The security expert Bruce Schneier wrote some useful essays on the current situation of Edward Snowden exposing the US surveillance programs, especially the documents where the US and UK intelligence agencies allegedly cracked the protection measures of common users for data collection and analysis.
In “Conspiracy Theories and the NSA“, he argues that the feeling of distrust that the public has in the government and NSA is a fertile ground for conspiracy theories. In order to regain trust some actions need to be initiated, such as the prosecution of the involved entities using special powers and transparent procedures. There’s also the need of a commission where whistle-blowers and informed people can go and disclose the details without fear of consequences.
In “The NSA’s Cryptographic Capabilities“, Bruce analyses the details of the NSA abilities to impact common encryption and its overall security. He makes some informed hypotheses, and offers some solutions that could fix the possible weak points or at least increase the effort it takes to break a particular defence mechanism.
In “NSA surveillance: how to stay secure“, the details of NSA data collection capabilities are considered and, given what we know, Bruce offers 5 advices that can be implemented by most users. As usual there’s the problem of usability versus security, so the users must make informed decision about how much to protect themselves. I note that almost anything about these advices is useful also against attacks from malicious non-government criminal hackers, so it’s generally a good idea to implement them regardless of the current government surveillance problem.
In “The US government has betrayed the internet. We need to take it back” Bruce calls engineers to action. The Internet has been brought to the world thanks to bright and honest people from all over the world, that built an infrastructure based on transparency, trust, and peer reviews. After all these years, in this climate of distrust and planted defects, the engineers can do much to improve the situation:
- Expose and disclose, by knowing your own rights and bounds,
- Design and correct the Internet and the networking,
- Influence governance, demanding transparency, oversight, and accountability.