Cyberwar: The Convergance

Hello again ATS!

A few years back I began a series of threads discussing Internet freedom, cybersecurity, cyberspying, and Cyberwarfare. Just a minute ago, while reading news about the latest tragedy that has everybody talking I came across what I believe to be the culmination of many of the concerns I have previously expressed in my cyber related threads.

President Obama, this year, is using a new tactic - he is dropping hints about the State of the Union address before the fact. Basically he's doing what all entertainers have known to do for years - he's seeking to build hype. Part of that hype involves the cyberrealm.

It appears that, since the Sony hack, cybersecurity has been on the Chief Executives mind and he is sincerely concerned for the little people. Those of us who use debit cards. He wants to find a way to make them more secure.

Great idea! Right?

Wrong.

WASHINGTON (AP) — Continuing the break with State of the Union tradition, President Barack Obama will spend most of the coming week previewing more of the proposals he will outline in the address, including on identity theft, electronic privacy and cybersecurity, the White House announced Saturday.

Obama will use a Monday event at the Federal Trade Commission to lay out the next steps of a plan to tackle identity theft and improve consumer and student privacy. It follows a plan Obama announced last October to tighten security for the debit cards that transmit federal benefits to millions of Americans.

After holding his first meeting of the new year with the top leaders in Congress on Tuesday, Obama will discuss cybersecurity, including ways of getting the private sector and federal government to voluntarily share more cybersecurity information. He'll do so at the National Cybersecurity and Communications Integration Center, a part of the Department of Homeland Security that shares information among the public and private sectors.

Source

Reread that last paragraph - Obama will discuss cybersecurity, including ways of getting the private sector and federal government to voluntarily share more cybersecurity information.

I have previously mentioned that tech analysts surmize that Google and the NSA are just about compatible in their data mining abilities. The now infamous Snowden leaks showed us that most of the major online services are already giving up specific tidbits of information to Uncle Sam and law enforcement.

Just in case you are unfamiliar with the National Cybersecurity and Communications Integration Center, here is a link to their site and here is the information from their front page:

About the National Cybersecurity and Communications Integration Center

The Department of Homeland Security is responsible for protecting our Nation’s critical infrastructure from physical and cyber threats. Information sharing is a key part of the Department’s important mission to create shared situational awareness of malicious cyber activity. Cyberspace has united once distinct information structures, including our business and government operations, our emergency preparedness communications, and our critical digital and process control systems and infrastructures. Protection of these systems is essential to the resilience and reliability of the Nation’s critical infrastructure and key resources; therefore, to our economic and national security.
NCCIC Overview

The National Cybersecurity and Communications Integration Center (NCCIC) is a 24x7 cyber situational awareness, incident response, and management center that is a national nexus of cyber and communications integration for the Federal Government, intelligence community, and law enforcement.

The NCCIC shares information among the public and private sectors to provide greater understanding of cybersecurity and communications situation awareness of vulnerabilities, intrusions, incidents, mitigation, and recovery actions.

NCCIC Vision

The NCCIC Vision is a secure and resilient cyber and communications infrastructure that supports homeland security, a vibrant economy, and the health and safety of the American people. In striving to achieve this vision, the NCCIC will:

Focus on proactively coordinating the prevention and mitigation of those cyber and telecommunications threats that pose the greatest risk to the Nation.

Pursue whole-of-nation operational integration by broadening and deepening engagement with its partners through information sharing to manage threats, vulnerabilities, and incidents.

Break down the technological and institutional barriers that impede collaborative information exchange, situational awareness, and understanding of threats and their impact.

Maintain a sustained readiness to respond immediately and effectively to all cyber and telecommunications incidents of national security.

Serve stakeholders as a national center of excellence and expertise for cyber and telecommunications security issues.

Protect the privacy and constitutional rights of the American people in the conduct of its mission.

NCCIC Mission

The NCCIC mission is to reduce the likelihood and severity of incidents that may significantly compromise the security and resilience of the Nation’s critical information technology and communications networks. This mission defines the NCCIC’s specific contribution to achieving its vision. To execute its mission effectively, the NCCIC will focus on three core strategic priorities and associated operational objectives. The NCCIC will implement this strategy by expanding and attaining the capabilities, products, and services required to meet each of its strategic priorities over the next five years. Many of these activities will be coordinated, developed, and executed collaboratively with the NCCIC’s operational partners to the benefit of the entire community of cyber and communications stakeholders.

From the above I want to reiterate a small detail: Protection of these systems is essential to the resilience and reliability of the Nation’s critical infrastructure and key resources; therefore, to our economic and national security.

Now I realize that to the casual reader this probably all sounds wonderful and snuggly! We've got some real power protecting our online environment! Heck, if you read the Yahoo article you'll even notice that one of the Presidents current ambitions is to make high speed internet more affordable! And that's awesome!

Except the language keeps saying "national security"...

The US Government, already in league with every single major online power that one can imagine wants more cooperation from them and the underlying whisper is national security?

Are we implying that the Sony hack was a violation of US "national security"??? A private company ( based in Japan ) getting hacked is a national security issue?

Faster internet is an facet of national security???

Reread those bullet point NCCIC Vision statements. Proactive prevention? Break down barriers that impede collaboration???

What the HELL man!?!?!

Are the implications sinking in yet? Big Brother is opening the curtain and showing us private Corporations and Government are the same? That private industry has an inherent obligation to spy on us for law enforcement.

We must understand that "information sharing" is a relatively new concept, born in the days after 9/11 when it was discovered that different agencies had different pieces of the 9/11 puzzle in their hands, but never bothered to compare notes. So programs were developed that would allow all of the alphabet agencies to share what they knew with one another - making the ghost of J. Edgar Hoover roll over in his grave. But still.

At what point did telecoms, search engines, online retailers, your email server, the little site you visit to watch no-no videos all become Deputy Dog and join the intelligence community?

These are questions I have previously explored to varying degrees. But those discussions were vague and seeking to recognize the trajectory of where this is all heading. To inform the community that, when it comes to the Internet, eyes are everywhere. To explore the potential pitfalls that might befall us should all of these factors converge at a given point. That Convergence is now happening and the ramifications are potentially tremendous and world changing.

In reality the government should NOT be wholesale spying on and logging our online posts and activities to begin with:

The Fourth Amendment to the Constitution of the United States

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

This debate has long been raging due to wording. Are my thoughts and words not the modern equivelant to my papers and effects? Therefore is monitoring them in real time, without any just or reasonable cause, and without warrant, not a direct violation of my personal privacy?

I'm left stymied as to what the Framers would say if they were told that not only do their successors use the Governments full power to ignore the Fourth Amendment, but actually are doing so in concert with private Corporations who, apparently, willing divulge whatever is asked of them. Surely if one could time travel THAT fact would cause quite the murmur and rumbling in Independence Hall.

This, in effect, gives the Government total control over the entire Interent ( privately owned companies apparently now considered part of government ) in the name of national security - and the power ( outlined very vaguely ) to determine what constitutes a threat to that security. If I post cat memes to Whitehouse.gov would I be considered a terrorist? Don't scream hyperbole, the language is such that it's within the realm of possibility. You know, interfering with Government via kitty memes.

This also creates a very disturbing precedent that blurs the lines between private industry and Government. This process has been ongoing for a number of years but never this far out in the open. Infragard predates this by years, but was fairly limited and specific to the FBI and to industries deemed as critical infrastructure, such as nuclear reactors, damns, bridges, etc.

Communication - while a luxury and a great thing for us to have - is not a critical infrastructure. At least not at a public level. The Government and military have closed communications systems that are unique and separate from what consumers utilize. Our system is not critical to the operation of Governing this nation. There is no call for it to be put under such an umbrella. Being able to call 911 is fairly important - but being able to send sexy selfies at will or write a rant not so much.

I've gone the long and explanatory way around the barn to say that the day I have been writing about has come. The point where content control is no longer the domain of an ISP or hosting company - but of an agreement with law enforcement, the FCC, and Government. These cooperative giant Corporations, acting in accord with law enforcement, will now become the gatekeepers of what information is relevant and what is not. Google and Bing will no longer tell you what is there to access. They will tell you what they will allow you to access.

And that's just the start.

As for "cheaper high speed"? Hell, he might follow through on that one. After all we're going to need cheap or even free access to 'Net because all of our money is going to be going to package pricing for access rights to the sites we enjoy. Those that are left that is. Places like ATS will either think up get rich FAST schemes or be priced out of being able to compete.

The Internet will be a duplicate model of cable television. The only difference is that watching CSI won't get homeland security pounding down your front door - but Googling terminology from CSI might just result in such an incursion.

You know... national security. I guess it's OK for the TV to teach us how to get away with murder, just don't get curious online.

So my ATS friends, enjoy deeply what you have right now. Because the clock just got wound and is now ticking away to a time when this will no longer exist as it does today.

Thanks for reading.

As always a great read but what do u think we the people should do to try and protect ourselves against the snoopers vpns are probably useless as u well know and most ordinary people don't even no what a vpn is tbh....

a reply to: robbeh

I'm not even worried about the snooping anymore. That cat is out of the bag forever. What comes next is the death of the open and free Internet. Facebook, Amazon, Yahoo, Google, HSN, etc will survive... but the days of finding smaller websites like this are coming to a close.

a reply to: Hefficide

losing profit is a national security issue in a corporatocracy.

originally posted by: Hefficide
a reply to: robbeh

I'm not even worried about the snooping anymore. That cat is out of the bag forever. What comes next is the death of the open and free Internet. Facebook, Amazon, Yahoo, Google, HSN, etc will survive... but the days of finding smaller websites like this are coming to a close.

if that's the case then we're screwed royally these sites are the only places that one can find the real info about said people doing nefarious deeds life's going to get boring real quick.....

This will never end til we have no privacy.

My card was stopped on Friday, had to ring up the fraud team, apparently it was used in Indonesia earlier that day, fortunately it was declined (insufficient funds).

Thing is my card must have been cloned, butnot on the internet...an ATM!

There was a time not so long ago, I went to the bank to check my balance, I put the card in and the machine kept clicking over, like it was struggling, the next thing I know it has eaten my card and up on the screen it says "This card is not authorised to be used in this machine" I can't remember the exact wording but it alluded to please take your card.

Trouble is my card never came back out!

I hung around for a minute or so, thinking it might spit it back, but nothing.

Next morning I went straight back down there to see if they could fish it out, but they wouldn't look as the ATM wasn't going to be opened until the afternoon, so I had to order a new card.

Interestingly enough, the machine that ate my card was operational when I went into the bank as I saw a man using it, but the bank said they haven't touched it.

So what happend Friday doesn't surprise me, online payment seems pretty secure in my opinion.

As far as I'm concerned the risk is ATM's and shop card readers, not the triple lock access you have to go through online currently.

Great thread Heff, with the events of late it is very easy for the public whip up frenzy wagon to bulldoze common sense and push through faulty ideas.

good read. But they can't even protect themselves. how many times has a .GOV been hacked? and they want me to trust them on protecting me? lol

it`s not much different than what they have always done really.If you committed a crime they would get paper copies of all your phone records, all your credit card records,etc. now they just get all that info in real time,real time info that could possibly prevent a crime from happening instead of paper copies after a crime has already happened.

the internet isn`t a necessity society survived and progressed just fine before the internet was invented.there`s nothing that you absolutely need the internet for, you can do everything off the net that you can do on the net.the internet is just a faster and more convienient option for doing things.
if you are planning to commit a crime and you know the government is monitoring the internet you will have to do your planning using offline means.
I`m more offended by the obscene amounts of money that they are wasting doing it than by the fact that they are doing it.How many hundreds of billions of dollars are they spending to find out that a grandma in Kentucky bought a new sewing pattern from sewing circle.com?
The more efficient they become at gathering and monitoring all this info off the net the less likely it is that they will actually catch anyone planning a crime because EVERYONE will know that they are monitoring it and they will find a more secure way to plan their crimes that doesn`t involve the internet.
if you aren`t planning to commit a crime then why do you care that the government wants to waste their time monitoring the internet?

a reply to: Hefficide

NCCIC will:

Protect the privacy and constitutional rights of the American people in the conduct of its mission. 

I dont know if you intentionally skipped that but its hard to ignore when its telling you they're going to be doing the opposite of what your thread is claiming...
But, well, I guess time will tell how right or wrong you are.

I think I wouod be worried more ifnthe opposite was occurring to be honest anyway. Governments sharing data with companies instead of the opposite. It doesnt say that's what they will be doing bu I don't trust these organisations are not swarming with cronies willing to sell our data to private interests illegally for a large sum.

a reply to: funkadeliaaaa

It's in the OP - cut and paste didn't include the asterisks.

As far as selling the info - that's been happening since the 90's and led to the creation of the sort of software that the NSA uses now - filtering algorhyms that seek patterns and then compare those patterns against others who fall into similar demographics or with similar behavioral histories. This is how Google knows how to customize your search results and Amazon knows what pictures to plaster all over your page as you're shopping.

And that ( regarding the spying aspect of it all ) is where it gets creepy. Think minority report but without the psychics in the hot tub. Just a massive machine that can say "Hey, four guys committed murder this past month and this guy over here is a lot like those other four guys...."

The second layer of creepy is now Google seems implicitly responsible to inform the NSA if their analytics find trends of that nature in your behavior ( or Bing, or Facebook, or Youtube, etc ).

And that leads us to the third layer - the result. This "safer" Internet will come with a price. Maybe Congress will say that sites that cannot provide user information - or adequate amounts of it - will need to pay a surcharge. The current conversation going on in the tech industry is having a two tiered Internet - a fast lane and a slow lane. HUGE companies can pay out the extreme $$$ to hammer you data at 100 Mbps - but small sites, like ATS, who can't afford the fast lane, would come in at a trickle.

Step two of that would be the death of the slow lane sites.

If you look at current cellular models ( not prepaid but subscription ) there are already examples of these techniques being applied and tested.

Once that happens then the pricing for access changes, again, to a subscription based model - to maximize profits. Just like cable TV you might find your ISP saying "Pick 10 sites from this list and you can access them anytime. Pick 5 more than you can access for x hours per week. This is package "A". Package "B" would include.... and so forth.

FTR these are not theories that I've sat around coming up with - they are a collation of several predictions made by tech and telecom insiders.

I may have a dozen or so threads on this topic and there are still a few more that need to be written to complete the picture- just as things stand right now.

a reply to: Hefficide

F&S&

Corporate industry has been collecting private information on private citizens for at least a century - from health information to financial data.

This convergence is corporations' final, full annexation of governments' power. Not the other way around.

now you see why the government can't protect us?

ATS link

a reply to: Tardacus

It is still possible to use the internet without being tracked if one is smart about how they do it.

The real question is what is "planning on committing a crime"?

To me that almost sounds like thought police, monitoring the common ignorant citizen's facebook so one can be added and tracked if said person mentions drugs, firearms, or a handful of other "key" hot topics is in my opinion a ridiculous way of doing investigative work.

It seems like most of the information that is gathered is used more for marketing purposes, they want to try to sell grandma anything that goes with that sewing pattern and will keep a profile of her and everyone else that bought that sewing pattern as well as all there other online purchases all so they can have slightly better targeted ads.

Important thread. Bump.

....Canada is moving fast to curb real freedoms (while continuing to protect sexual predators). Go figure.