rather than trying to rank the NSA revelations on any sort of scale, we’ve put together an admittedly simplified list of some of the more interesting NSA-related stories to emerge in 2013.

Least Surprising NSA Capability: Breaking/Subverting Crypto

Most Surprising NSA Capability: Defeating the Collective Security Prowess of Silicon Valley

Most Interesting People to Emerge From the NSA Story: Jacob Appelbaum and Matthew Green

When it comes to the fight for free expression and privacy in technology, 2013 changed everything.

This was the year we received confirmation and disturbing details about the NSA programs that are sweeping up information on hundreds of millions of people in the United States and around the world.

In December, a federal judge even found the surveillance likely unconstitutional, calling it “almost-Orwellian.”

As the year draws to a close, EFF is looking back at the major trends influencing digital rights in 2013 and discussing where we are in the fight for free expression, innovation, fair use, and privacy.

Brazil has rejected a contract for Boeing’s F/A-18 fighter jets in favor of the Swedish Saab’s JAS 39 Gripens. The unexpected move to reject the US bid comes amid the global scandal over the NSA’s involvement in economic espionage activities.

The announcement for the purchase of 36 fighters was made Wednesday by Brazilian Defense Minister Celso Amorim and Air Force Commander Junti Saito. The jets will cost US$4.5 billion, well below the estimated market value of around US$7 billion.

The revelations of the massive U.S. government tietourkinnasta have scared the ordinary citizens , undermined the credibility of our policies and outraged defend the privacy of guard dogs , but senior IT managers are not panicking , at least not yet.

So far, they have been content to follow the situation , gather information about , and to make a variety of measures to minimize the risks. Despite the alarming news of IT management does not , however, have not withdrawn their decisions to outsource their respective companies and data applications in the cloud.

This became apparent when a pair of ten U.S. and European CIO of the respondents were asked how the NSA’s doings have influenced their cloud services strategy.

Many of the interviewed top-level IT executives told , however, to be more cautious cloud service plans , and the transition to the cloud . The spy scandal because they are also re- visited through the cloud service providers’ agreements, just double checked the best practices and tighten the security controls .

No surprise

The revelations do not come to the CIO for a complete surprise , but the fact that the Board of Directors oversees the telecom and internet traffic, has been common knowledge .

“The government’s control has not changed our opinion on cloud computing . The cloud is an attractive model for us . On the other hand , I have never been so naïve that I would have never thought that this type of control should be going , ”

For many respondents , the government ‘s information systems and traffic spy is not part of their security threat to the top of their lists .

“Every CIO has every minute of every day among other things, concerned about security, privacy, business continuity and disaster recovery. We are likely to be paranoid friends across the globe, ”

Also, the fact that all had been behind a firewall , its risks associated with their own . IT leaders concerned about the cost and complexity that arises when servers are rotated in their own data centers . Run the risk of loss of competitiveness if the competitors have to take the benefits from cloud services.

Source:
CIO ei joudu NSA-paniikkiin
http://www.tietoviikko.fi/cio/cio+ei+joudu+nsapaniikkiin/a954723

Microsoft is the latest company to try to protect its data from its own government.

An article on Thursday indicates that Microsoft is in the process of expanding and strengthening the encryption for popular services including the email service Outlook.com, Office 365 apps, the Azure cloud-computing service and Skydrive online storage. It is also adding an encryption technology, called Perfect Forward Secrecy, that thwarts eavesdropping.

The company is also scrambling the links between its data centers in an effort to assure users and foreign governments that their data is not free for the National Security Agency’s taking.

The company says encryption and Perfect Forward Secrecy will become the default setting for users by the end of 2014.

Microsoft will also open up so-called transparency centers, where governments can inspect its products code for back doors.

“The idea that the government may be hacking into corporate data centers was a bit like an earthquake, sending shock waves across the tech sector,” Mr. Smith said in an interview. “We concluded that we better assume that there might be such an attempt at Microsoft, or has already been.”

And therein lies the rub. Microsoft’s efforts — and for that matter Google’s, Twitter’s, Mozilla’s, Facebook’s and Yahoo’s — still do not prevent the government from gaining access to their data through a court order. And some security experts point out that even if companies like Microsoft allow outsiders to inspect their code, that only eliminates one mode of attack; snoops could still find holes in other parts of the system.

Lavabit and Silent Circle, two secure message providers, have been lobbying major Internet companies to adopt a new Dark Mail e-mail protocol that would encrypt user data and metadata in such a way that it would leave the keys with the user, not the provider. Dark Mail would thereby force governments, or hackers, to go straight to the user to unscramble their data.

“The real friction point is that Yahoo, Google and Microsoft make money mining off free email,” Mr. Janke said in an interview. “They say they’re concerned about user privacy. Now we’ll see if they really care.”

Encrypted email, secure instant messaging and other privacy services are booming in the wake of the National Security Agency’s recently revealed surveillance programs. But the flood of new computer security services is of variable quality, and much of it, experts say, can bog down computers and isn’t likely to keep out spies.

In the end, the new geek wars —between tech industry programmers on the one side and government spooks, fraudsters and hacktivists on the other— may leave people’s PCs and businesses’ computer systems encrypted to the teeth but no better protected from hordes of savvy code crackers.

“Every time a situation like this erupts you’re going to have a frenzy of snake oil sellers who are going to throw their products into the street,” says Carson Sweet, CEO of San Francisco-based data storage security firm CloudPassage. “It’s quite a quandary for the consumer.”

The revelations are sparking fury and calls for better encryption from citizens and leaders in France, Germany, Spain and Brazil who were reportedly among those tapped. Both Google and Yahoo, whose data center communications lines were also reportedly tapped, have committed to boosting encryption and online security. Although there’s no indication Facebook was tapped, the social network is also upping its encryption systems.

For those who want to take matters into their own hands, encryption software has been proliferating across the Internet since the Snowden revelations broke.

Heml.is — Swedish for “secret” — is marketed as a secure messaging app for your phone. MailPile aims to combine a Gmail-like user friendly interface with a sometimes clunky technique known as public key encryption. Younited hopes to keep spies out of your cloud storage, and Pirate Browser aims to keep spies from seeing your search history. A host of other security-centered programs with names like Silent Circle, RedPhone, Threema, TextSecure, and Wickr all promise privacy.

Many of the people behind these programs are well known for pushing the boundaries of privacy and security online.

The quality of these new programs and services is uneven, and a few have run into trouble.

“What we found is the encryption services range in quality,” says George Kurtz, CEO of Irvine, Calif.-based CrowdStrike, a big data, security technology company. “I feel safe using some built by people who know what they are doing , but others are Johnny-come-latelies who use a lot of buzzwords but may not be all that useful.”

Even so, private services report thousands of new users, and nonprofit, free encryption services say they have also see sharp upticks in downloads.

And for many users, encryption really isn’t enough to avoid the U.S. government’s prying eyes.

In any case, most attacks don’t happen because some cybercriminal used complicated methods to gain entry into a network, he adds.

“Most attacks occur because someone made a mistake. With phishing emails, it just takes one person to unwittingly open an attachment or click on a malicious link, and from there, cybercriminals are able to get a foothold,” Peterson says.

UNITED NATIONS (United States) (AFP) – A UN rights committee on Tuesday passed a “right to privacy” resolution pressed by Germany and Brazil, which have led international outrage over reports of US spying on their leaders.

The resolution says that surveillance and data interception by governments and companies “may violate or abuse human rights.”

Fifty-five countries, including France, Russia and North Korea, co-sponsored the text which did not name any target but made lightly veiled references to spying which has put the US National Security Agency at the center of global controversy.

The United States and key allies Britain, Australia, Canada and New Zealand — who together make up the so-called “Five-Eyes” intelligence group — joined a consensus vote passing the resolution after language suggesting that foreign spying would be a rights violation was weakened.