AMITIAE - Saturday 3 August 2013
Cassandra: Surveillance in the Home - Joining some Dots (Amended - additional sources)
By Graham K. Rogers
In the news a great deal of late has been the revelations of Edward Snowden concerning the way that the NSA and other organisations have been conducting surveillance on individuals. The main outcry in the USA has been that US citizens have been targeted, although the NSA has been redefining some of the words it has used to make it seem more palatable. That and lying to Congress.
A report in the Jakarta Times last week showed some of the anger that erstwhile allies are feeling with the knowledge that their President (and others) was spied in when attending the 2009 G20 summit in London. Indonesia has had to promise that no such spying will take place at an upcoming APEC summit. One hopes they tell the United States.
Some types of surveillance are valuable. Traffic cams can show where congestion occurs and allow better route-planning; since 2010 Apple has a feature on its iOS devices and Macs for tracking a stolen or lost device (nice to see Android also copying this now); and crimes committed in public have been solved by careful use of such camera input, for example the Boston bombings, which were sadly not prevented however, despite all the tools apparently at the disposal of the security services.
There is also the benefit that cameras can be used to catch those supposed to be enforcing the law when they exceed their authority, or are even violent towards members of the public. Perhaps this is why so many police (and other law enforcement organisations) claim illegally that taking pictures of them should stop, even confiscating cameras and deleting shots. Illegally.
When the tracking enters the home or a user's private space, things are more problematical.
An aspect of the potential hacking was that the camera could be turned on, but the user would be unaware as the activity light would not be activated. Time perhaps for some Band-Aid fixes.
We are told in the report that the security breach could have allowed a number of other actions, perhaps concerning financial transactions on the internet, to be carried out. One security analyst cited in the report said, "If there's a vulnerability in any application, there's a vulnerability in the entire TV". The fault has now been fixed we are told, but I am sure I am not alone in not feeling at all secure, especially as Samsung is recommending that ". . . customers use encrypted wireless access points."
Their claim that their latest TV is "The most advanced tv experience" may be truer than consumers realise.
Masnick's article has a number of useful links to articles in which key-loggers are mentioned, in cases going back to 2001, but there is also a Wall Street Journal item that appeared a couple of days ago (1 August) by Jennifer Valentino-DeVries and Danny Yadron which explains in some detail how the FBI is using hacker tricks to access information that would previously have been inaccessible.
The article mentions the small industry that has grown up to provide such tools and the USA is not the only place where these are being developed. Some experts from Thailand are regularly visiting establishments to the west of London to be coached in the use of such new technologies. From what I am told, the capabilities are being expanded here too and that already several of the tools have been deployed.
Mike Masnick also highlights the "wonderful" line: "The bureau has controls to ensure only "relevant data" are scooped up". As the word, "relevant" has been used by the NSA a lot recently and is one of those featured in its apparent redefining of the language, eyebrows should be raised here.
The port reader software is used to intercept communications and, while some ISPs are resisting (and some courts are not cooperating), some are just rolling over. The report, analysis and comments by Declan McCullagh are worth taking time over. Consider the implications.
If the US has such capabilities, it may well have shared some of the technology (at least) with allies. it is well-known, for example, that the UK government (present and previous) have been pushing for legislation that will allow total access to all communications, relevant or not.
While the ISP is within its rights to do this, and local ISPs are under some pressure to prevent access to certain sites that may contain information the authorities do not want viewed here, in the context of the Snowden affair, it was interesting to see that Thailand was one of the countries that featured on the NSA map of places from which data was collected.
It was clear that Bangkok was one of the locations, but the others in the region are not clear. It was suggested that Vietnam was one, and Ho Chi Minh City (Saigon) looks a likely candidate. Malaysia was also suggested, but Singapore is more probable as it is a friendly state and most of the communications to and from the region pass through there.
As most of the data being swept up has no use whatsoever in a security context, he is justifiably enraged: as should we all be. The cartoon is on the page and may make some laugh for its irreverence and the way it highlights the unnecessary waste of resources.
Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand where he is also Assistant Dean. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs.
For further information, e-mail to