I’m naturally suspicious of governments, and the suspicion seems to be mutual. Since I’m not trying to do any harm, that annoys me more than a bit: they want to treat me like a criminal, even though I mostly want to be left alone to live out my life without being interfered with by their wars, walls, economic collapses, and oligarchs. Is that too much to ask?
Of course it is.
Because, if I have any kind of communications privacy I am potentially a threat. I may organize with others and that is simply unacceptable. Tools that might allow that kind of organization are inherently threatening to governments because governments are the only organizations that are trustworthy and responsible enough to keep secrets. Ha. Ha Ha Ha. Governments tell us they need secrecy, at the same time that they argue incessantly that we don’t because we’re apparently ready to turn into criminals and revolutionaries (your “terrorist” is my “revolutionary”) at the drop of a packet.
In the US, it’s complicated because the government, which has jurisdictional control over the core of the world’s IT software and service infrastructure, has quietly mandated backdoors in most of the systems: Twitter, Microsoft everything, Google, Apple everything, Facebook, Yahoo! SMS messaging and cellular systems. This is variously sold as being in order to prevent terror, hacking, and child pornography but it’s clearly being used to settle political scores, monitor dissent (my “dissenter” is their “terrorist”) and collect dirt on would-be dissenters. My theory of this is simple: governments don’t trust people to keep secrets from them, because they know the kind of shit that they get up to, themselves, when they can keep secrets. They get up to some nasty things, indeed, when they get the chance to work in secret; wouldn’t you too?
Lord Acton supposedly said, “power corrupts, absolute power corrupts absolutely.” Let me reformulate that slightly: “Power is corrupt because it only exists where there is unfairness. Unfair, corrupt, power-hungry people assume everyone is like them, because that is the only eyes they have with which to view the world.” The power elites that run all of the great countries of the world are universally in agreement that you should not be able to operate in secret.
So, here are a few news stories from this last week that point out a general trend:
In the wake of Saturday’s terrorist attack in London, the Prime Minister Theresa May has again called for new laws to regulate the internet, demanding that internet companies do more to stamp out spaces where terrorists can communicate freely.
“We cannot allow this ideology the safe space it needs to breed,” she said. “Yet that is precisely what the internet and the big companies that provide internet-based services provide.”
Her comments echo those made in March by the home secretary, Amber Rudd. Speaking after the previous terrorist attack in London, Rudd said that end-to-end encryption in apps like WhatsApp is “completely unacceptable” and that there should be “no hiding place for terrorists”. [new scientist][new scientist]
Note that, in reality, the services May is complaining about are probably already thoroughly controlled by the US police state. May is mostly complaining pro forma, because “more access is more!” appears to be the mantra of the police state, everywhere. And, why not? Their current level of access has not allowed them adequate control; therefore maybe more access will. It’s the control freak’s dilemma: the harder you squeeze the slipperier ‘your’ population gets, but they don’t realize that (or they wouldn’t be control freaks) and squeezing harder is the only thing they are capable of thinking of.
President Vladimir Putin has signed a law that prohibits forms of technology that grant access to banned websites in Russia, effective November 1st. The ban covers services that allow people to use the internet anonymously, such as virtual private networks and proxies, and internet providers will have to block websites that host these services.
Leonid Levin, Russia’s chairman of a parliamentary committee on information policy and communications, told news agency RIA Novosti earlier in the month that the law “only included the restriction of access to information that is already forbidden by law or a court decision.”
Russia’s Federal website blacklist, introduced in 2012, was originally meant to apply to sites that had content on illegal drugs, child pornography, and suicide, but a 2013 amendment expanded to any content “suspected of extremism.” The amendment allows for flexible interpretation, letting Russia ban any material that criticizes its views or appears to weaken the government’s power. [verge]
Squeeze harder, Vladimir!
Apple removes VPN apps in China as Beijing doubles down on censorship
- Several VPN service providers saw their apps removed from the App Store in China
- Beijing has doubled down on its crackdown of virtual private networks after making unauthorized connections illegal in January
- VPN allows users in China to bypass strict censorship laws and access sites that are banned in the mainland [cnbc]
The Chinese don’t mess around, do they? Once you’ve publicly called in the tanks on protesters, you’ve pretty much got the ability to tell anyone to shut up, and expect it to stick. [hackernews]Don’t kid yourself for a second that Apple has been sticking up for you and helping you protect your data. That whole kerfuffle about the FBI needing help to unlock Syed Rizwan’s iPhone [nyt] – that was an unusual circumstance because Rizwan appears to have been knowledgeable or lucky enough not to have iCloud backup turned on for his phone – otherwise they’d have been able to get the cryptobits from Apple’s iCloud servers; the FBI was wondering whether there was any data on Rizwan’s phone that hadn’t gotten into the cloud, yet. Otherwise, Apple would have served the bits to the FBI on a platter, like they are required to do by US law.
Tools like The Onion Router (TOR) and encryption apps are attacked and compromised literally as fast as they are developed. There attacks against TOR that allow someone who controls enough nodes to be able to piece together enough information to de-anonymize a user; the US intelligence community runs more TOR nodes than that threshold – it was no surprise when researchers started publishing papers about how to do traffic analysis of TOR traffic. The NSA invented traffic analysis; “well, duh.” [defcon] but it’s not simply the communications pipes that are being compromised, it’s the storage, application servers, and infrastructure, as well. The US FBI occasionally whines because their access isn’t as good as they’d like it to be, but that is mostly inter-agency pissing: the FBI is complaining that the NSA has better access than they do. The Chinese are complaining that the NSA has better access than they do, too.
The big powers in the world set the tone but every government in the world is dancing to the same playlist – the internet is an important communications channel, therefore it must be controlled: it must be theirs. And, it is.
While the governments of the world occasionally appear to be in disagreement about this, that, or the other thing, there is one thing that they are sure of: their data is not yours, but your data is theirs. They own you, they control you. You do not control them.