Posted by Kalyani M. on Oct 16, 2013
The Russian government is planning to install extensive surveillance to keep tab on the athletes and spectators attending the Winter Olympics games in Sochi. They have taken all measures to ensure that no communication by the spectators or athletes goes unmonitored during the event. As per the research conducted by two investigative Russian journalists Andrei Soldatov and Irina Borogan, the Russian authorities have made excellent arrangements in terms of communication support, including 4G coverage and free WI-Fi coverage throughout the city of Sochi. But the Internet, telephone and other communication providers have to build their network in such a way that the Russian security service FSB, can access and monitor all the traffic using Sorm, Russia’s system for intercepting phone and internet communications.
The reports suggest that the FSB has been working on upgrading the Sorm systems across Russia keeping in mind the extra traffic during the games. All the Internet and telecom providers have to install Sorm boxes as per the law and once they are installed the FSB can access data without even notifying the service providers. Along with Sorm the Russian security service is also planning to install a technology called “deep packet inspection” that will allow intelligence agencies to filter users by particular keywords. This controversial technology will be installed across Russia’s networks, and is required to be compatible with the Sorm system for network monitoring and data analysis. “There is an element of meta-data gathering, but Russian security services are not so interested in meta-data. This is about content,” Soldatov told The Telegraph, citing an “information security concept” document laying out these measures. “The idea seems to be to make communications in Sochi totally transparent for the Russian authorities. “For example you can use the keyword Navalny, and work out which people in a particular region are using the word Navalny,” says Soldatov, referring to Alexei Navalny, Russia’s best-known opposition politician. “Then, those people can be tracked further.”
The US State Department Bureau of Diplomatic Society has also warned those travelling to Russia this year for the Olympics to take precautions with communications and devices. The brochure sent out by the US state department warns business travelers not to share any trade secrets, negotiating positions, and other sensitive information during the games, as that information might be taken and shared with competitors, counterparts, and/or Russian regulatory and legal entities.
While this kind of intensive surveillance and monitoring poses risks to the privacy of people attending the Games, the Russian government claims to be taking such strict security measures for the protection of Sochi against terrorist attacks. Sochi neighbours Russia’s turbulent North Caucasus, where federal forces are fighting long-running separatist insurgencies, both Islamist and secular. Doku Umarov, a rebel leader who has claimed responsibility for a number of suicide bombings in Moscow in recent years, has called on his followers to attack the games.
Although the Russian surveillance program for the Olympics may sound similar to the PRISM program there are certain differences between the two. In US and Western Europe, a law enforcement agency needs to get a warrant from the court in order to request the network operator or Internet service provider to intercept the communication channels, and provide the requested information. On the other hand in Russia, FSB also needs to get an eavesdropping warrant, but it is not obliged to show it to anyone. The telecom and Internet providers have to pay for the Sorm equipments and installation but do not have access to the surveillance boxes. Therefore the FSB does not have to contact the service providers directly; instead they have to call on the security controller at the FSB HQ that is connected to the Sorm device on the ISP network.
"The Guardian quoted Ron Deibert, a professor at the University of Toronto and director of Citizen Lab, which co-operated with the Sochi research, as calling the Winter Games SORM upgrades “PRISM on steroids”. The difference in the two countries’ surveillance infrastructures can be found where the communications providers’ rights intersect with the government’s pre-emptive power to force its will upon them, he said: “The scope and scale of Russian surveillance are similar to the disclosures about the US programme but there are subtle differences to the regulations… We know from Snowden’s disclosures that many of the checks were weak or sidestepped in the US, but in the Russian system permanent access for Sorm is a requirement of building the infrastructure.”
Data privacy with SpiderOak
Users sometimes find that selecting a truly protected third party cloud service can be a challenge as most “secure” services on the market have glaring security gaps that leave their sensitive data wide open to third party attacks, leaks, and hacking. One rapidly expanding cloud storage and sync service that sets itself apart from the rest of the market is SpiderOak. This service provides users with fully private cloud storage and syncing, featuring all of the benefits of the cloud along with 100% data privacy. SpiderOak is available with onsite deployment and private servers or outsourced deployment through a private and secured public cloud server, so that users and small businesses of all sorts and sizes can tailor the service to fit their needs.
SpiderOak protects sensitive user data with 256-bit AES encryption so that files and passwords stay private. Authorized accounts and network devices can store and sync sensitive data with complete privacy, because this cloud service has absolutely “zero-knowledge” of user passwords or data. And all plaintext encryption keys are exclusively stored on approved devices because SpiderOak never hosts any plaintext data. This way, even if programs like NSA’s PRISM continue to stand unchallenged, people can rest easy knowing that their data is truly protected. SpiderOak’s cross-platform private cloud services are available for users on Windows, Mac, and Linux platforms, along with Android and iOS mobile devices, allowing for full flexibility and mobile access.
Interested in SpiderOak Products?
SpiderOak carved its niche as the top choice for those most concerned with privacy.
The engineering goal was simple – devise a plan where users’ files, filenames, file types, folders, and/or any other personal information are never exposed to anyone for any reason (even under government subpoena). This describes SpiderOak’s ‘zero-knowledge’ privacy environment. SpiderOak offers amazing products like SpiderOak Hive and SpiderOak Blue to secure consumer and enterprise data. SpiderOak Hive keeps all your files in sync across your computer and mobile devices. Here the end-user has the ownership of data and is the only one with the keys to unlock and look at plaintext data. You can signup for this product at SpiderOak Blue works seamlessly in your enterprise environment. To resolve authentication it deploys a virtual appliance that resides behind your firewall and integrates with Active Directory / LDAP for single sign-on. SpiderOak Blue is compatible in Mac, Windows, Linux, iOS and Android platforms. SpiderOak Blue is now available through a limited release. We have been working with several large enterprises through the beta period and will continue towards general release. If you’re curious about the product, please send an email to firstname.lastname@example.org and we will get back to you soon.