Posts
Fuck
you John Key - liar! Here we are again – New Zealand in the headlines for
all the wrong reasons.
A quick search under NZ media finds NOTHING.
Last
year, Dotcom’s mansion was raided by the police for alleged rights
and piracy-related breaches, all based on indictments filed in the
US.
Polls have shown that three quarters of the Kiwi population are opposed to the law. And Kim Dotcom promptly gave his reaction on Twitter with the words “RIP Privacy”.
A quick search under NZ media finds NOTHING.
New
Zealand has direct access to US surveillance
New
Zealand’s police and intelligence services have direct access to US
surveillance systems such as PRISM, to monitor email and capture
various data traffic, according to police affidavits in connection
with the raid on Kim Dotcom’s mansion.
RT,
23
August, 2013
The
news that the Organised and Financial Crime Agency New Zealand
(OFCANZ) requested assistance from the Government Communications
Security Bureau (GCSB) was revealed by blogger Keith Ng on his On
Point blog.
He
discovered that the police provided the GCSB – the government’s
signals intelligence unit – with a list of indicators for scanning
emails and other information traffic generated by Kim Dotcom and his
colleagues and co-founders at Megaupload.
New
Zealand and Australia use a ‘selector’ categorization
system akin to the NSA’s XKEYSCORE, revealed recently by
whistleblower Edward Snowden in his set of PRISM revelations about
unsanctioned US spying on people across the globe.
PRISM
is an all-reaching computer surveillance system run by the US
government and the NSA.
Some
of these selectors have been redacted in the documents, but others
remain – such as Kim Dotcom’s email addresses and the names of
proxy servers he uses to access various accounts and servers.
Megaupload founder Kim Dotcom (AFP
Photo/Marty Melville)
There
is clear indication of the surveillance system monitoring live
traffic. The reports reveal communications interspersed with terms
such as ‘CONFIDENTIAL’ or ‘NEW ZEALAND
EYES ONLY’, or even ‘SECRET…REL TO NZL, AUS, CAN,
GBR, USA,” which speaks for itself.
However,
while this is certainly a new revelation, it may not be surprising to
many.
The NSA sometime shares information with NZ, as part of the Five Eyes intelligence-sharing alliance, which also includes the UK, Australia and Canada.
The NSA sometime shares information with NZ, as part of the Five Eyes intelligence-sharing alliance, which also includes the UK, Australia and Canada.
Moreover,
New Zealand passed a
new bill in
August, which radically expands the powers of its spying agency. The
legislation was passed 61 votes to 59 in a move that was slammed by
the opposition as a death knell for privacy rights in New Zealand.
The
new amendment bill gives the GCSB powers to support the New Zealand
police, Defense Force and the Security Intelligence Service.
Polls have shown that three quarters of the Kiwi population are opposed to the law. And Kim Dotcom promptly gave his reaction on Twitter with the words “RIP Privacy”.
NZ
police affidavits show use
of PRISM for surveillance
New
Zealand’s police and intelligence services have direct access to US
surveillance systems such as PRISM, to monitor email and capture
various data traffic, according to police affidavits in connection
with the raid on Kim Dotcom’s mansion.
Keith Ng
23
August, 2013
Police
affidavits related to the raid on Kim Dotcom's Mega mansion appear to
show that New Zealand police and spy agencies are able to tap
directly into United States surveillance systems such as PRISM to
capture email and other traffic.
The
discovery was made by blogger Keith Ng who wrote on his On Point blog
that the Organised and Financial Crime Agency New Zealand (OFCANZ)
requested assistance from the Government Communications Security
Bureau (GCSB), the country's signals intelligence unit, which is
charge of surveilling the Pacific region under the Five-Eyes
agreement.
A
list of so-called selectors or search terms were provided to GCSB by
the police [PDF, redacted] for the surveillance of emails and other
data traffic generated by Dotcom and his Megaupload associates.
'Selectors'
is the term used for the National Security Agency (NSA) XKEYSCORE
categorisation system that Australia and New Zealand contribute to
and which was leaked by Edward Snowden as part of his series of PRISM
revelations.
Some
"selectors of interest" have been redacted out, but others
such as Kim Dotcom's email addresses, the mail proxy server used for
some of the accounts and websites, remain in the documents.
Megaupload
co-founders Bram van der Kolk and Sven Ecthernach was were also
targeted for electronic surveillance, ditto Dotcom's wife Mona.
Dotcom's
mansion was raided by NZ police last year for crimes related to
online piracy, based on indictments filed in the US.
One
note on the reports generated from the surveillance points to the
system used capturing real-time traffic.
Several
of the documents are classified as "CONFIDENTIAL COMINT/NEW
ZEALAND EYES ONLY" with one being marked as "SECRET/COMINT/REL
TO NZL, AUS, CAN, GBR, USA".
The
spying on Dotcom, his wife and van der Kolk was deemed to be illegal
as all three are residents of New Zealand and the GCSB is precluded
by current law from intercepting their communications.
In
the United States, declassified government documents have been
released to the Electronic Frontier Fourndation that show the NSA
operates an eavesdropping program that has direct access to internet
communications.
The
documents are part of a statement by the US Foreign Intelligence
Surveillance Court (FISC) which berates the NSA for misleading the
tribunal on the extent of domestic spying on innocent people, saying
such collection was unconstitutional.
And from the man himself -
Enter the passphrase and BAM – you’ve decrypted a message! (If you haven’t, check that you’ve copied the whole message, and check that you typed in the password properly.)
Ich
bin ein Cyberpunk
Keith
Ng
22
August, 2013
Welcome
to your sudden but inevitable future of ubiquitous surveillance.
To
an extent, I appreciate the
arguments made by supporters of the GCSB Bill
– it’s not really a huge encroachment of mass surveillance
powers, it is, mostly, just the formalisation of mass surveillance
powers that have been encroaching for a decade. We are not fucked
off because of the bill itself, really, but because we’ve finally
been forced to pay attention to the barftastic overreach of state
surveillance that’s been happening around us.
At
least, that’s true for me. Thanks to the GCSB Bill, I finally got
around to reading the
Kim Dotcom affidavits.
It’s the best example we have of how “GCSB assistance” is
actually rendered. The Police asked the GCSB for help in a one-page
request (page 13 of this):
Once
the GCSB’s lawyer had a look at it, the Police provided a list of
“selectors” to the GCSB (we now know from the PRISM documents
that “selectors”
is the term used to describe the search terms
used to make PRISM requests):
The
selectors were entered into █████, in an email classified
as “SECRET//COMINT//REL TO NZL, AUS, CAN, GBR, USA”. In other
words, the selectors were entered into a secret communications
intelligence system, and this secret system was considered related to
Five Eyes:
The
email from the GCSB then described “traffic volume from these
selectors”: i.e. This secret system was capturing live traffic.
What
does this mean? It means that GCSB assistance is NSA assistance. It
means that government agencies can tap into these powers as part of
bread-and-butter law enforcement. Through the Bradley
Ambrose case,
we’ve seen that the Police are willing to use the full extent of
their powers for entirely bullshit cases. Combine the two, and it
makes me very, very queasy.
I
ended my
post in May
with “we need to start by getting really, really fucked off”.
What is step two? Fortunately, there is a
25-year-old answer
to this question: Encrypt everything.
Over
the next however long it’s going to take me, I’m going to be
doing short posts on how to secretfy your stuff. Today’s post is on
encrypting text using public-key encryption.
Public-key
Encryption (the uber-short version)
This
technique
is based on a pair of matching keys – one public, one private.
Anything encrypted with one can only be decrypted with the other.
Why? MATHS, that’s why. The public key is then made public (my key
is here),
and anyone can use that key to encrypt a messsage. Only you – with
the private key that you keep secret – can decrypt that message.
It’s
actually not that hard. The simplest tool for dealing with PGP keys
is gpg4usb.
Go download it and have a play. Purely for testing purposes, here
is the public AND private keys
for “John PGPKey” (right click on the link –> “Save link
as..” to save the file). Open up gpg4usb and use the menu bar: Keys
–> Import Key from.. –> File.
Select
the .asc file you just downloaded. You can now use John PGPKey’s
private and public keys.
(Just
to reiterate, this is for testing purposes only – you should NEVER
put your real private key on the internet.)
Here
is a message
that’s been encrypted using John PGPKey’s public key. Open it up
and copy and paste the garbled text into gpg4usb (including the BEGIN
PGP MESSAGE and END PGP MESSAGE lines). Click on the “Decrypt”
button. It’ll ask you for a passphrase, which is “spicy
panopticon in a dunnenad sauce” (this
is a more reliable guide
to making secure passphrases than your IT department).
(And
no, you should not be putting the passphrases for your real private
key on the internet, either. NOTE: Apologies if this didn’t work
before, I posted the wrong version of the key I was faffing around
with.)
Enter the passphrase and BAM – you’ve decrypted a message! (If you haven’t, check that you’ve copied the whole message, and check that you typed in the password properly.)
Now,
to encrypt a message, just type things into the text box, select the
key you want to encrypt with, and click on the “Encrypt” button.
Pretty goddamn easy.
To
create your own key, open up Keys –> Manage Keys. From the Key
Management window, open up Key –> Generate Key. Fill out the
boxes and go. You can export the public key and put it somewhere
public – but let’s not actually do that yet, until we have a way
of securing your private key.
In
the next part, we’ll talk about publishing keys, verifying keys,
signing with keys
No comments:
Post a Comment
Note: only a member of this blog may post a comment.