Top Leaderboard, Site wide
August 1, 2014
Truthdig: Drilling Beneath the Headlines
Help us grow by sharing
and liking Truthdig:
Sign up for Truthdig's Email NewsletterLike Truthdig on FacebookFollow Truthdig on TwitterSubscribe to Truthdig's RSS Feed

Newsletter

sign up to get updates


Hydropower Illuminates a Piece of History






Truthdig Bazaar
America’s Child

America’s Child

By Susan Sherman
$11.70

more items

 
Ear to the Ground

Use a Dead Man’s Switch to Announce NSA Sabotage

Email this item Email    Print this item Print    Share this item... Share

Posted on Sep 9, 2013
theilr (CC BY-SA 2.0)

Security systems deliberately weakened by the NSA put their users at risk. Cory Doctorow, author and co-editor of the group blog Boing Boing, suggests building a service that puts a “dead man’s switch” on every website subject to government interference that would alert users their security has been compromised.

The method is a way around legally binding orders that forbid email, cloud computing and other Internet service providers from notifying their clients when they receive government directives to release user information. “Even the most trustworthy operators may face secret orders to silently betray you, with terrible penalties if they speak out,” Doctorow writes.

“It doesn’t really matter if you trust the ‘good’ spies of America and the UK not to abuse their powers,” he continues, explaining the urgent need for such a service. “It is laughable to suppose that the back doors that the NSA has secretly inserted into common technologies will only be exploited by the NSA. There are plenty of crooks, foreign powers, and creeps who devote themselves to picking away patiently at the systems that make up the world and guard its wealth and security (that is, your wealth and security) and whatever sneaky tools the NSA has stashed for itself in your operating system, hardware, applications and services, they will surely find and exploit.

“Ultimately these are only as trustworthy as the people who run them,” Doctorow writes. “If the law is perverted so that we cannot tell people when their security has been undermined, it follows that we must find some other legal way to warn them about services that are not fit for purpose.” Read on below to see how the service would work.

—Posted by Alexander Reed Kelly.

The Guardian:

Once you’re registered, you tell the dead man’s switch how often you plan on notifying it that you have not received a secret order, expressed in hours. Thereafter, the service sits there, quietly sending a random number to you at your specified interval, which you sign and send back as a “No secret orders yet” message. If you miss an update, it publishes that fact to an RSS feed.

Such a service would lend itself to lots of interesting applications. Muck-raking journalists could subscribe to the raw feed, looking for the names of prominent services that had missed their nothing-to-see-here deadlines. Security-minded toolsmiths could provide programmes that looked through your browser history and compared it with the URLs registered with the service and alert you if any of the sites you visit ever show up in the list of possibly-compromised sites.

No one’s ever tested this approach in court, and I can’t say whether a judge would be able to distinguish between “not revealing a secret order” and “failing to note the absence of a secret order”, but in US jurisprudence, compelling someone to speak a lie is generally more fraught with constitutional issues than compelled silence about the truth. The UK is on less stable ground – the “unwritten constitution” lacks clarity on this subject, and the Regulation of Investigatory Powers Act allows courts to order companies to surrender their cryptographic keys (for the purposes of decrypting evidence, though perhaps a judge could be convinced to equate providing evidence with signing a message).

Read more

More Below the Ad

Advertisement

Square, Site wide

New and Improved Comments

If you have trouble leaving a comment, review this help page. Still having problems? Let us know. If you find yourself moderated, take a moment to review our comment policy.

 
Right 1, Site wide - BlogAds Premium
 
Right 2, Site wide - Blogads
 
Join the Liberal Blog Advertising Network
 
 
 
Right Skyscraper, Site Wide
 
Join the Liberal Blog Advertising Network
 

A Progressive Journal of News and Opinion   Publisher, Zuade Kaufman   Editor, Robert Scheer
© 2014 Truthdig, LLC. All rights reserved.