# US govt crackdown in response to Snowden



## james4beach (Nov 15, 2012)

The US government's intelligence agencies have been very busy for the last month. This news is mostly from the last 4 days, things the government has done (or is strongly suspected to do), probably in response to Snowden.

Here's what's happened, all discovered in the last few days. I've included reliable references at the bottom in case you think I'm being nutty and paranoid.

1. Lavabit, an encrypted email service that Snowden used, has been taken offline. The message from the business owner (which reads like a hostage's note) says that he's not allowed to disclose what happened, despite his first amendment rights, but it's pretty clear he shut it down to prevent the government from gaining total access to the service and its customers. The owner also strongly discourages using any US based IT service as the data cannot be kept private. I think the US government has just killed any privacy/IT industry.

2. Silent Circle, another private email service, shut down shortly after. They indicate this was to protect their customers from imminent compromise by the government.

3. The FBI has nabbed someone operating a major service within the tor privacy network, on child pornography allegations. The operator is being held in Ireland awaiting extradition to the USA. At the same time it's discovered that *someone hacked into tor*, compromising a large % of the network and installing backdoors into many users computers. It's strongly suspected that the US government hacked tor (see Wired article, there are good reasons to believe this). The tor network was one of the only viable methods for truly private web browsing, beyond the reach of Google and the NSA. Tor and one of its key services, Tor Mail, have now been compromised and are unusable. Part of this hack includes a malicious 0-day Firefox web browser exploit. Normally it's illegal to hack systems like this... unless you're the US government, I guess.

So in the last couple days we've got a new, very frightening environment for online privacy. It's clear now, there will be no more US-based web services for privacy and anonymity. That industry is DEAD. Second, tor -- a key system for online privacy -- is DEAD. Any political activist groups using the system may now be compromised by the US government. Third, it's clear the US government feels justified in performing malicious & illegal hacks on internet systems, I guess as long as it's in the name of protecting the world from terrorists or child pornographers.


References:
http://www.wired.com/threatlevel/2013/08/freedom-hosting/
http://www.theguardian.com/commentisfree/2013/aug/09/lavabit-shutdown-snowden-silicon-valley
http://yro.slashdot.org/story/13/08...il-provider-lavabit-shuts-down-blames-us-govt
http://it.slashdot.org/story/13/08/...s-lavabit-by-closing-encrypted-e-mail-service
http://yro.slashdot.org/story/13/08/04/2054208/half-of-tor-sites-compromised-including-tormail
http://blogs.computerworld.com/cybe...efox-zero-day-compromising-half-all-tor-sites
http://rt.com/usa/fbi-suspected-hacking-child-porn-079/
http://www.itwire.com/business-it-news/security/61006-the-fbi-peels-away-at-tor-illegal-activity
http://lavabit.com/
http://silentcircle.wordpress.com/2013/08/09/to-our-customers/


----------



## james4beach (Nov 15, 2012)

Further on the question of, who hacked tor?

There are a couple IP (internet) addresses where stolen information such as hardware MAC address (a unique identifier) are sent to. The computers are located in Virginia.

Usually you can do a 'whois' lookup on an IP address to see which organization owns it. The IP addresses in the tor exploit case are in an unnamed range with blank ownership, only associated with the telco Verizon. This in itself is unusual. Looking at network neighbourhoods, the IP addresses are located right next to networks belonging to the US Government and a US defense contractor.

http://www.propublica.org/nerds/item/is-the-u.s.-government-behind-torsploit


----------



## Retired Peasant (Apr 22, 2013)

james4beach said:


> ... discourages using any US based IT service as the data cannot be kept private. ..


It is naive to think that only 'US based IT services' are affected.


----------



## peterk (May 16, 2010)

Back to pen, paper and pony, i guess.


----------



## mrPPincer (Nov 21, 2011)

Should help boost the forestry industry.
Maybe all those researchers Harper fired can get jobs in pulp & paper mills now


----------



## andrewf (Mar 1, 2010)

The Russian government has bought typewriters. Seems sensible to me. Now US spies will actually have to get off their duffs and obtain that info the old fashioned way.


----------



## HaroldCrump (Jun 10, 2009)

andrewf said:


> The Russian government has bought typewriters. Seems sensible to me. Now US spies will actually have to get off their duffs and obtain that info the old fashioned way.


I suggest that we bring back Sean Connery as 007 James Bond, and fire Daniel Craig.
We are moving backwards in time.


----------



## james4beach (Nov 15, 2012)

Retired Peasant said:


> It is naive to think that only 'US based IT services' are affected.


True. Actually my first thought when I saw this news was, hey, I will create businesses to replace these in Canada and earn lots of money. I've run similar services before and with my background could easily implement a solid solution.

I got excited about the business opportunity! Here's something I have the tools to do, and there's a sudden market opportunity.

Then I started digging around... well it turns out that Canada-based Hushmail was compromised in 2007 by court order. So Canada is no different than the USA, in this respect. I would not be able to create an innovative privacy enhancing service in Canada, and that's disappointing, because this is an economic opportunity that Canada is missing out on.

And I wouldn't even try operating such a thing out of another country, because if "pedophiles" (or terrorists, or whoever turns our stomach) start using my service, maybe I would also get arrested back in Canada -- not a risk I'm willing to take.

We are definitely moving back in time.


----------



## james4beach (Nov 15, 2012)

P.S. terrorists and child molesters are also known to drive cars ... so I suggest we outlaw automobiles.

Makes about as much sense as these indiscriminate crackdowns on cryptography and online privacy


----------



## james4beach (Nov 15, 2012)

Here's another ridiculously aggressive move by governments, to teach the population "a lesson" about speaking out and asking questions.

In a not very subtle move:

*Husband of NSA-leak reporter held under U.K. terror law
'To start detaining the family members of journalists is simply despotic,' Guardian writer says*
http://www.cbc.ca/news/world/story/...reenwald-partner-detained-london-airport.html
http://www.theguardian.com/world/2013/aug/18/glenn-greenwald-guardian-partner-detained-heathrow

Is this the kind of world you want to live in? A journalist interviews a government whistleblower, and now the journalist is harassed by government to send him & other journalists a message to keep their mouths shut?


----------



## fatcat (Nov 11, 2009)

james4beach said:


> Here's another ridiculously aggressive move by governments, to teach the population "a lesson" about speaking out and asking questions.
> 
> In a not very subtle move:j
> 
> ...


when you take on very powerful and secretive organizations, you should probaly expect this kind of s#it to happen ... if his laptop wasn't encrypted and his phone wasn't wiped then bad on him ... not hard to do either ... or better, just fedex them ahead of time separately 

and tor was related to browser problems in windows ... it is still working fine ... lesson, don't use windows and make sure your gear is up to date


----------

