(Straw) Man in the Middle:

Similar documents
Statement for the European Parliament, Temporary Committee on the ECHELON interception system, meeting of Thursday, 22 March, 2001, Brussels.

1 June Introduction

INVESTIGATION OF ELECTRONIC DATA PROTECTED BY ENCRYPTION ETC DRAFT CODE OF PRACTICE

Plea for referral to police for investigation of alleged s.1 RIPA violations by GCHQ

DAVID KEITH SILBY Applicant. NEW ZEALAND POLICE Respondent. A J Ewing for Respondent JUDGMENT OF THE COURT

Investigatory Powers Bill

I. Does International Law Prohibit the U.S. Government from Monitoring Foreign Citizens in Foreign Countries?

Mass Surveillance, Counterterrorism and Privacy: The Way Forward

WHEN IMMIGRATION OFFICIALS ARRIVE AT YOUR WORKPLACE: A Know Your Rights Toolkit for Public Sector Workers

Submission to the Joint Committee on the draft Investigatory Powers Bill

FINAL WORKING DOCUMENT

Electronic Privacy Information Center September 24, 2001

Thoughts On Appropriate Technologies for Voting

Spying on humanitarians: implications for organisations and beneficiaries

Areeq Chowdhury: Yeah, could you speak a little bit louder? I just didn't hear the last part of that question.

TRANSPARENCY REPORTING FOR BEGINNERS: MEMO #1 *DRAFT* 2/26/14 A SURVEY OF

The Right to Privacy in the Digital Age: Meeting Report

Quiz 5 Study Notes CSC111 :: Fall 2012

TekSavvy Solutions Inc.

Accra Declaration. World Press Freedom Day Keeping Power in Check: Media, Justice and the Rule of Law

HAUT-COMMISSARIAT AUX DROITS DE L HOMME OFFICE OF THE HIGH COMMISSIONER FOR HUMAN RIGHTS PALAIS DES NATIONS 1211 GENEVA 10, SWITZERLAND

Investigatory Powers Bill. How to make it fit-for-purpose

Know your rights. as an immigrant

REGULATION OF INVESTIGATORY POWERS BILL SECOND READING BRIEFING

AFRICAN DECLARATION. on Internet Rights and Freedoms. africaninternetrights.org

DATA PROCESSING AGREEMENT. between [Customer] (the "Controller") and LINK Mobility (the "Processor")

The administration defended the surveillance program, saying that it is lawful and is a critical tool to protect national security.

1. Network Individualism

Written Testimony of Marc J. Zwillinger. Founder. ZwillGen PLLC. United States Senate Committee on the Judiciary. Hearing on

The Hackers Guide to Search and Arrest. by Steve Dunker J.D. It is legal for an Officer at any time to Ask a person to stop and talk.

[Your Organization] Foreign Travel Briefing

LIBE Committee Inquiry on electronic mass surveillance of EU citizens. Public Hearing, Strasbourg, 7 October 2013 Contribution of Peter Hustinx (EDPS)

Testimony of Peter P. Swire

Investigatory Powers Bill Briefing

Chapter 11 The use of intelligence agencies capabilities for law enforcement purposes

CASE COMMENT ELECTRONIC SURVEILLANCE: NATIONAL SECURITY AND THE PRESERVATION OF THE RIGHTS GUARANTEED BY THE FOURTH AMENDMENT

LEGISLATIVE CONSENT MEMORANDUM INVESTIGATORY POWERS BILL

Know Your Rights ELECTRONIC FRONTIER FOUNDATION. Protecting Rights and Defending Freedom on the Electronic Frontier eff.org

Resolutions Adopted at the 96 th Annual Conference August 2001 Saskatoon, Saskatchewan

Draft Accra Declaration

INVESTIGATORY POWERS BILL EXPLANATORY NOTES

Privacy And? Surveillance

The GPS Tracking Case Fourth Amendment United States Constitution

Complaint about the Police use of a vehicle checkpoint

FOURTH AMENDMENT PRACTICE. Tyranny of all kinds is to be abhorred

L9. Electronic Voting

An Act to Promote Transparency and Protect Individual Rights and Liberties With Respect to Surveillance Technology

BULK POWERS IN THE INVESTIGATORY POWERS BILL:

II. Ensuring Transparency in the Use of Force Benchmarks: Summary Evaluation of U.S. Practice

Encryption & FBI vs Apple. Sophie Park & Shanelle Roman

Protecting New Zealand as a Free, Open and Democratic Society: The Role of the NZSIS

Follow this and additional works at:

Vacancy for a post of ICT Security Assistant (Temporary Agent, AST 4) in the European Asylum Support Office (EASO) REF.

I. REGULATION OF INVESTIGATORY POWERS BILL

Considerations on the use of technical surveillance in criminal proceedings

Consumer Attitudes About Biometric Authentication

Communications Security Establishment Commissioner. annual report

Know your rights. as an immigrant

House Standing Committee on Social Policy and Legal Affairs

Trade Secrets Overview, Protection, and Litigation January 30, 2015 Mark C. Zebrowski

The Parties to the contract are komro GmbH (hereinafter referred to as komro ), Am Innreit 2, Rosenheim, and the respective User.

Josh Benaloh. Senior Cryptographer Microsoft Research

Publishing the Snowden Secrets. The Guardian, the government and the people. Gavin Millar QC, Doughty Street Chambers...

OKLAHOMA IDENTITY THEFT RANKING BY STATE: Rank 25, 63.9 Complaints Per 100,000 Population, 2312 Complaints (2007) Updated January 10, 2009

Court of Protection Transparency Pilot Q & A

Life in the. Fast Lane PREPARED BY ELECTION SYSTEMS & SOFTWARE ELECTION SYSTEMS & SOFTWARE

The New Canadian Tort of Invasion of Privacy DAVID DEBENHAM

UNESCO INTERNET STUDY: Privacy and journalists sources

IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF IDAHO

Location Privacy: The Legal Landscape. David L. Sobel Senior Counsel, EFF Stanford PNT Symposium October 29, 2014

this process, the provider will often not even be aware that the cell l phone can no longer be monitored. If you read German, check it out at:

OCSE Vienna 17/ Open Source Remote Electronic Voting in Norway

Know Your. Help End Discriminatory, Abusive & Illegal Policing!

Investigatory Powers Bill 2016: Part 8. Surveillance Oversight. Briefing for House of Commons Committee Stage. April 2016

S. ll IN THE SENATE OF THE UNITED STATES

Director: Mr Yaman Akdeniz Tel: Fax:

BILLS PENDING AS OF 9/11/13 THAT RELATE TO NSA SURVEILLANCE

Chapter PERSONAL INFORMATION PROTECTION ACT. Article 01. BREACH OF SECURITY INVOLVING PERSONAL INFORMATION

CHARTER OF DIGITAL FUNDAMENTAL RIGHTS OF THE EUROPEAN UNION

Regulation of Investigatory Powers Bill

Mandate of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression

Know Your Rights: What to do if you are stopped by the police or Immigration or there is an Immigration raid

Deutscher Bundestag. 1st Committee of Inquiry. in the 18th electoral term. Hearing of Experts. Surveillance Reform After Snowden.

Protecting Your Privacy

Bill C-58: An Act to amend the Access to Information Act and the Privacy Act and to make consequential amendments to other Acts

EUROPEAN PARLIAMENT COMMITTEE ON CIVIL LIBERTIES, JUSTICE AND HOME AFFAIRS

SELECT COUNSEL, INC. TERMS OF USE Effective as of October 25, 2016

During an interview in 2015, Nguyen Ngoc

APPENDIX. 1. The Equipment Interference Regime which is relevant to the activities of GCHQ principally derives from the following statutes:

PRIVACY INTERNATIONAL. and. (1) THE SECRETARY OF STATE FOR FOREIGN AND COMMONWEALTH AFFAIRS (2) THE GOVERNMENT COMMUNICATIONS HEADQUARTERS Respondents

How do I know my vote is safe?

Doreen Weisenhaus Associate Professor and Director, Media Law Project 19 October 2016

Bahrain s Draft Law on Computer Crimes

FILED 17 FEB '1511 :2Q usru:-ijre

See Appendix. Page 1 of 10

Douwe Korff Professor of International Law London Metropolitan University, London (UK)

United States Court of Appeals

Secure Voter Registration and Eligibility Checking for Nigerian Elections

KENYA GAZETTE SUPPLEMENT

Code of Ethics for the Garda Síochána

Transcription:

(Straw) Man in the Middle: A Modest Post-Snowden Proposal Brussels, Belgium Jacob Appelbaum [redacted] 10 December 2015 Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 1 / 26

Post-Snowden? What does that mean? Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 2 / 26

Understanding the plumbing Mass surveillance works by first illegally and generally seizing data, and then indiscriminately searching all data, until a specific search term is found. This is selector based surveillance, a kind of surveillance that requires mass surveillance. It comes from vulnerabilities in core internet and other network protocols. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 3 / 26

A shift? We have experienced a huge shift. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 4 / 26

Key changes Specific understanding about a handful of protocols. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 5 / 26

Key changes A general and pervasive fear; a feeling of helplessness. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 6 / 26

Key changes People have lost faith in the authorities and adopted a fatalistic attitude. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 7 / 26

A new assumption A pervasive fear of mass surveillance, jokes about being on lists; a new default of total monitoring! Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 8 / 26

A new default to fight passive attackers Changes are now detectable. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 9 / 26

A new default to fight passive attackers Changes are now detectable. Encryption is here to stay. Passive interception moves to active. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 9 / 26

A new default to fight passive attackers Changes are now detectable. Encryption is here to stay. Passive interception moves to active. Signal/ZRTP clients and Let s Encrypt CA change the game. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 9 / 26

A new default to fight passive attackers Changes are now detectable. Encryption is here to stay. Passive interception moves to active. Signal/ZRTP clients and Let s Encrypt CA change the game. This impacts Law Enforcement and Intelligence; focusing on LE. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 9 / 26

Cultural differences In the US, the UK and in other countries in Europe - searches and notification are different. Cryptography brings us to a new convergence for all cultures at once. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 10 / 26

A recent European Court of Human Rights ruling Oversight isn t enough: accountability is required Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 11 / 26

Checking validity Example interactions with the police: Siren on an otherwise unmarked car pulling over a driver Drive to a well lit area, dial 112/911, confirm identity of officer No know raid by armed people Did they declare they are police? How do we verify it? Knock at the door with a search warrant Is it a valid warrant? Other examples such as a famous Tupac shooting involving police in plain clothing Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 12 / 26

Reality check In most of these situations - we acknowledge the serious issue of police impersonation. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 13 / 26

How do we detect crimes? Cyber cyber cyber Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 14 / 26

How do we detect crimes? Cyber cyber cyber (Hint: You will receive nearly no help from any authority!) Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 14 / 26

An example standard of evidence In the German Chancellor Merkel case there was a supposed lack of evidence. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 15 / 26

An example standard of evidence In the German Chancellor Merkel case there was a supposed lack of evidence. Thus we see - we need a new standard of evidence! Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 15 / 26

A short summary First, we acknowledge a change in thinking because of Snowden. Secondly, we see a move towards more and more transparency. Thirdly, we control those we can control and not those that we don t... Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 16 / 26

Wait, control? I have no democratic control over the majority of services. I do have democratic control over a small set of services: local LE, national LE Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 17 / 26

Wait, transparency? The new protocols force transparency, the proposed standard of evidence give us data for action; but how might we choose what to act on? Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 18 / 26

Ask the honest parties to prove their honesty They sign their interception request in real time, point it to a given court (docket, judge, case, etc.) just as with the search of the home. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 19 / 26

And anyone who doesn t sign... Is subject to investigation with the collected evidence. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 20 / 26

Wait, what? There is no requirement that cryptophone or signal help with this proposal - only that a system of real time notification is implemented by states and their relevant agencies. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 21 / 26

Wait, what about TARGETED surveillance Like cryptography that horse has left the barn with the move from passive to active. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 22 / 26

Wait, what about malware The same standard of evidence and notification should apply. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 23 / 26

Help the (honest) police No Golden Key required Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 24 / 26

Help the (honest) police No Golden Key required A trade of the secrecy property that keeps security for the majority of users Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 24 / 26

Help the (honest) police No Golden Key required A trade of the secrecy property that keeps security for the majority of users Law enforcement is always asking for a way to do this; my proposal allows an avenue while also asking them to give up secrecy and commit to accountability and transparency. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 24 / 26

An equal standard From homes to phones - interference is not secret, lawful processes exist, crimes committed by thousands of unlawful attackers now subject to reporting. Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 25 / 26

Questions? Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 26 / 26

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback