The Senate’s Liberty Act Helps Close the “Backdoor”



  • Take the language of one NSA surveillance reauthorization bill and add a few strong reform proposals from another, and what do you get? A bill that helps protect Americans from the warrantless search of the content of their emails, text messages, and digital communications.

    On November 17, Senators Patrick Leahy (D-VT) and Mike Lee (R-UT) introduced the USA Liberty Act (S. 2158) into the Senate. It is based on legislation of the same name introduced in October by House Judiciary Committee Chairman Bob Goodlatte (R-VA) and Ranking Member John Conyers (D-MI).

    EFF supports this legislation and welcomes the additional protections included.

    Both the House-side and Senate-side USA Liberty Act seek to reauthorize Section 702 of the FISA Amendments Act, an NSA surveillance tool scheduled to expire at the end of this year. Section 702 permits the NSA to target electronic surveillance at non-U.S. persons located outside the United States. But when the NSA sweeps up emails and text messages of foreign targets, it predictably also collects messages written by U.S. persons. These communications are stored in NSA databases as well as those of other intelligence agencies, such as the FBI and CIA. When FBI agents search through Section 702-collected data in FBI systems—even when data belongs to U.S. persons—they do not obtain a warrant.

    These unconstitutional searches of Americans’ communications, which skirt the Fourth Amendment requirement of a warrant, are called “backdoor” searches.

    The Senate-side USA Liberty Act restricts these searches by borrowing an approach from a separate amendment made for the FISA Amendments Reauthorization Act of 2017, a second Section 702 reauthorization bill before the Senate. Though not identical in language, both the Senate-side USA Liberty Act and the amendment to the FISA Amendments Reauthorization Act place certain warrant requirements on backdoor searches.

    According to the Senate-side USA Liberty Act, if government agents want to read Section 702-collected communications belonging to U.S. persons, they first need to obtain a warrant from the Foreign Intelligence Surveillance Court (FISC), which provides judicial oversight on Section 702 surveillance. The bill requires the FISC to approve warrants based on whether there is probable cause to believe that the requested Section 702-collected communications contain evidence of a crime, or concerns an “agent of a foreign power.”

    Importantly, this backdoor search warrant requirement applies even if agents are searching for foreign intelligence information—a requirement not available in the House-side bill. That bill’s exception for foreign intelligence searches seriously undercuts the value of its warrant requirement.

    Unfortunately, the Senate-side USA Liberty Act’s warrant requirement applies only to the content of communications, and does not also apply to metadata. According to the bill, government agents who want to access Section 702-collected data related to “dialing, routing, addressing, or signaling information” only need to obtain approval from the Attorney General and show the information is relevant to an investigation. While a warrant requirement is preferred, a relevance test and high-level review are significant improvements over current practice.

    The Senate-side USA Liberty Act, like its House sibling, also codifies the end of “about” collection, a highly intrusive type of surveillance that the NSA voluntarily ended this year after receiving criticism from the FISC. But where the House-side bill only ends this practice through 2023, the Senate-side bill ends it permanently.

    The Senate-side bill has another improvement: it explicitly grants backdoor search protections to “persons reasonably believed to be located in the United States.” This means that foreign individuals inside the United States will have the same backdoor search protections on their communications and metadata as those offered to U.S. citizens and permanent residents. The Senate-side bill is rare in codifying these protections.

    Sen. Ron Wyden (D-OR), the author of a separate, strong surveillance reform bill called the USA Rights Act—which also extends protections to foreigners inside the United States—praised Sens. Leahy and Lee, and their work.

    “I applaud Senators Lee and Leahy for their proposal, which will create meaningful new protections for Americans’ rights, in particular by seriously addressing the problem of warrantless backdoor searches of Americans’ communications,” Wyden said. “While I believe the USA Rights Act represents the best solution to reforming Section 702 of FISA, the Lee-Leahy bill deserves full consideration by the U.S. Senate.”

    We agree.





Tmux Commands

screen and tmux

A comparison of the features (or more-so just a table of notes for accessing some of those features) for GNU screen and BSD-licensed tmux.

The formatting here is simple enough to understand (I would hope). ^ means ctrl+, so ^x is ctrl+x. M- means meta (generally left-alt or escape)+, so M-x is left-alt+x

It should be noted that this is no where near a full feature-set of either group. This - being a cheat-sheet - is just to point out the most very basic features to get you on the road.

Trust the developers and manpage writers more than me. This document is originally from 2009 when tmux was still new - since then both of these programs have had many updates and features added (not all of which have been dutifully noted here).

Action tmux screen
start a new session tmux OR
tmux new OR
tmux new-session
screen
re-attach a detached session tmux attach OR
tmux attach-session
screen-r
re-attach an attached session (detaching it from elsewhere) tmux attach -d OR
tmux attach-session -d
screen -dr
re-attach an attached session (keeping it attached elsewhere) tmux attach OR
tmux attach-session
screen -x
detach from currently attached session ^b d OR
^b :detach
^a ^d OR
^a :detach
rename-window to newname ^b , <newname> OR
^b :rename-window <newn>
^a A <newname>
list windows ^b w ^a w
list windows in chooseable menu ^a "
go to window # ^b # ^a #
go to last-active window ^b l ^a ^a
go to next window ^b n ^a n
go to previous window ^b p ^a p
see keybindings ^b ? ^a ?
list sessions ^b s OR
tmux ls OR
tmux list-sessions
screen -ls
toggle visual bell ^a ^g
create another window ^b c ^a c
exit current shell/window ^d ^d
split window/pane horizontally ^b " ^a S
split window/pane vertically ^b % ^a |
switch to other pane ^b o ^a <tab>
kill the current pane ^b x OR (logout/^D)
collapse the current pane/split (but leave processes running) ^a X
cycle location of panes ^b ^o
swap current pane with previous ^b {
swap current pane with next ^b }
show time ^b t
show numeric values of panes ^b q
toggle zoom-state of current pane (maximize/return current pane) ^b z
break the current pane out of its window (to form new window) ^b !
re-arrange current panels within same window (different layouts) ^b [space]
Kill the current window (and all panes within) ^b killw [target-window]
  • Make ISO from DVD

    In this case I had an OS install disk which was required to be on a virtual node with no optical drive, so I needed to transfer an image to the server to create a VM

    Find out which device the DVD is:

    lsblk

    Output:

    NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 465.8G 0 disk ├─sda1 8:1 0 1G 0 part /boot └─sda2 8:2 0 464.8G 0 part ├─centos-root 253:0 0 50G 0 lvm / ├─centos-swap 253:1 0 11.8G 0 lvm [SWAP] └─centos-home 253:2 0 403G 0 lvm /home sdb 8:16 1 14.5G 0 disk /mnt sr0 11:0 1 4.1G 0 rom /run/media/rick/CCSA_X64FRE_EN-US_DV5

    Therefore /dev/sr0 is the location , or disk to be made into an ISO

    I prefer simplicity, and sometimes deal with the fallout after the fact, however Ive repeated this countless times with success.

    dd if=/dev/sr0 of=win10.iso

    Where if=Input file and of=output file

    I chill out and do something else while the image is being copied/created, and the final output:

    8555456+0 records in 8555456+0 records out 4380393472 bytes (4.4 GB) copied, 331.937 s, 13.2 MB/s

    Fin!

    read more
  • Recreate postrgresql database template encode to ASCII

    UPDATE pg_database SET datistemplate = FALSE WHERE datname = 'template1';

    Now we can drop it:

    DROP DATABASE template1;

    Create database from template0, with a new default encoding:

    CREATE DATABASE template1 WITH TEMPLATE = template0 ENCODING = 'UNICODE'; UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template1'; \c template1 VACUUM FREEZE;

    read more
});