Whistleblowers: get some gloves!
January 7th, 2009Whilst trawling around on the interwebs, I cam across this amazing story, and a reason to award some brass balls:
Up Yours Carter-Ruck
Guido is with the in-laws for Christmas and only has internet access via a dial-up or his mobile. So the megabyte size attachment from libel solicitors Carter-Ruck received a few days ago has only this morning been downloaded. Guido emailed Carter-Ruck back at the time to explain he was driving and only had mobile internet access, so what were the contents of the attachment? No reply from Carter-Ruck.
The email contains a Court Order by Mr Justice Tugendhat, threatening Guido with contempt of Court if Guido even reveals the existence of the Order.
Guido believes that he is not the only leading blogger to receive the injunction. He is however the only one willing to break it. Unfortunately for Carter-Ruck they seem to have forgotten that since 1922 the orders of British Judges have been happily ignored by us Irish in our own country. So Carter-Ruck have merely tipped Guido off to a case of which he was previously unaware and Guido will, as a consequence, now share what little he knows with with his co-conspirators as a Christmas treat.
Somebody (unknown) hacked into the email accounts of Zac Goldsmith and his wife Sherazade, Jemima Khan also appears to have had her email accessed. They thieves tried to sell the illegally obtained information to the Sunday Mirror and the Mail on Sunday. Not really that interesting politically, though Goldsmith is a Conservative candidate and presumably Zac is his father’s son…
This particular case isn’t really a matter of principle and Guido isn’t claiming it as such. As fascinating as Zac’s love life probably is, it isn’t really hypocritical. It does illustrate how Britain is increasingly heading towards the French situation of a politically cowed client media injuncted and restricted by privacy laws from reporting on the rich and powerful. The government has also been making a lot of noise about curtailing online publishers and Stephen Carter is gearing up with legislation to attack bloggers. Freedom of the press is soon going to be even more curtailed in Britain.
So we will have a situation where offshore bloggers broadcast the truth to Britons in much the same way as Radio Free Europe kept the citizens of the Soviet Empire informed. The legislation won’t succeed, only Chinese style internet censorship will prevent the truth getting out. Is that the path politicians want to go down?
Now there is a man who has a pair. Sadly, he calls Scientists, Architects and Engineers who have learned that the official story of the mythical ‘911’ is false, “Troofers“.
But hey, no one is perfect, right right right?
Here is a link to the Wikileaks page.
It is right that people should not have their private email sold to and then printed in newspapers. It is however, entirely wrong that secrete (yes, ‘secrete’) hearings and secret orders be used to silence people. Those same secret orders, like the National Security Letters being used in the USA are immoral and WILL ALWAYS result in an abuse. These National Security Letters have been used to stop librarians from disclosing that the government has investigated who has been borrowing what books from the library. When you get one of these letters, you are not allowed to say that you have received one.
The only correct response to these letters and orders is the one that Guido Fawkes made; to immediately release it to the public. If everyone who got one did this, they would be rendered useless.
This takes us to the subject of leaks and the recent government plans stupid idea to get into your hard drive remotely.
One of the comments at that SpyBlog post lead to this site that has a list of what to do’s to be an effective and safe whistleblower. One of the tips is as follows:
Anti-forensics precautions
- Licking a Postage Stamp is likely to leave both your fingerprints on it, and to preserver a sample of your DNA from your saliva.
- Sealing a letter envelope or parcel affixing a postage stamp using sticky adhesive tape or glue etc. will also tend to trap possibly identifiable fibres, dust particles, hairs, skin cells and fingerprints (which may contain sufficient DNA for analysis) , or even a characteristic scent which could be used by tracker dogs.
Commercial Postal Box rental, either from a private company or for an extra fee from the state postal service, has its place, but there is always a financial paper trail to the person who rents the box, and often CCTV video footage of anyone picking up mail from such boxes.
Wikileaks.org offers a supposedly secure Postal Whistleblowing service, for whistleblower leaks to them, but they do not seem to recommend many anti-forensics precautions. except regarding the serail numbers embedded into batches of CDROMs, and the unique Recorder IDs which most CD or DVD burners embed in each copy which they produce.
Interesting…lets think some more about it.
Most stamps today come in the form of a white adhesive label, laser printed behind the counter and then stuck on to your mail by the Post Office worker:
As you can see the date is on there as well as a serial number.
The other types of stamp are the ones that are sold in booklets and which have peel adhesive as the backing. Licking stamps rarely happens today, but it is good advice not to lick stamps nonetheless.
A bigger threat to you is the time-stamp of these stamps combined with the CCTV that is found in most Offices. In order to see who mailed the package, all they have to do is look at the time-stamp from the serial number, and then go back to the time index on the CCTV footage to see your face.
If you want to minimize the effectiveness of a forensic attack, use gloves. Use gloves when you buy your envelopes. Use gloves when you make your photocopies in a public place. Use gloves when you buy your adhesive stamps and use gloves when you stick them to the envelope.
Do not use envelopes from a sealed pack. There are many places where you can buy packs of envelopes that are not sealed. In fact, these are often displayed adjacent to the Post Office queue. Why should you do this? If you use one of these loose envelopes, you can be sure that the sneezes, browsing touches, hairs and and breath traces of tens of thousands of people are going to be on them. These envelopes will be hopelessly contaminated, and that is good for you.
Now you can see yet another reason why setting up a National DNA Register would be such a bad thing. If they had such a register, not only could they catch a whistleblower who was not careful, but they would falsely accuse and then investigate tens of thousands of people simply because they stood in a queue in a Post Office.
I have updated our own additions to the SpyBlog post the most important one being to dump winblows if you are still using it. In the light of govenrments wanting to gain backdoor access to your files, why make it easy for them by running an operating system that is insecure by design?
Ubuntu is massively peer reviewed, and as soon as any flaw is found, it is announced immediately and patched very soon after for free. It is like being a part of a huge body with a self aware immune system that by its nature, cannot lie to itself. This is the first time ever that the vast majority can take advantage of this high level of security and openness without needing any technical prowess.
Once the penny drops about how secure Ubuntu is, several things are going to happen.
First, there is going to be a mass adoption and abandonment of windows.
Second, there will be moves to outlaw Ubuntu, since it is secure by default.
We can make the second prediction because we remember l’attitude Fraiçaise and how they had to change 180° from their previous total ban on encryption. After all, it would look ridiculous if every browser had 128 bit SSL and it was illegal to use it; it would mean no credit card transactions online etc etc. They had no choice but to cave in, and in fact, this is always true; when governments are faced with an entire population that point blank refuses to obey, or they are faced with a massive loss of revenues because they will not adapt to a new way of doing business, they cave in and ‘change course’.
If everyone switches to Ubuntu, then banning it means banning computing itself and destroying commerce, learning and communication completely. There is no way that any government would allow that to happen, so as long as Ubuntu remains under the control of its thousands of developers there would be nothing that anyone could do to stop it. All attempts to poison it would fail, any attempt to attack it would strengthen it – it would be game over for mass automatic surveillance.
By adopting Ubuntu to replace windows everyone gets:
- Unprecedented security
- Unprecedented stability
- Unprecedented ease of use on a Linux system
- Freedom to copy and distribute ad infinitum
- Free updates forever
- Free extension of the useful life of hardware
- Free world class applications (Gimp, Open Office, Evolution etc)
- Ownership of the software
- Permanent exclusion of governments ability to taint the OS
Ubuntu is a massive win for everyone. It is a game changing event, and every move to violate our privacy will simply push more and more people away from windows and to Ubuntu.