Slashdot Mirror

They already can - just enter the Bitcoin address of whoever in the settings.

However, the EFF would not be an option, as the EFF stopped accepting Bitcoin and the EFF ditched their Bitcoin donated prior to that decision.

They already can - just enter the Bitcoin address of whoever in the settings.

However, the EFF would not be an option, as the EFF stopped accepting Bitcoin and the EFF ditched their Bitcoin donated prior to that decision.

The US has enforced digital trade sanctions for years, even LinkedIn has blocked users before in fear of violating export sanctions. However, this is the first case I've heard of the US blocking access to a free service offered online.

Police lying about how they obtained evidence (because they obtained it illegally) is called "parallel construction". Amazingly, US law enforcement treat it as just another tool they can use, rather than a method for committing perjury and circumventing the Fourth Amendment. https://www.eff.org/deeplinks/...

Not sure if joking...

http://noscript.net/features#o...
https://www.eff.org/https-ever...

A lot of the sslstrip stuff is based off of people not noticing the page has changed to insecure, modern browsers try to address that by making it more visible than it was in the pre-FF3 era, e.g.:
https://support.mozilla.org/en...

Look, do you people just want to tire everyone out with your nonsense? Your arguments (that this invasion of privacy doesn't matter, that the government would never abuse its power or that they couldn't do it in this instance, etc.) have been debunked time and time again. It grows tiring. If you honestly don't think this will be abused, just look at history; there are no good governments, and all of them have abused their powers in horrendous ways, and that includes the US government (slavery, Jim Crow, the internment of Japanese citizens, to name a few). The abuse of this program is an inevitability, and has likely already happened.

There's a reason that organizations such as the ACLU and EFF--which are devoted to the protection of our civil liberties--are up in arms about this.

You see I really don't care who knows the number I made a call to or got a call from, what I do care about is them knowing the content of the call

You may not care, but I do. Don't sacrifice my privacy just because you don't care. I care very much, thank you. Also, it would be just as easy for them to get the content of the call, so pretending as if that should be more private is just ridiculous.

Ultimately, freedom is what's important. If having freedom and privacy means I'll be more likely to blow up in a terrorists attack--which I doubt, by the way--then so be it.

I think you mean "restores"? After they tried to take it away?

...but if they ask you to open the safe, you have to open it.

Actually, you don't.

You only have to provide access to locations specifically named in the warrant. If the contents of the safe aren't listed on the warrant, you don't have to open it. Also, they have to have evidence that the specific contents in the safe contains incriminating evidence beforehand, else it is off-limits.

Just because they have a warrant, does not mean they can go on a fishing expedition and go looking for evidence. The warrant is there to collect the evidence, not to try to locate it.

If you're still confused, please read the SSD:

https://ssd.eff.org/your-computer/govt/warrants

There are two scenarios in forcing someone to hand over information on an encrypted disk.
1) With no evidence of wrong doing they make you hand over information that's encrypted. There is no court order, because there isn't any evidence. It's like passing through security and they want to view secret documents in your locked briefcase. That's not warranted. It's a violation.

2) Court has evidence against you there is an investigation and they court orders you to hand it over. It's the same as asking for the key to your briefcase because they have a warrant to search it. The only difference is, is that if you don't give them the key they can't smash the lock to open it up. If you don't give them the key and they can't open it up they will throw you in jail for disobeying the court. I see that as nothing different than what has happened here.

Now it has been argued I believe successfully that encrypted data should be treated just personal speech which should be protected by the 5th. Now this wasn't the U.S. so this has no barring on the current case. It's quite interesting to think of how this falls. Is it the same as making someone testify or make a statement or is it more like locked files in a cabinet.

So while the scenario in part 1) isn't debatable the scenario in part 2) is. Was this a violation of freedom it's hard for me to say.

The EFFs thoughts https://www.eff.org/deeplinks/2013/10/new-eff-amicus-brief-argues-fifth-amendment-prohibits-compelled-decryption

Yahoo's Fight for its Users in Secret Court Earns the Company Special Recognition in Who Has Your Back Survey
Yahoo Surpasses Google in Web Traffic, Somehow
Yahoo Takes Web Traffic Crown From Google — But Is It Winning?
Yahoo Sports
tumblr
Flickr
Fantasy Football

So if a website gives you only HTTPS with RC4 or HTTP in clear text as options - why would you choose clear text?

This is totally illogical. Yes RC4 sucks but it is better than clear text - ANYTHING is better than clear text. The only possible argument for this would be "false sense of security", but if you think average people pay any attention to that padlock in the status bar, you are delusional.

I agree with you wholeheartedly — in fact, I accept some questionable certs in my zeal to transfer ciphertext instead of plaintext.

However, I neglected to mention in my previous post that I also use EFF's "HTTPS Everywhere," and an extension for that extension called "HTTPS Finder" — the former forces HTTPS if the host is known to support it, and the latter forces HTTPS if an HTTPS connection is possible (and creates a new rule for "HTTPS Everywhere"), even with requisite security.ssl3. cipher suites disabled in about:config .

(I figured anyone knuckle-deep in their browser's HTTPS configuration would be aware of them (and hopefully, using them). I recommend both, emphatically — "HTTPS Everywhere" alone yields a vast improvement in security/privacy, and has the benefit of a very long, expert-managed list of defaults.)

Thus, if RC4 is needed and I have it disabled, I'll be presented with an "ssl_error_no_cypher_overlap" error page, then I enable RC4 and reload. The only weakness there is in my forgetting to re-disable RC4, but the two extensions I mentioned in my initial post help in this effort, alerting me in various ways if/when I connect to another host using weak security:

"CipherFox" displays the cipher suite (or configurable portions thereof) in use on the status bar (e.g., it shows me "AES-256 RSA-4096 SHA1" on DDG), as well as providing the "Enable RC4" check-item on the Tools menu.

"Calomel SSL Validation" displays (on my nav. bar) a color-coded shield that represents a percentage security rating based on weighted factors drawn from the cert and cipher suite, the breakdown of which is displayed via clicking the shield icon.

The timeline surround US gov interest in political groups seemed to then move to the right.
What COINTELPRO did to the anti war and law reform groups PATCON (~Patriot-conspiracy) did on the US 'right'.
http://www.foreignpolicy.com/articles/2012/04/18/patriot_games
Snowden's whistleblowing helped people understand https://www.eff.org/deeplinks/2013/08/dea-and-nsa-team-intelligence-laundering i.e. "Parallel construction" via a vast long term domestic spying program.
Finally thanks to Snowden you have http://en.wikipedia.org/wiki/Tempora - the UK showing it can do the "entire" internet.

"it launched last year as its attempt to muscle in on that other flavour-of-the-month market: the so-called Internet of Things."

I had to specifically point out to the Wired.com journalist writing about my "Right To Serve" issue that he was putting the phrase "Internet of Things" into my mouth in his first draft article. The "Internet of Things" from what I can tell is the establishment dipping its toes into the wonderous waters of IPv6, but finding a way to do it without allowing the residential user to _profit in any way_ from their "internet of things". Because all profit shall be reserved for the establishment. Or so goes the party line.

http://www.wired.com/threatlevel/2013/07/google-neutrality/
http://cloudsession.com/dawg/downloads/misc/kag-draft-2k121024.pdf
http://arstechnica.com/information-technology/2013/07/google-we-can-ban-servers-on-fiber-without-violating-net-neutrality/
https://www.eff.org/deeplinks/2013/08/google-fiber-continues-awful-isp-tradition-banning-servers
http://crossies.com/pissed.html
http://arstechnica.com/information-technology/2013/10/google-fiber-now-explicitly-permits-home-servers/
http://www.mcclatchydc.com/2013/08/01/198327/googles-call-for-open-internet.html

The NSA's operations abroad are not against the organization charter, and are, therefor, not against the law.

So what? The NSA's charter has nothing to do with it, and their operations abroad aren't the ones in question. The problem is their (and their legislative/executive enablers) blatant disregard for this, and their domestic operations are illegal by definition. Their charter can say "we will blow rainbows out of unicorn's asses" for all I care.

Just remember this- I'm here all night (another Friday night on /. loser!!) , so the more you talk, the more you give me a chance to rebut and further explore this topic.

Stop the TPP- contact your congressperson this weekedn!

https://www.eff.org/issues/tpp

TPP > PIPA + SOPA

If anyone is interested in the common carrier argument, I urge them to read the following as it relates to being able to treat your residential ISP as a 'common carrier' (so that for instance one could host their own server running an open source or commercial solution that provides an alternate to facebook messaging).

http://cloudsession.com/dawg/downloads/misc/kag-draft-2k121024.pdf
http://arstechnica.com/information-technology/2013/07/google-we-can-ban-servers-on-fiber-without-violating-net-neutrality/
https://www.eff.org/deeplinks/2013/08/google-fiber-continues-awful-isp-tradition-banning-servers
http://crossies.com/pissed.html
http://arstechnica.com/information-technology/2013/10/google-fiber-now-explicitly-permits-home-servers/
http://www.mcclatchydc.com/2013/08/01/198327/googles-call-for-open-internet.html

Right. This is what happened with the financial meltdown, exactly. There were few prosecutions and none of the household -name people - Jamie Dimon Lloyd Blankfein, Angelo Mozilo, Richard Fuld, Bear Stearnsâ(TM)s Jimmy Cayne, Merrill Lynchâ(TM)s Stan Oâ(TM)Neal, Citigroupâ(TM)s Chuck Prince all of these people are untouchable even though we lost literally a trillion dollars and more during the meltdown and entire lifetime retirements of people were destroyed . Eric Holder and his justice department looks and looks but golly! just can't find a gosh-darn thing he can charge them with.

It's a joke. A sick sick joke and made me lose a LOT of respect for the whole process of criminal justice. This is not a nation of laws, it's a nation of money and a nation of men when it comes right down to it. Same thing with the Transpacific Partenership- people with money and connections are literally usurping the environmental, labor , patent, copyright and other laws of nations. Laws which were arrived at through the respective societys' democratic process.

This is how empires fail They overreach. They heedless impose the will of mere individuals - or in this case corporations- upon people who disapprove of what they're doing by a ratio, in this nation at least , of 300 million to one.

This is how societies collapse. This is the steady rip rip of the social contract between the government and it's people that is not forgotten but instead goes underground, into people's living memories only later to emerge and play a decisive roll in the dissolution of that society. The government is known by all, in this case left and right and center, to be corrupt, unresponsive, indifferent to its people and serving only the needs of its elite, which are endlessly craven and grasping and greedy. People are cynical, but that's just the outward tell of their inner states.

Then something ecological happens directly owing to the untrammeled greed of the 1% and the society goes down all at once. This is not speculative, it's happened time and time again. To the Anasazi of the U.S. Southwest, to the Classic Lowland Maya, to the inhabitants of Easter Island and some other Polynesian societies, to the Greenland Norse, to the Mycenean Greece, and to the Western Roman Empire.

Hate to present a totalizing narrative which "explains all things" but it's not just my opinion that this is coming; it's the Pentagon's and the NSA's also:

http://www.theguardian.com/environment/earth-insight/2013/jun/14/climate-change-energy-shocks-nsa-prism

If the Pentagon and the NSA and Obama had any sense at all, they'd prioritize climate legislation and start treating the manufacturers and purveyors of climate change denial like the threat to civilization they literally are.

Then they'd go after the deprivations of the 1% - typical example the contents of the TPP- which are literally tearing the social fabric of this nation apart.

https://www.eff.org/issues/tpp

http://www.exposethetpp.org/

https://www.citizen.org/TPP

Environmental disaster as the trigger to societal collapse:

http://www.pnas.org/content/109/10/3632.full

http://en.wikipedia.org/wiki/Collapse:_How_Societies_Choose_to_Fail_or_Succeed

\http://www.abc.net.au/science/articles/2003/07/17/2858655.htm

The article is filled with inaccuracies which all support this person's conclusion that, essentially "ho hum, nothing can be done and nothing will be done".

It's in the scope of domestic intelligence that we can see the most likelihood of change. Unfortunately, much smart money is now going on the bet that in the long run the result of all these revelations will actually be more domestic surveillance (under various changing names and labels) not less!

First he cites that bastion of liberal liberty, equality and fraternity, France, explicit legalization of their spy agency's domestic surveillance as evidence that the EU is "going there" en masse, with the spy agencies chortling all the way.:

For example, just weeks ago, and shortly after a high level French ex-intelligence official was quoted as saying essentially that "we don't resent NSA, we simply envy them!" France passed legislation legalizing a vast range of repressive domestic surveillance practices.

News stories immediately proclaimed this to be an enormous expansion of French spying. But observers in the know noted that in reality this kind of surveillance had been going on by the French government for a very long time -- the new legislation simply made it explicitly legal.

The reality is much more nuanced in a number of important ways.

First note that the EU directive that mandates private carriers retain IP and telephony metadata , the EU Data Retention Directive, stipulates a much shorter time frame- just two years- than the "forever and a day" time frame the NSA allows itself.

This is not nothing. It's harder to blackmail politicians for what they did in their youths if you don't happen to have that data laying around to mine at the time they become politicians later in life.

In general it limits the time frame at which abuse could be aided by super-god-knowledge of the target's most intimate details.

Neither does the fact of the DRD in EU support this statement:

So, the handwriting appears increasingly clear. Pressure will rise to move the responsibility for holding this data corpus from NSA per se, back to the carriers or perhaps some ersatz independent org, but the data will still be collected. And despite calls for more limited access by NSA and other agencies , one can safely assume that whatever access they say they really, truly need for national security, they're going to get -- one way or another. There's simply no obvious way that there will be a real return to any actual, meaningful, truly individualized search warrant requirement (no matter how any changes are ostensibly framed to the public).

The reason it doesn't support it is because, under the DRD, a *court order* is needed by the intelligence agencies before they can access the metadata held by the telcos. That is a significant barrier, and in fact more in line with what has traditionally been the case in the US and which falls within societal comfort levels - a search warrant being issued to the police upon presentation of probably cause to a court.

Secondly, and in contrast to the tone of this blog entry, there is significant political resistance within the EU by a number of nations which has resulted in the rejection of the DRD by the highest courts of the respective nations.

https://www.eff.org/issues/mandatory-data-retention/eu

Nations now fighting the Directive include Cyprus, Czech Republic, Germany, Greece, and Romania. The DRD was adopted in Romania, but declared unconstitutional in 2009. In February 2011, Cyprus declared their national data retention law unconstitutional. The Courts in Bulgaria declared their mandatory data retention laws unconstitutional and the German law adopting the Directive was declared unconstitutional in March 2010. In March 2011, the law tra

The US gov wants to keep it all for a legal, court usable replay over your lifetime.
Every call, email contact, a book buying list, travel arrangement, banking detail, friends, friends of friends, family, credit card use...
So if you become political, take up some issue in your State or federally, protest "the" next war, write to the press, write to political leaders, use your income for political issues, support charity events, support faith based groups - you end up on lists.
http://www.slate.com/articles/news_and_politics/frame_game/2013/06/surveillance_lockbox_why_can_the_nsa_search_your_phone_records_without_a.html
http://thelead.blogs.cnn.com/2013/06/18/nsa-whistleblowers-obama-administration-misleading-on-surveillance-programs/
From testimony to the Senate Judiciary Committee on March 30, 2011:
...."gotten together with the DOD where we've put together this technology database where I can go in, and I can, with one query, I can get all past and all future e-mails from a person,"
Parallel construction: https://www.eff.org/deeplinks/2013/08/dea-and-nsa-team-intelligence-laundering
The tracking seems to be keyword and new contacts to know people, organizations, voice prints, call data, email, postage use, internet logging.... been seen at a protest or been linked to one.
With 2 -3 hops from any person been considered - the numbers of people been looked from one individuals positive identification: 1 person to 10-100 friends/contacts and all their 100's of friends/contacts and beyond with any their issues been linked back down that one person...
http://arstechnica.com/information-technology/2013/07/you-may-already-be-a-winner-in-nsas-three-degrees-surveillance-sweepstakes/

The insecurity is on the side of the NSA.
They wouldn't go through such hoops if we didn't have the most powerful freedom tool ever, namely the Internet.

Use it properly and they shall vanish.

You are right. But the problem is that the ISPs will not allow you to use the internet properly (e.g. hosting your own data on your own server at home, thus giving it the strongest possible U.S. 4th ammendment 'papers' protection.

http://cloudsession.com/dawg/downloads/misc/kag-draft-2k121024.pdf
http://arstechnica.com/information-technology/2013/07/google-we-can-ban-servers-on-fiber-without-violating-net-neutrality/
https://www.eff.org/deeplinks/2013/08/google-fiber-continues-awful-isp-tradition-banning-servers
http://crossies.com/pissed.html
http://arstechnica.com/information-technology/2013/10/google-fiber-now-explicitly-permits-home-servers/
http://www.mcclatchydc.com/2013/08/01/198327/googles-call-for-open-internet.html

With advice on air gaps, help people find/write better code, cpu and networking http://yro.slashdot.org/story/13/06/28/0136202/richard-stallman-speaks-about-back-doors-after-nsa-documents-leak
That would help some physical sites. Get people thinking about crypto - the historical ways in during pre ww2, ww2, the cold war, 1990's and via the good news from Snowden.
Re conscientious objection - support mainstream and alternative media, legal rights groups and educators all over the political spectrum.
Learn from work done in US courts like: http://www.freedomwatchusa.org/court-declares-nsa-spying-program-unconstitutional-and-grant
Parallel construction https://www.eff.org/deeplinks/2013/08/dea-and-nsa-team-intelligence-laundering
The domestic legal vision of a life long box for all your phone calls
http://www.slate.com/articles/news_and_politics/frame_game/2013/06/surveillance_lockbox_why_can_the_nsa_search_your_phone_records_without_a.html
Start *any* discussion is the best thing you can do. Long worded emails to the press about material they covered with all the terms they used and your insights :)
Like in East Germany, standing in front of the Church with a sign, you will be *noted* by a powerful State but a lot of people will read your wise words.
Read all you can: http://cryptome.org/2013-info/06/whistleblowing/whistleblowing.htm is not new :)

We are back to the pre Snowden classic - too much information.
This has never been a problem due to fast sorting, keywords, voice prints, numbers called and cheap storage.
GCHQ and the NSA could get every call from Intelsat back the late 1960's for sorting and indexing. Once you have the total 'in' and 'out' points of any nation as its telco networks is constructed: https://www.eff.org/deeplinks/2013/08/dea-and-nsa-team-intelligence-laundering shows how easy a lifetime of collection can be and looks like under one small program :)

Most of the trolls and sock puppets seem to be reading from
http://www.zerohedge.com/news/2013-10-31/document-reveals-official-nsa-talking-points-use-911-attacks-sound-bite
http://www.zerohedge.com/news/2013-12-02/nsas-mission-great-value-nation-complete-authorized-nsa-thanksgiving-dinner-talking-
As more Snowden docs where released their usual straw man, topic changing, the crypto is still good, 'other countries', its all legal, "its only metadata" sock puppet talking points became more and more of a joke over the weeks.
The world now knows of the junk internet encryption, the useless telco encryption, the tame US firms, the tame US staff, the tame US legal teams, the tame staff in other countries ensuring all data flows back the UK/US and many other 'friends', the lack of any real political oversight, the lack of basic crypto skill around top political leaders.
Better software, hardware, air gaps and law reform will slowly correct many of the issues :)
The reality of https://www.eff.org/deeplinks/2013/08/dea-and-nsa-team-intelligence-laundering is now for good lawyers to understand and consider.

Processing is what was always done, listening to a call for keywords, known numbers used, voice print - the resulting file size kept was not huge per call, person.
The flow of data in was vast but not hard for the US and UK to balance for fast processing over a few sites around the world.
https://www.eff.org/deeplinks/2013/08/dea-and-nsa-team-intelligence-laundering really shows the end game - decades of calls reduced to a usable size under just one simple program.
The next trick will be to have it made legal in US domestic courts, no more magical parallel construction needed :)

https://supporters.eff.org/shop/laptop-camera-cover-set

You have to either accept or deny *all* that an app requests in its manifest, or you can't install.

If only there were something that would fix that that.

Oh, but wait that's a community ROM. If only Google had something like that.

Ehrm.. as strongbad used to say... DELETED.

You have to either accept or deny *all* that an app requests in its manifest, or you can't install.

If only there were something that would fix that that.

Oh, but wait that's a community ROM. If only Google had something like that.

Ehrm.. as strongbad used to say... DELETED.

And to add on top of that the user is presented with two choices: Either install the app and grant all the requested permissions, or don't install the app.

Not even an obviously malicious permission request will stop most users from installing (cf: flashlight app, Why does this need data? I don't care. *click*). My guess is that this happens because at this point the user has already made the decision (I've just clicked on 'Install'!).

Google treats this as works as intended/wontfix, so don't expect any changes anytime soon.

The Android permission system is a joke. Windows UAC gives you more options.

Encrypt everything, make life as difficult as possible for those who would snoop your traffic. You mention Firefox plugins, perhaps you should also be using the HTTPS Everywhere plugin: https://www.eff.org/https-everywhere

Also make sure you are using the SSL Observatory function, this should at least help prevent MITM type attacks against you.

Without a warrant they couldn't even open a letter because you had a right to privacy/unreasonable search and seizure, and that right still exists.

But with a warrant they could. Not any more — today practical encryption is available to all and it easy enough to use to frustrate the best decryption efforts the government currently has (otherwise they wouldn't be bothering with demands for keys, for example).

That letter was encrypted by an envelope.

Yes, and so it is today. The article — any my comment — are about the meta-data, which was always available on the envelope and did not require a warrant to record. NSA just did not have the means of recording all of it before (from each envelope). But we did censor some mail even before NSA was created.

They are saying you don't have the right to an envelope

They always had the right to read the envelope — and even the entire postal card. Worse, lower-cost "media mail" could even be legally opened and examined without warrant. Read the explanations on the EFF Privacy page.

or that they should be able to open all envelopes because envelopes contain evil missives

No, opening envelopes would allow them to get not just the meta-data, but the actual data (content). While the NSA may be doing that as well, the discussion is about their collection of meta-data — what's written on the "envelopes" rather than, what's inside them.

Only Tron fights for the user.

And the EFF.

Why block cookies?

Allowing third-party cookies, of course, is a bad idea. But blocking first-party cookies is stupid. Oh, no! Cookies can track you! This is terrible news! Unless, by "news", you mean something we haven't known about for nearly the last 20 years.

News flash! (There goes that "news" word again, being all sarcastic.) Firefox lets you wipe your cookies after every browsing session, and it's a built-in feature that has been there for years. Just go to the options/preferences dialog, to the Privacy tab, and make sure "Clear history when Firefox closes" is checked. Next to that option, there is a "Settings..." button, which, when clicked, brings up another dialog to let you be more specific about what kinds of history are cleared when you close Firefox. The "Cookies" option does what it says on the tin.

Now, close and reopen Firefox. Go to Google's homepage. You now have a PREF cookie. You can see it if you have the web developer toolbar add-on installed and use View Cookie Information from it. You will be able to see the unique value from the PREF cookie. Now close and reopen Firefox again. Go to Google's homepage again. View Cookie Information again. The PREF cookie's value has changed. You aren't (to Google or anyone else's knowledge) the same person you were 30 seconds before, at least not from this PREF cookie's point of view.

Beware, though. While the PREF cookie isn't quite the monster TFA/TFS makes it out to be, there are other ways of tracking you. Try out Panopticlick and you'll see just how your exact browsing setup can be tracked. It's difficult to get a good read with Panopticlick, though. Very high numbers mean you're not unique and can't be easily tracked because you blend in with a large crowd. Very low numbers mean you're extremely unique and your browser is likely discarding that profile immediately after you end the session. Numbers in the middle (wherever that is) mean you probably are trackable.

The IP is not the only way to identify a browser.

try this link and cry:
how unique is your browser

I talk smart, but my nerd resolution of 2400x1920 gives 15 bits of identifying identification, and firefiox ESR give 10.

"Your browser fingerprint appears to be unique among the 3,665,195 tested so far."

in fact disabling cookies makes your browser more unique. Add the timezone, the fonts, the plugins and your browser quickly becomes more and more unique.

In case you didn't get the memo, Ron Paul and Rand Paul sold out to big business years ago.

A month before the Snowden leaks began, Rand Paul proposed legislation to reform the Third Party Doctrine: http://beta.congress.gov/bill/113th/senate-bill/1037/text

The 3PD is the principal that if you share information with a third party, even if that third party promises you confidentiality, and even if that confidentiality is never actually compromised, the 4th Amendment doesn't apply and the Feds can simply demand the information willy nilly. The 3PD totally guts the 4th Amendment -- it is the basis upon which politicians can say that the NSA's masspionage is "legal". Without the 3PD, everything the NSA is doing, at least with respect to people in America, is so unconstitutional a third grader could litigate and win the case against it.

Fortunately, even Justice Sotomayer is questioning the wisdom of this rule in the modern world where everything a person does requires sharing information with third parties -- you cannot navigate the modern economy without such sharing. See the paragraph beginning on PDF page 19 for her thinking on this issue: http://www.supremecourt.gov/opinions/11pdf/10-1259.pdf

Whatever Rand Paul's faults are, he was aware of the eviscerating effect of the Third Party Doctrine and took action to protect the 4th Amendment PRIOR to the leaks. This is not the type of legislation that $megacorp loves and supports. It's a pure civil rights issue. However, I don't think his reforms don't go far enough because the only effect it would have is to exclude illegally obtained information at trial. Considering how the Feds engage in intelligence laundering, it is clear that a mere exclusion is insufficient -- there must be personal and agency penalties for a violation. To be fair to Paul, he didn't have this information when he wrote the legislation, but without personal consequences, it won't be that meaningful.

A decent example of such penalties is contained in the WA State statute regarding hidden mic recordings of conversations: See paragraphs 10 & 11: Violating the process for authorizing and recording a conversation surreptitiously, subjects the officers involved to personal prosecution for a class C felony and the agency to substantial fines ($25,000 per occurrence). The Feds need to have a little fear put into their hearts -- they need to ask themselves "If I can't do the time or pay the fine, do I really want to commit this crime?" And make no bones about it, the Federal government, due to its rampant lawlessness (e.g. collateral construction/intelligence laundering), is a criminal organization and needs to be treated as such.

Finally, back to the original point, Rand Paul might be a dick, but if you will step out of your partisan political mindset and consider the possibility that he just might have a good idea, we can get America back. Same goes for the tribal GOP -- both of you, Demoplicans and Republocrats alike, quit being so fricken tribal. The two parties are basically fungible anyway -- latch onto the very few good ideas and push them no matter who makes the proposal.

Oh fuck all these TLAs, this late in the workday my eyes start getting blurry.
Apparently the EFF thinks that Microsoft is trying to help secure the web, that bullshit is more newsworthy than the FSF taking yet another opportunity to say FOSS good, not-FOSS bad. I'm really interested in their methodology there: How can you prove that Microsoft is meaningfully performing useful server encryption without backdoors?

https://www.eff.org/deeplinks/2013/11/encrypt-web-report-whos-doing-what

This isn't an anti-patent troll bill. It's an anti-small inventor bill. It's designed to make it more expensive to enforce patents. That won't affect Google vs Apple vs Microsoft, etc. It just makes it harder for a little company to enforce a patent against a big one. That was the intention. (The Leahy bill in the Senate isn't that bad, but the Goodlatte bill that just passed the House is awful.)

This bill has been pushed through by a hate campaign against inventors. It's a well-funded campaign, and it's suckered in many people. The money is coming from Google and Facebook, who are hiding behind front organizations such as the Application Developers Association and the Electronic Frontier Foundation. The EFF's effort is funded by Google and Facebook, with $2 million laundered through a clever legal trick.

There are very few real "patent trolls". The EFF has tried to identify every one they can, and they only found 15. They started a campaign to attack "trolled patents" in court and at the USPTO, and and they only found one. There are a few other broad patents being enforced aggressively, notably Ultramercial. That's about it.

Using that thin basis, the "patent troll" problem has been hyped as a major threat. There are hate sites aimed at inventors:

• "Trolling Effects" (EFF) "Trolling Effects is a resource for those who have been targeted by patent trolls. Here you can learn more about these bad actors."
• The American Association of Advertising Agencies: "These are not companies in the traditional sense that employ workers or create, market and distribute products or services; rather, they are legal entities whose sole purpose is to threaten with patent claims and then secure expedient - and lucrative - settlements based on these claims."
• Application Developers Alliance: "Even the worst and least-expensive old patents are used like extortionist sledge hammers."

I used to respect the EFF, but once they took Google's money, they, too, turned to the dark side.

Hi AC Recall http://slashdot.org/story/13/07/03/1952228/mastercard-and-visa-start-banning-vpn-providers
If the gov knows your using a VPN via your traffic or CC, your IP is found no matter where the 'company' is located.
The NSA/GCHQ NSA never need enough disks to store bulk internet traffic.
They track you, your voice print, your cell use, internet use, your friends, your family, your friends friends as points of data, shopping, reading material, health... travel..
Small points of compressed data per person don't take up much space in any well funded domestic surveillance database.
Once you start been politically active, go for a gov job, write to the press a more bulk is collected is started.
The NSA/DEA https://www.eff.org/deeplinks/2013/08/dea-and-nsa-team-intelligence-laundering show what a private company and a few staff could offer over the life span of a consumers phone use to a gov agency with less oversight by US courts.
Parallel construction seems to be the new 'old' trick.

As someone who has been harassed for photography I make a personal note of places that post signs prohibiting photography and remain aware of my surroundings should I engage in photography. There seems to be this strange unspoken paranoia in society about cameras and law enforcement usually has the worst attitude about it let alone private persons.

The uphill challenges that photographers face in regard to people's attitudes and misinformed ideas about the law reminds me of the same challenges and misinformed ideas and attitudes that those who carry of firearms (or other defensive tools such as tazers) often have to face.

Unfortunately photographers don't have as much case law and legislative code to defend themselves with unlike those who lawfully carry firearms but this site is a great place to start on the subject and of course the EFF usually has some good material in relation to this subject.

You might want to not censor your name here.

Que?

Actually, I'm considering changing my name to "Anonymous". That way I wouldn't be violating any government imposed restrictions if I were to move to a country governed by a more censorious regime :P

Why would have "monitoring x00 million Americans" ever be seen as mathematically impossible?
The phone numbers at both ends would be a filter - is one or both known/of interest? Are they related/friends/connected with a person/group of interest?
Are any of the words spoken during the call of interest? Later are any of the voice prints known?
That would keep the front end of any international and domestic system very busy for a short time per call but the number of kept calls would be low.
The private telco DEA/NSA link is an easy way to reflect on storage efforts in the past.
https://www.eff.org/deeplinks/2013/08/dea-and-nsa-team-intelligence-laundering
You keep all material around the call, later the math of any new voice print. Content of the call would be based on operations, projects or just awaiting translation.
Over time you have total generational recall of every call made in/to the USA but don't real need mathematically impossible storage given wise compression and cheap storage.
As for the super computers needed to quickly sort each "call' as made - that seems to be something even the UK under budget constrains of the 1970-80's could always keep up with.
The only issue that existed for the UK: the change over from a physical paper card filesystem to US digital storage (~early 1970's).
That was never a mathematically issue - just cost for the UK vs other expensive UK crypto/mil needs i.e. the software and hardware to sort and then keep digital records was for sale from the USA at that time.

To answer the question that your should have asked:
* Voice your opinion.
* Support EFF https://www.eff.org/action [eff.org] and similar organisations.
* Contact your representative.
* Vote with your head and your heart - not your wallet.

All of these assume we live in a real democracy.

Contacting your representative? How effective is that, really? That representative is there to represent his contributors and his party; not you.

Voting? What good does that do when you have exactly two mainstream candidates to choose from (plus some freak-job nobody else is voting for)?

The solution you seek is to build real democracy, and have it replace the tyrannical system we already live in. And in fact, there is a realistic, already-in-progress means of doing so. Please join us: http://www.metagovernment.org/

To answer the question that your should have asked:
* Voice your opinion.
* Support EFF https://www.eff.org/action and similar organisations.
* Contact your representative.
* Vote with your head and your heart - not your wallet.

Those are good ones, but not immediately effective. So you should do those and encrypt your traffic.

Come on, you're asking the wrong question!
The sun doesn't revolve around you or me.
Those here who answer "I don't care" are halfway right.
None of us will be betrayed by Google or Amazon - that's bad business.
NSA won't post your private stuff or steal your money - they just want to do their job, damn the consequences.

However, after the next economic depression and mass unemployment, or after the next great war,
when we elect our Führers, or support revolutions ending in a totalitarian states,
they will find it convenient that our governments have built the infrastructure for their tyranny.

To answer the question that your should have asked:
* Voice your opinion.
* Support EFF https://www.eff.org/action and similar organisations.
* Contact your representative.
* Vote with your head and your heart - not your wallet.

[...] it's why we put them on the Special 301 "priority watch list" in 2012).

I am from Spain and last year we were no more in the 301 list. I want to be on that list again!! (Thankfully, I think this year we are going to be in the rank)

Author of the article here. You're right, I meant it to be a little funny. As I noted to the GP, most people studying these issues already know where the countries line up. Canada has a history of being different on IP issues than the US (much to the US's chagrin - it's why we put them on the Special 301 "priority watch list" in 2012).

History repeats itself.
Hepting vs. AT&T

Snowden's revelations are merely more specifics coming to light, this has been fought in court before, recently.

In 2008 Congress amends the FISA act to absolve the telecom companies (granting "retroactive immunity") of liability for VOLUNTARILY HELPING the government conduct illegal warrantless mass surveillance. Remember we are talking about fiber optic taps here to listen to everyone, not forwarding specific data pursuant to a warrant or court order.

Here's the trick: the FISA law was amended two years into the Hepting court case. Why the retroactive immunity clause? Because EFF was WINNING.

Never mind that the scope of the surveillance cited in the case FAR EXCEEDED the conditions of FISA. Never mind that the case was in progress. A circuit judge decided that the FISA law was applicable, and (even more shocking to me) allowed Congressional action to disrupt and destroy an ongoing Judicial due process of law.

Blackmail?
I'm running out of alternative theories.

___

Hepting vs.AT&T (2006-2012, R.I.P.)

"In Hepting v. AT&T, EFF sued the telecommunications giant on behalf of its customers for violating privacy law by collaborating with the NSA in the massive, illegal program to wiretap and data-mine Americans' communications."

"Evidence in the case included undisputed evidence provided by former AT&T telecommunications technician Mark Klein showing AT&T has routed copies of Internet traffic to a secret room in San Francisco controlled by the NSA."

[...] "In July, 2008, after a long and contentious battle in Congress, the government and AT&T were awarded the so-called retroactive immunity from liability under the controversial FISA Amendments Act (FAA), which was enacted in response to our court victories in Hepting."

[...] "In June of 2009, a federal judge dismissed Hepting and dozens of other lawsuits against telecoms. EFF appealed that decision but it was affirmed, and in October, 2012, the Supreme Court declined to hear the case."

My older brother is a VP-Eng at Google (maps). I can assure you that the whole thing is utterly corrupt. The day after active duty U.S. Navy Information Warfare Officer Dave Schroeder posted publicly here that he thought my GoogleFiber "Right To Serve" Manifesto[1] was "very good" and that he agreed with everything I wrote about the core net neutrality argument, my brother finally said he agreed with some part of my arguments. To this day he has never clarified which part, though still asserts that I should have gone about my complaint in "the better way", namely submitting myself subserviantly to the Google technocratic leaderships opinion. The fact of the matter is, IMHO, that being able to host server/s on your residential internet connection, and being able to expect the user/customer base of all "internet service" to have the same basic right, is a key aspect of reclaiming our informational privacy and security on the internet. No, it's not bulletproof, but it's the foundation with which to have a fighting chance. I personally wish the EFF would get some guts and go further in their call. The fact of the matter is that I am right about my Net Neutrality argument, though certainly resolved to believe that after the forthcoming verizon ruling, that is not legally likely going to be relevant. But I think to reclaim our ability to use the internet, rather than being used by it, we need to demand that hosting servers that control our own data, is something everyone ought to be able to do from home. And in order for the residential server software market to thrive, there can't be arbitrary bullshit raqueteering loopholes like Google's new "no-commercial-servers-allowed" activity. I mean, why the fuck is it ok for residential users to commercially profit on transactions with a 3rd party like ebay, but not if they independently run their own LAMP stack and accept payment by check via USPS? I mean seriously, what the fuck?!?

[1] http://cloudsession.com/dawg/downloads/misc/kag-draft-2k121024.pdf
http://www.provobuzz.com/google-fiber-now-allows-home-servers/
http://www.wired.com/threatlevel/2013/07/google-neutrality/
https://www.eff.org/deeplinks/2013/08/google-fiber-continues-awful-isp-tradition-banning-servers
http://www.mcclatchydc.com/2013/08/01/198327/googles-call-for-open-internet.html

Rootkits part of game installations

The rootkit fiasco was about Sony BMG music discs installing rootkits when you tried to play them on a computer and had nothing to do with games.

I say music discs because said discs lost the right to be called CDs and have the CD Audio logo due to intervention by Philips.

That response from the EFF was very educational and worth reading among all the other links in this article. I learned that companies don't really have to go around and actively defend their trademark in court or risk losing it. And I also confirmed my suspicion that no company needs to be ensuring that every time somebody uses their name ("mark") that they have permission.

Here's the link again in case you can't tell which one I'm referring to.

Wikileaks has leaked the secret text TPP (Trans Pacific Partnership). It reveals the TPP creates patents on surgery, limits access to medine, makes patents broader and tougher, extends copyright even longer, restricts fair use, makes damages even larger makes circumventing DRM illegal (but with exemptions for government spying) and creates a parallel judicial system for prosecuting IP infringement.