Thursday, August 08, 2013

a free man is a dangerous man at the end of the constitutional era...,


reuters | "What bothers me is the hypocritical bit - we demonize China when we've been doing these things and probably worse."

Alexander took a conciliatory tone during his Black Hat speech, defending the NSA but saying he looked forward to a discussion about how it could do things better.

Black Hat attracts professionals whose companies pay thousands of dollars for them to attend. Def Con costs $180 and features many of the same speakers.

At Black Hat, a casual polling station at a vendor's exhibition booth asking whether Snowden was a villain or a hero produced a dead heat: 138 to 138. European attendees were especially prone to vote for hero, the vendor said.

Def Con would have been much rougher on Alexander, judging by interviews there and the reception given speakers who touched on Snowden and other government topics.

Christopher Soghoian, an American Civil Liberties Union technologist, drew applause from hundreds of attendees when he said the ACLU had been the first to sue the NSA after one of the spy programs was revealed.

Peiter Zatko, a hacker hero who funded many small projects from a just-departed post at the Pentagon's Defense Advanced Research Projects Agency, told another large audience that he was unhappy with the surveillance programs and that "challenging the government is your patriotic duty."

The disenchanted give multiple reasons, citing previous misleading statements about domestic surveillance, the government's efforts to force companies to decrypt user communications, and the harm to U.S. businesses overseas.

"I don't think anyone should believe anything they tell us," former NSA hacker Charlie Miller said of top intelligence officials. "I wouldn't work there anymore."

Stamos and Moss said the U.S. government is tilting too much toward offense in cyberspace, using secret vulnerabilities that their targets can then discover and wield against others.

Closest to home for many hackers are the government's aggressive prosecutions under the Computer Fraud and Abuse Act, which has been used against Internet activist Aaron Swartz, who committed suicide in January, and U.S. soldier Bradley Manning, who leaked classified files to anti-secrecy website WikiLeaks.

A letter circulating at Def Con and signed by some of the most prominent academics in computer security said the law was chilling research in the public interest by allowing prosecutors and victim companies to argue that violations of electronic "terms of service" constitute unauthorized intrusions.

Researchers who have found important flaws in electronic voting machines and medical devices did so without authorization, the letter says.

If there is any silver lining, Moss said, it is that before Snowden's leaks, it had been impossible to have an informed discussion about how to balance security and civil liberties without real knowledge of government practices. Fist tap Arnach.

"The debate is just starting," he said. "Maybe we can be a template for other democracies."