diff options
| -rw-r--r-- | formatting.ms | 4 | ||||
| -rw-r--r-- | paper.ms | 113 | ||||
| -rw-r--r-- | refer | 32 |
3 files changed, 78 insertions, 71 deletions
diff --git a/formatting.ms b/formatting.ms index 53cfd04..bcbef48 100644 --- a/formatting.ms +++ b/formatting.ms @@ -1,9 +1,9 @@ .nr LL 5.15i .nr PO 1.55i .\" top margin -.nr HM 1.20i +.nr HM 1.10i .\" bottom margin -.nr FM 1i +.nr FM 1.1i .\" header/footer width .nr LT \n[LL] .\" point size @@ -45,7 +45,7 @@ surveillance including the government access of phone calls records of customers of the Verizon network, including calls from the US to other states as well as calls localised entirely within the US {guardian greenwald verizon}{guardian NSA roberts}{times savage 2013}. State -sponsored Sigint programs such as that in the US aims to respond to +sponsored Sigint programmes such as that in the US aims to respond to encryption and other technological developments with the primary interest of overcoming it in order to prevent terror and crime. These measures have, however, had arguably limited effectiveness and have @@ -80,7 +80,7 @@ often cited in a reason for giving governments access to unencrypted Internet communications so that suspicious activity can be flagged and investigated in order to prevent a terror attack or in order to better respond in the case of an attack. Graham describes the extensive use -of end to end encryption by terrorists in order to avoid +of end-to-end encryption by terrorists in order to avoid interception by the authorities. Due to U.S. usage of intercepted communications to uncover and prevent a number of al-Qaeda plots, the terrorist organisation and other terrorist groups have increasingly @@ -236,7 +236,7 @@ may no longer be effective, thereby potentially preventing such investigation to occur. For governments, this is arguably the result of such heavy surveillance in the first place. It is clear that knowledge such as the 2013 Snowden leaks had an impact -on the public and people are therby more interested in +on the public and people are thereby more interested in their privacy and preventing surveillance. Around the world individuals use tools to increase their privacy and anonymity when using the Internet as well as to overcome censorship of information @@ -310,7 +310,7 @@ more, however, an issue reveals itself with the incongruity between the speed of regulatory change and the progress of technology. Changes will likely be made by open software in order to maintain secure encryption, such as those -used by the open source web servers to encrypt Interet traffic, as +used by the open source web servers to encrypt Internet traffic, as well as by large corporations such as Microsoft which provides software used by many businesses and individuals. An issue may exist in software that is less popular and legacy software which may not be @@ -369,34 +369,13 @@ ability in technology and to the general public, privacy is seemingly becoming a major selling point and significant factor in the way individuals chose to use technology. -The discussion of encryption and related technologies has arguably -limited impact. State actors such as the NSA will continue to act -against individual freedoms and attempt to find or introduce backdoors -in technology that is widely used as part of its actions purportedly -in the interest of national security. Although public reactions to -information such as the 2013 Edward Snowden releases have been very -strong, they have not had significant affects on legislature, the -funding received by the NSA, and quite possibly the level of -surveillance carried out by the NSA. Thus, -discussions in public or private spheres are unlikely to -influence decisions made inside already secretive agencies where -governments are ready to except that sacrifices must be made for the -greater good. Of course, the issue arises when surveillance exists -that does not exist simply to protect a nation, but instead mass, -indiscriminate surveillance is carried out on citizens not suspected -of any criminal or terrorist activity such as the Tempora -program in the United Kingdom {guardian fibre-optic}, -however governments nonetheless -prove willing to fund the activities of surveillance agencies and will -seemingly continue to do so regardless of public opinion. - Modern cryptographic algorithms are theoretically secure; the underlying concepts mean that breaking the encryption to intercept a communication is not possible in a reasonable amount of time with current computational limits and is therefore, due to the nature of the algorithm, secure. This however, does not consider implementational flaws. Indeed, -implementational flaws are the ways in which modern breaks of +implementational flaws are the ways in which modern exploits of algorithms such as RSA (cite) occur, and methods such as timing attacks (cite) and voltage level analysis attacks, as well as memory attacks (cold boot, rubber hose ...) (do some light explaining) (cite @@ -405,7 +384,7 @@ cryptographic algorithms may have, and simply give away information such as keys (research, cite). In addition to this, there can be implementational issues in hardware, such as the recent Spectre vulnerability which was discovered in 2018; revealing data to -an attacker due to speculative execution which speeds up processing in +an attacker due to flaws speculative execution which speeds up processing in modern processors. The vulnerability allowed for the attack of cryptographic implementations such as GPG. This is potentially even more concerning given that processor implementations are proprietary. @@ -414,9 +393,30 @@ indicates the vulnerability in computer hardware, which could be exploited by any party with sufficient resources. Intel has released multiple patches for Spectre, however, there remain concerns that there is a potential for attacks in modern processors including new -processors made after 2018, and are therefore potentially a real +processors made after 2018, and therefore potentially a real threat to security {kocher spectre}. +The discussion of encryption and related technologies has arguably +limited impact. State actors such as the NSA will continue to act +against individual freedoms and attempt to find or introduce backdoors +in technology that is widely used as part of its actions purportedly +in the interest of national security. Although public reactions to +information such as the 2013 Edward Snowden releases have been very +strong, they have not had significant affects on legislature, the +funding received by the NSA, and quite possibly the level of +surveillance carried out by the NSA. Thus, +discussions in public or private spheres are unlikely to +influence decisions made inside already secretive agencies where +governments are ready to except that sacrifices must be made for the +greater good. Of course, the issue arises when surveillance exists +that does not exist simply to protect a nation, but instead mass, +indiscriminate surveillance is carried out on citizens not suspected +of any criminal or terrorist activity such as the Tempora +program in the United Kingdom {guardian fibre-optic}, +however governments nonetheless +prove willing to fund the activities of surveillance agencies and will +seemingly continue to do so regardless of public opinion. + .HLINE The executive summary to the 9/11 Commission Report {#9/11 commission @@ -424,14 +424,14 @@ report} describes the September 2001 terrorist attacks as \[oq]a shock, not a surprise\[cq]. In a similar light, the release of information relating to mass surveillance and mishandling of data such as the 2013 Edward Snowden releases ought to also be potentially considered a -shock, not a surprise given the level of data that both governments +shock, not a surprise, given the level of data that both governments and private organisations have access to and responsibility for. Encryption enables people to trust companies and governments with the handling of communications such as e-mails and enables companies to be able to work with law -enforecement without compromising user privacy as encrypted data +enforcement without compromising user privacy as encrypted data cannot be read and is therefore useless to authorities. -The free market +The free market in the West arguably has moved itself towards encrypted standards. Open source initiatives have pioneered free implementations of secure cryptographic standards, allowing any user to use these tools directly @@ -443,11 +443,10 @@ programs that allow encrypted communications. The demand for cryptography in less popular open source applications is arguably expected, yet there is nonetheless widespread adoption in more popular software and proprietary software. Companies such as Facebook have -pushed for end to end encryption in their products and the software +pushed for end-to-end encryption in their products and the software industry at large has adopted encrypted standards such as -\f[R]HTTPS\fR. There -are seemingly two sources of resistance to fully encrypted -communications. The first of these is the largest, which is government +\f[R]HTTPS\fR. +The largest source of resistance to encryption is government intervention. Government positions around the world which are opposed to encryption seemingly have double standards. Just as the Enigma and Lorentz machines were critical to the Nazi war effort in order to @@ -461,26 +460,24 @@ argument: availability of cryptography arguably lowers the barrier to entry for terror or crime and reduces the ability law enforcement has to deal with it. Nonetheless, it seems that reducing the availability of encryption to the pubic would not decrease the -opportunity for criminals or terrorists to do harm (todo - discuss -earlier). +opportunity for criminals or terrorists to do harm. Often we see two possible future realities: one with a perfect -surveillance state ruled by fear and one with ultimate privacy and +surveillance state and police state ruled by fear and one with ultimate privacy and total encryption. Both are open to significant abuse with those acting on behalf of the ruling state violating the privacy, basic freedoms -and rights of the people. In the later criminals are able to use +and rights of the people in the former. In the latter criminals are able to use technology both to hide their activities and enable their crimes without fear of police interference; creating a near anarchic existence. It seems that in the West, representations of the former in -dystopian cultural works such as those by George Orwell, -Arthur C. Clarke or Margaret Atwood, popular culture such as world -presented to us in \fIBlade Runner\fR, alongside journalistic coverage of +dystopian cultural works such as those by George Orwell +or Margaret Atwood and journalistic coverage of government surveillance and oppression in China form our view against highly invasive state surveillance. Yet media coverage of criminals and terrorists using technology and encryption, particularly following events of terror; media and government discussing the risks of technology; and the coverage of law enforcement using surveillance -tools to stop criminals shape our view of the later scenario. I feel +tools to stop criminals shape our view of the latter scenario. I feel however, that this is a fallacious dichotomy that we have collectively created. In the West it seems that we have come to far for complete surveillance to be effectively implemented, as the tools to overcome @@ -494,7 +491,26 @@ truth as it once was. Information has been shown extremely powerful in subverting totalitarianism {Nicholson Cold War broadcast} and due to the Internet regimes are less and less able to manipulate the truth. I feel that the most interesting developments in the near future will be -how the Chinese government and people will react to developments +how the Chinese government and people will react to developments in +technology and if the current state of surveillance, censorship and +propaganda will prevail as well as developments relating to encryption +and surveillance in the developing world wherever information +technology has not yet been widely available. In the West it seems +that a reasonable understanding is that being able to use encryption and +live without fear of ongoing surveillance relies on a people's will to +do so and enact such ideas in their own behaviour, even if certain +societal risks are accepted alongside that. + +Our fear of crime and terror is justified but it seems that crime and +terror will find ways of existing regardless of policy that is not +excessively draconian. Terrorists are sometimes untrusting of modern +technology and prefer simply to meet in person, outside of the reach +of surveillance or Sigint. To fight crime and terror, it seems we must +turn to their root causes and ensure that ongoing deliberation and +logical dialectic on these complex issues shape policy in a manner +more informed and logical than simply engaging in such paranoid +measures as total mass surveillance or making encryption illegal or +difficult to access for the public. .nr HY 0 .ad l @@ -505,19 +521,10 @@ IME/Pluton -- backdoors Government https://rules.house.gov/bill/117/hr-4521 . -Privacy - Apple and App Tracking Transparency - https://www.flurry.com/blog/ios-14-5-opt-in-rate-att-restricted-app-tracking-transparency-worldwide-us-daily-latest-update/ - https://www.bloomberg.com/news/articles/2021-07-14/facebook-fb-advertisers-impacted-by-apple-aapl-privacy-ios-14-changes . - -crowd supply boosts open hardware: linux magazine - https://ooni.org/post/2021-italy-blocks-gutenberg-book-publishing-website/#findings https://ooni.org/post/2021-how-signal-private-messenger-blocked-around-the-world/ https://www.technologyreview.com/2012/04/04/186902/how-china-blocks-the-tor-anonymity-network/ https://ooni.org/post/2021-russia-blocks-tor/ . -https://www.openrightsgroup.org/ - Todo: program -> programme @@ -42,14 +42,14 @@ %A Roberto Musotto %A David S. Wall %D December 2019 -%O https://theconversation.com/facebooks-push-for-end-to-end-encryption-is-good-news-for-user-privacy-as-well-as-terrorists-and-paedophiles-128782 (Accessed 22 January 2022) +%O https://theconversation.com/facebooks-push-for-end-to-end-encryption-is-good-news-for-user-privacy-as-well-as-terrorists-and-paedophiles-128782 Accessed 22 January 2022 %T How Terrorists Use Encryption %V Volume 9, Issue 6 %A Robert Graham %D June 2016 %J CTC Sentinel -%O https://ctc.usma.edu/how-terrorists-use-encryption/ (Accessed 22 January 2022) +%O https://ctc.usma.edu/how-terrorists-use-encryption/ Accessed 22 January 2022 %T The 9/11 Commission Report: Final Report of the National Commission on Terrorist Attacks Upon the United States (9/11 Report) %A National^Commission^on^Terrorist^Attacks^Upon^the^United^States @@ -67,7 +67,7 @@ %A Home^Office %D Oct 2020 %O https://www.gov.uk/government/publications/international-statement-end-to-end-encryption-and-public-safety -(Accessed 29 January 2021) +Accessed 29 January 2021 %T Between Myth and Reality: The Stasi Legacy in German History %A Konrad Jarausch @@ -90,21 +90,21 @@ %A Scott Shane %D Sep 2013 %O https://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html -(Accessed 3rd February 2022) +Accessed 3rd February 2022 %T Photos of an NSA “upgrade” factory show Cisco router getting implant %A Sean Gallagher %J Ars Technica %D May 2014 %O https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ -(Accessed 3rd February 2022) +Accessed 3rd February 2022 %T Revealed: The NSA's Secret Campaign to Crack, Undermine Internet Security %J Pro Publica %A Jeff Larson %D Sep 2013 %O https://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption -(Accessed 3rd February 2022) +Accessed 3rd February 2022 %T U.S. Confirms That It Gathers Online Data Overseas %A Charlie Savage @@ -137,7 +137,7 @@ %A H.R.3773 %T 110th Congress (2007-2008): FISA Amendments Act of 2008 -%D (2008) +%D 2008 -- Intel management engine @@ -146,7 +146,7 @@ %A Peter Eckersley %D May 2017 %J Electronic Frontier Foundation -%O https://www.eff.org/deeplinks/2017/05/intels-management-engine-security-hazard-and-users-need-way-disable-it (Accessed 22 January 2022) +%O https://www.eff.org/deeplinks/2017/05/intels-management-engine-security-hazard-and-users-need-way-disable-it Accessed 22 January 2022 %T Intel ME controller chip has secret kill switch %J The Register @@ -159,7 +159,7 @@ %J BleepingComputer %D Aug 2017 %O https://www.bleepingcomputer.com/news/hardware/researchers-find-a-way-to-disable-much-hated-intel-me-component-courtesy-of-the-nsa/ -(Accessed 6th February 2022) +Accessed 6th February 2022 -- Spectre, meltdown @@ -169,13 +169,13 @@ %A Cade Metz %A Nicole Perlroth %O https://www.nytimes.com/2018/01/03/business/computer-flaws.html -(Accessed 7th February 2022) +Accessed 7th February 2022 %T One-time Pad %A Dirk Rijmenants %D n.d. %O https://www.ciphermachinesandcryptology.com/en/onetimepad.htm -(Accessed 26th February 2022) +Accessed 26th February 2022 -- quantum @@ -207,14 +207,14 @@ %D Dec 2020 %J Nature %O https://www.nature.com/articles/d41586-020-03434-7 -(Accessed 13th January 2022) +Accessed 13th January 2022 %T Hello quantum world! Google publishes landmark quantum supremacy claim %A Elizabeth Gibney %D Oct 2019 %J Nature %O https://www.nature.com/articles/d41586-019-03213-z -(Accessed 13th January 2022) +Accessed 13th January 2022 %T Quantum computational advantage using photons %A Han-Sen Zhong^et^al @@ -297,21 +297,21 @@ %J Reuters %D Dec 2013 %O https://www.reuters.com/article/us-usa-security-rsa-idUSBRE9BJ1C220131220 -(Accessed 5 March 2022) +Accessed 5 March 2022 %T RSA issues non-denying denial of NSA deal to favor flawed crypto code %J Ars Technica %A Dan Goodin %D Dec 2013 %O https://arstechnica.com/information-technology/2013/12/rsa-issues-non-denying-denial-of-nsa-deal-to-favor-flawed-crypto-code/ -(Accessed 5 March 2022) +Accessed 5 March 2022 %T Government Announces Steps to Restore Confidence on Encryption Standards %A Nicole Perlroth %D September 2013 %J The New York Times %O https://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/ -(Accessed 5 March 2022) +Accessed 5 March 2022 %A Paul Kocher %A Jann Horn |