Slashdot Mirror
Schneier: The Internet Is a Surveillance State
An anonymous reader writes "Bruce Schneier has written a blunt article in CNN about the state of privacy on the internet. Quoting: 'The Internet is a surveillance state. Whether we admit it to ourselves or not, and whether we like it or not, we're being tracked all the time. Google tracks us, both on its pages and on other pages it has access to. Facebook does the same; it even tracks non-Facebook users. Apple tracks us on our iPhones and iPads. One reporter used a tool called Collusion to track who was tracking him; 105 companies tracked his Internet use during one 36-hour period. ... This is ubiquitous surveillance: All of us being watched, all the time, and that data being stored forever. This is what a surveillance state looks like, and it's efficient beyond the wildest dreams of George Orwell. Sure, we can take measures to prevent this. We can limit what we search on Google from our iPhones, and instead use computer web browsers that allow us to delete cookies. We can use an alias on Facebook. We can turn our cell phones off and spend cash. But increasingly, none of it matters. There are simply too many ways to be tracked."
use tor
cbf'd posting as anon-coward as even slashdot isn't anonymous...
Does it go on forever?
Slashdot now uses Google APIs.
And sadly most of us contributed to this. Either actively by working on some piece of technology that is enabling this, or passively by sacrificing our privacy for our convenience.
How sad it is to realize that the technology that we so much love and spend our lives working on is helping the state and big corps to spy on us.
Ghostery is a good start.
Something I wrote a couple years ago: http://pcast.ideascale.com/a/dtd/-The-need-for-FOSS-intelligence-tools-for-sensemaking-etc.-/76207-8319
"Now, there are many people out there (including computer scientists) who may raise legitimate concerns about privacy or other important issues in regards to any system that can support the intelligence community (as well as civilian needs). As I see it, there is a race going on. The race is between two trends. On the one hand, the internet can be used to profile and round up dissenters to the scarcity-based economic status quo (thus legitimate worries about privacy and something like TIA). On the other hand, the internet can be used to change the status quo in various ways (better designs, better science, stronger social networks advocating for some healthy mix of a basic income, a gift economy, democratic resource-based planning, improved local subsistence, etc., all supported by better structured arguments like with the Genoa II approach) to the point where there is abundance for all and rounding up dissenters to mainstream economics is a non-issue because material abundance is everywhere. So, as Bucky Fuller said, whether is will be Utopia or Oblivion will be a touch-and-go relay race to the very end. While I can't guarantee success at the second option of using the internet for abundance for all, I can guarantee that if we do nothing, the first option of using the internet to round up dissenters (or really, anybody who is different, like was done using IBM computers in WWII Germany) will probably prevail. So, I feel the global public really needs access to these sorts of sensemaking tools in an open source way, and the way to use them is not so much to "fight back" as to "transform and/or transcend the system". As Bucky Fuller said, you never change thing by fighting the old paradigm directly; you change things by inventing a new way that makes the old paradigm obsolete."
A 21st century issue: the irony of technologies of abundance in the hands of those still thinking in terms of scarcity.
While the W3C is always keen to push all kinds of new fancy unnecessary technology, they never cared much about security. Privacy and security should become an important part in web standard design.
There are simply too many ways to be tracked."
There always have been. We're social creatures. Try living in total isolation from society in, say, the 1800s. It was hard to completely disappear even then. Someone always knew your whereabouts even then. That's the reality of social existance. Schneier has long had a problem of being too conventional -- he sees what is, not what can be. The problem isn't that we can be tracked, the problem is who is doing the tracking, and the length of time that data is stored, and to what purpose it is put.
These are things that can be resolved through responsible legislation and public education. The fact that so far, it has been highly irresponsible legislation due in part to a total lack of education, and in part due to rampant greed, is a social problem.
The problem is social. The solution must be as well. Schneier is quite correct in his characterization of how things are now. He is not correct in concluding this is how it must remain.
#fuckbeta #iamslashdot #dicemustdie
If you don't want to be on the grid.
1: Don't use the internet. Rather that be e-mail, web pages, internet bank.
2: Don't use mobile phone of any type. Dumb-phones can be tracked just as easy as smartphones.
3: Don't use credit or debit card of any type. Since most of us need bank account. Get one that is not connected to any debit or credit card. Pay cash only. But be advised that still leaves you up to tracking. Since all stores and banks have security cameras that can be used to track you if needed.
4: Don't buy electricity or anything off companies. This is hard to avoid.
5: Live remote and not connected to anything. Then you might avoid being on the grid 99,95% of the time. I do think it is close to impossible to fall 100% of the grid due to the nature of the modern world.
The other option is to mix in with the grid in such a way that you don't get detected. That however does not matter if the authorities are tracking you activity. Since one spot (or "unit" as they prefer to call it) can be tracked easy if needed. Be that over banks, phone or internet. They got the hardware for this ability about 13 years ago. It has only been growing since then.
Not AC, since it would not have mattered anyway.
I can't see Schneier as a Libertarian since he states in the article that "Fixing this requires strong government will...". No Libertarian would suggest such a fix, which I imply to mean that this issue goes beyond Libertarians.
I once took an excursion to Reddit, and later HN. Unlimited up/down voting sucks when dealing with a hive-mind.
"...We can turn our cell phones off and spend cash. But increasingly, none of it matters. There are simply too many ways to be tracked."
Actually, the larger issue is there are simply far too many people who don't give a shit about privacy anymore.
How do you think we got to this point.
In the UK you can demand that a company gives you all the data that it has on you, they must do so within 40 days. There is a statutory maximum charge of £10, it will probably cost them a lot more than that. The amount that they would have to supply would grow every year. It might be reasonable to ask once a year; this might encourage them to purge their data and only keep recent stuff ... but this would only have an effect if enough people did this.
There was an EU idea of the right to be forgotten, I don't know where that went.
I liked it so much I liked it. ...ooops...
One technique is to spread it around. Use DuckDuckGo or Yandex for search. Use independent e-mail services. If you must do social networking, use low-volume third-layer sites. Remember that Google is now one database; your gmail and youtube use are correlated. Whenever possible use companies based outside the US. Google (USA) will tell the FBI; Yandex (Russia) will not. Sure, any fact about you is in some database. But don't let all those facts get into a single database.
That was my thought as well.. sometimes it comes down to personal awareness of the tools you are using. If you only read books from the library... surprise, they can track your reading habits. Personally, my rule of thumb is don't do anything online you wouldn't want people to know about... Yes, I'm a geek, and I also like sex, and porn... If drugs were legal, I'd be inclined to partake on occasion. I do have a couple drinks about a dozen times a year.
... you can even set your browser to clear private data on close. Disable flash and silverlight, and you've closed the gap to outside storage/tracking. The problem is that cookies and JavaScript have good purposes, and a handful of organizations abuse them... That doesn't mean that they shouldn't be allowed.
I think what it comes down to is how private do you want to be.. there are ways to accomplish this. Most browsers allow for a "clean" or "incognito" session that doesn't carry forward cookies/data
Michael J. Ryan - tracker1.info
In my opinion, we are selling out future generations for a few dollars savings and a fart app.
You think that companies knowing what you want makes things better for you. I say it mostly doesn't now and it certainly won't in the future. Companies are tracking us very, very effectively. Soon they will know such things like "89% of males of XX age asked about this" so they will show you that even if *you* haven't thought about. It is narrowing your choices, not expanding them. In the future, companies will know things like "most people can be made to do X if you repeatedly tell them Y". How will they know these things? By tracking millions of people for decades, that's how. Statistically speaking, companies will know what you can be made to do during each period of your life and they will narrow the choices for you so that you will likely arrive at the decision they want you to.
And you will think it is all your choices and your freewill but in the end there will not be such things.
I just don't have the browser save anything anymore at close. No cache, no cookies, no login credentials, no history, nothing.
Not even IndexedDB? If not, then how do you plan to use web applications' offline modes?
Well, You'll also have to disable Flash and Silverlight, since both offer offline data storage which can be used to re-establish cookies.. Also, your browsing habits can be tracked (with less granularity) by correlating your IP address with the sites you visit and the useragent over the course of a day.
Michael J. Ryan - tracker1.info
What about counter-intelligence tools? Actively distorting the surveillance data being gathered to render it unreliable.
For example: at present we delete cookies. What if we swapped them. Now a cookie doesn't have specific information about one person, it has a mishmash of unreliable data from a dozen.
It's my understanding that tracking is done by cookies. I delete all cookies 2-3 times a day, and always after logging out of Google (which I rarely log in to) and Facebook. The only downside is that I have to log in to again to certain sites but that is easy because of OS X's built-in password manager.
Cookies are just the simplest way to track you. Another common way is to use DSOs (Flash storage). And there are also several other possibilities to store identifying data.
And even if you manage to block everything, your browser still sends some identifying information by default. With JavaScript, even more partially identifying information can be collected, like screen resolution, your time zone or feature tests which might identify your browser even if you send a forged HTTP User Agent line (and the very fact that your browser line doesn't fit the JavaScript results might further help with identifying you).
The Tao of math: The numbers you can count are not the real numbers.
I am probably the lone wolf (in particular on slashdot) when it comes to being apathetic towards this sort of thing, but I don't see the point in being alarmist without documenting something specific. Near as I can tell it is a sophisticated way to to online advertising, not profiling for the KGB. This whole "tracking is Orwellian" thing, well please, what specifically are they doing with this information that is Orwellian? If they are tracking me for advertising purposes (which they most certainly are) what could possibly be more pedestrian and less alarming than that?. All it means is that there are occasionally ads that I care about (though still remarkably few at that).
And yes, there is potential to do something evil, but potential is not the same as doing. If it was we would all be in jail.
I have already written off true anonymity (years ago).
When I am in public, at work, or with friends and family, I am constrained to behave myself. There may be different rules in different contexts, but there are always rules. Some written, some not.
The Internet gave an illusion of a "rule free" context, and look what happened.
That vacation is over. Time to behave like a grown-up.
"For every complex problem there is an answer that is clear, simple, and wrong."
-H. L. Mencken
We should have known the Internet was going to become a surveillance state the day we turned the whole thing over to corporate control.
I'm trying to think...was there a lot of tracking and surveillance back before the Internet became the world's shopping mall? I remember using the Internet back then, and I don't recall a lot of trackers.
Personally, I preferred the old non-commercial Internet. It was more fun. There was no Netflix or Amazon, but there was also nobody crawling up my ass. I would trade Facebook for Usenet in a hot second.
But I don't despair. I'm confident that people will innovate for privacy again.
You are welcome on my lawn.
There certainly is a lot of truth to your point. To broaden it out a bit, here is something I wrote years ago: ... I agree with the sentiment of the Einstein quote [That we should approach the universe with compassion], but that sentiment itself is only part of a larger difficult-to-easily-resolve situation. It become more the Yin/Yang or Meshwork/Hierarchy situation I see when I look out my home office window into a forest. On the surface it is a lovely scene of trees as part of a forest. Still, I try to see *both* the peaceful majesty of the trees and how these large trees are brutally shading out of existence saplings which are would-be competitors (even shading out their own children). Yet, even as big trees shade out some of their own children, they also put massive resources into creating a next generation, one of which will indeed likely someday replace them when they fall. I try to remember there is both an unseen silent chemical war going on out there where plants produce defense compounds they secrete in the soil to inhibit the growth of other plant species (or insects or fungi) as a vile act of territoriality and often expansionism, and yet also the result is a good spacing of biomass to near optimally convert sunlight to living matter and resist and recover from wind and ice damage. I try to recall that there is the most brutal of competition between species of plants and animals and fungi and so on over water, nutrients (including from eating other creatures), sunlight, and space, while at the same time each bacterial colony or multicellular organism (like a large Pine tree) is a marvel of cooperation towards some implicitly shared purpose. I see the awesome result of both simplicity and complexity in the organizational structure of all these organisms and their DNA, RNA, and so on, adapted so well in most cases to the current state of such a complex web of being. Yet I can only guess the tiniest fraction of what suffering that selective shaping through variation and selection must have entailed for untold numbers of creatures over billions of years. To be truthful, I can actually *really* see none of that right now as it is dark outside this early near Winter Solstice time (and an icy rain is falling) beyond perhaps a silhouette outline, so I must remember and imagine it, perhaps as Einstein suggests as an "optical delusion of [my] consciousness". :-) :-) The best I feel we can hope for is balance (like Ursula K. Le Guin's writings):
http://www.pdfernhout.net/a-rant-on-financial-obesity-and-Project-Virgle.html
"
So much for "world peace" when even the tranquil seeming forests have so much Yin-Yang complexity going on within and around the trees.
http://www.ursulakleguin.com/
or maybe, transcendence to some form of universe certainly way beyond our present understanding; example, with its own flaws:
http://en.wikipedia.org/wiki/The_Metamorphosis_of_Prime_Intellect
But still, no matter what examples the universes sets before us, or in what proportion, as *ethical* and *spiritual* beings, we humans can choose a different way, and at least approximate world peace among ourselves as best we can. Something I learned from an old and wise biologist (Larry Slobodkin) who studied both philosophy and nature."
So, we can make choices, as sentient creatures, about how we want to live. The current laws of physics may constrain those choices, but we can still make choices as individuals and collectives. How do we want to live? How can we shape our rules, norms, prices, and architecture to influence that behavior? (Lawrence Lessig's point in "Code 2.0").
A 21st century issue: the irony of technologies of abundance in the hands of those still thinking in terms of scarcity.
How about social engineering, in it's older form. Supposedly, back in the late 1800's or early 1900's, corporations wanted to sell more breakfast cereal. Prior to that time, people typically ate meat, beans, and eggs for breakfast. Maybe fried corn cakes or hot cakes. Corporations wanted to sell cereal. So they advertised all the benefits of cereal, especially the vitamin content, blah blah blah.
And, corporations were successful in selling the American public on breakfast cereal.
The social engineering hasn't ended of course. We simply accept it as normal that corporations spend fortunes everyday, indoctrinating kids that they should be eating whichever brand and style of cereal the commercials tell them to eat.
So - what's next on the agenda? And, what happens to people who resist such engineering? Do we become some kind of outcast? Outlaws? Outright criminals, because we choose not to be manipulated?
You need to look at the best case scenario, as well as the worst case scenario, and try to figure out what might happen as compared to what will happen.
Tracking. Why should I permit people to track my actions, so that they can better indoctrinate me? I don't WANT to be brainwashed, thank you very much.
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
It was inevitable I suppose. The fuck-knows-how-many dollars spent on advertising and marketing and consumer focus were going to be spent somewhere. As a result, the last few years people have been flocking to build sites whose entire business model was developed in order to provide data and information in exchange for it.
Inevitably, there is a push for more information. What your real name is. Your DOB. Where you work or live. What your favourite place to eat is. What you like. Even where you are at any moment.
(It follows that government either already is or will be a customer.)
I do wonder if there is a speculative bubble forming around the market for that particular business model. How much of what is gathered can actually be used? How much is it actually worth?
I suspect that is the escape. If the bubble bursts and the data isn't profitable enough then the intrusion should subside dramatically.
Some people think "free market capitalism" is a libertarian ideal. And a "free market" (as defined by economics, not the anti-government loons) requires significant government effort to maintain.
Learn to love Alaska
It's poisoned data. Since it has become virtually impossible to leave no trace and not be tracked, make sure you poison their data pool enough to make the data useless. It's a bit like buying condoms and dog food and making the analyst at your local store freak out.
Also, you can use the data hunger of companies to your advantage. If you dig through the net by my real name, I seem to be rubbing shoulders with the greatest of the industry. Schneier is actually one of them. I have met him briefly, but we're nowhere near the seemingly constant exchange of ideas you'd think we have when you start data mining on me. When preparing for a job interview, rest assured people will start digging through facebook and google to find out what they can about you, and make sure that they find what they're supposed to find. Worked for me pretty well so far.
As for the rest, like I said, make sure the data that can be gathered about you makes no sense. Disinformation is the name of the game, once it becomes impossible to tell truth from lie, the whole data mining effort goes to waste.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
It goes well beyond any specific products. The selling of consumerism as a way of life is a real phenomenon that can be traced back to Edward Bernays and his work for the federal government. His work is chronicled in the BBC series "Century Of The Self".
No, not yet.
The civil rights lawyer in the White House is busy handing our ass#s over to multinational corporations. You don't want the current political crowd to engage such topics, because what you're likely to get are 'deals' that in no way help the odds of 99% of the population.
The sad truth is that the public has to get choosier about it leaders before we can act on such issues.
Add false data to the databases.
Create false identities, not just anonymous ones. Don't allow facebook, etc. to interlink.
Script this, add plugins for browsers to do this.
In shops, use discount cards with cash, and swap the cards regularly with friends.
Poisoning the databases, especially for "non-legal" transactions (i.e. don't lie when buying on the internet, but give as little
away as possible, and don't use real identities where monetary transactions are not involved - don't commit fraud)
means the existing data collected elsewhere is not trustworthy. It devalues the whole point of data harvesting and data mining,
much better than hiding data alone.
It also still allows the "correct" (non-evil) functioning of the system. Looking up my real name give my real details, when it matters,
allowing the site to interact with me the way it was advertised to. Searching for all "X" in the data give 90% garbage, and so mining
becomes pointless. Deal with customers properly.
Anyone who believes exponential growth can go on forever in a finite world is either a madman or an economist
Sure, the waitress knew that you were at that bar every Friday, and what your favourite drink was. Possibly the cashier at your favourite grocery shop knows what you usually buy at that grocery shop. And there's probably some gas station which knows quite well how much gas you need. That's not a big problem because everyone only gets a little bit of the big picture, and it's unlikely that e.g. the waitress will sell her knowledge to anyone.
To make a car analogy: Few people will see a problem if someone is driving behind them on the highway for a few miles. However if the same car is following them every time they are driving somewhere to whereever they drive, most people would see a problem. And if they know that there's someone in the car who collects all the movement data and sells it to anyone paying enough, very few people would accept that.
What advertising companies do is exactly that, just that there's no observing person or car involved, making it practical to follow many people around, while most of them won't even notice it.
The Tao of math: The numbers you can count are not the real numbers.