Slashdot Mirror
Tunisian Gov't Spies On Facebook; Does the US?
jfruhlinger writes "Tunisians logging into Facebook encountered extra JavaScript, probably a sign of their repressive government's attempt to spy on them. The question is: does the US government do the same thing, just more subtly? We're not talking about agents friending you on Facebook to get more information about you; we're talking monitoring your supposedly private information behind the scenes."
Amendment IV - The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Clue:
If it were private, your information wouldn't be on facebook in the first place.
Have you been off planet for the last year or two?
Sig Battery depleted. Reverting to safe mode.
It should be assumed that any information you post on a system that doesn't belong to you (and even some that do...) is being peered at by someone that wants to put their nose where it doesn't belong.
We used to live in a society where a comment like 'Oh, but why would they look at you if you're unimportant?' would have been valid, but with the ever-encroaching nemesis of data mining and algorithmic analysis making itself part of our daily lives you have to assume that, at any moment, every transaction you make is being scrutinized.
Your Rights Online: Tunisian Gov't Spies On Facebook; Does the US?
Silly submitter, the government doesn't spy on Facebook, the government uses Facebook to spy on you. Now that the typical Slashdot pedantry is outta the way, isn't the whole point of Facebook to spy on people anyway?
I'm not sure whether any Government, or perhaps every Government, is monitoring or "spying", if you will, on citizens and non-citizens alike. But I am sure that you are a fool if you think they cannot, or if not them, then someone. Aggregation of personal information is the real purpose of the internet, just because it took 20 years for everyone to figure that out doesn't make it any less real, or inevitable. Take care of what you post, and where, and assume it can all be on CNN tomorrow morning. it's that simple.
Not true. HTTPS works quite well against a rouge ISP. Where it fails is with a rogue Certificate Authority willing to sign bogus certificates. If you can get a CA to sign your bogus certificate, then you can execute a main-in-the-middle attack against HTTPS.
http://en.wikipedia.org/wiki/Operation_Mockingbird version 2.0 would be their game.
To shape, fake, twist, bait and id any and all that have exposed their operations in the past or might sway larger groups of people.
The real skill is to twist or change any statement of past fact or a projected path.
Also a good place just to watch what gets traction and what was never picked up by the herd.
In other parts of the world, getting a friend with the security emblem can send a clear and final message. The FBI would be looking for a way in to 'groom' a group for domestic press exposure.
Anyone into peace/anti war protests would be very fair game.
As twitter showed, they now seek the ip's, in US courts. The subtly aspect of past direct 'news' forming is now more a chilling 'we can find you' anytime.
Domestic spying is now "Benign Information Gathering"
Do mammals of the family Ursidae deposit fecal matter in areas of arboreal vegitation?
There's a reason that almost all browsers have controls to enable/disable java and/or javascript. Programmers who have used these languages normally understand why you don't want your browser to automatically execute code downloaded from strangers, and browse with "scripting" disabled. Maybe we can teach others to do the same. If you tell us here which browser(s) you use, we can probably tell you where the controls are to turn off the execution of outside code. If you browser doesn't allow this, you should probably use a different browser.
Some browsers, such as firefox, have the ability to enable/disable scripting selectively for specific sites. Those browsers are much safer than the others.
(And to the geeks here: Yes, I know you know all that. I'm talking to the large part of the population who don't seem to know it. This obviously includes whoever wrote TFA. ;-)
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
the US is the biggest spy in this age and has been for since wo2. Off course they fuck us. This question is truly naive. Hell, this one would be the one question that proofs that: 'there are no dumb questions' is just wrong. There are dumb questions. This is one.
Alternate Headline: Tunisian Gov't Spies on Facebook; Does Spain?
only if the US tells them to.
rewriting history since 2109
We're talking monitoring your supposedly private information behind the scenes
Well, here's the thing about US law (for better or worse, I'm just explaining it as I understand how it actually operates) is that there is no constitutional reasonable expectation of privacy in Facebook stuff, since my assumption you have already shared it with others (if only Facebook Inc). This is called "the third party doctrine", since it covers only information that an individual has voluntarily disclosed some third (non-government) entity. See, e.g. United States v. Miller (1976):
The Fourth Amendment does not prohibit the obtaining of information
revealed to a third party and conveyed by him to Government authorities,
even if the information is revealed on the assumption that it will be used
only for a limited purpose and the confidence placed in the third party will
not be betrayed.
The long and short of this is that the act of transmitting to Facebook establishes that you have no REP in whatever you transmit. A lot of ink has been spilled in debating the doctrine, both legally and normatively but that's past the scope of this post so I'll just point you to an article criticizing the doctrine and one defending it. Both contain excellent overviews of the law and the surrounding doctrinal argument.
More interestingly, however, Congress stepped in to provide even more protection than the Court when it passed the Stored Communications Act that provides an intermediate level of scrutiny past the normal scrutiny that attaches to any criminal subpoena[1]. In the SCA, Congress requires the government to prove "specific and articulable facts" that the information is relevant and material to a criminal investigation. That would be the standard applicable to a subpoena to Facebook.
Of course, if Facebook wanted to disclose information voluntarily, that would be well covered by the Third Party Doctrine (as it exists) except to the extent prohibited by the Facebook TOS.
[1] That would be, approximately, 'reasonable possibility that the materials sought will produce information relevant to the investigation'. See, e.g. United States v. R. Enterprises (1991) and FRCP 17.
[2] 18 U.S.C. 2703(d).
HTTPS works well even when ISP's wear makeup?
"I do not agree with what you say, but I will defend to the death your right to say it"
Tell that to the guy who has his cell phone rummaged through without a warrant. And tell it to the the guy who has a GPS tracker attached to his car without a warrant. Tell it to the guy who has his computer searched, with anything found being prosecutable, whether it was what the warrant specified or not. Tell it to the people whose cars (and possibly even persons) have been subjected to airport "naked body" scanners from vans on the street without--you guessed it--a warrant. Tell it to the people whose Internet information is handed over to the government willy-nilly without any kind of warrant. Tell it to the guy whose cell phone signal is geo-located without a warrant. Tell it to 94 baseball players whose drug results that were obtained without a warrant.
The list goes on and on. The Fourth Amendment is a joke today. I know it, the government knows it, and apparently you didn't get the memo. It's at the point where we need to pass a new amendment that basically says, "Goddammit, we mean it." Realistically, it's probably never going to change because too many people stupidly think that 1) if you're innocent you shouldn't have anything to hide, and 2) it could never happen to them.
Of course not. The US government isn't going to go through the trouble of having ISPs insert malicious Javascript, when they can just send a few agents over to Facebook (and/or the ISPs) and set up a tap sending all data directly to the NSA instead. A lot more reliable and less detectable by the victim.
The Yakima NSA listening post has been under expansion for years. Google hid work on the center by removing the huge dirt piles from their history in ~2005 A fire inspector leaked that the center was over 40 stories underground, this is before the expansion. The complaint from the Yakima tribe about dirt dumped on their land has also been deleted,
Tunisia was blocking https connections to www.facebook.com.
You are posting to a public gateway and then are afraid that someone is treating that data as public - how dare they!
Really, it isn't private communications and, as such, there is no need for a warrant or anything for anyone to get at it. This is data mining, not spying, and is done all the time. I bet there is a web crawler somewhere on this planet that is "spying" on this post on slashdot too - there is no fourth amendment rights to information you broadcast to everyone on the planet, indeed I do not even see how there could be.
------- Sorry about the spelling, I suffer from two problems. Dyslexia makes it difficult to spell well, lazy makes it