December 28, 2024

RSA doesn't quite deny undermining customers' crypto

Reuters reported on Saturday that the NSA had secretly paid RSA Data Security $10 million to make a certain flawed algorithm the default in RSA’s BSAFE crypto toolkit, which many companies relied on. RSA issued a vehement but artfully worded quasi-denial. Let’s look at the story, and RSA’s denial.

Judge Leon explains why the NSA uses everyone's metadata

There are many interesting things to discuss in Judge Leon’s opinion from yesterday, finding the NSA’s phone metadata program likely unconstitutional. In this post, I’ll focus on an interesting bit of computer science in the judge’s ruling, and I’ll explain why the judge’s computer science argument is actually more powerful than he realized.

The Politics of the EU Court Data Retention Opinion: End to Mass Surveillance?

The Wall Street Journal headlines: “EU Court Opinion: Data Retention Directive Incompatible With Fundamental Rights”. The Opinion is strong, but in fact not yet an outright victory to privacy and civil liberties. The jury is out: the Opinion is a non-binding, but influential advice to the E.U. Court, that will deliver its final judgment come […]

NSA Strategy 2012-16: Outsourcing Compliance to Algorithms, and What to Do About It

Over the weekend, two new NSA documents revealed a confident NSA SIGINT strategy for the coming years and a vast increase of NSA-malware infected networks across the globe. The excellent reporting overlooked one crucial development: constitutional compliance will increasingly be outsourced to algorithms. Meaningful oversight of intelligence practises must address this, or face collateral constitutional […]

Improve Connectivity in Rural Communities – Principle #9 for Fostering Civic Engagement Through Digital Technologies

In my recent blog posts, I have been discussing ways that citizens can communicate with government officials through the Internet, social media, and wireless technology to solve problems in their communities and to effect public policy. Using technology for civic engagement, however, should not be limited to communications with elected or appointed government officials. One […]