Snowden on privacy tech solutions and code verifiability

Snowden, in an interview with the Guardian 2 days ago, talks about (1) proper privacy tech solutions and the (2) importance of verifiability and free software licensing.

Our User Verified Social Telematics project seems quite aligned with what he said.

(1) About proper privacy tech solutions he said:

“Recently, I’ve been spending a lot of time thinking about press freedom issues in addition to the ordinary individual’s private communications, and I’ve been partnering with civil liberties organisations to see where we can contribute and try to create new tools, new techniques, new technologies that will make sure our rights are protected regardless of the status of law in a given jurisdiction.

Imagine an app or a cell phone or an operating system for a cell phone or a small device, anything that would allow people to have free and ready access to meaningfully secure communications platforms that don’t require sophistication to use and operate”.

By mentioning apps, he’s clearly trying to encouraged privacy innovation at all stack levels and overall investment. Proper encryption apps would make passive super-low-cost surveillance, in transit or on the cloud, difficult or impossible.

Nonetheless, if  “meaningful” protection from low-cost semi-automated targeted surveillance (at end-points, beyond point of encryption) could be provided by an app, he wouldn’t be talking about “operating systems“. This mention clearly supports to TAILS live booting OS on the desktop (that his chosen journalists use for their communications with him), and GSMK Cryptophone phones running free software apps and Gnu/Linux OS.

Furthermore, he mentions of a “small device” instead of “mobile device” or “portable device” clearly acknowledges the difficulty in protecting from unverified baseband processors, and other issues and complexities in securing a phone. It is very likely it refers to efforts such as those of Tomy (a alpha project of the TAILS team), meant to run on Wifi-only mobile devices, or mobile device where mobile network functionality can be reliably removed. It may refer to solutions such as R&S Top Sec or Secusmart phones with microSD solutions (used by Angela Merkel), if they were verifiable (and certifiably adequately verified) in their sw and hw, and transparent in their design.

The current approach of the Tomy project may not be optimal because:

  • It’s still be vulnerable to hardware and firmware vulnerabilities, such as those of the main processor and co-processor, including the USB used and its firmware. And each device will have its own (as in Tails).
  • Not clear at all to what extent it may be possible to reliably disable the baseband processor during
  • Has the inconvenience of having to reboot every time, and works only when WiFi is available.
  • Has no strategic plan to date to attract nearly the necessary resources to develop such solution to high enough levels of assurance and promote wide adoption of that solution.

(2) On free software and verifiability he said:

I think everybody has some exposure to proprietary software in their lives, even if they’re not aware of it. Your cell phones for example are running tons and tons of proprietary code from all the different chip manufacturers and all of the different cell phone providers.

We are moving very slowly but meaningfully in the direction of free and open software that’s reviewable, or, even if you can’t do it, a community of technologists [who] can look at what these devices are really doing on the software level and say, is this secure, is this appropriate, is there anything malicious or strange in here? That increases the level of security for everybody in our communities.

I’d argue he refers to the fact that many free software users, activists and experts often underestimate the importance of proprietary firmware, which render meaningless ALL control and freedoms from snooping and tampering they believe they gain by running only free software on OS and app layers. He also makes clear that free software is preferred, but that verifiability of source code may be initially sufficient for security assessment.

Leave a Reply