Tag Archives: Snowden

Security and Comms, Your Mobile Concerns

As I’m sure that if you are reading MMM, you are aware of much of what’s happening in and around the NSA/Snowden topic and its effects. In an article read recently at The Atlantic, something stuck out that made me wonder a bit:

One senior collection manager, speaking on the condition of anonymity but with permission from the NSA, said “we are getting vast volumes” of location data from around the world by tapping into the cables that connect mobile networks globally and that serve U.S. cellphones as well as foreign ones. Additionally, data are often collected from the tens of millions of Americans who travel abroad with their cellphones every year.

I just wonder, and maybe its just me more than things that are already spoken – do folks who work in IT/IS for organizations who do travel and need secure communications understand this? Are they putting together security plans which are easy to follow and clearly lay out why “mobile as normal” isn’t the lingua franca anymore?

In a conversation with the CEO of GSMK Cryptophone some months back, amongst the security topics we talked about, the way that mobile is perceived as an area of concern – or not – for faith-based orgs/NGOs came up in one of the questions, here’s a quote from my notes:

What would be some recommendations that you’d have for religious organization who have a need for secure mobile communications, but aren’t sure where to start?

  • think hard about what your threat scenarios are; what are the potential problems
  • what areas/people that need to be protected
  • think of the entirety of communications
  • lots of problems can be solved with open source software
  • pay attention to the range of suppliers and the range of solutions out there
  • understand that mobile devices might not be usable at all

Are these concerns that you hear in your planning sessions for mobile ministry efforts? Or, do you only think about security, political, or other implications only after they have happened? How do you address mobile concerns, if at all?

Additional Note: After investigating several mobile security solutions, GSMK seemed to have the best overall solution. I was very convinced after conversing with them that not only would it be a tech solution, but a behavioral one. Plus, for those who like those modern devices, their security-hardened version of Android is hard to beat. Check them out for your personal or organizational needs.

Mobile, Privacy, and Considerations

Its easy to continue down the consumer line that the holiday brings – talking new devices, apps, and services, and leaving weighter concerns to the opt-ed pieces which might hit a magazine or two. And then there’s that sense of responsibility. A condition of mobile in ministry is to understand the landscape and the challenges of just being in this space. In light of what we do, own, or promote, it our responsibility to pay attention to what might negate this landscape as well.

…Thanks to smartphones or Google Glass, we can now be pinged whenever we are about to do something stupid, unhealthy, or unsound. We wouldn’t necessarily need to know why the action would be wrong: the system’s algorithms do the moral calculus on their own. Citizens take on the role of information machines that feed the techno-bureaucratic complex with our data. And why wouldn’t we, if we are promised slimmer waistlines, cleaner air, or longer (and safer) lives in return?

This logic of preëmption is not different from that of the NSA in its fight against terror: let’s prevent problems rather than deal with their consequences. Even if we tie the hands of the NSA—by some combination of better oversight, stricter rules on data access, or stronger and friendlier encryption technologies—the data hunger of other state institutions would remain. They will justify it. On issues like obesity or climate change—where the policy makers are quick to add that we are facing a ticking-bomb scenario—they will say a little deficit of democracy can go a long way…

That segment is from an article that’s stayed open in a tab for me for a number of weeks now. The Real Privacy Problem at MIT Technology Review is a must-read, must-bookmark, and must share.

And yet, that’s not the end of things. We understand that its not just what we do which is being exposed, but what others are gathering about our actions which present very real challenges – if not outright defining characteristics – to what it means to have mobile ministry practices.

…The NSA has no reason to suspect that the movements of the overwhelming majority of cellphone users would be relevant to national security. Rather, it collects locations in bulk because its most powerful analytic tools — known collectively as CO-TRAVELER — allow it to look for unknown associates of known intelligence targets by tracking people whose movements intersect.

Still, location data, especially when aggregated over time, are widely regarded among privacy advocates as uniquely sensitive. Sophisticated mathematical tech­niques enable NSA analysts to map cellphone owners’ relationships by correlating their patterns of movement over time with thousands or millions of other phone users who cross their paths. Cellphones broadcast their locations even when they are not being used to place a call or send a text message…

Read the rest of NSA tracking Cellphone Locations Worldwide, Snowden Documents Show at the Washington Post.

The Washington Post and others have been very brazen in publishing items like this. Whether or not one can get around that kind of monitoring is one thing, understanding what that monitoring means is another. And the truth also exposed here has to be understood – if countries are advanced enough to pursue these complicated and powerful means of using data to make connections, countries/governments/organizations/individuals which don’t have that skill, or have the controls in place that might be present legally/ethically here, not only have that ability, but have been working in similar manners.

Don’t just be so naive to dismiss the dangers when running towards the opportunities.
Don’t be so paralyzed by the dangers that you neglect running towards the opportunities.

A Disturbing Image, A Passive Reaction

Edward Snowden

With the Halloween season right around the corner, there are enough tales of humor and horror to keep you busy for another 364 days. Yet, this year the most disturbing image given – the acknowledgement of some of the most influential governments in the world have been monitoring digital communications in various clandestine ways – has seemed to illicit more of a yawn and more of the same.

…But what is, in a way, more alarming is how relaxed many of my professional peers seem to be about it. Many of them are people who do understand how the stuff works. To them, Snowden’s revelations probably just confirm what they had kind of suspected all along. And yet the discovery that in less than three decades our societies have achieved Orwellian levels of surveillance provokes, at most, a wry smile or a resigned shrug. And it is this level of passive acceptance that I find really scary.

What’s even more alarming is that the one group of professionals who really ought to be alert to the danger are journalists. After all, these are the people who define news as “something that someone powerful does not want published”, who pride themselves on “holding government to account” or sometimes, when they’ve had a few drinks, on “speaking truth to power”. And yet, in their reactions to the rolling scoops published by the Guardian, the Washington Post, the New York Times and Der Spiegel, many of them seem to have succumbed either to a weird kind of spiteful envy, or to a desire to act as the unpaid stenographers to the security services and their political masters…

The Guardian is right. Publicly, we’ve just not done this part right – and its scary.

I’m guilty too. I’ve not moved as far or as fast as others have towards making more secure communication practices or crafting online spaces which are better secured from prying eyes. I’ve done a few things, but not nearly enough… most of us in #mobmin haven’t. I don’t know that we can continue to be passive about it. Either we play the role that many in the public space have – ignore it while talking about it only in private – or we take ownership of it and do things differently (whatever that looks like).

I’m in a bit of a weird space. I could do something like what’s had to happen with my personal blog and steps I’ve taken with social networking, or there might be something more drastic of a step to take – like really going back to hosting MMM from a mobile phone (really good method here), and only letting verified connections take place to it – then doing secure RSS feeds from there or something else which is mobile, secure, and open – like OpenRepos.

I don’t know… there are methods of ministry on mobile that we should continue to talk about. But, the other side of that tech and truth is that mobile is also a very monitored and monetized communications media whose aim isn’t connecting (first), its making money and keeping vigilance. Can we accept that and be passive about those issues going forward? Or, does #mobmin adapt to that reality too… teaching better methods, understanding even more the incredible opportunity going forward?