Don’t let this outrageous comment get swept under the rug. Make sure people see this video.
(via NSA Chief Keith Alexander Slams Reporters | Free Press)
See more posts like this on Tumblr
#press freedom #NSA #NSA spying #NSA surveillance #keith alexander #press intimidation #media #journalism #JournalistsThis is the one video everyone needs to see about NSA spying.
Democracy Now! host Amy Goodman and other journalists are being punished for covering the protests against the Dakota Access Pipeline. Local authorities recently issued an arrest warrant for Goodman and arrested at least two independent reporters — and this crackdown on press freedom will continue if we don’t speak up now.
The NSA “is gathering nearly 5 billion records a day on the whereabouts of cellphones around the world.” (Washington Post)
Join us in protesting the National Security Agency’s wide-ranging invasion of privacy.
The problem is, the bill they’re laser-focused on is misguided, wouldn’t protect us — and is a huge gift to companies wanting legal cover if and when they choose to violate Americans’ privacy rights.
In March, the Senate Intelligence Committee voted 14–1 in favor of the Cybersecurity Information Sharing Act of 2015 (CISA). The bill, like its infamous predecessor CISPA, would allow companies to share vast amounts of users’ private and personally identifiable data with the government. That information would go straight to the Department of Homeland Security and then on to the NSA.
If CISA passes, companies would be permitted to monitor and then report to the government on vaguely defined “cyber-threat indicators” — a term so broad that it covers actual threats hackers pose to computer systems but also sweeps in information on crimes like carjacking and burglaries. Those are serious offenses to be sure, but they have nothing to do with cybersecurity.
While current law allows companies to monitor their own systems for cyber threats, CISA would take this to the next level. The bill would allow companies that hold huge swaths of our personal data — like health insurers and credit-card companies — to monitor and report online activity “notwithstanding any other provision of law.”
This means that CISA would undermine the strong protections embedded in laws like the Electronic Communications Privacy Act of 1986 and the Privacy Act of 1964 — laws designed to keep the government from spying on our communications.
While posing a serious threat to our privacy online, CISA wouldn’t even guard well against cyber attacks. The bill offers a bad trade-off, to put it mildly.
1) Hide in the network. Implement hidden services. Use Tor to anonymize yourself. Yes, the NSA targets Tor users, but it’s work for them. The less obvious you are, the safer you are.
2) Encrypt your communications. Use TLS. Use IPsec. Again, while it’s true that the NSA targets encrypted connections – and it may have explicit exploits against these protocols – you’re much better protected than if you communicate in the clear.
3) Assume that while your computer can be compromised, it would take work and risk on the part of the NSA – so it probably isn’t. If you have something really important, use an air gap. Since I started working with the Snowden documents, I bought a new computer that has never been connected to the internet. If I want to transfer a file, I encrypt the file on the secure computer and walk it over to my internet computer, using a USB stick. To decrypt something, I reverse the process. This might not be bulletproof, but it’s pretty good.
4) Be suspicious of commercial encryption software, especially from large vendors. My guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well. It’s prudent to assume that foreign products also have foreign-installed backdoors. Closed-source software is easier for the NSA to backdoor than open-source software. Systems relying on master secrets are vulnerable to the NSA, through either legal or more clandestine means.
5) Try to use public-domain encryption that has to be compatible with other implementations. For example, it’s harder for the NSA to backdoor TLS than BitLocker, because any vendor’s TLS has to be compatible with every other vendor’s TLS, while BitLocker only has to be compatible with itself, giving the NSA a lot more freedom to make changes. And because BitLocker is proprietary, it’s far less likely those changes will be discovered. Prefer symmetric cryptography over public-key cryptography. Prefer conventional discrete-log-based systems over elliptic-curve systems; the latter have constants that the NSA influences when they can.
Congress is rushing toward a vote on CISA, the worst spying bill yet. CISA would grant sweeping legal immunity to giant companies like Facebook and Google, allowing them to do almost anything they want with your data. In exchange, they’ll share even more of your personal information with the government, all in the name of “cybersecurity.” CISA won’t stop hackers — Congress is stuck in 1984 and doesn’t understand modern technology. So this week we’re sending them thousands of faxes — technology that is hopefully old enough for them to understand.
Tell Congress: Keep the Internet WEIRD — and SAVE NET NEUTRALITY
phonejustice