Slashdot Mirror
Ask Slashdot: Will the NSA Controversy Drive People To Use Privacy Software?
Nerval's Lobster writes "As the U.S. government continues to pursue former NSA contractor Edward Snowden for leaking some of the country's most sensitive intelligence secrets, the debate over federal surveillance seems to have abated somewhat — despite Snowden's stated wish for his revelations to spark transformative and wide-ranging debate, it doesn't seem as if anyone's taking to the streets to protest the NSA's reported monitoring of Americans' emails and phone-call metadata. Even so, will the recent revelations about the NSA cause a spike in demand for sophisticated privacy software, leading to a glut of new apps that vaporize or encrypt data? While there are quite a number of tools already on the market (SpiderOak, Silent Circle, and many more), is their presence enough to get people interested enough to install them? Or do you think the majority of people simply don't care? Despite some polling data that suggests people are concerned about their privacy, software for securing it is just not an exciting topic for most folks, who will rush to download the latest iteration of Instagram or Plants vs. Zombies, but who often throw up their hands and profess ignorance when asked about how they lock down their data."
two words: television, facebook.
With the exception of a few people, American's just don't care about anyting-- unless it interrupts their viewing pleasure.
no. People don't practically care plus they have the memory of a fish.
If you send an email "through the cloud" (and how else are you going to send it today) then the NSA collects the "meta-data" (at least).
If your message is encrypted then the NSA also holds onto the message. Even if they do not decrypt it.
If you store your data "in the cloud" then the NSA can copy that as well.
Being able to erase stuff on your personal machine does not matter in these instances. Even if the average person could understand the issues.
That's an easy answer, Mr. Betteridge: no, it won't. (People are way too much comfortable with not being careful about their privacy, otherwise the whole Facebook thingy would never have gotten off the ground. Now you're asking them to become techno-savvy just because of privacy reasons?)
Ezekiel 23:20
We already know that the NSA flags encrypted traffic as suspicious and keeps it forever. If we assume they have enough computing power to target on a particularly interesting set of data (based on headers and routing info which can't be encrypted or it doesn't work), then how is it much better than having them store your data in the clear?
Some techies will, but most people won't. They don't care.
The NSA gets a great deal of information through metadata and traffic analysis, so how much does encryption really matter? It might even call more attention to yourself: If you are just somebody surfing an Islamist website or emailing your school friend in Pakistan, the NSA will note it but possibly ignore it, if there's nothing else suspicious to connect you to. But if you are sending streams of encrypted data to those same locations, wouldn't that raise red flags?
Q: What does the "B." in Benoit B. Mandelbrot stand for? A: Benoit B. Mandelbrot
I made a tutorial designed to help non tech-savvy people set up usable email encryption and even with the best narrator and script it's still terrible.
There are way too many steps involved, and in spite of how radically the usability has improved over the last decade or so it's still not at all user friendly. Default values are set poorly; things that should be completely automated and happen transparently in the background, like keyserver operations, require manual intervention.
It's almost enough to make me suspect a consipracy to keep these tools out of the reach of the average user, but realistically I suspect (unproductive) laziness combine with a lack of empathy for non-experts is the real culprit.
First of all, to use these software are hard to use for the average person. Second, some concept are very hard to understand, like what is man in the middle, and why does the NSA "keep" the encrypted information. (This is easy to understand for people in the business but not for my parents)
And finally, I have personally use some of them and they have "lots" of bugs.. I mean, does not work properly..
And you want me to trust some company that opened it's door less than 2 years ago ?
Reddit is a much more fun site and more positive experience.
But does the NSA monitor them more, or less?
Sheesh, evil *and* a jerk. -- Jade
I'm in IT and I can't figure out the gibberish that passes for documentation on open source security products. Without exception, they presume you already undrstand the issues, or they explain them badly...
On twitter recently #drm was trending over the ms new console. People might not think it issue 1 but somehow the eff have pushed in to people brains.
End to end encryption does not exist, a design flaw.
Ssl is tied to domain names, I had the recent experience of purchasing ssl on a site with no ssl. The irony of that statement i will let sink in
If all of the past disclosures and leaks haven't prompted them to do so, why would this one be any different? Did people really think the NSA put their toys away and went home after the Room 641A exposure? It's not like that was ancient history. It's the core of Congress' retroactive grant of immunity for warrantless wiretapping which was all over the news less than two years ago. And domestic spying was old news even before 641A.
Polls showed that more than 1/2 of American's weren't bothered by the spying..
51% also voted for Obama a second time..
Coincidence?
Meaningless, unless you show correlation between the two sets.
Sheesh, evil *and* a jerk. -- Jade
Most of the comments I have seen here have been depressingly (and unjustifiably, IMO) negative.
I think it is obvious that people are becoming more concerned about privacy, now that they see how much of it they have inadvertently allowed to be taken from them.
I only hope that when they start using "privacy protection measures", they don't forget to fight against the reason they need to: abusive assholes (at least half of whom seem to be in government).
um who do you think the "girls" are? This is the internet, everyone loves games and all girls are really government agents spying on you.
i thought once I was found, but it was only a dream.
It may speed up adoption of FOSS (or homegrown) by other countries.
Though OTOH, I can't imagine any of them would have been blind enough not to see this coming.
As for terrorists, didn't aQ switch from cell phones to couriers about a decade ago? Anyone who gets found out on the basis of the activities we now know about is either careless or stupid.
Sheesh, evil *and* a jerk. -- Jade
Arguably, people are entirely correct when they throw up their hands and profess ignorance. The fishing-expedition style attacks that have been revealed so far appear to concentrate on a combination of sniffing out activity between nodes on the network(which are also the data required to route traffic between those nodes, which makes hiding it difficult) and getting wholesale dumps from collaborating companies(which you pretty much have to assume is all of them unless specifically proven otherwise on jurisdictional or architectural grounds).
The problem trying to counter that sort of network based attack is that you can't really 'just install security software' and have done with it. Everyone you wish to interact with has to as well. There is no software, however much expertise I am willing to bring to bear, that will allow me to send a message to user@gmail.com without showing up in the monitoring of his account. Same deal for phone calls, and others.
several non-tech folks have stopped communicating with me except for face-to-face, simply because they don't want the government to read our conversations. my text and emails have gotten very matter-of-fact ever since the snowden revelations leaked.
as a result, i've been researching the available encryption resources out there so we can actually have private conversations without worry. there aren't many that are really simple to use and actually effective. i'm talking with a friend about setting up a home server we can VPN into for chat sessions until there's a workable solution for non-tech types.
i've wanted to do this for a while, but no one else around me cared. now they care.
Why would the average person give a fuck about their privacy? Most people have nothing to hide, and unless they are a fanatic or a hobbyist, they could not care less who reads their stuff.
This security stuff is NOT about the average guy, though. It's about movers and shakers... politicians, lawyers, businessmen, members of the media... people who have power in some ways to affect change, and who communicate in ways which REQUIRE privacy.
Likewise, the NSA monitoring the average person does not matter in the least. It is about them monitoring movers and shakers. It's about people who could potentially upset the powers that be.
So cut me a break with the ruminations about whether Joe Six Pack or Susy Soccer Mom is going to encrypt their email. The real question will be, will the next candidate for high office, who aims to shake things up, and who thinks the current Republicratic overlords need to GTFO... the question is... will he us it, and will he continue to be monitored.
Mod down people who tell people how to mod in their sigs
I think the whole fiasco is going to convince a lot more companies located outside of the U.S. to stay away from U.S. based cloud-providers and SaS. As a Canadian, I'm looking for a Canadian cloud provider that guarantees data is located in Canadian data centres, is Canadian-owned (U.S. law treats subsidiaries of U.S. companies as U.S. companies), and is only subject to Canadian laws.
I suspect many non-U.S. companies are going to do the same- I'd rather be subject to laws I have some influence over.
The problem is it's really a pain to use encryption on your email and the end result is no one will send you email, which defeats the purpose of having email.
It would be really great if SMTP had a way to query for a public key so it could be encrypted before sending automatically. That's the only way I could ever see encrypted email becoming common, and even then there are a lot of difficulties.
"First they came for the slanderers and i said nothing."
you get the idea.
Answer so far is no.
https? no way, i'm too lazy living off my fat slashdot editor salary.
... that I still do not know what to think of it.
...
I thought that the "Skype" had a strong encryption. I did not know that my conversations with my spouse were supervised and recorded. Gosh
Doesn't matter if you are on the "up and up". Things can be taken out of context. Might as well not give them ANY ammo to use. They say to always exercise your right to be silent. This is a preemptive way to do that.
I think you would be stupid not to try and keep your personal information away from strangers. Also make sure to kill your RFID chips in your credit cards. But for the rest of you, ignorance is bliss. Enjoy.
Worth the trouble? You should weight how much it costs you privacy vs what could cost you don't worry about it, but unfortunately, english is a bad language to realize how important the future is.
How it could affect you? You can check what have the FBI/NSA about you. You can see precedents of what NSA did with private information (if that the respect that soldiers in the battlefield deserve, good luck about you). You can see the starting trend of misusing information and how it could impact you in the future.
I think that the widespread perception of the danger is not enough... yet. But as jailing/killing the people that could inform you about the real situation is the new normal, you probably won't be aware of why you should had done it before until it hits you. Or won't have the chance, as the next salvo probably will be outlawing consumer encryption (it already started). Some of the things that you can do could be complex or cumbersome to do, but you can start progressively with this tools, taking the path of least resistance, it will protect you not just from the NSA, but from other evil people and organizations too.
Yep. And, regarding your "even if they do not decrypt it", I can't help quoting one of my favourite books on security: "The main problem facing the worldâ(TM)s signals intelligence agencies is traffic selection â" how to filter out interesting nuggets from the mass of international phone, fax, email and other traffic. A terrorist who helpfully encrypts his important traffic does this part of the policeâ(TM)s job for them. If the encryption algorithm used is breakable, or if the end systems can be hacked, then the net result is worse than if the traffic had been sent in clear." (See http://www.cl.cam.ac.uk/~rja14/Papers/SEv2-c09.pdf p31)
VKh
You're doing it wrong.
Our corporate overlords are already dealing with those pesky users daring to hide their online activity from prying eyes of NSA. Expect more measures to dismantle last remains of privacy - including choking off privacy tool vendors, labeling users of such tools as 'terrorist suspects', somewhat skewed patent lawsuits, outright banning certain classes of tools etc.
Privacy software will be a red flag, they will see this coming a mile away, hell, I wouldn't be surprised if the NSA wasn't indirectly funding a few of these apps themselves just to give you some false sense of security.
:)
:)
In the end, if you want your privacy, well, keep it private!
But beware social media and most of all, be smart. You don't want people to know, then don't use electronics for your very sensitive stuff, or at the very least, keep it hush, sneaker net, or word of mouth.
Sure you could be a genius and create your own e-mail and electronic data transfer app with your own private key system for security, using your own encryption, and perhaps, passing this info and software only to those in the 'need-to-know' and then, use the old snail mail system to distribute the software and the key(s), etc..
If you have need for this, well, you lead a way more complicate life than I would want for myself!
Please tell me you're not a software developer.
If you think the problem to be solved is as simple as making it easy for users to install PGP and create a keypair, you're like a contractor who pours a foundation and then declares he's just completed a skyscraper.
...despite Snowden's stated wish for his revelations to spark transformative and wide-ranging debate, it doesn't seem as if anyone's taking to the streets to protest the NSA's reported monitoring of Americans' emails and phone-call metadata.
Really? Maybe the submitter needs to learn to use the Internet better.
http://www.buzzfeed.com/ellievhall/40-best-signs-from-the-restore-the-fourth-rallies
I've little to add besides my agreement. Privacy cannot be assumed in public spaces. Nothing's more public than the Internet. Act accordingly.
Perhaps more importantly, it will lead to use developing new protocols that employ decent security. This is needed. For example, all email should be sent encrypted, not clear text. In addition, email should be re-developed so that it pushes a distributed architecture while removing the spam.
I prefer the "u" in honour as it seems to be missing these days.
My classes in Internet Security at http://www.freegeek.org/about/classes/ were pretty well packed yesterday.
There is nothing wrong with yr Internet. Do not attempt to adjust the picture. We are controlling the transmission - NSA
It can be done, the system needs an overhaul, as companies route data in an insecure or unencrypted manner then those companies are at least in a position to snoop. If these companies become excessively profit driven or are obliged to (Plc) then that data is a profit center and no longer private.
Encryption is no where near enough though! If anyone knows where our data is they can corrupt or steal it, or force you to give up passwords to it. It needs much more than pgp email or similar as these are layers on top of a currently brocken system. SMTP etc. will require servers and these can be snooped on and until we move away from servers and allowing others access to our data then it's going to continue as is with loss of privacy and ultimately liberty.
Huge disclaimer I work for this project novinet it's open source (dual license) and aims to provide people with a network that ensures privacy and security in a manner that's invisible to people and this is key. It's very new and like all new ideas will have detractors, but when people dig into the detail it becmoes clear that this or something very like it is required if we want privacy ever again.
If hackers focus on this issue with the above project or other ideas to achieve the same end goals then it will be achieved. My contention, however, is that we need another way of putting our data on this Internet of ours and we need to do so in a manner that allows more options than today with much better user experiences. From experience though this is not a simple job and does require a lot of new thinking and more importantly it requires to be available to everyone, not a % of the code and ideas but 100% available, however that's achieved.
Polls showed that more than 1/2 of American's weren't bothered by the spying..
51% also voted for Obama a second time..
Coincidence?
Meaningless, unless you show correlation between the two sets.
More than meaningless, when you consider that Obama simply expanded on his predecessor's groundwork. Unless you're willing to consider that exactly the same people voted for Obama as voted for Bush in this era of polarized politics.
You're never going to bring masses to a new platform in order to get privacy. You've got to bring the privacy to them. Making it possible and easy for users to encrypt their messages does not protect metadata, but it's a significant improvement over the status quo. It will have a larger positive effect than asking users to abandon email for an entirely new platform - the network effect ensures that.
Considering how many people on this site are pirates, then yes, NSA monitors Slashdot more.
Just because we know how and don't subscribe to DRM and other crap doesn't mean we're "pirates".
The cesspool just got a check and balance.
Considering how many people on this site are pirates
I don't know, how many Somalians are here?
Ezekiel 23:20
What is this article on about? Who the fuck is SpiderOak, Silent Circle? GPG, pgp, gnuPG are standards of encryption, not some un evaluated service, or new software.
And there are *literally* people taking to the street:
http://news.cnet.com/8301-1009_3-57592368-83/san-francisco-protests-the-nsa-spying-program-in-july-4th-march/
http://rt.com/usa/nsa-protests-july-4-700/
http://mashable.com/2013/07/02/restore-the-fourth/
And these are just the top 3 google news articles. I agree that the software solutions are terrible, and hard to use. And I agree that the news media are doing a good job of shifting the focus to: "Edward Snowden for leaking some of the country's most sensitive intelligence secrets". Which is agonizing to watch, but not half as agonizing as stupid articles like this couched in the voice of the people, but in actually spinning the story away from the truth.
People are angry, there are secure solutions, it has to be open source and on your own computer under your direct control to be secure. Open source software development is notorious for flubbing the user experience, but that is the bad news. We do care about privacy and personal security, we can fix the software to be easier to use, and we are actually fighting for our rights. So STFU with your crap message about our doomed future, and stupid populace. Of course it's not easy, but people like Snowden keep coming along and reminding us to be more vigilant.
The average user doesn't care about it. I mean, if you ask them they'll say yes, but they don't do anything about it. Talk like they care, act like they don't. It's how governments get away with it in the first place. If this had kicked off pre-9/11 then things would be slightly different, but not much.
Please tell me you're not a software developer.
If you think the problem to be solved is as simple as making it easy for users to install PGP and create a keypair, you're like a contractor who pours a foundation and then declares he's just completed a skyscraper.
No, he's like a government security contractor who doesn't screen employees walking out for usb keys.
Recently, I tried to add a signed key to my emails so people could "prove" they were from me. I was requested by everyone using some Microsoft package for email, to stop, as Microsoft was messing up the formatting of the email, and adding the key as plain text to the email, unlike other packeges I was using and treating the signature a bit like an attachment, something you can click, but is not shown as part of the main message.
So until this rubbish is sorted out, people will not be able to use even simple things like signing messages, let alone encrypting messages.
Take Nobody's Word For It.
Yes we need to make continuous improvements for sure. There are many ways and many issues but that is the hacker way, we try them all. We need to get back to the start and do it properly, getting there is, as you say, not easy but if we are to go forward freely then we must do something and face the challanges those changes will bring.
We are the problem not the end user.
We have failed to provide basic communication infrastructure that protects the end user.
Expecting people to use optional add-on technology requiring x additional software and y additional knowledge is obviously not going to happen regardless of how small x and y can be made.
The only way to fix the problem is wholesale replacement of existing bullshit (e.g. SMTP) with a solution that is secure by default. Users simply must not have the choice of skipping rational and meaningful key exchange steps before communication. It can be made easy or hard to give users control of the security tradeoff but it must not be optional.
Will the NSA Controversy Drive People To Use Privacy Software?
No.
Not here in A-meh-rica.
"Somebody has to do something. It's just incredibly pathetic it has to be us."
--- Jerry Garcia
Your timing is completely backward. The Patriot Act was passed in 2001, long before the NSA scandal broke. Maybe you need to repair your tinfoil hat?
Good, inexpensive web hosting
I swithced to e-mail from Yandex.com (based on Moscow) months ago. The KGB can read the data, but it does not share it with the NSA. My friends now encrypt all messages using OpenPGP keys. All your data gets stored somewhere, but spread it around so it isn't all stored in the same place. Washington, Moscow, Beijing don't tell each other your secrets. spread your business to all three and nobody knows everything.
Analogy: Your neighbor knows what time you leave for work in the morning. The office guard knows what time you arrive at work. But only by sharing information can they compute how fast you drove. Merged databases are much more dangerous than isolated databases.
The key to protecting your data: SPREAD IT AROUND.
P.S. I live in Bangkok. Edward Snowden can sleep on my floor any time.
So we should call this the "Seagate" ?
My key is a cat photo, you insensitive clod!
Sent from my ASR33 using ASCII
Even ignoring informants could compromise anything: http://slashdot.org/comments.pl?sid=3942179&cid=44203093
Our society needs to face up to all the implications of this new technology and transcend to social structures built on a post-scarcity paradigm and ideas of intrinsic & mutual security. That entails extensive rethinking in many areas including economics, education, manufacturing, security, governance, healthcare, welfare, and more. It's hard to argue that hiding what you have to say is going to help a lot with a global mindshift in that sense.
A 21st century issue: the irony of technologies of abundance in the hands of those still thinking in terms of scarcity.
"but realistically I suspect (unproductive) laziness combine with a lack of empathy for non-experts is the real culprit."
Reality is no one predicted the internet and that the human mind never evolved defense mechanisms for electronic and invasive spying. If you follow someone around with a camera, they get upset and/or call the police. Do even worse electronically and the human mind for many doesn't give a fuck.
It just comes down to the fact the human brain did not evolve mechanisms to safeguard oneself in this kind of environment.
CatKeys. Mod GnuPG so the keys are cute and fuzzy.
There is nothing wrong with yr Internet. Do not attempt to adjust the picture. We are controlling the transmission - NSA
As a Canadian, I'm looking for a Canadian cloud provider that guarantees data is located in Canadian data centres, is Canadian-owned (U.S. law treats subsidiaries of U.S. companies as U.S. companies), and is only subject to Canadian laws.
Good luck with that. Canada is one of the senior partners of the ECHELON program (a program that mandates the exchange of information).
And even then, the ECHELON program isn't abiding by any law, whether they be Canadian laws, British laws, or even US laws.
Does a bear shit in the woods?
people running servers should not be the masses in general. These would be the same masses that click on the "Please enter your bank credentials in our scam site - click here" links.
The cesspool just got a check and balance.
Before the NSA thing broke, there was plenty of warrantless wiretapping and such going on that we did hear about.
And where did I say otherwise? My point was the OP was claiming that the Patriot Act came after the 2006 scandal, when clearly it was passed roughly five years earlier. Reading for comprehension; what a concept.
Good, inexpensive web hosting
Comment removed based on user account deletion
Comment removed based on user account deletion
Create a keyword substitution code. Make a list of keywords for your subject, and a list of substitution words. Let the the most frequently used substitution word be "Viagra". Your message will land in the NSA's spam bucket and be forgotten.
There is no substitute for common sense. Especially, no body of rules will do.
What ex post facto laws are there that are enforced? The closest I can think of are the number of "possession" laws that are explicitly non-ex post facto, but people complain that it makes the drugs/porn/whatever they bought last year illegal now, and mistakenly claiming that to be ex post facto. But, is there any actual ex post facto laws being passed or enforced today? At best, the idiots could claim that making them illegal is a "taking" and they should get market value for the amount the government devalued it by (works for taxi owners when a new medallion is issued).
Learn to love Alaska
The Serval Mesh software for android encrypts voice and text messaging by default. Though it's focused on enabling communications in a disaster when everything else has failed, and doesn't have any internet based message routing. It's perfectly fine for a small community, or for sneaker-net based messaging.
They're also starting an indiegogo campaign to build and sell a device with much longer range than Wi-Fi.
09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
Or better yet, transparant government. Demand it by law. No more secrets.
I think technology and progress are the natural enemies of privacy. Less privacy is inevitable. But it should be both ways.
After all the governement is the people, and both business and polics are both games best played in broad daylight.
Here is a solution. Modify Thunderbird, or create an add-on. Upon installation, generate a key pair without even asking the user. Encrypt the private key with a generated password, which is stored lightly obfuscated in the registry or somewhere. Totally insecure, of course. Append a special Mime attachment to every outgoing mail, with the public key. Check every incoming mail for this kind of attachment, and store the contained key in the address book. When sending to recipients whose public key is known, encrypt automatically.
In a short time it will be known that if you use Thunderbird, all mail exchanges with other Thunderbird users will be encrypted, with no hassle for anyone. People will begin telling each other about it.
Offer a configuration dialogue to set a proper password for the private key, a password which is not stored, but will be prompted for. Nerds and people who needs it will use it. But mails on the wire will look no different, and attract no more attention from the NSA.
Provide a simple synchronization function for those who use IMAP and multiple PCs/laptops/ipads.
This will make people switch to Thunderbird. But only if it's Thunderbird or something with a similar user base, not some new and obscure app.
Then the makers of other clients will add similar and compatible features to their stuff. The ball is rolling. At some point Google and Hotmail will offer snake-oil competition, encryption with the host controlling the keys. A few years later they will offer encryption in the thin client, with the keys stored in the user's system.
There is no substitute for common sense. Especially, no body of rules will do.
The massive use of Facebook kinda shows that very few people give a shit about piracy. It is possible to use Facebook reasonably sensibly if you only provide the minimum required for it to work, but then its usefulness is hampered and the vast majority of FB users prefer to fill in every single field available on their profile.
The thing is, yes, the NSA et al are not interested in the average Joe as long as he remains an average Joe. But if that average Joe suddenly emerges as a "threat", by organising some big Occupy movement etc, they will already have all the private dirt on him they need to discredit him if necessary. This is why the average Joe should care, even if he doesn't. It's about the future, not just the present.
... unless thy start selling data to advertisers.
now we need to go OSS in diesel cars
That little logic bulb went off in my head a while back. There are a left and right voting population who never vote for another party. Then there is a small non-partisan swath which the politicians focus on, learn how to manipulate, and which virtually decide every election. So yeah, the same people who put Bush in office also put Obama in office. This is a rather trivial point of logic once you realize it, but most people never do. When their guy "wins" they just file it away in the back of their head that a majority of people in the country unified on a specific choice because of the reasons *they* tell themselves that they voted for the person--when in fact they were never going to vote for the other party, even if Zombie-Hitler was running on their ticket.
I object to power without constructive purpose. --Spock
Short of overthrowing the government there is not much we can do about it. Encryption and Tor-like routing are the best we can do.
Quite an experience to live in fear, isn't it? That's what it is to be a slave.
I made a tutorial designed to help non tech-savvy people set up usable email encryption and even with the best narrator and script it's still terrible.
Thanks. I found the tutorial useful.
Webmail operators don't offer IMAP or even pop3 support easily. Most of slashdot has webmail accounts with the major us providers ousted in the leak, even if they use something else for work or main personal email. The issue is with securing those accounts for maximum impact. Incoming mail from online subscriptions and pw resets and non-tech friends will still remain mostly unencrypted. Most slashdotters serious about this will end up segregating security by creating even MORE free (bugged) accounts for their tech-savvy friends.
Someone else here said that encrypted data can put you on TLA watchlists. We're just trying to be safer and protect our friends, but doing all this within the USA is counterproductive even if they can't decrypt our random stuff --metadata is bad enough. I don't use personal email enough to keep me encouraged for long, but will probably play around.
Young people do care and do protest, get out there and meet some dude. You know none.
And 95% of yougsters do put rubish in the the bins, and wtf have potholes got to do with any thing? The local council fixes that, from the rates they charge.
Old people , well their children should help.
The hungry can all be fed, if the damn USA or military stopped buying for 1 week.
Wasted space is most likely owned by DoD corps.
TV shows have a purpose as did Shakspear or Drama on stadiums in the old greek cities, yes fiction drama is and always has been around. Its not just mindless.
TO SLASHDOT, your code sucks, how is Grrrrrrrrrrrrrrrrr triggering a repeating filter? Can your code hihlight it in future or is that too hard?
WTF is this ???? Your the lamers.
Lameness filter encountered. Post aborted!
Filter error: Too much repetition.
Liberty freedom are no1, not dicks in suits.
Commit a felony long ago? Sentence served, all done? Since then, they've added to your sentence: you can't own a weapon. It's retroactive.
That's not an ex post facto law. The law doesn't make last year's act illegal. Unless you are claiming that if you bought a gun after you were sentenced, but before the law change, but didn't own a gun at the time of the law change, they are prosecuting you for illegally purchasing a gun when it was legal at the time.
Commit some kind of "sex crime" long ago? (Like an informed, consenting act some idiot ruled illegal) Sentence served, all done? Since then, they've added to your sentence: you'll be listed as a sex offender. It's retroactive.
Nope, you are registered if you commit a crime *after* the registration legislation, not before. "In 2006, California voters passed Proposition 83, which will enforce "lifetime monitoring of convicted sexual predators and the creation of predator free zones."[7][8] This proposition was challenged the next day in federal court on grounds relating to ex post facto. The U.S. District Court for the Central District of California, Sacramento, found that Proposition 83 did not apply retroactively." - So says Wikipedia.
Again, you have not proven #3, or any other clause of ex post facto.
That the laws for punishment are permanent and aggressive doesn't make them ex post facto. For that, they have to apply retroactively to someone after the act in question, and I've seen nothing from you or anyone else that indicates such. DUI being the closest, where if you got 2 DUIs under the "old rules" your 3rd can still be a 3rd strike, even though you never had a first-2. I did see that catch someone, but then, he was convicted under a law that pre-dated his offense, so still not ex post facto.
Learn to love Alaska
Test results went OK
Wikipedia says that Yahoo Imap forbids desktop clients. Verizon doesn't provide Imap support. Bit the bullet and tested OK over gmail. I might add a sig pointing to the same tutorial to help spread the word with tech friends
Thunderbird has removed the checkbox that silences subject-line-free mail under the "Sending" tab.* I didn't find a about:config pref and saw that people resort to some TB extension to fix it. Along with the Tabs-on-top, menus-are-hidden-by-default-for-no-reason, there are subtle signs of Mozilla's controversial Firefox GUI decisions creeping into this sister project. Oh well, I doubt Eudora mail and Windows Live Mail support this Enigmail tutorial out of the box.
On one side you have those that see the problem, but see no real way to do anything about it. Just a few stating they don't want to bring (ahem) attention to themselves. On the other side you have those that will do nothing. Who state you can't do anything because security in the States is not really security. Most security in the tech world is done by third parties that can be breached by the NSA. You also hear of those that complain but see no outlet because big tech companies like Facebook have so far gotten a free ride at the expense of their members personal information. Policy means nothing unless the public is actually protected.
... and the reaction of EU governments is very sad. They all have blood on their hands!
... its classified secret then leaked....
That little logic bulb went off in my head a while back. There are a left and right voting population who never vote for another party.
If you watch the polls on political topics, they very rarely go outside the range of 70/30 - 30/70.
I usually mentally exclude 30% on each side of the poll and scale the middle 40% back up to 100, to get an idea how the nonpartisan public feels about the topic.
Sheesh, evil *and* a jerk. -- Jade
Due to the nature of bueracracies I expect the set of people who are not on a watchlist to rapidly shrink until it's empty.
I hope NSA controversy will drive people towards FOSS
Casteism
No I don't have anything to hide. So what! Damn snoops have no business in my business. I'm trying the new Japanese University experiment VPN. Works pretty good, so far. And anything private goes on over something NOT called YAHOO, GOOGLE, MICROSUCKS, etc.
Have you hear of management by exception? That "meta-data"? Those supercomputers work continuously building patterns for each person, each device. Then when your pattern changes, voila, the evil roving eye swings your way. The FBI is a domestic shill for the NSA so as to allow monitoring of citizens that is expressly forbidden by law (or was). And they have a file on every citizen and not in the USA and likely most of the planet. Mess with them. Move your IP to Japan, Korea, Mexico. Move lots. And post as a coward.
cursethedarkness
Metadata means the NSA does not access content. Encrypting your communication does not affect PRISM, assuming we're getting accurate information. Encrypt it, or not. It doesn't matter. They're not looking at content. They are looking at medadata.
With metadata, the NSA can tell is who, when, how long, and where you were when you communicated with your friends, family, local businesses, school, work. With an overview of this information, an analyst can get a very clear idea of what groups exist, where they are, how tightly-knit they are, and who the major players are. If you want to disrupt a group, you'll have a really good idea of who you need to remove (arrest/detain/assassinate) in order to do that. The group itself may not even understand how important some of their members are until they turn up missing.
Okay, that is background information necessary to understand this debate. If you're still worried about whether the NSA is going to bust you for your pot brownies or your gay affair or your racist screeds on Stormfront, or your MP3 downloads: no. That is irrelevant. With respect and no condescension in my heart, please read the first two paragraphs again until you get it. This is important.
What you have to decide for yourself is whether you trust your government, not only now, but now *forever*, to use this information purely for your best interests. You may have trusted Bush's administration, and currently trust the Obama's administration, to use this information purely to keep you safe from the bad guys.
The danger, my fellow travellers, is what will happen when bad-actors gain power. In the sweep of history, even the most exceptional nations occasionally succumb to sociopathic dictators assuming control. That same infrastructure that kept us extra-safe from the bad guys, can now be used to track down political or racial enemies, which just might include you and your loved ones.
Plus! This metadata collection is against the mandate of the NSA, which is to collect information on foreign communications *only*. Not on US citizens. It is illegal, with *no* external oversight. All this... this entire thread, is a distraction.
I looked at this, and almost all Canadian internet traffic is monitored and goes through the US.
Firstly, all of the major Canadian ISPs peer via Chicago in one way or another. I periodically check out the connections to my website from different ISPs, and the traceroutes between ISPs. From my current location, connections to Rogers Canada (Rogers.com) and Bell Canada (Bell.ca) both route through US ISPs and Chicago. I'm pretty certain that this pattern will persist accross the country (I've tried). It would be interesting to see if a connection between Rogers' customer and Rogers.com routes through Chicago too. Somehow, I suspect it might, especially if the customer is far from Toronto.
Theoretically, you could set up conversations between two computers via the same Canadian ISP, and those would be kept in Canada. However, if I had access to well-protected information, I would discover that both Rogers and Bell have sold their souls to the Communications Security Establishment Canada (CSEC), and that organization is an active partner with the NSA. Also, Bell and Rogers both have holdings outside Canada, and as such, both probably work with the NSA directly too.
Some smaller Canadian ISPs, for example TekSavvy, are probably sufficiently small that they are not monitored actively. However, in Ontario, almost all of these smaller ISPs borrow their lines from Bell Canada. As such, if someone really wanted to monitor your conversations, they could just contact Bell Canada.
Finally, I looked at the option of encrypting all my communications between two Canadian locations with the same ISP. Bell and Rogers started throttling all encrypted communications because they assumed all of their users were bandwidth pirates and "torrenting". At the time, Rogers shut down a university research project at the University of Ottawa with this policy. Thus, in Canada, encryption is no solution.
In the end, I decided (a) everything is monitored, (b) most traffic is not monitored accurately - the ISPs are primarily interested in blocking bandwidth hogs, and (c) in Canada their is no way for a single user to stop the monitoring.
I'll put on the tinfoil hat and suspect a conspiracy. Of the same kind that made 9/11 possible: incompetence, laziness, and lack of stimulation of a knee-jerk (which is the only time we get things done, if we can remember long enough). It should be amazing is that noone has lept into the HUGE chasm of opportunity and rolled out a turnkey (but, see knee-jerk).
"You must try to forget all you have learned. You must begin to dream." -- Sherwood Anderson
Using privacy software is beyond the abilities (foremost of required abilities being patience) of the average American. Those of us working in technology will probably take a few basic measures. It would be great if PGP were to become more viable and https were more prevalent. To most people, looking out for their privacy means editing their Facebook profile settings and deleting contact and location information. They'll do that, and be comforted by their cosy, false sense of security.