4

How the NSA is Controlling the Internet

Posted by on Oct 30, 2013

Image from http://raymondpronk.files.wordpress.com

Image from http://raymondpronk.files.wordpress.com

Recently, I came across an interesting article by security researcher, Bruce Schneier titled the “ The Battle for Power on the Internet”. The article talks about the battle for power in the cyberspace between the traditional and institutional bodies like the government, and the cyber criminals (i.e. hackers). From the recent revelations about the NSA’s PRISM program, it looks like the government is winning this battle big time. The NSA has the power and resources to spy on each and every one of us. They have been successful in circumventing the majority of security controls on the web in order to gain control over Internet communications. In my previous blogs, we have seen how the government has joined hands with technology giants like Google, Apple, Facebook and other well -known companies to get access to user data that it couldn’t have accessed otherwise. Most of these companies provide information to the government, betraying their users’ trust. Besides that, the NSA also works with security vendors to understand the vulnerabilities of widely used commercial products and later exploits them for surveillance purposes.

Image from http://www.theatlantic.com/

Image from http://www.theatlantic.com/

On the other hand, cybercriminals are very quick at taking advantage of new technologies to accomplish their goals. During the early ages of the Internet, cybercriminals became more powerful because they could use this new technology to carry out cyber crimes before the government could think of a better way to use it. A new technology always benefits a hacker more than institutional powers, because the hackers are not hindered by bureaucracy or by ethics and laws. Therefore they evolve faster than the institutional powers. However when the powerful big institutions figure out a way to harness the Internet, they become even more powerful. For example “while the Syrian dissidents used Facebook to organize, the Syrian government used Facebook to identify dissidents to arrest.” We saw the launch of new iPhone 5S with fingerprint detector recently. Guess what? Two days after the smartphones went on sale, a Germany based hacker group, Chaos Computer Club (CCC) claimed that they have bypassed the fingerprint reader of iPhone 5S. The group confirmed the bypass on its website saying: “A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with Touch ID.”

Image from http://www.4pointsecurity.com

Image from http://www.4pointsecurity.com

I totally agree with Schneier’s statement – “it is a battle between the quick and the strong”.

After reviewing the strengths and weaknesses of both hackers and the government, I feel that as the technology advances this battle is going to get worse. As a result, there will be more risks to the privacy of common people using the Internet. We do not have the technical ability to protect our data from government snooping, or avoid hackers from preying on us. With the rise in cloud computing we do not have the control over our data anymore, as they are stored in the servers of tech companies like Apple, Google, Microsoft and so on. From the PRISM revelations, it is clear that the government can get access to our data whenever they want by just issuing a warrant to these companies. In such a situation, what needs to be done to maintain the privacy of the users on the Internet? Firstly, the government needs to be transparent about its usage of user data. The more we learn about how our data is being handled by the government, the more we can trust that they are not abusing their authority. “Transparency and oversight give us the confidence to trust institutional powers to fight the bad side of distributed power, while still allowing the good side to flourish. For if we’re going to entrust our security to institutional powers, we need to know they will act in our interests and not abuse that power. Otherwise, democracy fails.”

Secondly, the technology companies also need to be transparent about their cooperation with the NSA in handling user data. We have seen in the past that technology companies are teaming against the NSA to publish a transparent report of user data requests made by the government. A detail report explaining what information they provided in response to National Security Letters and other government demands will help these companies in gaining the trust of their users. Also the cloud storage companies should implement strong security controls like strong passwords, longer keys or complex hash algorithms that will make it difficult for anyone to access user data.

Lastly, we as users needs to be aware of the security risks that comes with the Internet and take proper security measures to protect our data from unauthorized access.

Secure your personal data with SpiderOak

 Users sometimes find that selecting a truly protected third party cloud service can be a challenge as most “secure” services on the market have glaring security gaps that leave their sensitive data wide open to third party attacks, leaks, and hacking. One rapidly expanding cloud storage and sync service that sets itself apart from the rest of the market is SpiderOak. This service provides users with fully private cloud storage and syncing, featuring all of the benefits of the cloud along with 100% data privacy. SpiderOak is available with onsite deployment and private servers or outsourced deployment through a private and secured public cloud server, so that users and small businesses of all sorts and sizes can tailor the service to fit their needs.

SpiderOak protects sensitive user data with 256-bit AES encryption so that files and passwords stay private. Authorized accounts and network devices can store and sync sensitive data with complete privacy, because this cloud service has absolutely “zero-knowledge” of user passwords or data. And all plaintext encryption keys are exclusively stored on approved devices because SpiderOak never hosts any plaintext data. This way, even if programs like NSA’s PRISM continue to stand unchallenged, people can rest easy knowing that their data is truly protected. SpiderOak’s cross-platform private cloud services are available for users on Windows, Mac, and Linux platforms, along with Android and iOS mobile devices, allowing for full flexibility and mobile access. SpiderOak offers amazing products like SpiderOak Hive and SpiderOak Blue to secure consumer and enterprise data. You can signup for this product now.

 

4 Responses to “How the NSA is Controlling the Internet”

  1. Cantin says:

    I agree that “the government needs to be transparent about its usage of user data.” That’s key, because I don’t think the issue with PRISM or any other NSA spying program is that our personal data is out there or being collected, but how that data is being used. Most people don’t really seem to be concerned about government spying, and for good reason. If you aren’t doing anything illegal (like planning a terrorist attack), then what’s wrong with government agencies accessing your data to make sure you’re not a terrorist? And as long as the government’s practices are kept transparent, isn’t sacrificing our browsing history for peace of mind that terrorists looking up bomb making are going to be caught? If you are doing something illegal, well, you shouldn’t be doing it anyways.

    Social media, emails, storing banking and credit info on shopping websites and Paypal, and a slew of other internet resources are constantly taking our personal data. We’ve gotten to this point where it’s almost impossible to live “off the grid.” And people get that. We understand that in order to function in today’s world, we have to accept the fact that we’re sacrificing a few of our personal details to be a part of it. I think that’s why you don’t really see people up in arms about the PRISM program. Most of us sort of get it. As long as it’s transparent, what’s the problem?

    Just my opinion. :)

  2. Gregory says:

    I find that I’m not Outraged by the actions of the NSA and PRISM, but I also don’t agree with their practices. Even thought I may not be doing something illegal, that doesn’t mean this information couldn’t be used to harm me in the hands of untrustworthy government subordinates. This information is now accessible to the common man who works in the NSA and PRISM programs. Also who is to say the government has the where with all to keep my information safe? the Obamacare website still doesn’t work. I just try to be mindful when I use the internet.

  3. LeoX says:

    The terms should be skewed a little differently. The “National Security” Department works under the Department Of Defense (The U.S. Military). But there are no headline that I have seen that amount to “The U.S. military is unconstitutionally spying on millions of innocent U.S. citizens”

    The mainstream are the jesters of the modern royal court. Real journalists are people who right things that the government does not want written, everything else is public relations. George Orwell is attributed with that quote but it’s the veracity of that it still rings true us what makes it noble.

    Well, now we know James Clapper and Keith Alexander have both lied to Congress under oath, and we have a “intelligence laundering” program is official (http://www.reuters.com/article/2013/08/07/us-dea-irs-idUSBRE9761AZ20130807) do we call a corporate type of mafia or some type of totalitarian system? The law only applying to some (not James Clappers, Or Keith Alexander) can’t really be applied “rule of law” because that means there sometimes is no law (see illegal U.S. spying. The “law” being used selectively is not rule of law, it is kabukki theater dressed as law (it’s totalitarianism). The fish rots from the head and it stinks in the United States. Congress has a 6% approval rating, is that legitimacy? If not, what is it?

    James Clapper and Keith Alexander should be jailed and prosecuted for lying to Congress under oath, and the NSA should be disbanded. We also need another church commission to investigate civil liberty abuses

  4. Checkerbox says:

    I wonder why the government is so intent upon spying on its citizens. Power is already theirs, and to have complete dominion over its citizens is anti-Constitutional. Our democratic way of life is what makes us all a community, one nation, under God, with liberty, unity, and justice for all. This is ideal. This is our America.

    Spying on us is against what we all are defined by–American. It saddens me to find out that the government would abuse its power, that WE have given to them, in order to betray us. This is outrageous, and sickening.

    I believe that from the information I have read here, that perhaps NSA’s new restrictions may be just another ploy to deceive the people. Once we let down our suspicions, we are easier to attack, control, and dominate. I feel that I cannot trust anyone. I am very sad that these unfoldings have become what we talk about in our country. We have a great country, and it is being slowly and methodically destroyed.

Leave a Reply

Powered by sweetCaptcha