How cryptography is a key weapon in the fight against empire states

The original cypherpunks were mostly Californian libertarians. I was from a different tradition but we all sought to protect individual freedom from state tyranny. Cryptography was our secret weapon. It has been forgotten how subversive this was. Cryptography was then the exclusive property of states, for use in their various wars. By writing our own software and disseminating it far and wide we liberated cryptography, democratised it and spread it through the frontiers of the new internet.

The resulting crackdown, under various "arms trafficking" laws, failed. Cryptography became standardised in web browsers and other software that people now use on a daily basis. Strong cryptography is a vital tool in fighting state oppression. That is the message in my book, Cypherpunks. But the movement for the universal availability of strong cryptography must be made to do more than this. Our future does not lie in the liberty of individuals alone.

Our work in WikiLeaks imparts a keen understanding of the dynamics of the international order and the logic of empire. During WikiLeaks' rise we have seen evidence of small countries bullied and dominated by larger ones or infiltrated by foreign enterprise and made to act against themselves. We have seen the popular will denied expression, elections bought and sold, and the riches of countries such as Kenya stolen and auctioned off to plutocrats in London and New York.

The struggle for Latin American self-determination is important for many more people than live in Latin America, because it shows the rest of the world that it can be done. But Latin American independence is still in its infancy. Attempts at subversion of Latin American democracy are still happening, including most recently in Honduras, Haiti, Ecuador and Venezuela.

This is why the message of the cypherpunks is of special importance to Latin American audiences. Mass surveillance is not just an issue for democracy and governance – it's a geopolitical issue. The surveillance of a whole population by a foreign power naturally threatens sovereignty. Intervention after intervention in the affairs of Latin American democracy have taught us to be realistic. We know that the old powers will still exploit any advantage to delay or suppress the outbreak of Latin American independence.

Consider simple geography. Everyone knows oil resources drive global geopolitics. The flow of oil determines who is dominant, who is invaded, and who is ostracised from the global community. Physical control over even a segment of an oil pipeline yields great geopolitical power. Governments in this position can extract huge concessions. In a stroke, the Kremlin can sentence eastern Europe and Germany to a winter without heat. And even the prospect of Tehran running a pipeline eastwards to India and China is a pretext for bellicose logic from Washington.

But the new great game is not the war for oil pipelines. It is the war for information pipelines: the control over fibre-optic cable paths that spread undersea and overland. The new global treasure is control over the giant data flows that connect whole continents and civlisations, linking the communications of billions of people and organisations.

It is no secret that, on the internet and on the phone, all roads to and from Latin America lead through the United States. Internet infrastructure directs 99% of the traffic to and from South America over fibre-optic lines that physically traverse US borders. The US government has shown no scruples about breaking its own law to tap into these lines and spy on its own citizens. There are no such laws against spying on foreign citizens. Every day, hundreds of millions of messages from the entire Latin American continent are devoured by US spy agencies, and stored forever in warehouses the size of small cities. The geographical facts about the infrastructure of the internet therefore have consequences for the independence and sovereignty of Latin America.

The problem also transcends geography. Many Latin American governments and militaries secure their secrets with cryptographic hardware. These are boxes and software that scramble messages and then unscramble them on the other end. Governments purchase them to keep their secrets secret – often at great expense to the people – because they are correctly afraid of interception of their communications.

But the companies who sell these expensive devices enjoy close ties with the US intelligence community. Their CEOs and senior employees are often mathematicians and engineers from the NSA capitalising on the inventions they created for the surveillance state. Their devices are often deliberately broken: broken with a purpose. It doesn't matter who is using them or how they are used – US agencies can still unscramble the signal and read the messages.

These devices are sold to Latin American and other countries as a way to protect their secrets but they are really a way of stealing secrets.

Meanwhile, the United States is accelerating the next great arms race. The discoveries of the Stuxnet virus – and then the Duqu and Flame viruses – herald a new era of highly complex weaponised software made by powerful states to attack weaker states. Their aggressive first-strike use on Iran is determined to undermine Iranian efforts at national sovereignty, a prospect that is anathema to US and Israeli interests in the region.

Once upon a time the use of computer viruses as offensive weapons was a plot device in science fiction novels. Now it is a global reality spurred on by the reckless behaviour of the Barack Obama administration in violation of international law. Other states will now follow suit, enhancing their offensive capacity to catch up.

The United States is not the only culprit. In recent years, the internet infrastructure of countries such as Uganda has been enriched by direct Chinese investment. Hefty loans are doled out in return for African contracts to Chinese companies to build internet backbone infrastructure linking schools, government ministries and communities into the global fibre-optic system.

Africa is coming online, but with hardware supplied by an aspirant foreign superpower. Will the African internet be the means by which Africa continues to be subjugated into the 21st century? Is Africa once again becoming a theatre for confrontation between the global powers?

These are just some of the important ways in which the message of the cypherpunks goes beyond the struggle for individual liberty. Cryptography can protect not just the civil liberties and rights of individuals, but the sovereignty and independence of whole countries, solidarity between groups with common cause, and the project of global emancipation. It can be used to fight not just the tyranny of the state over the individual but the tyranny of the empire over smaller states.

The cypherpunks have yet to do their greatest work. Join us.

Read Original Article...

Is Vumacam making South Africa a safer place?

Andre Botha from Constantia Kloof writes:

Like many residents in Constantia Kloof, we now have a shiny new pole in place for high-definition cameras, right in front of our home.

It is a pity this new pole does not match the black creosote poles that already carry the double washing line of fibre. Despite being paid-up members of the Constantia Kloof Residents Forum, the first we ever heard of these decorations was when they showed up to actually plant the poles, and by then no amount of protesting made any difference.

During the last day or two, I have been trying to pinpoint what really worries me about the new cameras. Is it all the privacy issues that have not yet properly been debated by South Africans? Is it the fact that no studies have been conducted within South Africa to ascertain the potential effects of these cameras in our unique, ultra-violent crime setting? (Incidentally, several overseas studies indicate that such networks of cameras have some potential to displace crime, but none to prevent it.)

Or is my concern merely because I do not like some artificial intelligence to tailor the adverts I receive according to where I go shopping, what car I drive, when I leave and return home, etc? No, that’s not it. All of that I can probably live with, in the hope of being a little safer. And indeed, Vumacam seems to be promising us that we will all sleep more soundly, once their initiative is making proper money.

So what is it then that is bothering me? Well, for me, it is all of the above, and this: how long will 30 hours feel to someone who has been quietly hijacked and taken prisoner (if not killed), while the hijackers are waiting for Vumatel to delete all evidence of their crime? Before our cameras come online, it would be nice to know the current percentage of male and female drivers who have managed to escape from residential hijackings. Call me paranoid if you like, but I have a bad feeling that these percentages will soon become much smaller.

Read Original Article...

Wow, fancy that. Web ad giant Google to block ad-blockers in Chrome. For safety, apparently

If the overhaul goes ahead, Adblock Plus and similar plugins that rely on basic filtering will, with some tweaks, still be able to function to some degree, unlike more ambitious extensions, such as uBlock Origin, which will be hit hard. The drafted changes will limit the capabilities available to extension developers, ostensibly for the sake of speed and safety. Chromium forms the central core of Google Chrome, and, soon, Microsoft Edge.

In a note posted Tuesday to the Chromium bug tracker, Raymond Hill, the developer behind uBlock Origin and uMatrix, said the changes contemplated by the Manifest v3 proposal will ruin his ad and content blocking extensions, and take control of content away from users.

Content blockers may be used to hide or black-hole ads, but they have broader applications. They're predicated on the notion that users, rather than anyone else, should be able to control how their browser presents and interacts with remote resources.

Manifest v3 refers to the specification for browser extension manifest files, which enumerate the resources and capabilities available to browser extensions. Google's stated rationale for making the proposed changes, cutting off blocking plugins, is to improve security, privacy and performance, and supposedly to enhance user control.

"Users should have increased control over their extensions," the design document says. "A user should be able to determine what information is available to an extension, and be able to control that privilege."

But one way Google would like to achieve these goals involves replacing the webRequest API with a new one, declarativeNetRequest.

The webRequest API allows browser extensions, like uBlock Origin, to intercept network requests, so they can be blocked, modified, or redirected. This can cause delays in web page loading because Chrome has to wait for the extension. In the future, webRequest will only be able to read network requests, not modify them.

The declarativeNetRequest allows Chrome (rather than the extension itself) to decide how to handle network requests, thereby removing a possible source of bottlenecks and a potentially useful mechanism for changing browser behavior.

"The declarativeNetRequest API provides better privacy to users because extensions can't actually read the network requests made on the user's behalf," Google's API documentation explains.

Whose privacy exactly?

But "better privacy" here means privacy as defined by Google rather than privacy defined by a third-party extension developer. That's fine in scenarios where Google is more trustworthy than a third-party developer; but if Google and its ecosystem of publishers and advertisers are the problem, then users may prefer allowing a third-party to filter network requests, even to the extent such intervention interferes with webpage functionality.

"If this (quite limited) declarativeNetRequest API ends up being the only way content blockers can accomplish their duty, this essentially means that two content blockers I have maintained for years, uBlock Origin and uMatrix, can no longer exist," said Hill.

The proposed changes will diminish the effectiveness of content blocking and ad blocking extensions, though they won't entirely eliminate all ad blocking. The basic filtering mechanism supported by Adblock Plus should still be available. But uBlock Origin and uMatrix offer far more extensive controls, without trying to placate publishers through ad whitelisting.

Don't forget, Google and other internet advertising networks apparently pay Adblock Plus to whitelist their online adverts. Meanwhile, Google has bunged its own basic ad blocking into its browser.

Several other developers commenting on the proposed change expressed dismay, with some speculating that Google is using privacy as a pretext for putting the interests of its ad business over those of browser users.

Hill, who said he's waiting for a response from the Google software engineer overseeing this issue, said in an email to The Register: "I understand the point of a declarativeNetRequest API, and I am not against such API. However I don't understand why the blocking ability of the webRequest API – which has existed for over seven years – would be removed (as the design document proposes). I don't see what is to be gained from doing this."

Hill observes that several other capabilities will no longer be available under the new API, including blocking media elements larger than a specified size, disable JavaScript execution by injecting Content-Security-Policy directives, and removing the outgoing Cookie headers.

And he argues that if these changes get implemented, Chromium will no longer serve users.

"Extensions act on behalf of users, they add capabilities to a 'user agent', and deprecating the blocking ability of the webRequest API will essentially decrease the level of user agency in Chromium, to the benefit of web sites which obviously would be happy to have the last word in what resources their pages can fetch/execute/render," he said.

"With such a limited declarativeNetRequest API and the deprecation of blocking ability of the webRequest API, I am skeptical 'user agent' will still be a proper category to classify Chromium."

Google, however, may yet be willing to address developers' concerns. "These changes are in the design process, as mentioned in the document and the Chromium bug," a Google spokesperson told The Register via email. "Things are subject to change and we will share updates as available." ®

Updated to add

Following a huge outcry from plugin developers and netizens, Google has reiterated that the proposed changes are not set in stone, and are subject to revision. While the internet goliath wants to rein in the level of access granted to Chrome browser extensions, it is prepared to work through the messy matter with third-party coders – who will have to rewrite parts of their software if this all goes ahead.

Also, we're happy to clarify that while Adblock Plus is affected by the draft changes, it will not be whacked as hard as other extensions, such as uBlock Origin, due to ABP's relatively simplistic filtering.

Indeed, the proposed API appears to promote ABP's simple filtering mechanism, rather than support the advanced content blocking other extensions offer. The sticking point is whether or not the proposed limit of 30,000 filter rules will be enough for the likes of Adblock Plus. ADP developers say it won't: their filter list has more than 70,000 entries.

"Adblock Plus is, of course, affected by this proposed change, because it would replace the main API that we (and almost all other content blockers) use to block requests with something a bit watered down," a spokesperson said.

"Even though we don't know the exact plans for this proposed change, should it get implemented we'll make sure ABP is available for Chrome users."

Read Original Article...
Microsoft has finally succeeded in making Windows 10 the number one operating system in the world after new statistics indicate that it has finally surpassed Windows 7 in the market share.

Microsoft is preparing to end technical and security support for Windows 7 less than a year from now, exactly on 14/01/2020, which means that users of this system have begun to think seriously about moving to Windows 10 or Windows 8 , and thus Microsoft is making a radical decision on its famous operating systemWindows 7 which was a short time ago the first Microsoft system used.

While Microsoft will provide information solutions for companies that are still running Windows 7 until 2023.

Read Original Article...

Reserve Bank's crypto-currency proposals clear confusion

The South African Reserve Bank's (SARB's) proposal to introduce tighter controls on crypto-currencies provides legal certainty for those dealing in crypto assets.

So says Candice Gibson, senior associate at Norton Rose Fulbright SA, commenting on the SARB's consultation paper on crypto assets published last week.

SARB says the purpose of this consultation paper is to:

* Provide an overview of the perceived risks and benefits associated with crypto assets.
* Discuss the available regulatory approaches.
* Present policy proposals to industry participants and stakeholders.

According to Gibson, the comments contained in the SARB's consultation paper are merely proposals at this stage.

As such, she says, any interested person, such as someone who buys or sells crypto assets, or who "mines" crypto assets, for example, is provided with the opportunity to comment on the proposals until 15 February.

She points out SARB has proposed SA moves to a higher level of regulation in 2019 from that of 2018. This approach is referred to in the consultation paper as "limited regulation", says Gibson.

"This is in contrast to an entirely regulated system where predefined conditions exist. What 'limited regulation' means is that specific requirements will be placed on providers of certain services in respect of crypto assets, without setting predefined conditions for formal regulation."

Gibson notes the consultation paper indicates the Financial Intelligence Centre (FIC) will include crypto asset service providers as an accountable institution and, as such, will have to comply with the Financial Intelligence Centre Act, 2001 (the FIC Act).

"Despite the significant room for abuse of crypto assets, law-abiding consumers require legal certainty regarding the treatment of crypto assets from a tax and exchange control perspective.

"Currently, there being no regulation from an exchange control perspective, the acceptance by merchants of crypto assets for the payment of goods or services is left to the discretion of the merchant selling the goods or providing the services."

She adds that while the South African Revenue Service (SARS) issued a statement on 6 April 2018 stating it will continue to apply "normal income tax rules to crypto-currencies", there is still confusion as to how to account for any income, gains or losses in a taxpayer's tax return in respect of crypto assets from a SARS perspective.

"Guidance is also definitely required from an exchange control perspective when dealing with crypto assets."

She notes that regulation of crypto-currencies offers consumer protection. "The activities involved with the purchase and trade in crypto assets are undertaken at the consumer's sole and independent risk, with no legal recourse to the SARB in the event the consumer loses their funds due to the lack of regulation.

"Consumers are left vulnerable as sellers of crypto assets are not regulated and numerous reported instances where trading platforms have been hacked and consumers have lost their funds. At this stage, there is simply no legal recourse for the consumer, which renders them vulnerable.

"The use of crypto assets which are not regulated enables consumers to circumvent South African exchange control rules as no SARB approval needs to be obtained for funds leaving South Africa. In addition, South African authorities are unaware of the flow of funds or the movement of capital to and from South Africa."

Gibson adds that what is noteworthy for consumers is that the consultation paper indicates it is not SA's intention to ban the buying, selling or holding of crypto assets, or to ban crypto assets for payments.

"However, the SARB remains of the view that as a result of crypto assets not being recognised as a currency, consumers will most likely be exposed to harm in an unregulated environment. Consumers will, therefore, need to remain cautious when delving into the world of crypto assets."

According to Angus Brown, CEO of crypto-currency company Centbee, people often think of regulation as "establishing controls", but it also means "to make regular".

He points out that regulation helps to bring order to a situation, bringing the chaotic to the mainstream. "Although early adopters typically have a high risk appetite, most people shy away from disorder, especially when it is associated with illegal activity.

"If we truly want Bitcoin to succeed, it needs to be owned and used by hundreds of millions of people. To achieve that, Bitcoin has to be perceived as safe, easy-to-use and easily available. We must recognise that regulators as the agents of government are the gatekeepers."

Brown is confident a transparent and respectful approach towards regulators will help them develop enabling legislation.

"Regulation can help customers and existing financial institutions gain more comfort in crypto-currencies and drive the adoption of Bitcoin."

Richard Gardner, CEO of Modulus, a US-based developer of trading technology, says SA has a real opportunity here to lead on issues faced by the industry on the African continent.

"A deep dive into issues like money laundering may prove useful to other countries with a deep crypto footprint on the continent."

Read Original Article...
Apple Repairs and Service
Member of the Internet Defense League

BitcoinCash Accepted