Allison Kilkenny: Unreported

NSA Offering ‘Billions’ for Skype Eavesdrop Solution

Posted in Uncategorized by allisonkilkenny on February 15, 2009

The Register

wiretapCounter Terror Expo News of a possible viable business model for P2P VoIP network Skype emerged today, at the Counter Terror Expo in London. An industry source disclosed that America’s supersecret National Security Agency (NSA) is offering “billions” to any firm which can offer reliable eavesdropping on Skype IM and voice traffic.

The spybiz exec, who preferred to remain anonymous, confirmed that Skype continues to be a major problem for government listening agencies, spooks and police. This was already thought to be the case, following requests from German authorities for special intercept/bugging powers to help them deal with Skype-loving malefactors. Britain’s GCHQ has also stated that it has severe problems intercepting VoIP and internet communication in general.

Skype in particular is a serious problem for spooks and cops. Being P2P, the network can’t be accessed by the company providing it and the authorities can’t gain access by that route. The company won’t disclose details of its encryption, either, and isn’t required to as it is Europe based. This lack of openness prompts many security pros to rubbish Skype on “security through obscurity” grounds: but nonetheless it remains a popular choice with those who think they might find themselves under surveillance. Rumour suggests that America’s NSA may be able to break Skype encryption – assuming they have access to a given call or message – but nobody else.

The NSA may be able to do that: but it seems that if so, this uses up too much of the agency’s resources at present.

“They are saying to the industry, you get us into Skype and we will make you a very rich company,” said the industry source, adding that the obscure encryption used by the P2Pware is believed to change frequently as part of software updates.

The spyware kingpin suggested that Skype is deliberately seeking to frustrate national listening agencies, which seems an odd thing to do – Skype has difficulties enough getting revenues out of its vast user base at any time, and a paid secure-voice system for subversives doesn’t seem like a money-spinner.

But corporate parent eBay, having had to write down $1.4bn already following its $2.6bn purchase of Skype back in the bubble-2.0 days of 2005, might see an opportunity here. A billion or two from the NSA for a backdoor into Skype might make the acquisition seem like a sensible idea.

We asked the NSA for comment, particularly on the idea of simply buying a way into Skype, but hadn’t yet received a response as of publication.

US Supreme Court Says Passenger Can Be Frisked

Posted in police state, politics, privacy, Supreme Court by allisonkilkenny on January 26, 2009

Newsday

police-brutalityWASHINGTON (AP) – The Supreme Court ruled Monday that police officers have leeway to frisk a passenger in a car stopped for a traffic violation even if nothing indicates the passenger has committed a crime or is about to do so.

The court unanimously overruled an Arizona appeals court that threw out evidence found during such an encounter.

The case involved a 2002 pat-down search of an Eloy, Ariz., man by an Oro Valley police officer, who found a gun and marijuana.

The justices accepted Arizona’s argument that traffic stops are inherently dangerous for police and that pat-downs are permissible when an officer has a reasonable suspicion that the passenger may be armed and dangerous.

The pat-down is allowed if the police “harbor reasonable suspicion that a person subjected to the frisk is armed, and therefore dangerous to the safety of the police and public,” Justice Ruth Bader Ginsburg said.

  

The case is Arizona v. Johnson, 07-1122.


Real Short: 7 Problems with Real ID

Posted in Uncategorized by allisonkilkenny on December 10, 2008

ACLU

4816339The Real ID Act creates a federal identity document that every American will need in order to fly on commercial airlines, enter government buildings, open a bank account, and more.  

It creates huge administrative burdens for state governments, while providing no federal funds for implementing its onerous requirements.  At the same time, it does nothing to combat terrorism, and puts us at greater risk for invasions of privacy and identity theft.  

On this page you can learn more about Real ID: the costs, the burdens, and the real bureaucratic nightmare coming to a DMV near you.

What’s Wrong With Real ID

  • It’s a national identity system. The standardized national driver’s licenses created by Real ID would become a key part of a system of identity papers, databases, status and identity checks and access control points – an “internal passport” that will increasingly be used to track and control individuals’ movements and activities.
  • Will not be effective against terrorism. The fact is, identity-based security is not an effective way to stop terrorism. ID documents do not reveal anything about evil intent – and even if they did, determined terrorists will always be able to obtain fraudulent documents (either counterfeit or real documents bought from corrupt officials).
  • Will be a nightmare for state governments. Real ID requires state governments to remake their driver’s licenses, restructure many of their computer databases and other systems, create an extensive new document-storage system, and – perhaps most difficult of all – verify the “issuance, validity and completeness” of every document presented at DMVs. See Real Burdens.
  • Will mean higher fees, long lines, and bureaucratic nightmares for individuals. Because Congress ordered but did not pay for these mandates, which will cost states billions of dollars, fees on individuals applying for driver’s licenses will inevitably rise, perhaps steeply. Individuals are also likely to confront slower service, longer lines, and frequent bureaucratic snafus in obtaining these ID cards. Many unlucky individuals will find themselves caught in a bureaucratic nightmare as they run up against the complexities of this law.
  • Increased security and ID-theft risks. The creation of a single interlinked database as well as the requirement that each DMV store copies of every birth certificate and other documents presented to it will create a one-stop shop for identity thieves.
  • Will be exploited by the private sector to invade privacy. Real ID would make it easy for anybody in private industry to snap up the data on these IDs. Already, bars often swipe licenses to collect personal data on customers – but that will prove to be just the tip of the iceberg as every convenience store learns to grab that data and sell it to data companies for a dime.
  • Will expand over time. The Real ID database will inevitably, over time, become the repository for more and more data on individuals, and will be drawn on for an ever-wider set of purposes. Its standardized machine-readable interface will drive its integration into an ever-growing network of identity checks and access control points – each of which will create new data trails that will in turn be linked to that central database or its private-sector shadow equivalent.

For more information on these problems, see the Real Answers FAQ.