EFF Launches Surveillance Self-Defense Site

← Back to Stories (view on slashdot.org)

EFF Launches Surveillance Self-Defense Site

Posted by samzenpus on Wednesday March 4, 2009 @07:57PM from the protect-ya-neck dept.

justin.foell writes "The Electronic Frontier Foundation (EFF) has created a Surveillance Self-Defense site. Created with the help of the Open Society Institute, the site intends to serve as a how-to guide for protecting your private data against government spying. From their press release, they 'aim to educate Americans about the law and technology of communications surveillance and computer searches and seizures, and to provide the information and tools necessary to keep their private data out of the government's hands.'"

24 of 94 comments (clear)

Min score:

Reason:

Sort:

Workaround by psergiu · 2009-03-04 20:21 · Score: 2, Insightful

Then the government will just request the access logs from this site to see who should they spy. :-)

--
1% APY, No fees, Online Bank https://captl1.co/2uIErYq Don't let your $$$ sit in a no-interest acct.
1. Re:Workaround by L4t3r4lu5 · 2009-03-04 20:47 · Score: 3, Insightful
  
  http://www.torproject.org/
  
  Hey, actually that's a good point. Maybe they should create a Freenet site for the information... Get some more folk interested in that project too.
  
  --
  Finally had enough. Come see us over at https://soylentnews.org/
2. Re:Workaround by sakdoctor · 2009-03-04 22:25 · Score: 5, Insightful
  
  No need to bother with a 3rd party website.
  Many governments are setting up online petition sites.
  As well as giving the all important "look and feel" of a democracy, These are perfect for collecting IP/email/postcode of people who need to be watched, as well as being able to personalize propaganda to the individual.
  In other words, they already have much better tools.
3. Re:Workaround by cbiltcliffe · 2009-03-05 01:47 · Score: 2, Interesting
  
  There are already quite a few Freenet sites dealing with oppresive governments. Although it would be cool to see one by the EFF.....
  
  --
  "City hall" in German is "Rathaus" Kinda explains a few things......
4. Re:Workaround by Isao · 2009-03-05 02:59 · Score: 2, Interesting
  
  FYI, Freenet is to counter content supression. Tor supports hidden servers just fine, with much better performance.
Oblig. XKCD by TheCybernator · 2009-03-04 20:28 · Score: 4, Funny

I Know You're Listening

--
Eclipse PDE and Me
Very suspicious site... by noidentity · 2009-03-04 20:40 · Score: 2, Funny
I'm suspicious of this site. On the front page, they suggest
- Always run genuine Microsoft operating systems. Microsoft has the experience and market dominance to ensure security.
- Never install service packs. These could be spyware!!!
- Never use a firewall. This could alert the spies that you have something worth spying on.
- ...
On a more serious note, will any accesses to the site be logged by ISPs so they know who to watch?
1. Re:Very suspicious site... by L4t3r4lu5 · 2009-03-04 20:51 · Score: 3, Funny
  
  I don't know whether this is -1 Flamebait, -1 Redundant or +1 Insightful. Can we have a "+0 Brain melted" rating?
  
  Either way, they could track it unless you switched DNS server.
  
  --
  Finally had enough. Come see us over at https://soylentnews.org/
2. Re:Very suspicious site... by terrahertz · 2009-03-05 00:33 · Score: 3, Interesting
  
  Though you're already -1 Troll, it's worth pointing out that you are 100% incorrect. From https://ssd.eff.org/book/export/html/14:
  
  Avoid Microsoft products where possible. Computers using the Microsoft Windows platform are especially vulnerable as of this writing (although no operating system is immune to all potential attacks). Consider using a non-Microsoft operating system if possible. However, if you have to use Microsoft Windows and you are connecting to the Internet, your best bet is to minimize the number of Microsoft Internet applications you use â" for example, use Firefox as a browser or Thunderbird as a mail client. Microsoftâ(TM)s Internet Explorer and its email programs Outlook and Outlook Express are very difficult for even professionals to secure. Furthermore, adversaries tend to attack more popular platforms and applications.
  Keep your software updated. Use the latest stable version of your operating system. As of this writing, Windows 95, 98, and ME are utterly obsolete. You should be using at least Windows Server 2003 for servers and Windows XP for clients, with all patches and service packs applied. For Macintosh computers, use OS X 10.4 or greater, with all patches applied. For Linux and Unix, get whatever version is the most recent stable release, and follow all updates. It is especially important not to let server software versions lag behind, since servers are always on and always connected.
  Maintain your firewalls. Firewalls are software or hardware components that protect your computer or network from the Internet, blocking traffic based on network-related parameters like IP addresses and port numbers. Firewalls can protect against those who want to access your computer without permission. Configuring network firewalls is pretty tough for the layperson and beyond the scope of this guide, but you should learn how to use the personal firewall software thatâ(TM)s included in most recent operating systems.
  For more detailed information about malware, check out the Malware article in the Defensive Technology section.
  
  --
  Slashdot? Oh, I just read it for the articles.
3. Re:Very suspicious site... by cbiltcliffe · 2009-03-05 01:54 · Score: 2, Insightful
  
  Why would you think the only way to monitor traffic is through DNS logs?
  Every single packet that goes over their network has a destination IP address header. Just flag and save anything that's destined for 216.187.103.169.
  The site uses virtual hosting, so sure it'll end up with lots of false positives, but those will be people who did something else wrong, so we might as well watch them, anyway.
  </evil government goon>
  
  --
  "City hall" in German is "Rathaus" Kinda explains a few things......
Quis custodiet ipsos custodes? by mudshark · 2009-03-04 20:43 · Score: 2, Insightful

EFF! That's who.

Nice site, has thorough and accessible explanations of things that the non-geek-yet-somewhat-paranoid digital populace really need to get clued up. The section on FISA, particularly the Beyond FISA page, is a must read. That Fourth Amendment sure was nice while it lasted....

--
In other news, astrophysicists have announced that they now know what all that dark matter is: it's stupidity.
1. Re:Quis custodiet ipsos custodes? by BrittanyGites · 2009-03-04 21:04 · Score: 3, Interesting
  
  In the section on encryption they note that your lawyer may get you your hardware/data back after seizure. If you do, DON'T use it without taking some precautions that it hasn't been tampered with. Quite what precautions, I'm not sure.
  
  --
  Ian
2. Re:Quis custodiet ipsos custodes? by L4t3r4lu5 · 2009-03-04 23:53 · Score: 3, Funny
  
  - Remove the file / drive with the encrypted information from the computer you had it installed in originally and put it in a "sheep dip" station with only a CD drive and no other storage. Boot a linux distro from CD and scan for malware using paranoid settings under heuristics.
  - Put a second drive into the machine, and boot from CD again. If you need Windows, use Bart or WinPE. Use the software you used to encrypt the data to decrypt it to the second drive. Remove old drive and destroy.
  - Re-encrypt decrypted data on new drive and secure-erase space on old drive before destroying it. Carry on as normal.
  
  If what you had on your drive is still encrypted and unviewed by The Powers That Be, you've probably spent a couple of years in prison for the trouble (at least in the UK). I hope it was worth it for those private pictures of your wife and your CV.
  
  --
  Finally had enough. Come see us over at https://soylentnews.org/
Biggest problem: Defaults are mostly insecure by muckracer · 2009-03-04 22:17 · Score: 5, Interesting

I commend the EFF's good efforts and their attempts to protect 'We the people' from, well, other men in the middle. However, as valuable as the information is, it will have little to none tangible benefit. The users reading those pages in the first place are already the one's interested in such technologies, probably already use some of them and are generally not the target group. The big mass of people will never read these pages, nevermind implement the solutions laid out there. Thus they force even the privacy-conscious to remain unsecured in their communications with them, as both sides need certain setup's (encryption etc.).
So the real question is this: How do we not just get a nice write-up about what we *could* do, but how do we get these features activated by default?
For example, AFAIK none of the popular Linux distributions enables IM (OTR) encryption out-of-the-box. Why not?
Why have we still not come up with a way to enable opportunistic encryption for e-mail (think GPG in the background without user intervention), as well enabled by default?
etc.pp..
It is the experience of every geek, that most 'normal' people leave things fairly alone and just try to use them as they come. Since most OS' and program's defaults are insecure, it is, IMHO, one of the primary reasons that everything is so easily monitored, stored and...eventually used against you.
Here the Linux distributions could make a dramatic impact overall and I would welcome something like an official "privacy-year", where the distros focus less on cramming the latest .0.0.0.1beta version on the disks, but make a true effort to secure their shipped communication-related programs. If usability-issues exist, they should also be addressed. That, and only that, would make any kind of real-life difference: Make security and privacy the default!
1. Re:Biggest problem: Defaults are mostly insecure by Ihmhi · 2009-03-04 23:04 · Score: 2, Insightful
  
  Wouldn't that NSA Linux distro have this kinda stuff enabled out of the box?
  This would be a great marketing scheme - the "Paranoid PC" with all kinds of anti-snooping and security software good to go.
  
  --
  Random Thoughts From A Diseased Mind (Not For Dummies)
Stop whining by acongos · 2009-03-05 00:37 · Score: 3, Funny

gah, if you have nothing to hide then you shouldnt have any problem with the government seeing what your doing on the internet. The only people who want to hide what their doing are the ones who have something to hide
1. Re:Stop whining by Anonymous Coward · 2009-03-05 00:57 · Score: 2, Insightful
  
  Yes, i hope you enjoy your laptop / hard drive being stolen along with your private information, including your login for here.
  There are legitimate reasons for encryption.
  EVERYONE has something to hide.
2. Re:Stop whining by cenc · 2009-03-05 01:10 · Score: 5, Insightful
  
  My father was an attorney. People use to call him and say things like, "they can't put me in jail".
  My father would ask, "where you calling from"?
  They would say, "jail".
  Guess they can put you jail.
  
  --
  Living in Chile
3. Re:Stop whining by Attila+Dimedici · 2009-03-05 03:24 · Score: 4, Insightful
  
  gah, if you have nothing to hide then you shouldnt have any problem with the government seeing what your doing on the internet. The only people who want to hide what their doing are the ones who have something to hide
  My problem isn't with the government "seeing" what I am doing on the Internet, it is with them looking for no particular reason. Suppose the government starts looking at your online posts and discovers that you said unflattering things about a member of Congress and now you get an IRS audit. You didn't do anything wrong either in your post or in filing your taxes, but a tax audit is still a royal pain.
  
  --
  The truth is that all men having power ought to be mistrusted. James Madison
No Freenet? No hardware encryption? by BenEnglishAtHome · 2009-03-05 02:06 · Score: 2, Interesting

It's a fine site with lots of good information. But it skips some things that people interested in privacy should probably know about. I see no mention on the site of Freenet or the concept of darknets/opennets. The section on disk encryption doesn't mention hardware-based solutions at all, even though they are about the easiest for a non-geek user to implement.
Good start. Keep it up, EFF.
Wait a minute...I thought... by joedoc · 2009-03-05 02:25 · Score: 3, Funny

Hey, I thought all the spying on citizens would end once the Bush Administration and their minions of fascism were chucked out of office?

Did I miss a memo from the new bunch, or what?

--
Joe Dougherty, Florida, USA
The words I thought I brought, I left behind. So, never mind.
1. Re:Wait a minute...I thought... by Attila+Dimedici · 2009-03-05 03:29 · Score: 2, Insightful
  
  See, you had a serious misunderstanding, spying on citizens is only bad when Republicans do it. When Democrats do it it is good. Just like not paying taxes is bad when Republicans do it and is reason to not get confirmed to a Cabinet post, but when a Democrat does it, "No big deal".
  
  --
  The truth is that all men having power ought to be mistrusted. James Madison
2. Re:Wait a minute...I thought... by lawpoop · 2009-03-05 13:28 · Score: 2, Informative
  
  Just like not paying taxes is bad when Republicans do it and is reason to not get confirmed to a Cabinet post, but when a Democrat does it, "No big deal".
  I seem to recall that when an Obama cabinet nominee has a tax problem, they have to step down. However, in the past decade or so, when, say, DOJ attorneys are illegally fired, or gay male prostitutes are brought into the whitehouse as fake reporters, the media ignores it, and anyone who brings up the subject is said to have "Bush Derrangement Syndrome." Kinda like in the Soviet Union where those who didn't believe in communism were labeled as mentally ill and sent to Siberia...
  
  --
  Computers are useless. They can only give you answers.
  -- Pablo Picasso
it still baffles me by circletimessquare · 2009-03-05 03:28 · Score: 3, Insightful

why people talk about privacy in relation to anything that happens on the internet
i'm not talking about government policy, i'm talking philosophical reality
if you put something on a wire, beyond your control, its no longer private. beginning and ending of discussion
but since most of what gets put on the net is willingly understood by most people as not private, since it just is detritus of their lives, not vital life-altering information, this is not a big deal
if you want privacy, take an airplane, and take a walk on a beach with the other person so the crashing surf drowns out the conversation beyond 2 meters
anything else, especially on the internet, can be spied on, and not just by the government. if you bound the government to draconian privacy laws in 72 bold font written in the blood of a virgin, they would still spy if they thought it important enough, and we aren't even beginning to examine other culprits: IT personnel, hackers, cable/ phone infrastructure employees, competing business interests, random busybodies, etc
and guess what? this arrangement is perfectly fine for all non paranoid schizophrenics, since most of what is put on the internet can be easily compromised without compromising your life
that's the real issue with privacy on the internet: give it up when you hit click
once you put it on a wire, its beyond your control, and beyond the philosphical realm of privacy
why does the concept of privacy even figure in with that arrangement in some people's minds?
you are communicating, across the wires of a corporate interest, across international boundaries often, with governments keen to mine data, usually involving destinations who want to sell you advertising via profiling, which you found with a search engine which keeps tabs on you...
abnd you want to talk about even the possibility of privacy in this realm?
really?
why isn't it just understood that privacy is forfeit on the internet?
and this is FINE. if its really important to you, KEEP IT OFF THE NET. there: a surefire personal privacy policy

--
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it