Computer Security 8 - Governments vs. The Internet

Free speech and freedom:

Beware of he who would deny you access to information, for
in his heart he dreams himself your master.
  -- Sid Meier

"Read him his rights"
- most people know what that phrase means

The cop-tv-show theory of human rights:

We seem much more comfortable with propagating...values to future
generations nonverbally, through a process of being steeped in
media. Apparently this actually works to some degree, for police in
many lands are now complaining that local arrestees are insisting on
having their Miranda rights read to them, just like perps in American
TV cop shows. When it's explained to them that they are in a different
country, where those rights do not exist, they become
outraged. Starsky and Hutch reruns, dubbed into diverse languages, may
turn out, in the long run, to be a greater force for human rights than
the Declaration of Independence.
  -- Neal Stephenson

Central Question - Technology vs. Human Progress

• Is technology increasing human potential?
• Yes: The printing press increased human potential
  -twitter, email, the web are similar
• No: North Korea
  -technology can be bent to authoritarianism
  -better tech enables more effective dictatorship
• Mixed picture: China is authoritarian and elites stay in power
  -China government uses tech to suppress citizens
  -In some ways tech supports government critics/speech
  -Average Chinese person has gotten much wealthier for 20 years
  -(UN human development index)
• We don't know how this ends, but I'd like to be optimistic

Two Categories

• I'll talk about 2 major trends of Governments vs. The Internet
• 1. Government Surveillance
• 2. Governments vs. Free Speech

Category 1: Government Surveillance

Encryption Works

• Hard drive or phone use whole-disk AES encryption
• Extremely difficult or impossible to break
  -provided the password is long
• SnapChat etc. are similar
  -messages are encrypted in transit and on the phone
• Warrant is no help here, so FBI is irritated
• Accused required to provide password ... US law is not settled!
• US 5th amendment right against testifying against oneself
  -Basically the police need to come up with evidence besides admission

Examples...

1. Child Porn Hard Drive

• Accused hard-drive police think has child porn on it
• Accused refuses to give up password to drive
• Police can get a warrant to look through files etc.
• But encryption!
• https://arstechnica.com/tech-policy/2017/03/man-jailed-indefinitely-for-refusing-to-decrypt-hard-drives-loses-appeal/
• In this case, court is holding him in jail until he provides password
• Another problem: what if the accused actually forgets the password!
  -Could provide at least clue to drive dictionary-guessing
  -e.g. I remember it was Bunny- and then a bunch of numbers
• Note: the police can probably get finger print with a warrant, vs. password
• Here's a case where eventually the judge let them go:
  -probably the seriousness of the crime informs how long the judge will keep them
  -https://arstechnica.com/tech-policy/2017/05/jail-looms-large-for-suspects-ordered-to-reveal-forgotten-passwords/

2. San Bernardino Phones

• San Bernardino terrorists, mass shooting, killed 14 people
• Their phones used encryption (a common default)
• FBI wanted to look on there, but could not
• Eventually the FBI paid money for a vulnerability/exploit to get into the phone
  breaking into a phone is somewhat different from breaking into a hard drive
  possible, but expensive and uncertain
• https://www.washingtonpost.com/world/national-security/fbi-has-accessed-san-bernardino-shooters-phone-without-apples-help/2016/03/28/e593a0e2-f52b-11e5-9804-537defcc3cf6_story.html

3. Political Activist vs. Government

• Pro-encryption story pattern
• Political activist in an authoritarian country
• Exchanging messages with other activists
• Their phone is encrypted
• The activist is arrested: the police can't get anything off the phone
• Google, Apple, Facebook "tech" consensus:
  -If we provide some "backdoor" to break in for the FBI, the authoritarian government will use it too
  -Therefore don't have a backdoor

Encryption Current State

• Encryption is not that hard a tech to include (e.g. phones encrypted by default)
• Google, Apple, Facebook etc. are generally pro-encryption
• FBI etc. find this frustrating
  -with warrant they can still get info, just not what's encrypted on the phone
• FBI has argued there should be some sort of "backdoor" available with a warrant
• My guess is we will see more encryption and no backdoor
  -police will have to live with this blind spot

Snowden: US Government Surveillance vs. Warrant

• Warrant - permission to get info signed by a judge
  -Warrants are supposed to have probable cause and specificity
  -government is not supposed to "fishing trip" look through everything/everyone
• Edward Snowden: US govt is in fact doing some illegal fishing
• The govt does not have the resources to monitor everything
• But they could be monitoring some things in coarse detail
• e.g. who calls who (which numbers call which numbers, not the audio)
• e.g. who visits certain web sites
• This is probably not legal without a specific warrant
• How much is/was the US govt doing?
• We're not sure, it's a secret!
• Edward Snowden, a complex legacy
  -Whistleblower hero
  -Exposed insider spy-techniques that terrorists now know to avoid
  -Both seem to be true!

Category 2: Governments vs. Free Speech

• Another category of Governments vs. The Internet
• Autocracies are against sharing ideas:
  -free speech, opinions, blogs, newspapers, twitter
• China is the poster-child of no-free-speech (world's 2nd largest economy)
• IMHO: Being critical of your own institutions is an important value
• The US Government has many flaws
• The US Government is extremely good on freedom of speech

How Governments Censor Free Speech

• e.g China, North Korea: traditional autocratic, what-the-people-are-allowed-to-say / read
• e.g. Pakistan, Saudi Arabia .. mixing in limitations on un-islamic thought, combined with autocracy
• Control TCP/IP routers the connect country to whole internet
• Block certain IP addresses, domain names
• China has an army of people who monitor blogs etc., delete ideas that are not officially permitted
• China also has an army that floods the forums etc. with government-view posts
• I believe in freedom of thought, freedom of expression
• College is sort of epitome of that!
• I wonder how effective China government is on this, probably not zero
• A selection of articles..
• Censorship in china by Ai WeiWei
• China government custom version wikipedia - a crazy sounding idea
• What "Tiananmen" search looks like with censorship inside China
• Washington Post Censorship Works

Reason For Hope: Francis Fukayama

• Reasons for hope:
• Fall of communism: VHS video tapes showing western life overpowered the 24/7 regime propaganda (Francis Fukuyama, Stanford)
• Fukuyama in a nutshell: people can tell when they're being lied to all the time, they deeply dislike it, and this dislike cannot be erased, no matter how voluminous the propaganda
• Neal Stephenson story about Miranda rights (above)