New report: “The Party’s AI: How China’s New AI Systems are Reshaping Human Rights.” From a summary article: > China is already the world’s largest exporter of AI powered surveillance > technology; new surveillance technologies and platforms developed in China are > also not likely to simply stay there. By exposing the full scope of China’s AI > driven control apparatus, this report presents clear, evidence based insights > for policymakers, civil society, the media and technology companies seeking to > counter the rise of AI enabled repression and human rights violations, and > China’s growing efforts to project that repression beyond its borders...

This chilling paragraph is in a comprehensive Brookings report about the use of tech to deport people from the US: > The administration has also adapted its methods of social media surveillance. > Though agencies like the State Department have gathered millions of handles > and monitored political discussions online, the Trump administration has been > more explicit in who it’s targeting. Secretary of State Marco Rubio announced > a new, zero-tolerance “Catch and Revoke” strategy, which uses AI to monitor > the public speech of foreign nationals and revoke visas...

The NSA and GCHQ have jointly published a history of World War II SIGINT: “Secret Messengers: Disseminating SIGINT in the Second World War.” This is the story of the British SLUs (Special Liaison Units) and the American SSOs (Special Security Officers).

Once you build a surveillance system, you can’t control who will use it: > A hacker working for the Sinaloa drug cartel was able to obtain an FBI > official’s phone records and use Mexico City’s surveillance cameras to help > track and kill the agency’s informants in 2018, according to a new US justice > department report. > > The incident was disclosed in a justice department inspector general’s audit > of the FBI’s efforts to mitigate the effects of “ubiquitous technical > surveillance,” a term used to describe the global proliferation of cameras and > the thriving trade in vast stores of communications, travel, and location > data...

One one my biggest worries about VPNs is the amount of trust users need to place in them, and how opaque most of them are about who owns them and what sorts of data they retain. A new study found that many commercials VPNS are (often surreptitiously) owned by Chinese companies. > It would be hard for U.S. users to avoid the Chinese VPNs. The ownership of > many appeared deliberately opaque, with several concealing their structure > behind layers of offshore shell companies. TTP was able to determine the > Chinese ownership of the 20 VPN apps being offered to Apple’s U.S. users by > piecing together corporate documents from around the world. None of those apps > clearly disclosed their Chinese ownership...

“Fifty Years of Mathematical Cryptanalysis (1937-1987),” by Glenn F. Stahly, was just declassified—with a lot of redactions—by the NSA. I have not read it yet. If you find anything interesting in the document, please tell us about it in the comments.

The UK’s National Cyber Security Centre just released its white paper on “Advanced Cryptography,” which it defines as “cryptographic techniques for processing encrypted data, providing enhanced functionality over and above that provided by traditional cryptography.” It includes things like homomorphic encryption, attribute-based encryption, zero-knowledge proofs, and secure multiparty computation. It’s full of good advice. I especially appreciate this warning: > When deciding whether to use Advanced Cryptography, start with a clear > articulation of the problem, and use that to guide the development of an > appropriate solution. That is, you should not start with an Advanced > Cryptography technique, and then attempt to fit the functionality it provides > to the problem. ...

Citizen Lab has a new report on Paragon’s spyware: > Key Findings: > > * Introducing Paragon Solutions. Paragon Solutions was founded in Israel in > 2019 and sells spyware called Graphite. The company differentiates itself > by claiming it has safeguards to prevent the kinds of spyware abuses that > NSO Group and other vendors are notorious for. > * Infrastructure Analysis of Paragon Spyware. Based on a tip from a > collaborator, we mapped out server infrastructure that we attribute to > Paragon’s Graphite spyware tool. We identified a subset of suspected > Paragon deployments, including in Australia, Canada, Cyprus, Denmark, > Israel, and Singapore. ...