That’s right….weak. Virtually every single cryptography expert on the planet knows that a force-mandated “backdoor” in software or devices will not work and will make the systems vulnerable to attack by black-hat hackers or state-run military cyberattacks.
Today’s Wall Street Journal had this front-page article, “Paris Attacks Fuel Debate Over Spying – Growing belief that terrorists behind assaults used encrypted communications prompts re-examination of U.S. policy on surveillance.” A few things from the article leapt out at me:
“A growing belief among intelligence officials that the terrorists behind Friday’s Paris attacks used encrypted communications is prompting a far-ranging re-examination of U.S. policy on data collection and surveillance.”
No kidding. Anyone on this planet with intermediate technical skills can encrypt their communications.
Sen. Richard Burr (R., N.C.), chairman of the Senate Intelligence Committee, said Tuesday his panel will launch a review of encryption use. “It is likely that end-to-end encryption was used to communicate in Belgium and France and Syria,” Mr. Burr said. He said encryption was likely because no direct communication among the terrorists was detected.”
Really Senator? Maybe they met in person?
It was happenstance today that led me to the Google Cultural Institute, an online place to “Discover exhibits and collections from museums and archives all around the world. Explore cultural treasures in extraordinary detail, from hidden gems to masterpieces. Create your own galleries and share favorite finds with friends.”
While I ate lunch I viewed ‘exhibits’ and took virtual tours of:
- Anne Frank: Her Life, Her Diary & Her Legacy
- History of Ford’s Theatre (site of Abraham Lincoln’s assassination)
- The Fall of the (Berlin) Wall
- Computer History Museum
- Life Magazine Photo Collection
- and many more.
Though I’m quite astute with the web and user interface design, I struggled a bit with how the site’s collections were displayed. Most troubling was my inability to find that opening page again for the Anne Frank exhibit. I had to go back to my browser’s history to find the first page! It’s not as intuitive as it should be.
But that lacking ease-of-use is outweighed by the value inherent in these collections. All I could think of as I went through many of them was “Wow!”. Give it a try yourself.
The only way you can guarantee your privacy while using a computer or mobile device, is to just disconnect them from the network. Or become a security expert. But if you must be online and want (or need) to be as secure as possible, you won’t want to use Google’s Chrome or Mozilla’s Firefox browsers until you make some changes since your IP address can be easily discovered.
You may know about (and already use, as I do) AdBlockPlus or Ghostery. These browser add-ons are used to block advertisements and also let you control who can track you by blocking services and advertisers from doing so.
So imagine how stunned I was to learn that the very cool and new WebRTC technology (for using video, audio and screensharing right inside your web browser) can leak your internet (IP) address.
Advertisers, and tracking services, love to set tracking cookies that map to your IP address. Then they can follow you around as you use that browser to surf the internet. Intelligence agencies love to discover the IP address of someone since they then can go right to the spot from where they’re connecting.
This flaw in WebRTC is especially troublesome since it would compromise someone whistleblowing, in a country with an oppressive regime in power, businesses communicating online with WebRTC, or anyone legitimately wanting their online activities to be private…especially when they believe they are safe while using a VPN.
That IP address leakage is bad enough, but what is worse is that your IP address leaking is NOT able to be detected by any current plugins (e.g., Ghostery) or even the developer tools in Google’s Chrome or the Mozilla Firefox browsers (the primary ones that support WebRTC currently).
ThreatPost has this excellent article on this leak problem:
A recently publicized hole in WebRTC, a protocol for web communication, is revealing the local IP addresses of users, even those who go to extra lengths to hide theirs by using a virtual private network.
Daniel Roesler, a San Francisco-based researcher who’s dabbled in encryption, posted a demonstration on GitHub last week to illustrate how the vulnerability works.
Of course, you shouldn’t be doing anything online—even if using a VPN—that’s illegal like pirating movies or music, or buying stuff from a drug ecommerce site like Silk Road. But be especially careful if you are in a country, or situation, that means your life might be in danger if you are caught communicating using something like WebRTC.
How to Disable WebRTC
- To disable WebRTC, go to
- Or install this Firefox add-on
- Bad news? You CAN’T turn off WebRTC on desktop version of Google Chrome.
- Good news? Install this Chrome Extension: WebRTC Leak Prevent
Love how he can wrap very serious content with enough funny stuff to keep us paying attention…and understanding what’s coming is exactly what we all need to do (and yes, that includes you):
If you care about American education, our kids and our future, you should take a few minutes to read one of the best defenses of a liberal education I’ve read in a long while.
The article by Fareed Zakaria in his Washington Post column, Why America’s obsession with STEM education is dangerous, argues that a liberal arts education
Mr. Zakaria starts of with an understanding that most of us agree that the current state of education in the United States is flawed. That education is a critical precursor driving our ability to compete in the world, and that America’s seeming defocus on science, technology, engineering and math (STEM) is at the root of our nation’s perceived competitive decline in the world.
What does this have to do with Steve Jobs?
Reading the German publication Der Spiegel’s article called Prying Eyes: Inside the NSA’s War on Internet Security this weekend, like them I was struck by something that has been on my mind for over ten years. Why does the U.S. intelligence services, and specifically the National Security Agency (NSA), do more to protect the nation?
What came out in the Edward Snowden revelations was that the NSA is, without question or doubt, working feverishly to crack all encryption and are also working hard to build a quantum computer that will crack the little unbreakable encryption we still enjoy today.
Any of us in information technology, web or mobile app creation, and any sort of data security at all, know that if something has been cracked—regardless if it’s some kid in Norway or a state-based intelligence service—it is only a matter of time before the blackhat hackers discover it and exploit the crack.
Yep. I’m getting older, but so are you. Since some of my work is with non-profits focused on seniors and aging, I re-read a study from the Joint Center for Housing Studies at Harvard University called Housing America’s Older Adults you might be interested in the huge number of 50+’ers there will be in just over 15 years:
America’s older population is in the midst of unprecedented growth. With the aging of the large baby-boom generation and increased longevity, the 50-and over population is projected to increase about 20 percent by 2030, to 132 million. In just 15 years, one in five people will be at least aged 65.
Wow. At least I’ll have some company! Take a peek at the Harvard Symposium AGING + PLACE at YouTube or look at the infographic below for some fun factoids…
Often I wonder if the vast majority of people are just stupid. Or to be a bit kinder, perhaps they’re illiterate or they get their strategic decision-making “data” from watching the climate deniers on Fox News since that’s the only channel available to them.
But when I saw this in today’s Minneapolis StarTribune I shook my head in disgust and sadness that confirmed my worst fears about my fellow human beings:
“Loudest climate warning issued,” was replaced last evening online by a much clearer one: UN climate panel says emissions need to drop to zero this century to keep warming in check. It states that, “Climate change is happening, it’s almost entirely man’s fault and limiting its impacts may require reducing greenhouse gas emissions to zero this century, the U.N.’s panel on climate science said Sunday.” That means NO greenhouse gases. You know…like the ONES PRODUCED BY BURNING FOSSIL FUELS IN BIG CARS!
From the report:
“Emissions have risen so fast in recent years that the world has used up two-thirds of its carbon budget, the maximum amount of CO2 that can be emitted to have a likely chance of avoiding 2 degrees of warming.”
Two degrees of warming would devastate the world’s coastlines…you know, like Florida’s (more on that in a moment).
So then I was taken aback when I saw this article on the front page of the StarTribune’s Business section that said, “Small-vehicle sales seen slumping as low fuel prices benefit SUVs. Larger SUVs are looking good to buyers as gas hovers near $3 a gallon in much of the nation.”
BUYING BIGGER CARS
Some quotes from that second article that illustrates why I said all that stuff about people in my opening paragraph:
“The price of gas per gallon is drastically low — I’m really celebrating and enjoying that at the moment,” said Andrea Turner, a Tennessee mother who last week bought a 2014 Buick Encore sport-utility vehicle. The Encore has extra space to fit her 5-foot-11 frame and 10-year-old son’s soccer gear.
“You just feel so much better when you look at the pump, and you’re pleasantly surprised,” said Jeff Schuster, an analyst for LMC Automotive in Troy, Mich., who sees a direct link between gasoline prices and small-car sales. “You say, ‘Maybe I’ll splurge on something and treat myself.’ ”
“Right now, gas mileage is not that much of an issue for consumer choice,” said Greg Williams, new-car sales manager at Holman Honda of Fort Lauderdale, Fla.
It’s not gas mileage…it’s the carbon going in to the atmosphere dummy. Hope Greg Williams has plans to get out of Florida since this is what the National Geographic climate change map shows for Florida when all Arctic and Antarctic ice melts (the absolute worst-case scenario, I should add):
Glenn Greenwald was one of the first reporters to see — and write about — the Edward Snowden files, with their revelations about the United States’ extensive surveillance of private citizens. In this searing talk, Greenwald makes the case for why you need to care about privacy, even if you’re “not doing anything you need to hide.”
The Edward Snowden revelations about the U.S. National Security Agency (NSA) and its vacuum surveillance, sadly seems to be fading from the public consciousness. Undoubtedly this is viewed as a positive by the intelligence community since they are continuing to accelerate their programs now seemingly unabated.
Awareness is one reason I was pleased to see this article that The Guardian wins an Emmy for coverage of NSA revelations. Their multimedia piece NSA Files Decoded is one of the best, most comprehensive and informative (dare I say “entertaining?”) pieces I’ve seen yet. Congratulations to The Guardian team!
If you care at all about the world our children and grandchildren will inherit, then you owe it to yourself to watch the videos or read articles at NSA Files Decoded. You might also consider paying attention to a relatively new website, The Intercept, so that you can stay aware, stay informed, and not be one of those who are naive about the unprecedented and growing power of the intelligence community and its surveillance of all U.S. citizens.