Slashdot Mirror
Safeguarding Data From Big Brother Sven?
An anonymous reader writes "Now that the Swedish government (in its infinite wisdom) has passed a law allowing them to monitor email traffic, a question that I think a lot of people are asking (or at least should be asking) is: 'What can I do to improve my privacy?' The answer is not obvious.
So, what are the best solutions for seamless email encryption, search privacy, etc? What are your experiences with PGP vs GPG vs ...? In this day and age, why is the use of this type of privacy technologies still so limited? Why isn't there a larger movement promoting the use of privacy tools? Also, what is in your opinion the largest privacy concern? Search tracking? Email transfer?
I believe this is an interesting question not only for Swedes, but for everyone. Lots of traffic is passing through Sweden, but more importantly, the Swedish government is not alone in using this type of surveillance."
Reader j1976 writes with a related question: "For most users with email addresses within large organizations, implementing their own email encryption scheme is not feasible, partly because of the technological aspects, but also since users in organizations often do not have administrative access to their workstations. What can an organization do, centrally, to lift the burden of encryption from the users? Are there any transparent schemes for email encryption which could be installed for the organization as a whole?"
Stop using email. There are already 17 reasons for that.
I wonder how this affects people using Relakks. If the US intelligence agencies will get access to the data, it wont be long until the MPAA/RIAA get access to it also.
Many of the financial service companies I contracted for have only been sending sensitive mail to maybe a half dozen clients. It's reasonably easy if the two IT departments get together to establish secure tunnels at the organisation level for transferring mail between them. Doesn't protect the mail outside these of course but it's a reasonably quick solution and effective if enforced with policies within the workgroup about what is and isn't permissible in an email. Requires no extra software and is easy to set up and manage.
One of the things we need to add is SMTP over SSL. It won't prevent all snooping, but at least between 2 people that trust each other, no snooping happens on the path between.
now we need to go OSS in diesel cars
...(Of all places) there was a pretty good segment this morning regarding email encryption, even including a short interview with Phil Zimmerman. What was VERY interesting about it, to me, was the attitudes of the "man / woman in the internet cafe'" interviews they did, and how most people just "didn't care" about privacy issues regarding email. One fellow naively stated "I try to live my life in such a way that no one would have an issue with what I do." In my opinion, though, what YOU or I might consider innocuous might garner unwanted attention from government. As we are headed seemingly toward a more "European" philosophy here in the USA where the government assumes the duties of "personal watchdog" over your "lifestyle," what you eat, what you drink or smoke, what you teach your kids, etc., this would seem to be a foolhardy attitude.
Any technology distinguishable from magic is insufficiently advanced.
Because no matter what country you live in some of your Internet traffic is likely to pass through Sweden. They snoop and tell your government about your stash of __________ (insert your own illegal/grey market goods etc. here). Wala - your government has "proof" you are engaged in illegal activity and busts down your door. Moreover, you apparently haven't been watching the news regarding the change in behavior people exhibit when they know/think they are being watched.
Only terrorists have anything to fear from this! Are you a terrorist?
Yeah, it's turning into an old joke now, but, sadly (and in the words of Homer J.) it's funny 'cause it's true. Sort of (the perception, not the reality).
As for the "why are privacy technologies so limited?" question I think that probably, though not certainly, has something to do with Phil Zimmerman's experiences; I'm not sure, but I suspect that the prospect of criminal investigation puts many people off researching privacy technologies.
I think we're rather naïve if we believe, that Sweden is the only country in the Western world to do this. They're just (one of) the first to be honest about it.
As the submitter points out, you cannot be sure where your data is being sent on the route between you and your recipient. For all you know your "Dear Mom" email might go through Sweden, the US, the UK, Denmark, Russia and China even though you live within 50 km of eachother.
And your Skype call? Well, that's likely to do the same thing with its routing feature.
Your SSL connection isn't any safer from snooping - not sure about MitM attacks, but if you're just listening in, do you really need to be a MitM?
We do not live in the 21st century. We live in the 20 second century.
Linus is from Finland,/a>.
The simple truth is that interstellar distances will not fit into the human imagination
- Douglas Adams
I use s/mime and gpg. I have for years.. but I believe this is too much of a hassle for people who can't even figure out Yahoo Mail or tell the difference between Internet Explorer and Firefox.
Some time ago I suggested someone write a thunderbird extension that was a "one click" encryption setup. On clicking "encrypt" it would create a gpg key > send the pub key to a key server > and if it does not have someone elses key it can suggest thunderbird and itself to that person.
I know this is not a good way to do this, but I can't see people using pgp/gpg it any other way.
Bringing liberty to the masses. - http://freetalklive.com/
He's getting rather old, but he's a good mouse.
How about browser and mail client extensions that run a lookup on the A or MX and show the user a warning when sending requests/mail to a box located in Sweden.
Obviously it doesn't cover routes but it's a start.
Personal encryption is not widespread because most people don't know anything about security or privacy. They figure the "stuff" going through the "tubes" is safe and only the intended recipients can see it.
Then again most people only send chan letters, lame jokes and soccer practice announcements, so its not like they needed a lots of privacy to begin with.
People with a clue know what they need to do and do it. Everyone else can carry on as usual.
If you pass the SSL keys between two corporate Exchange servers, you can have all communication between them be encrypted.
However, not everyone runs Exchange, and not everyone is willing to set dedicated send/receive connectors.
SMTP over SSL/TLS would be a great thing. Its already implemented, but few mail servers take advantage of this.
hafe to hide der data in der chickens or dey'll be bork bork borked!
load "$",8,1
Why is it that avoiding "extra software" generally means leaving Windows in place? Windows and the non free software way are the main reasons privacy protecting software is not more widespread.
Political torture and murder is not funny http://slashdot.org/comments.pl?sid=581079&cid=23757591
This whole thing is ridiculous because any real bad guy is already using encryption and data hiding techniques. However....this kind of snooping is great for political purposes. You know, snooping in on the personal affairs of your political enemies and then using that info to embarrass them out of office.
EFF running story on 9th Circuit Court of Appeals ruling that email and text messages should be considered private, subscribers cannot get the ISPs to release without user consent or a warrant. At least in the U.S. email at work, as long as its 3rd party, cannot be released to your boss. Not entirely on point, but as far as privacy is concerned, this is at least a step in the right direction. http://www.eff.org/deeplinks/2008/06/new-ninth-circuit-case-protects-text-message-priva
I'm an uncultured idiot, you insensitive clod!
I've mostly dealt with SMTP encryption on the client-to-server end, i.e. in the context of preventing the client from sending the server a password for something like SMTP AUTH. I usually act with the assumption that client-to-server communication for SMTP AUTH is the only purpose for encrypting SMTP, and understand that server-to-server communication will go over the wire unecrypted.
But maybe someone can answer this. Do MTAs also attempt to use things like STARTTLS for server-to-server communication when available? Again, I've always assumed that these were only used to protect passwords, and that SMTP as used today by servers is inherently insecure. Am I wrong on this?
(Of course, whether or not some MTAs do is irrelevant, as inevitably lots won't. A lot of them don't even support STARTTLS or AUTH and nothing requires them to.)
It's too complex for most. If it were as simple as me putting code on my machine and sending encrypted emails to my family and friends I would do it. Sadly, I have to step them ALL though putting GPG or PGP onto their machines, creating a pair of keys then sending my and all of their friends their public key. Want to place bets how many of them would send their private key themselves?
If MS would simplify it and make all of this just happen. I bet that there would be a big gaping hole for the gov't to make use of. Not to mention the security holes that would go along with it as well.
-- Many men would appreciate a woman's mind more if they could fondle it
And CC all of your email to the everyone in charge of this agency. Any good patriot should do this, just be sure the nation is secure even if the email monitoring system goes down.
There is no "seamless" encryption method that will give you enough protection. Sorry.
However, there are plenty of options if you're willing to do just a little work.
Install GPG or PGP. I use GPG because I can give it away legally to my friends who are less technically saavy and it works on Linux, OS X, and Windows.
Enigmail will integrate nicely into Mozilla's emailer and automate nearly everything once you have the person's public key. It will even notice who your recipient is and automatically pick the correct key.
There is something similar for the OS X Mail application (and I have it installed) but I don't remember the name of the application. It's not as bright as Enigmail and won't figure out who the recepient is automatically and pick the correct key.
FireGPG is a plug-in for FireFox (and it works for "Mozilla" because the web browser _is_ FireFox) that will allow you to use GPG with GMail.
I have an email account in which _all_ of the traffic is encrypted because I use these tools. I never send anything unencrypted on that account.
It's not seamless, but it's not that hard and it is not very intrusive.
I do not know if I should pity you because of your government reading your emails or if I should at least feel happy for you that they are honest enough to admit it (supposedly) before starting. Either way, I doubt things are any better here in the USA.
I find it amusing that the CAPTCHA is "incided", as in this new law inciting a riot.
The reason PGP, and GPG as well, fail is because PKI is just too difficult to setup and maintain. I'm sure some nerd who lives in his mom's basement is going to contest this but the fact remains it's too difficult to do in most corporations let alone end users. Making a key, remembering the password, managing keys, revoking keys, it's all just a total pain in the ass. If you truly want secure email for the masses it has to be transparent. This is just a given. People are not going to do PKI. This is the main reason we don't have mass adoption of PGP encrypted email.
The second reason and it's to a lesser extent but still a strong motivator IMO for the lack of secure options for communication are that corporations and governments don't WANT secure applications being adopted. How else can the government spy on you or corporations steal secrets from each other if things are encrypted. This isn't paranoid fantasy land I live in. I don't think any intelligent person today doesn't know especially over the last 8 years that the governments are doing everything they can to spy on you, record you, monitor you and track you. Wether its the TSA, DHS, warrant-less wiretapping whatever we are living in a 1984'esqe society. Seamless and mass adoption of strong encryption and anonymity by the masses would *seriously* curtail their ability to spy on you and find dissidents and evil doers who read catcher in the rye. So IMO these are the two strongest compelling reasons we don't have encryption for the masses yet. Phil's ZFone project is a good step in the right direction though.
More people need to use these. Operating without a centralized Certificate Authority, GPG really depends on there being sufficient users to establish a web of trust.
I think people (in the US at least) either don't understand the simplicity of sniffing cleartext, or don't think they care. The aggravating part is that GPG can be really easy to use. Apps like Seahorse make key and keyring management trivial. There's a great Thunderbird plugin that makes signing and/or encrypting your mail no harder than it was before. (Yes, I know not everyone uses Linux and Thunderbird, but I trust GPG tools exist for other OSs/email clients)
Given a safe and ubiquitous encryption scheme, I can't think any reasons for sending text/data in the clear. Now all we need is a ubiquitous encryption scheme.
I can't remember the last time I forgot anything.
Because most average people don't understand what is going on and still have that 'i'm not doing anything wrong' mentality.
And the few that do, dont understand how to mitigate it.
That 2nd is a problem for us techies too, as one way encryption is pretty worthless for communication.
---- Booth was a patriot ----
The fact that the majority of people will happily give up all manner of private information in exchange for a few pennies off the price of a carton of milk. If the threat of identity theft doesn't make people more conscious of their privacy, I doubt the threat of their government reading their email will.
I don't care why you're posting AC
You need to use a proxy that encrypts all traffic to and from you and it. Try dipconsultants.com ...I use it and it's very fast.
True, but from the Swedish speaking minority of Finns.
Some mornings it's hardly worth chewing through the restraints to get out of bed.
...why sweden matters other than that torvalts character? My bum is on the Sweedish!Lots of traffic is passing through Sweden, but more importantly, the Swedish government is not alone in using this type of surveillance." If anything the Swedes are latecomers to this sort of monitoring. It's tough for a politician to resist that sort of power since it requires great strength of character. Our politicians in the USA are the weakest.
This is a perfect use for something like DIP Secure Browser (dipconsultants.com). It encrypt everything on disk, such as your history logs and bookmarks, there's nothing for Big Brother to see. Also, if you use it with their proxy service, all your internet traffic is also encrypted. Take a look
You are quite correct. It's scary, but you're right. The thing that is frightening is not the fact that there are stupid criminals, like my favourite example of the night-time purse snatcher with the light-up trainers, but that these stupid criminals who are not bright enough to use encryption will be used as "proof" that this new invasive law "works".
I am quite confident that this _will_ be abused. There is an established history of laws like this being abused, such as that anti-terrorist law that was used against that family in the UK with regard to someone thinking they were registering their kid in the wrong school or some such non-terrorist activity. I'm saddened to see this happening to Sweden, or to any other country. I'm fairly confident it's already happening here in the USA to a much wider degree than most would suspect.
Apparently the AC forgot that some non-San Franciscans read /. Check "17 Reasons Because" for the backstory.
Thank you. You just made me laugh.
The bum is all alone.
it is not that you don't deserve privacy, it is that privacy is philosophically impossible on a wide open network. such that giving up on the notion of privacy on the internet isn't cynical and defeatist, it is merely being realistic. in fact, fighting for privacy on the internet is not heroic and idealistic, it is simply gullible and naive and ignorant of the subject matter
if you take a large, open, sprawling network, there is no law or safeguard that can protect you from eavesdropping. forget the government for a moment, what about companies? what about technically astute oddballs? what about aspects of any country's government that does whatever the hell they want to regardless of what the goody two shoes in the legislature say? what about governments of other countries the network passes through? etc., etc.
let us say sweden instead passed a massive ANTI-eavesdropping law instead of the law it did pass. ok, are you going to celebrate? why? are there people out there who actually believe this would protect them from eavesdropping? who are you and what about the concept of a "vast open network" do you not understand?
the news of what the swedish government did is treated as if it were a ton of bricks here. folks: absolutely nothing has changed, and no law will ever protect you. ever. its called a sprawling, open network. its not a bank vault. your info, once it goes on the wire, is open season for snooping, is subject to thousands of different vectors for attack. by all sorts of entities
and there is no technological or legal to fix to that that does not also break what you like about the network in the first place: its openness. thats the downside to being open, call it a twist on the concept of the tragedy of the commons. its free for you to do anything you want... but that means it is also free for more nefarious interests to do whatever they want to to. there is no way to act against such nefarious interests that does not also somehow inconvenience what you like about the network at the same time
the solution? STOP ASSUMING PRIVACY ON AN OPEN NETOWRK IS POSSIBLE OR EVEN A VALID CONCEPT FOR YOU TO CONSIDER
seriously, get over it. privacy on the internet is a philosophical impossibility
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
A tech answer to this question may leave you wanting. The best way to protect your privacy is to make it illegal again for the government to infringe on it. Sweden is a parliamentary democracy that has to answer to the people. Organize and get involved in your government. Just don't do it over email for now.
The solution is to migrate TCP/IP to a public key system. The entire protocol.
Burn Hollywood Burn
I'll go out on a limb and predict that in 5 yrs or less time, encryption will be a 'self admission of guilt' to ALL governments.
....so depressing ;(
I really hope I'm wrong. but the trend is there if you just look.
we already have people saying 'if you are not a terrorist, you should have nothing to hide'. this is just a half step away from saying 'if you DO use encryption, you MUST be hiding something that we should see'.
mark my words.
you may think that you are out-smarting the governments but they have the money, the guns and all the power. and they're NOT about to give this bit of power (over the people) up.
if you encrypt a laptop and pass thru customs, you are FORCED to reveal your password or at the least, 'open' the disk for them to view the contents of. so tell me, how did encryption help here?
don't give me that crap about truecrypt, either. how long will it take before their border people know how to detect this?
--
"It is now safe to switch off your computer."
Sadly, not enough people care about the loss of privacy rights to change this. Look at all the people that say "I don't care, I have nothing to hide."
They snoop and tell your government about your stash of _blackjack-playing, postmoking hookers_ (I'm in the US). Wala - your government has "proof" you are engaged in illegal activity and busts down your door.
Although I agree with your comment, just putting in an email, slashdot comment, or even one of my journals can't get the FBI and DEA and whatever anti-prostitution agency to break down my door. Otherwise it seems they already would have, as although I'm no gambler, my slashdot journals often feature potsmoking and hookers. Maybe I should add some blackjack.
However, adultery is NOT against the law. Do you want your wife to find the email you sent to your girlfriend because Sweden seems to be as anti-freedom as America?
(OT but related; why is it legal for me to fuck my congressman's wife, but illegal for me to pay her for it?)
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
Some even think it a virtue to live an 'open life' and not do anything they would not mind seeing in public.
Since they are the future, it is no wonder that software vendors have little incentive to invest money in a product/feature that has no future market going forward.
Wala? It's "voila" you uncultured idiot
It is? Wow, learn something new every day. Am I cultured now, or do I need more yeast?
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
How to Speak San Franciscan - *Tears down pants* VAJOINA!!!
Stupidity only gets you so far, then you've gotta try
The Pirate Bay seems to have the right idea. Take the governemt to court, start legal procedings.
If this is anything like the other PirateBay cases i can't wait to see the legal corrispondance.
Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated up.
the swedes also took to eugenics in a big way, sterilising 62,000 people between 1934 and 1975. The link between Eugenics and Sweden's new monitoring laws is the willingness of the Swedes to trust in the communal wisdom. Big brother knows best, and to be fair, Sweden seems to have got it right, they enjoy some of the highest living standards in the world in one of the most inhospitable climates of the world (during the winter anyway). However, what's good for the Swedes is not necessarily good for other countries, especially where the morality of the political elite is in question.
prepare the survey weasels.
Users of MySpace/Facebook etc. have clearly demonstrated by their actions that they don't care at all about their privacy.
Patients have clearly demonstrated by their actions that they don't care at all about their privacy. After all they keep getting sick all the time, and visiting hospitals containing busy emergency rooms full of all kinds of undesirables - and that's just the staff!....
I think the key word, as always, is CHOICE. Do you really propose that society accept your views on privacy with an argument based on what some teenagers are willing to do on "myspace"?
Seven puppies were harmed during the making of this post.
http://en.wikipedia.org/wiki/Off-the-Record_Messaging
There are plug-ins available for it. OTR has some nice properties including the fact that messages are encrypted, but still deniable. What this means is an eavesdropper cannot read what you write, but at some later time an attacker with an unencrypted copy of the conversation cannot prove that you wrote it.
The goal of the project is to provide a level of security similar to meeting in a private place an d talking. Privacy without a paper trail.
http://www.cypherpunks.ca/otr/
Aside from the usual reason of apathy, we have a (relatively) new, technical problem with securing email: a lot of people are using webmail.
That development was a technological step backwards: moving from specialized client software (mail reader) that understands what it is working on, to a generic tool (web browser). It's hard for a web browser to be able to understand that this piece of an web page is a PGP block, and this part is just UI, and that's assuming that it even has the whole message to work with (i.e. the web server actually sends all the PGP/MIME attachments, instead of presenting a nice webby interface that presents the message parts separately).
I have heard of a Firefox extension (damn, I can't remember the name) that can encrypt and decrypt pieces of web pages or textareas, but that sort of thing is always going to be hacky and cumbersome compared to a real mailreader, so I think that puts us at a disadvantage, compared to the situation ten years ago.
Discourage webmail. Webmail is creating a network effect that is a barrier to securing email.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Live in sweden: secure VPN out of sweden first :)
Easy thing to do, really no companies however offer this service
Pulsed Media Seedboxes
all they need to do is map his circle of friends, like you said, without even knowing what was said, just by finding the identity of two people in a conversation. thats good enough for them in most espionage work, because then they just focus on other communication channels to find something unencrypted and damaging
in other words, even if your communication was immune from being cracked by the world's finest supercomputers, you essentially have no protection from their eyes on an open network. you simply have no protection. its a myth. no law will protect you. stop clinging to an impossible notion
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
When the state wants to read your e-mail, you have these choices: 'oops, it was accidentally deleted, our bad', let them read it, go to jail. If you try to 'cheat' the system by encrypting your mail, then they can simply pass a law that enforces you handing over the password. If you resist, you get X years in jail automatically even if you are innocent of the original offence. Clearly, only the guilty have secrets to hide. Or so will be the slogan the politicians will use to pacify any large resistance.
When the state no longer protects your privacy or freedom you are left to protect it yourself. Usually it takes a revolution of some kind to develop a meaningful force to fight such a powerful state. Frankly, I'm not ready to die to stop the DHS from reading my e-mail. When enough people would rather be killed than submit a password to the authority, then we can hit the gigantic reset button and start over.
In the mean time, have fun with your various political processes. Some of them just won't quit even if you kill -9 them. You gotta reboot eventually. 200 years is a pretty good uptime, really.
Instead of emailing them a message, why not put the message on your secure server and email them a link.
When they follow the link they can be prompted for a password that you have pre-arranged over the phone. From there they could securely download and read the email, or go further and download and install certificates and keys that you had created that could be used for future communication.
It seems unlikely to me that the Swedish government would bug phone calls as well as the internet - especially if neither the sender or the recipient lived in Sweden. Even if they are, how likely is it that they would connect the dots. They are probably only doing this because it is easy, low-hanging intelligence. But if you are paranoid, I'm sure you could find a way to do the initial key exchange sub rosa.
Or are you spamming ?
Nullius in verba
and it takes some legislation that some people don't like to raise awareness?
./ is not a good start. Let me give you a tip. Your politically most powerful users in your organization will probably kill the project as soon as they understand it will change the way they work. Nevermind that it would be a minor change. That's not the point. The point is they don't want to be on the receiving end of this change. Which, will **irreparably** harm your career prospects.
I've used PGP encrypted attachments for years. Works great.
SMTP over TLS is a good start. TLS is supposed to replace ssl, but who knows when that will happen. If you want to get mad-tricky, there's stunnel.
VOIP over TLS is another good start. It's not widely implemented, but widely available.
Chat can also be handled over TLS. Either through a VOIP softphone which is widely available or possibly XMPP.
If I offered TLS services for chat, VOIP and email, for a $5/month, exactly how many takers would there be? Not enough to be worth my trouble and the crypto-overhead when you get into lots of users. Which is why it isn't widely available.
As for Reader j1976, getting free advice on
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
There are search proxies to google which would guard your search traffic. Unfortunately that means you have to trust Scroogle on top of everything else, and of course, if you click on any of the results, you'll go to the target page in the clear.
Why does Google not want to provide an SSL search page? It could only be a benefit to their users.
I also have no idea why more people don't use GPG/PGP. Ease of use has come a long way, at least in Thunderbird. I find the Outlook and Mail.app plugins that are currently available lacking in the area of non-annoyance.
I like music
I try to live my life by the following mantra:
"Never write anything down that you wouldn't want to hear read-aloud in court."
That's more difficult for some than it is for me, but I still think it's a pretty good rule of thumb. And it obviously goes for e-mail, IM, SMS, paper, etc.
The border checks are pathetic, I can embed content in select system executables, in images even in otherwise innocuous text files by using nothing more complex than white space.
The only people using obvious crypto are those who oppose having assholes rummage through their private stuff. Governments are becoming glorified panty-sniffers; anybody competent can hide stuff in such a way that only expert forensic examiners would have a chance of finding it and such an examination would take weeks.
I'm not saying TrueCrypt is the answer, but the idea of plausible deniability is quite powerful. If you claim there's nothing there, and they have no reason to suspect otherwise, then you don't stand out any more than the next person.
Where it's not possible to completely hide the fact that you have encrypted data, you can always use a decoy, something that TrueCrypt's hidden volumes do very well. You want me to decrypt it? Sure. Oh noes, you can see my tax returns! Little do they know, the juicy stuff is hidden elsewhere.
Anybody with enough time and desire can find and decrypt data. The real trick is in not giving them the desire. This means looking and acting inconspicuous. Hidden and decoy volumes help this.
Only on slashdot would a positive reference to Linus Torvalds be moderated tr- um, no, wait a minute... um, wait, where am I?
Proud neuron in the Slashdot hivemind since 2002.
anything that passes onto an open network
which is my whole point
(rolls eyes)
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Think about the sheer volume of email sent every hour of every day. Who is actually reading it? Likely, governments have automatic searches for certain key words or phrases (perhaps with some sort of algorithm for finding things close to those words or phrases as well), then messages containing those particular things will be flagged and sent into another filter process, then sent to someone to actually read. And email isn't all they'd be monitoring, either. Add to that volume phone calls, internet posts and any other forms of eavesdroppable communication, and you have a completely unmanageable amount of information without some serious filtering going on. All of which means that a small fraction of a percent of communications could ever truly be thoroughly monitored.
/.), no government will ever read your emails.
Realistically, unless you write anything that you probably shouldn't be writing about in the first place or live in a country that's totalitarian in nature (in which case you're probably not on
Of course, there's always hackers looking for personal information, business secrets, et cetera. Though if you send anything of that sort in an email, you deserve what you get.
oh come on get a S/MIME cert from one of the big providers and worry less S/MIME is in outlook and apple mail... etc NO PLUGIN needed !
please simply use a standard !
http://en.wikipedia.org/wiki/S/MIME
regards
John Jones
http://www.johnjones.me.uk
I could, actually, really really, provide "encrypted" email, VOIP and chat over TLS. Easily since I already do it for myself and some family members.
If I charged $5/month for 5 addresses I'm pretty sure I wouldn't get enough takers to make it worth my time.
I'd like to hear otherwise.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
why is the use of this type of privacy technologies still so limited?
Several reasons:
Education. Most people that use email don't know what RSA, GPG or PGP is. Let alone the dozens of possible other ciphers available. These people also blissfully wandering around thinking their government is an effective, benevolent provider that keeps them safe so they don't even need encryption or privacy laws. (see: Nanny State). (Instead of the wasteful, corrupt, abusive, ignorant farce that it is.) Polls show that less than 1/4 of Americans know that there is no right to privacy (constitutionaly. The fourth amendment does not provide a right TO privacy; it only provides a right FROM search and seizure under certain conditions.) The rest of them think they have some such right and the government is upholding it, they don't need to encrypt their stuff. Besides [encryption is only for people breaking the law; if you aren't then you have nothing to hide.] lemma: People will not use something if they don't know they have a need for it or if it exists.
Ease of use. Have you ever tried to figured out how to be your own SSL Certificate Authority? or what that even means? I mean Christ, the openssl tool couldn't be any more complicated. Very few people can figure out and feel comfortable with creating, signing and maintaining keys and certificates correctly. Lemma: People will not use something that is confusing.
Guidance. Ever have a certificate/key fail to authenticate? Was the error/info helpful to somebody who doesn't understand the implementation details? No. When your VPN fails to connect or your message fails to decrypt is when I've seen some of the worst feedback presented to a user ever. We need to start practicing an intelligent feedback, one that diagnosis the problem and tells the user specifically what must be changed to solve the problem, not what the problem was. Tell people solutions, they already know a problem exists. Lemma: People will not use something that they cannot correct malfunctions with.
Standardization. PGP is not GPG. Not all mail agents support the same set of encryption capabilities. When sending a message you cannot be sure the recipient can read it no matter what you choose. As the receiver you are going to receive items that are incompatible with you. The result is pressure on ALL users not to use any encryption so that everybody is known to be using the same standard. Lemma: People will not use something [that interacts with all others] unless everybody else is using it.
Transparency. Install this, configure that, click this button, enter your password... People do not want to put this much effort into reading a piece of mail. I'm a security nut and I still hate typing my passwords the fifty times a day that I do. We need to make systems that are as transparent as possible. The user either has to never know they're using it, or they have to be expected to configure it only once and then never have to worry about it. Lemma: People will not use something that annoys them, especially repeatedly.
Too many choices. Which cipher do you want? Do you know why? Would you like RSA or DSA? How many bits? Would you like that in binary or ASCII armor? This detracts from a user's ability to be comfortable with a choice and as such they won't make one. Lemma: People will not use something if they aren't comfortable picking it.
Distribution. For PGP/GPG you need to distribute keys effectively (and transparently). This has not been solved adequately. Lemma: People will not use something that isn't available.
Economy. People do not want to pay for keys and certificates. While Verisign and others provide trusted stores where keys could be distributed the finance changes they enact are prohibitive for normal people. Yes, I know there exists free ones. But they aren't included in the root certificate databases of applications. You can add them but as I said earlier: you just crossed the line of ease of use that a user isn't going to cross
I will never live for sake of another man, nor ask another man to live for mine.
For casual messaging, the penny postcard was simple, reliable, and cheap, but no more private than a party line phone call or a ten word telegram.
680 million postcards were mailed in 1908 - when the US population was 89 million. The History of Postcards
Secure channels of communication do not remain secure when they are used for trivial reasons. Secure channels are bypassed when they introduce unwanted and unneeded layers of complexity.
To make this work and keep it simple you have to persuade all your correspondents to use and maintain the same system.
That isn't going to happen outside the institutional or corporate environment.
But on the other hand, things like factory labor in foreign countries/blood diamonds/etc, they won't outlaw those goods even though there are cases of much worse abuse when making them. Guess it all depends on who defines the word abuse and where the profits go?
Disclaimer: I am not god.
We may not be created equal
But we can be treated equal.
Revolt while you still can?
The "cat is out of the bag" as far as government electronic snooping is concerned.
Look at how "low-tech" the 9/11 attack was. Fake IDs and boxcutters.
Does anyone really believe that Terrorists are still using email and cellphones(other then bomb triggers)?
My guess is they have gone back to face-to-face MeatMeetings and good old SnailMail(with re-posting networks) in conjunction with simple codewords.
That being said, I seriously doubt all this Security "Theater" is aimed at Terrorists, if, indeed, it is more then theater. My guess is that it is all to head off the "revolution" by average citizens when they snap out of complacency.
get your computers/routers implementation of the RIP protocol so it routes around Sweden you will probably have to get it to do a whois lookup at every stage to confirm the IP address is not Swedish and this might slow your connection down
null
While I don't agree with this type of spying, the facts are simple.
Email is inherently insecure, so you shouldn't be sending anything over email that isn't already encrypted, or that you don't mind any random person reading.
Visual IRC: Fast. Powerful. Free.
Wait wait.. I got it... so lets see... the Swedish are bad when they spy on you and behave like good little socialists, but they're GOOD when they "tax the rich" like the good little socialists they are... (which includes pretty much anyone that has any means of production, their own or someone else's).
I fail to understand the hypocritical nature of socialists... its good when they fuck your neighbor, cause his car is nicer, but its bad when they spy on you so they can fuck you if they find out you've got a nice car too.
Oh well, the stupidity of the masses. Some day people might even wake up. I'm not holding my breath.
" What luck for rulers that men do not think" - Adolf Hitler
The folks there are going to get Swedened ;)
In the *insanely surreal* topic I have been reading about, where even I have been having trouble believing those whacky, *fun-loving* Swedes admiting to _this_ level of 'open society'. It still takes me until the first ad break to realise that I have been reading Privacy with a dislexic "RI" and without the "V".
-Magdalene --"there are 10 types of people in the world, those who read binary, and those who don't"
TOR and webmail...
Yawn
The problem with encryption and GPG\PGP is that most people are already totally overwhelmed by the flood of passwords they have to remember and in order for encryption you need long passphrases. Mine are 20+ characters and not even hi-security but I can't expect any user to remember such awkward combinations. I guess there will be no real encryption in email or IM until all computer users feel a personal urge to secure their privacy and make the sacrifice of remembering secure passkeys. Maybe Google should make encryption of emails and key management an integral part of their email service. But wait, it's an American company ... will never happen.
me: "OPEN. NETWORK. UNDERSTAND THE IMPLICATIONS?"
you: "well, make believe we could have an open network that miraculously acted like a closed network using miraculous so far nonexistent technology we will miraculously graft into the heart of the internet 30 years after the fact...
zzz
dude, it's very simple. it's not a technological issue, its a philosophical issue. when you have an OPEN network, you have all of these benefits that have made the internet the roaring success it is. into this situation you cannot introduce concepts of a CLOSED network that DOES NOT ALSO DESTROY THAT WHICH MAKES THE INTERNET ATTRACTIVE
get a stiff drink, think about that fact, then say something. do not try to talk about technological "solutions" that boil down to nothing more than a closed network, that thereby nullify any of the benefits of the internet. yes: you can cure the wart on your hand by cutting off your arm. but one would tend to want to keep the arm. that's what making the network closed does. get it?
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
http://www.zixcorp.com/ ?
It's a pretty neat concept. Check it out.
Well, if that government is Swedish Borg and looks like the femme fatale Annika Seven of Nine, then they can tunnel me and my data all the time...
(Seven: Ensign Kim, would you like to have sex?
Kim: (Flustered) Bwa, bwa, why do you ask THAT?
Seven: Your perspiration has increased, your pupils are dilated, your temperature has elevated, and you are emitting pheromones. Those are common indicators in your species...)
Oh, and if you want to read FANFICTION about 7 of 9...
http://www.geocities.com/voyagerbluealert/VOYORGY.html
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Exploring ones sexuality, researching substances the government deems illegal for responsible adults or expressing dissent. Those all come to mind as activities best undertaken without someone looking over your shoulder.
On the Oregon Cost born and raised, On the beach is where I spent most of my days
As I have said before, encryption is not the answer. What the Swedish authorities wanted was the ability to monitor all communications as opposed to just airborne traffic.
Encryption or not, you are still exposing your entire network of contact through your text, email, phone and IM traffic.
That's what's interesting and that's what the swedish law is all about. The rest is just the shroud to get it through.
If you can build sociograms of every citizen, you have the information and power required to do almost anything.
"So, how would you like it if we told your wife to contacted last night?"
"I know contacted you. Either we put you at gitmo or you stay quiet"
This is as disaster actually.
Taking care of ones citizenry via programs funded by the entire population for the 'greater good' seems to me to have little to do with spying on ones citizens to such a dramatic extent.
But then again you were simply looking to bash ideas you are disagree with.
On the Oregon Cost born and raised, On the beach is where I spent most of my days
In each computer desktop, laptop, and smartphone, we installed hardware encryption and a C4 charge with remote 2 tier authentication for detonation. The two tier authentication was introduced after an unfortunate mishap involving our CFO getting his arm blown off while out golfing; it turns out the detonation frequency was a maritime frequency as well.
The C4 will also detonate if a password is entered incorrectly twice. We encourage employees who are "out of it" or even slightly ill to take the day off, and require them to call IT should they ever type their password in wrong once.
We also use an operating system completely built in house with a semi AI running security diagnostics at all times, and we have live people watching the network traffic to the few systems that are actively connected to the internet. Any systems that manage to get infected (to date, none) would also receive the C4 treatment. A bit draconian, but it gets the job done. Our datacenters also have thermite-amatol ceilings designed to completely melt down/destroy the facility if it comes under attack (three armed guards 24/7 are at the red button, just in case some new tech decides to think about hitting the button.)
These recent legal developments are troublesome, and so we are modifying our policies to stay current with the times. We now use hidden encrypted volumes as standard, with encrypted data set to degenerate into false data should a kill password be entered.
Protecting the world has taught us to take our own security seriously. Hopefully, you can learn from these measures and take the proper safeguards for your own facilities and equipment (remember, the answer is always hardware encryption and C4. Red Herrings can come and play too.)
Thank you,
Ortega Starfire
CTO, Hoffman Institute
For The Advancement of Humanity
(And you thought D20 Modern+Dark Matter wasn't fun! Just try breaking into my datacenter! I've killed the last 4 parties that tried! Bwahahahahahaha! Oh, and MGS gave me some more epic ideas to turn a datacenter into a modern dungeon deathtrap of epic proportions. Fear my microwave beam hallways with camera guns, halon filled halls, electrified floors, and laser tripwires!)
---- Liquid was a patriot ----
Just pick up the phone and call. Oh, what a minute...
Hmmm, just write a letter and... ARGH!
OK, drive to the recipient and talk with them in person.
Ack, damned cameras. Nevermind, it wasn't all that important.
Who of you have read through the law? Quoting the "tabloids" is pretty stupid. Although there seems to be a lot of unnecessary flaws that even the Swedish Security Police has criticized, the intention is not to go through all private mail.
Paragraph 1 limits the SIGINT to military needs only:
"Signal intelligence be carried out in support of Swedish foreign policy, security and defense policy and external threats to the country. Activities will include the participation of Swedish participation in international security cooperation. Military intelligence may relate only to foreign conditions."
Paragraph 5.1:4
"The Signal Intelligence may not relate to data that is within the framework of police and other agencies' law enforcement and crime prevention."
So if you are a big bad criminal you need not to worry. But if you are in the nice business of espionage, industrial espionage, terrorism you should worry.
N.B
Most of "Rodinas" network traffic to eastern europe goes through Sweden... wounder how much some organistions will pay for the harwested info...
They are most interested in encrypted traffic -- the only defense against this is to throw the signal to noise ratio off the charts -- ENCRYPT EVERYTHING. EVERYTHING!
Use HTTPS whenever you can.
EMAIL YOUR MOTHER using PGP.
Reply to SPAM with PGP.
Send random data (encrypted) to your friends, enemies. Give it interesting names like ("Master Plan", or "do not let fall into enemy hands").
Have them waste so many resources trying to decode this stuff (and they can try -- the Swedish have one of the largest supercomputers designed to crank over crypto).
They will eventually give up and go home.
FREEDOM!
I really don't understand capitalists. At one second they are ranting about socialism when the government keeps people from starving in the streets, but when a bank has a bit of trouble they expect the government to come in and save it. They defend the right to own property, but say that a vast segment of the world's population having no property is not a violation of their rights.
Inventions have long since reached their limit, and I see no hope for further development.-- Frontinus, 1st cent. AD
Sometimes I think the best bet would be if everyone would just add a footer containing a random selection of OMG terrorsistics think-of-the-children type words and phrases. Basically raise the noise floor to the point where wiretapping, snooping et al become exercises in futility.
Socialism refers to a broad array of ideologies and political movements with the goal of a socio-economic system in which property and the distribution of wealth are subject to control by the public.
Authoritarianism means a form of social control characterized by strict obedience to the authority of a state. Hence, the term has similar meaning with totalitarianism, with the latter being an extreme case of the former.
Very simple solution to all of this:
Step one: Produce a shared-secret key that is a gigabyte in size and get it to the other party via a secure medium.
Step two: XOR your secret message with this shared-secret key, beginning at some random address within the shared-secret.
Step three: Encrypt the XORed message with the usual mechanisms.
Step four: Email the thus-encrypted message.
Step five: Call the other party and tell them the beginning address within the shared secret key, speaking in some kind of predetermined code language.
Now, when some idiot government agency tries to decrypt the damn thing, they'll fry all their computers trying to brute-force the PGP or GPG or whatever encryption, only to end up with garbage no matter what they do. And there is NO way that they can brute force the shared secret since it will always be the same length as the message.
McCain/Palin '08. Now THAT's hope and change!
I'm sorry to interject, but... HE'S BEING FUNNY. Say "WALLAH!" in a really loud, comic accent, and you'll see what I mean. What was the policy... Assume good faith?
He's supporting Big Brother ...
I actually hate this kind of people.
They ASK for RIGHTS, but they won't FIGHT to conserve their POWERS. ( And when I say "fight" I actually mean even get your ass out of the chair )
They are supporting the biggest cancer technology has, and then complains about it and asks for improvements from the Free Software People, while he's not supporting us?
He installs Windows, and then "fixes it" by adding ClamAV, Firefox, Gaim, Thunderbird, Open Office, etc, etc, etc.
Get your head out of your ass. If you want the benefits from Free Software actually USE IT and support it, give back what you can to the comunity, publicity, money, code, what you can.
WTF am I doing replying to an AC at 5 A.M on a Friday night?
Simple.
1. Create an email account on a foreign server, located in a country that respects privacy.
2. Always use https to connect.
Unity in Diversity
Yes, listen to this AC and wala - your appearance is that of the cultured.
She made the willows dance
Questions like freedom and privacy take up rather a lot of space on /. - I suppose it is because a large proportion of the readers are young, and young people are still struggling with the big questions in life, where older people will have moved on to the practicalities of everyday life. The fact of the matter is that there is only so much one can do about these things anyway, and that not everything is either black or white. It is not a matter of total freedom or no freedom, total privacy or no privacy; 99.9% of us simply want enough to get by plus a little extra.
Is IMHO among others: Most people totally underestimate the power of mathematics and CS.
Yes, swedish socialists untie :-)
You have just made an excellent example without knowing it. Imagine someone who reads your post and is just a little bit unsure if sweden really is that socialistic singularity of evil (well it cant be an axis if we are alone).
They can either take your word for it and just assume that Sweden is a completly authoritarian socialist society with the police sending wealthy people to prison, neighbours being chased down the street for turning up in a Lexus
or... they can look up information... but would you really like to look up information regarding socialists (or where they communists?)... I dont think so, you would not like anyone at NSA thinking you are a socialist would you? Stay away from certain things, dont think and you'll be safe.
It is obvious you dont now anything about Sweden so why comment? We had laws in this country protecting the individual before your continent was even discovered (Alsnö stadga - 1280AD). One of the reasons this terrible law even made it into the international news was that we where shocked, it was completly against our traditions as a free market democracy with a bit of what you call socialism: healthcare is free for anyone. School is free even at college/university level.
I suppose this is bad, but as a conservative voter myself, I actually think that the people who are poor... they should also be able to send their kids to good schools. You should not be forced into poverty just because your parents where poor or alcoholics or whatever. (I understand that not everyone calls this socialism, but for some reason, I assume you will)
She made the willows dance
Incorrect, you mistake "the public" with "the government"... while one may pretend to serve the other or BE the other, and the public may have delusions of grandeur that it can, or will EVER control the government, make no mistake about it, those who intend to rule, will rule, and those who intend to be ruled fairly or otherwise, will be RULED... period.
I'm glad you can define terms, but in order to take from people and give to others, you require a form of authoritarianism or totalitarianism, because few would give 50% of what they make when their 40+ hours a week job is barely enough to pay the bare minimum BEFORE they are leeched off to pay for government "aid" programs. If people actually did the math of HOW MUCH they actually pay, for how much they actually get back... they'd stop paying taxes tomorrow.
" What luck for rulers that men do not think" - Adolf Hitler
I must have missed the part where I was defending the rights of the banks or corporate entities... I didn't know a piece of paper HAD any rights... Same with people who are unwilling to fight for their rights. Having the "RIGHT TO OWN PROPERTY" is not the same thing as "HAVING SOMEONE ELSE BE FORCED TO GIVE YOU THEIR PROPERTY"... And I'm not a capitalist... I'm just me, and I happen to have a wee bit of faith in that a free market works. I've lived under communism in childhood and this iron fist in the velvet glove bullshit you call "capitalism" (but is in reality a thinly veiled love child of fascism and socialism), and the ONLY thing that provides people with what they want today, and the only thing that provided the people with what they wanted back then was the FREE MARKET... note, that corporations do not operate on a free market... they operate on a dominated and centrally planned economic system... which has not a damn thing in common with an actual free market.
I don't expect you or the so called "capitalists" to understand this. The only "free markets" I've ever seen were black markets and backwater "bazaar" type markets in my native lands. Hard to explain. Personally though, I haven't forgotten how nicely "planned economies" work... I've had to wake up at 5 in the morning and stand in line for stuff before school. Came home afterwards to find out that mom and dad didn't get goods that day because the shipment ran out. Planned economies my ass.
" What luck for rulers that men do not think" - Adolf Hitler
I see no failure of logic... if you give them the right to take from you what they desire, namely the fruits of your labor, you've already granted them control over your life and the products of that life (labor, time, resources, etc) and thus you are their slave. Why should a master not be allowed to "observe" his property? (Namely, you and the others who clamor for government handouts/controls/wealth redistribution, etc.)
I for one would not want my livestock getting out of hand, and I'm sure your beloved nanny state thugs feel the same... and guess what... you suckers are THEIR property... by consent, no less (you voted, regardless of "for whom" you voted, remember that.)
" What luck for rulers that men do not think" - Adolf Hitler
Ironically, shortly after 2001, realizing what was coming in the USA, I wanted to move... and I looked at several countries. Sweden was a candidate... as was Canada. Three of my friends moved from Sweden to Japan, England and Germany, citing "less government intrusion in their lives" among the reasons. I've already visited Canada and Germany, so I wasn't exactly "impressed". (Their security people at airports are just as humorless and almost as stupid as the average TSA marshmallows I've met so far.)
Back to Sweden. Last I recall, you people have one of those lovely countries where it is GREAT to be lower income, or no income, but shit to be upper anything... great place to hunt reindeer from what my friends tell me, but you'll pardon me if I stick to Holland. :) Not that I don't like Swedish people, but it seems Holland is a bit less heavy handed on all issues.
PS - if your teachers/professors are well paid and your facilities are state of the art, either you're getting free tax money from the USA or the UN (again, USA, mostly) or someone there is getting heavily taxed to pay for those quality educations. And as for your questions, when I put myself through college, I worked, and I wrote essays and applied to a LOT of scholarships, all of them private. My government grants (yes I was one of those "gifted and talented" kids) was barely 1/4th of my expenses for my first year alone... the rest was out of pocket and scholarships. If I could do it, even though my parents came here with not a dime to their names and kids in tow, I'd say you can do it. Education didn't help them, it wasn't recognized. They did, however put their minds to use and built a business in an emerging market, a business, may I add, that was completely unrelated to their fields of studies in their communist homeland. Failures didn't stop them... and if they could raise funds mowing lawns and washing dishes in restaurants despite having Masters degrees, what's to stop you people from stepping on your prides and getting something done? Oh wait, must be Tee Vee watching, or gods only know what... I can't say for sure.
Now excuse me, I have coffee awaiting me... good luck to you.
" What luck for rulers that men do not think" - Adolf Hitler
There used to be some semi-proprietary mail transfer agent for linux, possibly a proprietary fork of sendmail, that looked checked a list of public key servers against the destination addresses of any unencrypted email messages that it had to deliver, and do the encryption automatically before transfer the message to the downstream mail server. That way, you never had to think about encrypting outgoing email.
I think the program was called "Aardvark", but I didn't find it from a web search.
Wallah, arabic for "I swear to God" (litteraly: "By God"). And the french is Voil`a you uncultured idiot.
They had real IDs! All 19 of them were in this country _legally_ and had no problem getting _real IDs_. Read the 9/11 report!
All this BS about producing better IDs doesn't help us, it just helps the government put us in their databases.
-molo
Using your sig line to advertise for friends is lame.
Stop using me as a cliche, dammit
I believe you may already know but, because if you pay for it: then pimps step in and abuse girls to do it.
None of the hookers I know have pimps. They don't need them - they have enough regular customers that they don't even have to walk the streets. And if the practice were legal, there would be no need for pimps. In fact, like marijuana, if the practice were legal all the problemas associated with it would go away. Since they ended alcohol prohibition, although people still overdose and have accidents while under the influence, nobody dies from poisoned whiskey and there aren't gang wars over it.
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
Neither pot nor hookers are enough of a motivation for any agency to do anything. Even if you're a dealer, you only run the risk of being caught up in one of their dog-and-pony show netting operations they use to show the public they're actually doing stuff and not sitting around eating donuts all day. They're certainly not going to monitor internet traffic for such commonplace things.
Now, if you started adding words like "Bomb," "President," "9/11," "Jihad," "Allah," etc. randomly to your journals and posts, then we'll see how quickly a three-letter agency kicks down your front door.
I was pointing out that socialism is not to be confused with authoritarianism, in reply to DaedalusHKX's assertion that loss of civil liberties is somehow intrinsically related to socialism.
And just so we're clear: communism is not socialism; communism was a particular totalitarian form of socialism.
There is a small startup called Poosty which aims to bring encryption to the less tech-savvy masses. You sign up with your existing email address and mobile number, and they claim to provide easy-to-use 1024 bit encryption for a free account, 2048 bit encryption for "Pro" subscribers. The company is, interestingly enough, based in Stockholm, Sweden. https://secure.poosty.com/
I removed my email from spray.se (lycos is the owner) to ymail.com.
I even decided to PAY yahoo for their premium service. Its peanuts at the current USD rates anyway.
yes I know they read the communications anyway but since they LEGALISED it, fuck the nazi swedes. I know exactly what they are like: I lived there for a decade.
-1 Moron.
You apparently have no clue whatsoever.
Yes. I live in Sweden. We currently have a right-wing government. Even though our conservatives don't go much further right than U.S. Democrats, they are definitely not socialist.
Just FYI: Your friends have been pulling your leg. You don't hunt reindeer. At least not in Sweden. They are herded like cattle.
Why not just write it in a code, like the Navajo?
In fact, the french is "Voi lá" which literally means "see there" or in more common english, "there it is".
+Raider of the lost BBS
These are also the people leading Sweden currently, where are all these scary socialists?
Interesting... so lets see... socialists basically live by the principle that "society" is more important than any single individual. If society prospers by basically owning and dictating to all, and occasionally slaughtering the "undesirables", society as a whole gains.
Interestingly, the same worship of the group rather than respect for the individual is part of Christian Right Wingers (who LOVE to use government power to dictate to others what to think, how to think, how to live, where and why and even IF to live)... "social conservatives" are merely religious fanatics of other bents, who are usually the types that desire to use government power to oppress their neighbors...
And "liberals"... sorry, did I miss something? As has been par for the course, most of the old communists and socialists have "evolved" to be "social democrats" or "liberals" or "progressives". Perhaps you ought to do your homework. Sweden is famous for being one of the most heavily socialistic nations on the face of the planet. Even Japan and most especially England, barely come in second... mostly due to the taxes and heavy social controls exhibited in Sweden.
As a trio of my Swedish acquaintances told me when I sought to move there, years ago "you would be crazy to do so, even we're moving out, and we approve of the politics!"
" What luck for rulers that men do not think" - Adolf Hitler
I'm starting to think that more server-level encryption will be the way of the future. With running a site comparing Australian web hosting plans, perhaps adding more detailed encryption categories will promote their use.
And he finds what you say, think and do very interesting.
Seriously, you think the United States does not have any enemies? This naive thinking is why the USA has been losing the #1 spot.
And then you wonder why your job is being shipped overseas.
The only reason they have money guns and power is because they have privacy. If the US gives up privacy, the US will lose the war on terror, why?
Because you cannot win a war without security and you cannot have privacy without security. In an environment where nobody can communicate, not even the governments, what do you expect to happen?