Domain: prism-break.org
Stories and comments across the archive that link to prism-break.org.
Comments · 30
-
PSA for Americans and others
PRISM has several techniques you can use to escape. most are FLOSS. https://prism-break.org/
-
a fork for forks sake
eelo is going to be forked from LineageOS
...and thats where I stopped reading. Lineage is a stable, excellent fork of cyanogen that already supports everything Duval wants. fdroid provides floss apps and adblocking, and even access to Edward Snowdens Guardian repositories for things like secure browsers and newsreaders. As far as web services go, you choose to use them. there are decentralized alternatives to Facebook and Twitter already supported on smartphones tablets and PC. It sounds like this guy is too lazy to look for alternatives.
https://mastodon.social/about for open source twitter
https://joindiaspora.com/ for open source facebook
https://prism-break.org/en/ for secure floss alternatives
https://duckduckgo.com/ for a search that doesnt track -
Prism break
-
Re:No App that depends on a Server is "Secure"
-
a grain of salt for the fearmongeringfrom TFA:
Even if a phone call is encrypted, the very act of making a call provides a wealth of data to spies.
implying you know what a phonecall looks like encrypted. TLS from services like signal on android look indistinguishable from any other VPN traffic you might see on the wire. Couple the phone with openvpn's client, and you have a phone that well, doesnt emit phonelike traffic at all.
non-smartphones can be viewed as superior to smartphones as they generate a smaller data footprint. Going a step further, a pager can be viewed as superior to a non-smartphone because communication on the user's end is further constrained, as well as not anchored to a particular phone line.
but that footprint is guaranteed to use public infrastructure that is readily intercepted by a malicious state actor. you no longer have a cryptographic option, or very much insight into what traffic is leaving the phone. A pager routinely hits a cell tower and emits user-identifiable data that will always be relayed through a carrier network that is part of the state apparatus for spycraft. Pagers havent been safe since the DEA realized they could intercept them during drug investigations.
Perhaps, in certain cases, the best solution is to follow the lead of Russian spymasters and simply opt out.
In some cases, yes. Do you absolutely need your cellphone on you at all times? you would be surprised how many events dont require it but its present anyhow; do an audit. For events that do require a cellphone, use your situational awareness to limit its emissions, and ensure the device as well as its traffic is encrypted. Check out Prism Break for more information on how to avoid state sponsored unlawful surveillance.
-
so to catch everyone up whos not american
NSA: we currently have to go through the secret fisa rubber stamp factory to read encrypted data. thats cumbersome, you're a criminal and we just need time to build...er...prove...it.
EFF: ok so you can read crypto...thats new...we're going to educate people on crypto...the strong flavor....
NSA: thats probably evidence of a crime...people shouldnt hide things they dont...
Google: we just upped our ssl cyphers...so...up yours.
NSA: guise...come on...just because we can read SOME crypto doesnt mean all of it...we have to tap googles data centerrrrr-
Google: Oh? Nice. Also all our devices ship with crypto enabled. by default. for, you know. security.
Apple: Ditto....and it just works....
NSA:ok...seriously guise you dont understand...this is different. sometimes we listen to everyones phonecalls and, well sometimes there are terrorists that...
Moxie Marlinspike:sshhhhhhh...redphone....from whispersystems...
NSA: arent you locked up in an airport somewhere? er...no. you still dont understand!! damnit we need LEGAL access to snoop on encrypted data now theres just too much...
Tor: hey.
I2P: hey guise i heard you like crypto
cryptocat: M30w
NSA: wait....just hang on we need to get together and talk about this, its just a big misunderstanding this is about security.
DefCON: is it, NSA senpai? you've changed. I heard Schneier-san thinks youre baka.
NSA:ITS NOT ME ITS SNOWDEN! hes the real traitor and that AARON SCHWARTZ is trying to CHELSEA MANNING the FREEDOM!!
The Community : I'll just...leave this here.... -
Re:Soo soo tired.....
Between ignorance and despair is action...
Start down that road, and you'll discover many a companion. Don't lose hope.
Here's one example . I'm sure there would be many others. -
largely a procedural encumberance.
If a warrant is required, its generally granted. If its not granted, the FISA courts could be used. and if the FISA courts with their 99% rate of acceptance should fail, then most multinational corporations have no objection to forfeiting every document youve written and word you've uttered to local state and federal authorities on principal. In some cases, like telecom, theyre outright exempted from prosecution through blatant legislative mandate and their own kangaroo system of arbitration courts. in others, you'll never know they were the ones to divulge your information thanks to a rats nest of NDA agreements and lack of transparency.
Looking to congress and senate to ensure your security and freedom on the internet is as blind and misplaced as looking to the executioner to ensure your meals at the prison are healthy. https://prism-break.org/ is a collection of open source projects and applications with the altruistic, express intent to preserve your security and safety. Its not governed by politics, or election cycles, or "terror." It doesnt concede to stakeholders, doesnt serve to appease shareholders, and doesnt ask for your personal information. The internet doesnt need a bill or writ of law to protect its users, because its users have been iron clad in an armory of their own device for more than 30 years. Use crypto, study privacy, and enjoy a free internet. -
A tweak is not a fix.
The real way to fix this is to pass net neutrality regulations that establish Verizon as a common carrier and clip the balls off these assholes
It goes without saying that you should be using https everywhere from the FSF. https://www.eff.org/https-ever... Its also worth mentioning that your home network shouldnt be using your ISP's wifi equipment, DNS servers, or if possible even their router. Other tools worth looking into that would subvert most most of the outright privacy violations coming from not just carriers but various governments can be found here: https://prism-break.org/ -
Re:Can we please get the fuck off TOR
>They started out on a mission to protect the internet,
> and now they have video chat,Free, non-proprietary, point-to-point video chat is good for the internet.
> targeted advertising tabs,
Not targeted, not tabs. Just user-defeatable "blank" page. And while I would totally like to see them pure from advertising, unless you can propose viable alternate forms of funding, we have to live in the world we are in, not the world we wish we were in.
> and a fat paycheck from google every month
(1) They've been taking money from google since practically the very beginning
(2) They stopped taking money from google in order to take money from Yahoo. they did this despite the fact that Google offered them a bigger check. If they have to take money from evil, at least they are doing their part to reduce the concentration of evil on the internet. What have you done?> prism-break.org
-
Re:Can we please get the fuck off TOR
What we should be doing instead of looking for corporations to help us is working to Opt out of global data surveillance programs like PRISM, XKeyscore and Tempora.
So, in other words, we should be looking for companies that operate exclusively outside of the US, and have zero connections routing through US networks?
Your first mistake here is assuming that any US-based corporation would not be forced to comply with any LE request because they are a US corporation. (And under gag order, so consumers have no idea it even happened.)
Your second mistake was using the term "opt out" when discussing state-sponsored surveillance programs, as if a single citizen ever used the term "opt in" to describe their current enrollment status.
None of this is voluntary. Not for US citizens, and certainly not for US corporations. And trying to use cost as the breaking point to shut them down is laughable. About as laughable as thinking there was ever a limit on the billions spent to build the damn thing.
-
Can we please get the fuck off TOR
TOR has never been more than an interesting proof of concept. it took a little while for the spooks to catch on, but these days theyre so good at poisoning exit nodes and injecting malicious content that TOR is less of an anonymous network and more of a cautionary tale.
You should be using I2P https://en.wikipedia.org/wiki/...
and while we're on the subject, Mozilla has gotten too chummy with advertisers for me to be comfortable with anymore. They started out on a mission to protect the internet, and now they have video chat, targeted advertising tabs, and a fat paycheck from google every month. Firefox is fast turning into the realplayer of the 21st century. What we should be doing instead of looking for corporations to help us is working to Opt out of global data surveillance programs like PRISM, XKeyscore and Tempora. -
pretty much expected.
Blackphone arguably isnt interested in real security at all, just theatre. Their phone is Android, but their entire range of security applications (the part that keeps you safe) is proprietary, closed source, and subscription based. Blackphone exists for the paranoid executive banging the mistress, the paranoid trophy wife banging the pool boy, and the paranoid celebrity with a panic room.
Check out https://prism-break.org/ for real security. The open source community has worked hard for decades to help keep you safe and secure. Sometimes we dont have the sexiest branding, but for that tradeoff you get more than a promise. you get the source. -
Re:I dropped Dropbox
[D]epending on your use of Dropbox there are far better services. If you are simply storing and sharing files with a select few then Google drive gives you 15 GB which is a huge amount of storage in comparison.
Plus with someone like Rice onboard, how long before Dropbox ends up in an incestuous relationship with the NSA?
You claim to be concerned about "incestuous relationship[s] with the NSA," yet you recommend another corporate partner in NSA's PRISM spy-ring in favor of another. Why not find/try a tool or service that hasn't already been implicated in NSA-produced documents in serving as a front-end for one or more of their "collect it all" programs? In my view, that one of these corporate partners allows you to hand over more data to the NSA than a competitor isn't a compelling argument for its use — especially when that corporation makes their billions in part by scrutinizing and monetizing anything you give them in the first place.
15GB may be "huge" in comparison to another service willing to oh-so-charitably take ownership of your data for you, but 15GB represents a mere ~1% of a typical modern HDD, or about a seventh of what I upload daily via BitTorrent. Add in end-to-end encryption and a good-availability residential Internet connection, and you can share data without utilizing surveillance-state honeypots. For tools and services that allow you to do this, the website PRISM Break is a great place to start looking for a solution that has had at least some effort put forth in protecting users' privacy.
-
Re:What else can you do?
Here is another good one I usually recommend to friends:
https://prism-break.org/ -
Re:Some good tips
Not just your operating system, this site gives you safer alternatives for most of what you use.
And maybe could be interesting to put your perimeter apps in disposable/restorable boxes, either vms with snapshots or containers, so even if they are hacked you have an easy restore point or even detection that it happened.
-
Re:Not the leaks
[I]f you gave half a shit you would google it yourself.
Protip: I found them by googling [...]
I give a shit, but I use a web search site that isn't provided by a repeat-violator of privacy laws, and a known NSA/GCHQ-collaborator. They exist — you just need to give a shit about your privacy*: https://prism-break.org/#en (See under "Web search.")
* Maybe you don't give a shit... I don't know — I'm just letting you know that there are less-intrusive alternatives.
-
Also...
... switch to alternatives like the ones proposed in http://prism-break.org/. Won't be fail safe, but will be some steps closer. And will add enough a bit of sand in the NSA machinery. In some point they will have to choose between snooping only on "easier", in the open, targets, focus in very specific people, or try to cope with the amount of people using open and with safe encryption people (and risk meltdowns because people sharing lolcats in encrypted channels)
-
Re:Commendable
I googled twice to be sure. It really makes you look bad.
True — using "go-Ogle" does make you look bad. There are a couple of search providers out there that aren't sucking government dick and selling you out for money and power — give 'em a try.
:o) -
Re:Open Source AndroidCyanogenMod replaces the bundled Android OS with the published open source version (still could remain the closed source binary drivers, phone BIOS and so on). F-Droid gives you a replacement market with open source software. And there are a bunch of good android (and other platforms) security programs and open source alternatives here.
Also in some point, for some models, will be released Ubuntu Touch, and maybe you can install on your phone Firefox OS too. Those uses android's boot (open source code, but not sure about device drivers), but what runs over there is afaik fully open source.
-
Re:List of alternatives to facebook?
Hi AC try http://prism-break.org/
Under Social networking the site lists https:buddycloud.com, https://diasporafoundation.org/ http://friendica.com/ http://movim.eu/ http://pump.io/ and the https://tent.io/ protocol. -
PRISM
Doesn't http://prism-break.org/ protect you against NSA?
-
NSA Avoidance List
Try https://prism-break.org/ for some recommendations of OS, email, IM and more.
-
Re:And we must Stop Using US Services
When/if possible, use your own servers. Here are some suggestions
-
Suggestion for alternatives...
You should look here: https://prism-break.org/
They mention a number of self-hosted cloud solutions.
-
Feedback
Worth the trouble? You should weight how much it costs you privacy vs what could cost you don't worry about it, but unfortunately, english is a bad language to realize how important the future is.
How it could affect you? You can check what have the FBI/NSA about you. You can see precedents of what NSA did with private information (if that the respect that soldiers in the battlefield deserve, good luck about you). You can see the starting trend of misusing information and how it could impact you in the future.
I think that the widespread perception of the danger is not enough... yet. But as jailing/killing the people that could inform you about the real situation is the new normal, you probably won't be aware of why you should had done it before until it hits you. Or won't have the chance, as the next salvo probably will be outlawing consumer encryption (it already started). Some of the things that you can do could be complex or cumbersome to do, but you can start progressively with this tools, taking the path of least resistance, it will protect you not just from the NSA, but from other evil people and organizations too.
-
Guns don't kill people
Is people that do, using guns. And even guns only meaning is to kill. In the other hand, Internet (or, if you want, medicine) have a lot of potential uses, that the main actual core of it locatedat the hand of a very aggresive/intrusive government and then is used to harm is fault of those companies and governments, not internet per se. What if the US government started investing in biologic weapons, fake medicines or with added elements to force people into submission and/or acceptance, we would stop taking medicines? Would be medicine evil by itself?
The cure is not to leave internet, just leave US government area of influence, here are some hints on how to do it. And if you are in US, make sure that your government is your government, not theirs.
-
Re:actually it's pretty irrelevant
Bingo, the tech community is doing it all wrong. Fight back through educating politicians and voters. Make the government work for you.
This is the worst advice I've ever read. The government is broken. If you want a job done right, you have to do it yourself. Protect yourself as best you can. See http://prism-break.org/ for details.
-
Re:It's a political problem..
That said, while it's slightly off-topic, maybe this can be useful to some:
-
Helpful guidelines from EFF
The EFF has provided an up to date list of privacy-enabling tools in the age of Prism. http://prism-break.org/