the NSA. Perhaps he was protective over his Tor baby, and didn’t want its original inventors and sponsors in the US government taking it back. But whatever the reason, the antagonism was not likely borne out of some sort of innate ideological hostility towards the US national security state.

Aside from being on the DoD payroll, Dingledine has spends a considerable amount of his time meeting and consulting with military, intelligence and law enforcement agencies to explain why Tor’s so great, and instructing them on how to use it. What kind of agencies does he meet with? The FBI, CIA and DOJ are just a few… And if you listen to Dingledine explain these encounters in some of his public appearances, one does not detect so much as a whiff of antagonism towards intelligence and law enforcement agencies.

In 2013, during a talk at UC San Diego, Dingledine cheerfully recalled how an exuberant FBI agent rushed up to thank him during his recent trip to the FBI:

“So I’ve been doing a lot of talks lately for law enforcement. And pretty much every talk I do these days, sone FBI person comes up to me afterwards and says, ‘I use Tor everyday for my job. Thank you.’ Another example is anonymous tips — I was talking to the folks who run the CIA anonymous tip line. It’s called the Iraqi Rewards Program…”

Dingledine’s close collaboration with law enforcement aside, there’s the strangely glib manner in which he dismissed news about the NSA hacking into Tor. He seemed totally unconcerned by the evidence revealed by Snowden’s leaks, and played down the NSA’s capabilities in his comments to the Washington Post:

“If those documents actually represent what they can do, they are not as big an adversary as I thought.”

I reached out to Dingledine to ask him about his trip to the NSA and whether he warned the Tor community back in 2007 that he suspected the NSA was targeting Tor users. He didn’t respond.

How safe is Tor, really?

If Dingledine didn’t appear to be fazed by evidence of the NSA’s attack on Tor anonymity, it’s strange considering that an attack by a powerful government entity has been known to be one Tor’s principle weaknesses for quite some time.

In a 2011 discussion on Tor’s official listserv, Tor developer Mike Perry admitted that Tor might not be very effective against powerful, organized “adversaries” (aka governments) that are capable monitoring huge swaths of the Internet.

“Extremely well funded adversaries that are able to observe large portions of the Internet can probably break aspects of Tor and may be able to deanonymize users. This is why the core tor program currently has a version number of 0.2.x and comes with a warning that it is not to be used for “strong anonymity”. (Though I personally don’t believe any adversary can reliably deanonymize *all* tor users . . . but attacks on anonymity are subtle and cumulative in nature).

Indeed, just last year, Syverson was part of a research team that pretty much proved that Tor can no longer be expected to protect users over the long term.

“Tor is known to be insecure against an adversary that can observe a user’s traffic entering and exiting the anonymity network. Quite simple and efficient techniques can correlate traffic at these separate locations by taking advantage of identifying traffic patterns. As a result, the user and his destination may be identified, completely subverting the protocol’s security goals.”

The researchers concluded: “These results are somewhat gloomy for the current security of the Tor network.”

While Syverson indicated that some of the security issues identified by this research have been addressed in recent Tor versions, the findings only added to a growing list of other research and anecdotal evidence showing Tor’s not as safe as its boosters want you to think — especially when pitted against determined intelligence agencies.

Case-in-point: In December 2013, a 20-year-old Harvard panicked overachiever named Edlo Kim learned just how little protection Tor offered for would be terrorists.

To avoid taking a final exam he wasn’t prepared for, Kim hit up on the idea of sending in a fake bomb threat. То cover his tracks, he used Tor, supposedly the best anonymity service the web had to offer. But it did little mask his identity from a determined Uncle Sam. A joint investigation, which involved the FBI, the Secret Service and local police, was able to track the fake bomb threat right back to Kim — in less than 24 hours.

As the FBI complaint explained, “Harvard University was able to determine that, in the several hours leading up to the receipt of the e-mail messages described above, ELDO KIM accessed TOR using Harvard’s wireless network.” All that Tor did was make the cops jump a few extra steps. But it wasn’t hard, nothing that a bit of manpower with full legal authority to access network records couldn’t solve. It helped that Harvard’s network logging all metadata access on the network — sorta like the NSA.

Over the past few years, U.S. law enforcement has taken control and shutdown a series of illegal child porn and drug marketplaces operating on what should have been untraceable, hyper-anonymous servers running in the Tor cloud.

In 2013, they took down Freedom Hosting, which was accused of being a massive child porn hosting operation — but not before taking control of its servers and intercepting all of its communication with customers. The FBI did the same thing that same year with the online drug superstore Silkroad, which also ran its services in the Tor cloud. Although, rookie mistakes helped FBI unmask the identity of Dred Pirate Roberts, it is still a mystery how they were able to totally take over and control, and even copy, a server run in the Tor cloud — something that is supposed to be impossible.

Back in 2007, a Swedish hacker/researcher named Dan Egerstad showed that just by running a Tor node, he could siphon and read all the unencrypted traffic that went through his chunk of the Tor network. He was able to access logins and passwords to accounts of NGOs, companies, and the embassies of India and Iran. Egerstad thought at first that embassy staff were just being careless with their info, but quickly realized that he had actually stumbled on a hack/surveillance operation in which Tor was being used to covertly access these accounts.

Although Egerstad was a big fan of Tor and still believes that Tor can provide anonymity if used correctly, the experience made him highly suspicious.

He told Sydney Morning Herald that he thinks many of the major Tor nodes are being run by intelligence agencies or other parties interested in listening in on Tor communication.

“I don’t like speculating about it, but I’m telling people that it is possible. And if you actually look in to where these Tor nodes are hosted and how big they are, some of these nodes cost thousands of dollars each month just to host because they’re using lots of bandwidth, they’re heavy-duty servers and so on. Who would pay for this and be anonymous? For example, five of six of them are in Washington D.C.…”

Tor stinks?

Tor supporters point to a cache of NSA documents leaked by Snowden to prove that the agency fears and hates Tor. A 2013 Guardian story based on these docs — written by James Ball, Bruce Schneier and Glenn Greenwald — argues that agency is all but powerless against the anonymity tool.

…the documents suggest that the fundamental security of the Torservice remains intact. One top-secret presentation, titled ‘Tor Stinks’, states: “We will never be able to de-anonymize all Tor users all the time.” It continues: “With manual analysis we can de-anonymize a very small fraction of Tor users,” and says the agency has had “no success de-anonymizing a user in response” to a specific request.

Another top-secret presentation calls Tor “the king of high-secure, low-latency internet anonymity”.

But the NSA docs are far from conclusive and offer conflicting bits of evidence, allowing for multiple interpretations. But the fact is that the NSA and GCHQ clearly have the capability to compromise Tor, but it might take a bit of targeted effort.

One thing is clear: the NSA most certainly does not hate or fear Tor. And some aspects about Tor are definitely welcomed by the NSA, in part because it helps concentrate potential “targets” in one convenient location.

Tor Stinks… But it Could be Worse

• Critical mass of targets use Tor. Scaring them away might be counterproductive.

• We can increase our success rate and provide more client IPs for individual Tor users.

• We will never get 100% but we don’t need to provide true IPs for every target every time they use Tor.

Tor network is not as difficult to capture as it may seem…

In 2012, Tor co-founder Roger Dingledine revealed that the Tor Network is configured to prioritize speed and route traffic through through the fastest servers/nodes available. As a result, the vast bulk of Tor traffic runs through several dozen of the fastest and most dependable servers: “on today’s network, clients choose one of the fastest 5 exit relays around 25-30% of the time, and 80% of their choices come from a pool of 40-50 relays.”

Dingledine was criticized by Tor community for the obvious reason that funneling traffic through a handful of fast nodes made surveilling and subverting Tor much easier. Anyone can run a Tor node — a research student in Germany, a guy with FIOS connection in Victorville (which is what I did for a few months), an NSA front out of Hawaii or a guy working for China’s Internet Police.

There’s no way of knowing if the people running the fastest most stable nodes are doing it out of goodwill or because it’s the best way to listen in and subvert the Tor network. Particularly troubling was that Snowden’s leaks clearly showed the NSA and GCHQ run Tor nodes, and are interested in running more.

And running 50 Tor nodes doesn’t seem like it would be too difficult for any of the world’s intelligence agencies — whether American, German, British, Russian, Chinese or Iranian. Hell, if you’re an intelligence agency, there’s no reason not to run a Tor node.

Back in 2005, Dingledine admitted to Wired that this was a “tricky design question” but couldn’t provide a good answer to how they’d handle it. In 2012, he dismissed his critics altogether, explaining that he was perfectly willing to sacrifice security for speed — whatever it took to take get more people to use Tor:

This choice goes back to the original discussion that Mike Perry and I were wrestling with a few years ago… if we want to end up with a fast safe network, do we get there by having a slow safe network and hoping it’ll get faster, or by having a fast less-safe network and hoping it’ll get safer? We opted for the “if we don’t stay relevant to the world, Tor will never grow enough” route.

Speaking of spooks running Tor nodes…

If you thought the Tor story couldn’t get any weirder, it can and does. Probably the strangest part of this whole saga is the fact that Edward Snowden ran multiple high-bandwidth Tor nodes while working as an NSA contractor in Hawaii.

This only became publicly known last May, when Tor developer Runa Sandvik (who also drew her salary from Pentagon/State Department sources at Tor) told Wired’s Kevin Poulsen that just two weeks before he would try to get in touch with Glenn Greenwald, Snowden emailed her, explaining that he ran a major Tor node and wanted to get some Tor stickers.

Stickers? Yes, stickers.

Here’s Wired:

In his e-mail, Snowden wrote that he personally ran one of the “major tor exits”–a 2 gbps server named “TheSignal”–and was trying to persuade some unnamed coworkers at his office to set up additional servers. He didn’t say where he worked. But he wanted to know if Sandvik could send him a stack of official Tor stickers. (In some post-leak photos of Snowden you can see the Tor sticker on the back of his laptop, next to the EFF sticker).

Snowden’s request for Tor stickers turned into something a bit more intimate. Turned out that Sandvik was already planning to go to Hawaii for vacation, so she suggested they meet up to talk about communication security and encryption.

She wrote Snowden back and offered to give a presentation about Tor to a local audience. Snowden was enthusiastic and offered to set up a crypto party for the occasion.

So the two of them threw a “crypto party” at a local coffee shop in Honolulu, teaching twenty or so locals how to use Tor and encrypt their hard drives. “He introduced himself as Ed. We talked for a bit before everything started. And I remember asking where he worked or what he did, and he didn’t really want to tell,” Sandvik told Wired.

But she did learn that Snowden was running more than one Tor exit node, and that he was trying to get some of his buddies at “work”to set up additional Tor nodes…

H’mmm….So Snowden running powerful Tor nodes and trying to get his NSA colleagues to run them, too?

I reached out to Sandvik for comment. She didn’t reply. But Wired’s Poulsen suggested that running Tor nodes and throwing a crypto party was a pet privacy project for Snowden. “Even as he was thinking globally, he was acting locally.”

But it’s hard to imagine a guy with top secret security clearance in the midst of planning to steal a huge cache of secrets would risk running a Tor node to help out the privacy cause. But then, who hell knows what any of this means.

I guess it’s fitting that Tor’s logo is an onion — because the more layers you peel and the deeper you get, the less things make sense and the more you realize that there is no end or bottom to it. It’s hard to get any straight answers — or even know what questions you should be asking.

In that way, the Tor Project more resembles a spook project than a tool designed by a culture that values accountability or transparency.

Bay Area Rapid Transit Accused Of Censorship For Blocking Wireless Services To Foil Protests

In Uncategorized on August 16, 2011 at 6:45 pm

BART workers remove a man atop a train during a protest at the Civic Center station in San Francisco last month. Authorities closed the station where demonstrators condemned the fatal shooting of a man by transit police the week before.

Oldspeak:” ‘BART may be the first government agency in the U.S. to shutter mobile-internet and phone service in a bid to quash a demonstration.’ ‘I think the problem that we’re dealing with is that we’re finding, all around the country, that folks are playing with the law and trying to figure out how they can have an advantage by shutting down the ways in which the citizens of this country communicate with one another. And this was a testing ground. If we can shut down the BART service here and get away with it, maybe we’ll do it in New York, and then we’ll do it in Chicago, and then we’ll do it at a ball game, and maybe in front of, you know, the college campuses, all under the guise of disrupting and threatening the public safety.’ A glimpse of America’s future. Suppression of your 1st amendment rights to assemble, protest, and petition. A dramatic example of the utter and complete power a nebulous few have over you ability to communicate. And with communication taking place nearly all digitally, via fewer and fewer tightly controlled and monitored modes, that power is profound.  We also get a strong indication of how much of a threat dissent, protest, and civil disobedience, is perceived to be by those few; ‘all under the guise of disrupting and threatening the public safety’. 

By Amy Goodman @ Democracy Now:

The operators of the San Francisco area subway system are facing intense criticism for temporarily cutting off underground cell phone and mobile-internet service at four stations in an attempt to foil a protest. On Thursday, authorities with the Bay Area Rapid Transit (BART) removed power to underground cell phone towers at four stations to disrupt a protest against the recent death of Charles Hill, a homeless man who was shot dead on a train platform by a BART police officer in July. Police say Hill threw a knife at an officer. According to media reports, BART may be the first government agency in the United States to shutter mobile-internet and phone service in a bid to quash a demonstration. Some have compared the move to former Egyptian leader Hosni Mubarak’s blockage of internet access across Egypt in January during the popular uprising against his rule. The Federal Communications Commission says it will investigate BART’s decision. We go to San Fransisco to speak with Davey D, a hip-hop journalist and activist who has been covering the protests. He runs the popular website “Davey D’s Hip Hop Corner” at DaveyD.com and is co-host of Hard Knock Radio on KPFA in Berkeley. We’re also joined by Catherine Crump, an attorney with the American Civil Liberties Union’s Speech, Privacy & Technology Project.

Guests:

Catherine Crump, staff attorney with the American Civil Liberties Union’s Speech, Privacy & Technology Project.
Davey D, hip-hop journalist and activist. He runs the popular website “Davey D’s Hip Hop Corner” at DaveyD.com. He is co-host of Hard Knock Radio on KPFA in Berkeley.

AMY GOODMAN: The operators of the San Francisco subway system are facing intense criticism following their decision last week to temporarily cut off underground cell phone and mobile-internet service at four stations in an attempt to foil a protest. On Thursday night, authorities with the Bay Area Rapid Transit, or BART, removed power to underground cell phone towers at four stations. The decision was made in an effort to disrupt a protest against the recent death of Charles Hill, a homeless man who was shot dead on a train platform in July by a BART police officer. Police say Hill threw a knife at an officer. According to media reports, BART may be the first U.S. government agency to shutter mobile-internet and phone service in a bid to quash a demonstration.

Free speech advocates across the country have condemned the move. Some have compared it to the decision by former Egyptian leader Hosni Mubarak who shut down internet access across Egypt in January in an attempt to stifle the growing protest movement. On Twitter, critics of BART’s action took to using the hashtag “Mu-BART-ek.”

On Monday, the Federal Communications Commission announced it will investigate BART’s decision. FCC spokesperson Neil Grace said, quote, “We are continuing to collect information about BART’s actions and will be taking steps to hear from stakeholders about the important issues those actions raised, including protecting public safety and ensuring the availability of communications networks.”

On Monday, BART officials were forced to close four stations during the evening rush hour as free speech advocates attempted to disrupt the evening commute. The protest was called by the activist hacker group Anonymous that had hacked into the BART website over the weekend and released personal information about 2,000 transit riders. Later in the program, we’ll be taking an in-depth look at the actions of Anonymous and political hackers, but first we’re going to look at this free speech controversy in the Bay Area.

For more, we go to San Francisco to speak with Davey D, hip-hop journalist, activist, who’s been covering the protests. He runs the popular website “Davey D’s Hip Hop Corner” at DaveyD.com and is co-host of Hard Knock Radio on KPFA in Berkeley. We’re also joined in New York by Catherine Crump, staff attorney with the American Civil Liberties Union’s Speech, Privacy & Technology Project. And in a moment we’ll be joined by an anonymous member of Anonymous; he’ll use the pseudonym X. He was at the BART protest last night.

Davey D, before we talk about the whole free speech issue, explain what happened at the beginning of July. How did this police killing take place, the killing of a homeless man? What do you know?

DAVEY D: Well, what we’re talking about is Charles Hill, who was homeless and was approached by a couple of officers on the Civic CenterBART station. And that’s where it gets murky. According to the police, he had a knife, and he had a beer bottle. And he supposedly put the officers’ lives in danger, so they shot him. But conflicting witnesses say that the officers weren’t in danger and that if he had anything, he could have been easily disarmed.

And just considering the record that BART has had in overreacting and being brutal towards many of its passengers, that sparked these protests. Obviously, BART has footage, but it wasn’t released. And that raised a lot of concern amongst people, because they’re feeling like the first time that—when Oscar Grant was shot, the footage showed that the BART police were in the wrong, in many people’s opinion. So why didn’t we see the footage for this to immediately quell any sort of concern with the public? And I think that’s what kind of brought about the type of protests that you saw.

AMY GOODMAN: And so, there have been a series of protests since police killed Hill on July 2nd?

DAVEY D: Yes, there’s been a couple of them. There’s been a couple of them. And the most notable one was the one in which the BART trains were shut down. I think what happened with BART is that they were caught off guard. What happens is, with the police and many of these agencies, they’ve gotten very used to protest being something that is brought about because people sought permission. This time people didn’t seek permission. They went out, and they protested. And the end result was the downtown BART lines being shut down. And that really upset them. So when the second protest came, the one that we’re talking about last week, or the scheduled one, they decided to shut down all the cell phones. And that, of course, brought about last night’s protest.

AMY GOODMAN: I wanted to turn to BART Police Chief Kenton Rainey, who spoke to the media shortly after the shooting on July 2nd.

CHIEF KENTON RAINEY: The suspect was—in fact had a bottle, which was used as a weapon. He was also armed with a knife. A confrontation occurred as a result of the suspect’s aggressive actions. And fearing for their safeties, one of the officers discharged his duty weapon, striking the suspect. Paramedics were summoned and responded to the scene.CPR was performed on the suspect before he was transported to the San Francisco General Hospital, where medical personnel pronounced him dead about an hour later.

AMY GOODMAN: Your response to the Linton Johnson, the BARTspokesperson [correction: BART Police Chief Kenton Rainey]?

DAVEY D: Well, if you rewind the tape and listen to the type of explanation that BART had for the shooting of Oscar Grant, we don’t take BART’s word at—we don’t take BART’s word when they immediately give it. They’re always going to be suspect, because we feel that, initially, they lied about a lot of these incidents. So, of course they’re going to give the best story forward, that he was armed, the police were in trouble, blah, blah, blah, all that stuff. Nobody buys it. It’s like, if that’s really the case, show us the footage. Let everybody see it. Let’s have the transparency that I think the citizens of the Bay Area and around the country would really like to have. And so, that didn’t really happen. And so, once you started to hear that there were witnesses that had conflicting reports, then it was really on and popping. Everybody feels that they’re covering things up and they’re not really being forthright.

AMY GOODMAN: I just want to correct that. That was the BART Police Chief Kenton Rainey who we just heard. So let’s talk about the protests.

DAVEY D: Right. Well, I mean, even—whatever the agency, I mean, BARTpolice chief, you know, BART spokespeople, it’s the same bag, as far as most people are concerned.

AMY GOODMAN: Talk about the protests that just took place and the shutting down of the internet service at four BART stations, Davey D.

DAVEY D: Well, there was a scheduled protest last Thursday, and in reaction to the protest that actually shut down the BART trains, they decided that they were going to shut off cell service. And then they used the excuse that public safety—and I think that’s what raised a lot of concern: public safety for who? We’ve had flash mobs go up on the BARTtrain and do dances on the platform and disrupt traffic for a little bit; we haven’t seen them shut down the cell phones for that. I’ve been on theBART trains where there’s been fights after Raider games and after other sporting events; they haven’t shut down the BART trains for that. So, in this case, you have people protesting the police, and now they want to shut it down and say it’s public safety. I think the key word there is “public safety,” because then that sets a precedent for anybody to shut down cell service under the guise of public safety. They could shut it down in front of a ballpark, they could shut it down if you’re on the streets, they could shut it down at any rally, under the guise of public safety.

The other point that I think we need to also consider is the fact that they were saying that the protesters were coordinating with the cell phones. Well, first of all, most protesters don’t really need cell phones to coordinate. A good protester, at least the ones out in San Francisco, have been protesting long before there’s been internet, Facebook, Twitter and all that, so they got their game on lock. But with that being said, the police can also coordinate with communications devices, as well. And just considering the type of laws we have on the books, from PATRIOT Acts and all types of things that allow the police to peer and follow you on Twitter and Facebook and all that, I think that any sort of protest that people are doing, the police probably have infiltrated you, either in your rank-and-file membership or even—or definitely online. So they know what’s going on at any given point.

I think the problem that we’re dealing with is that we’re finding, all around the country, that folks are playing with the law and trying to figure out how they can have an advantage by shutting down the ways in which the citizens of this country communicate with one another. And this was a testing ground. If we can shut down the BART service here and get away with it, maybe we’ll do it in New York, and then we’ll do it in Chicago, and then we’ll do it at a ball game, and maybe in front of, you know, the college campuses, all under the guise of disrupting and threatening the public safety. So I don’t buy it. And I think that, you know, just being at the protest yesterday and seeing that BART shut down the Civic Center, when there really wasn’t anything going on, said to me that this is a dog and pony show and that they’re trying to win the battle of public opinion by getting the mainstream media to follow their talking points, make it seem like it was a real big crisis when it really wasn’t. If I show you the footage from what took place at the Civic Center, you would question: why did you close the Civic Center when there was nothing going on? That, to me, said a whole lot about their motivation. And their motivation wasn’t public safety. It’s to win public opinion and maybe set a precedent for other agencies later down the road.

AMY GOODMAN: BART spokesperson Linton Johnson appeared on the San Francisco radio station KQED Monday and defended BART’s actions.

LINTON JOHNSON: Well, here’s how I respond to anybody who questions this gut-wrenching decision that we were forced to make by a group that had proven in the past that they were wanting to create chaos on the platform and were going to make it even more chaotic had we let it happen. As you will remember, there was somebody who jumped on top of the train car. My heart stopped. That moment when I saw that happen, I was scared to death that that guy would hurt himself or kick in a window and splatter glass all over one of our other passengers, violating another constitutional right that people aren’t talking about, and that is the constitutional right to safety. And on the platform, the constitutional right to safety is paramount. The right to be able to express your opinion ends, basically, at the fare gate, where you have to have a ticket. So the paid area is where it ends. And the reason for that is because we can’t have chaos on the platform, because people get hurt.

AMY GOODMAN: BART spokesperson Linton Johnson on KQED in San Francisco. Catherine Crump also with us, joining Davey D, staff attorney at the ACLU. Can you respond?

CATHERINE CRUMP: There’s no question that what happened in San Francisco sets a terrible precedent. It’s the first known incident that we’ve heard of where the government has shut down a cell phone network in order to prevent people from engaging in political protest. Cell phone networks are something we’ve all come to rely on. People use them for all sorts of communication that have nothing to do with protest. And this is really a sweeping and overbroad reaction by the police.

AMY GOODMAN: What other information do you have about what police are doing with cell phones around the country, at the ACLU?

CATHERINE CRUMP: Yeah, cell phones have been in the news frequently recently, not just—because they’ve become such a vital part of our lives. One big issue these days is the use of cell phones as tracking devices. Police around the country are using cell phones to track people’s movements. And frequently, they’re not even getting a warrant based on probable cause. Just last week, we filed 365 Public Records Act requests around the country with police departments, big and small, to try to get a better perspective on the degree to which cell phones are being used as surveillance tools. So these new devices are raising all sorts of constitutional issues that we’ve just never had to confront before.

AMY GOODMAN: What do you mean they don’t even get warrants when they’re tracking your phone? How do they do it, then?

CATHERINE CRUMP: They frequently go to court, and they show a lower standard than the full probable cause standard. They show that it’s irrelevant to an ongoing investigation, which is far less than showing that they have probable cause to believe that tracking someone’s location will turn up evidence of wrongdoing. The constitutional ground here is really unsettled, and the police have been taking advantage of that to engage in really massive amounts of cell phone tracking without meeting the full probable cause standard. And we believe that violates the Fourth Amendment, which gives you a right to be free from unreasonable searches. And we don’t think there’s anything reasonable about tracking people’s locations without showing probable cause.

AMY GOODMAN: The ACLU met with the police chief yesterday in San Francisco?

CATHERINE CRUMP: We did. And what we were really looking—

AMY GOODMAN: You met with him?

CATHERINE CRUMP: I did not, but my colleagues did. And what we were really looking for out of that meeting was a guarantee that this would never happen again. And unfortunately, the police chief was not able to provide that kind of assurance. And so, we are going to continue exploring what options we can do to try to guarantee that this never happens again.

AMY GOODMAN: What did he say?

CATHERINE CRUMP: You know, it was a very short and inconclusive meeting that didn’t give us any sort of reassurance. And we’re really in new territory here. We’d really like to see a policy change, that they put into writing that this doesn’t happen frequently. We’ve put on our websitea place where people can go to take action to ask—to ask for this sort of thing not to happen again. And we’re continuing to see what other sorts of pressure we can put on the government here.

AMY GOODMAN: We’re going to go to break. Catherine Crump, staff attorney at the ACLU. Davey D, hip-hop journalist and activist, runs the popular website “Davey D’s Hip Hop Corner” at DaveyD.com and is a co-host at Pacifica Radio KPFA’s Hard Knock Radio in Berkeley. This isDemocracy Now! When we come back, we’ll also be joined by others, including an anonymous member of Anonymous, which hacked the BARTwebsite, and we’ll talk about the information that they released.

 

 

Federal Regulators Likely To Let Google Buy Motorola Mobility For “Superpower” Status

In Uncategorized on August 16, 2011 at 11:46 am

Oldspeak: We are the Borg. You will be assimilated. Your technological distinctiveness will be added to our own. Resistance is futile.” Corporate media consolidation and control of your means of communications continues unabated, while the illusion of choice is perpetuated.”

By Susan Decker and Ian King @ Bloomberg:

Google Inc. (GOOG) is relying on its planned $12.5 billion purchase of Motorola Mobility Holdings Inc. to forestall patent litigation and force settlements with Apple Inc. (AAPL) and Microsoft Corp. (MSFT) over smartphone technology.

Google cited patent disputes as key to its agreement to buy Motorola Mobility, announced yesterday. Apple, maker of the iPhone, and Microsoft, developer of Windows Phone software, have targeted phones that run on Google’s best-selling Android system, including handsets built by Motorola Mobility, Samsung Electronics Co. and HTC Corp. (2498), in lawsuits worldwide.

Lacking its own trove of patents to vie with Apple, Microsoft and other companies, Google and its hardware partners were targeted by suits aimed at slowing the adoption of Android smartphones. Adding the 17,000 patents of Motorola Mobility, which has been inventing mobile-phone technology since the industry began, may help Google stanch the onslaught.

“The analogy to a nuclear arms race and mutually assured destruction is compelling,” said Ron Laurie, managing director of Inflexion Point Strategy LLC, which counsels companies on purchasing intellectual property. Google and its rivals “look pretty evenly matched at the moment. Google may have become a patent superpower.”

The goal of Google’s new patent clout is also to act as protection for the handset makers that have been bearing the brunt of the litigation, the company said yesterday.

Patent Weaponry

Competition for dominance in the smartphone market has heated up since Google introduced Android in 2008. Patents, which grant exclusive rights to use a specific invention, have become a way to fight for market share and inhibit rivals from introducing new features.

Apple stepped up the patent feud by suing Android manufacturers, claiming Google-powered devices copy the iPhone and iPad. Microsoft has sued Motorola Mobility and Barnes & Noble Inc., whose Nook reader runs Android software.

Apple and Microsoft have focused on the devices that run on Android, while Oracle Corp. (ORCL), which has sued Mountain View, California-based Google directly, contends Android was developed using its Java programming language. Oracle is seeking billions of dollars in damages for patent- and copyright-infringement, and Google’s response has been limited to challenging the validity of Oracle’s patents.

Heightening the dispute, a group led by Apple and Microsoft won an auction of patents owned by Nortel Networks Corp. in June after bidding up the price to $4.5 billion, beating out Google in the largest-ever patent auction.

Google Shops Around

Before agreeing to buy Motorola Mobility, Google had few patents on mobile-phone technology. The company’s research had focused largely on its main search-engine business.

Google, seeking to tilt the balance, has actively sought patents that it said could be used as a deterrent to litigation, culminating in the purchase of Motorola Mobility. Google bought more than 1,000 patents in July from International Business Machines Corp.

“Yesterday you could sue Google and you weren’t taking any risks because they didn’t have any patents,” said Pierre Ferragu, an analyst at Sanford C. Bernstein inLondon. “Today it’s the same as suing Motorola.”

The purchase of Motorola Mobility lessens the likelihood of future bidding wars, Ferragu said.

“You have very, very few transactions that would make sense today,” he said. “You possibly have some smaller transactions as Google continues to shop around for quality.”

‘Level Playing Ground’

Motorola Mobility traces its roots to the 1928 founding of Galvin Manufacturing Corp. in Chicago. The company, renamed Motorola, was a pioneer of early televisions and two-way radio in World War II. It helped lay the foundation for the mobile- phone industry, demonstrating its first handset in 1973.

“Motorola was a pioneer in this business,” said Will Strauss, an analyst at Tempe, Arizona-based Forward Concepts Co. “They certainly have a lot of intellectual property. It will certainly level the playing ground quite a bit. It’s going to give them an awful lot to defend Android with.”

The purchase would directly embroil Google in litigation, where its partners have until now been the main targets. Motorola Mobility has its own pending lawsuits against Apple and Microsoft. A case Microsoft brought against Motorola Mobility is due to begin trial Aug. 22 at the U.S. International Trade Commission in Washington, and a victory may mean a ban on imports of Motorola phones. Motorola Mobility retaliated with a bid to ban U.S. imports of Microsoft’s Xbox video-game systems, with a trial scheduled for October.

Protecting the Ecosystem

Motorola Mobility’s case against Cupertino, California- based Apple also was scheduled to begin Aug. 22, though it’s been postponed. Apple’s case against Motorola begins in September at the ITC. Samsung and HTC also have each filed separate suits against Apple.

“We believe we’ll be in a very good position to protect the Android ecosystem for all of the partners,” Google Chief Executive Officer Larry Page said in a conference call with analysts yesterday. Motorola will manage the litigation until the acquisition is completed, expected by the end of this year or early next year, he said.

Kevin Kutz, a spokesman for Redmond, Washington-based Microsoft, declined to comment on what Google’s purchase of Motorola Mobility might mean for the litigation. Kristin Huguet, an Apple spokeswoman, also declined to comment.

Nokia Agreement

Apple has been winning so far, with an ITC judge’s finding that, if upheld, could lead to a ban on imports of HTC phones into the U.S. and a court order that prevents Samsung from introducing its new Galaxy Tablet in most of the European Union. As yet, nothing has stopped sales of Motorola’s phones or Xoom tablet.

Google may be hoping that an agreement can be reached with Apple that mirrors one the computer maker struck with another phone pioneer, Nokia Oyj (NOK1V), said Bernstein’s Ferragu.

The Finnish phone maker in June said it won an almost two- year patent dispute with Apple in a settlement that provided it with a one-time payment plus royalties.

“From that, you could infer that in the end it’s going to be Apple paying Motorola, paying Google,” Ferragu said.

While there will continue to be patent purchases in the mobile-phone market, litigation may slow if Google is successful in its strategy of using patents as leverage to strike settlements and keep further lawsuits at bay.

“It may not be the end, but you can see it from here,” said Inflexion Point Strategy’s Laurie. Google “was such an obvious target, and now they’re not,” he said.

To contact the reporters on this story: Susan Decker in Washington atsdecker1@bloomberg.net; Ian King in San Francisco at ianking@bloomberg.net