Archive for Privacy and Security
How To Surf The Net Anonymously: A Mini-Guide
Posted by: | CommentsAre you looking for tools and services that can help you surf the Net without leaving trails of your personal data around? Do you want to experience the Internet freely but are still concerned with privacy issues? If so, you might be very interested in reading further. Photo credit: Germán Ariel Berra When we sit alone in front of our computer we have the sensation that our privacy is properly protected. However, every single move we make is constantly recorded by our Internet providers and by the servers that host the websites we visit. All the collected information is stored and often given away to third parties who will use it for their advantage (i.e. to display customized ads, to …
E-Mail Privacy: What You May Be Giving In When You Are Flying Out
Posted by: | CommentsSince 5 march 2003, United States authorities have had access to most European airlines\’ passenger databases. According to this agreement – justified by the need to fight international terrorism – the European commission gives the USA online access to passenger name record (PNR) data of all Europe-based airline carriers for flights that go to, from or through the USA. Photo credit: Eduard Kachan The PNR data consist of all relevant information related to a passenger\’s flight: departure and return flights, connecting flights, special services required on board the flight (meals such as kosher or halal), payment information (such as the credit cards used to purchase the ticket) and e-mail address. EU forbids the transfer of personal data to other countries …
DRM: Digital Rights Restrictions – Richard Stallman Viewpoint: Video
Posted by: | CommentsDigital Rights Management, or DRM, is an all-too-pervasive means by which the manufacturers of hardware and software – including music and video – place restrictions upon the people that buy it from them. If you have ever downloaded a music track from iTunes, or a movie from Amazon Unbox, bought an audio book from Audible or tried to get your music collection back off an iPod, you have already come into contact with DRM. Photo credit: Ovidiu Predescu Effectively, DRM is a means of controlling and restricting how you listen to, watch or interact with your digital media. For one, it is designed to prevent you from sharing it with your friends, and for another it is kept in place …
Everybody trusts Google – the name has become synonymous with web searches and contextual advertising, but mounting evidence leads some dissenters to ask the vital question ‘are my privacy and security at risk when using Google services?’
This is also the contention of a new short film that attempts to unsettle your assumptions about everyone’s favourite web monopoly: Google.
Take Google Mail for instance – it is open knowledge that Gmail scans the contents of both incoming and outgoing mail, so that well targeted contextual advertising can be placed alongside your inbox. Gmail has been enormously popular, given that it is free, well featured and packs over two gigabytes of storage. But can you be one hundred percent certain that the mails scanned for the purposes of ad placement are not used for other purposes?
In this guide to Googlephobia, I have gathered a range of questions that are starting to be asked about the possible negative impact the web juggernaut might have on your life. In an age in which governments are attempting closer and closer surveillance and control of their citizens, can a private company be trusted to keep private information confidential?
Many would argue not, and yet many people persist in using email, online spreadsheets and documents, and web searches that could well be used against them at a later date. That’s right, even your web searches are stored deep down in the Google vaults, ready to pulled up and examined at a moment’s notice.
Capping this overview of Google’s less sunny side is the short film
http://masterplanthemovie.com/”>Master Plan, complete with a transcription by Executive Editor Livia Iacolare.
So sit back, survey the landscape, and decide for yourself if you have reason to be afraid. Here are the details:
Google and big brother
In trusting Google as your primary source of search information, or as an email, news, and even web application provider, how much are you exposing yourself to surveillance and possible manipulation? Just what information does Google have, and what are they willing to do with it?
Serge Thibodeau at Rank For Sales notes that:
”…Google does record and store, as no doubt do other search engines, by individual details of everything searched through the Google engine.
This may be released where legally demanded or to satisfy national security or other state interests…
”
In other words should you be even so much as suspected of something illegal or of concern to government bodies, Google will happily oblige said bodies with full details of all of the searches you have run, and where they took you. This all comes down to how far you trust your government.
When Adam L. Penenberg researched Google for his Mother Jones article on the subject he directly questioned a Google official on the point of where the company stands with regards to handing out confidential information:
”I asked her if the company had ever been subpoenaed for user records, and whether it had complied. She said yes, but wouldn’t comment on how many times. Google’s website says that as a matter of policy the company does “not publicly discuss the nature, number or specifics of law enforcement requests.”
So can you trust Google only as far as you can trust the Bush administration? “I don’t know,” Wong replied. “I’ve never been asked that question before.”
”
But Google’s complicity goes beyond subpoenas, according to ex-CIA intelligence agent Robert David Steele. Alex Jones at Prison Planet that:
”Steele raised eyebrows when he confirmed from his contacts within the CIA and Google that Google was working in tandem with “the agency,” a claim made especially volatile by the fact that Google was recently caught censoring Alex Jones’ Terror Storm and has targeted other websites for blackout in the past.
“I think that Google has made a very important strategic mistake in dealing with the secret elements of the U.S. government – that is a huge mistake and I’m hoping they’ll work their way out of it and basically cut that relationship off,” said the ex-CIA man.
”
If Google is indeed in the pockets of shady intelligence agencies, how far can you truly trust them to keep your confidential data to themselves, and not turn it over at the drop of a hat?
‘Okay’, you might say, ‘but I have nothing to hide. The only people that this is going to worry are terrorists and pedophiles’. But whether you have nothing to hide or not, what is it stake here is a matter of civil liberties, the right to privacy and the possibility of state control and surveillance beyond anything known before. We are looking at the possibility of a huge escalation in the erosion of our personal freedom and privacy, beyond any security risks that might come about as a consequence.
But that’s not all.
Google everything
Google being in bed with big brother is a scary thought, but it isn’t such a monumental task to just switch to other services if it concerns you too much. But there are those that suggest that there may be little in the way of an alternative in the coming years, as Google’s master plan would seem to involve constant expansion and the creation of a monopolistic empire that ties up the web, telecommunications and television all in one. Where do you turn when everything has a Google badge on it?
Robert Cringely over at I, Cringely details this disturbing possibility – the idea that Google is looking to create a total monopoly not just on the web services that we use, but also our phones and televisions. In Cringely’s discussion of Google’s monopolistic masterplan he details the fact that Google controls more network fiber than any other organization, and that it is buying up data centers by the dozen across America. ‘So what?’ you might ask, but as Cringely goes on to argue, the implications are much graver than they might first look.
Internet use is changing rapidly. As the web moves from being a static medium of words and the occasional picture towards a dynamic medium stuffed full of video and audio, ISPs are facing a big challenge in terms of keeping up with users bandwidth needs. In the next few years the average web user is going to shift from using one or two gigabytes of bandwidth a month, to using the same amount in the average day. For the ISPs this means a huge increase in the bandwidth they are going to be serving up.
Bandwidth, of course, lies in the hands of those who control the network fiber, and increasingly this is going to mean Google. The consequences are simple:
”We won’t know if we’re accessing the Internet or Google and for all practical purposes it won’t matter. Google will become our phone company, our cable company, our stereo system and our digital video recorder. Soon we won’t be able to live without Google, which will have marginalized the ISPs and assumed most of the market capitalization of all the service providers it has undermined — about $1 trillion in all — which places today’s $500 Google share price about eight times too low.”
So, regardless of whether you trust the Google empire or not, chances are you are not going to have much of choice when it comes to going through them if you want to access the Internet, your phone, or television content.
Masterplan
Posing these questions with panache and style, the short film Master Plan pushes Googlephobia a step further, throwing up questions as to Google’s dicing with DNA, and relationship with the CIA. This student film, put together by Olan Halici and Jurgen Mayer for their Bachelor’s thesis, raises the bar and dares to ask the questions most of us would rather not think about:
Master Plan complete transcript
Google is the most powerful search engine on Earth.
Today, billions of users google for any kind of information. A former student’s project, now rules the World Wide Web. In 1997, Larry Page and Sergey Brin developed the so called “page rank”: a complex mathematical algorithm that ranks websites by their relevance.
This groundbreaking invention profoundly transformed access to information.
Google rapidly became the first choice for internet search. But, this was just the beginning. Today, Google ends huge profits by dominating online advertising; it is well on the way of becoming the most valuable company on the global market. But it isn’t just about money; these men pursue a great vision, a google master plan.
Any kind of information will be accessible to anybody controlled by Google itself, with the credo, “Don’t be evil”.
New features and products are constantly flying out of the Googleplex, all for free. Don’t you worry about your privacy? A perfect blend of software and hardware, called Googleware gives the company more computing power than anyone else.
Google stores the entire known web in its giant database, and there is more. Gmail offers 2.7 GB of free storage; it’s no secret. All your mails – including received mails from your friends – are scanned. Google is methodically collecting personal data in many more ways using cookies and account information merely to offer relevant text ads.
Google can create incredibly detailed dossiers on everyone of us. A former CIA agent claims that Google is cooperating under cover with the U.S government including the CIA. Through appearing to simply want the best for its users, Google has already begun to expand its online domination.
Total control, and not merely on the web. Google is conducting research in the fields of molecular biology and genetics. What if Google had an entire file on you? Even including your entire genetic data? Every human being would become completely transparent.
What do you think? Does Google really worry about our privacy?
Conclusions
As Web 2.0 evolves people are increasingly switching their work-based and personal communications to online applications, such as those offered by Google. In so doing, you can afford yourself new freedoms – the freedom to access our information regardless of where you are in the world, the freedom to collaborate with others from remote locations, the freedom to forget about how much space you have left on your hard drive or where you put that elusive file.
But in reaping the benefits of these new freedoms, you also put yourself at risk of being spied on, reported on and sold down the line by companies that will always put the bottom line before their customers. As Google grows from strength to strength as a provider of web services and applications, but also as an owner of all important bandwidth, it would make sense to take stock of their growing monopoly and consider the consequences of the deal you enter into when you make use of their free software.
Google, as a leader in the Web 2.0 landscape, is all about facilitating communication and the free flow of information. But where is all of the information flowing to, and is it always to your benefit? Or that of those who would control and catalogue our everyday lives?
While sincerely hoping that this isn’t the case, it would be wise to allow for the possibility in our day to day actions online.
Additonal resources
If you want to read more on the subject of Google and its master plan, you might want to visit the following websites:
- Is Google Evil?, Adam L. Penenberg’s investigative think-piece on the subject
Trusted computing is a set of open specifications based on the idea that computer security can be achieved by implementing a particular microchip (called Trusted Platform Module), whose task is to allow users to install and utilize only “trusted” software (which is software that has been previously recognized and approved by the computer manufacturer).
Photo credit: Benjamin Stephan and Lutz Vogel
This concept has been developed in the past few years by the Trusted Computing Group and among its promoters there are major information technology companies such as Microsoft, Intel, IBM and Sun Microsystems Inc.
Despite the premises of the Trusted Computing Group, many critics – including academics, security experts and creators of free and open source software – contend that the overall effect (and perhaps ultimate intent) of trusted computing is to impose unreasonable restrictions on how people can use their computers.
Trusted computing has in fact become subject of multiple discussions, mostly related to the fact that in the TCG’s vision it is the computer manufacturer that decides which software can be installed on the computer and which one must be considered a threat to security.
But which is the authority that decides what is secure and what’s not? And according to which parameters?
How would you feel if I was to tell you that according to the TCG the real enemy to guard oneself against, when it comes to your computer security, is the computer owner herself?
Not very comforting I guess…
But that is indeed the Trusted Computing vision. At its core is the firm idea that the real enemy of computer security is – the user himself.
Photo credit: Benjamin Stephan and Lutz Vogel
Trusted computing stated goal is to make personal computers more secure through the use of dedicated hardware that monitors user’s access to programs and only lets them use software that is considered “trustworthy“.
Up until now, the end user could have literally installed whatever program suited her desires or needs, without having to deal with any restrictions – except for compatibility and other core demands set out by your operating system requirements.
But if trusted computing was going to be used in real-life scenarios, this might not be valid for much longer.
Before getting alarmed, let me review step-by-step what exactly trusted computing does and for which reasons.
Microsoft – one of the founders of the TCG – released some information about the trusted computing architecture, dividing all changes it has designed for a trusted computing experience into four groups, all of which require new hardware to be added to today’s PCs.
Let me recap these items here for you:
- Memory curtaining
Memory curtaining refers to the isolation of PC’s memory to prevent programs from being able to read or write one another’s memory. Today, a virus or malicious code can often read or alter data in a PC’s memory. In the trusted computing design, even the operating system should not have access to curtained memory, so that a virus or hacker who gains control of the operating system would not be able to interfere with programs’ secure memory.
- Secure I/O
- Sealed storage
- Remote attestation
Secure input and output, or secure I/O, aims to defeat the threats posed by keyloggers and screen-grabbers, which are programs used by hackers to spy on computer users’ activities. A keylogger records whatever you type on your keyboard, and a screen-grabber records what’s displayed on the screen. With secure I/O, no other software running on the same PC will be able to find out what the user typed, or how the application responded. At the same time, secure I/O will allow programs to determine whether their input is provided by a physically present user, as distinct from another program impersonating a user.
Sealed storage addresses the inability of a PC to securely store passwords. Usually, the passwords that protect private documents or accounts are stored on the computer’s hard drive, together with the documents themselves. This procedure can be compared to leaving the combination to a safe in the same room with the safe itself. Hackers who enter a computer can frequently copy passwords from that computer’s hard drive.
Sealed storage is an invention that generates passwords based in part on the identity of the software requesting to use them and in part on the identity of the computer on which that software is running.
If a program different from the program that originally encrypted, or “sealed“, private data should attempt to decrypt, or “unseal“, that data, the attempt is guaranteed to fail.
Remote attestation is the most interesting of the four major feature groups described by Microsoft and it aims to allow “unauthorized” changes to software to be detected. If an hacker has replaced one of your applications, or a part of your operating system with a maliciously altered version, you should be able to tell.
Because the evidence is “remote“, others with whom you interact should be able to know that, so that they can avoid sending data to a compromised computer.
While remote attestation is obviously useful, the current TCG approach fails to distinguish between applications that protect computer owners against attack and applications that protect a computer against its owner. In fact, the computer’s owner is sometimes treated as an enemy who must be prevented from altering the computer’s software.
Misconceptions about Trusted Computing
Video about Trusted Computing created by Benjamin Stephan and Lutz Vogel
At this point, you might wonder whether trusted computing PCs would really be able to run existing software.
While it is possible for manufacturers to build PCs incapable of running particular code, nothing in the TCG specifications insists on this. More importantly, the trusted computing architecture security model does not require insecure or undesirable software to be prevented from running. The trusted computing security model instead concentrates on preventing running applications from interfering with one another.
Only a rough security model would require prohibiting “bad” software running on a computer, and the NGSCB model does not do that.
In addition, that approach would require determining which software is “bad“, which would truly be a discouraging task. Some proprietary systems assume that all software not signed by a recognized authority is “bad“, but users insist on being able to use software without the prior approval of some authority.
The problem
Although trusted computing hardware seems to provide security benefits, it has been received skeptically and remains controversial. Some of the controversy deserves great attention, since trusted computing systems fundamentally alter trust relationships between the user and the computer manufacturer.
Security design necessarily includes specifying what has to be considered a threat for the PC and the most fundamental concern is that trusted computing systems are being designed to support threat models in which the owner of a “trusted” computer is considered a threat.
Attestation is appropriate for preventing the software on a computer from being changed without the knowledge of the computer’s owner (for instance, by a virus). Unfortunately, the attestation model in TCG’s current design can equally prevent the software on a computer from being changed by the computer owner with his or her full knowledge and consent.
Third parties currently cannot tell what software you are using and they have no reliable way to force you to use the software of their choice. This is almost always a benefit for computer owners (and not a bug that has to be eliminated), since it improves competition and owners’ ability to control their computers.
Possible consequences of Trusted Computing
Let me now take into consideration a few examples of how the attestation approach promoted by trusted computing can compromise interoperability or be used against computer owners.
I will refer here to the research conducted by Seth Schoen, a technologist for the Electronic Frontiers Foundation (a technology civil rights organisation that is particularly concerned with the implementation of trusted computing).
- On the Web
A web site could demand a software attestation from people wishing to read it. If they declined to provide an attestation, the site would refuse to deal with them at all; if the attestation showed that they were using “unapproved” software, the site would likewise decline to interact with them. Only those who could produce a digital certificate proving that their computers’ software was satisfactory to the remote site would be permitted to use it.
In a well known case, MSN, the Microsoft Network, refused to serve web pages to non-Microsoft browsers. In the meantime, users of competitive products were able to fool MSN into thinking they were running Internet Explorer. This would be impossible in an environment of routine NGSCB-style remote attestations.
Many sites arbitrarily prevent the use of disfavored software – they say – for security reasons.
Indeed, their reasons may be entirely different. In some cases, a site operator wants to force you to use a particular program in order to subject you to advertising.
Software interoperability is also at risk. If a user has data stored inside a proprietary system, and the system communicates only with client software written by the proprietary system’s publisher, it may be extremely hard for the user to move his or her data to a new software system. When the new system tries to communicate with the old system in order to extract the data, the old system may refuse to respond.
Similarly, instant messaging (IM) services have frequently tried to lock out their competitors’ clients and, in some cases, free/open source IM clients. An attestation mechanism would be a powerful tool for limiting competition and interoperability in IM services.
Many people have speculated that trusted computing technology is a way of bringing digital rights management (DRM) technology to the PC platform. However, trusted computing developers deny that DRM is the main focus of their efforts, and trusted computing is useful for many applications besides DRM.
Among the elements characterizing trusted computing, remote attestation is the key player of DRM policy enforcement. If a remote system lacks reliable knowledge of your software environment, it can never have confidence that your software will enforce policies against you.
Other consumer-unfriendly software behaviors which can be implemented by means of attestation, combined with sealed storage, include preventing a program or a file from being transferred from one computer to another, forcing software upgrades or downgrades, and enabling some spyware.
One thing is sure: the current version of remote attestation facilitates the enforcement of policies against the wishes of computer owners.
If the software you use is written with that goal in mind, the trusted computing architecture will not only protect data against intruders and viruses, but also against you. In effect, YOU, the computer owner, are treated as an enemy.
If you give an attestation to a service provider who wants to help you detect unauthorized modifications to your computer, attestation benefits you. If you’re required to give an attestation to someone who aims to forbid you from using the software of your choice, attestation harms you.
In an ideal situation, it is the computer owner, YOU – and not a third party – that should be able to decide whether the information or software you have acquired from a third party is accurate and trustable. Only in this way you can be sure that the attestation capability will not be used in a way contrary to YOUR interests, as a computer owner.
Suggested solutions
The lack of owner control on the content of attestations is the central problem with the current trusted computing proposals.
A simple measure conceived by Seth Schoen and called “Owner Override” could fix the problem by restoring third-parties’ inability to know precisely what software you’re running – unless you decide you would be better off if they knew.
Currently, attestation tells remote parties whether the software on your computer has been changed. Attestation plus Owner Override would let remote parties know if the software on your computer has been changed without your knowledge.
Owner Override fixes trusted computing so that it protects the computer owner and authorized users against attacks, without limiting the computer owner’s authority to decide precisely which policies should be enforced.
However, the Trusted Computing Group members have refused to implement Owner Override and proponents of trusted computing believe that Owner Override defeats effective trust detection in other computers, since remote attestation could be forged by the owner.
Conclusions
Trusted computing represents an important stage of security research, whose aim is to find a way to prevent computers from threats and privacy violations.
Like all solutions designed to accomplish the goal of providing greater security, trusted computing risks to become a new form of control and thus a threat itself to the freedom of those computer owners that trusted computing would be claiming to protect.
The voice of many authoritative critics, such as the “father” of open source software Richard Stallman, synthesizes the apprehension of the critical mass of computer users, who are afraid to lose control over their own machines because of a strategic corporate agreement that might stand behind the concept of trusted computing.
Ultimately, the real menace that trusted computing wants to prevent seems to be nothing but the computer owner himself, because of her power to choose which software suits his needs without relaying on third party suggestions.
Do you want to keep choosing or do you prefer to hand over this ability to a TGC chip in the name of greater security on your computer network?
To you the final decision.
References
- Trusted Computing: definition on Wikipedia
- Homepage of the Trusted Computing Group
- Can you trust your computer? (on GNU)
- Trusted Or Treacherous Computing? (on Slashdot)
- Trusted computing a shield against worst attacks? (on Security Focus)
- Trusted Computing: Promise and Risk (on EFF)
- Trusted Computing Best Practices (on Schneider)
- What price for “trusted PC security”? (on BBC News)
- Trusted Computing Frequently Asked Questions (on University of Cambridge website)
- Trusted computing comes with a warning (on ZDNet)
Photo credits
Computer lock: Feng Yu
Barbed wire laptop: Marilyn Barbone
Solution puzzle: Luminis