Security


19
Jan 14

Part 2: Snowden – Whistleblowing & Its Consequences

Edward Snowden and Bradley Manning

A couple of weeks ago, I posted some thoughts about clemency for Edward Snowden and whether I thought he was a hero.  My main point was that I was grateful to know the information he gave the world, but I felt that fleeing the US was an immoral choice, that whistleblowers who make the decision to “go public” have a responsibility to stand by their decision whatever the consequences.  I said that even if I could understand the choice to run, that that didn’t meet my standard of “hero”.

The post generated a lot of comments, and I’ve been thinking about some of those responses.

First, I have to acknowledge the insensitivity of referring to Chelsea Manning as “he” and by a prior name.  I fully 100% support everyone’s right to define their own identity, and it was thoughtless of me to do otherwise.  I suppose that the name “Bradley Manning” had become somewhat iconic in my own mind and though I was aware of her choice to become known as Chelsea, it was almost as if the whistleblowing icon and the actual person had become separate entities in my brain.

But of course they aren’t separate at all, Chelsea Manning is an actual person, and its exactly these kinds of careless and unthinking errors that expose cisgender privilege and, however unintentionally, perpetuate prejudice and discrimination.  Many thanks to those who pointed this out and I will be more conscious and thoughtful in the future.

Regarding the discussion about whether or not Snowden is a hero, everyone who commented here or on G+ or other places universally disagreed with my position. I have a lot of respect for the people in my network and when my perspective is completely out of step with the majority view, it definitely gives me pause.  Even more so when virtually everyone thinks I’m wrong.  😉

I think it speaks very highly of the folks who read my blog that though they disagreed with me, passionately even, no one was disrespectful or rude, and I appreciate that. For me, blogging is a form of processing, of trying to think through issues and problems, and I’m always ready to acknowledge that I may be wrong.  The whole point of posting publicly is to get feedback and to have good dialogue with people who are also passionate about the issues I care about, and I’m happiest when we’re really digging into an issue but doing it kindly and civilly with each other.  So thanks to everyone for keeping it cool.

I can’t say that I’ve been completely swayed from my position by the arguments everyone made, but it has made me think more about the complexity of Snowden’s particular situation.  My mother and many others asked if I thought Snowden should have paid with his life for his actions, and the answer is no, I don’t think he deserves to die or spend life in prison for trying to expose the wrongdoing of the NSA.  I also agree that both of those scenarios were plausible outcomes if he had chosen to stay instead of leaving the US, and by that logic, then he would be justified in trying to protect himself from that fate.

Despite that, I still feel resistance to the idea that it is a moral choice to blow the whistle and run.

I may be persuaded that Edward Snowden’s, or to some extent, even Chelsea Manning’s, specific circumstances were extraordinary.  That they were not exposing your run-of-the-mill malfeasance or wrong-doing, but rather they were exposing wrongdoing of such a horrific scale and magnitude, and perpetrated not by some low level official or small corporate concern, but by our own government across many branches and departments, and therefore that deserves some leeway.  I think that’s a fair argument and it’s forced me to reconsider my position.

I would still argue, though, that universalizing Snowden’s decision to flee is ultimately NOT the best outcome – for whistleblowers OR for the society a whistleblower is trying to protect.  In the best of worlds, what should happen is that the whistleblower should be safe, should be protected, should be given safe harbor until the disclosures can be digested and the situation investigated.  Edward Snowden shouldn’t have to flee his own country, rather our government and our society should have better measures in place and better systems to protect those who make the brave choice to expose wrongdoing.  We should be demanding better protections for the Mannings and Snowdens (and Swartzs) of the world.

And I guess that’s where it shakes out for me.  If we universalize Snowden’s decision to blow the whistle and flee, and say that’s ok, then we run a two-fold risk:

1) We open the door for anyone claiming whistleblower status to get a pass whether it’s deserved or not.  I maintain that making a public accusation of wrongdoing carries with it a responsibility to stand behind the claim. We all must have the right to face our accusers, and whistleblowers are not and cannot be exempt from that.  Due process matters, it protects us from unfounded accusations and (in an ideal world) acts as a safeguard against vigilante justice, by the state OR other people.

2) We let ourselves off the hook for failing to provide the protections that legitimate whistleblowers deserve.  While I’ll admit that Snowden likely had little rational choice but to leave, don’t we all agree that he shouldn’t have had to?  I think in some way, blessing Snowden’s decision to flee is a form of ignoring our own complicity in a system that we know is terribly unjust.  Instead of arguing about whether or not he was justified in running, we really should be expending that energy on making it so he doesn’t have to – not just for Snowden, but for all the legitimate whistleblowers out there who don’t have international visibility and media scrutiny to protect them.


That’s where my reasoning is at the moment, but I’m sure I’ll keep thinking on this for some time to come.  Thanks again to everyone who commented, and as always, feel free to disagree!  🙂


23
Feb 13

Must Watch – Lessig’s Harvard Law Talk About Aaron’s Law

I found this both moving and inspiring. I’ve come to believe that academics and researchers have a moral imperative to fight closed publishing, and this talk by Lessig only makes me feel that more strongly.


11
Sep 12

A September Eleven Blue Sky

In a moment of tragedy or crisis, it’s strange what single detail stands out most among a thousand details of a scene. Some people remember where they were standing when they saw the towers fall on tv, some remember who they lost that day.

For me, the single detail I remember most is a certain shade of blue sky that I will always think of as September Eleven Blue. As I walked to work after spending hours glued to the television set, my brain was on some strange surreal loop. I kept looking up into the most pristine and sparkling blue sky I’d ever seen and thinking over and over:  How could this happen? How could someone deliberately fly a plane full of people into a building full of people on such a beautiful sunny day? How could this happen?

The horror of it was more than I could fathom, it seemed somehow all the more horrific against that backdrop of happy blue – as if tragedy could only happen when it’s storming outside.

Image courtesy of New York Social Diary, “The Morning of September 11” by Alexandra Lebenthal

I don’t think I’ve ever posted a reflection on that day before, because in the weeks and years that followed, I became exhausted by and to the whole spectacle of 9/11. Instead of engendering feelings of patriotism or love of country, the cheap plastic flags and yellow ribbons pasted on every available surface, car, window, and t-shirt came to feel very cheap indeed – hollow symbols of a feeling of unity that lasted for only a brief millisecond before we turned to, not politics as usual, but far worse, the politics of fear and retribution. I didn’t know then that it would eventually lead to the War on Terror and the War on Iraq and the War on Afghanistan, so many wars on so many things, I just knew that I felt numb and frightened and suddenly very painfully aware of how fragile life is.

I had friends and colleagues who seemed for a while to need to know every gory detail of every victim’s last moments, but I didn’t. I didn’t listen to the last voice mails and the 911 recordings, I didn’t watch the videos of the people jumping, I tried not to imagine what it would have felt like to be in that plane over Pennsylvania, or to be burned alive or buried in the rubble. I couldn’t. For me, the horror of what I already knew was enough and the fascination with the tragic details felt repulsive – I couldn’t understand it. They have a name for that phenomenon now, disaster porn they call it.

To me it just felt somehow.. disrespectful. And something worse, some word I can’t put a name to, that thing that makes us gawk and take some creepy pleasure in seeing other people’s agony. Or maybe using other people’s agony to fuel our own ugly impulses, to go kill whoever was responsible, even if it meant killing hundreds of thousands of other completely innocent people as collateral damage to salve our wounded American soul.

I was afraid, back then, to even say words like these. To not feel a burning patriotic fervor to hunt down the evil-doers in the post-9/11 world was to be a traitor. In the city where I live, conservative, religious, American heartland Cincinnati, Ohio, it was impossible to avoid the forwarded-hundreds-of-times email chain letters (this was before Facebook or Twitter existed) about how we would destroy Osama bin-Ladin and every “towelhead” who got in our way. Jingoism doesn’t begin to describe it, I saw blood lust even in the eyes of my mild mannered office mates. That scared me far more than the terrorists did, far more than whatever horrible thing al-Qaida might have planned. I became afraid of my own countrymen and my own government more than I was afraid of any shadowy enemy in the middle east.

Terror Alert: Orange lasted for years afterwards. And when it was over (is it over? will the wars ever be over?) I felt mostly sadness that all those people died so tragically, and sadness that in their names we destroyed nations and our own civil liberties. That so many of our own young men and women in the military had paid as high a price as the victims of 9/11 in as senseless a tragedy through the War in Iraq.

Another Anniversary, Another Election

As another 9/11 anniversary approaches, another presidential election, I can’t help but think back about that time and how that incident really did change us. How it really did change the trajectory of our nation, our politics, our financial security. For a long time there was that cynical joke about how if you do X, the terrorists win.  I sometimes think, looking back, that the terrorists did win, and win big.  9/11  changed so much about our culture, made us so much more willing to surrender our privacy and our human rights for often just the illusion of security.

One of the things that struck me about the political conventions this year was how little 9/11 was mentioned, how little the history of the last 10 years was discussed beyond the current economic issues and pandering to military voters.  There was little acknowledgement even from the Democrats about the truly brutal, dishonest, and frightening Bush administration.  They didn’t really tell the narrative about exactly how and why the Republican Party led us into disaster and how and why it would be disasterous to put them back in charge of the White House again.  Why didn’t they tell that story more forcefully?

For my part, I felt an enormous amount of rage towards the those who had led us to that precipice.  After spending billions or trillions of dollars in Iraq, after pushing through tax cuts for the wealthy, after de-regulating financial reforms put in place to protect us from another Great Depression, the Republicans marched us to catastrophe.  In US Economic Crisis – “Privatizing Gains, Socializing Losses”, I wrote:

The REPUBLICAN PARTY, representing free-market capitalists, has largely had their way in terms of economic policy, they passed their tax cuts, they gutted many of the laws put in place after the Great Depression, and theysuccessfully protected the profits – the sickeningly vast profits – of a very, very tiny percentage of very, very wealthy Americans. […]

I am angry. Afraid. Worried. The REPUBLICAN PARTY has quite literally wrapped themselves in the American Flag and used every dirty trick in the book to keep the average, church-going American distracted by issues like guns, abortion, and gay marriage so they can rob our country blind. And they seem to be getting away with it.

When does it stop? When does the party of “Country First” actually start putting the country – the whole country, not wealthy investors – first?

It was a welcome relief to me when Obama was elected at the end of that year. Obama’s campaign rhetoric stirred in me some of those patriotic and hopeful passions I remembered from the days before 9/11, when I still believed that reasonable people could find some agreement.  That’s back when I thought most Republicans were conservative like my grandpa, a staunch life-long Republican, who I loved and respected greatly, even as I passionately disagreed with his philosophies about human nature.  Where he and I found common ground, I assumed so would be the case between the Left and the Right.  I thought love of country and the need to help each other in such dire times would bring some kind of relief from the endless political bickering.

But I was disappointed to discover that we were more divided by partisan zealotry than ever before.  Obama’s complete cop-out on a single payer system, or even a public option, for healthcare reform, his wholesale embrace of the Right’s solution did nothing to quell the divide.  Such a pitiful excuse for a “socialist” solution to the healthcare problem was so well spun by the Right that it led to the birth of the Tea Party nutjobs and the “Keep the government out of my Medicare” protests.  Republicans in Congress began their steadfast refusal to do anything but say “no”, be damned the consequences, including the debt ceiling fiasco that actually led to the downgrading of our nation’s credit rating.

These last few years, it has seemed as if all sanity has flown the coop.  One cannot reason with those who are unreasonable, those who do not believe in science, or education, those who would rather scream about God than have any faith in or compassion for each other – those who seem to revel in the disaster porn that our nation has become.  The divide has become such a chasm, I wonder what America they are even living in, because it doesn’t seem like the one I am living in.

The only exception to these political divisions seemed to be the night Osama bin-Ladin was finally killed. I wrote about how it felt to experience that moment with others through Twitter, and just like with 9/11 itself where I could not feel pure hatred and bloodlust, I could not feel pure joy and glee that we killed bin-Ladin, either.  I felt somewhat ashamed of the reactions; disgusted by the calls to literally put bin-Ladin’s head on a spike as if we should engage in some gruesome medieval display of power.  Reflecting back, I wrote:

 By my view, the world really did change on September 11th, and it has been a long, brutal, depressing decade since. Whatever innocent naivete I still held at the wise old age of 25 began to crumble as those towers fell and the 10 years since have held many bitter lessons still. Wars that seem unending and against people and ideologies that are complex and don’t lend themselves to simple narratives about “defeating our enemies”. A decade of absolute fiscal corruption and robbery that would have made the robber barons blush. A political system that seems barely functional on the good days and completely ill equipped to address any of the real issues facing our nation. Catastrophes like Katrina from mother nature, and catastrophes of our own making, leaving people without homes and jobs and even those of us who still have both ever fearful that they could disappear tomorrow.

” A nation that can’t resolve sensibly any issue that matters..”

I’ve been pretty candid about my political views.  I’ve written about why I consider myself a progressive, and about the values and beliefs that guide my political conscience.  I know that other people value other things, have beliefs that are different than mine, and I can accept and understand that.  What I can’t understand, what I can’t accept, is pretending as if this history didn’t happen: Two wars costing trillions of dollars, millions of wounded, and hundreds of thousands of lives lost.  An economic disaster that triggered a global crisis, erased a decade of wealth in the US, and left millions of our own people in desperate straights.  These two things frame the beginning and the end of the last decade of our nation, and both of them happened under the leadership of the Republican Party, and with little to no meaningful dissent from the Democratic Party.

This history leads the partisan part of me to want to ask anyone who’s even considering voting for Mitt Romney – what the heck are you thinking?  Have you completely forgotten that it was a Republican led White House that took us falsely to war in Iraq?  Have you completely forgotten that it was Republican led de-regulation of the financial industry that led us to this depression/recession/whatever mess?  Aren’t you absolutely horrified by the voter suppression, the racism, the insulting belief they should control women’s bodies, the religious zealotry, the anti-science, anti-education, anti-common-freaking-sense craziness of today’s Republican Party?

But make no mistake, that partisan part of me is just as furiously angry with an Obama administration who has not closed Guantanamo Bay, not ended either war, continued and even extended some of the worst parts of the Patriot Act, who completely caved on the Bush era tax cuts, whose administration has not done more to help homeowners and average working people after bailing out big business and big banks, who has not prosecuted those who were responsible for the collapse, or passed any reasonable legislation to stop it from happening again.

Indeed, I am left feeling that, while I’ll be voting for Obama again this election because the lunatic right just isn’t an option, the entire system is so corrupt that a vote for Obama or even a win for Obama is just a degree in difference, not kind.  When Lessig points out that:

A tiny number of Americans — .26 percent — give more than $200 to a congressional campaign. .05 percent give the maximum amount to any congressional candidate. .01 percent give more than $10,000 in any election cycle. And .000063 percent — 196 Americans — have given more than 80 percent of the individual super-PAC money spent in the presidential elections so far.

These few don’t exercise their power directly. None can simply buy a congressman, or dictate the results they want. But because they are the source of the funds that fuel elections, their influence operates as a filter on which policies are likely to survive. It is as if America ran two elections every cycle, one a money election and one a voting election. To get to the second, you need to win the first. But to win the first, you must keep that tiniest fraction of the one percent happy. Just a couple thousand of them banding together is enough to assure that any reform gets stopped.

Some call this plutocracy. Some call it a corrupted aristocracy. I call it unstable. Just as America learned under the Articles of Confederation, where one state had the power to block the resolve of the rest, a nation in which so few have the power to block change is not a nation that can thrive.

.. what else can a simple working girl like me think but that the whole game is just plain rigged?  When so many pressing issues of our time go unaddressed while we spend billions and billions of dollars and months and months of time on campaigns, not just for president, but for congress and governors and local officials as well, it seems that the entire system is just plain failing us. I feel so frustrated, so distrustful, so dissapointed in what has become of our country since 9/11, that I am paralyzed by it.

Many things have changed since the Twin Towers fell, but eleven years later, I’m still looking up into a September Eleven Blue sky caught in that surreal loop, wondering how all these things could have happened.  Just as I wondered how on earth someone could deliberately fly a plane full of people into a building full of people on a perfectly beautiful sunny day, I wonder what kind of craven souls could deliberately be playing political cat and mouse with each other instead of dealing with the enormous challenges facing our country – or worse, how it has come to be that we the people seemingly have no more power to stop this calamity than we had to stop those towers from falling.

Lessig ends by saying that a nation that can’t resolve sensibly any issue that matters is a nation that will fail.  I’m afraid he’s right.

 


10
Dec 11

Why This Gmail User Switched to 2-Step Authentication And You Should Too

A few weeks ago, I took the plunge to change to Google’s 2-Factor authentication for increased security and after reading a horrifying article in The Atlantic about a user’s Gmail getting hacked and all of their email deleted, I’m glad that I did.  From the article in The Atlantic:

At Google I asked Byrant Gehring, of Gmail’s consumer-operations team, how often attacks occur. “Probably in the low thousands,” he said. “Per month?,” I asked. “No, per day,” followed by the reassurance that most were short-lived “hijackings,” used to send spam and phishing messages, and caused little or no damage, unlike our full-out attack. My wife and I, having heard from half a dozen friends who’d recently had similar problems, had innocently imagined that we all were part of some general upsurge in Gmail attacks. In our grandiosity, we thought it was perhaps even aimed at journalists. But according to the experts, while there are more e‑mail attacks worldwide than a year ago, it was mere coincidence that people we knew had been hit around the same time. On average, half a dozen accounts are taken over every two or three minutes, round the clock, including now.

I often say that Google owns my online soul because it’s true.  I switched to using Gmail years ago and since that time I’ve eventually adopted a huge number of Google services to manage my online life – Google Docs, Google Checkout, Google has my calendar, Google Analytics for checking my website traffic..  My Google account contains tons of crucial data.  And while I’ve gotten much better about performing automatic backups of my local data, I’ve not been nearly as good about keeping track of my data in the cloud, and despite knowing better, I’ve been somewhat lazy about my passwords, too.

I haven’t had any catastrophic hacks or data loss events recently, but in general, 2011 has been a year of re-thinking my use of the cloud and third party services, and as part of that I’m also trying to improve my overall “data hygeine” by making backups of cloud based services and improving my password security around the web.  It’s a tedious job and I can’t say it’s been easy.  Some friends have suggested password manager sites like KeePass but I’m still wary and haven’t made that jump yet.  Instead I’ve just tried to do some simple but smarter things like not re-using the same password everywhere and making the passwords I do use longer and more complex – with special characters and not just numbers, spaces if a site allows it.

All of these things are helping me feel a little less vulnerable over-all, and I definitely feel that the switch to Google 2-Factor authentication was a good move even if it’s been slightly inconvenient a time or two.  When I think about how much data is tied to my Google account and how reliant I am on that access to do my day-to-day work, a little inconvenience is a small price to pay for the additional security.

If you don’t know what 2-Factor authentication is, check out Google’s explanation and overview, but basically, I can’t log into my Google account from a new computer unless I can enter the verification code they send to my cell phone.  I have some backup phone numbers available in case I’m somewhere without cell phone service, and a list of backup codes written old skool style on paper in case I don’t even have that.  But generally speaking, this means some random dude from Nigeria cannot log into my account unless he’s also got my cell phone.

If you use Gmail or other Google services, you should switch to the 2-Step Authentication asap.

Again from the Hacked article in The Atlantic:

WHAT ABOUT THE rest of us, who are not security professionals? I asked that of every person I interviewed. Many of their recommendations boiled down to the hope that people would think more about their life online. “We’d like people to view their information life the way they view other parts of their life,” Andrew Kovacs of Google said. “It’s a good practice to review your financial situation every so often, and it’s a good practice to review your passwords and online-account information too.” Another official compared “cloud hygiene” to personal hygiene: you feel bad if you don’t brush your teeth or take a shower, and you should learn to feel bad if you’re taking risks online.

I’ve been feeling bad about the risks I’ve taken online and every step I take to get a little more security helps.  Hope you take those steps too because none of us wants to be the woman in that story.