The surveillance story has left a bitter taste in the mouths of users of some of the web’s biggest companies, but this week some of those companies got their chance to respond.
Apple said that the US requests affected 2,000 to 3,000 accounts, adding it gave out data on zero to 1,000 accounts, while the UK made 127 requests and according to the BBC, since Apple’s main business was “not about collecting information”, the vast majority of requests it received from law enforcement agencies were about information on “lost or stolen devices”. So all pretty above board, and as least those nations asked before taking anyway.
In another case, Finnish security firm F-Secure revealed that it had been asked four questions on: whether it had ever detected the use of software by any government (or state actor) for the purpose of surveillance; had it been approached with a request by a government, requesting that the presence of specific software is not detected; had such a request been granted; and how it would respond to such a request in the future? In response, it said it had detected “governmental malware” but it had not been approached by a government and therefore nothing had been granted.
To the question on how it would respond, it said it would “not comply with their request” as it “will protect our customers from it” (malware), as users would not want to run a Trojan. So far all good, and great that F-Secure have taken a stand on such direct questioning from the Dutch digital rights organisation “Bits of Freedom”.
Finally, Arstechnica reported that Kaspersky was also asked similar questions, and it responded saying its products are designed to detect all malware, regardless of who creates it. “We have a very simple and straightforward policy as it relates to the detection of malware: We detect and remediate any malware attack, regardless of its origin or purpose. There is no such thing as “right” or “wrong” malware for us,” it said in its statement.
With technology companies getting bad rap for surrendering to government demands and doing this when it even appears to be unknown, it is nice to know those in the security sector are prepared to stand their ground for user privacy. Or perhaps it is the case that they haven’t detected what is leaving via the backdoor just yet.
In other news, it was reported that the dark website Silk Road is back online in a new version. After the original site was closed last month, this apparent new version is a stripped down version at best and troll-heavy on its forums with approval-only registrations. If such a site were able to take off under such heavy media and law enforcement scrutiny then it would be rather impressive, and as a result I expect this replication will not last long.
Finally it was a case of a whistle-blowing website reporting on a whistle-blower by a seeming new whistle-blower, as a
statement emerged from Wikileaks on the state of Edward Snowden. Journalist Sarah Harrison issued the piece saying she had spent four months with the former NSA contractor since he left Hong Kong seeking asylum and until his arrival in Russia.
statement emerged from Wikileaks on the state of Edward Snowden. Journalist Sarah Harrison issued the piece saying she had spent four months with the former NSA contractor since he left Hong Kong seeking asylum and until his arrival in Russia.
She claimed he was “currently safe in Russia”, but called on support for other whistle-blowers and sources too, and that “when whistleblowers come forward we need to fight for them, so others will be encouraged”. The future is rocky for Snowden and while brave, Harrison has made herself a target by aligning herself. She raised valid points about surveillance and freedom of the press, and what we have proved here is that the security sector is doing its bit.
