Friday, 11 December 2015
Thursday, 10 December 2015
"Funke, Schularick, and Trebesch recently did some work asking whether the rise of right-wing extremism in the 1930s was paralleled in other times, and found that the answer is yes: “politics takes a hard right turn following financial crises.”
Interestingly, this isn’t true for all kinds of crises. Financial crises, they suggest, are different, in part because
financial crises may be perceived as endogenous, ‘inexcusable’ problems resulting from policy failures, moral hazard and favouritism.
I would put it a bit differently: financial crises call into question whether respectable people know what they’re doing, in a way that other kinds of economic shocks often don’t.
The point for Europe is that the doctrinaire policies followed since 2010, and the unwillingness to rethink dogma in the light of experience, aren’t just economically destructive. They undermine the legitimacy of the whole European system, and may in the end lead to political catastrophe." 'via Blog this'
Thursday, 19 November 2015
"And part of establishing deterrence will be making sure that whoever attacks us knows we are able to hit back.
We need to destroy the idea that there is impunity in cyberspace.
We need those who would harm us to know that we will defend ourselves robustly. And that we have the means to do so.
This is the fifth element of the plan.
Thanks to the investment that we have made during the last Parliament, just as our adversaries can use a range of actions against us, from the virtual to the physical, so we are making sure that we can employ a full spectrum of actions in response.
We reserve the right to respond to a cyber attack in any way that we choose.
And we are ensuring that we have at our disposal the tools and capabilities we need to respond as we need to protect this nation, in cyberspace just as in the physical realm.
We are building our own offensive cyber capability – a dedicated ability to counter-attack in cyberspace.
We have built this capability through investing in a National Offensive Cyber Programme.
The Programme is a partnership between the Ministry of Defence and GCHQ, harnessing the skills and talents of both organisations to deliver the tools, techniques and tradecraft required for the UK to establish a world class capability." 'via Blog this'
Monday, 16 November 2015
GABRIELLE GUILLEMIN: I would be curious to hear from Chris Marsden who is Professor at Sussex University of what he thinks of the debate in United Kingdom when the investigative powers bill was published recently.
Much greater minds have contributed to my contribution this morning. I spoke to Jon Crowcroft who is a professor at Cambridge, and many other academics who are deeply involved in trying to explain to Parliamentarians about what is involved. Two people you should read. First and I almost take this draft bill as kind of the final insult, kind of postmortem insult, to Casper Bowden who has been one of the heroes of this debate. He died in July of this year. He wrote about the compatibility of mass surveillance with the European Convention on the Human Rights and he has been advising the European Parliament on this for 15 years. The second is my coauthor on our book where we talk about default encryption. His name is Ian Brown and he is a professor at Oxford. And if you have read anything by Ian and Casper, you will be much more educated than with what advice I have given today."
Friday, 11 September 2015
For the first story, the British obtained the ciphertext of the telegram from the Mexican commercial telegraph office. The British knew that the German Embassy in Washington would relay the message by commercial telegraph, so the Mexican telegraph office would have the ciphertext. "Mr. H", a British agent in Mexico, bribed an employee of the commercial telegraph company for a copy of the message. (Sir Thomas Hohler, then British ambassador in Mexico, claimed to have been "Mr. H", or at least involved with the interception, in his autobiography.) This ciphertext could be shown to the Americans without embarrassment. Moreover, the retransmission was enciphered using cipher 13040, so by mid-February the British not only had the complete text, but also the ability to release the telegram without revealing the extent to which the latest German codes had been broken—at worst, the Germans might have realized that the 13040 code had been compromised, but weighed against the possibility of United States entry into the war that was a risk worth taking.
Finally, since copies of the 13040 ciphertext would also have been deposited in the records of the American commercial telegraph, the British had the ability to prove the authenticity of the message to the United States government.
As a cover story, the British could publicly claim that their agents had stolen the telegram's deciphered text in Mexico. Privately, the British needed to give the Americans the 13040 cipher so that the United States government could verify the authenticity of the message independently with their own commercial telegraphic records, however the Americans agreed to back the official cover story. The German Foreign Office refused to consider a possible code break, and instead sent von Eckardt on a witch-hunt for a traitor in the embassy in Mexico." 'via Blog this'
Friday, 10 July 2015
Obituary: Caspar Bowden, a fearless privacy pioneer
The world’s privacy advocates are reeling over the loss of one of their most influential and feared campaigners, Caspar Bowden, who has died of cancer. His fierce and combative evangelism for online privacy over two decades and surgical analysis of complex surveillance legislation raised the standard of commentary that influenced advocacy groups at home and abroad.
I had the honour and the pleasure of becoming a close friend and co-conspirator of Caspar. It wasn’t always easy – he held high expectations of his colleagues, who could often experience his wrath whenever they dared to negotiate with “the bastards” (whoever they happened to be at the time). The archaic American expression “ornery” could well have been invented for Caspar Bowden, as his opponents well knew.
In conferences and meetings where officials and ministers appeared there was frequently what became known as the “popcorn moment”, when Caspar would stand up and, from the back of the hall, clear his throat and launch into a devastating critique that would utterly destroy the credibility of his opponents. Within two years, ministerial staffers were routinely calling me to find out whether Caspar would be in the audience. No better tribute could ever be awarded to any campaigner.
Caspar joined the mainstream privacy world in 1997 during the Scrambling for Safety encryption event that I organised at the London School of Economics, and soon after he co-founded the Foundation for Information Policy Research (FIPR), which became the most astute think-tank in Britain in the field of surveillance.
At the time Caspar chaired Scientists for Labour, an organisation which at the time believed that the Labour Party (which had been elected to government only 18 days earlier) would actually respect scientific advice. The reams of dangerous and intrusive legislation the Labour government subsequently passed caused him to ditch this fantasy. In the years since Caspar appeared to abandon all faith in parties, taking pride in comparisons with TV character Mr MacKay in the comedy series Porridge, who famously said: “I have a job to do and, whatever else I am, I’m firm but fair. I want you to know that I treat you all with equal contempt”.
In 2002 Caspar joined Microsoft’s operation in Europe as chief privacy strategist, but the arrangement was a bad fit. Caspar continued to be outspoken, eventually parting company with Microsoft after he criticised the lack of privacy measures in its software and the firm’s cosiness with US government spooks. Years before Snowden’s revelations about US and UK mass surveillance in 2013, Bowden had already become deeply worried about the relationship between companies and security agencies – with his arguments about the safety of cloud data proven true by the subsequent leaks.
Gus Hosein, executive director of Privacy International and an an old friend and colleague said:
I’m not new to this issue, but whenever I struggle to get my head around the implications of a new policy or technology, I always looked to Caspar. I sought his guidance to navigate it, but I feared what he would say if I came out with something stupid. The future is uncertain enough, but without him it is even more daunting.
Caspar was very accurately described by another close friend and colleague Ian Brown, professor of Information Security and Privacy at Oxford University:
Caspar was a truly unique individual, one of the most passionate, methodical, relentless advocates of any cause I have met. I learnt so much from him as we worked together on and off for nearly 20 years on privacy issues. His forensic analysis of UK surveillance laws, and later European and US legislation, was essential reading for anyone who wanted to understand the implications of some extremely obscure language – including legislators themselves.
Brown believes UK internet users are still benefiting from Caspar’s successful campaign to remove “Big Browser” surveillance powers from the Regulation of Investigatory Powers Act 2000, and to ensure the burden of proof was not put onto individuals who might have actually forgotten passwords later demanded by police. His important reports for the European Parliament will also be key in the long-term decisions made by the EU to protect the privacy of its 500m citizens.
Anyone who knew Caspar understood that he was dogged in his later years by a deep cynicism about progress in privacy. Deeply mistrustful of governments, corporations and even the law, he eschewed mobile phones and came to place his faith almost solely on mathematical solutions, for example by heavily promoting the concept of differential privacy, which attempts to prevent a loss of privacy in situations where details can be inferred from other data.
Perhaps Caspar’s greatest legacy is that, in an age of increasing compromise, he showed us the importance of dogged, non-negotiable persistence. As George Bernard Shaw observed, all progress depends on the unreasonable man. In that respect, Caspar was a beacon of progress.
Thursday, 18 June 2015
These commercial pressures, have changed in the past few years, as large internet companies start relying heavily on serving end-users (search, webmail, social networking). Sadly, these companies have adopted both a business model — ad-based monetization — and a technical architecture — cloud computing — that makes meaningful privacy protection very difficult. In turn the “success” of those architectures has lead to an extreme ease of developing using this model, and an increasing difficulty in providing end-user solutions with appropriate privacy protections — let alone usable ones.
The rise of services has pushed a number of key privacy technologies into not being commercially supported and a key feature, and in effect at best a “common” — with the governance and funding problems this entails. We have recently learned about the systemic under funding of key privacy technologies such as OpenSSL and GPG. Technologies like Tor are mostly funded for their national firewall traversal features, seeing development on anonymity features suffer.
Unlike other commons (health, parks, quality assurance in medicines), the state has not stepped in to either help with governance or with funding — all the opposite. For example, standardization efforts have systematically promoted “surveillance by design” instead of best of breed privacy protection; funding for surveillance technology is enormous compared to funding for privacy technologies, and somehow ironically, a number of calls for funding of privacy technologies are in the context of making surveillance more “privacy friendly” — leading to largely non-nonsensical outcomes." 'via Blog this'