News feeds

Canonization Elevates Mother Teresa to Sainthood

sjlendman.blogspot.com - Sun, 04/09/2016 - 21:07
Canonization Elevates Mother Teresa to Sainthood
by Stephen Lendman
She’s more myth than “saint of the gutters” for allegedly helping the poorest of the poor. More on her unsaintly legacy below.
The New York Times highlighted Pope Francis deplorably calling her a “witness to mercy in our time,” adding she “deserves” sainthood.
The Times perpetuated her myth, falsely claiming she spent “a lifetime working with the poor and the sick, and with orphans, lepers and AIDS patients, first in the slums of Kolkata, India, and then in many other countries.”
Canonizing her 19 years after her 1997 death was remarkably fast, especially for someone so unworthy - the person, her persona and deeds far different from mythology about her.
Instead of helping the poor and needy, she fostered what Aroup Chatterjee called a “cult of suffering,” how things operated in Missionaries of Charity homes she ran - deplorable conditions substituting for noble work.
Her so-called hospitals were human warehouses. Hunger and malnutrition were widespread. Sick and dying patients got little medical care from untrained nuns and other personnel - poor food and mistreatment instead under deplorable unsanitary conditions, conducive to serious illnesses and diseases.
Most often she hobnobbed with the world’s rich, famous and infamous, accepting large donations from dubious sources, including notorious tyrants.
She was more sinner than saint, she and her staff dispensing inhumane and degrading treatment, while jet-setting in luxury, indulging in undeserved celebrity.
Instead of feeding thousands in Calcutta as claimed, it was scores at most. Enrollment at her school was less than 100, not the 5,000 she touted.
None of her alleged 102 family assistance centers in Calcutta existed. Her public persona was one thing, reality entirely different - elevating her to sainthood the latest example of deplorable Vatican policy.
Stephen Lendman lives in Chicago. He can be reached at lendmanstephen@sbcglobal.net. 
His new book as editor and contributor is titled "Flashpoint in Ukraine: How the US Drive for Hegemony Risks WW III."
http://www.claritypress.com/LendmanIII.html
Visit his blog site at sjlendman.blogspot.com. 

Listen to cutting-edge discussions with distinguished guests on the Progressive Radio News Hour on the Progressive Radio Network.

Russia's Eastern Economic Forum: Symbol of US Failure to Isolate Its Main Adversary

sjlendman.blogspot.com - Sun, 04/09/2016 - 02:11
Russia’s Eastern Economic Forum: Symbol of US Failure to Isolate Its Main Adversary
by Stephen Lendman
Like its counterpart St. Petersburg International Economic Forum (SPIEF), held annually since 1997, each year attended by thousands from over 60 countries, Russia’s 2nd Eastern Economic Forum (EEF) is proving very popular.
Held on September 2 and 3 in Vladivostok, Russia’s largest Pacific port city, Vladimir Putin “extend(ed) warmest greeting” to attending participants and guests.
They included over 3,000 prominent politicians, business officials and representatives of public associations, including large Japanese, Chinese and South Korea delegations - attending to develop or strengthen trade and economic ties “between Russia and the Asia-Pacific region,” Putin explained.
Tass reported heads of 240 Russian companies and 57 foreign ones attending from 55 countries, one-and-a-half times more than at the 2015 inaugural forum.
Over 200 deals worth more than $26 billion between international participants and Russia were consummated, according to Putin’s Far East Development Minister Alexandr Galushka.
He highlighted 34 investment projects worth over $23 billion. Putin stressed the importance of de-escalating Korean peninsula tensions, urging diplomatic solutions to bilateral North/South disagreements.
Only through mutual cooperation “can we create favorable conditions for countries in the region to ensure stability, security and prosperity,” he stressed.
He met on the sidelines of the forum with various political and business leaders, part of his outreach for stronger bilateral ties in climate of peace and security.
Moscow-based Sherbank is Russia and Eastern Europe’s largest financial institution. Its CEO Herman Gref stressed growing Russian/Japanese cooperation, the next bilateral step to be trading in their national currencies, transactions taking place digitally.
Required infrastructure is being created to accommodate transitional change. Japan’s Prime Minister Shinzo Abe called for resolving territorial disputes and moving on for a more productive bilateral relationship.
The goal is “unlock(ing) huge (untapped) potential,” he said. “Let’s close the chapter on the abnormal situation lasting for over 70 years and together start a new era of Russian-Japanese relation (to) last for another 70 years,” he stressed.
Both countries never signed a peace treaty post-WW II because of disputed Sea of Okhotsk islands claimed by Soviet forces at war’s end. 
Resolution is long overdue, along with formally declaring bilateral peace. Sergey Lavrov said Putin may visit Japan before yearend.
Russia’s leader thanked South Korea’s Park Geun-hye for attending, explaining “economic relations between Moscow and Seoul are “very diverse.” He mentioned growing ties between their governments and parliaments.
President Park said bilateral relations offer a “solid base for developing our cooperation in the Far East Region” - adding Russian/ROK ties “are always of great importance.”
Russia’s success in attracting international leaders and investors shows US efforts to keep it isolated with sanctions and other hostile tactics don’t work.
Its growing geopolitical importance is too vital to ignore - perhaps just a matter of time before Western European countries break free from US pressure and fully normalize ties with their Russian neighbor, both sides benefitting hugely in the process.
Stephen Lendman lives in Chicago. He can be reached at lendmanstephen@sbcglobal.net. 
His new book as editor and contributor is titled "Flashpoint in Ukraine: How the US Drive for Hegemony Risks WW III."
http://www.claritypress.com/LendmanIII.html
Visit his blog site at sjlendman.blogspot.com. 

Listen to cutting-edge discussions with distinguished guests on the Progressive Radio News Hour on the Progressive Radio Network.

Dubious Russia/US Agreement on Syria

sjlendman.blogspot.com - Sat, 03/09/2016 - 22:59
Dubious Russia/US Agreement on Syria
by Stephen Lendman
Putin hinted at one coming days earlier. On September 2, Sergey Lavrov announced it, saying “(v)irtually all components of this task are already clear. An understanding has been reached on most issues.” 
“The most important thing is that any agreements with the Americans on practical actions, on coordination of operations against terrorists will not be implemented if our American partners do not keep their promise to dissociate themselves from terrorists, above all, the Jabhat al-Nusra” terrorist group banned in Russia.
“Many of the groups considered acceptable by the US have actually affiliated with Jabhat al-Nusra, while Jabhat al-Nusra is using them to avoid being attacked.”
It’s unclear precisely what’s agreed on and where differences remain. On the one hand, the devil is always in the details. 
More important is Washington’s sordid history of systematically violating deals agreed on. It consistently and egregiously breaches Iran nuclear deal provisions.
Countless other treaties and agreements since the late 18th century were flouted before the ink dried. US promises aren’t worth the paper they’re written on.
Obama, and Hillary Clinton as secretary of state, launched naked aggression on Syria in March 2011 - regime change the objective, using ISIS and other terrorist groups as US foot soldiers, supporting them with weapons, munitions, funding, training and direction.
Whatever Washington and Moscow agreed on in principle, US imperial policy remains unchanged. Endless war continues, prospects for resolution virtually nonexistent.
Russia’s good faith diplomatic efforts consistently fail - for years in Syria, since 2014 in Ukraine. Expect current ongoing talks to fare no better than earlier ones.
Moscow knows what it’s up against - yet continues going all-out for peaceful conflict resolution. It won’t get easier next year if Hillary succeeds Obama as expected.
Escalated war, not curtailing it, seems virtually certain. Targeting Russia, China and Iran may be next.
I believe WW III began piecemeal post-9/11. It could explode full-blown with Hillary as president, possibly with nuclear weapons, the most frightening prospect imaginable - why preventing her becoming president is so crucial.
Stephen Lendman lives in Chicago. He can be reached at lendmanstephen@sbcglobal.net. 
His new book as editor and contributor is titled "Flashpoint in Ukraine: How the US Drive for Hegemony Risks WW III."
http://www.claritypress.com/LendmanIII.html
Visit his blog site at sjlendman.blogspot.com. 

Listen to cutting-edge discussions with distinguished guests on the Progressive Radio News Hour on the Progressive Radio Network.

FBI Continues Suppressing Hillary's Crimes

sjlendman.blogspot.com - Sat, 03/09/2016 - 22:50
FBI Continues Suppressing Hillary’s Crimes
by Stephen Lendman
Hillary’s longstanding criminal record since the 1990s would be more than enough to imprison ordinary people longterm - likely for life without parole or capital punishment for her involvement in mass murder.
Extraordinary lengths are made to keep indictable evidence from being revealed - the Justice Department and its FBI investigative agency complicit for failing to do their jobs.
On Friday afternoon, at the start of America’s three-day Labor Day holiday weekend, with no fanfare and too little media attention, an FBI press release said it “releas(ed) a summary of former Secretary of State Hillary Clinton’s July 2, 2016 interview with the FBI concerning allegations that classified information was improperly stored or transmitted on a personal e-mail server she used during her tenure.”
The material was too heavily redacted to be useful, indictable evidence withheld from public view. The FBI failed to demand she be held accountable. The Justice Department refuses to indict her.
Forty-seven pages of material were released, the FBI calling its document a summary of its investigation. Whitewash is a more appropriate way to describe it.
Senate Judiciary Committee chairman Charles Grassley (R. IO) called the agency’s release “an incomplete and possibly misleading picture of the facts without the other unclassified information…still locked away from the public and even most congressional staff.” The public has the right to know what’s being kept suppressed, Grassley stressing “transparency is in order.”
The agency’s report showed 81 email exchanges contained classified information. Hillary lied to Congress claiming her home server used for official State Department business contained no classified material. She committed perjury, yet remains unaccountable for this crime.
It’s more than likely, maybe certain, that her email accounts and mobile devices were hacked, given their vulnerability. Yet the FBI claimed no evidence  indicated cyber compromise. Was the agency honest in its assessment or protecting Hillary?
From what’s publicly known about her email scandal, clear evidence of wrongdoing, the agency failed to do its job by not demanding she be held accountable.
She lied to the FBI, Congress, the public and media. She committed numerous other high crimes, dating from when she was me-first lady.
She belongs in prison, not high office. She’s likely to become America’s next president and commander-in-chief of its military with her finger on the nuclear trigger.
Humanity trembles at the prospect!
Stephen Lendman lives in Chicago. He can be reached at lendmanstephen@sbcglobal.net. 
His new book as editor and contributor is titled "Flashpoint in Ukraine: How the US Drive for Hegemony Risks WW III."
http://www.claritypress.com/LendmanIII.html
Visit his blog site at sjlendman.blogspot.com. 

Listen to cutting-edge discussions with distinguished guests on the Progressive Radio News Hour on the Progressive Radio Network.

Brazil's Coup d'Etat President More Widely Reviled Than Hillary or Trump

sjlendman.blogspot.com - Sat, 03/09/2016 - 22:36
Brazil’s Coup d’Etat President More Widely Reviled Than Hillary or Trump
by Stephen Lendman
Late August polls show 59% of registered voters view Hillary unfavorably - compared to Trump’s 60% disapproval rating.
In November, Americans get to choose between the two most widely reviled aspirants for the nation’s highest office in its history - a testimony to a political system too debauched to fix.
Things are worse for Brazilians. Dark forces in America and their country conspired to replace democracy with tyranny - the majority will of 54 million voters erased.
Newly anointed Brazilian president Michel Temer is widely reviled, one poll showing over two-thirds of Brazilians oppose him, another indicating his approval rating at 12%. He was hooted at the opening of Rio 2016, then no-showed its closing ceremony to avoid further embarrassment.
He’s a right-wing extremist, a fascist, a CIA asset, tainted by corruption charges, barred from seeking elective office for eight years when his anointed term expires in 2018.
Ministers he appointed comprise a rogue’s gallery of likeminded corrupted neoliberal extremists. Protests continue daily, met by harsh police state violence, how all fascist regimes operate, notably in America.
Temer flew to Hangzhou, China for this year’s G-20 summit, before leaving saying he and his accompanying entourage aren’t going “to stroll around.”
It’s his first appearance on the world stage as Brazil’s coup d’etat leader, aiming to “restore confidence in the country,” according to Wellington Moreira Franco, one of his top advisors.
His mandate is serving monied interests exclusively while punishing Brazil’s most needy with neoliberal harshness.
It’s a dark time for Latin America’s largest country, the vast majority of its people facing harder than ever hard times so its privileged class is well-served at their expense.
Stephen Lendman lives in Chicago. He can be reached at lendmanstephen@sbcglobal.net. 
His new book as editor and contributor is titled "Flashpoint in Ukraine: How the US Drive for Hegemony Risks WW III."
http://www.claritypress.com/LendmanIII.html
Visit his blog site at sjlendman.blogspot.com. 

Listen to cutting-edge discussions with distinguished guests on the Progressive Radio News Hour on the Progressive Radio Network.

New Poll Shows Trump and Hillary Virtually Tied

sjlendman.blogspot.com - Sat, 03/09/2016 - 22:20
New Poll Shows Trump and Hillary Virtually Tied
by Stephen Lendman
Trump is right believing November’s “election” is rigged for Hillary - likely chosen last year or earlier to succeed Obama. Back room deals decide who’ll hold high office in America. Voters have no say whatever. 
Hillary is an establishment candidate, a deplorable choice for any public office. Her history of high crimes should automatically disqualify her. Instead it’s helping her become America’s next president.
She’s a Wall Street, war profiteers, scoundrel media favorite - Trump an outlier, an unlikely choice to emerge last man standing in the GOP race this year.
Monied interests and power brokers are going all-out to assure he’s not America’s 45th president. Maybe most polls are rigged to discourage his supporters and independents from voting for him.
National polls on average show Hillary with about a 5-point lead, down 3 points from her post-Democrat convention bump.
A new Reuters/Ipsos poll (taken over the August 26 - September 1 period) differs from the national average - showing 40% voter support for Trump compared to 39% for Hillary.
According to Reuters, “(d)ifferent polls have produced widely different results over the course of the campaign.” 
“In part that's because some, like Reuters/Ipsos, have attempted to measure the preferences of who's likely to vote, while others have surveyed the larger pool of all registered voters. And even those that survey likely voters have different ways of estimating who is likely to cast a ballot.”
My first job in 1960 as a newly minted MBA was marketing analysis, including use of polls to assess customer sentiment, information compiled for business clients to help them decide on marketing strategy.
Key in polling is choosing a well-defined universe, using statistically accurate methodology, specific questions, their wording, in what order asked, with great pains taken to avoid bias. Customers I worked with wanted facts on which to help make business decisions.
Political polls can be suspect, depending on their sponsors, wanting the best showing for candidates they support.
A separate Reuters/Ipsos States of the Nation poll estimates Hillary winning 332 Electoral College votes to Trump’s 206 - easily elevating her to the nation’s highest office if things turn out this way in November.
Whatever the outcome, the vast majority of Americans lose - monied interests triumphing over popular ones, the way things always turn out.
Stephen Lendman lives in Chicago. He can be reached at lendmanstephen@sbcglobal.net. 
His new book as editor and contributor is titled "Flashpoint in Ukraine: How the US Drive for Hegemony Risks WW III."
http://www.claritypress.com/LendmanIII.html
Visit his blog site at sjlendman.blogspot.com. 

Listen to cutting-edge discussions with distinguished guests on the Progressive Radio News Hour on the Progressive Radio Network.

EFF to Court: Government Must Inform People That It’s Accessing Their Emails, Personal Data

eff.org - Sat, 03/09/2016 - 08:40
Ignoring Duty to Provide Notice When Invading Users’ Privacy Is Unconstitutional

Seattle, Washington—The Electronic Frontier Foundation (EFF) told a federal court today that the government is violating the U.S. Constitution when it fails to notify people that it has accessed or examined their private communications stored by Internet providers in the cloud. 

EFF is supporting Microsoft in its lawsuit challenging portions of the Electronic Communications Privacy Act (ECPA) that allow the Department of Justice (DOJ) to serve a warrant on the company to get access to customers’ emails and other information stored on remote servers—all without telling users their data is being searched or seized. In a brief filed in Microsoft v. Department of Justice in U.S. District Court in Seattle, EFF, joined by Access Now, New America’s Open Technology Institute, and legal scholar Jennifer Granick, said Fourth Amendment protections against unreasonable searches and seizures by the government apply to all of our information—no matter what the format or where it’s located.

“Whether the government has a warrant to rifle through our mail, safety deposit boxes, or emails stored in the cloud, it must notify people about the searches,” said EFF Senior Staff Attorney Lee Tien. “When electronic searches are done in secret, we lose our right to challenge the legality of law enforcement invasions of privacy. The Fourth Amendment doesn’t allow that, and it’s time for the government to step up and respect the Constitution.”

Microsoft sued DOJ earlier this year challenging ECPA provisions enacted 30 years ago, long before the emergence of ubiquitous cloud computing that now plays a vital role in the storage of private communications. The government has used the transition to cloud computing as an opening to conduct secret electronic investigations by serving search warrants on Internet service providers seeking users’ emails, the lawsuit says. The government, which wants the case thrown out, doesn’t let account holders know their data is being accessed because of the unconstitutional ECPA provision, while service providers like Microsoft are gagged from telling customers about the searches.

“When people kept personal letters in a desk drawer at home, they knew if that information was about to be searched because the police had to knock on their door and show a warrant,” said EFF Staff Attorney Sophia Cope. “The fact that today our private emails are kept on a server maintained by an Internet company doesn’t change the government’s obligations under the Fourth Amendment. The Constitution requires law enforcement to tell people they are the target of a search, which enables them to vindicate their rights and provides a free society with a crucial means of government accountability.” 

EFF thanks Seattle attorney Venkat Balasubramani of FocalLaw P.C. for his assistance as local counsel. 

For the brief:
https://www.eff.org/document/microsoft-v-justice-department-amicus-brief

About this case:
https://www.eff.org/cases/microsoft-v-department-justice

 

var mytubes = new Array(3); mytubes[1] = '%3Ciframe src=%22https://www.youtube-nocookie.com/embed/l-VX6qlWdxw?rel=0?autoplay=1%22 allowfullscreen=%22%22 width=%22560%22 height=%22315%22 frameborder=%220%22%3E%3C/iframe%3E'; mytubes[2] = '%3Ciframe width=%22560%22 height=%22315%22 src=%22https://www.youtube-nocookie.com/embed/YNNNPD4cwAg?rel=0?autoplay=1%22 frameborder=%220%22 allowfullscreen=%22%22%3E%3C/iframe%3E'; mytubes[3] = '%3Ciframe src=%22https://www.youtube.com/embed/9ugC4NG1Zoc??autoplay=1%22 allowfullscreen=%22%22 width=%22560%22 frameborder=%220%22 height=%22315%22%3E%3C/iframe%3E'; Contact:  LeeTienSenior Staff Attorney and Adams Chair for Internet Rightslee@eff.org SophiaCopeStaff Attorneysophia@eff.org
Share this: Join EFF
Categories: Aggregated News

6 Questions for EFF's New Researcher Gennie Gebhart

eff.org - Sat, 03/09/2016 - 04:33

EFF is pleased to welcome researcher Gennie Gebhart, the newest member of the activism team. Gennie will be working to defend your right to privacy and security online.

Gennie has a Master’s degree in Library and Information Science from the University of Washington. She’s published research on Internet censorship, zero rating, and access to knowledge. While at UW, she co-founded the university’s Open Access Initiative.

I caught up with Gennie to ask her a few questions about her past work and what she’ll be bringing to EFF.

What are you most excited about working on here?

I’m excited to bring my social science research background into EFF’s advocacy work. With EFF behind it, that kind of research has the potential for broad readership and immediate impact—every researcher’s dream!

You've been a part of the open access movement for a long time. Why is open access important?

Open access is so important because closed access is so entrenched. We are up against hundreds of years of a publisher-centric, pay-to-play system that suddenly no longer makes sense when we transfer it from a primarily paper world to a primarily digital one. That tension between openness and restrictions is so interesting to me, both in open access and in other areas of digital rights work. As we make content and processes and information in general more and more open, it inevitably brings up more questions about where and how we need to think about privacy and security in new ways.

What role do librarians play in the digital rights movement?

Historically, I see libraries as the traditional institutional protector of privacy—that’s why I went into the field. For so many user groups—particularly homeless, youth, or unemployed communities that rely on public libraries—librarians are among the last lines of defense against surveillance. In that way, fighting for the user is at the core of librarianship, and it’s at the core of what I hope to do with EFF, too.

What did you learn from your research on Internet censorship in Thailand? What surprised you?

Our key insight was really a confirmation of a broader pattern in censorship work: you can’t address state censorship problems without also addressing freedom of expression and surveillance. Users don’t just need to access information safely—they also need to be able to use and create and engage with that information without fear of state interception or punishment. But the technology that we put under the “censorship circumvention” umbrella often stops at giving users technical access, and does not address the much more complicated problem of how to combat self-censorship and all the psychosocial tactics repressive states can use to stem the free flow of information.

A broader takeaway for me was that when it comes to censorship circumvention tools, there can be surprisingly little overlap between the problems computer science research is trying to solve and the problems that real users face on the ground. What users need—simple, easy-to-find, flexible tools—is not what the research community tends to promote—more complicated, technically novel, one-size-fits-all approaches.

What's your favorite t-shirt you own?

Without a doubt, the Open Access jolly roger.

Any funny CouchSurfing stories?

Too many to count. My favorite is from the first time I ever CouchSurfed. I was moving to Rome on Christmas Eve, and I wanted nothing more than to find a real Italian family Christmas dinner. I was pretty nervous about the prospect of staying with strangers from the Internet, so I just booked a hostel for myself and put out a request for someone to just host me for a meal. Through several twists and turns, though, I ended up driving three hours to Naples straight from the airport with then-Internet-stranger-now-friend Stefano, crashing not one but two Italian family Christmas dinners, and staying with Stefano and his friends for two weeks. Since then, I’ve jumped into CouchSurfing and never looked back.

I have “surfed” far more than I have “hosted” on CouchSurfing over the past few years, so now that I am getting settled in San Francisco I am hoping to host more and finally balance out my CouchSurfing karma.

var mytubes = new Array(3); mytubes[1] = '%3Ciframe src=%22https://www.youtube-nocookie.com/embed/l-VX6qlWdxw?rel=0?autoplay=1%22 allowfullscreen=%22%22 width=%22560%22 height=%22315%22 frameborder=%220%22%3E%3C/iframe%3E'; mytubes[2] = '%3Ciframe width=%22560%22 height=%22315%22 src=%22https://www.youtube-nocookie.com/embed/YNNNPD4cwAg?rel=0?autoplay=1%22 frameborder=%220%22 allowfullscreen=%22%22%3E%3C/iframe%3E'; mytubes[3] = '%3Ciframe src=%22https://www.youtube.com/embed/9ugC4NG1Zoc??autoplay=1%22 allowfullscreen=%22%22 width=%22560%22 frameborder=%220%22 height=%22315%22%3E%3C/iframe%3E';
Share this: Join EFF
Categories: Aggregated News

The Shadow Brokers Publish NSA Spy Tools, Demonstrating Possible Flaws in the NSA’s Approach to Security Vulnerabilities

eff.org - Sat, 03/09/2016 - 04:09
The Vulnerabilities Equities Process in Unaccountable, Secretive, and Nonbinding

A group calling itself the Shadow Brokers recently released powerful surveillance tools publicly on the Web and promises to publish more dangerous tools for the price of one million bitcoin – or to whomever makes the best offer, if they can’t get to a million.1

The Intercept has confirmed that at least one of the surveillance tools released online is “covered with the NSA’s virtual fingerprints,” making it all but certain that this tool and the others released by the Shadow Brokers came from within the agency. The SECONDDATE program, which the Intercept analyzed and compared to information in an NSA manual provided to them by whistleblower Edward Snowden, is designed to redirect a target’s browser to an NSA controlled server which then infects the target computer with malware.

The hacking tools in question rely on zero day vulnerabilities, i.e. vulnerabilities in software that the vendor doesn’t know about and has had “zero days” to fix. In particular, the tools were exploiting zero day vulnerabilities in Cisco and Fortinet firewalls.

We don’t know how these sophisticated surveillance tools got out. Shadow Brokers —which some speculate is working for or on behalf of the Russian government—claim to have broken into the NSA (or rather, into Equation Group, an offensive hacking group within the NSA). Shadow Brokers wrote:

We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons.

That’s one possibility. Others, like James Bamford, have speculated that the tools may have come from an internal leak, an employee or contractor at NSA who decided to take the tools. Edward Snowden, who knows a bit about this sort of thing, suggests that this leak may be at least in part the result of NSA agents failing to clean up old servers.

Lots of people want to speculate on how this leak could have happened and on whether there are more powerful hacking tools that will go public soon. But that’s missing the bigger question: is it time to create a real process that could, in some circumstances, force the NSA to disclose security flaws to American companies, so vulnerable systems can get patched?

The United States government has been using offensive hacking techniques for decades, but there’s been remarkably little public debate on the matter, either in Congress or the media. And it’s no wonder: for the most part, the NSA’s digital attacks are shrouded in secrecy, and only a handful of attacks ever see the light of day.

The federal government says that it does tend to disclose software vulnerabilities, but the process now is so shrouded in secrecy that there’s no way for investigative journalists or the public to verify that assertion. But even Michael Daniel, Special Assistant to the President and Cybersecurity Coordinator, has acknowledged that, "Building up a huge stockpile of undisclosed vulnerabilities while leaving the Internet vulnerable and the American people unprotected would not be in our national security interest."

The Equation Group hack underscores the fact that the NSA is not a perfect fortress. A future leak like the Shadow Brokers’ could lead to even more harmful security vulnerabilities being made public. Or perhaps disclosure won’t happen publicly online: powerful nation-states may hack into NSA systems to steal this information–or offer significant financial compensation to insiders willing to pass on secrets–and then use it secretly. Even if that doesn’t happen, without public data on the so-called rate of “bug collision”, 2 we have to take the NSA’s word that the security vulnerabilities it uncovers will never be discovered by an unfriendly government and used for spying, or by criminals and used for malicious hacking.

Ari Schwartz, the former White House National Security Council Senior Director for Cybersecurity, told FedScoop that he expected another incident of software vulnerabilities leaking online in the "near future." He also indicated that there was another route: "It would be better to have vulnerabilities shared with vendors directly from the U.S. government rather than having them leak out from other sources attributed to the U.S. government."

 The current—nonbinding—process for assessing whether a given security vulnerability should be disclosed is known as the Vulnerabilities Equities Process, some details of which EFF has obtained through a FOIA suit. The government is supposed to follow this process to decide whether to tell tech companies about their security flaws, or hang onto the knowledge and try to exploit the flaws in the future. But the current process is broken: even strong NSA proponents admit as much. There is no reporting requirement that would allow the American public to know what percentage of the vulnerabilities discovered are sent on to the software vendors, and no way for us to know whether high profile security vulnerabilities ever go through this process. Even Congress is kept largely in the dark.

We are not saying that the U.S. government shouldn’t ever keep and use security vulnerabilities for intelligence purposes, or that the U.S. government shouldn’t purchase zero day exploits. These can and have been powerful tools for our intelligence agencies to safeguard our country. But like any intelligence tool, transparency and strong accountability are necessary to prevent abuse and unintended consequences. And when it comes to security vulnerabilities, it’s impossible to tell whether the NSA is going too far because they’ve gone to great lengths to block public and Congressional oversight of this matter.

Whenever the NSA decides to exploit a security vulnerability instead of disclosing it to the software vendor, it’s making a bet that another nation-state or malicious hacking group like the Shadow Brokers won’t also find it. With the currently available data, the public has no way of analyzing whether that’s a good bet. Even worse, the NSA isn’t just wagering their own money in this high stakes poker game: they’re betting with the computer security of hundreds of millions of computer users.

The Equation Group leak should be a wake up call to decision makers that we need to publicly debate the issue of government hacking, and that should start with a Congressional hearing that includes testimony from cybersecurity experts and civil society. Unless civil society and the information security community speak up now, we run the risk that these decisions will be made without our input. It’s time to roll up our sleeves and get to work.

  • 1. The Shadow Brokers aren’t making much progress of getting their 1 million bitcoin, but you can watch their progress. Look for the rickrolling Easter Egg in the transaction IDs.
  • 2. When exploits found and used by one party, e.g. the NSA, are discovered by others, e.g. China, they’re said to "collide."
var mytubes = new Array(3); mytubes[1] = '%3Ciframe src=%22https://www.youtube-nocookie.com/embed/l-VX6qlWdxw?rel=0?autoplay=1%22 allowfullscreen=%22%22 width=%22560%22 height=%22315%22 frameborder=%220%22%3E%3C/iframe%3E'; mytubes[2] = '%3Ciframe width=%22560%22 height=%22315%22 src=%22https://www.youtube-nocookie.com/embed/YNNNPD4cwAg?rel=0?autoplay=1%22 frameborder=%220%22 allowfullscreen=%22%22%3E%3C/iframe%3E'; mytubes[3] = '%3Ciframe src=%22https://www.youtube.com/embed/9ugC4NG1Zoc??autoplay=1%22 allowfullscreen=%22%22 width=%22560%22 frameborder=%220%22 height=%22315%22%3E%3C/iframe%3E'; Related Cases: EFF v. NSA, ODNI - Vulnerabilities FOIA
Share this: Join EFF
Categories: Aggregated News

Advertising

 


Advertise here!

Syndicate content
All content and comments posted are owned and © by the Author and/or Poster.
Web site Copyright © 1995 - 2007 Clemens Vermeulen, Cairns - All Rights Reserved
Drupal design and maintenance by Clemens Vermeulen Drupal theme by Kiwi Themes.