Slashdot Mirror
MIT Project Reveals What PRISM Knows About You
judgecorp writes "MIT's Immersion project sifts your Gmail, and constructs a map of your associations. Without opening a single message, it gives a clear view of who you connect with. It's a glimpse of some of what the NSA PRISM can do. From the article: 'You can assume that if the NSA is looking at your email, the information in Immersion is similar to what they will see. Consider that they probably see all of your email addresses (and not just Gmail) and that the metadata is examined along with the metadata from everyone you’ve corresponded with, and you can see just how much can be inferred from this data alone.'"
I'm guessing MIT haven't tapped Google's fibre like the NSA so are doing it on a consent based basis, but no, I haven't read TFA.
One has your consent, the other doesn't?
They're both wasting government funds, I don't see the difference.
Get free satoshi (Bitcoin) and Dogecoins
They use a tool that you have to knowingly run, which is fairly different than what the nsa does
Uh... Your email is plain te t. Th NSA has a fuckton more than just metadata... They have your entire contents.
What now? Are they water-boarding people for information?
Have gnu, will travel.
One of them is opt-in. One of them is not.
There's a difference between opt-in and covert actions taken without permission.
However, I don't see why anyone would let MIT have access to their e-mail account, just so that they can simulate having the civil liberties violated. But, then again, I don't see the point to a lot of things that get posted to Slashdot.
I always thought it would be interesting way to figure out a way to seed surveillance and information gathering networks with unique information you could then watch for to see where it "leaks out". For all the worry about NSA surveillance, my real fear is that is that it's actually a front for commercial operations. (My theory is that the NSA is mostly a headless monster of a "Security Industrial Complex" that lives off of milking the public for money in exchange for useless services and general industrial espionage. It's really the perfect scam because you can avoid any investigation of conflict of interest with 'state secrets' privilege) It would be a real coup to find your honeypot information leaking in to commercial databases.
More than a decade ago I registered a few domains with bogus names. To this day I still get offers in the mail for "Longdong McPorksword", even though mining whois data for commercial purposes has always been supposedly illegial (well, a terms of service violation at least)
Their analysis comes up completely blank.
Why?
Because I use POP3 rather than the bullshit IMAP for my mail access. There is nothing on the server, so there is nothing to analyze.
There's a difference between opt-in and covert actions taken without permission.
However, I don't see why anyone would let MIT have access to their e-mail account, just so that they can simulate having the civil liberties violated. But, then again, I don't see the point to a lot of things that get posted to Slashdot.
That's not how the 4th amendment works though.
Otherwise you could say only the city garbage men have permission to take custody of your trash to prevent a PI from snooping through it at the curb.
Now you're going to ask, why can't we do that??
Once they take custody of it, it's theirs, not yours for one thing, and THEY can be searched with a warrant that doesn't have to mention you or other individual customers at all.
Of course it's okay that the NSA does it, and next year's election results will reflect that. It's no use arguing whether it's 'right' or 'wrong'. We just need to figure a way neutralize it. All this philosophizing is a big waste of time and energy.
“He’s not deformed, he’s just drunk!”
The government, by definition, has the consent of the governed. Otherwise, it would be long gone.
So the purpose of this is what? To reassure us that the NSA is telling the truth and that they really do only view metadata? I think at this point it is quite safe to assume that any official announcement from the NSA is a lie. If MIT really wants to simulate seeing what the NSA can see then they should give you a view of every form of online communication plus any voice communication. The content. Not just the fucking metadata.
Quite an experience to live in fear, isn't it? That's what it is to be a slave.
One is surveillance, one is a tool that demonstrates how the surveillance might associate data and is for your personal consumption only.
I got that from reading the fucking article. However, it was easy to deduce from the summary here that it's only an end user initiated thing, that MIT doesn't have unrestricted access to gmail data.
The grand parent is a dumb ass.
Wolfram Alpha does similar analysis with your Facebook data. Those bubble charts reveal some amazing insights on seemingly insufficient amounts of data.
Ask me how the Heisenberg Principle may or may not have saved my life.
The Immersion Project is PRISM... nice
“He’s not deformed, he’s just drunk!”
Again, I am not very concerned if Google thinks I may want to buy Pampers, Depends, or both.
Iam concerned with government wondering who I talk with who may be political. As it turns out, no one. But many people do do this, and some of them would be of interest to corrupted officials.
Therefore this mechanism, if it is to exist, needs good logging and forbearance mechanisms without warrant or, if in an "emergency", logging with mandatory followup with FISA or other court, and regular review by Congress.
"It's such an emergency we can't even do that after 12 years" that is the fraudulent, anti-freedom activity.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
last week
they also know i follow the NYC sports teams and the email alerts i receive from fatwallet and slickdeals
along with my ereaderIQ author alerts for kindle books price drops
that's why i didn't buy that Orson Scott Card book over the weekend. the NSA would have found out
The murderer an the rapist have the consent of the victim, otherwise these crimes simply would not happen.
Seven puppies were harmed during the making of this post.
This. In the West, I am less scared of the government (in its public capacity) than any other entity. They have the most openness and democratic oversight of any organisation. The thing I fear most about the government is the extent to which it partners with private organisations which are more interested in furthering special interests of small groups - usually the bank accounts of the wealthy.
The information GCHQ/NSA has on me CAN be used to exploit me - if insufficient regulation allows corruption to set in. The information private entities have about me WILL be used to exploit me - by design.
They have the consent of the governed only if they follow the constitution which gives them the power to do what they do.
Since they are wiping their rear ends with the constitution on this matter however, they do not have any consent at all.
Aaannnd it's Slashdotted.
Help I am stuck in a signature factory!
The NSA has the consent of the American people. It's written in the PATRIOT Act.
The simulator helps you understand how your civil liberties are being violated. It helps make vague understandings more concrete.
How, when both of the only two parties the corporate media dare mention are both all for a surveillance state? Remember, a vote for a candidate who doesn't want your loved ones in jail for pot and doesn't want a police state (e.g., Green and Libertarian, both on enough ballots to win) is a wasted vote? All the newspapers and TV stations agree, we need to have a surveillance state and we need to jail your loved ones!
And nobody seems to realize how stupid their vote is, corporate media keep us in the dark.
Free Martian Whores!
In today's America, the government has less the consent, and more the apathy of the governed. The fact that the populace is so disengaged and ill-informed is the only reason there aren't many more protests in the streets.
"But we have to pass the bill so that you can find out what is in it,..." - Nancy Pelosi
The contraposition of this story with the fate of John Corzine deserves to be highlighted.
Here we have the a US intelligence agency, saying it needs to snoop on millions in a supposed effort to protect them from threats. And yet John Corzine, who openly stole customers money, is not being prosecuted, despite the reams and reams of records and evidence against him and MFGlobal.
What we see here is that information does not correllate with prosecutions, or effectiveness at protecting people from harm.
May the Maths Be with you!
Consent requires information. If the government does not provide any information what they are doing, there can be no consent. Additionally, any implied consent is bounded by the constitution, and it does not appear that the government of the US has any intent whatsoever to abide by those restrictions.
The power of an integrating capability isn't what it can glean from ONE source (gmail), but rather the cross product of combining MULTIPLE sources. (gmail, facebook, phone records, credit report, amazon purchases? banking transactions?...) This cross-cutting capability is really the only portion that is unique/specific to government. (Except there is also a vast and shadowy industry of buying and selling the same personal information on private markets which we also know very little about).
Now that they've gotten linked from here, they have a lot more access to gmail data than they did before. People giving MIT access to their email is no different than people giving Google access to their email. This is the problem: users extend too much trust in exchange for something sweet.
Interesting points about openness and democratic oversight in government as opposed to the corporate world.
So shouldn't you be up in arms about the lack of both openness and democratic oversight shown in the NSA affair? You can't defend the virtues of one system over another, then turn a blind eye when it reneges on those virtues.
Everything is better with chainsaws.
the people i am closest to i do not talk with online
Its the scale of wastage though. MIT is wasting 3 graduate students salaries on it who they probably also get to TA for undergrad classes, whereas I would imagine that the NSA has many times that in full phDs devoted solely to theirs.
The tool shows what the NSA could know about you if they had access to your gmail. However, Google rather staunchly maintains that the NSA does not have any access to Google user data, with the exception of specific information about specific individuals when proper legal documentation has been provided and reviewed by Google's legal team, and even then the NSA does not have access to Google's servers; Google retrieves the specific data requested by the order and delivers it to the requestor.
In addition to the previous public statements, David Drummond just published the following op-ed in faz.net (in German): http://www.faz.net/aktuell/wirtschaft/unternehmen/gastbeitrag-von-david-drummond-gleichgewicht-zwischen-sicherheit-und-buergerrechten-12272710.html. Here's a Google+ post that contains an English translation: https://plus.google.com/u/0/105603626919803672092/posts/bT7ndyhJmUk
Unless Google is flat-out lying of course. I don't believe that is true; I don't think Google could be legally compelled to lie, and I don't think the CEO and legal counsel legally can lie to the public, but you have to make your own evaluation on that point.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
...corporate media keep us in the dark.
We can always light a candle...
“He’s not deformed, he’s just drunk!”
You can trust MIT exactly as far as you can throw any one of their buildings. MIT employs the most despicable state propagandist in US history, Noam Chomsky. Chomsky is the US equivalent of the UK's Tony Benn- a vile extremist ultra-high level operative of the government who passes himself off as the 'man of the people' and 'independent' critic of government policy. Chomsky actually sits on Israel's so-called 'star chamber', a shadowy organisation that pretends to find 'moral' authority for Israel's acts of terrorism across the globe.
The spying on the US population is far more extensive than even the most informed of you realise. For instance, betas are told that vehicles are tracked by license plate identifying camera systems, but this is a purposeful smokescreen. 99.99% of all tracking is done using under-surface RFID readers that monitor the chips present in every vehicle tire. The cameras exist merely to associate a 'name' with the current 'fingerprint' of your tire RFID chips. Under-surface readers are thousands of times cheaper, and thousands of times more reliable than camera systems, allowing a nation-wide network of deployment to a degree none of you can even comprehend.
The RFID tracking of vehicles is combined with the perfect ral-time tracking of EVERY cell phone currently receiving power (does your phone have a charged battery?- then it is being tracked).
A would-be car bomber in the USA was captured combining these two spy methods. The bomber bought a pay as you go phone in one town (with cash) and used it once in another town. This alone allowed him to be caught. How? By using RFID vehicle records to match a vehicle present in both locations at the time of purchase, and at the time the phone was used once. The very method the bomber thought made him anonymous allowed him to be identified.
US TV shows are no longer allowed to point out to viewers that ALL cell phones are tracked by the phone company and government constantly in real-time. It is LAW that every phone have this 'GPS' like functionality, but no show is allowed to have a plot that revolves around this fact.
The NSA slurps up EVERY piece of electronic data. Crap about 'meta' data is just that. The US post-office actually photographs (where possible) the CONTENTS of all ordinary mail (the piece of mail is exposed to extremely bright light of a frequency most likely to capture the interior writing on the pages within- a method that works more often than you may expect). Of course, persons of interest actually have their post opened and inspected. In the UK, this was once done by inserting a high-speed spinning needle into the base of the envelope to remove the contents with minimal external damage.
Your phone calls (contrary to MIT lies) are all recorded. Same with your Emails, etc. MIT is engaged in a usual propaganda operation based on standard FUD methods. The Meta-data crap is just nonsense for VERY dim-witted sheep (the lie goes like this - "the meta data looked suspicious, so then, and only then, we started capturing the actual data").
Do you know what the worst aspect of all this is? Well, yes, it is really the 1984 implications, but what I meant to say is that the very methods of spying allow the real criminals to circumvent the surveillance. Understand how vehicle and phones are tracked, and a smart operative will NOT make the same mistake as that bomber I mentioned earlier. The very effectiveness of NSA spying produces whole new classes of methods to avoid discovery or lay down trails of false and misleading information.
Of course, NSA spying has NOTHING to do with finding the 'bad guys'. It is a project to discover information that can be used to 'coerce' people of influence, and it is a project to read the mind of the populace in real-time, so control propaganda methods (of the sort Noam Chomsky helps create- using language to manipulate Humans is his field of study) used by the mainstream media can be better perfected.
You are a true /.'er my friend...commenting without bothering to know what the hell you are talking about. I know, I know...first post and all, can't be bothered to read links.
Additionally, any implied consent is bounded by the constitution, and it does not appear that the government of the US has any intent whatsoever to abide by those restrictions.
Au contraire. Secret court rulings have confirmed that the US is abiding by the constitution. Please do not attempt to disprove this, as slashdot is not cleared to receive classified information.
Trust the Computer. The Computer is Your Friend.
I'm guessing MIT haven't tapped Google's fibre like the NSA so are doing it on a consent based basis, but no, I haven't read TFA.
I don't think tapping Google's fiber would do the NSA that much good. All traffic between gmail servers and gmail users is encrypted. They could get traffic between Google's SMTP servers and other mail providers, because although Google uses SMTP over TLS when talking to any other provider that supports it, few do, but messages between gmail accounts are never transmitted in cleartext.
If you argue that the NSA can lean on certificate authorities to let them spoof Google certs, I think that approach is unlikely to succeed. First, even if CAs cooperated the NSA would need to use it sparingly, because it's likely that eventually someone would notice that they're getting different -- though apparently valid -- certs, especially since all valid certs from Google should be issued by Google's CA. Second, the fact that Chrome pins all Google certs by default makes the odds of discovery even higher. In fact, that's how the DigiNotar compromise was surfaced; someone tried to use the compromised signing key to spoof a Google cert and Chrome threw up big red error pages.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Ran the demo, big whoop...
Democratic leaders have the one-time approval of 51% of the governed. They certainly don't have the consent of ALL of the governed at any point. Generally speaking governments don't always have consent, they do however, have the most soldiers and weapons.
Oh god....that is exactly the definition government workers want the good sheeple to go by. "You elected me so I have your consent to do whatever I want without your approval, for your security and protection of course...so bah like a good boy".
Your premise is wrong if it's "government is an entity that follows laws", because this completely ignores the fact that government is made up of individuals, with personal agendas. The data they collect may not be used against you right now, but that's only because you're not in someone's way yet. Once you step into the crosshairs of someone in power, do you still think all that data is innocent and inert? Do you think regulation is going to save you? Are you willing to accept a society where you cannot poke your head up too high, unless you're of a chosen breed and have greased the right palms?
... whatever
The equivalent of saying that there is no such thing as rape as anyone that does not successfully get away has consented.
I think one has been lit.
https://twitter.com/YourAnonNews
If you visit the page using Firefox with JavaScript disabled, they suggest you to download Google's Chrome, i.e. to give even more of your data to NSA. We should at least recommend Chromium (the open-source part of Chrome) in such cases instead of the binary distribution from Google.
0 collaborators
87 emails
I think PRISM know a LOT more about me than that.
One is sifting through your data looking for ways to market to you, the other is warehousing your data until you are deemed a threat (or maybe just an undesired ethnicity).
At least the NSA says it doesn’t read the contents of your email. Google does, and it admits that it does.
Like I believe NSA does not look at the contents... If it weren't for Snowden, we would still not know about PRISM.
I'd never be able to prove this to your satisfaction I'm sure. Firefox browser has the search bar that automatically sends searches to google when you type them in. I had an addon to make pages use ssl if possible and an addon to check if anyone is tinkering with certs. Apparently entering searches in the search bar sent them in the clear and certain keywords could trigger a new certificate. Put in the same keyword and nothing happens you need to find a new keyword to trigger a new certificate. I used one of those lists with supposedly sensitive keywords.
Apparently entering searches in the search bar sent them in the clear
That's certainly possible. It depends on how Firefox's default search engine is configured. If you want to be sure your searches are encrypted, go change the setting to use https://google.com./
Apparently entering searches in the search bar sent them in the clear and certain keywords could trigger a new certificate. Put in the same keyword and nothing happens you need to find a new keyword to trigger a new certificate. I used one of those lists with supposedly sensitive keywords.
That's impossible. The session encryption negotiation is done prior to any data being sent, so the certificate provided by the server, and used to encrypt the session key, is delivered to the browser before Google receives any keywords.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
the government has] the most openness and democratic oversight of any organisation
Ha ha ha ha ha!!!! That was a good one!
We have the internet now, but thanks to the NRA our candle is a searchlight pointing at us. Vote Libbie or Green!
Free Martian Whores!
Put the key word in the i goes in the clear. google takes the request gives you an encrypted page with a new cert.
perhaps it's not "rape rape" but "spousal rape."
Yeah, I mean anyone with anything to hide will be using Tor. Are people too stupid to use Tor really a threat that the NSA needs to be brought to bear to worry about? The only ones who lose are private citizens. Unless you go to extraordinary lengths you won't be able to keep the NSA from connecting an old slashdot post with your real name. Who cares right? Not me, but the Internet isn't just about about now, what you say is for all time. If an evil dictator comes to power you can't quit saying stuff that might piss them off and go about your business. Anything you've already said when it was still OK to do so can be used against you.
...
Must be really nice for you to live in that country.
For the rest of us, we fear the Chinese, the Indians and Pakistani, with their fucked up ideas and nukes, and let's not forget the mega corporations backed by the various first world countries led by the USA that are basically free to establish their dominance anywhere they want to.
So, let's see, you fear one single government, your own, the rest of the world has that one threat plus another very large number of threats. We win, or lose, depending on how you look at it.
You can complain about your government and not go to jail with your entire family. You know what? Most of the countries don't have that luxury, that privilege.
What would be OK is if they posted some code to run and then let you save and browse the result all on your own machine.
-- "Oh. This guy again."
This. In the West, I am less scared of the government (in its public capacity) than any other entity. They have the most openness and democratic oversight of any organisation. The thing I fear most about the government is the extent to which it partners with private organisations which are more interested in furthering special interests of small groups - usually the bank accounts of the wealthy.
The information GCHQ/NSA has on me CAN be used to exploit me - if insufficient regulation allows corruption to set in. The information private entities have about me WILL be used to exploit me - by design.
You are a fool. While corporations do exploit people, they're less likely to do so with extreme prejudice. Most of the Hollywood-style abuses that corporations commit are Hollywood fiction.
Governments, on the other hand, do this kind of stuff all day long.
When a government can pass a few "hints" along and divert a Head of State on an international mission, THAT's something to be very, very worried about. Granted, the particular head of state isn't in charge of a well-regarded government, but it is still a legitimate government. Today Bolivia, tomorrow France.
If they can do that the the President of a nation, it's not hard to imagine what they can do to you. Who needs to imagine when there's Guantanamo? If you're lucky.
Do you have any example keywords? Also, are you located in China?
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
In today's America, the government has less the consent, and more the apathy of the governed. The fact that the populace is so disengaged and ill-informed is the only reason there aren't many more protests in the streets.
Yeah? So? As long as we can not be scared of teh terrorists and as long as new episodes of Survivor, American Idol, and Tia and Tamera keep coming out, we're happy.
Why did doubling a word to change it's meaning become a thing?
Can MIT render you or kill you in a drone strike? And I guess you missed the "voluntary" part.
...but no, I haven't read TFA.
Don't worry, NSA already did.
I allowed Immersion to review my gmail, and I don't think it really reflects what PRISM is accessing in any way. All it did was go through my emails and build a standard social network map out of my emails based on who was in the address lines. My understanding is that PRISM is actually analyzing the content of my emails. Immersion is neat, but it really seems like the developers are trying to promote their own software by attaching it to the surveillance scandal.
As for Immersion itself. It is a neat application and it's fun to see a chart of everyone you interact with an how they are all networked together. If you're interested in seeing your Facebook and Twitter networks modeled in a similar way, you can use the open-source NodeXL plugin for Excel, which let's you harvest your data from these social networks and build your own visualizations. It's actually much much more robust than Immersion and you don't have to give a third-party access to your accounts since you run it from your local machine yourself.
i ~ Celebrating Science, Cyberspace, Speculation
Two words. "Spousal Rape."
I think you'll find that this is a relatively recent concept, and some can condemn other forms of rape, while having a difficult time understanding how rape can possibly exist with the confines of marriage.
You assume an antagonistic relationship between the people and the state. This is not necessarily a good assumption to make when trying to understand why NSA wiretapping is still accepted by significant segments of the population.
"The problem" is that PRISM is only authorized by Section 702 of the FISA Amendment Act of 2008, which only covers non-US Persons outside of the United States.
Not only that, but the US previously DID have an internet metadata collection program, which was discontinued in the face of internal questions about its lack of effectiveness on balance with the potential for abuse and privacy intrusion. You know, the oversight system working like it's supposed to, however imperfectly.
But you don't care about any of this...you have already decided that NSA is collecting everything, everywhere, all the time...even though this is patently illegal and unconstitutional. (Insert, "But the phone metadata collection is unconstitutional!" here. No, it's not, because right or wrong, for better or worse, metadata collection of any kind has been found to not constitute a search under the Fourth Amendment under current law and case law. If we want that to be different, we need to change the law.)
All of the people who give MIT access to their email already gave it to Google, because that tool from MIT supports only GMail accounts at the moment.
I don't think it's apathy, I think it's surrender of the governed.
For example, Congress currently has an approval rating of 7%, and a disapproval rating of 65% (Rasmussen). If there's one thing Americans agree on, it's that our elected leadership is, on average, terrible. And yet early polling suggests that of 435 Congressmen, only about 50 are likely to be replaced.
The fastest-growing party affiliation in America is independent. That strongly suggests that neither major party is representing the citizens. And yet there are only 3 independents holding federal elected office, and 1 of those independents (Joe Lieberman) is really a Democrat in disguise because his party supported him over the candidate chosen by voters in Connecticut in the primary.
So this leads to the argument that Americans are paying attention, think their elected leaders and political parties are horrible, and vote for them anyways because they think the alternatives are even worse.
I am officially gone from
Unless the NSA has the private key for the certificate. There's no need to spoof a certificate if all you want is to listen. Just get hold of the private key, and the data could as well have been sent in cleartext. Since the browser will get the original certificate, there's nothing raising suspicion.
Indeed, even Google may be unaware of the NSA having the key, if they got it through an inofficial way (either bribing/threatening someone who has access to give it to them, or put an undercover agent in to get the key, or maybe even use a not publicly known vulnerability on the certificate generating computer's operating system to break in).
The Tao of math: The numbers you can count are not the real numbers.
One has your consent, the other doesn't?
One needs your consent. One just needs a courts consent.
One has no legal oversight, one does.
The thing I find puzzling about the PRISM uproar is that there's not actually any allegations by Snowden that the NSA ever looks at records without a court order. Only employees with superuser-level access who commit felonies have.
At least there are laws to appropriately punish people like Snowden who step well beyond the legal limits of their roles and violate privacy. Do you think there's anything protecting your personal information at ATT or Verizon from any schmuck who wants to do the same thing? Do you think, even if PRISM wasn't there, that an analyst who is willing to break federal law couldn't do the exact same thing, anyway?
Hell, I'd comfortably argue there is vastly less of a privacy risk having all of that data in NSA systems, than having the NSA one-off requests for each and every bit of data. Assuming an analyst isn't breaking the law, no one but the NSA knows if I'm being investigated. And when it comes to nothing, no one is the wiser. If I happened to be standing too close to a terrorist suspect, and the NSA wanted to verify I hadn't had any contact with that individual, and that request was sent to ATT, my local Telco, maybe my financial institutions -- under a court order, just as legal as with PRISM -- now every one of those institutions knows I was being investigated *and there's no controls about the ramifications of it*. It also reduces the risk of my personal information to social engineering.
Hell, the history of organized crime in the US makes it pretty clear why its a problem for a Telco to know about a wiretap -- because it wasn't at all uncommon to have the telephone engineers who had to do them on the take, not 20 or 30 years ago.
I honestly am baffled how any reasonably intelligent person who has spent more than ten seconds thinking about it is up in arms about PRISM. Its just bizarre.
Interesting points about openness and democratic oversight in government as opposed to the corporate world.
So shouldn't you be up in arms about the lack of both openness and democratic oversight shown in the NSA affair? You can't defend the virtues of one system over another, then turn a blind eye when it reneges on those virtues.
The US isn't a democracy. Its a republic, and the people who have been elected into positions to provide that oversight did. They are elected to make those decisions precisely because the "mindless masses" don't have the collective intelligence to make the right ones. (Like "the best way to do covert surveillance is to make sure everyone knows its happening"!)
Your premise is wrong if it's "government is an entity that follows laws", because this completely ignores the fact that government is made up of individuals, with personal agendas. The data they collect may not be used against you right now, but that's only because you're not in someone's way yet. Once you step into the crosshairs of someone in power, do you still think all that data is innocent and inert? Do you think regulation is going to save you? Are you willing to accept a society where you cannot poke your head up too high, unless you're of a chosen breed and have greased the right palms?
And do you honestly think someone who could bypass the access controls at the *NSA* would have the slightest problem doing so directly with the companies involved? Hell, when younger and stupider, I'm sure lots of people on Slashdot socially engineered their way to getting information they shouldn't have had. Its not rocket science.
If you've pissed off someone who can do that with the NSA, you've probably got bigger problems than the records of your calls to some tranny chatline or something.
One of them was GOSIP. It's been awhile since I tried this. I have a screen shot of one of these somewhere id have to look around to find it. I live in a country that prides itself in being better than china.
...a lot of rich Nigerians, quite a few Viagra and p. enlargement sellers, a number of individuals who know jobs that pay thousands of dollars that you can do from home, a handful of real estate executives, and more.
Could be a republic for you, at least if you are named Lester. Else you just agree with who the Lesters previously choose.
I'm not a semiotician.
But they can't block spammers?
Or botnets?
Corporations don't kill so much people. They just corrupt their governments so they do the dirty work for them. Or just blackmail them, having access to most of world's private mail surely makes it easy.
At least you didn't invoke sheeple
And yet there are only 3 independents holding federal elected office, and 1 of those independents (Joe Lieberman) is really a Democrat in disguise because his party supported him over the candidate chosen by voters in Connecticut in the primary.
My independent views are mine alone. They are unlikely to mesh with the independent views of those other than me.
Not impossible, but I happen to know quite a bit about how Google's private keys are stored and distributed to the front-end reverse proxy servers... and it would be difficult. They'd have to compromise one of a small number of people who would be fairly resistant to the idea.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
> Snowden who step well beyond the legal limits of their roles and violate privacy
Did I miss something? Who's privacy did Snowden violate?
Well it depends if it's 'regular doubling' or 'doubling doubling'.
I just tested it, and an unencrypted search for GOSIP does not redirect to an encrypted session, so no certificate at all. The reason I asked about China is because I think I read something about Google choosing to redirect some searches to HTTPS in order to defeat filtering by the Great Firewall.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Now you too can put a sign on your back that says 'rape me'.
But wait there's more!! Those that rape your identity will find a way to monetize it!!@
and the people who have been elected into positions to provide that oversight did.
Did they? I'd be interested to hear how you know that, given that the court opinions are secret. Is there actually oversight, or are the information requests simply rubber-stamped? We don't know, and that's the problem.
The funny thing about covert surveillance is that you can get a warrant for it. The process is not secret, and it happens all the time. The warrant is then shown in court along with the acquired evidence. That's completely public knowledge, and it hasn't seemed to "tip off" the criminals any. Do criminals not use cars because of license plate cameras, or not use phones because of wiretapping?
The "revealing its existence will compromise security" argument is so wrongheaded as to be laughable.
Everything is better with chainsaws.
so what about MITM?
That's like equating any kind of social situation to rape by virtue of the fact that people are socializing. Government in and of itself isn't a positive or negative thing. It's what these governments do that matters.
I'm not sure if I was clear. I had an addon to force encryption (https anywhere) but my original search got sent through search bar) search in the clear ->requested encryption ->encrypted page and notice of a certificate being changed before its time
At least the NSA says it doesn’t read the contents of your email. Google does, and it admits that it does.
Like I believe NSA does not look at the contents... If it weren't for Snowden, we would still not know about PRISM.
Only if you are a fool.
Shawn, you should probably mention--for those that haven't figured it out already--that you work for Google.
You know, full-disclosure and all that.
Government: Consent? CONSENT? Hahaha, good one!
Governed: Hrmph.
http://en.wikipedia.org/wiki/Niccol%C3%B2_Machiavelli#The_Prince
My independent views are mine alone. They are unlikely to mesh with the independent views of those other than me.
Let's say there are about 15 issues you really care about, and most of them amount to a Yes/No answer (e.g. "Should marijuana be legal?"). That means that on average, 1 in 33000 people would answer the same way you did. Since there are roughly 70 million independents in the US, that means that there's a good chance at least 2000 people agree with you.
I am officially gone from
I mean, seriously... how useful can these association models really be when you get so much Chinese spam and phishing mails with Office attachments every day?
Based on the debates I have tried to have with people it appears to me that most don't have the slightest clue whats going on. They are blissfully ignorant. What's worse, they think they are informed. They will snap to with the latest catchphrase and regurgitate the position from the first paragraph of some hack reporter's article that was on the front page of a mainstream media site and fully believe that it is based in fact and encompasses the whole of the topic. They don't validate sources or positions, they don't attempt to read the view of the opposition (which assumes that they know there IS an opposition). They worship at the alter of Glenn Beck or Rachel Maddow (or insert your activist "journalist") without ever questioning or considering any other possible truth.
The real root of the issue here being that they were never taught how to think. They were merely taught what to think.
"But we have to pass the bill so that you can find out what is in it,..." - Nancy Pelosi
Did they? I'd be interested to hear how you know that, given that the court opinions are secret. Is there actually oversight, or are the information requests simply rubber-stamped? We don't know, and that's the problem.
I can read. Details of the process, as well as the count of times that warrants were issued with and without changes are public record.
and 2000 votes may be enough to elect a new dog catcher.
I have, several times. Perhaps I missed it in this thread. It's on my /. profile.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Already addressed in my comments about certificates and certificate pinning, see above.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Can you reproduce?
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Au contraire. Secret court rulings have confirmed that the US is abiding by the constitution. Please do not attempt to disprove this, as slashdot is not cleared to receive classified information.
Trust the Computer. The Computer is Your Friend.
As a person who lives in Britain. Sometimes I feel not enough attention is given to the international side of the issue. I can now certainly understand why some countries hate the US so much.
The US has violated many other allies' trust, no matter whether the constitution is violated. I have the feeling that the US government is currently run by a bunch of insensitive clods.
That reverse proxy thing reminded me of the addon that pretended to be a transparent proxy, it would send bogus origination ips. You could set it up to use any range of ips. I wonder if that would change a certificate.
At least the NSA says it doesn’t read the contents of your email.
Of course they say NSA doesn't read the contents of your mail or listen to your phone conversations. That's why they hire contractors to do the dirty work.
Stop and listen to what the government officials say and doesn't say. No mention of what the contractors are doing only that NSA isn't reading your mail.
I once worked as a post office counter clerk. It somebody exchanged money and we felt uneasy in any way, we were told to tell them the money would take a week to process. That was a lie. Giving a suspect any clue that they are under suspicion was against the law, and had consequences. So the official printed handbook told us we had to lie, or else. Of course they never used the word "lie" - nobody ever sees their own lies as lies.
We already knew about PRISM since 2006. Or rather, we knew about the giant government wiretapping program that worked in conjunction with telecoms to steal our data. There was a lawsuit and a documentary about the whole thing.
http://en.wikipedia.org/wiki/Room_641A
Snowden isn't a hero. If he only revealed PRISM, I'd root for him, but his disclosures about Stuxnet, hacking against China, etc. make me think that the guy is just a deluded, self-important loon who gives zero shits about America.
A NYC lawyer blogs. http://www.chuangblog.com/
You have to give MIT permission to do it for you. I just visited the page, and I gave a thought or two to giving Immersion permission to do it's thing. I haven't done so. I may, at some later time.
With the NSA, they don't ask any permissions. They assume permission from the government. Sneaking around behind everyone's back, building their data bases, then keeping the data secret.
There is no comparison between MIT and NSA.
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
Nitpick: Government workers are hired, politicians are elected.
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
Do you know him?
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
If you happen to be a member of a conservative group, then the US government has already used the IRS against you. If you were a major contributor to the Republican party, then you have probably been audited several times already.
Wal-Mart can't haul you out of the bed in the middle of the night and hold you for "questioning" just because you posted a video on YouTube. The US Government can (and has). Google can't send a drone to kill American citizens without due process. The US Government can (and has). Apple can't order Verizon to give them access to all phone records. The US Government can (and has).
If you are more scared of private organizations than you are of the government, then you clearly have not been paying attention.
I agree with you, but I don't think the problem is that they were never taught how to think. It takes real effort to keep up with politics and to understand the complex issues. I believe most Americans are just too damn lazy.
It's a community, after all
As creepy as it is, it was fascinating to see that the analysis it ran on my recipients was totally accurate. It knew who people were by how I knew them better than I did. Groups like family were in different colors. It was a detailed overhead view of my little personal electronic world.
Possibly, but that certainly wouldn't be related to what you searched for.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
why is this +5 funny? rape is not a joke
i just saw therapists and none of them ever mentioned anything about murder!
Send therapists back to counseling.
but if they listen to talk radio somehow that's wrong?
if the general populace could vote on every decision with a risky "veto option" by their representative, i think it would illuminate each and every decision and their
nothing would get done, i guess.
you'd also have to deflate the hollywood ego vote back down to the value of one...ah...hell forget i even came here this afternoon.
Are you butt hurt (literally) ?
Why should I trust some guys from MIT with my GMail password?
This.
That?
Take your politically correct ass out of here. People are trying to have a normal conversation. Thank you.
Seven puppies were harmed during the making of this post.
The transmission is encrypted with ECDHE, an Elliptical Curve Diffie-Hellman Exchange. Each connection is encrypted with a separate secret number which is dynamically generated and known only to the endpoints of the connection. The NSA or anyone else might be able to watch all the traffic, but it will still take anyone years to brute force it.
Do you understand how ECDHE works?
Are you really arguing that the analogy between the act of rape and the act of wiretapping is appropriate, but the use of what others interpret as humor is out of bounds?
Please stop trying to constrain our discourse.
Damn! Yesterday I had mod points. You'd have got a +1 funny :-)
"Our opponent is an alien starship packed with atomic bombs," I said. "we have a protractor"
I don't think this has anything to do with Google though, unless I am misunderstanding what you are saying. I also have HTTPS Everywhere installed, I opened up Wireshark, set my filter to watch TCP ports 80 and 443 outbound, and then attempted to reproduce your issue without any success. HTTPS Everywhere caught the connection before it ever left my machine. My first outbound connection was always a SYN packet to 74.125.224.211 on port 443, except in cases where a session remained open when I typed in a new keyword, in that case, the same session was reused. I tried this with several different searches, and immediately after closing and re-opening Firefox without a variance in results.
Maybe this used to be a bug in the HTTP Everywhere add-on, and it has since been fixed? It doesn't appear to still exist though, unless you can provide more details on how to reproduce it.
When I search for GOSSIP using https, google directs me to a results page that has GET data in the url. One of the entries in the get request is: "q=GOSSIP". Im not sure, but I dont think that GET data embeded in the URL is encrypted, just the content of POST requests and the response data from the server. Maybe I am wrong, but I think this shows that it is non-trivial to see exactly what you type directly to search in the https://google.com/ homepage.
I would just like to know why google blocks so many of my search requests while using TOR? Often it will not even let me type into a captcha in order to prove I am human to continue. Is Google worried about the fake top level SSL certs that were handed out improperly and that I may be using an old browser without an updated blacklist and redirected to false search results by a deviant TOR exit node??
because if google wants to be the monopoly search portal, which I think it should want to, then they should support users who do not wish to broadcast to the world which search terms that are entering into Google's search forms.
I don't know anything about interaction with TOR. However, it's worth pointing out that if you're accessing Google via HTTPS (without TOR), your search terms are encrypted in transit.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
I dont think that GET data embeded in the URL is encrypted
It is.
SSL/TLS creates an encrypted stream on top of the TCP stream, and the HTTP data is all transported over that. So URL, headers, body... everything is all secured.
https://en.wikipedia.org/wiki/Transport_Layer_Security
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Well, there you go. With the NRA on our side, we have something to shoot out the searchlight. The thing is this, if the voters remain so easily manipulated by bullshit, then it's time to rethink the validity of majority rule, which under the present circumstances is a dictatorship no better than any other. We should never let our rights be put up to a vote. But since we all got 'mouths to feed and bills to pay', we will continue to appease authority every morning when we go to work.
“He’s not deformed, he’s just drunk!”
Typo. I meant to type NSA not NRA.
Free Martian Whores!
You can make your Gmail (or any other message sent) by using cryptography apps, that can change your message into one that can not be understandable without knowing the key.
I feel pretty sure that cryptography apps that I've found on an Android Market can make my conversations and privacy safe. Try this https://play.google.com/store/search?q=jinvention&c=apps
In that case, use a mirror. Reflect the light back at them. I'm just not interested in all this bleating on how 'helpless' we are. We are not. It is a conditioned response.
“He’s not deformed, he’s just drunk!”
with an unknown target you want be able search content for keywords, phrases or any other exploitable information that would suit your purpose. When key data that you are looking for is found, prism would then create a database on the target (all available electronic data to start with). This database would include all known contacts and provide links to those contacts related to the key information found in the primary search. the user could then proceed to build databases on the primary targets contacts..bits of data are like dots on a piece paper, connect the dots and you build a profile of the target. you should have enough information to approach your target and do what you will.
If they listen to one station, and take anything that station says as the one set of facts, and they vote based on that information alone without ever attempting to validate anything they heard, yes. It's wrong.
If you're too lazy/stupid/busy to educate yourself from more than one perspective, then you are too lazy/stupid/busy to vote. So stop.
"But we have to pass the bill so that you can find out what is in it,..." - Nancy Pelosi
What happens if your crazy brother-in-law's niece recently converted to Islam, and made calls to same mosque as suspect. Upon investigation it's determined that you have been very critical of US government, and have made 67 calls to gun shops, where you purchased several assault weapons, rifles, hand guns and over 5,000 rounds of ammo, and live only 2 miles from elementary school. Suddenly you start to look very suspicious, so your name is leaked to press as "person of interest", lose job and get to stay same place as the terrorist kid that threatened to "eat still, beating hearts".