a computer security engineer and an open source software developer. He writes about technical topics like digital and operational security, encryption tools, whistleblowing, and hacking using language that everyone can understand, but without dumbing it down. An avid user of Qubes and Linux, he develops security tools such as OnionShare.”
Micah is kind enough in this conversation to break down the Efail scandal that rocked security-minded folks in mid-May. A weakness in the way that many email clients handled PGP & S/MIME came to light months after it was discovered by a team of security investigators. Micah explains how this encryption works, what was found out, safer approaches to encrypted messaging. We also talk a little about threat modeling and quantum computing.
Send encrypted text messages to Micah using Signal Messenger at (415) 964-1601. Here’s a link to a cool article Micah published at The Intercept about a method of cheaply creating a second signal account, so you can give out a signal # without giving away your personal phone number.
A change of plans: instead of airing the interview with comrades in Yogyakarta about May Day repression of anarchists there, we’re including that in the radio show for next Sunday. So, instead, kick back with this new issue of #Error451 !
The CLOUD Act (Clarifying Lawful Overseas Use of Data Act) got passed by the U.S. Congress earlier this year and signed into law by President Trump. It’s a revision of the 1986 Stored Communications Act. Basically, it allows U.S. cops from local up to Federal to request data belonging to persons of interest that is stored on overseas servers from the private corporations or organizations storing it. If the U.S. executive makes an agreement with the foreign power where the data is stored, that power also gets a degree of access to the data of persons of interest to the overseas powers. Basically, governments can more easily spy on folks around the world!
We talk a bit about the implications of the Act, how it came to pass and the types of practices and services folks can engage to help protect themselves from some of these government excesses.
This week on Error451, William Budington and Bursts chat about the Facebook and Cambridge Analytica scandal. We’ve seen Congressional hearings and M. Zuckerburg give testimony, we’ve seen punditry, we’ve seen evasion.
For the episode, the two chat about what’s going on with the hullabaloo and different solutions privacy advocates have proposed.
This week’s installment of #error451 podcast, Bursts and William Budington speak about facial recognition technology. We chat about how different methods are employed, scanning of social media by police and security forces, different methods used to avoid it such as camouflage, lights, makeup and masks, the Google Arts & Culture app comparing people’s selfies to the contents of art museums and more.
This week on Error451, William Budington and Bursts chat about eavesdropping by digital devices. This conversation happened before the Cambridge Analytica & Facebook scandal, but covers some of the same material.
Do Facebook, Amazon, Google and other big data companies listen through your device to your conversations and target marketing at you based on your choices? What tools do platforms like those mentioned above have and what are their interests in your real-life movements, the sites you visit, how long you stay on a page and where you go next?
In a past episode, we had spoken about Apps tracking us and communicating via mic and speaker in subsonic levels with advertising devices. More on specifically Cambridge Analytica and Facebook is coming to Error451 soon!
This week on error451, the occasionally-weekly tech podcast from an anarchist perspective brought to you by The Final Straw Radio, Bursts and William Budington chat about devices crossing the U.S. border. Now, neither of us are lawyers and situations change according to laws, precedence and actual practice with border security, so consider these better practice suggestions. We talk about full disk encryption, cloud solutions, planning a trip, if some devices are more secure than others and safer-practices if you’ve lost control of your device.
William B suggests the Security Self-Defense series from the Electronic Frontier Foundation (which employs William) as a great, free resource for getting prepared for travel and other situations and keeping up on current developments in tech.
This week, William Budington chats with Bursts about the recent exposé published by Yael Grauer at The Intercept about research by Exodus and Yale Research Group leading to the findings that hundreds of common apps available from the Android Google Play Store contain clandestine tracking apps, allowing for the scooping up of the data a phone user gives off throughout their use of the device. Ever wonder why a free flashlight app needs permission to access your microphone? Here’s why!
We also chat a bit about F-Droid, a platform for free and open-source apps outside of the Play Store, many designed at increased transparency of device usage.
At one point, Bursts brings up criticisms aired about the F-Droid repository by Moxie Marlinspike, a founder of Open Whisper Systems, which makes the Signal App for free end-to-end encryption. William is kind enough to explain what the concerns come from and his views on the subject.
In perfect timing for holiday driving many will be doing in the U.S., we’re releasing episode 3 of Error451, The Final Straw’s occasionally weekly tech security podcast with William Budington. This episode is about GPS navigation on mobile devices and ways to use it without disclosing your information to service providers.
Oh, hand here’s a link to one of those Motherboard chat logs about Mr. Robot.
This week Bursts spoke with William Budington, a digital security expert, about various topics under that heading. We spoke about: encryption for texting, email and mobile devices operating systems; about anonymity on the internet; safer practices with social media; doxxing; and more.
The conversation was ranging and a bit thick at times due to Bursts very specific style of posing questions. Thusly, the notes will be very long with lots of links embedded for further reading on the topic, posted in the Further Reading section below. If there are other topics around security that you’d like to hear discussed on this show, drop us an email at firstname.lastname@example.org and we’ll mull it over. This chat was by no means the end of a conversation. The practices and tools we talked about here are meant to keep you SAFER, but can’t promise your safety. But hopefully some of these words can get more of us to take our digital hygiene more seriously!
Political Prisoner Herman Bell Assaulted
We received this notice after the show aired, but hope that folks read these notes and get this info. Herman Bell is one of the New York 3, the same group of defendants as Jalil Muntaqim, who we featured an interview with in our last episode:
Black Panther Party political prisoner Herman Bell was viciously assaulted by guards at Great Meadow Correctional Facility (Comstock) on September 5, 2017. While being “escorted” by a guard back to his housing unit, a guard struck Herman, age 69, in the face causing his glasses to drop to the floor. This same guard then repeatedly punched Herman about the face, head and body. Responding to a commotion, 5-6 other guards arrived and joined in the assault. One of them was able to knee Herman in the chest causing two cracked ribs. Another guard took out a bottle of mace and sprayed it all over Herman’s face, eyes and mouth.
Herman was then taken to the prison infirmary. X-rays have confirmed fractured ribs. Herman’s left eye is damaged from the mace and blows. He has bruises to his body and is suffering headaches, a sign of a possible concussion.
Herman Bell has now been charged with “assault on staff”. Defying common sense, they allege that Herman, for no apparent reason, slapped the guard escorting him. He did this, they claim, in a location out of the view of all inmates but in the presence of other guards. He is now in the Special Housing Unit (box) at Five Points Correctional Facility where he was transferred after the incident.
Herman Bell has not had a disciplinary violation in over 20 years. He was scheduled to begin a three day family visit with his wife a few days after the incident, their first such visit in over 2 1/2 years. In addition he is to appear before the parole board, for the 8th time, in February 2018.
Herman has, however, been the target of guard harassment due to his political background. Visitors report that guards processing them and in the visiting room comment that they are visiting a “cop killer” or “terrorist”. Some guards have been seen passing around the book “Badge of the Assassin” written by Herman’s prosecutor.
At this time, we are encouraging everyone to take the time to write to Herman or send him a get-well card, so that the authorities know we are paying attention and are concerned for Herman. Stay tuned for updates as we develop this campaign.
Herman Bell #79C0262
Five Points Cor. Fac.
P.O. Box 119
Romulus, N.Y. 14541
2018 Certain Days Calendar
I’d like to quickly announce that the 2018 Certain Days: Freedom For Political Prisoners Calendar has just been posted as ready for pre-order. The calendar is a joint fundraising and educational project between outside organizers in Montreal, Toronto, and New York, in partnership with three political prisoners being held in maximum-security prisons in New York State: David Gilbert, Robert Seth Hayes and Herman Bell. The proceeds from Certain Days 2018 will be divided among these groups: Addameer Prisoners Support and Human Rights Association (Palestine), Release Aging People in Prison (RAPP) and other groups in need. More info on the project and where to sign up is at certaindays.org
For all you artistically minded listeners out there, who would like to see their art worn by people (potentially) all over the world, The Final Straw is looking for tshirt desgins! If you like the show, or love it, or just think it’s ok-ish but like to make designs then this challenge is for you.
We will be accepting submissions until the (end of November), and lest you think this is a one way street, the winner of this challenge will recieve a special prize from each of us (Bursts and William) of a personal and one of a kind mixtape which will include all sorts of audio goodies. Runners up will also get prizes, so never fear there’s no heirarchy here.
Want in?? Just email your submission and any relevant info to email@example.com and keep your ears peeled for the winner announcement.
Show Notes begin in vain
For a starter on COINTELPRO, check out the wikipedia page on the topic.
PGP Enigmail for is an add-on to the Thunderbird email client that makes creating a pgp key set easier.
The Onion Router (TOR) produced this really great package for safer browsing called the Torbrowser package. TAILS is a portable operating system so you can operate a computer and leave less traces Signal is a phone app for end-to-end encryption available for iphones, android phones and desktops.
HTTPSEverywhere is a useful add-on for your web browser
One VPN intro, including links to clients you can use, can be found at riseup
Various other nefarious tech the state and non-state actors may deploy
IMSI catchers, or phone spoofers, include the name-brand Stingray. The ACLU has this little site that allows you to see what law enforcement agencies they know to have (and probably use) them!
In reference to the Automatic License Plate Readers mentioned by William, here’s an article on the subject
This week William speaks with Emily Horne and Tim Maly about their book “The Inspection House; An Impertinent Field Guide to Modern Surveillance”, which was published in October 2014 by Coach House Books in their Exploded Views series. This interview comes right before the authors book tour of locations in Canada.
From the book’s website:
“In 1787, British philosopher and social reformer Jeremy Bentham conceived of the panopticon, a ring of cells observed by a central watchtower, as a labor-saving device for those in authority. While Bentham’s design was ostensibly for a prison, he believed that any number of places that require supervision—factories, poorhouses, hospitals, and schools—would benefit from such a design. The French philosopher Michel Foucault took Bentham at his word. In his groundbreaking 1975 study, Discipline and Punish, the panopticon became a metaphor to describe the creeping effects of personalized surveillance as a means for ever-finer mechanisms of control.
Forty years later, the available tools of scrutiny, supervision, and discipline are far more capable and insidious than Foucault dreamed, and yet less effective than Bentham hoped. Public squares, container ports, terrorist holding cells, and social networks all bristle with cameras, sensors, and trackers. But, crucially, they are also rife with resistance and prime opportunities for revolution.”
In the interview, Emily and Tim talk about Jeremy Bentham’s life, the intended and actual uses of the panopticon, the dangers of the well intentioned, and more!
The book has a lot of good stuff in it, history and analysis and humor. For more info about “The Inspection House” and about the author’s Canadian tour, you can visit http://www.chbooks.com/catalogue/inspection-house
The Panopticam (live streaming & timelapse from the top of the cabinet in which Jeremy Bentham sits)
Metro.UK article on Jeremy Bentham’s attendence record at the University College of London since his passing in 1838.