Tuesday, October 11, 2011

How to Successfully Live in a Police State

Here is yet another example of the West's descent into a police state under the "War on Criminality" (or was that a "War on Terrorism"?) initiated by George Bush but vigorously prosecuted under Barack Obama. From a post by Cory Doctorow on BoingBoing:
Scottish mall-cop: it's illegal to take pictures in the mall; Scottish cop: photographers can have their devices confiscated under terrorism laws

by Cory Doctorow

A security guard in Braehead shopping centre near Glasgow questioned a man who was taking pictures of his young daughter looking cute while eating an ice-cream. The guard told him that photography in the mall was "illegal" and demanded that he delete any photos he'd taken while there. When the man told him he'd already posted the photos to Facebook, the guard summoned a policeman, who said that he could confiscate the phone under the UK's terrorism laws. The policeman took his details and "he was eventually allowed to leave."

The official statements from the mall and the police are maddeningly bureaucratic and every bit as stupid as the original incident: "a full review of the circumstances surrounding the incident and the allegations made is under way" say the police; "Our priority is always to maintain a safe and enjoyable environment for all of our shoppers and retailers," says the mall.

Just a reminder: pretty much everything that's legal on the public street is legal in a private store. A store or mall can have a policy saying "You can't wear purple here" or "You must enter the premises backwards" or "No photography allowed," but those are policies, not laws. A store's representatives can ask you to leave for violating their policies, but that's pretty much it (of course, if you refuse to leave, that's a different matter).
The "War on Terrorism" is like America's "War on Drugs". It has no end. There will always be drugs. There will always be terrorists. To start a war that has no end is very George Orwellian and reminds us that governments are not our friends. They are power mad crazies who will use any excuse to aggrandize power to themselves and ever more tightly circumscribe out lives to turn us into mindless robots "in service to the nation". Nuts!

Al Qaeda was a "police action". If Clinton had had the guts to do the right thing in the late 1990s Bin Laden would have been dead and there would have been no 9/11. If Bush had had the guts to do the right thing and put American boots on the ground in Afghanistan in 2001 they could have killed Bin Laden in the mountains of Tora Bora. One good thing I can say: Obama has the guts to use special ops to get the job done. He has taken out a fair amount of Al Qaeda leadership. Good for him. But Obama is no friend of liberty. He has clamped down on whistle-blowers. He has extended the hopeless "war" in Afghanistan. He has kept the torturers going in Guantanamo. He only meekly supported the Arab Spring.

Update... and here is more by Cory Doctorow on BoingBoing about the German government ignoring its own laws to spy on its citizens and insert malware that makes their computers vulnerable to attack by anybody.
Chaos Computer Club cracks Germany's illegal government malware, a trojan that spies on your PC and lets anyone off the street hijack it

By Cory Doctorow at 10:11 pm Monday, Oct 10

Germany's Chaos Computer Club published the sourcecode for a piece of malware used by the German government to spy on citizens. The software was discovered in the wild and reverse engineered. It can be used to spy on or control remote PCs. Because of flaws in the software, anyone who was infected with this by German police was vulnerable to spying by "anyone on the street." The German supreme court banned the use of trojans to spy on German citizens in 2008.
The analysis also revealed serious security holes that the trojan is tearing into infected systems. The screenshots and audio files it sends out are encrypted in an incompetent way, the commands from the control software to the trojan are even completely unencrypted. Neither the commands to the trojan nor its replies are authenticated or have their integrity protected. Not only can unauthorized third parties assume control of the infected system, but even attackers of mediocre skill level can connect to the authorities, claim to be a specific instance of the trojan, and upload fake data. It is even conceivable that the law enforcement agencies's IT infrastructure could be attacked through this channel. The CCC has not yet performed a penetration test on the server side of the trojan infrastructure.

"We were surprised and shocked by the lack of even elementary security in the code. Any attacker could assume control of a computer infiltrated by the German law enforcement authorities", commented a speaker of the CCC. "The security level this trojan leaves the infected systems in is comparable to it setting all passwords to '1234'".

To avoid revealing the location of the command and control server, all data is redirected through a rented dedicated server in a data center in the USA. The control of this malware is only partially within the borders of its jurisdiction. The instrument could therefore violate the fundamental principle of national sovereignty. Considering the incompetent encryption and the missing digital signatures on the command channel, this poses an unacceptable and incalculable risk. It also poses the question how a citizen is supposed to get their right of legal redress in the case the wiretapping data get lost outside Germany, or the command channel is misused.
Electronic Surveillance Scandal Hits Germany [spiegel.de]
Go read the original post to get the embedded links.

I love anything by Cory Doctorow. He is a smart dude and he is concerned about issues that are close to my heart: intellectual property rights, human rights, technology. I confess I've only read a couple of his fiction pieces. I know that's his "day job". But I love the hobbyist Doctorow more than the career Doctorow.

No comments: