Friday, July 4, 2014

Dear NSA, Privacy is a Fundamental Right, Not Reasonable Suspicion

Learning about Linux is not a crime—but don’t tell the NSA that. A story published in German on Tagesschau, and followed up by an article in English on today, has revealed that the NSA is scrutinizing people who visit websites such as the Tor Project’s home page and even Linux Journal. This is disturbing in a number of ways, but the bottom line is this: the procedures outlined in the articles show the NSA is adding "fingerprints"—like a scarlet letter for the information age—to activities that go hand in hand with First Amendment protected activities and freedom of expression across the globe.

What we know

The articles, based on an in-depth investigation, reveal XKeyscore source code that demonstrates how the system works. Xkeyscore is a tool which the NSA uses to sift through the vast amounts of data it obtains. This source code would be used somewhere in the NSA’s process of collecting and analyzing vast amounts of data to target certain activities. According to the Guardian, XKeyscore’s deep packet inspection software is run on collection sites all around the world, ingesting one or two billion records a day.

The code contains definitions that are used to determine whether to place a "fingerprint" on an online communication, to mark it for later. For example, the NSA marks online searches for information about certain tools for better communications security, or comsec, such as Tails.

As the code explained, "This fingerprint identifies users searching for the TAILs (The Amnesic Incognito Live System) software program, viewing documents relating to TAILs, or viewing websites that detail TAILs." 

Tails is a live operating system that you can start on almost any computer from a DVD, USB stick, or SD card. It allows a user to leave no trace on the computer they are using, which is especially useful for people communicating on computers that they don’t trust, such as the terminals in Internet cafes. 

The NSA also defines Tor directory servers (by IP number) and looks for connections to the Tor Project website. This is hardly surprising, considering the documentation of the NSA’s distaste for Tor. It is, however, deeply disappointing. Using privacy and anonymity software, like Tor and Tails, is essential to freedom of expression.  

Most shocking is the code that fingerprints users who visit Linux Journal, the website of a monthly magazine for enthusiasts of the open-source operating system.  The comments in the NSA’s code suggest that the NSA thinks Linux Journal is an "extremist forum," where people advocate for Tails. The only religious wars in the Linux Journal are between the devoted users of vi and emacs.

For the rest of the story:

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...