Category Archives: Surveillance

Error451: #12 (Efail w/ Micah Lee)

Download This Podcast

This week, Bursts spoke with Micah Lee.  Micah is, according to his bio at The Intercept: ”

a computer security engineer and an open source software developer. He writes about technical topics like digital and operational security, encryption tools, whistleblowing, and hacking using language that everyone can understand, but without dumbing it down. An avid user of Qubes and Linux, he develops security tools such as OnionShare.”

Micah is kind enough in this conversation to break down the Efail scandal that rocked security-minded folks in mid-May.  A weakness in the way that many email clients handled PGP & S/MIME came to light months after it was discovered by a team of security investigators.  Micah explains how this encryption works, what was found out, safer approaches to encrypted messaging. We also talk a little about threat modeling and quantum computing.

Send encrypted text messages to Micah using Signal Messenger at (415) 964-1601.  Here’s a link to a cool article Micah published at The Intercept about a method of cheaply creating a second signal account, so you can give out a signal # without giving away your personal phone number.

Check out past episodes of Error451 and hit us up if you have ideas for segments or guests you’d like to hear from.  Check out our contact page!

featured track: “I Did It For The Kids But They’re Gonna PAY” by Spook Rat.

Error451: #11 (CLOUD Act)

Download This Podcast

A change of plans: instead of airing the interview with comrades in Yogyakarta about May Day repression of anarchists there, we’re including that in the radio show for next Sunday.  So, instead, kick back with this new issue of #Error451 !

The CLOUD Act (Clarifying Lawful Overseas Use of Data Act) got passed by the U.S. Congress earlier this year and signed into law by President Trump.  It’s a revision of the 1986 Stored Communications Act.  Basically, it allows U.S. cops from local up to Federal to request data belonging to persons of interest that is stored on overseas servers from the private corporations or organizations storing it. If the U.S. executive makes an agreement with the foreign power where the data is stored, that power also gets a degree of access to the data of persons of interest to the overseas powers.  Basically, governments can more easily spy on folks around the world!

We talk a bit about the implications of the Act, how it came to pass and the types of practices and services folks can engage to help protect themselves from some of these government excesses.

Check out past episodes of Error451 and hit us up if you have ideas for segments or guests you’d like to hear from.  Check out our contact page!

featured track: “Bob Ross remixed by Symphony of Science’s John D. Boswell for PBS Digital Studios

Error451: #10 (Facebook and Cambridge Analytica)

Download This Podcast

This week on Error451, William Budington and Bursts chat about the Facebook and Cambridge Analytica scandal.  We’ve seen Congressional hearings and M. Zuckerburg give testimony, we’ve seen punditry, we’ve seen evasion.

For the episode, the two chat about what’s going on with the hullabaloo and different solutions privacy advocates have proposed.

Check out past episodes of Error451 and hit us up if you have ideas for segments or guests you’d like to hear from.  Check out our contact page!

Error451: #09 (Facial Recognition Technology)

Download This Podcast

This week’s installment of #error451 podcast, Bursts and William Budington speak about facial recognition technology.  We chat about how different methods are employed, scanning of social media by police and security forces, different methods used to avoid it such as camouflage, lights, makeup and masks, the Google Arts & Culture app comparing people’s selfies to the contents of art museums and more.

Check out past episodes of Error451 and hit us up if you have ideas for segments or guests you’d like to hear from.  Check out our contact page!

Error451: #08 (Are My Apps Listening To Me?)

Download This Podcast

This week on Error451, William Budington and Bursts chat about eavesdropping by digital devices.  This conversation happened before the Cambridge Analytica & Facebook scandal, but covers some of the same material.

Do Facebook, Amazon, Google and other big data companies listen through your device to your conversations and target marketing at you based on your choices?  What tools do platforms like those mentioned above have and what are their interests in your real-life movements, the sites you visit, how long you stay on a page and where you go next?

In a past episode, we had spoken about Apps tracking us and communicating via mic and speaker in subsonic levels with advertising devices. More on specifically Cambridge Analytica and Facebook is coming to Error451 soon!

Check out past episodes of Error451 and hit us up if you have ideas for segments or guests you’d like to hear from.  Check out our contact page!

Error451: #07 (Borders and Devices)

Download This Episode

This week on error451, the occasionally-weekly tech podcast from an anarchist perspective brought to you by The Final Straw Radio, Bursts and William Budington chat about devices crossing the U.S. border.  Now, neither of us are lawyers and situations change according to laws, precedence and actual practice with border security, so consider these better practice suggestions. We talk about full disk encryption, cloud solutions, planning a trip, if some devices are more secure than others and safer-practices if you’ve lost control of your device.

William B suggests the Security Self-Defense series from the Electronic Frontier Foundation (which employs William) as a great, free resource for getting prepared for travel and other situations and keeping up on current developments in tech.

Error451: #05 (Hidden Tracking In Common Android Apps)

Download This Episode

 

This week, William Budington chats with Bursts about the recent exposé published by Yael Grauer at The Intercept about research by Exodus and Yale Research Group leading to the findings that hundreds of common apps available from the Android Google Play Store contain clandestine tracking apps, allowing for the scooping up of the data a phone user gives off throughout their use of the device.  Ever wonder why a free flashlight app needs permission to access your microphone?  Here’s why!

We also chat a bit about F-Droid, a platform for free and open-source apps outside of the Play Store, many designed at increased transparency of device usage.

At one point, Bursts brings up criticisms aired about the F-Droid repository by Moxie Marlinspike, a founder of Open Whisper Systems, which makes the Signal App for free end-to-end encryption. William is kind enough to explain what the concerns come from and his views on the subject.

Like this show?  Rate us on I-Tunes or dop us an email, check out other Error451 episodes or our regular feature, The Final Straw Radio.

Oh, and you should know better than to be on social media, but if you are willfully ignorant, we are findable on fedbook, instagram and twitter.

 

Error451: #3 (GPS safer practices)

Download This Podcast

In perfect timing for holiday driving many will be doing in the U.S., we’re releasing episode 3 of Error451, The Final Straw’s occasionally weekly tech security podcast with William Budington. This episode is about GPS navigation on mobile devices and ways to use it without disclosing your information to service providers.

Oh, hand here’s a link to one of those Motherboard chat logs about Mr. Robot.

If you have ideas for topics you’d like to hear discussed or researched, send us an email at thefinalstrawradio@riseup.net.

Tech Security, Doxxing, Encryption

Download This Episode
For a 59 minute long, radio clean version for syndication purposes, please visit the archive.org collection.

The Main Event

This week Bursts spoke with William Budington, a digital security expert, about various topics under that heading. We spoke about: encryption for texting, email and mobile devices operating systems; about anonymity on the internet; safer practices with social media; doxxing; and more.

The conversation was ranging and a bit thick at times due to Bursts very specific style of posing questions. Thusly, the notes will be very long with lots of links embedded for further reading on the topic, posted in the Further Reading section below. If there are other topics around security that you’d like to hear discussed on this show, drop us an email at thefinalstrawradio@riseup.net and we’ll mull it over. This chat was by no means the end of a conversation. The practices and tools we talked about here are meant to keep you SAFER, but can’t promise your safety. But hopefully some of these words can get more of us to take our digital hygiene more seriously!

Announcements

Political Prisoner Herman Bell Assaulted

We received this notice after the show aired, but hope that folks read these notes and get this info. Herman Bell is one of the New York 3, the same group of defendants as Jalil Muntaqim, who we featured an interview with in our last episode:
Black Panther Party political prisoner Herman Bell was viciously assaulted by guards at Great Meadow Correctional Facility (Comstock) on September 5, 2017. While being “escorted” by a guard back to his housing unit, a guard struck Herman, age 69, in the face causing his glasses to drop to the floor. This same guard then repeatedly punched Herman about the face, head and body. Responding to a commotion, 5-6 other guards arrived and joined in the assault. One of them was able to knee Herman in the chest causing two cracked ribs. Another guard took out a bottle of mace and sprayed it all over Herman’s face, eyes and mouth.

Herman was then taken to the prison infirmary. X-rays have confirmed fractured ribs. Herman’s left eye is damaged from the mace and blows. He has bruises to his body and is suffering headaches, a sign of a possible concussion.

Herman Bell has now been charged with “assault on staff”. Defying common sense, they allege that Herman, for no apparent reason, slapped the guard escorting him. He did this, they claim, in a location out of the view of all inmates but in the presence of other guards. He is now in the Special Housing Unit (box) at Five Points Correctional Facility where he was transferred after the incident.

Herman Bell has not had a disciplinary violation in over 20 years. He was scheduled to begin a three day family visit with his wife a few days after the incident, their first such visit in over 2 1/2 years. In addition he is to appear before the parole board, for the 8th time, in February 2018.

Herman has, however, been the target of guard harassment due to his political background. Visitors report that guards processing them and in the visiting room comment that they are visiting a “cop killer” or “terrorist”. Some guards have been seen passing around the book “Badge of the Assassin” written by Herman’s prosecutor.

At this time, we are encouraging everyone to take the time to write to Herman or send him a get-well card, so that the authorities know we are paying attention and are concerned for Herman. Stay tuned for updates as we develop this campaign.

Herman Bell’s new address is:

Herman Bell #79C0262
Five Points Cor. Fac.
P.O. Box 119
Romulus, N.Y. 14541​

2018 Certain Days Calendar

I’d like to quickly announce that the 2018 Certain Days: Freedom For Political Prisoners Calendar has just been posted as ready for pre-order. The calendar is a joint fundraising and educational project between outside organizers in Montreal, Toronto, and New York, in partnership with three political prisoners being held in maximum-security prisons in New York State: David Gilbert, Robert Seth Hayes and Herman Bell. The proceeds from Certain Days 2018 will be divided among these groups: Addameer Prisoners Support and Human Rights Association (Palestine), Release Aging People in Prison (RAPP) and other groups in need. More info on the project and where to sign up is at certaindays.org

T-Shirt Designs

For all you artistically minded listeners out there, who would like to see their art worn by people (potentially) all over the world, The Final Straw is looking for tshirt desgins! If you like the show, or love it, or just think it’s ok-ish but like to make designs then this challenge is for you.

We will be accepting submissions until the (end of November), and lest you think this is a one way street, the winner of this challenge will recieve a special prize from each of us (Bursts and William) of a personal and one of a kind mixtape which will include all sorts of audio goodies. Runners up will also get prizes, so never fear there’s no heirarchy here.

Want in?? Just email your submission and any relevant info to thefinalstrawradio@riseup.net and keep your ears peeled for the winner announcement.

Show Notes begin in vain

For a starter on COINTELPRO, check out the wikipedia page on the topic.

The Whisper Systems (Signal) case referenced concerning user data disclosure to government is explained by WS folks. Also, here’s a link to Weapons of Math Destruction, the book by Cathy O’Neil that William references.

Doxxing

Anti-Repression Committee in the Bay deals with, among other things, doxxing by the far right in order to build charges against anti-racists.
Discord Chat logs leaked from the Far Right prior to and after #Charlottesville on Unicorn Riot.
Oh Crap! What Now? digital security page
Time to Beef Up Defense Against Far Right Doxxing
Equality Labs released this dope guide to safer practices which overlaps with a lot of the interview and links presented here
In case it’s too late, check out Crash Override Network‘s guide to post-Doxxing mitigation

Bigger Toolkits

That One Privacy Site
The EFF‘s Security Self Defense Guide
Riseup‘s offerings on safer practices and tools

Device Safety

Your Phone is a Cop part one and two
On the topic of vulnerability markets, zerodium.com/program.html got brought up.

Specific Tools

PGP
Enigmail for is an add-on to the Thunderbird email client that makes creating a pgp key set easier.
The Onion Router (TOR) produced this really great package for safer browsing called the Torbrowser package.
TAILS is a portable operating system so you can operate a computer and leave less traces
Signal is a phone app for end-to-end encryption available for iphones, android phones and desktops.
HTTPSEverywhere is a useful add-on for your web browser

VPNs

One VPN intro, including links to clients you can use, can be found at riseup

VPN services to check out
https://www.mullvad.net/
https://www.privateinternetaccess.com/

Online Presence

One tool mentioned to help minimize your online presence is DeleteMe by ABINE.com

Data Brokers you may want to scrub yourself from include:
Spokeo
BeenVerified
PeekYou
PeopleFinders

Various other nefarious tech the state and non-state actors may deploy

IMSI catchers, or phone spoofers, include the name-brand Stingray. The ACLU has this little site that allows you to see what law enforcement agencies they know to have (and probably use) them!
In reference to the Automatic License Plate Readers mentioned by William, here’s an article on the subject

Playlist here

“The Inspection House”, surveillance, Bentham, Foucault & intentions (with Emily Horne & Tim Maly)

http://www.chbooks.com/catalogue/inspection-house
Download This Episode
Jeremy Bentham (died 1832) on display at London College into the 1970’s. Note his mummified head between his feet…

This week William speaks with Emily Horne and Tim Maly about their book “The Inspection House; An Impertinent Field Guide to Modern Surveillance”, which was published in October 2014 by Coach House Books in their Exploded Views series. This interview comes right before the authors book tour of locations in Canada.

From the book’s website:

“In 1787, British philosopher and social reformer Jeremy Bentham conceived of the panopticon, a ring of cells observed by a central watchtower, as a labor-saving device for those in authority. While Bentham’s design was ostensibly for a prison, he believed that any number of places that require supervision—factories, poorhouses, hospitals, and schools—would benefit from such a design. The French philosopher Michel Foucault took Bentham at his word. In his groundbreaking 1975 study, Discipline and Punish, the panopticon became a metaphor to describe the creeping effects of personalized surveillance as a means for ever-finer mechanisms of control.

Forty years later, the available tools of scrutiny, supervision, and discipline are far more capable and insidious than Foucault dreamed, and yet less effective than Bentham hoped. Public squares, container ports, terrorist holding cells, and social networks all bristle with cameras, sensors, and trackers. But, crucially, they are also rife with resistance and prime opportunities for revolution.”

 

In the interview, Emily and Tim talk about Jeremy Bentham’s life, the intended and actual uses of the panopticon, the dangers of the well intentioned, and more!
The book has a lot of good stuff in it, history and analysis and humor. For more info about “The Inspection House” and about the author’s Canadian tour, you can visit http://www.chbooks.com/catalogue/inspection-house

The Panopticam (live streaming & timelapse from the top of the cabinet in which Jeremy Bentham sits)

Metro.UK article on Jeremy Bentham’s attendence record at the University College of London since his passing in 1838.

Playlist