Wow, That Sure is … inCONVENIENT…

In the late 1990s, the US Government was setting up a case to argue that hacking equated to terrorism. Because, while it was mostly being used for illicit state-craft, it could potentially be used by terrorists. In 1997, at a keynote for Black Hat Briefings, I warned the hacker community what was coming but – at that time – there was a great deal of “community outreach” being done by NSA – they were hiring hackers (whose work we now see leaking on a regular basis) and it was all very hip and friendly.

[Read more…]

Bigtime Fake News

Congratulations to our own Shiv, whose reporting on the J20 case is in VICE. [vice]

Writing something that is timely and fact-filled, in this day of “fake news” is a huge amount of work and takes tremendous dedication. Usually I don’t have much to say about her pieces, because I’m reading them to educate myself about the oppression transpeople experience, and I’m just in absorb mode. For someone like me, who’s coming at that world from “cishet, ignorant” perspective, she’s an invaluable read.

The actions of the police state are a concern Shiv and I share, for different reasons. The stuff she’s writing about is what’s happening on the cutting end of the retro-scope and the intelligence state. All the stuff I post about surveillance is theoretical(-ish) and she’s talking about the fear that real people have to deal with, confronting the abuse of power by the state. It’s only going to get worse.

It’s Worse Than You Think: Mining Apps

I just stumbled across this one; perhaps it’s what was going on with my browser the other day. I’ve been thinking about how to enumerate all the stuff that’s going on in a system – building a “petri dish” surrounded with sniffers, then watching and memory-scraping my browser to see what it was doing. It sounds like the answer would be “too much.”

[Read more…]

It’s Worse Than You Think: Tracking Apps

The currency of computer security is Trust – the degree to which you can believe that your system is doing what you expect it to. There are a lot of properties that comprise trust, including integrity, reliability, etc., each of which is made up of smaller properties like non-repudiation, auditability, resistance to replay attacks, ad infinitum. We talk about trust loosely; it’s like Liberty or Good Cinematography – it’s a useful concept for describing the relationship between ourselves and the systems we use – whether they work right for any given notion of “right.”

[Read more…]

The Kaspersky Konundrum

This is another story in the “things I am tracking but I am not sure what they mean, yet” file. Unfortunately, we won’t (probably) know for a year or two; there are still a lot of shoes to drop.

[Edit: I wrote this monday afternoon. Since then there have been new developments, which I will comment on at the bottom. The bit about hypothetical Mossad spies inside Kaspersky Labs was kidding, when I wrote it, I swear.]

[Read more…]