Image may be NSFW.
Clik here to view.
For individuals and countless businesses, cloud computing is a means to more efficient and cost-effective information sharing, as seen in the following scenarios:
- A person sending notes to families and friends
- Acquaintances and work colleagues sharing files, photos, and messages with each other
- Data exchanges between businesses in the healthcare and educational sectors
- The upper echelons of government and their highly classified intelligence and communications
At the same time, however, it opened new avenues for exploitation, one of which is the invasion of users’ privacy.
Yet, despite post-Snowden revelations of government spying, the move to the cloud isn’t slowing down, partly because CIOs “really have no choice” according to Cloud Technology Partners’ David Linthicum, “considering the alternatives are not as effective.”
Cited in an InformationWeek article is a Gartner research predicting that public cloud services growth would exceed $180 billion by 2015 from $131 billion in 2013.
As cloud adoption continues to pick up, we’ve curated some of the most widely discussed consumer privacy threat reports that mostly stemmed from the revelations of former-NSA-contractor-turned-whistleblower-Hero Edward Snowden:
1. The government and the average American citizen’s intimate chats, photos, and emails
Image may be NSFW.
Clik here to view.
Perhaps what caused the most public outrage from Snowden’s revelation about the massive data collection programs PRISM and Upstream of the National Security Agency (NSA) is the fact that not just suspected metadata is being cached from digital communications, but even average users’ personal files.
Not only are these private files in the hands of strangers in the government, Snowden himself released cached copies to the Washington Post to prove how extensive this has been and how poorly the files have been safeguarded.
Spying for the sake of national security and anti-terrorism may be justified, as was the case with Najibulla Zazi and others, but when ordinary citizens’ private exchanges are likewise pulled in and subsequently jeopardized, what justification is there?
2. NSA’s ultimate goal is population control – William Binney
Image may be NSFW.
Clik here to view.
William Binney, another high-level NSA whistleblower, sheds light on the extent of NSA’s surveillance reach, which is “at least 80% of all audio calls, not just metadata.”
At this rate, this mass collection of phone records is considered an overreach.
In fact, as revealed in the Washington Post, the number of intercepted data from ordinary Internet users far outnumbers actual legal targets.
Meanwhile, the troubling implications of population control Binney asserts may be founded or unfounded, as the debate rages on.
Nevertheless, the bottom line the loudest objectors seem to have, like Senator and Republican presidential candidate Rand Paul, according to an excerpt from his tweet is:
“The phone records of law-abiding citizens are none of the NSA’s business!”
Which is a sound argument, although it must also be noted that President George Bush, who, in response to the September 11 terror attacks, signed into law the USA PATRIOT Act, Section 215 of which is cited by the NSA as the provision legalizing their data collection programs.
3. Australia is watching its citizens all the time
Image may be NSFW.
Clik here to view.
Another disturbing trend Snowden criticized is the passing of controversial metadata collection laws such as Australia’s Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2015, which is strikingly similar to the UK’s Data Retention and Investigatory Powers Act 2014 (DRIP).
In a nutshell, these laws will require ISPs and telecommunication service providers to retain all user metadata for a certain period of time – in Australia’s case, for two years.
Quoting Snowden’s explanation, as cited on RT.com:
“They’re collecting information and they’re just putting it in buckets that they can then search through.”
What he believes should alarm citizens even more is the executive wherewithal to not only monitor citizens at all times, but the capacity to share collected data with intelligence agencies, not just domestically but even abroad.
4. Mass phone surveillance, illegal – US Court of Appeals
Image may be NSFW.
Clik here to view.
Perhaps one encouraging development to this controversy is the recent ruling of the US Court of Appeals against the NSA.
To quote the ruling:
“We conclude that the district court erred in ruling that § 215 authorizes the telephone metadata collection program, and instead hold that the telephone metadata program exceeds the scope of what Congress has authorized and therefore violates § 215.”
The metadata collection program has been deemed unlawful – a “historic baby step” which digital rights nonprofit organization EFF (Electronic Frontier Foundation) believes as cause for celebration:
“The law that the NSA used to authorize its collection of vast amounts of information about the telephone calls of ordinary Americans is no more.”
The perceived victory, however, is short-lived, as the USA Freedom Act has just been approved and signed into effectivity.
The Freedom Act revived three surveillance provisions in the PATRIOT Act:
- The metadata collection is back on track, but the data remains in the hands of telecom providers, to be accessed by the NSA only with the approval of the FISA (Foreign Intelligence Surveillance Act) Court after sufficient proof of relevance to a terror investigation is provided.
- The remaining two provisions involve roving wiretaps, which some believe allow particularly lax capacities for spies.
5. Avoid Facebook and Google, get rid of Dropbox
Image may be NSFW.
Clik here to view.
In a 2014 interview, Edward Snowden strongly advised people against popular Internet services like Facebook and Google, as these were “dangerous services” where the data they harvest from users could be exploited, even with both stepping up their security.
More secure alternatives include Philadelphia-based search engine DuckDuckGo, which doesn’t profile its users, and webmail service ProtonMail, which provides a free encrypted email account.
Snowden also warned the public to “get rid of Dropbox” and use more secure cloud storage alternatives like SpiderOak.
The difference, as explained in a Wall Street Journal blog post, is that Dropbox only encrypts your content while in transit between you and their servers and while at rest on their servers. SpiderOak, on the other hand, encrypts your content right from the get-go as it sits on your device.
This makes your data “subpoena-proof” in that SpiderOak can only provide the requesting government agency a scramble of letters and numbers.
6. Don’t trust your phone, don’t trust your laptop
Image may be NSFW.
Clik here to view.
In a Reuters report, Moscow-based computer security firm Kaspersky alleged to have found computers in at least 30 countries infected with deeply embedded malicious software, some of which dating as far back as 2001.
A highly sophisticated spyware, the program is implanted in the firmware that controls hard disk drives and therefore is able to persist through disk reformatting.
In the words of lead Kaspersky researcher Costin Riau in an interview: “The hardware will be able to infect the computer over and over.”
The agency believed to have been behind the spying campaign was none other than the NSA.
In a chilling summarization by The Guardian’s John Naughton:
“Being able to compromise firmware gives an attacker total control of the system in a way that is stealthy and lasting, even through software updates. Which means that the unsuspecting victim can never get rid of it.”
Naughton adds that the compromised disk drives were from leading manufacturers such as Samsung, Toshiba, Seagate, Western Digital, IBM and Micron, the same disk drive brands that can easily find their way into your own computer.
Although the targets were primarily government, military, research, and institutions with tactical relevance instead of average users, it pays to be aware that this sort of infiltration is possible and no longer the stuff of science fiction.
And then, there was the NSA/GCHQ hacking into the internal computer network of Gemalto, the world’s largest SIM card manufacturer, which gave spies from the US and UK access to billions of cellphones.
Final word
According to the NSA: If you have nothing to hide, you have nothing to fear.
But how far will the surveillance go?
Can people still trust the government?
What chance does the ordinary citizen has for free speech if the organization they may end up fighting against is powerful enough to trace their every move, communication, and location?
Where can the line be drawn?
If you’ve read George Orwell’s 1984, perhaps you’ll understand the implications and deep-seated roots of this apprehension.
But as long as countries don’t second-guess their own surveillance laws and fight for their rights within reasonable national security bounds, the risks for exploitation still stand.
Until then, security and privacy measures remain largely in the user’s’ hands.
–
Let us know what you think in the comment section below.
The post The Post-Snowden World: What You Need to Know About The Cloud appeared first on Cloudswave Blog.
Image may be NSFW.Clik here to view.