
Econonomist, Richard Wolff, summarizes how the American class-based system functions
Watch Here
Econonomist, Richard Wolff, summarizes how the American class-based system functions
Watch Here
While most of the focus of Tuesday night’s primaries was on the battle for the White House, something extraordinary occurred in two local elections. Both Chicago’s Cook County State’s Attorney Anita Alvarez and Timothy McGinty, the Cuyahoga Prosecuting Attorney in Ohio, lost their bids for re-election.
In Alvarez’s case, it was a blow-out – she lost to her opponent almost 2-1.
As the so-called “top cops” in their respective jurisdictions, Alvarez and McGinty made key prosecutorial decisions in the controversial killings of unarmed African Americans by police officers. For Alvarez, it was the death of Laquan McDonald, shot 16 times by former officer Jason Van Dyke in 2014. In Cleveland, McGinty recommended that a grand jury not charge the officers who shot and killed 12-year-old Tamir Rice in a public park.
These are not the first prosecutors who recently failed to secure another term on name recognition and a “tough on crime” platform as the need for criminal justice reform gathers steam across the country. But they are the first ones to have faced off directly against the Black Lives Matter movement and lost.
“Black youth kicked Anita Alvarez out of office,” the Chicago activist group Assata’s Daughters wrote in a triumphant statement last night. “Just a month ago, Anita Alvarez was winning in the polls. Communities who refuse to be killed and jailed and abused without any chance at justice refused to allow that to happen.
“We did this for Laquan.”
According to the widely disseminated original account of the shooting of Laquan McDonald, the teenager had lunged at officers with a knife when he was shot. But dash camera footage of the incident – which was obtained by local journalists – showed he was moving away from police when Van Dyke opened fire, striking the 17 year old multiple times as he lay on the ground.
Though Alvarez ultimately charged Van Dyke with first-degree murder, she did it more than a year later, just before the camera footage was to be made public by a judge’s order. The timing gave the distinct impression that a cover-up had barely been averted, and that Alvarez was more interested in protecting the jobs of officers than she was in justice.
Alvarez ignored calls for her resignation and always maintained that she waited more than 400 days because she believed that a federal investigation needed to be completed before charges were brought against Van Dyke.
“I don’t believe any mistakes were made,” she insisted during the campaign.
A coalition of activists – members of Black Youth Project 100, Assata’s Daughters and Black Lives Matter Chicago – did not endorse Alvarez’s challenger, Kim Foxx. Instead they joined forces to oppose Alvarez.
Their protest and canvassing efforts culminated in the hashtag campaign #ByeAnita, words which could be seen fluttering on a huge banner trailing behind an airplane flying over downtown Chicago on election day. Alvarez started the day with a lead in the polls, but without key endorsements from former allies and the local media.
In the Rice case, McGinty encouraged a grand jury not to charge the two officers who opened fire on Rice after less than two seconds on the scene. After they obliged, McGinty said evidence showed it was indisputable that Rice was reaching to pull out his pellet gun when he was shot, despite differing expert testimony.
This was seen as a knee-jerk response to protect police, and Black Lives Matter Cleveland showed up with members of Rice’s family to picket McGinty’s home during the campaign. As Cleveland Scene editor in chief Vince Grzegorek sees it, nothing but public outrage can explain McGinty’s fall.
“It’s hard not to see the vote as anything but a referendum on McGinty’s handling of Tamir Rice and other police use-of-force cases,” he wrote in an email to BBC News.
The Black Lives Matter movement has been criticised for its lack of focus, aversion to a hierarchical structure, and inability to translate rage from street protests into tangible political goals. They have not coalesced behind a presidential candidate, and have disrupted both Democrats Bernie Sanders and Hillary Clinton at campaign events.
Aislinn Pulley, cofounder of Black Lives Matter Chicago, declined a recent invitation to the White House, deriding it as a “photo opportunity”. For those reasons, the movement has often been dismissed as an aimless and empty social media campaign.
But last night’s results answered those criticisms with definitive proof of the movement’s real political clout. The fact that the focus has shifted from police officers to prosecutors is significant, and these races prove that activists’ message resonates with voters. Prosecutors and politicians are now on alert – ignore their concerns at your own professional peril.
“For an evolving movement – youth-driven – to discover that it has this sort of electoral power, I can’t predict what will flow from that,” says Jamie Kalven, founder of the Invisible Institute, a non-profit journalism outfit on the south side of Chicago. “It’s really something.”
Where this newly discovered political might goes next remains to be seen. Chicago Mayor Rahm Emanuel, who like Alvarez denied that he was slow to act or that he was part of a cover-up, has already survived a re-election campaign – one that took place before the tape’s release and just days before the city settled a civil lawsuit brought by McDonald’s family. He’s been called “political poison” by the Chicago Tribune – Sanders tried to hurt Clinton in the Illinois primary by pointing out her ties to Emanuel.
“I’m quite sure he would concede the point that if he were on the ballot yesterday he would have been voted out emphatically,” says Kalven.
The morning after the primaries, another prosecutor – this one in Minneapolis, Minnesota – announced that he would not use a grand jury in order to decide whether to charge two officers in the shooting death of Jamar Clark in late 2015. Local Black Lives Matter activists celebrated the decision as a victory for transparency, proving once again that the movement now has prosecutors’ attention.
The new generation of prosecutors will not have a moment to rest easy. Michael O’Malley, McGinty’s successor, has demurred when asked how he would have handled the Rice case differently. Likewise, a vote for Foxx was really a vote against Alvarez, as Assata’s Daughters pointed out in their statement.
“We won’t stop until we’re free and Kim Foxx should know that as well,” they wrote.
http://www.bbc.com/news/world-us-canada-35817890
Philip Zimbardo explains what conditions lead good people to behave badly by sharing insights and photos from the Abu Ghraib trials. He also discusses the flip side: how easy it is to behave heroically, and how we can rise to the challenge.
November 6, 2015 | 7:15 am
An information and intelligence shift has emerged in America’s national security state over the last two decades, and that change has been reflected in the country’s educational institutions as they have become increasingly tied to the military, intelligence, and law enforcement worlds. This is why VICE News has analyzed and ranked the 100 most militarized universities in America.
Initially, we hesitated to use the term militarized to describe these schools. The term was not meant to simply evoke robust campus police forces or ROTC drills held on a campus quad. It was also a measure of university labs funded by US intelligence agencies, administrators with strong ties to those same agencies, and, most importantly, the educational backgrounds of the approximately 1.4 million people who hold Top Secret clearance in the United States.
But ultimately, we came to believe that no term sums up all of those elements better than militarized. Today’s national security state includes a growing cadre of technicians and security professionals who sit at computers and manage vast amounts of data; they far outnumber conventional soldiers and spies. And as the skills demanded from these digital warriors have evolved, higher education has evolved with them.
The 100 schools named in the VICE News rankings produce the greatest number of students who are employed by the Intelligence Community (IC), have the closest relationships with the national security state, and profit the most from American war-waging.
National security-related degree programs cater not just to new technologies and education needs, but also to the careers of a regimented workforce, offering distance learning, flexible credits, and easy transfers to accommodate frequent deployments, assignment changes, and shift work.
Four categories of institutions of higher education dominate the VICE News list of the 100 most militarized universities in America: schools whose students attain their degrees predominantly online; schools that are heavily involved in research and development for defense, intelligence, and security clients; schools in the Washington, DC area; and schools that are newly focused on homeland security.
Twenty of the top 100 schools that instruct people working in intelligence agencies, the military, and the worlds of law enforcement and homeland security — including their private contractor counterparts — are effectively online diploma mills. Twelve are for-profit companies; several didn’t exist before 9/11. The schools have become so important that two of them, American Military University (No. 2) and the University of Phoenix (No. 3), rank near the top of the list based on the sheer number of their graduates working in the Top Secret world.
Seventeen of the 100 top schools are in the Washington, DC area, reflecting the concentration of all things national security around the nation’s capital. The University of Maryland handily outranks all other schools at number one, while Georgetown University (No. 10), George Washington University (No. 4), and American University (No. 20) — all considered among the country’s 10 best schools for the study of international relations — rank among the top 25 most militarized schools. But post-9/11 growth in homeland security and a high demand for cyber training boost schools as diverse as George Mason (No. 5), Northern Virginia Community College (No. 16), and Strayer University (No. 8), a predominantly online school headquartered in Herndon, Virginia.
Seventeen powerhouse research universities traditionally supporting the oft-cited military-industrial complex rank in the top 100, including Johns Hopkins (No. 7), Penn State (No. 15), Georgia Tech (No. 26), and the Massachusetts Institute of Technology (No. 47). Ten of these schools account for $2.05 billion in national security research and development funding, which is two-thirds of the approximately $3 billion VICE News calculates the federal government gave to the top 100 schools last year. Yet rather than traditional weapons systems, what these schools mostly research — often in classified laboratories — is intelligence technologies, cyber security, and big data analytics, challenging the common view of what militarization means.
More than 250 schools now offer certificates and degrees in homeland security, a relatively new discipline combining emergency management, physical security, and information security. Meanwhile, intelligence courses are a growing prerequisite for criminology and law enforcement education, a transformation reaching beyond federal agencies into local police. With new programs and increasing government and private sector funding, the top homeland security schools include Texas A&M (No. 14), Louisiana State (No. 96), Duke (No. 66), the University of Minnesota (No. 76), and Rutgers (No. 73).
The rankings rely on a unique dataset of more than 90,000 individuals who have worked in and around the IC since 9/11. The sample represents approximately 6 percent of all the people in the US with a Top Secret clearance, and includes military and law enforcement personnel, government civilian employees, and contractors at the federal, state, and local levels.
The rankings were initially calculated based on how many people in the IC had degrees and certificates from each school, then adjusted using 51 additional factors, running the gamut from federal funding amounts to a designation as an Intelligence Community Center of Academic Excellence to participation in federal domestic security task forces.
The affiliations revealed in the resumes of Top Secret workers offer unprecedented insight into the make-up of the national security state. Many of the schools that rank in the top 100 are virtually unknown outside government — schools like Cochise College (No. 6), Excelsior College (No. 13), and Central Texas College (No. 18). Each of these institutions tend to serve a specific constituency: military intelligence at Cochise, Army personnel at Central Texas College, and law enforcement at the predominantly online Excelsior, headquartered in Albany, New York.
Only three traditionally conservative schools (as determined by outside rankings), Texas A&M (No. 14), Liberty University (No. 42) and Brigham Young University (No. 84), are in the top 100, indicating that conservative social or political ideology plays little role in how schools are militarized.
Several elite schools on the list — such as Harvard (No. 32), Duke (No. 66), Stanford (No. 60), Northwestern (No. 80), and Cornell (53) — rank highly because of federal funding and specialized graduate programs. Harvard, for example, boasts a massive executive education program geared toward mid-career and senior federal employees; few Harvard-affiliated Top Secret workers obtained a bachelor’s degree at the school. That trend is repeated at other elite schools. In fact, of the top 100 ranked liberal arts colleges in America, none appear on our list of the nation’s 100 most militarized institutions.
The 20 predominately online schools on our list are akin to defense and intelligence contractors. The post-9/11 government expansion in national security and law enforcement increased the availability of tuition assistance and benefits for veterans and soldiers. For-profits have received the largest share of military education benefits, amounting to roughly 42 percent of post-GI Bill benefits between 2013 and 2014 and half of Department of Defense Tuition Assistance benefits.
In general, there are a wide range of reasons why schools end up ranking on our list. The business school at Villanova University (No. 22) educates a large number of managers and contract administrators for the classified black budget, a phenomenon only identifiable when looking at the resumes of hundreds of its graduates. West Virginia University (No. 72) is the lead academic partner of the FBI and the military for the study of biometrics, and is located near intelligence centers established after 9/11 that specialize in “identity intelligence.” The University of Central Florida (No. 50), a simulations research and curriculum specialist, is located near an Orlando-based federal training cluster and consortium that focuses on everything from war gaming to immersive training environments of the future.
A half-dozen schools in the top 100 had national security degree programs throughout the Cold War: George Washington University (No. 4), Johns Hopkins (No. 7), Georgetown (No. 10), Harvard (No. 32), MIT (No. 47), the University of Denver (No. 93), and Missouri State University (No. 95), formerly known as Southwest Missouri State. These schools continue to be well represented in the broader national security community, though national security credentials from those schools are less common in Top Secret workers minted after 9/11.
Strategic and intelligence studies programs that emerged after 9/11 at two universities are also prevalent in the educational backgrounds of the national security workforce: Duke (No. 66) and Mercyhurst University (No. 88). But fewer than 400 people out of 90,000 contained in our dataset have actual degrees in national security studies. Less than 5 percent of the total dataset have majors or advanced degrees in political science. International relations appears even less frequently, at 2 percent of the overall workforce.
Fewer than 100 people have graduate degrees in Middle Eastern studies. Less than 1 percent (fewer than 1,000 people) describe themselves as Arabic linguists. Of those, 60 percent are contractors, predominantly Arab-American citizens working for private companies under contract with national security–related agencies.
The Most Common Academic Concentrations in Top Secret Workers
1. Information Systems and Technology
2. Information Technology
3. Systems Engineering
4. Business Administration
5. Criminal Justice and Criminology
6. Computer Science
7. Political Science
8. Electrical Engineering
9. General Studies
10. Mechanical Engineering
Of the 10 most common academic concentrations present in the data, information systems, management, and systems engineering rank highest. Emergency management and disaster preparedness, which once fell under the rubric of public administration or urban and regional planning, is now largely subsumed under homeland security education alongside counter-terrorism. Degrees in intelligence-related criminal justice studies account for twice as many degrees as those in political science and international relations combined, even among military personnel.
Based on the most recent data for 2013, twenty-seven percent of those employed in the IC are civil service workers, that is, regular competitive civilian employees of the US government. Another 54 percent are military personnel, working directly for military intelligence agencies or seconded to other agencies. And 18 percent are private contractors — largely workers who were formerly members of the first two groups.
A frenzy of hiring following 9/11 after years of relative stagnation in the 1990s left the IC “dominated by senior and junior personnel, with shortfalls in the midcareer workforce,” according to a 2013 Rand Corporation study entitled Workforce Planning in the Intelligence Community. That frenzy brought in an enormous influx of junior personnel, overwhelming the formal training establishment at a time when the demand for non-traditional training shifted educational needs from military arts and sciences to information skills.
The world of drones, networks, geographic information systems, and big data were emerging and demanding new skill sets. Tens of thousands of analysts were needed to operate software-intensive intelligence systems. Much of their certification was simply outsourced to the schools on our list.
Outside of the military and intelligence communities, the situation was even more challenging. The new Department of Homeland Security (DHS) was created; in fact, more security personnel were hired by the DHS’s Transportation Security Administration in the first five years of its existence than the entire CIA, NSA, and State Department together employed. Online programs flourished, but skills training took over from any reliance on a liberal arts education.
On-the-job training has also influenced the educational styles of higher education institutions serving this constituency. They rely on more hands-on training and more college credits granted for experiential skills. Whether education quality has been sacrificed remains an open question, but there is no disputing that different types of workers and schooling has emerged, and that in the IC during the information era, education has often been overtaken by training.
As early as 2007, a crisis in national security education and training was already being observed. The Senate Select Committee on Intelligence reported its concerns about the uncontrolled growth and significant shortcomings in the composition and skills of the Top Secret workforce as part of its unclassified report on the classified budget. Inadequate lead times in hiring practices, the excessive use of contractors, ineffective training, and the absence of language proficiency were just some of the deficiencies they identified.
The IC and its law enforcement counterpart is consumed with acquiring an ever-increasing flood of information — like targeting and biographical data — and then processing it, moving it, analyzing it, storing it, and networking it for later retrieval. The system to do so has grown so complex that the quest to develop significant regional or cultural expertise about the lands or peoples whom we are fighting has fallen by the wayside. The education backgrounds and the areas of academic concentration show that the national security community has transformed into an information age army more consequential than traditional warriors.
The gloomy result is that the academy (and by extension the philanthropic world) has failed to establish a post-9/11 academic program to cultivate the next generation of scholars who can offer a genuinely civilian counter-narrative to the national security state similar to the civilian arms control community created during the Cold War. Even at the most elite schools that rank in the top 100, the many centers and research institutes focusing on warfare and terrorism are predominantly adjuncts of the national security state.
The IC has also become more isolated and self-perpetuating. This phenomenon is evidenced by two categories of schools that dominate the rankings: Firstly, the set of 20 online universities that subsist as the quasi-outsourced training establishment for the military and homeland security, subsidized largely by the departments of Defense and Veterans Affairs. Second, the set of 17 Washington, DC-area schools that provide certification and post-undergraduate professional training for the inside-the-Beltway crowd.
According to the Chronicle of Higher Education, veterans brought more than $19.5 billion to colleges and universities through the GI Bill from August 2009 to September 2014. Nearly $8 billion of that went to for-profit colleges, according to data from the Department of Veterans Affairs.
It has been 14 years since 9/11, but many of the national security alliances now in place with higher education institutions have emerged in the past three years. Classified research on campuses, once highly controversial, is making a comeback. College and university administrators and campus police are increasingly being enlisted in homeland security, counter-terrorism, and counter-intelligence.
Internally since 9/11, the government has initiated an abundance of programs to improve institutional understanding of the cultures and languages in the regions where we are fighting: The Pentagon has created a program of “Afghan-Pakistan (AFPAK) hands” specializing in mentoring and training. The military has developed female engagement teams to work in the Muslim world, specifically in Afghanistan. The Army lauded its human terrain system, enlisting social scientists in network analysis and (disastrously) in interrogations. In government, there have also been reorganizations galore to face the challenges of national and international security, from the creation of DHS to the establishment of the military’s US Africa Command.
Yet there is no indicator of any significant advance in foreign language expertise or regional specialty, or indeed of any greater capacity to understand or think critically about the state of domestic or international affairs. The international order is no more stable today than it was a decade and a half ago. The homeland is not safer. The threats, both internationally and domestically, are ever increasing despite all of these efforts.
An overwhelming avalanche of intelligence information, a looming threat to cyber security, the echo chamber of Washington, DC, the outsourcing of basic training to educational contractors — these are the realities of the national security state that are exerting a tremendous influence on higher education in America. As a result, what is too often being taught at these schools is not the art of war or peace, nor the capacity to understand the costs or benefits of either.
Follow William M. Arkin (william.arkin@vice.com) on Twitter: @warkin
Follow Alexa O’Brien (email@alexaobrien.com) on Twitter: @carwinb
Bernie Sanders has a consistent thirty year track record of advocating for social justice and economic empowerment of the middle and working classes…..
Camden Civil Rights Project supports Sanders’ racial justice, women’s rights, LGBT equality, single payer healthcare, tuition free higher education, minimum living wage and corporate reform proposals
The American people must make a fundamental decision. Do we continue the 40-year decline of our middle class and the growing gap between the very rich and everyone else, or do we fight for a progressive economic agenda that creates jobs, raises wages, protects the environment and provides health care for all? Are we prepared to take on the enormous economic and political power of the billionaire class, or do we continue to slide into economic and political oligarchy? These are the most important questions of our time, and how we answer them will determine the future of our country.
IT’S TIME TO MAKE COLLEGE TUITION FREE AND DEBT FREE
GETTING BIG MONEY OUT OF POLITICS AND RESTORING DEMOCRACY
COMBATING CLIMATE CHANGE TO SAVE THE PLANET
A FAIR AND HUMANE IMMIGRATION POLICY
FIGHTING FOR DISABILITY RIGHTS
STRENGTHEN AND EXPAND SOCIAL SECURITY
FIGHTING TO LOWER PRESCRIPTION DRUG PRICES
WAR SHOULD BE THE LAST OPTION: WHY I SUPPORT THE IRAN DEAL
REAL TAX REFORM POLICIES THAT SEN. SANDERS HAS PROPOSED
HOW BERNIE PAYS FOR HIS PROPOSALS
Former adult actress says extreme scenes are harming amateur actresses
A retired adult film star has warned the growing appetite for ‘abuse’ porn is damaging amateur female performers, who are expected to take part in increasingly extreme scenes.
Lisa Ann left the industry in 2014 and now hosts a Fantasy Football show on Sirius XM radio. Unlike most performers whose careers within the industry often span just months or a few years, Ann appeared in adult films for two decades and has witnessed the industry’s trajectory towards more hardcore films.
Speaking to The Guardian, she claimed the difficulties some actresses face after leaving the adult industry often relate to the growing demand for extreme porn, and performers abusing drugs.
“There were times on set with people where I was like, ‘This is not a good situation. This is not safe. This girl is out of her mind and we’re not sure what she’s going to say when she leaves here,’” she said. “Everyone’s a ticking time bomb, and a lot of it is linked to the drugs. A lot of this new pain comes from these new girls who have to do these abusive scenes, because that does break you down as a woman.”
The demand for abuse scenes was addressed in the documentaryHot Girls Wanted, which included disturbing footage from a scene constructed to make a sex act appear forced on a female performer.
In an industry where pay rates have continuously declined, extreme acts also pay more, with the most radical commanding up to $2,500 per scene.
Rashida Jones, a producer on Hot Girls Wanted, described the cycle young women face when they start making amateur porn that she says encourages them to participate in more extreme scenes during an interview with Vice.
“Generally if you’re 18 and go to Miami, you’re done in a year, because there’s not enough amateur jobs for you. You can get some other jobs, but the niche stuff pays more, and the niche stuff is harder on your body,” she said.
“The pay can be $800, $1000 a shoot, but they still have to pay for hair and nails and make-up and travel and clothes – plus, they’re trying to live in a lavish way, so it ends up not being cost-effective. It’s not worth it.
“Then you have to make further negotiations with yourself, like, ‘Will I do torture porn? Will I do fetish porn? Will I do […] forced blowjobs?’ and things that you never expected to do.”
In 2010, a study conducted by Adult Video News reportedly found most of the scenes from 50 top-rented porn films involved the female performer appearing to be physically or verbally abused.
Rashida Jones has spoken out against the “pornification” of culture, arguing that young women are exploited by the industry as it makes them believe the work is glamorous.
Speaking to Vice, Jones explained: “I have no problem with porn – also, it doesn’t matter if I have any kind of problem with porn, because it’s here to stay.
“I personally have no problem with porn as adult entertainment. I think it’s great that we have the freedom to explore our sexual fantasies, and that there’s tools to do that. The problem with me is that there’s no regulation in the industry – the average age someone watches their first porn is 11.
“For someone to learn about sex from porn, I think is really dangerous, and I think it happens a lot.”
Jones has spoken out in the past against the pop culture climate for extreme sexualisation, and described it as: “Here is the bottom of my ass”.
She has previously spoken out against the industry, saying that “because [porn is] performative, women aren’t feeling joy.”
Her documentary Hot Girls Wanted examines how young women are lured into working in pornography with the promise of being famous, only to end up in cities such as Miami expected to make “amateur porn”.
Jones explains that this genre – which is still fully scripted and operated like a regular film – focuses on plots that are “sort of like catching young, innocent girls off guard”.
She explains: “Generally if you’re 18 and go to Miami, you’re done in a year, because there’s not enough amateur jobs for you. You can get some other jobs, but the niche stuff pays more, and the niche stuff is harder on your body. The pay can be $800, $1000 a shoot, but they still have to pay for hair and nails and make-up and travel and clothes – plus, they’re trying to live in a lavish way, so it ends up not being cost-effective. It’s not worth it.”
Jones argues that the struggle for cash means women end up doing more extreme stuff.
The Parks and Recreation actor adds that her experience while making the documentary shows that the women who make this type of porn have generally only just turned 18 and may not understand the impact of the work.
“[There’s the] psychological, emotional, physiological – the physical cost of having sex for a living. [You’re] thinking about the fame part of it, so you might not be the best candidate to make a decision for yourself.”
Liz Curran of anti-violence charity Women’s Support Project argues that pornography is inherently harmful and there’s no way women can gain respect from it.
She told The Independent: “In a society where we want young women to be equal – accepting porn undermines the equality and independence of these young women.
“Women who need any support after commercial sexual exploitation should get in touch with the Object campaign or UK Feminista and they will put you in touch with the right people.”
Curran argued that “healthy relationships based on respect and consent is such a contrast to pornography.”
Think you do enough to secure your passwords, browsing, and networking? Prove it.
Not all computer security is about tin foil hats and anonymous browsing. Everyone who uses a computer has a horse in the security race. For the purpose of this post, we’re breaking down online security into four essential parts: passwords, browsers, at-home Wi-Fi and networking, and browsing on public Wi-Fi. Within those categories we’ll give you a checklist of everything you should do, from the bare minimum to the tin-foil-hat best.
Think you’ve done your due diligence with your security? Jump to any of the four sections below to see how you stack up (and boost your security where you may be lacking):
Password security has been popping upa lotin the news recently, but how much you should care is entirely dependent on what you do online.
Just because you don’t use a lot of online services doesn’t mean you can neglect basic password security. Sure, you don’t need to take any complicated measures, but everyone should at least do a couple things.
That’s the minimum you should do if you want to play it safe and secure with your passwords. But you can do better than that. Let’s step up your game.
If you’re the type to conduct a lot of work online, then you need more complicated security measures. With that in mind, you should do the steps mentioned above, and a few other things.
If you’re doing all of the above, your passwords are about as safe as they can get. Nice work, and stay vigilant!
With all your passwords in check it’s time to ensure your browsing is both secure and private. Of course, many people don’t care about privacy, but security—even after your passwords are in order—is still important.
Password security is just part of the battle. You also want to make sure your browser is secure. This is what everyone should be doing:
The basics of browser security are great for most people, but if you want to keep advertisers and The Man off your back, you need to take a few more measures.
We know that pretty much everyone is tracking your every move on the web. The data collected from your browsing is used for ads, targeted coupons, and plenty more. Let’s put a stop to that.
The above extensions and measures can ensure you have a private and secure browsing experience. But if you really want to keep your browsing away from prying eyes, you have to go anonymous.
Completely anonymous browsing isn’t for everyone, nor is it for every situation. However, it can come in handy when you’re torrenting, when you don’t want to give away your location, and if you just plain don’t like somebody watching over your shoulder. Here’s what you’ll need.
Once your internet data is secure it’s time to secure your data on your home computer. This means backing everything up, and keeping your network safe from prying eyes.
If you don’t use your computer for much more than browsing the web, creating a couple documents, and storing family photos, then you don’t need to do much to keep everything safe.
These are just the basics. If your computer is your livelihood, you need to do a few more things to keep your data secure.
Whether you work from home, or you’re simply on a work computer all day long, keeping your data secure and safe is important. On top of everything above, you also want to add a few more security measures.
The above is more than enough for most people on their home network, but what about when you need to leave the house?
Using public Wi-Fi exposes everything you do online (and your computer itself) to anyone else on the network. We’ve shown you how people sniff out your passwords on public Wi-Fi before, and it’s suprisingly simple. Let’s stop that from happening to you.
Let’s say you occasionally check email on public Wi-Fi when your internet is down or you’re on vacation. You’re always tempting fate when you don’t completely lock down your computer, but here’s the minimum amount of effort you should always do.
Doing these three things will keep most of your data secure when you’re just popping in to quickly check your email. If you’re using free Wi-Fi in a dorm or apartment building, you need a stronger solution.
If you’re on public Wi-Fi a lot, it’s best to really lock down and encrypt your data. In addition to the steps above (particularly turning off file sharing and HTTPS), you can lock out anyone pretty easily.
That’s all you really need to do when you’re on public Wi-Fi to keep your browsing encrypted and safe. However, you can take it another step and go completely anonymous.
Perhaps you really don’t want anyone tracking what you’re doing on a public Wi-Fi network or worse, public computer. This sounds nefarious, but it’s handy for things like checking your bank account on a public computer.
The simplest way to go completely anonymous is with a custom build of Linux called Tails installed on a USB or CD. We’ve walked you through the setup process before and it’s very easy. With Tails you get a custom operating system with built-in anonymous browsing, encryption for email and chat, file encryption, and a ton of software. You can load Tails up on your own computer, or a public one. With Tails, you not only browse without leaving a trace, you also secure everything you do.
Security is important to everyone from the tech illiterate to the tech savvy. The precautions you decide to make are your own choice, but always keep in mind that you security online is just as important (if not more) than the security in your own home.
Researched, compiled and edited by L. Christopher Skufca
With the numerous methods incorporated by malicious hackers, the NSA, the FBI and even local law enforcement agencies to access your private data, Tor is the best alternative for anonymously surfing the internet. Fundamentally, Tor is secure; however, Tor itself can’t guarantee your privacy and security. Additional security measures must be taken to protect your anonymity. The experts at Information Security Stack Exchange provide guidance on best practices for preserving your online anonymity while using Tor.
Tor is free software for enabling anonymous online communication. Tor is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential communication, by keeping their Internet activities from being monitored. Tor protects anonymity by directing Internet traffic through a free, worldwide, volunteer network consisting of more than six thousand relays to conceal a user’s location and usage from anyone conducting network surveillance or traffic analysis. It is legally used by millions worldwide to circumvent censorship and to stay safe from online snooping.
Tor is an acronym for The Onion Router, encryption technology which was developed in the mid-1990s by United States Naval Research Laboratory for the purpose of protecting U.S. intelligence communications online. In 2004, the Naval Research Laboratory released the code for Tor under a free license, and in 2006 a Massachusetts-based 501(c)(3) research-education nonprofit organization called The Tor Project was founded. Its stated purpose is the research and development of online privacy tools.
The routing method utilized by the Tor network disguises your identity by moving traffic across different Tor servers, and encrypting that traffic, making it difficult to trace communications back to the original source. In an onion network, like that used by Tor, electronic data, including the destination IP address, is encapsulated in layers of encryption, analogous to layers of an onion. The encrypted data is then transmitted through a series of network nodes called onion routers, each of which “peels” away a single layer, uncovering the data’s next destination. Each relay decrypts a layer of encryption to reveal only the next relay in the circuit in order to pass the remaining encrypted data on to it. The sender remains anonymous because each intermediary knows only the location of the immediately preceding and following nodes. The final relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing, or even knowing, the source IP address.
Anyone who tries to identify the user would see traffic coming from random nodes on the Tor network, rather than the source computer. Because the routing of the communication is partly concealed at every hop in the Tor circuit, this method eliminates any single point at which the communicating peers can be determined through network surveillance that relies upon knowing its source and destination.
To access the Tor network, you simply need to download the Tor browser. Everything you do in the browser goes through the Tor network and doesn’t need any setup or configuration from you. One drawback of using Tor is that users experience a much more sluggish internet experience since their data is being transferred through multiple relays.
Tor is most useful for concealing internet browsing habits. Used in conjunction with additional security measures Tor can also be useful in protecting the anonymity of your communications with a third party. Tor has been utilized by researchers, journalists, whistleblowers, attorneys and even law enforcement officers hoping to conceal their IP address from detection.
There are several legitimate purposes for wanting to protect your online anonymity. Much of the Tor Project’s funding comes from federal grants issued by agencies, such as the U.S. State Department, that claim a vested interest in supporting safe, anonymous speech for dissidents living under oppressive regimes. It is used by human rights workers, activists, journalists and whistleblowers worldwide. Tor is also a useful tool for legal practitioners seeking to protect privileged attorney client communications and has been used as an effective tool for protecting the anonymity of undercover law enforcement officers and police informants.
However, in the wrong hands, Tor has also been used for more nefarious purposes. Tor’s technology can be utilized to provide anonymity to websites and other servers configured to receive inbound connections which are only accessible by other Tor users. These are called hidden services. Rather than revealing a server’s IP address (and thus its network location), a hidden service is accessed through its onion address. The Tor network understands these addresses and can route data to and from hidden services, even those hosted behind firewalls or network address translators (NAT), while preserving the anonymity of both parties. These hidden service sites create an opening for criminal activity, such as happened with the Silk Road exchange site caught which was shut down for trafficking illicit drugs. Tor’s hosting capabilities have also served as platforms for child pornography and illegal arms trading.
Anonymity is not the same as security. While it is difficult to hack the encryption of the Tor network, a network is only as secure as the technology used to access the network.
Exploiting Applications
In a 2012 child pornography sting, the FBI utilized a hacking tool created by Metasploit called a “Decloaking Engine” to infect the servers of three different hidden Tor sites, which would then target anyone who happened to access them. The network investigative technique (NIT) used a Flash application that would ping a user’s real IP address back to an FBI controlled server, rather than routing their traffic through the Tor network and protecting their identity.
Again, in June 2013, network security analyst, Professor Alan Woodward of University of Surrey, highlighted the danger of using JavaScript and other add-in applications:
“Be aware, a browser’s JavaScript engine, plug-ins like Adobe Flash, external applications like Adobe Reader or even a video player could all potentially “leak” your real IP address to a website that tries to acquire it. The Tor browser bundle has JavaScript disabled by default and plug-ins can’t run. If you try to download and open a file on another application the browser will warn you. However, anyone who has spent any time browsing the web knows that there is a great temptation to install add-ins or enable JavaScript in order to access content. Don’t succumb to the temptation if you are serious about remaining anonymous.”
Woodward’s warning proved to be timely; in August 2013, the FBI was able to exploit a security flaw in the modified Firefox 17 browser included with the Tor Browser Bundle, a collection of programs designed to make it easy for people to install and use the software. Representatives of Tor responded to the breach with the following statement:
“From what is known so far, the breach was used to configure the server in a way that it injects some sort of javascript exploit in the Web pages delivered to users. This exploit is used to load a malware payload to infect user’s computers. The malware payload could be trying to exploit potential bugs in Firefox 17 ESR [extended support release], on which our Tor Browser is based. We’re investigating these bugs and will fix them if we can.”
The good news is that they went for a browser exploit, meaning there’s no indication they can break the Tor protocol or do traffic analysis on the Tor network. Infecting the laptop, phone, or desktop is still the easiest way to learn about the human behind the keyboard.
Tor still helps here: you can target individuals with browser exploits, but if you attack too many users, somebody’s going to notice. So even if the NSA aims to surveil everyone, everywhere, they have to be a lot more selective about which Tor users they spy on.
Two months later, in October 2013, The Guardian released an NSA presentation, provided by whistleblower Edward Snowden, revealing an NSA program targeting Tor users by exploiting the Tor browser bundle. The NSA attacks were designed to identify Tor users and the hidden sites they visited.
As The Guardian reported, this type of “man-on-the-side” style attack on Tor users cannot be pulled off by just anyone because it requires the assistance of internet service providers (ISP’s):
“(man-on-the-side attacks) are hard for any organization other than the NSA to reliably execute, because they require the attacker to have a privileged position on the internet backbone, and exploit a “race condition” between the NSA server and the legitimate website. This top-secret NSA diagram, made public last month, shows a Quantum server impersonating Google in this type of attack…
According to a top-secret operational management procedures manual provided by Snowden, once a target is successfully exploited it is infected with one of several payloads. Two basic payloads mentioned in the manual, are designed to collect configuration and location information from the target computer so an analyst can determine how to further infect the computer.
These decisions are made in part by the technical sophistication of the target and the security software installed on the target computer; called Personal Security Products or PSP, in the manual.”
Motherboard points to a 2013 FBI sting which utilized this method:
The FBI’s big child porn bust this summer also raised some suspicion from privacy advocates over how easy it is for the Feds to infiltrate Tor. The FBI managed to crack the anonymous network by injecting malware into the browser, in order to identify what it called “the “largest child porn facilitator on the planet.” In the process, the malware revealed the IP addresses of hundreds of users.
On January 05, 2016, Motherboard reported that the FBI conducted a network attack which targeted over a thousand computers and was was able to deanonymize visitors to a Tor hidden site called Playpen, allegedly one of the largest sites hosting child pornography on the Darkweb. According to the article, “the FBI ran Playpen from its own servers in Newington, Virginia, from February 20 to March 4,” during which time, “the FBI deployed what is known as a network investigative technique (NIT), the agency’s term for a hacking tool.” According to the complaint filed by the FBI, “approximately 1300 true internet protocol (IP) addresses were identified during this time.”
Tor explicitly warns against installing or enabling browser plugins. The Tor Browser is configured to block browser plugins such as Flash, RealPlayer, and Quicktime, because they can be manipulated into revealing your IP address. Therefore, Tor does not recommend installing additional addons or plugins into their Browser, as these may harm your anonymity and privacy by bypassing network protocols.
End Node Decryption
Tor has a known weakness: The last node through which traffic passes in the network has to decrypt the communication before delivering it to its final destination. Someone operating that node can see the communication passing through this server.
In 2007, Swedish security researcher, Dan Egerstad was able to intercept passwords and email messages from government agencies by running Tor exit nodes. According to Egerstad, many who use Tor mistakenly believe it is an end-to-end encryption tool. As a result, they aren’t taking the precautions they need to take to protect their web activity. University of Surrey professor, Alan Woodward, cautions that Tor volunteers are anonymous and therefore, users “do not choose which exit node you use so you cannot guarantee who it is that is actually running that node.” Woodward also remarked that Tor’s random routing between nodes makes it unlikely that anyone could target a specific individual in this way, unless they run a large proportion of the Tor nodes that are out there. Taking additional steps to encrypt data could also mitigate this risk.
Study on Traffic Correlation Attacks
In August 2013, Tor accounts increased by over 100%, leading many to suspect that Edward Snowden’s June 2013 revelations of the vast NSA surveillance program had led more internet users to protect their privacy. However, the sudden uptick in Tor users may be better explained by a joint research project designed to identify the effectiveness of these type of end node relay attacks.
In November of 2013, the US Naval Research Laboratory and Georgetown University in Washington, D.C. issued a joint report entitled “Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries.” The report focuses on traffic correlation attacks against Tor users, by network adversaries, such as such as corporations, intelligence and law enforcement agencies, or governments.
A network adversary is a network operator with ample network resources to observe a large portion of the underlying network over which Tor traffic is transported through controlling one or more autonomous systems or internet exchange points. Within the Internet, an autonomous system (AS) is a collection of connected Internet Protocol (IP) routing prefixes under the control of one or more network operators on behalf of a single administrative entity or domain that presents a common, clearly defined routing policy to the Internet. An Internet exchange point (IXP) is a physical infrastructure through which Internet service providers (ISPs) and Content Delivery Networks (CDNs) exchange Internet traffic between their networks (autonomous systems or ASes).
In layman’s terms, the study found that the more entrance and exit nodes a network adversary is capable of controlling, either through Tor exit relays or the destination servers themselves, the greater the probability the targeted communications will pass through a resource controlled by the attacker, exposing a Tor user (and their communications) to identification.
According to the report, “A network adversary leverages their position as a carrier of network traffic to correlate Tor traffic streams that cross their network at some point between the client and guard and exit and destination pairs.” As the researchers remark, “Tor does not currently implement any protection against adversaries who operate ASes or IXPs.”
In traffic correlation attacks, an adversary has the bandwidth capacity to run voluminous relays in the Tor network in order to deanonymize an individual user. The researchers report:
“Onion routing is vulnerable to an adversary who can monitor a user’s traffic as it enters and leaves the anonymity network; correlating that traffic using traffic analysis links the observed sender and receiver of the communication. Øverlier and Syverson first demonstrated the practicality of the attack in the context of discovering Tor Hidden Servers. Later work by Murdoch and Danezis show that traffic correlation attacks can be done quite efficiently against Tor.”
Since network adversaries can monitor entrance and exit traffic on any of the routers they control, the more points within their control, the greater their ability to expose a Tor users’ identity. Researchers found that, “sending many streams over Tor induces higher rates of circuit creation, increasing the number of chances the adversary has to compromise one. Alternatively, the specific destination addresses and ports that users connect to affect the probability a malicious exit is chosen because allowed exit policies differ from relay to relay.”
This is important because information travels through the encrypted layers of the Tor network through Internet Exchange Points (IXPs) or autonomous systems (ASes) that control multiple routers, such as ISPs. Since attackers can theoretically see exit or entrance traffic on any of the routers they control, logically, the more points of control, the faster and easier it is to expose a Tor users’ identity. As Meghan Neal at Motherboard points out, “Hypothetically, a state-sponsored cyberattacker could control all of the routers in the country.” Therefore, US intelligence agencies which have innumerable routers at their disposal would have a tremendous advantage in deanonymizing users and tracking their communications across the Tor network.
The Tor Project, itself, openly acknowledges:
“Just using Tor isn’t enough to keep you safe in all cases. Browser exploits, large-scale surveillance, and general user security are all challenging topics for the average internet user. These attacks make it clear that we, the broader internet community, need to keep working on better security for browsers and other internet-facing applications.”
Therefore, it is highly recommended that Tor users always take additional security precautions by using an anonymous proxy tool, such as a virtual private network (VPN) and HTTPS encryption whenever possible as added layers of protection.
If you are not already using a VPN or HTTPS, you should be. If a site offers HTTPS, just go to https://www.thewebsite.com instead of just plain old http. To help ensure private encryption to websites, the Tor Browser includes HTTPS Everywhere to force the use of HTTPS encryption with major websites that support it. However, you should still watch the browser URL bar to ensure that websites you provide sensitive information to display a blue or green URL bar button, include https:// in the URL, and display the proper expected name for the website.
Using Tor Could Increase the Possibility that You are Targeted
Edward Snowden revealed in October 2013, the online anonymity Tor network is a high-priority target for the National Security Agency. In support, The Guardian released “Tor Stinks,” an NSA presentation (vintage June 2012) outlining current and proposed strategies for exploiting the network. The work of attacking Tor is done by the NSA’s application vulnerabilities branch, which is part of the systems intelligence directorate, or SID. The majority of NSA employees work in SID, which is tasked with collecting data from communications systems around the world.” Therefore, someone like the NSA or FBI can tell if you’re a Tor user making them more likely to target you.
Furthermore, an NSA document obtained by the Guardian in June 2013, titled Minimization Procedures Used by the National Security Agency in Connection with Acquisitions of Foreign Intelligence, reveals that using online anonymity services such as Tor or sending encrypted e-mail and instant messages are grounds for US-based communications to be retained by the National Security Agency even when they’re inadvertently collected.
Of concern, the NSA Minimization Procedures provide no ascertainable guidelines for protecting against warrantless domestic surveillance. Section 5 clearly reveals domestic communications are being monitored en masse and allows for the collection and dissemination of information relating to “evidence of a crime” to law enforcement agencies, whether or not a warrant has been obtained or an individual is the target of a current investigation. The procedures make no distinction between suspected terrorist or non-terrorist activity, or violent and non-violent offenses.
In August 2013, Reuters reported that law enforcement officers have been instructed to mislead judges and prosecutors by recreating the investigative trail to effectively cover up where the information obtained through NSA surveillance originated. An internal Special Operations Division (SOD) document obtained by Reuters reads: “Remember that the utilization of SOD cannot be revealed or discussed in any investigative function.” The document specifically directs agents to omit the SOD’s involvement from investigative reports, affidavits, discussions with prosecutors and courtroom testimony. Agents are also instructed to use a deceptive technique known as parallel construction to misrepresent that the evidence provided by SOD was collected through “normal investigative techniques.”
Likewise, Section 4, which deals with attorney-client communications, provides scarce safeguards for protecting attorney client privilege. Section 4 specifies that an analyst must cease monitoring communications between a person “known to be indicted in the United States” and their legal representative. However, there is no such protection for suspects who have not yet been indicted and the instruction or for privileged communications in civil or commercial proceedings.
Finally, a 2014 report published by German security researchers revealed the NSA internet database program XKeyscore, contains a piece of source code with rules for automatically capturing information about people who used Tor and privacy-focused operating system Tails. One rule seems to “fingerprint” people who visit the Tor website, as well as people who search for information about Tails or visit places known to have information on it, including the Linux Journal, where anything in the “Linux” category of articles is flagged. Fingerprints are flags that allow NSA agents to identify and track users across the web.
Tor As a Tool for Journalists and Whistleblowers
In 2014, The Guardian launched a secure platform for whistleblowers to confidentially submit sensitive documents to the newspaper’s reporters. According to The Guardian:
The SecureDrop open-source whistleblowing platform provides a way for sources, who can choose to remain anonymous, to submit documents and data while avoiding virtually all of the most common forms of online tracking.
It makes use of well-known anonymising technology such as the Tor network and the Tails operating system, which was used by journalists working on the Snowden files.
The SecureDrop platform was initially developed by the US developer and open source activist, Aaron Swartz, who committed suicide in 2013 after facing criminal prosecution under the Computer Fraud and Abuse Act for downloading mass quantities of academic research articles. To Date, the SecureDrop directory includes such familiar media sources as The Guardian, The Intercept, The New Yorker, The Sun and the Washington Post.
Is Tor Simply a Honeypot Run by U.S. Intelligence and Law Enforcement?
There is a legitimate concern among privacy advocates that Tor may simply be a honeypot for identifying illicit activities due to its historical and financial ties with the U.S. intelligence and law enforcement communities. Onion routing was originally developed in the mid-1990s by United States Naval Research Laboratory for the purpose of protecting U.S. intelligence communications online. Yasha Levine of Panda points out:
“Tor’s original — and current — purpose is to cloak the online identity of government agents and informants while they are in the field: gathering intelligence, setting up sting operations, giving human intelligence assets a way to report back to their handlers — that kind of thing. This information is out there, but it’s not very well known, and it’s certainly not emphasized by those who promote it.”
In addition, Tor’s own website states, “A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently.” The site adds, “Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web logs, and for security during sting operations.”
Furthermore, Tor’s onion routing technology was originally funded by the Office of Naval Research and DARPA. Early development was spearheaded by Paul Syverson, Michael Reed and David Goldschlag — all military mathematicians and computer systems researchers working for the Naval Research Laboratory, located within the Anacostia-Bolling military base in Washington, D.C.
In 2004, the Naval Research Laboratory released the code for onion routing under a free license, and in 2006 a Massachusetts-based 501(c)(3) research-education nonprofit organization called The Tor Project was founded. Since its inception, the vast majority of Tor Project funding has been provided by the Department of Defense and the US State Department:
The question is whether you can trust that a program which originated within the U.S. intelligence community, for use by US intelligence and law enforcement agencies and receives the majority of its funding from the Department of Defense and the State Department is sufficiently independent from these agencies to reasonable protect the privacy and anonymity of dissident journalists, activists and government whistle blowers. Your level of trust is most likely commensurate with the severity of the penalty that exposure would bring about.
For those of you not involved in criminal activity, exposing high level corruption or seeking to disclose state secrets, the following recommendations submitted on an Answers forum for network analysts should suffice in protecting your privacy.
As a very long time Tor user, the most surprising part of the NSA documents for me was how little progress they have made against Tor. Despite its known weaknesses, it’s still the best thing we have, provided it’s used properly and you make no mistakes.
Since you want security of “the greatest degree technically feasible”, I’m going to assume that your threat is a well-funded government with significant visibility or control of the Internet, as it is for many Tor users (despite the warnings that Tor is not sufficient to protect you from such an actor.
Consider whether you truly need this level of protection. If having your activity discovered does not put your life or liberty at risk, then you probably do not need to go to all of this trouble. But if it does, then you absolutely must be vigilant if you wish to remain alive and free.
I won’t repeat Tor Project’s own warnings here, but I will note that they are only a beginning, and are not adequate to protect you from such threats.
To date, the NSA‘s and FBI’s primary attacks on Tor users have been MITM attacks (NSA) and hidden service web server compromises (FBI) which either sent tracking data to the Tor user’s computer, compromised it, or both. Thus you need a reasonably secure system from which you can use Tor and reduce your risk of being tracked or compromised.
Tor contains weaknesses which can only be mitigated through actions in the physical world. An attacker who can view both your local Internet connection, and the connection of the site you are visiting, can use statistical analysis to correlate them.
Many Tor users get caught because they made a mistake, such as posting their real email address in association with their activities. You must avoid this as much as possible, and the only way to do so is with careful mental discipline.
These are big in the news lately, with the recent takedown of at least two high-profile hidden services, Silk Road and Freedom Hosting. The bad news is, hidden services are much weaker than they could or should be. The good news is, the NSA doesn’t seem to have done much with them (though the NSA slides mention a GCHQ program named ONIONBREATH which focuses on hidden services, nothing else is yet known about it).
In addition, since hidden services must often run under someone else’s physical control, they are vulnerable to being compromised via that other party. Thus it’s even more important to protect the anonymity of the service, as once it is compromised in this manner, it’s pretty much game over.
The advice given above is sufficient if you are merely visiting a hidden service. If you need to run a hidden service, do all of the above, and in addition do the following. Note that these tasks require an experienced system administrator; performing them without the relevant experience will be difficult or impossible.
Anonymity is hard. Technology alone, no matter how good it is, will never be enough. It requires a clear mind and careful attention to detail, as well as real-world actions to mitigate weaknesses that cannot be addressed through technology alone. As has been so frequently mentioned, the attackers can be bumbling fools who only have sheer luck to rely on, but you only have to make one mistake to be ruined. We call them “advanced persistent threats” because, in part, they are persistent. They won’t give up, and you must not.