Snowden urges hackers to take an ethical stand in protecting privacy -

Snowden urges hackers to take an ethical stand in protecting privacy

Stan Ward

Stan Ward

July 29, 2014

Edward Snowden is on his soapbox again, this time appearing on a video feed in New York City from his year- long home in Moscow. Snowden implored hackers to spend more time and effort focusing on helping users maintain their privacy saying that encryption alone, while a good start, is not enough.

Snowden addressed the HOPE (Hackers on Planet Earth) conference and adamantly promised to dedicate his time to developing and promoting technologies designed to protect user’s rights. At the conference, Snowden specifically highlighted the need to defeat surveillance techniques such as traffic analysis and touted mixed routing as a protection for individuals from oversight.

“We need to have protocols that are resistant to traffic analysis. They need to be padded, basically, even if there’s some level of performance penalty. So you can’t look at differences in for example Skype conversations and tell which phoneme or word was spoken based on packet size and signalling speed and so on and so forth. You also need to use some mixed routing, some sort of shared infrastructure that divorces the individual connection from the individual origination point. And that’s still a hard problem. We haven’t solved that in a performance respecting manner.”

Snowden has already begun promoting technology that lets users act to protect their own rights. Specifically, while speaking to the Guardian last week he recommended SpiderOak – an end-to end encrypted filesharing system as a replacement to software such as DropBox. He slammed DropBox as being “hostile to privacy” without elaborating and urged users to services with “zero knowledge”. That means there is no way of decrypting data stored with them.

SpiderOak, he pointed out has structured their systems to store all your data on them but unlike DropBox they have no access to the content. They still have to comply with law enforcement warrants, but it would require separate authorization from a judge to access your encryption key. This anti-tracking technology which encrypts messages will allow users to communicate anonymously online to avoid any unwanted surveillance. He didn’t mention VPNs as an option to thwart snooping but would have done well to, as many satisfied users of VPNs will attest.

Snowden went further in challenging the audience to be proactive,

You in this room, right now have the capability to improve the future by encoding our rights into programs and protocols by which we rely every day. That is what a lot of my future work is going to be involved in.

He didn’t address the circumstances surrounding his asylum in Russia. Believing that the prospects for getting a fair hearing in the US are impossible, he has applied to an extension of his visa there. It seems to matter little what his physical location may be. Edward Snowden continues to be an advocate for privacy and a thorn in the side of surveillance agencies around the world.

Stan Ward

Stan Ward has enjoyed writing for 50 years. Writing has been a comfortable companion to a successful business and teaching career for him. Find him on Google+.

One response to “Snowden urges hackers to take an ethical stand in protecting privacy

  1. Just a warning on SpiderOak… their system is NOT zero-knowledge if you access your data via the SpiderOak website or a mobile device!

    Here’s what they say on their website if you dig deep enough…

    Important Note: When accessing your data via the SpiderOak website or a mobile device, you must enter your password which will then exist in the SpiderOak server memory for the duration of your browsing session. The instance above represents the only situation where your data could potentially be readable to someone with access to the SpiderOak servers. That said, no one except a select number of SpiderOak employees will ever have access to the SpiderOak servers. To fully retain our ‘zero-knowledge’ privacy, we recommend you always access your data via the SpiderOak desktop application which downloads your data before decrypting it locally.

Leave a Reply

Your email address will not be published. Required fields are marked *