Surveillance Flashcards

1
Q

Controversies

A
  1. Potential for electronic interception - voice, email, online activity
  2. Restrictions on encryption
    - export of strong crypto from USA viewed as security threat
  3. Requirements of statute
    - gov can get access
  4. Presence of global surveillance systems
    - across the world but are they constitutional or necessary
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Interception US

A

Before 1934 widespread interception of phones by gov
In 1934 not allowed for law but could still do it
1968 forbidden in general
1978 separated domestic and foreign surveillance
1986 email and cell phones
2001 restrictions lessened

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Interception CA

A

Similar to US
Law can not arbitrarily listen in 1974
Updated in 1985 for new tech
Wiretapping must be applied for with some specific part of criminal code (food and drugs act, narcotic control act)
Have to present annual reports for filed requests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Lawful access

A

Surveillance can not begin without a warrant so made it the job of ISP to record and store information so it can be accessed after the warrant
Must give this information to law enforcement
But this information can be obtained without requirement of judicial oversight
Also would ISP be required to retain data before request made
Ex) Alberta MLA: illegally searching name and taking pictures
Those against it say harm to privacy far outweighs the challenges faced by investigators

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Email interception

A

When email is collected
-sender typing message, transmission

When email is stored (seizure)
-senders or receivers device, receiver ISP

Different laws based on different interceptions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Surveillance

A

Whole communities
Not interception
Ex) public health surveillance
-not concerned with, data at populations not individuals
Systematic investigation or monitoring of one or more persons
Purpose is to collect information about them, their activities, their associates
Secondary intention to deter population from some activity
Threatens human value of privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Judicial oversight

A

Police swears an affidavit stating there is a reason yo believe surveillance will assist investigation
Judge must be satisfied and grant
Only minister for public safety can apply
1. Methods are extremely intrusive must have good reason
2. Must obtain only information needed
3. Public should know what obtaining and how being used
4. Should be destroyed as soon as possible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Cryptography

A
Hiding data in plain site
Plaintext: original text
Cyphertext: modified unreadable message
Encryption: plain to cypher
Decryption: cypher to plain
Cryptanalysis: circumvent security of crypto algs 
Used by: gov, military, finance, anyone
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Crypto secrecy

A

US gov have attempted to control research and keep it secret
Backdoors might exist, legislation influenced by NSA

NSA builds unbreakable code for US gov and attempts to break other codes
US policy prevent export of strong crypto, eventually eliminated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Encryption policy

A

Law wants to be able to break into safe
Attempt to promote strong crypto but keys given to gov, key escrow, access plaintext, key recovery

CA: Wassenaar arrangement- follow best practices
Takes consideration export practices of other countries when making export permit decisions
Allowed to use any crypto and gov not implement mandatory key recovery or licensing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

SIGINT

A

HUMINT: human intelligence
SIGINT: signals intelligence interception of signals
-extracting, analyzing, researching

CSEC NSA GCHQ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Domestic vs foreign

A

Rights for domestic but anarchy for foreign (only some restrictions)
Two are being blurred and high tech used on both
US 12333- permits collection of information obtained during lawful foreign intelligence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

9/11

A

US patriots act
-45 days after attacks
-authority to surveil phone email bank records
Section 215
-gov can obtain secret FISA court order requiring third parties to hand over records
Warrant canary: forbidden to reveal this but can say past seven days no requests

STELLARWIND
-eavesdropping if at least one end is foreign without warrant

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Edward Snowden

A

Was contractor for technical support side
Got information and contacted Gellman
Found things if they were stored incorrectly in database
50+K documents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. PRISM
A

Agreement with apple google… to secretly allow gov to read data stores
Request and sent to them
Was court approved but FISA court

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. MUSCULAR/ TURMOIL
A

equipment in fibre cables to Uk that would allow to tap in and get data
Google did not know about this

17
Q
  1. XKEYSCORE
A

querying mass amounts of data in NSA

Show info for US citizens as well

18
Q
  1. CO-TRAVELLER
A

position data centres around the world
Can analyze when people are walking together
This would intrude privacy
Quite a few data companies apart this

19
Q
  1. FASCIA / MAINWAY
A

Location metadata through chain graphs to see who connected
Compute two degrees and go from there
Kept data for 5 years so can go back in time

20
Q
  1. STRAWHORSE
A

Modify compiler to allow them to log into that system as any users
iPhones hard to decrypt
Would have compromised many phones to get to a target phone