This night, news broke that the USA’s security agencies have been wiretapping essentially every major centralized social service for private data. Photos, video conferences, text chats, and voice calls – everything. We have been saying this for years and been declared tinfoil hat and conspiracy nuts; it’s good to finally see the documents in black on white.
This night, European time, the news broke that the USA’s National Security Agency (NSA) has had direct access to pretty much every social network for the past several years, dating back to 2007, under a program named PRISM. Under the program, a number of social services voluntarily feed people’s private data to the NSA. In short, if you have been using/uploading
- video or voice chat
- videos
- photos
- stored data
- VoIP calls
- file transfers
- video conferencing
- (and more)
…from any of…
- Microsoft (incl. Hotmail et al), since Sep 11, 2007
- Google, since Jan 14, 2009
- Yahoo, since Mar 12, 2008
- Facebook, since June 3, 2009
- PalTalk, since Dec 7, 2009
- YouTube, since Sep 24, 2010
- Skype, since Feb 6, 2011
- AOL, since Mar 31, 2011
- Apple, since Oct 2012
…then you have been wiretapped, and still are.
This piece of news broke just after it was revealed that the same NSA is demanding phone records from one of the major telco operators in the USA, and presumably all of them.
In short, practically every single service you have ever been using that has operated under the “trust us” principle has fed your private data directly to STASI-equivalent security agencies. Practically every single one. The one exception notably missing from the list is Twitter (but Twitter uses broadcast messages – you shouldn’t write anything secret on Twitter in the first place).
Carefully note that this PRISM program is not unique to the USA: Several European nations have the same wiretapping in place, Sweden among them. Also, these agencies share raw data freely between them, trivially circumventing any restrictions against wiretapping the own population (“I’ll wiretap yours if you’ll wiretap mine”).
This piece of news practically detonated when it hit this night. We have been saying that this is the probable state of things for years – it’s good to finally get rid of those tinfoil hats, with facts on the table. Predictably, the social comms companies named in the NSA slides are out scrambling with statements and comments.
Google, for example, said in a statement to the Guardian: “Google cares deeply about the security of our users’ data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a back door for the government to access private user data.”
As a politician, what strikes me is how carefully crafted this statement is to give the appearance of denying the allegations, without doing so. It stops exactly short of saying “the presented allegations are lies”.
[UPDATE: The follow-up response from Google’s CEO changes this picture completely. See the followup article. You’ve still been wiretapped if you’ve been using a centralized communications service, but through no fault of Google.]
For example, a system could be in place that continuously fed the NSA data from Google servers in accordance with the NSA documents, and the above Google statement would still be true (if Google feeds data to the NSA, rather than the NSA fetching it from Google).
Microsoft – whose motto is “Privacy is our priority”, the Guardian notes – was the first to join the PRISM program in 2007. On the other hand, that company was never trusted much, so I don’t see a lot of surprise.
What we learn from this is something that us net liberty activists have known and practiced all along: if you want your data to be private, you can trust no one with it. No one. You must make sure to encrypt it yourself. Only then can you place it in the custody of somebody else. Putting an unencrypted file on Dropbox, Google Drive, sending it in e-mail, etc., is and has been the equivalent of shouting it out to the entire world.
A system that requires privacy, but is built on the assumption on trust in a third party, is broken by design.
You can only trust systems that are built around the principle of distrusting the entire world (like bitcoin, nota bene), or systems that are physically under your control. Note that I say physically: having virtual servers “in the cloud” is not enough, for an administrator of that cloud can trivially go in and take everything you’re processing there and feed it to whomever they like, and must be assumed to do so. For the same reason, having your own servers in a rented datacenter is not enough, either: an administrator of the datacenter can give access to your computers to whomever they like. That is the reason why I have servers for this site and other sites of mine running on my own balcony:
This is the reason you cannot trust Dropbox, Gmail, Skype and similar services with anything remotely sensitive. If you have sensitive data, you need your own servers to store and communicate it. Servers that are physically under your control. That is why you should be running encrypted SparkleShare on your own file servers rather than Dropbox in the cloud; that is why you should be running default-encrypted Mumble on your own servers rather than using Skype; that is why you should be using RedPhone from your cellphone instead of regular voice calls.
It’s already a matter of life and death in many places on the planet. Also, do note that it may not be the laws today you have to worry about: Everything is recorded and stored, and your innocent words today may come back to haunt you 30 years down the line under a different administration.
Privacy is your responsibility. You can trust no one.
As a final note, this shows very much why pirate parties are needed – worldwide – to kick politicians who authorize these egregious violations out of office, off the coast and into the ocean. (I usually write “next state”, but people from that state always complain how people there don’t want them either.)
Now after we know about PRISM and how Microsoft, surprising no one, handed out your data to the authorities, imagine what new exciting surveillance possibilities are opened up by the Xbox One with the always online skynet-eye Kinect 2 in your living room.
Are you feeling violated yet?
This. This.
Except that is totally false. You can turn it off when the console is on. It doesn’t watch you when the console is off.
Get your facts straight, please.
Maybe that’s why you get accused of being a conspiracy theorist….
“You can turn it off when the console is on”
Since the console will be under the control of the online administration for 100% of it’s uptime, no. You can’t turn it off.
“It doesn’t watch you when the console is off”
Correction. It can’t watch you when the powe rcable is unplugged. Otherwise, assuming the administrator of the microsoft live server so deigns, it certainly can.
In case you didn’t know, remote access technology is a standard in the chipsets used.
“Maybe that’s why you get accused of being a conspiracy theorist….”
The same way he is a “conspiracy theorist” because NSA has indeed verifiably wiretapped just about everyone since 2007?
Right…
Anyone with a smidgen of intellectual integrity who criticises(sp?) the growing transformation of the internet into panoptikon ought to be baying for jailbreaks all day, every day.
An interesting thought is that the companies joining PRISM did so voluntarily, Microsoft being the first one to join (and Apple last). The question I put to myself: Exactly what kind of bribery did the government use in order for these companies to jump on the PRISM train? Precisely what made Apple to join last year and not earlier? What made Google to join? Etc.
We need a new infra-structure that bypass ISPs. And we need it NOW!
“That is the reason why I have servers for this site and other sites of mine running on my own balcony”
So thats why your site is down so often?
True foilhat technology!
Yes, that is indeed why the uptime suffers compared to if the site had been run from a virtual server in a datacenter. Yesterday, for example, my flat was offline for around 12 hours. If my flat is offline, my servers are offline, and the site is offline.
I don’t like it, but I don’t have the resources at the moment to create a redundant copy somewhere else that is also under my physical control.
Cheers,
Rick
But you are using CloudFlare So technically all the communication between users and your server could just as easily be wiretappd by the US, since CloudFlare is an American company, too.
This would be a valid point weren’t it for the fact that all Swedish traffic is already wiretapped by Sweden’s equivalent agency, the FRA.
(Mere visits to falkvinge.net have some sensitivity, but a fairly low grade. Other things are much more sensitive.)
All traffic that passes Sweden’s borders. Some local traffic doesn’t, even though one does not know that until it’s sent. It’s unnecessary to both guarantee that it is picked up by the FRA and put it at high risk of being picked up by the NSA.
Is your company using Office 365? The internal product name at Microsoft is Office 451.
“If you have sensitive data, you need your own servers to store and communicate it.”
This sorta supports the nothing-to-hide-fallacy. If you want people to take privacy seriously, shouldn’t you also address the frivolous sharing of information that seems prevalent.
In the end to watch the most careful of us who do indeed encrypt and keep everything in our own home, they need to get ahold of our home keys or gain physical access one way or another. How do you protect against that without seeming as paranoid / tinfoil to your friends and family?
[…] Rick Falkvinge – Infopolicy […]
[…] Someone said: “This night, news broke that the USA’s security agencies have been wiretapping essentially every major centralized social service for private data. Photos, video conferences, text chats, and voice calls – everything.” …http://falkvinge.net/2013/06/07/told-you-so-if-you-have-been-using-a-centralized-comms-service-you-w… […]
” Putting an unencrypted file on Dropbox, Google Drive, sending it in e-mail, etc., is and has been the equivalent of shouting it out to the entire world.”
Somewhat exagerrated eh?
No, that’s the whole point – that’s exactly what has been happening. You want to keep something secret, these services have been the equivalent of publishing it on web pages.
But Rick most people doesn’t care if their private messages are picked up by whoever, and you have to shout really really really really really LOUD if you are to be noticed among 1000 million shouters every day.
So you did exaggerate again.
One private message is probably not interesting.
A pattern of messages, now we are talking.
And even worse, if one or more messages differs from the pattern, now that would seem suspicious.
Why is you message not a “normal” message?
Why are your messages between time X and time Y not corresponding with the pattern of messages for other time periods?
Investigate.
@Googla: I think most people do care, depending on what the message contains and who that “whoever” is.
For example, maybe a message about how easy your job is, so you can sit and play computer games all day, you would not want your boss to read. And maybe you wouldn’t want your parents to find out that you are fapping to porn. And maybe, at least in some countries (such as the USA), you would not want anyone you know except for a few you really trust, to find out that you are an atheist. And this far, we have only covered LEGAL stuff, at least in most of the west.
Another example, in addition to Ano’s examples.
One scenario: my stance on politics.
I might want to keep those optinions for myself. And still, I might want to participate in political discussions, buy submitting messages here and there. A comment here, a message there by simply communicating over the net
Automatic mass-surveillance tools analysing patterns of my messages will most likely reveal those things.
Even if I might not be the target at this specific point in time, Im still stuck in the surveillance.
… I wouldn’t want my mother to know I’m buying her a present.
… I wouldn’t want my boss to know I’m looking for a new job.
… I wouldn’t want my neighbour to know I think his BBQ parties suck.
…. I wouldn’t want my enemies to know my fears.
… I wouldn’t want my significant other to know I’m looking at rings.
See? See? These are legit reasons why private communication between individuals needs to be truly private- that is, encrypted.
@Pat: Yes. That is most important. In Sweden, registering someone without their consent, on ground of their political opinion, is illegal. It’s called “åsiktsregistrering”, literally “opinion-registering”. I would guess that the FRA and SÄPO has an exception from that law. Unfortunately.
It is illegal because history has proven that such registries often come back and bite the people in them…
No, not really:
http://news.cnet.com/8301-31921_3-20072755-281/dropbox-confirms-security-glitch-no-password-required/
I have been saying this to friends and relatives since the beginning of cloud services: That means authorities and companies can read, alter or erase your files at will. Don’t use it for anything remotely sensitive, and always have a backup.
The reaction? “Tin foil hat! They wouldn’t do that, they’d lose customers.”
I’m afraid the last sentence couldn’t be more false. Almost nobody will give this “scandal” a second thought before talking, writing, videochatting or uploading anything sensitive. Much less before registering an account into such a service.
People are idiots. They won’t understand until they are arrested for alleged crimethink.
Well this has been a wake up call for me, thanks.
I was thinking about changing to different services, looking for maybe a smaller service or a more honorable service, but it really will happen again, they will eventually get all my communications no matter where I go unless I have control over them.
A lot of the more private options aren’t as easy to use but they will be worth it.
The scariest thing about all this is that people aren’t really that surprised or outraged. It’s like society has already given up its right to have a privacy respected and to know clearly the privacy terms of their service providers. I won’t trust google, not anymore. They might not technically lie but they are still being dishonest to everyone.
“that is why you should be using RedPhone from your cellphone instead of regular voice calls.”
And you link to Google Play? Do you have an Android phone, and think you can evade surveillance with an app? Google have FULL ACCESS into those phones. They even admit they use contents of text messages, phone logs, etc. in the EULA.
Why wouldn’t they record incoming and outgoing audio from said app, compress it and send it back to Google HQ via WiFi when connected, and from there to the NSA for voice-to-text processing unless G does that themselves? It’s just voice, it’s some 50 kB a minute. If it’s encrypted, nobody would ever notice…
Yes. Android is nothing but spyware (no irony!).
Another example:
Phone calls made with Google Voice are recorded and stored at Google servers (even though one of the persons involved might not even use Google Voice, or know that he’s being called by a person using Google Voice).
Google are not stupid. They collect peoples private lifes any way they can, even those not using any of their services.
My phone runs Android (CyanogenMod). It has no Google software. I took care not to install any such spyware. I install only open-source.
Google has NO access to my phone.
Same for me- first thing I do with my stuff is root it, install AOSP, and rebuild everything from the ground up. My family thinks I”m crazy, but I’m not taking any chances, be it from sophisticated robbers or a government out of control.
I’ve been thinking for this for a while, and especially when it comes to Google. I mean, Android was built to tap your life 24/7 (and it does too). But Google is so huge, and they are *everywhere* (this blog is no exception, using AdSense), so even though you might not use an Android, Google track you using a huge amount of other channels. Like your friends for example…
I fear the day Google Glass are released. This will end privacy as we know it.
While we are talking about encrypting everthing, any chance this website will start accepting HTTPS?
That happened a long time ago.
It appears to be only partly implemented. My browser shows a broken lock icon and reports that lots of files were fetched over plain HTTP.
And now it warns me that this comment will also be sent unencrypted.
[…] Patriot Act aan de gang is en de Europese politiek pas 10 jaar later opschrikt. De Zweedse piraat Rick Falkvinge merkt op dat activisten en Piratenpartijen dit al jarenlang roepen. Aan dovemansoren […]
As my mother is found of saying: you have to know how to live with the help.
Anybody know where I can find an encryption program that not only encrypts my data but also alters itself in response to being accessed before its intended destination so that upon arrival the person on the other end can have a chance of telling if the data sent to them has been accessed by a third party?
Check out OTR ( Off The Record ) messaging.
What you are asking for is quantum cryptography, and it’s impossible to implement on classical computers – every single router between you and the recipient will ‘access’ the data since it needs to copy it from the incoming buffer to the outgoing buffer.
[…] om ämnet: Piratpartiet, Anna Troberg (PP), Henrik Brändén, Rick Falkvinge, Opassande, Henrik Alexandersson, Copyriot, Zacs åsikter på ett fat, Full Mental Straightjacket, […]
I can’t stand the “oh who cares”-crowd. You do care. You really do. If you don’t, please allow me to spend as much as time as I want going through everything digital in your life. And let me catalogue it. Then give me the power to change laws to fit my personal morals. If the data I collected off of you does not fit with my new laws – i.e. my morals – I’ll send you to prison.
That being said…
There are plenty more things to think about, other than privacy. Business data, for example.
I’m in the process of starting my new business and need the ability to communicate with my lawyers and a business advisor. Until a few days ago, we used Dropbox to send vast amounts of data back-n-forth. Needless to say, we’ve stopped that. We’re switching to Wuala now.
And when the business takes off, I’ll get some servers of my own to do the sharing of data through an AppGate VPN.
I for one welcome this news, because hundreds of thousands, if not millions of people will now become at least somewhat aware of the mass surveillance that already goes on unchecked everywhere.
Solutions to this problem are complicated, and include vpn, cryptography, bitcoin, TOR and so on. What has been missing so far is a project that binds all these together, acting like digital glue. I believe that project could be the personal cloud and that we will begin seeing the first examples in a year or so.
The best scenario would be to have your data stored online under high-grade encryption that you alone control, to be able to create identities that have control over some or all of that data and use secure encrypted decentralized communication and data transfer channels between personal clouds. All the software should be completely open-source in order to ensure reliable security and completely p2p in order to ensure resilience, speed, availability and anonymity. This would be a combination of social media (forum, social network, blogging) file storage, means of secure value transfer (with Bitcoin), data transfer (file-sharing, email, IM, IRC, audio/video communication) streaming etc. The thing would work as a core software (self-hosted or not) with plug-ins and an api that would enable people to build other apps/plugins for it.
We still have at least 3-4 years before something like this will emerge, however it’s just a matter of time. All the ingredients are here, all the enabling technologies have already been invented, all we have to do is put them together, and make the whole thing modular, secure, open, decentralized and with as much built-in anonymity (or at least plausible deniability) as possible. A project like this could be as important to freedom as Linux and eventually send Facebook and Google down the same path as Myspace. Remember, the cost of storage, processing power and bandwidth is only going to go down 🙂
I really like those ideas.
And the best thing is I can see them coming soon.
[…] Rick Falkvinge med tillåtelelse för återpublicering i […]
[…] Told You So: If You Have Been Using A Centralized Comms Service, You Were Wiretapped […]
[…] Told You So: If You Have Been Using A Centralized Comms Service, You Were Wiretapped […]
If you do use Dropbox, encrypt your sensitive data using BoxCryptor or equivalent.
[…] been very recently discovered that NSA has a project called PRISM, which consists of major internet corporations allowing NSA to spy freely and access […]
It’s my informed opinion that Accellion is similarly compromised.
And how do I get Redphone without first getting the Trojan horse Google Play? I’m not interested in compiling it myself.
Now I did more research on this, and found out that Redphone relies on Google Play for its “Cloud Messaging” service. “Cloud” means that Google controls your data, and using that service means that Redphone cannot be distributed without Google Play and that Google can see who is calling whom (identified by their Google account ID) and from which location and at which time.
REDPHONE THEREFORE DOES EXACTLY THE SAME THING AS THE HEAVILY CRITICIZED SWEDISH IMPLEMENTATION OF THE DATA RETENTION DIRECTIVE.
Google Play is dangerous. To make Redphone secure, a fork must be made that does not depend on Google Play.
http://f-droid.org/forums/topic/red-phone-and-text-secure/#post-6077