With a plethora of provocatively-titled talks like "Twitter Revolution Meets Surveillance State: Now What?" and "Privacy: A Post-Mortem," it wasn't hard to guess the number one topic at this year's Hackers On Planet Earth (HOPE) conference in New York City. But since the last gathering in 2010, it's clear that the anxieties surrounding these issues have penetrated far beyond the hacking community. With recent events fresh in everyone's minds — like Twitter subpoenas on protesters and the discovery that the US government made 1.3 million requests for private cell phone data last year — reality is hitting hard like the cold denial of an impenetrable firewall: we are all being watched, and no one is really 100 percent sure what we can do about it.
For the most part, however, HOPE's varied discourse on surveillance and privacy doesn't seem to exude the tin foil hat excess you might expect. If anything, the paranoia of yesteryear has blurred with well-documented problems that have no easy answers; problems that, with the explosive rise of the personalized mobile tracking devices we still insist on calling "phones," have only relatively recently expanded onto the radar of the general public.
Binney estimates the NSA has been receiving 320 million logs from US citizens per carrier per day since 2001
One harbinger of that expansion is esteemed HOPE speaker William Binney, the former NSA codebreaker known for helping shed light on Stellar Wind, the US government's shocking about-face on privacy protections for American citizens after 9/11. His keynote address last Friday expanded on the NSA's ongoing program of domestic dragnet surveillance — the very same captured in Wired's exposé on the agency's high-tech spy center currently being built the Utah desert.
Binney estimates that thanks to a variety of methods like electronic eavesdropping stations located throughout the country, the NSA has been receiving around 320 million logs from US citizens per carrier per day since 2001, and he says that the agency is well on its way to assembling a database containing information on nearly every citizen within its borders. The statements are seemingly at odds with those of current NSA chief General Keith Alexander, who testified saying that the agency is not engaged in domestic surveillance, despite mounting evidence to the contrary.
Binney is also one of three NSA whistleblowers, including Thomas Drake and J. Kirk Weibe, who recently backed the EFF's lawsuit opposing the program's continuation. All three have been targets of federal investigations in connection with leaks to the New York Times which prompted public awareness of the NSA's surveillance programs in 2005 and 2011.
On the other hand is Steve Rambam, long-time HOPE speaker and private investigator in charge of major firm Pallorium, Inc. whose aforementioned keynote, "Privacy: A Post-Mortem," suggests that Binney's warnings are perhaps slightly misplaced.
"Frankly, Big Brother is an amateur," Rambam says. "It's not the CIA or the NSA or the FBI you need to worry about; it's the people who have a profit motive." He goes on to recount the various changes that have occurred in the past 15 years that have allowed companies like Google and Facebook to flourish at the expense of our privacy, key among them being our expanded tendency towards oversharing, and the plummeting costs of digital storage.
"All databases will eventually be used for unintended purposes."
In the fight for electronic privacy, Rambam's position is that we've already lost. "All databases will eventually be used for unintended purposes," he says, a statement which he authoritatively posits as "Rambam's First Rule." His talk is comprehensive to the point of obsession, covering every aspect of surveilled society and demonstrating how with just one piece of personal information, private investigators can uncover almost anything about an individual through publicly available data. The defining consequence of our expansive and robust networks, he reminds us, is that "nothing is ever thrown away."
But even in the face of seemingly insurmountable adversity, the hacker community by its very nature has never been known for taking these things sitting down. Nadim Kobeissi, creator of the web chat program CryptoCat, is still optimistic that browser-based cryptography can not only shield sensitive information from prying eyes, but make secure communications accessible to the average user. One creative solution he devised for making stronger encryption involved having users dance around shaking their smartphones, using the resulting accelerometer data to improve random number generation.
On the legal side, EFF's Hanni Fakhoury drives home the idea that some key bugfixes in the law — like updating the Fourth Amendment's third party doctrine, which allows warrantless data-gathering from third party web services — could greatly improve defense against government surveillance.
Gloom-and-doom notwithstanding, HOPE doesn't entirely betray its name — whether or not the fight for digital privacy is a lost cause, the hacking community and its allies are still intent on fighting it tooth and nail.