Added: Ivorie Stark - Date: 09.07.2021 22:53 - Views: 12084 - Clicks: 8635
First Look Institute is a c 3 nonprofit organization. His situation was more stable, the threats against him a bit easier to predict. So I approached my Snowden meeting with less paranoia than was warranted inand with a little more attention to physical security, since this time our communications would not be confined to the internet. Our first meeting would be in the hotel lobby, and I arrived with all my important electronic gear in tow.
This, in turn, was tucked One night nsa in my hotel room my backpack next to my laptop which I configured and hardened specifically for traveling to Russiaalso powered off. Most of the lobby seats were taken by well-dressed Russians sipping cocktails. I planted myself on an empty couch off in a nook hidden from most of the action and from the only security camera I could spot. Later he shifted from one side of my couch to the other, walking away just after I made eye contact.
Eventually, Snowden appeared. We smiled and said good to see you, and then walked up the spiral staircase near the elevator to the room where I would be conducting the interview, before we really started talking. Later, he told me to feel free to take out my phone so I could coordinate a rendezvous with some mutual friends who were in town. But he rarely has the opportunity to delve into the details and help people of all technical backgrounds understand opsec and begin to strengthen their own security and privacy.
I believe he wanted to use our chats to promote cool projects and to educate people. For example, Snowden had mentioned prior to our in-person meeting that he had tweeted about the Tor anonymity system and was surprised by how many people thought it was some big government trap. He wanted to fix those kinds of misconceptions.
Micah Lee : What are some operational security practices you think everyone should adopt? Just useful stuff for average people. Lee : What do you think about Tor? One night nsa in my hotel room : I think Tor is the most important privacy-enhancing technology project being used today. I use Tor personally all the time. What Tor does is it provides a measure of security and allows you to disassociate your physical location. If you want to get more involved, you can volunteer to run your own Tor nodeas I do, and support the diversity of the Tor network. Lee : So that is all stuff that everybody should be doing.
What about people who have exceptional threat models, like future intelligence-community whistleblowers, and other people who have nation-state adversaries? Maybe journalists, in some cases, or activists, or people like that? The needs of every individual in a high-risk environment are different.
And the capabilities of the adversary are constantly improving. The tooling changes as well. What really matters is to be conscious of the principles of compromise. How can the adversary, in general, gain access to information that is sensitive to you?
What kinds of things do you need to protect? What we do need to protect are the facts of our activities, our beliefs, and our lives that could be used against us in manners that are contrary to our interests. So when we think about this for whistleblowers, for example, if you witnessed some kind of wrongdoing and you need to reveal this information, and you believe there are people that want to interfere with that, you need to think about how to compartmentalize that.
When we talk about whistleblowers and what to do, you want to think about tools for protecting your identity, protecting the existence of the relationship from any type of conventional communication system. And this is to be sure that whoever has been engaging in this wrongdoing cannot distract from the controversy by pointing to your physical identity. Instead they have to deal with the facts of the controversy rather than the actors that are involved in it.
Lee : What about for people who are, like, in a repressive regime and are trying to …. Now, there is a counterpoint here where the use of privacy-enhancing technologies in certain areas can actually single you out for additional surveillance through the exercise of repressive measures. Lee : So you mentioned that what you want to spread are the principles of operational security.
And you mentioned some of them, like need-to-know, compartmentalization. Can you talk more about what are the principles of operating securely? Snowden : Almost every principle of operating security is to think about vulnerability. Think about what the risks of compromise are and how to mitigate them. Lee : Are there principles of operational security that you think would be applicable to everyday life? The idea here is that sharing is OK, but it should always be voluntary. If you interact with the internet … the typical methods of communication today betray you silently, quietly, invisibly, at every click.
At every that you land on, information is being stolen. You can reduce this by taking a few key steps. Basic things. For example, if you use browser plugins like HTTPS Everywhere by EFF, you can try to enforce secure encrypted communications so your data is not being passed in transit electronically naked.
Lee : Nice.
All of these are probably unlikely to happen to many people very often. Is this something people should be concerned about? How do you go about deciding if you personally should be concerned about this sort of attack and try to defend against it? Snowden : It all comes down to personal evaluation of your personal threat model, right? That is the bottom line of what operational security is about.
You have to assess the risk of compromise. On the basis of that determine how much effort needs to be invested into mitigating that risk. Now in the case of cold-boot attacks and things like that, there are many things you can do. For example, cold-boot attacks can be defeated by never leaving your machine unattended. Lee : What sort of security tools are you currently excited about? What are you finding interesting? Lee : People use smartphones a lot. What do you think about using a smartphone for secure communications?
Lee : There are tons of software developers out there that would love to figure out how to end mass surveillance.
What should they be doing with their time? To have real privacy you have to have both. Not just what you talked to your mother about, but the fact that you talked to your mother at all. The problem with communications today is that the internet service provider knows exactly who you are.
They know exactly where you live. They know what your credit card is, when you last paid, how much it was. These are research questions that need to be resolved. We need to find a way to protect the rights that we ourselves inherited for the next generation. Do you want to live in a quantified world?
Where not only is the content of every conversation, not only are the movements of every person known, but even the location of all the objects are known? Where the book that you leant to a friend leaves a record that they have read it? Where do you think the balance is between tech and policy to combat mass surveillance? And what do you think that Congress should do, or that people should be urging Congress to do? Snowden : I think reform comes with many faces. And they have been modified or changed as a result.
But there are many other programs, and many other countries, where these reforms have not yet had the impact that is so vital to free society. That can be through technology, that can be through politics, that can be through voting, that can be through behavior.
But technology is, of all of these things, perhaps the quickest and most promising means through which we can respond to the greatest violations of human rights in a manner that is not dependent on every single legislative body on the planet to reform itself at the same time, which is probably somewhat optimistic to hope for.
We would be instead able to create systems … that enforce and guarantee the rights that are necessary to maintain a free and open society. Lee : On a different note — people said I should ask about Twitter — how long have you had a Twitter for? Snowden : Ha. I make no secret about the fact that I live on Eastern Standard Time. The majority of my work and associations, my political activism, still occurs in my home, in the United States. So it only really make sense that I work on the same hours.
Lee : Do you feel like Twitter is sucking away all your time? I mean I kind of have Twitter open all day long and I sometimes get sucked into flame wars. How is it affecting you? Snowden : There were a few days when people kept tweeting cats for almost an entire day. Lee : The real question is, what was your Twitter handle before this? Because you were obviously on Twitter. You know all the ins and outs. With prosecutors seeking a maximum sentence, Hale delivered a powerful handwritten letter describing his motivations to the court.
All rights reserved First Look Institute is a c 3 nonprofit organization. Micah Lee. Our interview, conducted over room-service hamburgers, started with the basics. The first step that anyone could take is to encrypt their phone calls and their text messages. You can do that through the smartphone app al, by Open Whisper Systems.
Your credentials may be revealed because some service you stopped using in gets hacked, and your password that you were using for that one site also works for your Gmail. We should armor ourselves using systems we can rely on every day. It should be invisible, it should be atmospheric, it should be something that happens painlessly, effortlessly. You can use it right now to talk to your friends. Photo: Sue Gardner. Lee : What about for people who are, like, in a repressive regime and are trying to … Snowden : Use Tor.One night nsa in my hotel room
email: [email protected]l.com - phone:(845) 500-8154 x 7369
Since I Met Edward Snowden, I’ve Never Stopped Watching My Back