Text: Small Text  Normal Text  Large Text  Larger Text

    Blog Archive

    PrevPrevApril 2014NextNext
    SMTWTFS
      12345
    6789101112
    13141516171819
    20212223242526
    27282930

    Snowden Documents Show U.S. Spy Operation at G20 in Toronto

    PDF  | Print |  E-mail
    Thursday November 28, 2013
    The CBC reports that newly obtained Snowden documents reveal that the Canadian government allowed the NSA to conduct widespread surveillance during the 2010 G8 and G20 summits. The six-day spying operation was apparently conducted  in close coordination with the Canadian partner.
    Tags:
    , , ,
    Share: Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShare
     

    Canada Complicit in Undermining Internet Privacy

    PDF  | Print |  E-mail
    Tuesday September 17, 2013
    As the tidal wave of disclosures on widespread U.S. surveillance continues - there is now little doubt that the U.S. government has spent billions creating a surveillance infrastructure that covers virtually all Internet and wireless communications - the question of Canada’s role in these initiatives remains largely shrouded in secrecy.

    The Canadian government has said little, but numerous reports suggest that agencies such as the Communications Security Establishment Canada (the CSE is the Canadian counterpart to the U.S. National Security Agency) are engaged in similar kinds of surveillance. This includes capturing metadata of Internet and wireless communications and working actively with foreign intelligence agencies to swap information obtained through the data mining of Internet-based surveillance.

    My weekly technology law column (Toronto Star version, homepage version) notes the active connection between Canadian and U.S. officials moved to the forefront last week with reports that Canadian officials may have played a starring role in facilitating U.S. efforts to create a "backdoor" to widely used encryption standards. That initiative has been described as "undermining the very fabric of the Internet."


    Tags:
    , , , ,
    Share: Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShare
    View
     

    Canada Complicit in Undermining Internet Privacy

    PDF  | Print |  E-mail
    Tuesday September 17, 2013
    Appeared in the Toronto Star on September 14, 2013 as Canada Complicit in Undermining Internet Privacy

    As the tidal wave of disclosures on widespread U.S. surveillance continues - there is now little doubt that the U.S. government has spent billions creating a surveillance infrastructure that covers virtually all Internet and wireless communications - the question of Canada’s role in these initiatives remains largely shrouded in secrecy.

    The Canadian government has said little, but numerous reports suggest that agencies such as the Communications Security Establishment Canada (the CSE is the Canadian counterpart to the U.S. National Security Agency) are engaged in similar kinds of surveillance. This includes capturing metadata of Internet and wireless communications and working actively with foreign intelligence agencies to swap information obtained through the data mining of Internet-based surveillance.

    The active connection between Canadian and U.S. officials moved to the forefront last week with reports that Canadian officials may have played a starring role in facilitating U.S. efforts to create a "backdoor" to widely used encryption standards. That initiative has been described as "undermining the very fabric of the Internet."

    Encryption standards play a crucial role in Internet security by allowing parties to communicate in a secure manner over open networks. The technologies are used for electronic banking, medical records, e-commerce transactions, and online communications.

    Earlier this month, new reports indicated that the NSA had secretly managed to defeat Internet privacy and security by cracking widely used encryption technologies. The revelations sent shock waves throughout the Internet security community and raised doubts about the security of millions of transactions that take place online.

    While the NSA reportedly uses several techniques to break encryption, including deploying super-computers and working with technology companies to weaken the security embedded within their products, the most important factor may have been the creation of several international encryption standards that made it easier for the agency to crack encrypted messages.

    As reported by the New York Times, the encryption standards involve the use of mathematical algorithms to generate random numbers. Those randomly generated numbers play an important role in creating encrypted messages by making it virtually impossible to crack the code. Yet behind-the-scenes, it turns out the NSA wrote the standard, granting itself the capability to break the resulting encryption.

    The Canadian role in these developments is linked to how the NSA managed to gain control over the standard setting process. In 2006, the CSE ran the global standard setting process for the International Organization for Standardization. The NSA convinced the CSE to allow it to re-write an earlier draft and ultimately become the sole editor of the standard.

    The CSE claims that its relationship with the NSA during the standard setting process was merely designed to support the Canadian government’s effort to secure its technological infrastructure. However, it is now clear that Canada worked with the U.S. to ensure that the backdoor was inserted into the encryption standard and that it may have gained access to decryption information in the process.

    In fact, Canada’s work with the U.S. on surveillance issues has even included financial compensation. Bill Robinson, who actively tracks CSE activities, recently reported "that a specific account exists within the government's Financial Reporting Accounts to record payments that CSE receives from foreign governments." Government documents indicate that the account "is used by Communications Security Establishment to record funds received from foreign governments, to cover expenditures to be made on their behalf, in accordance with the provisions of agreements with the Government of Canada."

    In other words, Canada may not only have played a key role in facilitating one of the most significant incursions into the Internet privacy, but it may even have been paid for its work.   

    Michael Geist holds the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa, Faculty of Law. He can reached at mgeist@uottawa.ca or online at www.michaelgeist.ca.


    Tags:
    , , , ,
    Share: Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShare
     

    Canada Facilitated NSA's Effort To Weaken Encryption Standards

    PDF  | Print |  E-mail
    Wednesday September 11, 2013
    The NY Times reports that Canada played a notable role in assisting the NSA to weaken encryption standards. The Times reports:

    internal memos leaked by a former N.S.A. contractor, Edward Snowden, suggest that the N.S.A. generated one of the random number generators used in a 2006 N.I.S.T. standard - called the Dual EC DRBG standard - which contains a back door for the N.S.A. In publishing the standard, N.I.S.T. acknowledged “contributions” from N.S.A., but not primary authorship.

    Internal N.S.A. memos describe how the agency subsequently worked behind the scenes to push the same standard on the International Organization for Standardization. “The road to developing this standard was smooth once the journey began,” one memo noted. “However, beginning the journey was a challenge in finesse.”

    At the time, Canada’s Communications Security Establishment ran the standards process for the international organization, but classified documents describe how ultimately the N.S.A. seized control. “After some behind-the-scenes finessing with the head of the Canadian national delegation and with C.S.E., the stage was set for N.S.A. to submit a rewrite of the draft,” the memo notes. “Eventually, N.S.A. became the sole editor.”
    Tags:
    , ,
    Share: Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShare
     
    << Start < Prev 1 2 Next > End >>

    Results 1 - 4 of 5