Stuff That Matters
I'm writing this in a hotel room entered through two doors. The hall door is the normal kind: you stick a card in a slot, a light turns green, and the door unlocks. The inner one is three inches thick, has no lock and serves a single purpose: protection from an explosion.
This grace is typical of many war-zone prophylaxes here in Tel Aviv, Israel's second-largest city. The attacks come in cycles, and the one going on now (in mid-July 2014) is at a peak. Sirens go off several times a day, warning of incoming rockets from Gaza. When that happens, people stop what they're doing and head for shelters. If they're driving, they get out of their cars and lie on the ground with their heads covered.
Since I got here, I have joined those throngs three times in small, claustrophobia-inducing shelters—once in my hotel, once in an apartment house where I was visiting friends and once in a bunker entered through a men's room at the beach. After gathering behind a heavy door, everyone in the shelter tensely but cheerfully waits to hear a "boom" or two, then pauses another few minutes to give shrapnel enough time to finish falling to the ground. Then they go outside and return to whatever they were doing before the interruption.
But not everybody bothers with the shelters. Some go outside and look at the sky. I was one of those when I shot the photo shown in Figure 1 from the front porch of my hotel, a few moments after hearing a pair of booms.
Figure 1. Two incoming Hamas rockets from Gaza, intercepted by four Israeli missiles.
The photo tells a story in smoke of two incoming Hamas rockets from Gaza, intercepted by four Israeli missiles. The round puffs of smoke mark the exploded rockets. The parallel trails mark the paths of the interceptors. These are examples of the "Iron Dome" at work.
People here monitor rocket attacks using a free mobile app called Red Alert. The one on my phone tells me there were 27 rocket attacks fired from Gaza on Israel yesterday, including the long-range ones I saw intercepted over Tel Aviv. (Most are short-range ones targeted at cities closer to Gaza.)
Meanwhile, Linux Journal and its readers also are under an attack, of sorts, by the NSA. Here are the crosshairs at which we sit, in an NSA surveillance system called XKEYSCORE:
// START_DEFINITION /* These variables define terms and websites relating to the TAILs (The Amnesic Incognito Live System) software program, a comsec mechanism advocated by extremists on extremist forums. */ $TAILS_terms=word('tails' or 'Amnesiac Incognito Live System') ↪and word('linux'or ' USB ' or ' CD ' or 'secure ↪desktop' or ' IRC ' or 'truecrypt' or ' tor'); $TAILS_websites=('tails.boum.org/') or ↪('linuxjournal.com/content/linux*'); // END_DEFINITION // START_DEFINITION /* This fingerprint identifies users searching for the TAILs (The Amnesic Incognito Live System) software program, viewing documents relating to TAILs, or viewing websites that detail TAILs. */ fingerprint('ct_mo/TAILS')= fingerprint('documents/comsec/tails_doc') or ↪web_search($TAILS_terms) or ↪url($TAILS_websites) or html_title($TAILS_websites); // END_DEFINITION
XKEYSCORE uses specific selectors to flag traffic, and the article reveals that Web searches for Tor and Tails—software I've covered here in Linux Journal that helps to protect a user's anonymity and privacy on the Internet—are among the selectors that will flag you as "extremist" and targeted for further surveillance. If you just consider how many Linux Journal readers have read our Tor and Tails coverage in the magazine, that alone would flag quite a few innocent people as extremist.
BoingBoing also was targeted. Writes Cory Doctorow, "Tor and Tails have been part of the mainstream discussion of online security, surveillance and privacy for years. It's nothing short of bizarre to place people under suspicion for searching for these terms."
Both kinds of attacks bring defensive responses. In the physical space above Israel, Iron Dome is fully developed and amazingly effective. In the cyber space surrounding us all on the Net, we have little to protect us from unwelcome surveillance. As the XKEYSCORE story shows, just looking for effective privacy help (such as Tor and Tails provide) places one under suspicion.
My current road trip began in London, where there are surveillance cameras in nearly all public spaces. These were used to identify the perpetrators of the bombings on July 21, 2005. Similar cameras also identified suspects in the Boston Marathon bombings of April 15, 2013. It is essential to note, however, that these cameras are not in people's homes, cars and other private spaces (at least not yet).
Our problem with the Net is that it is an entirely public space. In that space, Tor and Tails are invisibility cloaks, rather than the cyber equivalents of clothing, doors, windows and other well-understood and widely used ways of creating and maintaining private spaces.
We do have some degree of privacy on our computers and hard drives when they are disconnected from the Net and through public key cryptography when we communicate with each other through the Net. But both are primitive stuff—the cyber equivalents of cave dwellings and sneaking about at night wearing bear skins.
It should help to recognize that we've been developing privacy technologies in the physical world for dozens of thousands of years, while we've only had today's version of cyber space since 1995, when ISPs, graphical browsers and the commercial Web first came together.
But living in early days is no excuse for not thinking outside the boxes we've already built for ourselves. Maybe now that wizards are in the crosshairs—and not just the muggles—we'll do that.
Got some examples? Let's have them.
Doc Searls is Senior Editor of Linux Journal
Getting Started with DevOps - Including New Data on IT Performance from Puppet Labs 2015 State of DevOps Report
August 27, 2015
12:00 PM CDT
DevOps represents a profound change from the way most IT departments have traditionally worked: from siloed teams and high-anxiety releases to everyone collaborating on uneventful and more frequent releases of higher-quality code. It doesn't matter how large or small an organization is, or even whether it's historically slow moving or risk averse — there are ways to adopt DevOps sanely, and get measurable results in just weeks.
Free to Linux Journal readers.Register Now!
- Django Models and Migrations
- Hacking a Safe with Bash
- Secure Server Deployments in Hostile Territory, Part II
- The Controversy Behind Canonical's Intellectual Property Policy
- Home Automation with Raspberry Pi
- Shashlik - a Tasty New Android Simulator
- Huge Package Overhaul for Debian and Ubuntu
- KDE Reveals Plasma Mobile
- Embed Linux in Monitoring and Control Systems
- diff -u: What's New in Kernel Development