diff options
Diffstat (limited to 'paper.ms')
| -rw-r--r-- | paper.ms | 75 |
1 files changed, 42 insertions, 33 deletions
@@ -15,10 +15,10 @@ decrypted without the necessary keys, such as with RSA where security is ensured by the large primes involved and the current intractability of prime factorisation. This allows for communication that is practically guaranteed to be private: a relatively new phenomenon in -communications, seen with inventions such as the one-tme pad -{Rijmenants} which was cryptographically secure and used by the both -the KGB and NSA (cite), beyond the use of the Enigma and Lorentz -machines by the Nazis which were both of which were decrypted by +communications, seen with inventions such as the one-time pad +{Rijmenants} which was cryptographically secure and used by both +the KGB and NSA, beyond the use of the Enigma and Lorentz +machines by the Nazis which were both decrypted by cryptanalysis methods during the Second World War. Today, secure cryptographic methods are used not only by government backed agencies in preventing or practising espionage, but by individual citizens who @@ -35,7 +35,7 @@ has grown. Part of government interest in SIGINT is a direct response to perceived threads, such as the PATRIOT Act in the US which followed the 2001 terrorist attacks with the objective of strengthening national security (cite). Later, the FISA Amendments Act of 2008 -further increased increased the powers of law enforcement to access +further increased the powers of law enforcement to access information, such as allowing the Attorney General and Director of National Intelligence to gather information about individuals outside the United States {H.R. FISA congress}. It was, however, the PATRIOT @@ -140,12 +140,13 @@ attempting to carry out surveillance on a massive scale on their own citizens. A key distinction today, however, is that this work is not carried out by a vast network of informants, there are no gargantuan gargantuan stores of paper, and there are no -hundreds of miles of film (cite all) documenting and aiding the +collections of film and photograph {The Federal Archives} documenting and aiding the surveillance of the authorities. Instead, the level of surveillance that large, secretive groups of individuals once had to carry out in order to enable a surveillance state can be performed instead through bureaucracies and technological methods. In modern times, governments -can operate with a very limited number of operatives 'on the ground', +can operate with a very limited number of operatives \[oq]on the +ground\[cq], and instead focus attention on the giant amounts of data they have for processing in order to make the findings they intend to: be it crime, terrorism, or \[en] as was the case with the Gestapo and Stasi - descent. @@ -193,7 +194,7 @@ subsystem, which will be present on hardware sold in the future. This variety of hardware within a single computer is a rather interesting and potentially worrying development, particularly with the clear level influence, interest, and competitiveness both the US {US House -chip manufacturing bill} and Chinese governments (cite) have in the +chip manufacturing bill} and Chinese governments have in the chip manufacturing industry. In light of potential issues with hardware, there have been developments in \[oq]open hardware\[cq]. @@ -203,7 +204,7 @@ RISC-V is an open standard for CPU design {case for RISC-V}. This allows for ope source CPU implementations, such as those designed at UC Berkeley, as well as those from other parties, such as Alibaba Group {chen risc}. A significant amount of existing software has been ported to the RISC-V -platform (cite) and alongisde the Alibaba implementation for data +platform and alongisde the Alibaba implementation for data centres, the standard has been used by Google for a security module in the \[oq]Pixel 6\[cq] smartphone (cite). This attention and interest potentially signals a shift towards @@ -229,12 +230,12 @@ Movement towards open standards in both hardware and software reveals a problem for law enforcement agencies and counterterrorism forces. The tools of mass surveillance that once enabled investigation into crime or terror such as reading -messages/emails, listening to calls, tracking location, or analysing +messages/e-mails, listening to calls, tracking location, or analysing metadata may no longer be effective, thereby potentially preventing such investigation to occur. For governments, this is arguably the result of such heavy surveillance in the first place. It is clear that knowledge such as the 2013 Snowden leaks had an impact -on the public (cite), and people are therby more interested in +on the public, and people are therby more interested in their privacy and preventing surveillance. Around the world individuals use tools to increase their privacy and anonymity when using the Internet, as well as to overcome censorship of information @@ -321,13 +322,13 @@ public sphere: the US National Institute of Standards and Technology (NIST) made a public request for nominations of post-quantum cryptographic algorithms (cite), leading -to standards that will clearly influence future lawmaking (cite). +to standards that will clearly influence future lawmaking. This adoption of open processes and the open auditing and implementation of future cryptographic standards is most striking when compared with the \fIDual_EC_DRBG\fR algorithm. This algorithm, which contained a vulnerability, was included in NIST standards. This vulnerability allowed the NSA to potentially decrypt -Internet traffic such as emails (cite). The NSA also allegedly paid +Internet traffic such as e-mails (cite). The NSA also allegedly paid the firm RSA Security in order to implement the algorithm with its backdoor in their popular security products {menn nsa contract} and although the NSA @@ -346,7 +347,7 @@ occur in both free and non free societies in support of individual freedoms. The assertion of \[oq]Linus' law\[cq] that , \[lq]given enough eyeballs, all bugs are shallow\[rq] (cite - CathBaz) creates a serious inability for actors such as governments to engineer backdoors into software as -the NSA previously has (cite) or to prevent the development of +the NSA previously has or to prevent the development of software altogether (find example). On the other hand, the vast majority of the software and hardware used by the general public is proprietary. For many, this will continue to be the norm. Yet, the @@ -380,8 +381,9 @@ governments are ready to except that sacrifices must be made for the greater good. Of course, the issue arises when surveillance exists that does not exist simply to protect a nation, but instead mass, indiscriminate surveillance is carried out on citizens not suspected -of any criminal or terrorist activity such as the Optic Nerve -program in the United Kingdom (cite), however governments nonetheless +of any criminal or terrorist activity such as the Tempora +program in the United Kingdom {guardian fibre-optic}, +however governments nonetheless prove willing to fund the activities of surveillance agencies. Modern cryptographic algorithms are theoretically secure; the @@ -420,15 +422,16 @@ relating to mass surveillance and mishandling of data such as the 2013 Edward Snowden releases ought to also be potentially considered a shock, not a surprise given the level of data that both governments and private organisations have access to and responsibility for. -Encryption enables people to trust that their data that they wish to -be private truly is and allows companies to handle communications -such as e-mails without having to consider secure storage or giving -data to law enforcement due to the fact the company itself is unable -to read the data if it is end-to-end encrypted. The free market +Encryption enables people to trust companies and governments with +the handling of communications +such as e-mails and enables companies to be able to work with law +enforecement without compromising user privacy as encrypted data +cannot be read and is therefore useless to authorities. +The free market arguably has moved itself towards encrypted standards. Open source initiatives have pioneered free implementations of secure cryptographic standards, allowing any user to use these tools directly -in order to send information, as occurs with the popular PGP +in order to send information, such as the popular PGP implementation GPG. Additionally the open implementation of cryptographic tools enables developers to integrate secure versions of these tools into new programs, allowing for the easy development of @@ -448,9 +451,9 @@ conduct critical communications and the breaking of those ciphers were critical to the Allies, encryption remains critical to government communications and state sponsored espionage. Governments maintain up to date cryptographic systems in order to keep their own -communications secure, yet fight hard against encryption in the name -of national security and to fight crime. In some ways this is a valid -argument: wide availability to cryptography arguably lowers the +secure, yet fight hard against encryption in the name +of national security. In some ways this is a valid +argument: availability of cryptography arguably lowers the barrier to entry for terror or crime and reduces the ability law enforcement has to deal with it. Nonetheless, it seems that reducing the availability of encryption to the pubic would not decrease the @@ -465,8 +468,9 @@ and rights of the people. In the later criminals are able to use technology both to hide their activities and enable their crimes without fear of police interference; creating a near anarchic existence. It seems that in the West, representations of the former in -dystopian cultural works such as those by George Orwell, Isaac Asimov, -Arthur C. Clarke or Margaret Atwood, alongside journalistic coverage of +dystopian cultural works such as those by George Orwell, +Arthur C. Clarke or Margaret Atwood, popular culture such as world +presented to us in \fIBlade Runner\fR, alongside journalistic coverage of government surveillance and oppression in China form our view against highly invasive state surveillance. Yet media coverage of criminals and terrorists using technology and encryption, particularly following @@ -480,16 +484,19 @@ such a regime already exist and there is a widespread sentiment of resistance amongst the public and in governments and courts against such invasive measures. Yet, even in a world of widespread encryption, governments and law enforcement would demonstrably still be able to -conduct surveillance and investigation at some level. +conduct surveillance and investigation at some level. It is clear that +in the Internet age, it is no longer as easy to disguise or hide the +truth as it once was. Information has been shown extremely powerful in +subverting totalitarianism {Nicholson Cold War broadcast} and due to the +Internet regimes are less and less able to manipulate the truth. I +feel that the most interesting developments in the near future will be +how the Chinese government and people will react to developments .nr HY 0 .ad l IME/Pluton -- backdoors https://www.techrepublic.com/article/is-the-intel-management-engine-a-backdoor/ https://www.techrepublic.com/article/why-the-nsa-may-not-need-backdoors/ - Disabled on new ThinkPads: https://www.theregister.com/2022/01/20/microsoft_amd_pluton_lenovo/ - -Heatbleed (2014) (occured in open source software) Government https://rules.house.gov/bill/117/hr-4521 . @@ -508,5 +515,7 @@ https://ooni.org/post/2021-russia-blocks-tor/ . https://www.openrightsgroup.org/ -TODO : recite bulletin -https://www.ghi-dc.org/publication/stasi-at-home-and-abroad-domestic-order-and-foreign-intelligence . +Todo: + program -> programme + SIGINT -> Sigint ? + |