News feeds

6 Questions for EFF's New Researcher Gennie Gebhart - Sat, 03/09/2016 - 04:33

EFF is pleased to welcome researcher Gennie Gebhart, the newest member of the activism team. Gennie will be working to defend your right to privacy and security online.

Gennie has a Master’s degree in Library and Information Science from the University of Washington. She’s published research on Internet censorship, zero rating, and access to knowledge. While at UW, she co-founded the university’s Open Access Initiative.

I caught up with Gennie to ask her a few questions about her past work and what she’ll be bringing to EFF.

What are you most excited about working on here?

I’m excited to bring my social science research background into EFF’s advocacy work. With EFF behind it, that kind of research has the potential for broad readership and immediate impact—every researcher’s dream!

You've been a part of the open access movement for a long time. Why is open access important?

Open access is so important because closed access is so entrenched. We are up against hundreds of years of a publisher-centric, pay-to-play system that suddenly no longer makes sense when we transfer it from a primarily paper world to a primarily digital one. That tension between openness and restrictions is so interesting to me, both in open access and in other areas of digital rights work. As we make content and processes and information in general more and more open, it inevitably brings up more questions about where and how we need to think about privacy and security in new ways.

What role do librarians play in the digital rights movement?

Historically, I see libraries as the traditional institutional protector of privacy—that’s why I went into the field. For so many user groups—particularly homeless, youth, or unemployed communities that rely on public libraries—librarians are among the last lines of defense against surveillance. In that way, fighting for the user is at the core of librarianship, and it’s at the core of what I hope to do with EFF, too.

What did you learn from your research on Internet censorship in Thailand? What surprised you?

Our key insight was really a confirmation of a broader pattern in censorship work: you can’t address state censorship problems without also addressing freedom of expression and surveillance. Users don’t just need to access information safely—they also need to be able to use and create and engage with that information without fear of state interception or punishment. But the technology that we put under the “censorship circumvention” umbrella often stops at giving users technical access, and does not address the much more complicated problem of how to combat self-censorship and all the psychosocial tactics repressive states can use to stem the free flow of information.

A broader takeaway for me was that when it comes to censorship circumvention tools, there can be surprisingly little overlap between the problems computer science research is trying to solve and the problems that real users face on the ground. What users need—simple, easy-to-find, flexible tools—is not what the research community tends to promote—more complicated, technically novel, one-size-fits-all approaches.

What's your favorite t-shirt you own?

Without a doubt, the Open Access jolly roger.

Any funny CouchSurfing stories?

Too many to count. My favorite is from the first time I ever CouchSurfed. I was moving to Rome on Christmas Eve, and I wanted nothing more than to find a real Italian family Christmas dinner. I was pretty nervous about the prospect of staying with strangers from the Internet, so I just booked a hostel for myself and put out a request for someone to just host me for a meal. Through several twists and turns, though, I ended up driving three hours to Naples straight from the airport with then-Internet-stranger-now-friend Stefano, crashing not one but two Italian family Christmas dinners, and staying with Stefano and his friends for two weeks. Since then, I’ve jumped into CouchSurfing and never looked back.

I have “surfed” far more than I have “hosted” on CouchSurfing over the past few years, so now that I am getting settled in San Francisco I am hoping to host more and finally balance out my CouchSurfing karma.

var mytubes = new Array(3); mytubes[1] = '%3Ciframe src=%22 allowfullscreen=%22%22 width=%22560%22 height=%22315%22 frameborder=%220%22%3E%3C/iframe%3E'; mytubes[2] = '%3Ciframe width=%22560%22 height=%22315%22 src=%22 frameborder=%220%22 allowfullscreen=%22%22%3E%3C/iframe%3E'; mytubes[3] = '%3Ciframe src=%22 allowfullscreen=%22%22 width=%22560%22 frameborder=%220%22 height=%22315%22%3E%3C/iframe%3E';
Share this: Join EFF
Categories: Aggregated News

The Shadow Brokers Publish NSA Spy Tools, Demonstrating Possible Flaws in the NSA’s Approach to Security Vulnerabilities - Sat, 03/09/2016 - 04:09
The Vulnerabilities Equities Process in Unaccountable, Secretive, and Nonbinding

A group calling itself the Shadow Brokers recently released powerful surveillance tools publicly on the Web and promises to publish more dangerous tools for the price of one million bitcoin – or to whomever makes the best offer, if they can’t get to a million.1

The Intercept has confirmed that at least one of the surveillance tools released online is “covered with the NSA’s virtual fingerprints,” making it all but certain that this tool and the others released by the Shadow Brokers came from within the agency. The SECONDDATE program, which the Intercept analyzed and compared to information in an NSA manual provided to them by whistleblower Edward Snowden, is designed to redirect a target’s browser to an NSA controlled server which then infects the target computer with malware.

The hacking tools in question rely on zero day vulnerabilities, i.e. vulnerabilities in software that the vendor doesn’t know about and has had “zero days” to fix. In particular, the tools were exploiting zero day vulnerabilities in Cisco and Fortinet firewalls.

We don’t know how these sophisticated surveillance tools got out. Shadow Brokers —which some speculate is working for or on behalf of the Russian government—claim to have broken into the NSA (or rather, into Equation Group, an offensive hacking group within the NSA). Shadow Brokers wrote:

We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons.

That’s one possibility. Others, like James Bamford, have speculated that the tools may have come from an internal leak, an employee or contractor at NSA who decided to take the tools. Edward Snowden, who knows a bit about this sort of thing, suggests that this leak may be at least in part the result of NSA agents failing to clean up old servers.

Lots of people want to speculate on how this leak could have happened and on whether there are more powerful hacking tools that will go public soon. But that’s missing the bigger question: is it time to create a real process that could, in some circumstances, force the NSA to disclose security flaws to American companies, so vulnerable systems can get patched?

The United States government has been using offensive hacking techniques for decades, but there’s been remarkably little public debate on the matter, either in Congress or the media. And it’s no wonder: for the most part, the NSA’s digital attacks are shrouded in secrecy, and only a handful of attacks ever see the light of day.

The federal government says that it does tend to disclose software vulnerabilities, but the process now is so shrouded in secrecy that there’s no way for investigative journalists or the public to verify that assertion. But even Michael Daniel, Special Assistant to the President and Cybersecurity Coordinator, has acknowledged that, "Building up a huge stockpile of undisclosed vulnerabilities while leaving the Internet vulnerable and the American people unprotected would not be in our national security interest."

The Equation Group hack underscores the fact that the NSA is not a perfect fortress. A future leak like the Shadow Brokers’ could lead to even more harmful security vulnerabilities being made public. Or perhaps disclosure won’t happen publicly online: powerful nation-states may hack into NSA systems to steal this information–or offer significant financial compensation to insiders willing to pass on secrets–and then use it secretly. Even if that doesn’t happen, without public data on the so-called rate of “bug collision”, 2 we have to take the NSA’s word that the security vulnerabilities it uncovers will never be discovered by an unfriendly government and used for spying, or by criminals and used for malicious hacking.

Ari Schwartz, the former White House National Security Council Senior Director for Cybersecurity, told FedScoop that he expected another incident of software vulnerabilities leaking online in the "near future." He also indicated that there was another route: "It would be better to have vulnerabilities shared with vendors directly from the U.S. government rather than having them leak out from other sources attributed to the U.S. government."

 The current—nonbinding—process for assessing whether a given security vulnerability should be disclosed is known as the Vulnerabilities Equities Process, some details of which EFF has obtained through a FOIA suit. The government is supposed to follow this process to decide whether to tell tech companies about their security flaws, or hang onto the knowledge and try to exploit the flaws in the future. But the current process is broken: even strong NSA proponents admit as much. There is no reporting requirement that would allow the American public to know what percentage of the vulnerabilities discovered are sent on to the software vendors, and no way for us to know whether high profile security vulnerabilities ever go through this process. Even Congress is kept largely in the dark.

We are not saying that the U.S. government shouldn’t ever keep and use security vulnerabilities for intelligence purposes, or that the U.S. government shouldn’t purchase zero day exploits. These can and have been powerful tools for our intelligence agencies to safeguard our country. But like any intelligence tool, transparency and strong accountability are necessary to prevent abuse and unintended consequences. And when it comes to security vulnerabilities, it’s impossible to tell whether the NSA is going too far because they’ve gone to great lengths to block public and Congressional oversight of this matter.

Whenever the NSA decides to exploit a security vulnerability instead of disclosing it to the software vendor, it’s making a bet that another nation-state or malicious hacking group like the Shadow Brokers won’t also find it. With the currently available data, the public has no way of analyzing whether that’s a good bet. Even worse, the NSA isn’t just wagering their own money in this high stakes poker game: they’re betting with the computer security of hundreds of millions of computer users.

The Equation Group leak should be a wake up call to decision makers that we need to publicly debate the issue of government hacking, and that should start with a Congressional hearing that includes testimony from cybersecurity experts and civil society. Unless civil society and the information security community speak up now, we run the risk that these decisions will be made without our input. It’s time to roll up our sleeves and get to work.

  • 1. The Shadow Brokers aren’t making much progress of getting their 1 million bitcoin, but you can watch their progress. Look for the rickrolling Easter Egg in the transaction IDs.
  • 2. When exploits found and used by one party, e.g. the NSA, are discovered by others, e.g. China, they’re said to "collide."
var mytubes = new Array(3); mytubes[1] = '%3Ciframe src=%22 allowfullscreen=%22%22 width=%22560%22 height=%22315%22 frameborder=%220%22%3E%3C/iframe%3E'; mytubes[2] = '%3Ciframe width=%22560%22 height=%22315%22 src=%22 frameborder=%220%22 allowfullscreen=%22%22%3E%3C/iframe%3E'; mytubes[3] = '%3Ciframe src=%22 allowfullscreen=%22%22 width=%22560%22 frameborder=%220%22 height=%22315%22%3E%3C/iframe%3E'; Related Cases: EFF v. NSA, ODNI - Vulnerabilities FOIA
Share this: Join EFF
Categories: Aggregated News

Hillary Supports Illegal Sanctions on Iran - Sat, 03/09/2016 - 02:34
Hillary Supports Illegal Sanctions on Iran
by Stephen Lendman
In January, Security Council sanctions on Iran were lifted. America still maintains some of its illegally imposed ones, despite promises of relief following implementation of last year’s Joint Comprehensive Plan of Action (JCPOA) nuclear deal - once again showing its word isn’t its bond.
Bipartisan US policymakers can’t be trusted, saying one thing, doing another. Hillary is militantly anti-Russia, anti-China, anti-Iran, anti-peace.
According to her spokesman Jesse Lehrich, she “supports a clean reauthorization of the Iran Sanctions Act,” imposed solely for political reasons, along with numerous other US hostile actions, punishing the Islamic Republic unfairly and illegally since 1979.
Initially it was by seizing $12 billion in Iranian government bank deposits, gold and various properties in November that year.
A full trade embargo followed, largely maintained despite last year’s JCPOA implementation, normalization with Tehran denied because of heavy bipartisan congressional and Israeli pressure against it.
In 2006, the Iran and Libya Sanctions Act was renamed the Iran Sanctions Act (ISA). Authorized through end of 2016, it prohibits US and foreign oil development investments. 
Violators face stiff penalties. They include denial of Export-Import Bank of the United States help, rejection of export licenses, and a ban on all or some violating company imports.
Hillary wants US/Iranian relations based on a “distrust and verify” policy, continuing to punish the country for maintaining its sovereign independence and being Israel’s main regional rival.
She wants ISA renewed for another decade, effectively in perpetuity as long as Iran remains free from US dominance - with congressional authorization for new sanctions any time at Washington’s discretion.
Billions of dollars of Iranian assets remain frozen. European banks face heavy pressure not to resume normalized business relations with Tehran.
According to Iranian deputy oil minister for trade and international relations, Amir Hossein Zamaninia, European banks are reluctant to run afoul of US policies - complicated by  deliberate lack of clarity on American-imposed rules for doing business with Tehran.
Sanctions relief isn’t coming as expected, Washington obstructing normalized relations. Decades of punishing Iran continues, things likely worsening if Hillary succeeds Obama.
War is the greatest risk with her in power, escalated against Syria, Iran next if Assad falls, Russia and China to follow. Possible nuclear armageddon awaits if she’s commander-in-chief of America’s military.
Stephen Lendman lives in Chicago. He can be reached at 
His new book as editor and contributor is titled "Flashpoint in Ukraine: How the US Drive for Hegemony Risks WW III."
Visit his blog site at 

Listen to cutting-edge discussions with distinguished guests on the Progressive Radio News Hour on the Progressive Radio Network.

Bloomberg Interviews Putin - Sat, 03/09/2016 - 02:02
Bloomberg Interviews Putin
by Stephen Lendman
Straight talk defines all Putin remarks, unlike Obama’s consistent demagogic double-talk.
Interviewed by Bloomberg’s John Micklethwait in Vladivostok ahead of G 20 leaders meeting in Hangzhou, China on September 4 and 5, Putin was positive on US/Russia cooperation on Syria, saying:
“In my opinion, we’re gradually heading in the right direction, and I don’t exclude that we’ll be able to agree on something in the near future…” 
We’ve down this road numerous times before on various issues, at times reaching agreement, later breached because Washington unilaterally violated its terms. Hold the cheers on believing this time is different.
Putin denied accusations by US officials and Western media, claiming Russian involvement in hacking DNC emails.
“(D)oes it even matter who hacked this data,” he asked? “The important thing is the content that was given to the public” - important revelations Americans have a right to know about a candidate seeking the nation’s highest office.
“There’s no need to distract the public’s attention from the essence of the problem by raising some minor issues connected with the search for who did it,” Putin stressed. 
“But I want to tell you again. I don’t know anything about it, and on a state level Russia has never done this.”
“(T)here are so many hackers today…work(ing) with such finesse, planting a trail…masquerading their actions (to appear) those of other hackers…it’s difficult to trace…even impossible” to know the source of these attacks.
Asked if he has a favorite candidate in America’s presidential race, he diplomatically declined to say, knowing he has to deal with electoral results he has no control over.
“I would like to deal with a person who can take responsible decisions and deliver on agreements. Name is irrelevant here,” he said.
“They both make shocking statements in their own way. They both are smart people and know which points to press to be heard and understood by US voters.”
Trump earlier said he’d “get along very well with Putin…He’s a strong leader…I think it would be a positive thing if Russia and the United States actually got along.”
Hillary is militantly anti-Russia, anti-Putin, earlier outrageously comparing him to Hitler, calling him “dangerous,” saying his nonexistent “aggression in Ukraine must be answered.”
Weeks earlier, she lied, saying “(w)e know that Russian intelligence services, which are part of the Russian government - which in under the firm control of Vladimir Putin - hacked into the DNC.”
On August 25, she said “the grand godfather of this global brand of extreme nationalism is Russian President Vladimir Putin.”
He’s the preeminent world leader, dedicated to world peace and stability, favoring mutual cooperation among all nations under multi-polar world conditions - notions polar opposite America’s imperial agenda.
A third Clinton co-presidency heightens chances for America preemptively attacking Russia, possibly with nuclear weapons. If it happens, all bets are off!
Stephen Lendman lives in Chicago. He can be reached at 
His new book as editor and contributor is titled "Flashpoint in Ukraine: How the US Drive for Hegemony Risks WW III."
Visit his blog site at 

Listen to cutting-edge discussions with distinguished guests on the Progressive Radio News Hour on the Progressive Radio Network.

Hillary's American Legion Address: A Near-Declaration of War on Russia - Fri, 02/09/2016 - 21:35
Hillary’s American Legion Address: A Near-Declaration of War on Russia
by Stephen Lendman
The shocking prospect of Hillary succeeding Obama should scare everyone. 
No likely future US leader ever represented a greater threat to world peace and humanity’s survival than she does - an unparalleled menace, a chilling red alert to where things seem heading, a possible doomsday scenario unfolding in plain sight while no one’s paying attention.
UK politician Simon Parkes lays out a possible WW III scenario, believing Germany’s Angela Merkel may be used as a modern-day Archduke Ferdinand to provoke conflict with Russia.
Days earlier, a possible assassination attempt on her was foiled during her visit to Prague, an armed man in a vehicle trying to join her motorcade stopped and detained.
According to Parkes, Western monied interests believe the solution to precarious world economic conditions adversely affecting business is global war for its profit potential. 
He envisions a scheme to provoke belligerence against Russia, launching WW III. Whether he’s right or wrong remains to be seen.
Clearly, US hostility toward Russia risks the unthinkable. Possible East/West confrontation is too great a risk to ignore - especially if Hillary succeeds Obama, a war goddess, a neocon Russophobe. 
In Cincinnati on Wednesday, she addressed the American Legion’s national convention, a militant right-wing federally chartered veterans’ organization founded post-WW I in 1919.
Touting American exceptionalism along with calling the US an indispensable nation, she called for military strength to counter nonexistent “threats from…Russia, China, Iran and North Korea.”
She wants more spent on US militarism and belligerence than already on the pretext of unsafe world conditions, solely because of US imperial adventurism.
She blamed Russia irresponsibly for hacking DNC emails, saying “(a)s president, I will make it clear, that the United States will treat cyber attacks like any other attack. We will be ready with serious political, economic and military responses.”
She barely stopped short of announcing plans for war on Russia, China, Iran and North Korea with her as commander-in-chief of America’s military - a WW III scenario if launched, likely with nuclear weapons risking humanity’s survival.
She’ll “make sure America’s (nuclear) arsenal is prepared to meet future threats.” None exist except ones lunatics in Washington invent.
She blasted Trump for not being as militantly hardline as she is, irresponsibly claiming he’s too soft on Russia, accusing him of political ties to Putin.
Endless wars will continue on her watch as president, including possible nuclear confrontation with Russia and other sovereign independent nations challenging America’s quest for unchallenged global dominance.
Trump addressed legionnaires on Thursday, following Clinton the previous day. Not to be overshadowed, he hyped a policy of “peace through strength,” saying “(n)obody will be able to compete with us” militarily.
He pledged to “be uncompromising in the defense of the United States and our friends and our good allies.” 
“We are going to end the era of nation-building, and create a new foreign policy - joined by our partners in the Middle East - that is focused on destroying ISIS and radical Islamic terrorism.”
He failed to explain the way to do it by cutting off military and other support from Washington and its rogue allies. These groups can’t exist without foreign backing.
No matter who succeeds Obama, US imperial madness will remain the world’s greatest existential threat - nuclear war less likely under Trump along with perhaps a better chance for more normal relations with Russia than currently or with Hillary as US leader.
Stephen Lendman lives in Chicago. He can be reached at 
His new book as editor and contributor is titled "Flashpoint in Ukraine: How the US Drive for Hegemony Risks WW III."
Visit his blog site at 

Listen to cutting-edge discussions with distinguished guests on the Progressive Radio News Hour on the Progressive Radio Network.

US Expands Illegal Sanctions on Russia - Fri, 02/09/2016 - 21:27
US Expands Illegal Sanctions on Russia
by Stephen Lendman
Security Council members alone may impose sanctions on countries, not individual nations unilaterally or together with others against states they wish to harm economically, politically and/or militarily.
US sanctions on Russia are illegal. So are EU ones and what other countries imposed because of heavy pressure from Washington.
On Wednesday, America announced new sanctions on Russian companies and individuals, heightening bilateral hostility instead of curbing it. More on this below.
On Thursday, Sergey Lavrov addressed the deplorable state of US/Russia relations, saying Moscow’s foreign policy is being adjusted accordingly.
Business as usual with America, NATO and Europe is impossible, he explained. “Political commitments (on European security) have been grossly violated and continue to be violated, and our proposals to translate these commitments from political declarations into the category of legally binding ones have been rejected outright,” he added.
Moscow is prepared to restore normalized relations with the West, “but only on the basis of equality, without any attempts to transform these relations into a one-way traffic.”
Hillary-led US neocons are using Russia as a convenient punching bag during Washington’s political season. Russia is a sovereign independent state, Lavrov stressed. 
It rejects efforts by any nation to treat it any other way. Washington prefers hostile to normalized relations - new sanctions the latest example, imposed on Russian companies and dozens of individuals involved in building the Kerch Strait bridge linking Crimea to the Russian mainland.
Originally jointly planned with Ukraine’s Yanukovych government in 2010, US-installed putschists withdrew from the project in 2014. Moscow intends completing it on its own - a span of nearly 12 miles for road and rail traffic across the Kerch Strait, linking the Black Sea and Sea of Azov.
Sanctions have nothing to do with US allegations of Russia acting illegally against Ukraine. It’s not. They’re solely for geopolitical reasons, exacerbating uneasy bilateral relations.
Moscow intends responding appropriately, saying “(t)he expansion of sanctions list announced by Washington on September 2 which includes Russian companies and organizations, as well as several legal entities with Russian participation outside of our country, is not just another demonstration of US administration’s inability to appropriately assess the situation in Ukraine.”
“This is a reflection of a mindset rooted in the US ruling circles set on conscious and consistent destruction of basis for normalizing Russian-American relations.”
US responsibility for crisis conditions in Ukraine “provoked and fanned from across the ocean is used by the US administration as a pretext for imposing on us the unacceptable ‘behavior model.’ “
Additional illegal sanctions also “will be used against us in the framework of American legislation on Iran, Syria and North Korea.”
They’re “another element in a whole series of hostile actions made by the US toward Russia lately in different spheres, including military, economic and visa aspects.” 
“Washington’s unacceptable rhetoric is overboard. Such a reckless course arouses growing concern even among US allies. It can result in serious costs for international stability and will undoubtedly hit back at American interests.”
Longstanding US plans call for regime change in Russia. Increasingly hostile acts seem headed inexorably toward direct confrontation - the unthinkable prospect of war between the world’s two dominant nuclear powers.
A neocon-infested Hillary administration succeeding Obama, militantly hostile to Russia, makes US launched conflict far more likely - why it’s crucial to defeat her in November.
Stephen Lendman lives in Chicago. He can be reached at 
His new book as editor and contributor is titled "Flashpoint in Ukraine: How the US Drive for Hegemony Risks WW III."
Visit his blog site at 

Listen to cutting-edge discussions with distinguished guests on the Progressive Radio News Hour on the Progressive Radio Network.

NYT Editors Support Brazil's Coup d'Etat Regime - Fri, 02/09/2016 - 21:12
NYT Editors Support Brazil’s Coup d’Etat Regime 
by Stephen Lendman
The Times is an enemy of peace, equity, justice, rule of law principles and democratic values - an instrument of state propaganda, exclusively serving wealth, power and privilege.
US and Brazilian dark forces conspired to oust democratically elected President Dilma Rousseff - tyranny triumphing over fundamental freedoms, Latin America’s largest country now run by a criminal cabal similar to fascist duopoly power in America.
State Department spokesman admiral John Kirby expressed support for coup plotters now in charge, shamelessly calling fascist-run America and Brazil the hemisphere’s “two largest democracies…”
Times editors said Rousseff was ousted “amid political upheaval and allegations of wrongdoing” - failing to explain “upheaval” was internally and externally generated, wrongdoing allegations fabricated as justification for replacing democracy with illegitimate coup d’etat rule.
Times editors lied, claiming her “downfall” is “more complex than she acknowledges.” There’s nothing complex about an old-fashioned coup except for deciding on how to execute it.
In Brazil, it was as simple as corrupt fascist senators usurping power, voting to impeach her by a four-to-one margin.
Instead of denouncing coup d’etat lawlessness, Times editors said “(t)here are concrete steps the government can take to start restoring Brazilians’ faith in their scandal-ridden political elite.”
One way alone can do it. Rousseff appealed to Brazil’s Supreme Court to annul the parliamentary coup against her, arguing it was unconstitutional.
Budgetary policies aren’t impeachable offenses. Nor was she granted due process rights during farcical Senate trial proceedings.
It’s highly unlikely Court justices will undo Senate action against her. US-supported tyranny has a firm grip on power - shamelessly supported by NYT editors.
Stephen Lendman lives in Chicago. He can be reached at 
His new book as editor and contributor is titled "Flashpoint in Ukraine: How the US Drive for Hegemony Risks WW III."
Visit his blog site at 

Listen to cutting-edge discussions with distinguished guests on the Progressive Radio News Hour on the Progressive Radio Network.



Advertise here!

Syndicate content
All content and comments posted are owned and © by the Author and/or Poster.
Web site Copyright © 1995 - 2007 Clemens Vermeulen, Cairns - All Rights Reserved
Drupal design and maintenance by Clemens Vermeulen Drupal theme by Kiwi Themes.
Buy now