Securing Data, Communications, and Identity with Keybase | Episode 69

Keybase is a small but ambitious company that aims to make cyrpto available and virtually seamless for everyone. Their approach to this problem, a massively challenging one that hasn’t really been cracked to date, has been creative. However, the flexibility and scope of potential applications hasn’t always been obvious as they’ve slowly scaled up from an invitation only directory with basic functionality to the much more robust layer of services and platforms supported today. I have followed the development of Keybase (my profile and proofs) closely and was excited to talk with co-founder Max Krohn about the product, the company’s unique approach, and the potential to apply Keybase’s model to solve problems like we’ve seen recently with the Qatar News Agency hack.

Lockpicking 101 (And Why Your Locks Are Useless) | Episode 47

I recently ran into Daniel Crowley at the BSides San Antonio security conference. He, and other members of Longhorn Lockpicking Club, had several tables covered with what could have easily been two hundred or more locks and they were teaching anyone who wandered by how to pick them. Daniel did such a great job introducing my girlfriend to the hobby that I had to get him on the show.

If you listen to this episode and decide that you want to pick up some skills of your own the following links will serve you well:

Lockpicking is a fascinating and surprisingly accessible hobby if you know where to get started. Give it a shot and let me know what you think.

Government Email Problems, Wikileaks, Russia, Drone Leaks, NASA Security and Other Counterintelligence Nightmares | Episode 20

Covert Contact kicks off again with an admittedly rambling, but hopefully entertaining, start as I review a number of high profile security issues with counterintelligence pro William Tucker. We look at the hack of DCIA John Brennan’s AOL account, Hillary Clinton’s email problems, and then ponder the broader risks associated with the personal accounts of key U.S. officials. And while we’re at it what’s with the curious lack of interest that organizations like Wikileaks have in exposing officials in Russia or North Korea. What’s up with that? Then we move on to drone leaks and drone policy before closing out the show with a look at the almost depressingly terrible security practices exhibited by NASA in the Bo Jiang case. Again, it’s a bit of a ramble but hopefully a fun one.

You can follow William J. Tucker on Twitter and read his guest posts on Blogs of War:

Everybody Spies – and for Good Reason
Hawaii a Priority Target for Foreign Espionage
Would the U.S. Really Kill Edward Snowden?
Snowden’s Snowjob?

Other Covert Contact Episodes Featuring William:
Episode 15: Hillary Clinton’s Email Server: Dissecting the Risks with William Tucker
Episode 12: Counterintelligence: William J. Tucker Breaks Down the Challenges

Encryption as the New Norm: Discussing A Changing Internet with ProtonMail Co-Founder Andy Yen | Episode 19

Over the past couple of weeks I’ve been evaluating ProtonMail. This service is part of a new generation of tools (most inspired by Edward Snowden) developed with the aim of delivering robust encrypted communications and file sharing to the widest possible audience.

Blogs of War readers know that I’m not an Edward Snowden fan, far from it in fact, but I do believe that we have to secure the applications and communication channels that now pervade our lives. Not because I’m worried about the NSA. Frankly I’m far more worried about every other threat. However, I’m also keenly aware of the terrorist and criminal threats we face and why law enforcement agencies and intelligence services (the friendly ones) are deeply concerned about bad actors having the ability to go dark.

There are well-intentioned people on both sides of the privacy debate (see episode 18 with retired FBI agent David Gomez for a law enforcement perspective) and Andy Yen, as a privacy advocate, makes a powerful case for making encrypted communication tools as widely available as possible.

For more from Andy I recommend his TED Talk “Think your email’s private? Think again“.

The Battle Between Encryption and Mass Surveillance with Former FBI Agent David Gomez | Episode 18

I emailed retired FBI agent David Gomez from my new ProtonMail account to propose a podcast about encryption and its effect on mass surveillance from a homeland security and law enforcement perspective. You’re reading this because he immediately accepted.

Encrypted communication has been available to consumers for decades but new tools are arriving that are actually making it an accessible and realistic option for the majority of users. Easy to use strong encryption is, in many ways, a wonderful thing. It means that good people in bad places might have more freedom to communicate. It means that people can trust that a point to point communication is just that. But it also means that a lot of people with bad intentions will find it easier to go dark, to plot, and to recruit – often across international borders. How are governments going to cope with this especially when they’ve enjoyed great success with the current collection models that allow them to intercept electronic communications on a massive scale?

Even if you support strong encryption and disagree with government interception of electronic communications you must acknowledge the impact that cutting them out of the loop could have on our security. That tradeoff is the topic we struggle with in this episode.

You can follow David on Twitter @AllThingsHLS.

Hillary Clinton’s Email Server: Dissecting the Risks with William Tucker | Episode 15

William J. Tucker joins me again to discuss Hillary Clinton’s decision to manage her own email services while Secretary of State. While this decision has angered political opponents and government transparency advocates (not to mention a few historians) we are bypassing the political and legal issues to zero in on the risks associated with her decision – and there are many. Join us as we walk through the information security and intelligence aspects of this story and examine the risks posed to Hillary Clinton, our government, and potentially anyone that maintained contact with her through this method. If you’re not concerned now, you will be.

You can follow William J. Tucker on Twitter and read his guest posts on Blogs of War:

Everybody Spies – and for Good Reason
Hawaii a Priority Target for Foreign Espionage
Would the U.S. Really Kill Edward Snowden?
Snowden’s Snowjob?

Other Covert Contact Episodes Featuring William:
Episode 12 | Counterintelligence: William J. Tucker Breaks Down the Challenges

Embed Code for This Episode

<iframe style="border: none" src="//html5-player.libsyn.com/embed/episode/id/3418032/height/250/width/450/theme/custom/autoplay/no/autonext/no/thumbnail/yes/preload/no/no_addthis/no/direction/backward/no-cache/true/render-playlist/no/custom-color/d65008/" height="250" width="450" scrolling="no"  allowfullscreen webkitallowfullscreen mozallowfullscreen oallowfullscreen msallowfullscreen></iframe>

Andy Priest on the Importance of Developing New International Crisis Policing Models | Episode 14

Policing is on the agenda again in episode 14. In this episode I talk to Andy Priest about his international rapid intervention concept that focuses on providing advanced police support during critically destabilizing events. Andy stresses the importance of building this capability now so that participating nations can draw on a stabilizing resource in an inevitable crisis rather than over-reacting, over-reaching, or stretching existing resources to the breaking point. It’s an important concept that will only get more important if the threat of Charlie Hebdo style attacks (or other destabilizing attacks) scale up in impact and frequency. Preserving individual liberty could prove challenging in such an environment and Andy makes the case that clearly segregating the roles of police, military, and specialized response forces is work that should be occurring now – before the crisis.

You can follow Andy Priest on Twitter @Priestic1. Andy blogs at https://medium.com/@Priestic1.

Scriven King on Balancing Security, Values, and Public Perception in Modern Policing | Episode 13

In episode 13 I speak to security blogger/podcaster, and Blogs of War contributor, Scriven King about some of the challenges in modern policing. Security professionals, police included, are scrambling to understand rapidly evolving technologies and threats. Evolving to meet those threats, and leverage those technologies, without significantly changing what it means to be a police officer, without undermining the ideals of the profession, and without permanently damaging public perception of the profession is proving difficult. Even greater challenges loom on the horizon so the time for serious apolitical dialogue is now.

You can follow Scriven on Twitter @ScrivenLKing, listen to his security podcast, The Gate Shack, and read his thoughts on security at his blog, The Security Dialogue.

Crypto Wars: Winners, Losers, and the Case for Compromise | Episode 3

This week I’m focusing on a single critical topic – the struggle between privacy advocates and governments over cryptography. This is a sensitive topic and there are a lot of extreme positions on the matter. I attempt to take a balanced look at both sides of the issue, offer my thoughts about who might win the war, and I explore what the eventual outcome might mean for intelligence professionals. However, I also argue that if either side “wins” the war without understanding and accommodating the positions of the other, we all stand to lose.

This is a slightly shorter and more focused episode but I’m exploring this format with the intention of releasing more than one episode per week. Please let me know what you think about the format change. You can do that on the Covert Contact Facebook Page or by connecting with me on Twitter @CovertContact.