Tag Archive: Julian Assange.


Rolling Stone

The WikiLeaks Mole

Siggi Thordarson with Julian Assange in London 2011.
Allen Clark
January 6, 2014 9:00 AM ET

On a recent frigid night near Reykjavik, Iceland, Sigurdur “Siggi” Thordarson slips into a bubbling geothermal pool at a suburban swim club. The cherubic, blond 21-year-old, who has been called everything in the press from “attention seeker” to “traitor” to “psychopath,” ends many of his days here, where, like most places around the city, he’s notorious. But even at a spa, he can find only the briefest moment of relaxation. Soon, the local prosecutor who is trying him for leaking financial records joins him in the tub, and Siggi quickly has to flee to another pool. “How does it feel to be the most dangerous man in Iceland?” a bather shouts across the steam.

Julian Assange: The Rolling Stone Interview

In person, Siggi’s doughy shape and boyish smile make him seem less than menacing – unless you’re another one of the world’s most dangerous men, Julian Assange. Four years ago, just as WikiLeaks was winning international notoriety, the then-17-year-old hacking prodigy became Assange’s youngest and most trusted sidekick. “It was like Batman and Robin,” says Birgitta Jónsdóttir, a former WikiLeaks volunteer and member of the Icelandic parliament. But as Assange became more embattled and besieged, the protégé turned on his mentor in the most shocking of ways: becoming the first FBI informant inside the group.

Siggi’s story of international espionage and teenage high-roller antics plays like James Bond meets Superbad, starring a confounding mash-up of awkward man-child and balls-out tech savant. And his tale reveals not only the paranoia and strife within WikiLeaks, but just how far the feds were willing to go to get Assange.

Siggi still lives with his parents in a nondescript high-rise, sitting at his computer in a bedroom lined with stuffed animals, including an orangutan-size Garfield he bought for $2,000. But his jet-black Mercedes ML350 is parked outside, which, along with his recent conviction for sexual misconduct against a 17-year-old boy (he says the relationship was consensual), speaks to his bizarre double life.

The Trials of Bradley Manning

The revelation of Siggi’s role as an FBI snitch has polarized WikiLeaks insiders. When I met with WikiLeaks spokesman Kristinn Hrafnsson (Assange declined to talk for this story), he grew red in the face, dismissing Siggi as “a pathological liar,” a party line echoed by the WikiLeaks faithful. “It all sounds rather absurd,” Hrafnsson says, “to go and to spend all this time analyzing the absolute bullshit that is flowing out of this young man, who is so troubled that he should be hospitalized.”

While other WikiLeaks insiders also question Siggi’s credibility, they insist that his story can’t be discounted, and there’s more to it than the organization is letting on. Tangerine Bolen, founder of the whistle-blowing advocacy organization Revolution­Truth, which used to work closely with WikiLeaks, is among those who say the group’s efforts to discredit Siggi are “patently false. They’re scared. The fact is Siggi played a key role in the organization and was very close to Julian.”

The truth, it seems, may be held in the leaks. Siggi has provided Rolling Stone with more than a terabyte of secret files he claims to have taken from WikiLeaks before he left in November 2011 and gave to the FBI: thousands of pages of chat logs, videos, tapped phone calls, government documents and more than a few bombshells from the organization’s most heated years. They’re either the real thing, or the most elaborate lie of the digital age.

Jacob Applebaum: The American WikiLeaks Hacker

Assange himself validated the importance of Siggi’s documents when he filed an affidavit late this past summer asserting that “the FBI illegally acquired stolen organisational and personal data belonging to WikiLeaks, me and other third parties in Denmark in March 2012” and that the FBI “was attempting to entrap me through Sigurdur Thordarson.”

Whatever their origins, the SiggiLeaks are a deep and revealing portal into one of the most guarded and influential organizations of the 21st century – and the extreme measures its embattled leader is willing to take. Of all Assange’s allies who’ve come and gone, few served him as faithfully as Siggi, or betrayed him so utterly. “One thing is sure,” Siggi tells me in his thick Icelandic accent, as the vapors from the thermal pool rise around him. “I have not lived a life like a teenager.”

Like Assange and so many gifted hackers, Siggi had an isolated childhood. The son of a hairdresser and a paint-company sales manager, he grew up with his little sister in a middle­class suburb of Reykjavik. Though puckish and bright, he was bored by school, alienated from his classmates and dreamed of a life beyond bourgeois Nordic comfort. “When I was, like, 12 years old, I wished for a couple of things,” he tells me as we drive one afternoon past some lava fields outside the capital. “I wished to be rich; I wished to be a famous guy; I wished to live an adventureful life.”

He found the excitement he craved in computers, and at age 12 he says he hacked into his first website, a local union’s home page, which he replaced with a picture of “a big fluffy monkey.” The experience empowered him. “When you do something like that, you feel invincible,” he says, “and if you can do that, what else can you do?”

He found out two years later, when, on a plane back from a family vacation, he fixed a laptop for a businessman sitting next to him. The executive was so impressed by his skills that he offered him a job at the Icelandic financial firm Milestone: scrubbing computers of sensitive documents. Siggi figures the company trusted him with such data because he was only 14 and must have thought, as he says, “I wouldn’t understand what I was supposed to delete.” Plus, the pay dwarfed that of his paper route.

WikiLeaks’ Greatest Hits

Curious about the files he was erasing, he’d copy them and study them at night. What he eventually discovered astonished him: Employees of Milestone seemed guilty of large-scale corruption in collusion with local politicians. At this time, in 2009, Iceland was reeling from the worldwide financial crisis, and Siggi believed the people deserved to know the role of Milestone and their dirty politicians – even if that meant leaking the files. “Someone has to do it,” he thought, “and why not me?”

In the fall, Siggi says he brought more than 600 gigabytes of Milestone data to the Icelandic newspaper Dagbladid Vísir, making front-page news and leading to investigations against the politicians and businessmen he exposed. Siggi believed in the importance of exposing the corruption he describes as “illegal as it gets.” With his identity still secret, he kept on leaking to other media outlets until, for reasons he never learned, his childhood friend outed him, a betrayal that changed him. “I literally just stopped believing in humanity,” he says. “Since then, I just basically stopped having feelings.”

But after being arrested and splashed across the news, he found a powerful connection in Kristinn Hrafnsson. A well-known TV reporter in Reykjavik at the time, Hrafnsson considered Siggi’s leaks to be “quite significant” and worthy of an introduction to another up-and-coming whistle-blower, Julian Assange, who was speaking at the University of Iceland. Though WikiLeaks had already exposed death squads in Kenya and financial malfeasance in the Swiss bank Julius Baer, the group was still largely unknown. But at the panel, Siggi found, to his surprise, that Assange was well aware of his work – he even chastised the reporter who revealed Siggi’s name in the Milestone leak. “He was basically just condemning the guy, sayingouting whistle­blowers is wrong,” recalls Siggi, who reveled in the support.

The bond between the two was immediate. Assange too had been arrested for hacking when he was a young man in Australia. He also had a son, Daniel, who was roughly Siggi’s age, whom he had little contact. “I think Julian saw himself in Siggi,” says Jónsdóttir. “Julian felt an immediate sympathy toward the kid.”

After the panel, Siggi says he took Assange to Sea Bar, a small, rustic restaurant on the water. Over lobster soup and whale steak, they spoke about politics, hacking and their shared sense of purpose in exposing the secrets of the elite. Assange struck Siggi as someone with the courage to take on anyone. “He’s the kind of activist that does the thing that has to be done,” Siggi tells me. After talking for a few hours, Assange took out a small metal box. “Have you ever seen this before?” he said.

Assange cracked open the container and revealed three phones inside. “These are encrypted cellphones,” he said. “I’m going to give you one. Just keep it on at all times so I can communicate with you, day and night.”

Read More Here

Enhanced by Zemanta

Britain ‘snooped’ on Icelandic officials’ emails to recover cash from broken banks

Published time: November 10, 2013 12:06

AFP Photo / Nicholas Kamm

AFP Photo / Nicholas Kamm

An Icelandic MP says Britain spied on Iceland while wrestling to rescue its citizens’ cash from collapsed Icelandic banks after the financial crisis. Birgitta Jónsdóttir claims she received a tip-off from WikiLeaks founder Julian Assange.

Jónsdóttir, who represents Iceland’s Pirate Party, maintains that the UK’s intelligence agencies systematically intercepted messages sent by Icelandic negotiators when Britain tried to recover savers’ cash held in the country’s banks that went bankrupt.

Jónsdóttir, a prominent WikiLeaks supporter, said that she was tipped off to the spying in 2010 by Assange, Iceland’s Visir newspaper reported.

Having received the tip-off, she warned members of Iceland’s negotiating team not to send emails to each other.

“The UK authorities had very good access to everything that was going on between members of the team. It is the role of intelligence, for example MI5, to spy on other countries, especially if it concerns their national interests. Their duty was to gather information and intelligence about us, and the duty of the Icelandic government was to do everything to protect us against such espionage,” Jónsdóttir told the newspaper.

The revelation could reignite tensions between the UK and Iceland, which were stoked in 2008 when the UK government used anti-terrorism legislation to freeze an Icelandic bank’s assets in the UK. The British Chancellor of the Exchequer at the time, Alastair Darling, seized the funds of Landsbanki’s Internet bank, Icesave, to protect UK depositors’ money after the Icelandic government reacted to Landsbanki’s toxic debts by nationalizing the bank.

Last week, Britain got involved in another major spy scandal when it was reported that the UK has been allegedly using its Berlin embassy to spy on the nearby Bundestag, as well as the office of Chancellor Angela Merkel.

Read More Here

Enhanced by Zemanta

 

A military judge on Wednesday sentenced Pfc. Bradley Manning to 35 years in prison, bringing to a close the government’s determined pursuit of the Army intelligence analyst who leaked the largest cache of classified documents in U.S. history.The long prison term is likely to hearten national security officials who have been rattled by the subsequent leaks from former National Security Agency contractor Edward Snowden. Manning’s conviction might also encourage the government to bring charges against the man who was instrumental in the publication of the documents, Julian Assange, the founder of WikiLeaks.

Video

A military judge sentenced Army Pfc. Bradley Manning to 35 years in prison for giving a trove of military and diplomatic secrets to WikiLeaks.

A military judge sentenced Army Pfc. Bradley Manning to 35 years in prison for giving a trove of military and diplomatic secrets to WikiLeaks.

Manning’s supporters and detractors took to Twitter to voice their opinions on his 35-year sentence.

Manning, 25, was acquitted last month of the most serious charge he faced — aiding the enemy — but was convicted of multiple other counts, including violations of the Espionage Act, for copying and disseminating classified military field reports, State Department cables, and assessments of detainees held at Guantanamo Bay, Cuba.“The message won’t be lost for everyone in the military,” said Steven Bucci, director of the Douglas and Sarah Allison Center for Foreign Policy Studies at the Heritage Foundation. “When you sign a security clearance and swear oaths, you actually have to abide by that. It is not optional.”Civil liberties groups condemned the judge’s decision.“When a soldier who shared information with the press and public is punished far more harshly than others who tortured prisoners and killed civilians, something is seriously wrong with our justice system,” said Ben Wizner, director of the American Civil Liberties Union’s Speech, Privacy and Technology Project. “This is a sad day for Bradley Manning, but it’s also a sad day for all Americans who depend on brave whistleblowers and a free press for a fully informed public debate.”

Manning will receive 31 / 2 years of credit for time served in pretrial confinement and for the abusive treatment he endured in a Marine brig at Quantico, making him eligible for parole in seven years. He will serve his sentence at the military prison at Fort Leavenworth, Kan.

On Wednesday, Manning stood at attention, with his attorneys at his side and his aunt behind him, as he listened to Judge Denise Lind read the sentence aloud. He did not appear to react to her decision.

Lind, an Army colonel, also said Manning would be dishonorably discharged, reduced in rank to private, and forfeit all pay. He had faced up to 90 years in prison.

As Manning was escorted out of the packed courtroom at Fort Meade, more than half a dozen supporters shouted out to him: “We’ll keep fighting for you, Bradley! You’re our hero!”

According to his attorney David Coombs, Manning told his distraught defense team after the sentence was issued, “It’s okay. Don’t worry about it. I know you did your best. I am going to be okay. I am going to get through this.”

Coombs said at a news conference that he will seek a presidential pardon for his client in the coming weeks. He read a statement from Manning in which the private reiterated his reasons for leaking classified material, saying he had “started to question the morality” of U.S. policy. Manning added that if his request for a pardon is denied, he will serve his time “knowing sometimes you pay a heavy price to live in a free country.”

Read More and  Watch Video Here

Enhanced by Zemanta

LeakSourceNews LeakSourceNews

***************************************************************************************************

How Laura Poitras Helped Snowden Spill His Secrets

Olaf Blecker for The New York Times

Documentary filmmaker Laura Poitras in Berlin.

This past January, Laura Poitras received a curious e-mail from an anonymous stranger requesting her public encryption key. For almost two years, Poitras had been working on a documentary about surveillance, and she occasionally received queries from strangers. She replied to this one and sent her public key — allowing him or her to send an encrypted e-mail that only Poitras could open, with her private key — but she didn’t think much would come of it.

Q. & A.: Edward Snowden Speaks to Peter Maass

Why he turned to Poitras and Greenwald.

The stranger responded with instructions for creating an even more secure system to protect their exchanges. Promising sensitive information, the stranger told Poitras to select long pass phrases that could withstand a brute-force attack by networked computers. “Assume that your adversary is capable of a trillion guesses per second,” the stranger wrote.

Before long, Poitras received an encrypted message that outlined a number of secret surveillance programs run by the government. She had heard of one of them but not the others. After describing each program, the stranger wrote some version of the phrase, “This I can prove.”

Seconds after she decrypted and read the e-mail, Poitras disconnected from the Internet and removed the message from her computer. “I thought, O.K., if this is true, my life just changed,” she told me last month. “It was staggering, what he claimed to know and be able to provide. I just knew that I had to change everything.”

Poitras remained wary of whoever it was she was communicating with. She worried especially that a government agent might be trying to trick her into disclosing information about the people she interviewed for her documentary, including Julian Assange, the editor of WikiLeaks. “I called him out,” Poitras recalled. “I said either you have this information and you are taking huge risks or you are trying to entrap me and the people I know, or you’re crazy.”

The answers were reassuring but not definitive. Poitras did not know the stranger’s name, sex, age or employer (C.I.A.? N.S.A.? Pentagon?). In early June, she finally got the answers. Along with her reporting partner, Glenn Greenwald, a former lawyer and a columnist for The Guardian, Poitras flew to Hong Kong and met the N.S.A. contractor Edward J. Snowden, who gave them thousands of classified documents, setting off a major controversy over the extent and legality of government surveillance. Poitras was right that, among other things, her life would never be the same.

Greenwald lives and works in a house surrounded by tropical foliage in a remote area of Rio de Janeiro. He shares the home with his Brazilian partner and their 10 dogs and one cat, and the place has the feel of a low-key fraternity that has been dropped down in the jungle. The kitchen clock is off by hours, but no one notices; dishes tend to pile up in the sink; the living room contains a table and a couch and a large TV, an Xbox console and a box of poker chips and not much else. The refrigerator is not always filled with fresh vegetables. A family of monkeys occasionally raids the banana trees in the backyard and engages in shrieking battles with the dogs.

Glenn Greenwald, a writer for The Guardian, at home in Rio de Janeiro.
Mauricio Lima for The New York Times

Glenn Greenwald, a writer for The Guardian, at home in Rio de Janeiro.

Greenwald does most of his work on a shaded porch, usually dressed in a T-shirt, surfer shorts and flip-flops. Over the four days I spent there, he was in perpetual motion, speaking on the phone in Portuguese and English, rushing out the door to be interviewed in the city below, answering calls and e-mails from people seeking information about Snowden, tweeting to his 225,000 followers (and conducting intense arguments with a number of them), then sitting down to write more N.S.A. articles for The Guardian, all while pleading with his dogs to stay quiet. During one especially fever-pitched moment, he hollered, “Shut up, everyone,” but they didn’t seem to care.

Amid the chaos, Poitras, an intense-looking woman of 49, sat in a spare bedroom or at the table in the living room, working in concentrated silence in front of her multiple computers. Once in a while she would walk over to the porch to talk with Greenwald about the article he was working on, or he would sometimes stop what he was doing to look at the latest version of a new video she was editing about Snowden. They would talk intensely — Greenwald far louder and more rapid-fire than Poitras — and occasionally break out laughing at some shared joke or absurd memory. The Snowden story, they both said, was a battle they were waging together, a fight against powers of surveillance that they both believe are a threat to fundamental American liberties.

Read More Here

*************************************************************************************************

Snowden: American media ‘abdicated their role as check to power’

Published time: August 14, 2013 14:13
Edited time: August 15, 2013 04:55

(L-R) Laura Poitras (Reuters / Lucy Nicholson), Edward Snowden (AFP Photo / The Guardian) and Glenn Greenwald (Reuters / Sergio Moraes)

(L-R) Laura Poitras (Reuters / Lucy Nicholson), Edward Snowden (AFP Photo / The Guardian) and Glenn Greenwald (Reuters / Sergio Moraes)

NSA whistleblower Edward Snowden has gone on the offensive against his critics in the US, accusing the mainstream media there of failing their audiences “for fear of being seen as unpatriotic and punished in the market.”

In a rare interview, Snowden explained why he chose a UK journalist and a documentary filmmaker for his leaks.

In an encrypted e-mail correspondence with journalist Peter Maass, the former NSA contractor-turned-whistleblower presented his candid opinion of the US media and what finally persuaded him to go public on the NSA’s worldwide surveillance program.

The heightened level of nationalism prevalent in the United States following the attacks of 9/11 precluded US media from engaging in any serious discussion on the excesses of government behavior for fear of seeming “unpatriotic,” Snowden argued in the interview published in The New York Times – his first since gaining temporary asylum in Russia.

“After 9/11, many of the most important news outlets in America abdicated their role as a check to power — the journalistic responsibility to challenge the excesses of government — for fear of being seen as unpatriotic and punished in the market during a period of heightened nationalism,” the NY Times reported Snowden as saying.

The former CIA employee said this strategy by the American media establishment had “ended up costing the public dearly.”

Snowden then revealed what led him to divulge his explosive information to Laura Poitras, the documentary filmmaker who served first as an intermediary between Snowden and Glenn Greenwald, an investigative journalist with The Guardian, and now with Maass.

“Laura and Glenn are among the few who reported fearlessly on controversial topics throughout this period, even in the face of withering personal criticism, and resulted in Laura specifically becoming targeted by the very programs involved in the recent disclosures,” Snowden said.

Poitras “demonstrated the courage, personal experience and skill needed to handle what is probably the most dangerous assignment any journalist can be given — reporting on the secret misdeeds of the most powerful government in the world,” Snowden said in the NY Times interview, adding that those qualifications made her “an obvious choice.”

Demonstrators hold up a placard in support of former US agent of the National Security Agency, Edward Snowden in front of Berlin's landmark Brandenburg Gate (AFP Photo / John Macdougall)

Demonstrators hold up a placard in support of former US agent of the National Security Agency, Edward Snowden in front of Berlin’s landmark Brandenburg Gate (AFP Photo / John Macdougall)

The interview then focused on what made Snowden, who arrived on May 20 in Hong Kong with details of the NSA’s PRISM program, confident that he could place his trust in Poitras.

Snowden told Maass that he discovered Poitras was “more suspicious of me than I was of her, and I’m famously paranoid.”

Read More Here

*************************************************************************************************

Encryption Works: How to Protect Your Privacy in the Age of NSA Surveillance

July 2, 2013
By Micah Lee Follow @micahflee

View this whitepaper in PDF form.

Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.

— Edward Snowden, answering questions live on the Guardian’s website

The NSA is the biggest, best funded spy agency the world has ever seen. They spend billions upon billions of dollars each year doing everything they can to vacuum up the digital communications of most humans on this planet that have access to the Internet and and the phone network. And as the recent reports in the Guardian and Washington Post show, even domestic American communications are not safe from their net.

Defending yourself against the NSA, or any other government intelligence agency, is not simple, and it’s not something that can be solved just by downloading an app. But thanks to the dedicated work of civilian cryptographers and the free and open source software community, it’s still possible to have privacy on the Internet, and the software to do it is freely available to everyone. This is especially important for journalists communicating with sources online.

Table of Contents

Threat Model

The NSA is a powerful adversary. If you are its direct target, you have to go to great lengths to communicate in private, and even if you’re not, billions of innocent Internet users get caught in the NSA’s dragnet too.

While the tools and advice in this paper are aimed at protecting your privacy from the NSA’s collection methods, the same advice can be used to increase your computer security against any adversary. It’s important to remember that other governments, including China and Russia, spend massive amounts of money of their own high-tech surveillance equipment and are known to specifically target journalists and sources. In the US, bad digital security can cost whistleblowers their freedom, but in other countries it can cost both journalists and sources their lives. A recent example from Syria illustrates how careless digital security can have tragic results.

But changing some basic software practices could award you a great deal of privacy, even if it doesn’t keep you secure against targeted attacks by governments. This paper explores methods you can use in both cases.

Crypto Systems

We discovered something. Our one hope against total domination. A hope that with courage, insight and solidarity we could use to resist. A strange property of the physical universe that we live in.

The universe believes in encryption.

It is easier to encrypt information than it is to decrypt it.

— Julian Assange, in the introduction of Cypherpunks: Freedom and the Future of the Internet

Encryption is the process of taking a plaintext message and a randomly generated key and doing mathematical operations with the two until all that’s left is a scrambled, ciphertext version of the message. Decryption is taking the ciphertext and the right key and doing more mathematical operations until the plaintext is recovered. This field is called cryptography, or crypto for short. A crypto algorithm, what mathematical operations to do and how to do them, is called a cipher.

To encrypt something you need the right key, and you need the right key to decrypt it too. If the crypto software is implemented properly, if the math is sound, and if the keys are secure, all of the combined computing power on Earth cannot break this encryption.

We build crypto systems that depend on problems in mathematics that we believe to be hard, such as the difficulty in factoring large numbers. Unless there are mathematical breakthroughs that make these problems easier—and the NSA is keeping them secret from the rest of the world—breaking crypto that relies on them for security is unfeasible.

The design of crypto systems and ciphers should be completely public. The only way to ensure that the cipher itself doesn’t have a critical flaw is to publish how it works, to have many eyes scrutinizing it in detail, and to let it weather real-world attacks in the wild to work out the bugs. The inner workings of most crypto that we use on a daily basis, like HTTPS, the technology that makes it possible to safely type credit card numbers and passwords into website forms, is completely public. An attacker that knows every single detail about how the encryption works should still fail to break the encryption without possessing the key. Crypto that is proprietary, and its underlying code secret, cannot be trusted to be secure.

Here’s an important question to ask when assessing if a service or app that uses encryption is secure: Is it possible for the service provider itself to circumvent the encryption? If so, you cannot trust the security of the service. Many services like Skype and Hushmail promise “end-to-end” encryption, but often times it still means that the services themselves have the keys to decrypt the product. True end-to-end encryption means that the service provider cannot look at your communications even if they wanted to.

Another important fact to know about encryption is that it’s about much more than protecting the privacy of communications. It can be used to “digitally sign” messages in a way that proves that the message originated from the person you expected it to. It can be used to build digital currencies like Bitcoin, and it can be used to build anonymity networks like Tor.

Encryption can also be used to prevent people from installing iPhone apps that didn’t come from the App Store, to prevent people from recording movies directly from Netflix, and to prevent people from installing Linux on a Windows 8 tablet. And it can also be used to prevent man-in-the-middle (MITM) attackers from adding malware to otherwise legitimate software updates.

In short, encryption encompasses a whole host of uses, but here we are focused on how we can use it to securely and privately communicate.

Software You Can Trust

When Snowden uses the term “endpoint security” he means the security of the computers on either end of the conversation that are doing the encrypting and the decrypting, as opposed to the security of the message when it’s in transit. If you send an encrypted email to a friend but you have a keylogger on your computer that’s logging the entire message, as well as the passphrase that’s protecting your encryption keys, your encryption isn’t worth very much.

Since Freedom of the Press Foundation board members Glenn Greenwald and Laura Poitras broke the NSA dragnet surveillance stories, a lot more information about US spy agencies has been made public. Specifically, Bloomberg wrote about voluntary information sharing programs between US companies and US spy agencies.

So far the most shocking revelation about these information sharing programs is that Microsoft has a policy of giving information about vulnerabilities in its software to the US government before it releases security updates to the public. The article says:

Microsoft Corp. (MSFT), the world’s largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process. That information can be used to protect government computers and to access the computers of terrorists or military foes.

This means that it’s likely that NSA has been handed the keys to any computer running Windows, Office, Skype, or other Microsoft software. If you’re running this software on your computer, it’s likely that, with enough effort, the NSA could compromise your computer, and thus your encrypted communications, if you became a target.

We’ve also learned from the New York Times that Skype, software that outside the security community has long had a reputation of being a secure way to communicate, has been feeding private conversations to the US government for the last five years.

Skype, the Internet-based calling service, began its own secret program, Project Chess, to explore the legal and technical issues in making Skype calls readily available to intelligence agencies and law enforcement officials, according to people briefed on the program who asked not to be named to avoid trouble with the intelligence agencies.

Project Chess, which has never been previously disclosed, was small, limited to fewer than a dozen people inside Skype, and was developed as the company had sometimes contentious talks with the government over legal issues, said one of the people briefed on the project. The project began about five years ago, before most of the company was sold by its parent, eBay, to outside investors in 2009. Microsoft acquired Skype in an $8.5 billion deal that was completed in October 2011.

A Skype executive denied last year in a blog post that recent changes in the way Skype operated were made at the behest of Microsoft to make snooping easier for law enforcement. It appears, however, that Skype figured out how to cooperate with the intelligence community before Microsoft took over the company, according to documents leaked by Edward J. Snowden, a former contractor for the N.S.A. One of the documents about the Prism program made public by Mr. Snowden says Skype joined Prism on Feb. 6, 2011.

Proprietary software, such as much of what’s released by Microsoft, Apple, and Google, has another flaw. It’s much more difficult for users to independently verify that secret backdoors don’t exist at the clandestine demands of the surveillance state. Though recent reports have shown that many companies hand over an unknown amount of information in response to FISA requests, none have been shown to have direct backdoors into their systems.

There is other software that’s more reliable in this regard. Free and open source software is not always user friendly and it’s not always secure. However when it’s developed in the open, with open bug trackers, open mailing lists, open governing structures, and open source code, it’s much more difficult for these projects to have a policy of betraying their users like Microsoft has.

GNU/Linux is an operating system that’s composed entirely of free and open source software. Examples of GNU/Linux distributions include Ubuntu, Debian, and Fedora Core. It’s the most popular free software alternative to Windows and Mac OS X.

While free software projects still might include malicious code (see the Underhanded C Contest), the person writing the code needs to hide it cleverly and hope none of the other developers, or downstream GNU/Linux package maintainers who prepare and compile the source code of projects to include in their distributions, notice.

In the 1990s, when civilian cryptography was becoming popular and the US government was doing everything they could to prevent it, the “cypherpunk” movement was born. Many pieces of software intended to bring encryption to the people grew out of that movement.

Cypherpunks write code. We know that someone has to write software to defend privacy, and since we can’t get privacy unless we all do, we’re going to write it. We publish our code so that our fellow Cypherpunks may practice and play with it. Our code is free for all to use, worldwide. We don’t much care if you don’t approve of the software we write. We know that software can’t be destroyed and that a widely dispersed system can’t be shut down.

— Eric Hughes, in his 1993 Cypherpunk Manifesto

That code, that’s open and public so that fellow cypherpunks may practice and play with it, which anyone in the world can freely use, makes the basis of the software and protocols that we can trust: TLS (the encryption that powers HTTPS), LUKS (disk encryption built-in to GNU/Linux), OpenPGP, Off-the-Record, and Tor.

The Tactical Technology Collective has built a great guide to open source security software that you can trust to keep your communications private from surveillance. It’s important to remember that just using this software, and even using it perfectly, cannot guarantee the security of your crypto. For example, we have no idea if Apple has handed over zero day vulnerabilities to the NSA for iOS like Microsoft is reported to have done. ChatSecure, which lets you have encrypted chat conversations on iOS devices, is only as secure as the operating system that it’s running on.

It’s important to remember that just because you use free software doesn’t mean you can’t get hacked. People find zero day exploits for free software all the time, and sometimes sell them to governments and other malicious attackers. Free software users still download malicious attachments in their email, and they still often have badly configured and easily exploited services on their computers. And even worse, malware is often very good at hiding. If a free software user gets malware on their computer, it might stay there until the user formats their hard drive.

Tails, which is a live DVD and live USB GNU/Linux distribution that I will discuss in detail below, solves many of these problems.

Anonymize Your Location with Tor

Tor is a software service that allows you to use the Internet while concealing your IP address, which is, in general, a fairly accurate representation of your location. The Tor network is made up of over 3,600 volunteer servers called nodes. When someone uses the Tor network to visit a website their connection gets bounced through three of these nodes (called a circuit) before finally exiting into the normal Internet. Anyone intercepting traffic will think your location is the final node which your traffic exits from.

It’s important to remember that just because your connection to the Internet may be anonymous that doesn’t magically make it secure. EFF has made a great visualization of how Tor and HTTPS can work together to protect your privacy.

Like all good cryptography software, Tor is free software, complete with an open bug tracker, mailing lists, and source code.

Documentation for Tails, the live GNU/Linux distribution that forces all of the user’s network traffic to go through the Tor network, has this to say about global adversaries:

A global passive adversary would be a person or an entity able to monitor at the same time the traffic between all the computers in a network. By studying, for example, the timing and volume patterns of the different communications across the network, it would be statistically possible to identify Tor circuits and thus matching Tor users and destination servers.

We still don’t know whether or not NSA or GCHQ counts as a global adversary, but we do know that they monitor a large portion of the Internet. It’s too early to know for sure how often these intelligence agencies can defeat the anonymity of the Tor network.

Even if they can, using Tor still gives us many advantages. It makes their job much harder, and we leave much less identifying data on the servers we connect to through the Tor network. It makes it much harder to be the victim of a MITM attack at our local network or ISP level. And even if some Tor circuits can be defeated by a global adversary, if enough people are getting their traffic routed through the same Tor nodes at the same time, it might be difficult for the adversary to tell which traffic belongs to which circuits.

The easiest way to start using Tor is to download and install the Tor Browser Bundle.

When Snowden was answering questions on Guardian’s website from a “secure Internet connection”, he was probably routing his traffic through the Tor network. He may have also been using a bridge to connect to the Tor network to make the fact that he was using Tor from his IP address less obvious to eavesdroppers.

Off-the-Record (OTR) Chat

Off-the-Record (OTR) is a layer of encryption that can be added to any existing instant message chat system, provided that you can connect to that chat system using a chat client that supports OTR, such as Pidgin or Adium. With OTR it’s possible to have secure, end-to-end encrypted conversations over services like Google Talk and Facebook chat without Google or Facebook ever having access to the contents of the conversations. Note: this is different than the “off-the-record” option in Google, which is not secure. And remember: while Google and Facebook’s HTTPS connection is very valuable for protection against your message while it’s in transit, they still have the keys to your conversations so they can hand them over to authorities.

OTR is used for two things: encrypting the contents of real-time instant message conversations and verifying the identity of people that you chat with. Identity verification is extremely important and something that many OTR users neglect to do. While OTR is much more user friendly that other forms of public key encryption, if you wish to use it securely you still need to understand how it works and what attacks against it are possible.

Service Providers and Jabber

Using OTR only encrypts the contents of your chat conversations but not the metadata related to them. This metadata includes who you talk to and when and how often you talk to them. For this reason I recommend using a service that isn’t known to collaborate with intelligence agencies. While this won’t necessarily protect your metadata at least you have a chance of keeping it private.

I also recommend you use an XMPP (also known as Jabber) service. Like email, Jabber is a federated, open protocol. Users of riseup.net‘s Jabber service can chat with users of jabber.ccc.de‘s service as well as jabber.org‘s service.

OTR Clients

To use OTR you’ll need to download software. If you use Windows you can download and install Pidgin and separately the OTR plugin. If you use GNU/Linux you can install the pidgin and pidgin-otr packages. You can read through documentation on how to set up your Pidgin accounts with OTR. If you use Mac OS X you can download and install Adium, which is a free software chat client that includes OTR support. You can read the official documentation on how to get set up with OTR encryption with Adium.

There are also Jabber and OTR clients available for Android, called Gibberbot, and for iOS, called ChatSecure.

Your Key

When you start using OTR, your chat client generates an encryption key and stores it in a file in your user’s home folder on your hard drive. If your computer or smartphone get lost, stolen, or infected with malware, it’s possible that your OTR key can get compromised. If this happens, it would be possible for an attacker with control over your Jabber server to be able to mount a MITM attack against you while you’re chatting with people who have previously verified your identity.

Sessions

If you want to use OTR to talk privately with your friends, your friends also need to be using it. An encrypted session between two people requires two encryption keys. For example, if you and your friend are both logged into Facebook chat using Adium or Pidgin and you have both configured OTR, you can chat in private. However if you are logged into IM using Adium or Pidgin but your friend is chatting directly from facebook.com in a web browser, you cannot have an encrypted conversation.

If you wish to use Facebook or Google’s services to chat with your friends, I recommend disabling chat within the web interface of these services and only using Adium and Pidgin to connect, and encouraging all of your friends to do the same thing. Here is instructions on how to do so for Facebook and Google.

When you start an encrypted OTR session, your client software will tell you something like this:

Attempting to start a private conversation with username@jabberservice...
Unverified conversation with username@jabberservice/ChatClient started.

If you have already verified the OTR fingerprint of the person you’re talking with (more on this below) your session will look like this:

Attempting to start a private conversation with username@jabberservice...
Private conversation with username@jabberservice/ChatClient started.

When you start a new OTR session, your OTR software and your friend’s OTR software send a series of messages back and forth to agree upon a new session key. This temporary encryption key, which is only known by your IM clients and is never sent over the Internet, is then used to encrypt and decrypt messages. When the session is finished both clients forget the key. If you start chatting with the same person later, your clients generate a brand new session key.

In this way, even if an eavesdropper is logging all of your encrypted OTR conversations—which NSA believes it is legally allowed to do, even if you’re a US citizen and they don’t have a warrant or probable cause—and later they compromise your OTR key, they cannot use it to go back and decrypt your old conversations.

This property is called forward secrecy, and it is a feature that OTR has which PGP does not. If your PGP secret key (more on this below) gets compromised, and the attacker has access to all the encrypted messages you’ve received, they can go back and decrypt them all.

Read more about how forward secrecy works, and why all major Internet companies should adopt it for their websites, here. The good news is Google has already adopted forward secrecy, and Facebook will implement it soon as well.

OTR Fingerprint Verification

When you start a new OTR session with someone, your IM software receives the fingerprint of her encryption key, and your OTR software remembers this fingerprint. As long as someone uses the same encryption key when she talks to you, presumably because she’s consistently using the same device, she will have the same fingerprint. If her fingerprint changes then either she is using a different OTR key or you are both the target of a MITM attack.

Without verifying keys you have no way to know that you’re not falling victim to an undetected, successful MITM attack.

Even if the person you’re talking to is definitely your real friend because she know things that only she would know, and you’re using OTR encryption, an attacker might still be reading your conversation. This is because you might actually be having an encrypted OTR conversation with the attacker, who is then having a separate encrypted OTR conversation with your real friend and just forwarding messages back and forth. Rather than your friend’s fingerprint your client would be seeing the attacker’s fingerprint. All you, as a user, can see is that the conversation is “Unverified”.

The following screenshots show Pidgin’s visual indications of fingerprint verification. If you have verified OTR fingerprints your conversation is private, and if you haven’t, your conversation is encrypted but you might be under attack. You can’t know for sure without verifying.

If you click the Unverified link (in Adium it’s a lock icon) you can choose “Authenticate buddy”. The OTR protocol supports three types of verification: the socialist millionaire protocol, a shared secret, and manual fingerprint verification. All OTR clients support manual fingerprint verification, but not all clients support other types of verification. When in doubt, choose manual fingerprint verification.

In the screenshot above, you can see the OTR fingerprints for both users in the session. The other person should see the exact same fingerprints. In order to be sure that both parties are seeing the correct fingerprints you both need to meet up in person, or talk on the phone if you can recognize their voice, or find some other out-of-band but secure method to verify fingerprints, such as sending a PGP encrypted and signed email.

OTR fingerprints are 40 hexadecimal characters. It’s statistically impossible to generate two OTR keys that have the same fingerprint, which is called a collision. However it is possible to generate an OTR key that isn’t a collision but looks like one on cursory inspection. For example, the first few characters and last few characters could be the same with different characters in the middle. For this reason, it’s important to compare each of the 40 characters to be sure you have the correct OTR key.

Because you generally set up a new OTR key each time you set up a new device (for example, if you want to use the same Jabber account to chat from your Android phone with Gibberbot as you use on your Windows PC with Pidgin), you often end up with multiple keys, and therefore multiple fingerprints. It’s important to repeat the verification step on each device with each contact you talk to.

It’s still much better practice to use OTR without verifying fingerprints than to not use OTR at all. An attacker that attempts a MITM attack against an OTR session runs the very real risk of getting caught, so likely this attack will only be used cautiously.

Logs

Here is an excerpt from the chat logs, published by Wired, of a conversation between Bradley Manning and Adrian Lamo, who turned him in to authorities:

(1:40:51 PM) bradass87 has not been authenticated yet. You should authenticate this buddy.

(1:40:51 PM) Unverified conversation with bradass87 started.

(1:41:12 PM) bradass87: hi

(1:44:04 PM) bradass87: how are you?

(1:47:01 PM) bradass87: im an army intelligence analyst, deployed to eastern baghdad, pending discharge for “adjustment disorder” in lieu of “gender identity disorder”

(1:56:24 PM) bradass87: im sure you’re pretty busy…

(1:58:31 PM) bradass87: if you had unprecedented access to classified networks 14 hours a day 7 days a week for 8+ months, what would you do?

(1:58:31 PM) info@adrianlamo.com : Tired of being tired

(2:17:29 PM) bradass87: ?

(6:07:29 PM) info@adrianlamo.com: What’s your MOS?

As you can see from “Unverified conversation with bradass87 started,” they were using OTR to encrypt their conversation, yet it still ended up getting published on Wired’s website and used as evidence against Bradley Manning. While it’s possible their conversation was under a MITM attack, it’s very unlikely. Instead both Bradley Manning’s and Adrian Lamo’s OTR clients were logging a copy of their conversation to their hard drives, unencrypted.

While it can sometimes be useful to keep logs of conversations, it also greatly compromises your privacy. If Pidgin and Adium didn’t log OTR conversations by default, it’s likely that these chat logs would never have become part of the public record.

With the release of OTR 4.0 in September 2012, Pidgin stopped logging OTR conversations by default. Adium still logs OTR conversations by default so you must manually turn off logging yourself, which is a bug in Adium. Because Adium is free software with an open bug tracker, you can follow and contribute to the conversations about fixing this bug here and here.

“Pretty Good Privacy” (PGP) Email Encryption

In 1991, Phil Zimmermann developed email encryption software called Pretty Good Privacy, or PGP, which he intended peace activists to use while organizing in the anti-nuclear movement.

Today, PGP is a company that sells a proprietary encryption program by the same name. OpenPGP is the open protocol that defines how PGP encryption works, and GnuPG (GPG for short) is free software, and is 100% compatible with the proprietary version. GPG is much more popular than PGP today because it’s free for everyone to download, and cypherpunks trust it more because it’s open source. The terms PGP and GPG are often used interchangably.

Unfortunately, PGP is notoriously hard to use, as exemplified by Greenwald explaining how he could not initially talk to Edward Snowden because it was so difficult to set up.

Keypairs and Keyrings

As with OTR, each person who wishes to send or receive encrypted email needs to generate their own PGP key, called a keypair. PGP keypairs are split into two parts, the public key and the secret key.

If you have someone’s public key, you can do two things: encrypt messages that can only be decrypted with their secret key, and verify signatures that were generated with their secret key. It’s safe to give your public key to anyone who wants it. The worst anyone can do with it is encrypt messages that only you can decrypt.

With your secret key you can do two things: decrypt messages that were encrypted using your public key, and digitally sign messages. It’s important to keep your secret key secret. An attacker with your secret key can decrypt messages intended only for you, and he can forge messages on your behalf. Secret keys are generally encrypted with a passphrase, so even if your computer gets compromised and your secret key gets stolen, the attacker would need to get your passphrase before he would have access to it. Unlike OTR, PGP does not have forward secrecy. If your PGP secret key is compromised and the attacker has copies of any historical encrypted emails you have received, he can go back and retro-actively decrypt them all.

Since you need other people’s public keys in order to encrypt messages to them, PGP software lets you manage a keyring with your secret key, your public key, and all of the public keys of the people you communicate with.

Using PGP for email encryption can be very inconvenient. For example, if you set up PGP on your computer but have received an encrypted email on your phone, you won’t be able to decrypt it to read the email until you get to your computer.

Like OTR, each PGP key has a unique fingerprint. You can find a copy of my public key here, and my fingerprint is 5C17 6163 61BD 9F92 422A C08B B4D2 5A1E 9999 9697. If you look at my public key you’ll see that it’s quite long and would be hard to read out over the phone. A fingerprint is a short and more convenient way to uniquely represent a key. With my public key you can encrypt messages that only I can decrypt, provided that my secret key has not been compromised.

Passphrases

The security of crypto often relies on the security of a password. Since passwords are very easily guessed by computers, cryptographers prefer the term passphrase to encourage users to make their passwords very long and secure.

Comic courtsey XKCD

For tips on choosing good passphrases, read the passphrase section of EFF’s Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices whitepaper, and also the Diceware Passphrase Home Page.

In addition to protecting PGP secret keys, you also need to choose good passphrases for disk encryption and password vaults.

Software

To install GPG, Windows users can download Gpg4win, and Mac OS X users can download GPGTools. If you run GNU/Linux you should already have GPG installed. GPG is a command line program, but there’s software that interfaces with email clients that makes it much easier to use.

You’ll have to download an email client to use PGP correctly. An email client is a program on your computer that you open to check your email, as opposed to using your web browser. The most popular PGP setup is the email client Thunderbird with the Enigmail add-on. Thunderbird and Enigmail are free software and run on Windows, Mac, and GNU/Linux.

Right now PGP is very difficult to use securely from a web browser. While some browser extensions exist that help with this, I would recommend sticking to a desktop email client until the field of browser crypto matures. It’s possible to use PGP encryption with Gmail, but the easiest way is to set up an email client like Thunderbird and run your Gmail account through it.

Encrypting, Decrypting, and Signatures

You can send encrypted emails and digitally sign them using the graphical user interface provided by Thunderbird and Enigmail. Here’s an example of an encrypted email that I’m sending to myself. When I hit send, my software took the body of the message and encrypted it using my public key, making the content unintelligible to eavesdroppers, and indeed to my email provider too.

When I opened this email I was prompted to type in my encryption passphrase to decrypt it. Since it was encrypted using my public key, the only way I could decrypt it is with my secret key. Since my secret key is protected with a passphrase, I needed to type my passphrase to temporarily decrypt my secret key in order to use it to decrypt the message.

PGP Isn’t Just For Email

While PGP is often used for email encryption, nothing stops you from using it to encrypt anything and publish it using any medium. You can post PGP encrypted messages on blogs, social networks, and forums.

Kevin Poulsen published a PGP encrypted message on Wired’s website intended for Edward Snowden to read. As long as Wired has a copy of Snowden’s real public key, only someone in possession of Snowden’s secret key can decrypt this message. We don’t know how Wired got a copy of Snowden’s public key.

Here’s a message that was encrypted to my public key. Without having access to my associated secret key, NSA should not be able to break the encryption. (NSA, let me know if you get it.)

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.12 (GNU/Linux)

hQIMA86M3VXog5+ZAQ//Wep9ZiiCMSmLk/Pt54d2wQk07fjxI4c1rw+jfkKQAi4n
6HzrX9YIbgTukuv/0Bjl+yp3qcm22n6B/mk+P/3Cbxo+bW3gsq5OLFNenQO3RMNM
i9RC+qJ82sgPXX6i9V/KszNxAyfegbMseoW9FcFwViD14giBQwA7NDw3ICm89PTj
y+YBMA50iRqdErmACz0fHfA/Ed5yu5cOVVa8DD12/upTzx7i0mmkAxwsKiktEaKQ
vg8i1gvzqeymWYnckGony08eCCIZFc78CeuhODy0+MXyrnBRP9p++fcQE7/GspKo
SbxVT3evwT2UkebezQT2+AL57NEnRsJzsgQM4R0sMgvZI7I6kfWKerhFMt3imSt1
QGphXmKZPRvKqib59U57GsZU1/2CMIlYBVMTZIpYKRh6NgE8ityaa4gehJDl16xa
pZ8z3DMNt3CRF8hqWmJNUfDwUvXBEk8d/8Lkh39/IFHbWqNJh6cgq3+CipXH5HjL
iVh7tzGPfB6yn+RETzcZjesZHtz4hFudOxTMV0YnTIv0FGtfxsfEQe7ZVmmfqGNG
glxE0EfbXt0psLXngFMneZYBJqXGFsK3r5bHjRm6wpC9EDAzXp+Tb+jQgs8t5eWV
xiQdBpNZnjnGiIOASOxJrIRuzbTjo389683NfLvPRY8eX1iEw58ebjLvDhvDZ2jS
pwGuWuJ/8QNZou1RfU5QL0M0SEe3ACm4wP5zfUGnW8o1vKY9rK5/9evIiA/DMAJ+
gF20Y6WzGg4llG9qCAnBkc3GgC7K1zkXU5N1VD50Y0qLoNsKy6eengXvmiL5EkFK
RnLtP45kD2rn6iZq3/Pnj1IfPonsdaNttb+2fhpFWa/r1sUyYadWeHs72vH83MgB
I6h3Ae9ilF5tYLs2m6u8rKFM8zZhixSh
=a8FR
-----END PGP MESSAGE-----

Identity Verification

As with OTR, it’s important that you verify the PGP keys of the people you communicate with. In PGP you do this by using your secret key to digitally sign someone else’s public key.

From inside Thunderbird you can click the OpenPGP menu and open Key Management. You can check the “Display All Keys by Default” checkbox to see all of the keys in your keyring. From here you can import keys from files, from your clipboard, or from key servers. You can also generate new keypairs, and view details of all the keys in your keyring.

As with OTR keys, each PGP key has a unique fingerprint. And as with OTR, you need to read out the entire fingerprint to be sure the public key you’re looking at actually belongs to the person you believe it belongs to.

You can right-click on a key in this list and choose View Details to see its fingerprint. Here are the details of the PGP key that the disk encryption software TrueCrypt uses to digitally digitally sign releases of its software.

Also like OTR, you need to meet in person, talk on the phone, or use an already verified OTR session to compare each character of the fingerprint.

After you have verified that the public key you have belongs to the person you think it does, you can click “Select action” and choose “Sign Key”.

In the screenshot above I checked the “Local signatures (cannot be exported)” box. In this way, you can sign PGP keys, which is necessary for Enigmail and other PGP software to display security messages that make sense, but you don’t run the risk of accidentally publishing who you communicate with to a PGP key server.

If you receive an encrypted email from someone you know but the email is not digitally signed, you can’t be completely sure that it was actually written by the person you think. It’s possible it could be someone who spoofed their email address or compromised their email account.

If your friend tells you in this email that she generated a new key, you need to meet up in person or talk to her on the phone and read out your fingerprints before you can be sure that you’re not under attack.

Attacks

If you don’t verify identities you have no way of knowing whether or not you are the victim of a MITM attack.

Washington Post journalist Barton Gellman, who Edward Snowden trusted with information about the NSA’s PRISM program, wrote about his experience using PGP.

On Thursday, before The Post published its first story, I made contact on a new channel. He was not expecting me there and responded in alarm.

“Do I know you?” he wrote.

I sent him a note on another channel to verify my digital “fingerprint,” a precaution we had been using for some time. Tired, I sent the wrong one. “That is not at all the right fingerprint,” he wrote, preparing to sign off. “You’re getting MITM’d.” He was talking about a “man in the middle” attack, a standard NSA technique to bypass encryption. I hastily corrected my error.

Snowden was right to be cautious and to insist that he check Gellman’s new PGP fingerprint. PGP, if used right, provides the tools necessary to prevent MITM attacks. But these tools only work if the users are vigilant about identity verification.

Tails: The Amnesic Incognito Live System

Using “properly implemented strong crypto systems” has a huge learning curve and requires dedicated users who are willing to put in extra work to take control of their own privacy, which is the main reason why OTR and PGP are not currently in widespread use. But even when you use these tools, how can you ensure “endpoint security” when you can’t necessarily trust your operating system or other software that you depend on every day?

The solution is to use an entirely different operating system comprised completely of “software you can trust” when you have a serious need for real privacy. Tails helps solve this problem.

Tails is a live system that aims at preserving your privacy and anonymity. It helps you to use the Internet anonymously almost anywhere you go and on any computer but leave no trace using unless you ask it explicitly.

It is a complete operating-system designed to be used from a DVD or a USB stick independently of the computer’s original operating system. It is Free Software and based on Debian GNU/Linux.

Tails comes with several built-in applications pre-configured with security in mind: web browser, instant messaging client, email client, office suite, image and sound editor, etc.

Tails is not for everyone. It’s still difficult to use compared to normal operating systems, it’s slow, it doesn’t have all the software you may want. But Tails has all of these properties because it’s specifically designed to make it harder for users to mess up their endpoint security. If you’re in a position where you think that NSA, or any other potential attacker, may want to target you and your colleagues (the journalist/whistleblower relationship comes to mind) it’s one of the best tools available.

Because Tails is not practical for daily computer use, it’s a good idea to get into the habit of using OTR and PGP in your normal operating system as well. Tails won’t help blunt the effects of dragnet surveillance by itself, but encrypting as much as we can on a daily basis will.

Every time you boot Tails you start from a clean slate. Anything you did in your previous session on Tails gets erased and the system is reverted back to the default state. This means that even if you get infected with malware while using Tails, the next time you boot into it the malware will be gone.

You can get started using Tails by downloading the DVD image and burning it to a DVD. You then need to boot to this DVD. This step is different depending on what model computer you have, but it often involves entering your BIOS and changing your boot order so your computer tries booting from DVD before it tries your hard drive. On newer PCs you might need to disable UEFI “secure boot” in the BIOS as well, which is the crypto that’s used to make sure your computer will only boot to digitally signed versions of Windows (which, in affect, makes it harder for people to boot into non-Windows operating systems). The Tails website has more information on booting Tools from a DVD or USB stick.

After booting to the DVD you have the option to install Tails on a USB stick, which is especially useful because it allows you to configure a persistent volume, an encrypted section of your USB stick to store your data. Despite starting from a clean slate each time you boot up, it’s important for you to be able to have access to your OTR and PGP keys, your Claws Mail (more below) and Pidgin settings, and any documents you’re working with. Your persistent volume allows you to do this.

PGP and Email in Tails

I discussed using Thunderbird with the Enigmail add-on to access your email and use PGP, however this software doesn’t come with Tails. Tails comes with Claws Mail which includes a PGP plugin.

Instead of using Enigmail’s PGP key management graphical user interface to import, export, generate, view details about, and sign keys, you can click on the clipboard icon in the top right of the screen and choose Manage Keys to open Seahorse, which provides these same features.

Workflow

To get started having private communications with your friends and colleagues with very high endpoint security, here are the steps you need to take.

  • Meet up with your friends face-to-face. Each person should bring their own laptop and USB stick.
  • Download and burn a Tails DVD. Boot to Tails and create Tails USB sticks for each person.
  • When everyone has a Tails USB stick, each person should boot to Tails on her own laptop and configure a persistence volume on her USB stick. Since this volume is encrypted, each person should come up with her own secure passphrase that she will need to enter each time she boots to Tails. Everyone should reboot their laptops into Tails again and this time mount the persistent volume.
  • Each person should create a new pseudonymous Jabber account. One way to do this is to go to https://register.jabber.org/ in Iceweasel. Since Tails makes all Internet traffic go over Tor, this is effectively making an anonymous Jabber account.
  • Each person should open Pidgin and configure it to use their new Jabber account and create a new OTR key. Everyone should add each other to their buddy lists and start OTR sessions with eachother. Since everyone is in the same room, this is the perfect time to compare fingerprints and verify the identity of all parties so that you’ll able to communicate securely over the Internet in the future.
  • Each person should create a new pseudonymous email address as well. Some email providers, such as Gmail, make it very difficult to create new accounts while using Tor and staying anonymous, so find another email provider to use instead. Make sure your email provider supports IMAP (so you can use a desktop email client) over SSL (so your email client uses encryption when communicating with the email srever). If everyone chooses the same email provider, sending emails between accounts should never leave that email server, which reduces the metadata about your email usage available to anyone conducting dragnet surveillance of the Internet.
  • Each person should generate a new PGP key for their email address. Like with disk encryption, it’s important to choose a strong passphrase when generating a PGP key.
  • The PGP-enabled email client that comes with Tails is called Claws Mail. Each person should configure Claws Mail to use their new email address, and then email a copy of their public key to all other people in the room.
  • Each person should import everyone else’s public key into their keyring, and should manually verify the PGP fingerprints. Don’t skip this step. In the end, each person should have a keyring containing signed keys of each other person.

If a malicious attacker physically steals your Tails USB stick, modifies it, and gives it back, he can compromise all of the security of Tails. For this reason, it’s important to keep your USB stick with you at all times.

Had CIA Director and retired four-star general David Petraeus and his biographer Paula Broadwell decided to use Tails, Tor, OTR, and PGP, their extramarital affair likely would have remained secret.

A Fighting Chance

Protecting your privacy in the age of ubiquitous NSA surveillance is incredibly complex. Gaining a basic understanding of the concepts involved, much less actually using the software that’s available, has an enormous learning curve.

But even with direct access to all the data traveling at the speed of light through the Internet’s backbone fiber-optic cables, even with cooperation of the major United States tech companies (which are extremely difficult for people to boycott), the largest, most powerful, and best funded surveillance apparatus that humanity has ever seen cannot defeat mathematics.

The challenge of the new cypherpunk movement is to make secure and verified end-to-end encryption accessible to everyone, and turned on by default.


Author: Micah Lee

A publication of the Freedom of the Press Foundation, 2013

Copyright: Encryption Works: How to Protect Your Privacy in the Age of NSA Surveillance is licensed under a Creative Commons Attribution 3.0 Unported License.

Creative Commons License

Download: PDF, LibreOffice ODT

*************************************************************************************************

Enhanced by Zemanta

Published on Aug 2, 2013

(Truthstream Media.com) In the background, a secret war is underway, apparently purging a circle of hackers, whistleblowers and investigative reporters connected to investigating NSA surveillance programs.

On the heels of ‘an easy hearing’ in Congressional testimony to explain away NSA surveillance activities in the wake of Edward Snowden’s PRISM leaks, Gen. Keith Alexander, head of both the NSA and US CYBERCOM, attended the Black Hat hacker conference where he was heckled by privacy advocates in the crowd who stated their distrust for the secretive spy chief.

At the same time, infamous hacker Barnaby Jack, turned up dead just days before he was scheduled to speak at the Black Hat confab alongside Gen. Alexander. Did Jack’s knowledge about how to hack medical devices, ATM cash machines and modern cars play into the reasons for his death, or the rumors that a car hack was behind investigative journalist Michael Hasting’s death. It is apparent that there may be a connection, given the trail of dead, incarcerated and otherwise targeted journalists and whistleblowers including but not limited to Bradley Manning, Julian Assange, Barrett Brown, Michael Hastings, Glenn Greenwald and beyond.

As we have previously reported, also significantly in play is Gen. Keith Alexander’s connection to the secretive and elite Bilderberg conference, which he began attending in 2008 while the Bilderberg group began pursuing discussion on “cyber security,” “cyber terrorism,” and various components of the digital and big data agenda.

Enhanced by Zemanta
Fifteen hours after acknowledging that an innuendo-filled article is factually false, the Post still has not corrected it
The Washington Post

The Washington Post. Photograph: Alamy

(updated below)

On Monday night – roughly 36 hours ago from this moment – the Washington Post published an article by its long-time reporter Walter Pincus. The article concocted a frenzied and inane conspiracy theory: that it was WikiLeaks and Julian Assange, working in secret with myself and Laura Poitras, who masterminded the Snowden leaks ahead of time and directed Snowden’s behavior, and then Assange, rather than have WikiLeaks publish the documents itself, generously directed them to the Guardian.

To peddle this tale, Pincus, in lieu of any evidence, spouted all sorts of accusatory innuendo masquerading as questions (“Did Edward Snowden decide on his own to seek out journalists and then a job at Booz Allen Hamilton’s Hawaii facility?” – “Did Assange and WikiLeaks personnel help or direct Snowden to those journalists?” – “Was he encouraged or directed by WikiLeaks personnel or others to take the job as part of a broader plan to expose NSA operations to selected journalists?”) and invoked classic guilt-by association techniques (“Poitras and Greenwald are well-known free-speech activists, with many prior connections, including as founding members in December of the nonprofit Freedom of the Press Foundation” – “Poitras and Greenwald have had close connections with Assange and WikiLeaks”).

Apparently, the Washington Post has decided to weigh in on the ongoing debate over “what is journalism?” with this answer: you fill up articles on topics you don’t know the first thing about with nothing but idle speculation, rank innuendo, and evidence-free accusations, all under the guise of “just asking questions”. You then strongly imply that other journalists who have actually broken a big story are involved in a rampant criminal conspiracy without bothering even to ask them about it first, all while hiding from your readers the fact that they have repeatedly and in great detail addressed the very “questions” you’re posing.

But shoddy journalism from the Washington Post is far too common to be worth noting. What was far worse was that Pincus’ wild conspiracy theorizing was accomplished only by asserting blatant, easily demonstrated falsehoods.

As I documented in an email I sent to Pincus early yesterday morning – one that I instantly posted online and then publicized on Twitter – the article contains three glaring factual errors: 1) Pincus stated that I wrote an article about Poitras “for the WikiLeaks Press’s blog” (I never wrote anything for that blog in my life; the article he referenced was written for Salon); 2) Pincus claimed Assange “previewed” my first NSA scoop in a Democracy Now interview a week earlier by referencing the bulk collection of telephone calls (Assange was expressly talking about a widely reported Bush program from 8 years earlier, not the FISA court order under Obama I reported); 3) Pincus strongly implied that Snowden had worked for the NSA for less than 3 months by the time he showed up in Hong Kong with thousands of documents when, in fact, he had worked at the NSA continuously for 4 years. See the email I sent Pincus for the conclusive evidence of those factual falsehoods and the other distortions peddled by the Post.

There is zero possibility that the Washington Post was unaware of my email to Pincus early yesterday. Not only was it re-tweeted and discussed by numerous prominent journalists on Twitter, but it was also quickly written about in venues such as Politico and Poynter.

Nonetheless, the Post allowed the falsehoods to stand uncorrected all day. Finally, at 3:11 pm ET yesterday afternoon – 15 hours ago as of this moment, and more than 8 hours after I first publicized his errors – Pincus emailed me back to acknowledge that his claim about my having written for the WikiLeaks blog was false, and vowed that a correction would be published (he did not address the other errors):

 

Read More  Here

Enhanced by Zemanta

Ecuadorean minister threatens to reveal perpetrators after device discovered during meeting over Assange

Ecuador embassy, London

Ricardo Patiño, Ecuador’s foreign minister, says the device was discovered a fortnight ago when he was in the UK to discuss Julian Assange. Photograph: Beretta/Sims/Rex Features

The international wrangle over the future of Edward Snowden took a further twist when Ecuador declared it had found a listening device in its London embassy and threatened to reveal who had planted it.

In another day of drama and diplomatic indignation, Ricardo Patiño, Ecuador’s foreign minister, said the device had been discovered a fortnight ago when he had been in the UK to discuss another fugitive, the WikiLeaks founder Julian Assange.

Patiño said the hidden microphone had been found in the office of Ecuador’s ambassador, Ana Alban, and he condemned the development as a “loss of international ethics”.

If the claim proves true, the spotlight is likely to fall on Britain’s intelligence agencies. MI5 would normally be tasked with concealing listening devices in buildings such as embassies in the UK, though MI6 could also seek authorisation.

This could not be done without ministers knowing. Theresa May, the home secretary, is responsible for the conduct of MI5 and deals with its most sensitive applications.

If the agency had planted the bug, her authority would have been needed. Such warrants have to be renewed at regular intervals as part of Britain’s legal framework for spying activity.

Whitehall sources refused to be drawn on the bugging issue, saying they could “neither confirm nor deny” whether UK intelligence agencies had been involved.

Patiño’s intervention came as leaders across Latin America condemned the treatment of the Bolivian president, Evo Morales, whose plane was forced to land in Austria amid suspicions that it might be carrying Snowden, the US intelligence analyst. Morales was on his way back home after a trip toMoscow, where Snowden has been stranded since he left Hong Kong more than a week ago.

Bolivia accused Austria of “kidnapping” the president, who was kept in Vienna for 14 hours while his plane was searched.

France, Portugal and Spain were all said to have refused permission for the president’s plane to enter their airspace, raising suspicions about the pressure being exerted by the US.

 

Read More Here

Enhanced by Zemanta

Edward Snowden given possible lifeline as Bolivia hints it would grant asylum

Evo Morales says his country is keen to ‘shield the denounced’ as Snowden’s father Lon compares son to Paul Revere

Putin and Morales met on Tuesday.

Vladimir Putin and Evo Morales met on Tuesday. Photograph: Maxim Shemetov/Reuters

Bolivia threw a possible lifeline to the surveillance whistleblower Edward Snowden on Tuesday, telling Russian television it would consider granting him political asylum to escape from what it called the espionage network of the US “empire”.

As other options began to fade for Snowden, trapped in the transit zone of a Moscow airport, Bolivian president Evo Morales said his country was keen to “shield the denounced”.

Snowden’s father, meanwhile, stepped up the rhetoric in favour of his son’s actions on Tuesday, publishing an open letter that compared him to colonial independence fighter Paul Revere.

The letter was signed by Lon Snowden and his lawyer, Bruce Fein, who also reported receiving a phone call from WikiLeaks founder Julian Assange. Fein told the Associated Press that Assange, in the phone call on Saturday, delivered what he said was a message from Snowden to his father, asking him to keep quiet.

Speaking in Moscow, Morales said Bolivia had not received a formal application for asylum from Snowden yet, but hinted it would consider any request favourably.

“If there were a request, of course we would be willing to debate and consider the idea,” Morales told RT Actualidad, the Spanish-language service of Russian broadcaster RT.

“I know that the empires have an espionage network and are against the so-called developing countries. And in particular, against those which are rich in natural resources,” he added.

His comments were echoed by favourable noises from the Venezuelan government, another possible exit route for the former NSA contractor. President Nicolas Maduro said Caracas was also ready to consider Snowden’s asylum should he ask for it.

Maduro said Snowden should be given a “humanitarian medal” for revealing details of NSA surveillance programmes on US and foreign citizens. “He did not kill anyone and did not plant a bomb,” Maduro told Russia‘s Interfax news agency. “What he did was tell a great truth in an effort to prevent wars. He deserves protection under international and humanitarian law.”

Read More Here

***********************************************************************************************

Edward Snowden asylum: Bolivian president’s plane diverted – live

France and Portugal refused to let Evo Morales’s plane cross their airspace because of suspicions that NSA leaker Edward Snowden was on board, Bolivia’s foreign minister says

Bolivian Minister of Foreign Affairs, David Choquehuanca, speaks during a press conference in La Paz, Bolivia,
The Bolivian minister of foreign affairs, David Choquehuanca, speaks during a press conference in La Paz, Bolivia, Photograph: MARTIN ALIPAZ/EPA

1.39am BST

My colleague Helen Davidson has just been on the phone with general aviation staff at Vienna international airport.

Staff confirmed that the plane carrying Morales has landed there, and has not left. They said they were unable to say how many passengers were on board as they were not given a passenger list.

1.27am BST

My colleague in Washington Dan Roberts has just filed this report, which summarises the events so far.

He has also just spoken to White House officials, asking for their response to claims made by the Bolivian defence minister that Portugal’s decision to refuse Morales’ plane access to their airspace was influenced by the US.

White House officials say that these are questions for the Austrian and Portugese authorities to answer.

Updated at 1.30am BST

1.17am BST

Putin and Morales met on Tuesday.
The Bolivian president, Evo Morales, right, met the Russian president Vladimir Putin earlier on Tuesday. Photograph: Maxim Shemetov/Reuters

1.15am BST

Background

President Morales was returning to Bolivia from Russia where he had met with president Vladimir Putin at a summit of major gas exporters in the Kremlin.

Speaking to RT Actualidad, the Spanish-language service of the Russian broadcaster Russia Today, Morales said Bolivia had not received an asylum request from Edward Snowden, but hinted any request would be looked at favourably.

He said:

If there were a request, of course we would be willing to debate and consider the idea.

I know that the empires have an espionage network and are against the so-called developing countries. And in particular, against those which are rich in natural resources.

Updated at 1.15am BST

1.05am BST

Associated Press has published extracts from a statement issued by the Bolivian defence minister, Ruben Saavedra, who was also on the redirected plane.

It says the plane was allowed to land in Spain for refueling before flying on to Austria.

It describes the rerouting as a “hostile act” by the US goverment:

This is a hostile act by the United States State Department which has used various European governments

Updated at 1.08am BST

Read More Here

***********************************************************************************************

Bolivian presidential plane forced to land in Austria over suspicions Snowden on board

Published time: July 02, 2013 22:39
Edited time: July 03, 2013 00:31

AFP Photo / Kirill Kudryavtsev

AFP Photo / Kirill Kudryavtsev

After departing from Russia the plane of Bolivian President Evo Morales was forced to landing in Austria Wednesday morning over suspicions that NSA whistleblower Edward Snowden was on board, a claim Bolivian authorities denied.

Snowden had requested asylum from Bolivia, which has yet to answer; he also petitioned Austria but was rejected. Reports indicated the plane was hindered in navigating Western Europe as France and Portugal would not allow the La Paz-bound plane to enter their airspace.

David Choquehuanca, the Bolivian Foregin Minister, refuted the idea Snowden was on the plane, saying “we don’t know who invited this lie, but we want to denounce to the international community this injustice with the plane of President Evo Morales.”

Bolivian president Evo Morales (RT photo / Semyon Khorunzhy)

Bolivian president Evo Morales (RT photo / Semyon Khorunzhy)

This is a lie, a falsehood. It was generated by the US government,” Bolivian Defense Minister Ruben Saavedra told CNN. “It t is an outrage. It is an abuse. It is a violation of the conventions and agreements of international air transportation.”

Read More Here

***********************************************************************************************

Edward Snowden asylum: countries approached and their responses

The NSA whistleblower has made 21 applications for asylum worldwide as he flees the US – with little success

File photo of NSA whistleblower Edward Snowden during interview with The Guardian in Hong Kong

Edward Snowden has made 21 applications for asylum. Photograph: The Guardian/Reuters

According to a statement from WikiLeaks, the US whistleblower Edward Snowden has applied for asylum in a total of 21 countries. Snowden, who has been charged under espionage laws in the US after leaking top-secret documents on US surveillance programmes, has been trapped in Moscow’s Sheremetyevo airport since 23 June after flying in from Hong Kong. He has yet to receive a positive response to his applications for asylum. Some countries have yet to respond but a number have already rejected his request.

Austria

No. The interior minister, Johanna Mikl-Leitner, said Snowden would have to submit his request for asylum while on Austrian soil. But she added that he would not be deported if he arrived in Austria because “there is no international arrest warrant”.

Bolivia

Possible. President Evo Morales said no application has been received, but if it were it would be considered. “If there were a request, of course we would be willing to debate and consider the idea,” Morales told Spanish language RT Actualidad.

Brazil

No. A foreign ministry spokesman said Brazil would not grant asylum, adding that it would leave the request unanswered.

China

No response.

Cuba

No response.

Ecuador

No. The president, Rafael Correa, said he was not considering Snowden’s asylum request. In an interview with the Guardian, Correa said Snowden would have to reach Ecuadorean territory before the country would consider any asylum request. The US has cancelled Snowden’s passport, and Correa said his government would not give Snowden an authorised travel document to extract himself from Moscow airport. “The right of asylum request is one thing, but helping someone travel from one country to another – Ecuador has never done this.”

Finland

No. The Finnish foreign ministry spokeswoman Tytti Pylkkö said Finnish law required Snowden to be in the country for him to apply.

France

No response. The president, François Hollande, has called for a common EU stance on the NSA snooping.

Read More Here

***********************************************************************************************

Enhanced by Zemanta
Sun Jun 30, 2013 6:24AM


Ecuadorian President Rafael Correa says Russia will make the decision about the destination of American intelligence whistleblower who has holed up in an airport in Moscow.

 

“At this moment, the solution of Snowden’s destination is in the hands of Russian authorities,” Correa said in an interview with the private Oromar channel late Saturday.

 

Snowden arrived in Moscow’s international airport from Hong Kong last Sunday. The U.S. has revoked his passport to prevent him from travelling. However, he has applied for asylum in Ecuador.

 

According to the law in Ecuador, asylum requests can be processed only when the applicant is in Ecuadorian territories.

 

Snowden, a former analyst at the National Security Agency, has revealed top secret intelligence documents about the U.S. surveillance programs in the country and abroad. He faces charges of espionage and theft of government property.

 

Correa said Snowden has requested asylum in Ecuador on the advice of WikiLeaks founder Julian Assange who released hundreds of thousands of U.S. classified documents three years ago. Also wanted by the U.S., Assange has taken refuge at the Ecuadorian embassy in London since last year.

 

Correa spoke with U.S. Vice President Joe Biden early Saturday. In his weekly address, the Ecuadorian leader said Biden had asked him to “please reject” Snowden’s asylum request. He said he would consult the U.S. on making any decision about the application but added Quito would have the final say regarding the issue.

 

MA/HJ

***************************************************************************************************

Corporate Control and Double Standards

Rafael Correa, the Press, and Whistleblowers

by ADAM CHIMIENTI

Once again, we are witnessing a growing frustration with “tiny” Ecuador. The United States government is clearly not happy with what would be the latest diplomatic slap in the face coming from the South American country, i.e. the pending arrival of NSA whistleblower Edward Snowden in the coming days. Beyond the United States’ government though, the US press corps are also seemingly up in arms. Why are they so angry? Well, it appears that they are indignant over the perceived hypocrisy of President Rafael Correa.

Claims of Hypocrisy

According to an article from The Atlantic (and another similar one from NPR here), the Ecuadorian leader “has created a safe space for foreigners like Assange — and now possibly Snowden –[but] he doesn’t do the same for dissenters within his own country.” News agencies like NBC News and The Atlantic think this is “interesting” and want to know ‘Why Ecuador?’ Such inquiries naturally turn to the NGOs, who are also less than pleased with this unruly little country. Freedom House, the Committee to Protect Journalists and others are upset that this very week, the one-year anniversary of Assange being holed up in the Ecuadorian Embassy in London (and the same week that the Snowden asylum request is being reviewed), the Ecuadorian National Assembly has passed a Communications Bill that detractors claim is a major blow to a free press.

For several of the opposition figures and US-based observers, Ecuador’s new media legislation has sealed the deal on the stasi-like state that they imply or openly charge Correa has been dreaming about for years. In other words, transparency advocates like Assange and Snowden are compromising their credibility by associating with the Correa government. Ileana Ros-Lehtinen, the right-wing terrorist supporter/US Congresswoman representing Miami, has been busy tweeting as much. The Ecuadorian government, however, asserts that the bill is meant to place more media power in the hands of public groups and move away from privately owned media monopolies.

Meanwhile, the Council of Hemispheric Relations, Center for Strategic and International Studies, and the Heritage Foundation all say that Ecuador must be punished for this latest insult to the US government. James Roberts of Heritagelashed out at the South American leader on June 24, writing in the National Review Online:

“Rafael Correa has demonstrated a blatant disregard for international standards of justice. That kind of conduct may not be surprising from a man who seeks to don the mantle of Chávez, but it should not be rewarded with trade preferences.”

It doesn’t take much imagination to understand how a figure like Correa would have been dealt with a few decades back, but it appears that the more heavy-handed approach is not really possible at the moment, much to the dismay of the powerful and connected.

Returning to the issue of freedom, has the defiant president of Ecuador used the National Assembly to pass a law that NPR, The Atlantic and others tell us will be used to make the country less transparent and more hostile to journalists who only wish to be free to monitor the government and act as a check on state power? Well, let’s hold off on the most absurd elements of irony here for a moment and address the issue at hand.

About a Coup

It should certainly not be regarded as a good thing if the case was simply a cut-and-dry example of authoritarian overreach. Freedom of the press, as we are learning with the Snowden case, has seemingly never before been so important, or so contentious for that matter. However, the Ecuadorian issue is not so simple and it was certainly complicated after a day of crisis nearly three years earlier when factions of the National Police and armed forces attacked the president of Ecuador on September 30, 2010. The event was widely regarded as a coup attempt. What exactly went down is still somewhat unclear. There was a dramatic showdown between Correa himself and police officers that were angered by a supposed attempt to cut their pay. What is for certain, though, is that it was a countrywide, well-coordinated attempt to shut down the National Assembly, the two major airports in Guayaquil and Quito and eventually a hospital where the president was being treated for wounds. Furthermore, the plotters were also attacking journalists throughout the country, and most of these were pro-government reporters working for public media outlets.

The opposition press has taken an active role in attempts to discredit Correa since he first ran for president. He has elaborated on his views of the press and they are certainly not very congenial. In 2012, during a public TV interview in Spain, Correa said, “one of the main problems around the world is that there are private networks in the communication business, for-profit businesses providing public information, which is very important for society. It is a fundamental contradiction.”

One of the issues that NGOs and journalists have cited in their litany of complaints about Ecuador’s endangered freedom of the press actually stems from the 2010 police and military uprising. During the chaos that ensued during the alleged coup attempt, one reporter from the paper of record in Guayaquil took the opportunity to claim that Correa had ordered police to fire on a crowd of innocent onlookers caught up in the melee, presumably aiming to provoke anti-government sentiments. The claim turned out to be completely unsubstantiated. The government fined the journalist and his paper El Universo some $40 million for defamation but later withdrew the charges. Consider what might have happened in the US if the Los Angeles Times or Washington Post would have falsely claimed that Barack Obama had personally ordered military or police forces to fire on a crowd of protesters and innocent people were injured as a result somewhere in Washington, D.C It would be difficult to imagine a reporter and his editors ever committing such a stupid move, but if they had, there would have been some serious consequences. Alas, this is not really too shocking in the context of a sensationalist Latin American press.

***************************************************************************************************

Ecuador offers U.S. rights aid, waives trade benefits


Ecuador's Foreign Minister Ricardo Patino (center L) talks to reporters before a function at a hotel in Singapore June 27, 2013. REUTERS/Edgar Su

QUITO | Thu Jun 27, 2013 10:06am EDT

(Reuters) – Ecuador’s leftist government thumbed its nose at Washington on Thursday by renouncing U.S. trade benefits and offering to pay for human rights training in America in response to pressure over asylum for former intelligence contractor Edward Snowden.

The angry response threatens a showdown between the two nations over Snowden, and may burnish President Rafael Correa’s credentials to be the continent’s principal challenger of U.S. power after the death of Venezuelan socialist leader Hugo Chavez.

“Ecuador will not accept pressures or threats from anyone, and it does not traffic in its values or allow them to be subjugated to mercantile interests,” government spokesman Fernando Alvarado said at a news conference.

In a cheeky jab at the U.S. spying program that Snowden unveiled through leaks to the media, the South American nation offered $23 million per year to finance human rights training.

The funding would be destined to help “avoid violations of privacy, torture and other actions that are denigrating to humanity,” Alvarado said. He said the amount was the equivalent of what Ecuador gained each year from the trade benefits.

“Ecuador gives up, unilaterally and irrevocably, the said customs benefits,” he said.

An influential U.S. senator on Wednesday said he would seek to end those benefits if Ecuador gave Snowden asylum.

Snowden, 30, is believed to be at Moscow’s international airport and seeking safe passage to Ecuador.

 

Read More  Here

 

***************************************************************************************************

Ecuador tells U.S. to send its position on Snowden in writing


People spend time in a waiting room at the transit area of Moscow's Sheremetyevo airport June 26, 2013. REUTERS-Sergei Karpukhin

WASHINGTON | Wed Jun 26, 2013 11:29am EDT

(Reuters) – Ecuador said on Wednesday the United States must “submit its position” regarding Edward Snowden to the Ecuadorean government in writing as it considers the former U.S. spy agency contractor’s request for asylum.

Ecuador, in a statement from its embassy in Washington, said it would review the request “responsibly.”

“The legal basis for each individual case must be rigorously established, in accordance with our national Constitution and the applicable national and international legal framework. This legal process takes human rights obligations into consideration as well,” the statement said.

“This current situation is not being provoked by Ecuador,” the embassy said.

Snowden, 30, a former employee of the U.S. contractor Booz Allen Hamilton, appears to be still in hiding at a Moscow airport awaiting a ruling on his asylum request from the tiny South American nation’s leftist government.

 

Read More Here

***************************************************************************************************

Putin rules out handing Snowden over to United States


Edward Snowden, a former contractor at the National Security Agency (NSA), is seen during a news broadcast on television at a restaurant in Hong Kong June 26, 2013. REUTERS-Tyrone Siu

MOSCOW | Wed Jun 26, 2013 6:10am EDT

(Reuters) – A former U.S. spy agency contractor sought by Washington on espionage charges appeared on Wednesday to be still in hiding at Moscow’s Sheremetyevo airport and the national airline said he was not booked on any of its flights over the next three days.

Edward Snowden fled to Hong Kong after leaking details of secret U.S. government surveillance programs, then flew on to Moscow on Sunday, evading a U.S. extradition request. President Vladimir Putin said on Tuesday he was in the transit area of the airport and he had no intention of handing him to Washington.

“They are not flying today and not over the next three days,” an Aeroflot representative at the transfer desk at Sheremetyevo said when asked whether Snowden and his legal adviser, Sarah Harrison, were due to fly out on Wednesday.

 

Read More  Here

***************************************************************************************************

Ecuador denounces US ‘double standards’

Sun Jun 30, 2013 2:1AM

Ecuador’s president Rafael Correa

 

Ecuador’s President Rafael Correa has denounced U.S. “double standards” over granting asylum to fugitives.

 

Correa said Saturday that U.S. Vice President Joe Biden had asked him in a telephone call not to grant asylum to Edward Snowden, the fugitive former CIA contractor wanted in the U.S.

 

In a weekly television address, Correa rebuked the Obama administration for hypocrisy, pointing to the case of brothers Roberto and William Isaias, both of them bankers, whom Ecuador is seeking to extradite from the U.S.

 

“Let’s be consistent,” Correa said. “Have rules for everyone, because that is a clear double-standard here.”

 

Earlier this month, Snowden revealed massive U.S. surveillance programs sparking a scandal in America. Washington is now seeking the extradition of the leaker, charged with espionage and theft of government property in his home country.

 

Snowden is currently in the transit zone of a Moscow airport. Reports say he could consider seeking asylum from Ecuador, where he was planning to travel to after leaving Russia.

 

“The moment that he arrives, if he arrives, the first thing is we’ll ask the opinion of the United States, as we did in the Assange case with England,” Correa said in his television address. “But the decision is ours to make.”

 

Julian Assange, founder of the whistleblower website WikiLeaks, has been given asylum in Ecuador’s embassy in London. Wikileaks revealed classified documents it received from former U.S. Army soldier Bradley Manning, who was arrested in May 2010 in Iraq.

 

Secret documents provided by Snowden show the United States has spied on various European Union institutions and offices as well.

 

German news magazine Der Spiegel reported on Saturday that the U.S. National Security Agency (NSA), bugged offices and spied on EU internal computer networks in Washington, New York and Brussels.

 

AHT/ARA

 

***************************************************************************************************

 

Enhanced by Zemanta

US charges NSA leaker Snowden with espionage

The Guardian via Getty Images

Edward Snowden speaks during an interview in Hong Kong.

Federal prosecutors Friday filed espionage charges against alleged National Security Agency leaker Edward Snowden, officials familiar with the process said. Authorities have also begun the process of getting Snowden back to the United States to stand trial.

The officials did not describe the charges in detail because they’ve been filed under seal in federal court in Alexandria, Va. The documents are not publicly available.

According to officials, charges accuse Snowden of violating federal espionage laws by sharing classified documents with people who were not cleared to receive them.

Snowden, who is a former employee of defense contractor Booz Allen Hamilton, leaked details about far-reaching Internet and phone surveillance programs to The Guardian and The Washington Post earlier this month. He revealed his identity while in Hong Kong, where it is believed he is still hiding.

Read More Here

*****************************************************************************

NBC  NEWS

Julian Assange says WikiLeaks helping Snowden gain asylum

Anthony Devlin / Pool / Reuters

Wikileaks founder Julian Assange speaks to the media inside the Ecuadorean Embassy in London on June 14, 2013.

WikiLeaks founder Julian Assange on Wednesday said members of his anti-secrecy website have been in contact with lawyers of alleged National Security Agency leaker Edward Snowden and are helping him seek asylum in Iceland.

Speaking to reporters during a conference call on the one-year anniversary of his own asylum in the Ecuadoran Embassy in London, Assange said his group has a “common cause” with Snowden, but would not comment on whether he personally has spoken with supposed whistle-blower.

Assange did say, “We are in touch with Mr. Snowden’s legal team and have been, are involved, in the process of brokering his asylum in Iceland.”

Snowden leaked details about far-reaching Internet and phone surveillance programs to The Guardian and The Washington Post earlier this month. He revealed his identity while in Hong Kong, where it is believed he is still hiding.

Read More Here

******************************************************************************

WikiLeaks may publish more revelations promised by Snowden – Assange

Published time: June 20, 2013 14:03
Edited time: June 20, 2013 15:04

Edward Snowden and Julian Assange (AFP Photo)Edward Snowden and Julian Assange (AFP Photo)

WikiLeaks may publish further revelations promised by NSA leaker Edward Snowden, Julian Assange hinted during a conference call with journalists. He reiterated that his legal team is helping Snowden in his quest for asylum in Iceland.

“I feel a great deal of personal sympathy with Mr. Snowden,” the WikiLeaks founder said, adding that he had been in touch with Snowden’s lawyers.

“We are in touch with Mr. Snowden’s legal team and have been, are involved, in the process of brokering his asylum in Iceland,” he said in a conference call from the Ecuadorian Embassy, where he himself has been fighting his extradition to Sweden for nearly a year.

When asked if he had spoken directly with Snowden, the former CIA contractor who fled to Hong Kong before disclosing the NSA’s PRISM surveillance program, Assange declined to offer further details.

Read More  Here

****************************************************************************

Washington releases Snowden espionage indictment

Published time: June 21, 2013 22:20
Edited time: June 22, 2013 00:06

US federal prosecutors have charged whistleblower Edward Snowden with espionage, theft and conversion of government property in a criminal complaint, and asked Hong Kong to detain him ahead of a move to extradite him.

Though the criminal complaint is sealed, charges of espionage and theft are undoubtedly based on Snowden’s extraction of classified documents from NSA servers, which led to publication of several articles regarding the NSA’s surveillance programs, including PRISM, which is alleged to harvest private user data through cooperation with a slew of American corporations including Facebook, Yahoo, Google, Apple and Microsoft.

The implicated companies have denied granting US intelligence services “direct access” to their servers, though during an online chat on Monday Snowden alleged that they had been purposely deceptive in their responses.

When asked to “define in as much detail as you can what ‘direct access’ means,” Snowden went into greater technical detail:

“More detail on how direct NSA’s accesses are is coming, but in general, the reality is this: if an NSA, FBI, CIA, DIA, etc analyst has access to query raw SIGINT databases, they can enter and get results for anything they want,” he said.

The specific details of how Snowden transported the classified NSA documents are somewhat unclear, with The Guardian saying they were extracted using four laptops taken to Hong Kong, though subsequent reports suggested that Snowden simply copied secret files on USB drives. Even though the use of thumb drives is banned in SIPRNET, the Defense Department’s secret network, as a system administrator Snowden had much broader access to data.

Image from scribd.com

Image from scribd.com

Read More Here

****************************************************************************