Tales from the crypt(-oparty)

Cover photo

My story on Chicago’s CryptoParty scene appeared on the cover of the Chicago Reader last week.

Thanks for reading, folks. It’s a long piece, so if you get through it, kudos to you. And bravo if you somehow manage to not get lost as you go, with all the techno-terminology. We tried to make it as friendly to novices as we could. Especially the sidebar, about helpful tools.

I guess this makes me Chicago’s crypto educator in chief?

I’d like to paste below a few sections that got cut from the final story. The Reader editors know: people just don’t read long, meandering pieces anymore. It’s either solidly on-topic or people click away.

About the psychological science behind surveillance:

Psychological studies bear out the detriments of surveillance. Knowing or suspecting that you’re being watched definitely changes a person’s behavior, according to several controlled, peer-reviewed studies. Stress and anxiety tend to rise under surveillance, according to a 1996 study in the Journal of Applied Psychology. And job performance suffers under constant watch, according to a 1992 study in the journal Applied Ergonomics. (While anyone with a helicopter boss could tell you that, a proper study isolated that cause from other potential factors.)

And since the 1950s, psychologists have known that surveillance encourages social conformity in a person even when their larger social group is “obviously wrong,” writes the neuroscientist Chris Chambers, in an article in The Guardian.

About the applications of crypto to whistleblowing:

Conversations at CryptoParty often revolve around government transparency and corporate accountability. Many planners and attendees use freedom of information laws to demand answers from public entities. Their questions are often, but not always, about surveillance. (Institutional racism comes in at a close second.)

But as a transparency tool, the Freedom of Information Act is limited. No one can prove whether an agency is withholding something. There are no audits of FOIA offices or officers. Even if you sue, as I have, judges simply take an agency at its word that it gave you everything it found—and that it searched in all the possible places.

And what about all the things we scribes don’t think to ask, or won’t know to ask? That stuff will only see the light of day if whistleblowers choose to tell someone outside their offices. And in the private sector, forget about it—unless a whistleblower tries to tell the public about a hidden danger. Cryptography can protect whistleblowers’ identities when the government won’t.

If a whistleblower tries to tell the public about a hidden danger, cryptography can protect their identity when the government won’t. These days, governments seem a lot more interested in punishing whistleblowers than protecting them. Just ask John Kiriakou, who, when asked to be a part of the CIA’s torture program, instead blew the whistle on it. Or William Binney, who built the NSA’s surveillance apparatus after 9/11 and saw it get out of hand. Binney narrowly avoided jail. Kiriakou spent time in prison for his classified leaks. Former General David Petraeus, part of Washington’s “in crowd,” was fired for leaking classified information but has not faced any charges.

Advertisements

A judge rules

It’s not the last word, but a hint of rulings to come. Below are excerpts from the Times’ story about a federal judge ruling against one NSA data-siphoning program.

In a statement distributed by the journalist Glenn Greenwald, who was a recipient of leaked documents from Mr. Snowden and who wrote the first article about the bulk data collection, Mr. Snowden hailed the ruling.

“I acted on my belief that the N.S.A.’s mass surveillance programs would not withstand a constitutional challenge, and that the American public deserved a chance to see these issues determined by open courts,” Mr. Snowden said. “Today, a secret program authorized by a secret court was, when exposed to the light of day, found to violate Americans’ rights. It is the first of many.”

Though long and detailed, the ruling is not a final judgment, but rather a request for an injunction to stop the data collection while the plaintiffs pursued the case. It turned on whether there was a substantial likelihood that they would ultimately succeed and whether they would suffer substantial harm in the meantime.

But Judge Leon left little doubt about his view.

(Among other things, the judge stated the following)

“…it is significantly likely that on that day, I will answer that question in plaintiffs’ favor.”

I’d be at risk of re-posting the entire article if I were to paste more. But there’s more juicy stuff to be read—particularly about how effective the judge thinks the programs have been at thwarting terrorism—so head on over and read it.

Business cards

business card front

I’m excited about my new business cards, created with design help by my friend Matt Albacete. Here’s the back:

business card back

My name is set in different versions of the typeface ZXX, all designed by a former NSA staffer to thwart optical character recognition. And yes, it’s purely for show.

But the security suggestions aren’t.

With some 91 percent of American adults keeping cell phones mostly on their persons, effectively everyone’s full-time location data is gathered and stored by your carriers and the government. To boot, sophisticated software analyzes who crosses paths with whom. Unless we adopt practices formerly considered crazy-paranoid, whistleblowing will become a thing of the past.

And the cash-for-transit reference? That’s because it’s hard to be anonymous in a car when automatic license plate scanning is so ubiquitous. Even public transit anonymity is going down the tubes—in Chicago, anyway—with new payment systems that penalize you (75 cents tacked onto each $2.25 ride) if you don’t use the card that’s tied to your identity.

With my journalism work, I’ll have to pay the premium. You should, too.