Slashdot Mirror
Snowden and the Fate of the Internet As a Global Network
Hugh Pickens DOT Com writes "John Naughton writes in the Guardian that the insight that seems to have escaped most of the world's mainstream media regarding the revelations from Edward Snowden is how the US has been able to bend nine US internet companies to its demands for access to their users' data proving that no US-based internet company can be trusted to protect our privacy or data. 'The fact is that Google, Facebook, Yahoo, Amazon, Apple and Microsoft are all integral components of the US cyber-surveillance system,' writes Naughton. 'Nothing, but nothing, that is stored in their "cloud" services can be guaranteed to be safe from surveillance or from illicit downloading by employees of the consultancies employed by the NSA.' This spells the end of the internet as a truly global network. 'It was always a possibility that the system would eventually be Balkanised, ie divided into a number of geographical or jurisdiction-determined subnets as societies such as China, Russia, Iran and other Islamic states decided that they needed to control how their citizens communicated. Now, Balkanisation is a certainty.' Naughton adds that given what we now know about how the US has been abusing its privileged position in the global infrastructure, the idea that the western powers can be allowed to continue to control it has become untenable. 'Why would you pay someone else to hold your commercial or other secrets, if you suspect or know they are being shared against your wishes?' writes Neelie Kroes, vice-president of the European Commission. 'Front or back door – it doesn't matter – any smart person doesn't want the information shared at all. Customers will act rationally, and providers will miss out on a great opportunity.'"
Something to actually use.
*As long as that speech falls into the category of things that benefits the U.S. government.
Don't forget to return HTML/WWW to CERN first. Then you can talk about 'very little outside help'.
It's always been the elephant in the room. The only new thing is that it has become obvious to a larger number of people that encryption isn't just an "in case" precaution. Anyone who knows anything about the way the Internet works has been aware for years that nothing is secure unless you both encrypt it and control the only means to decrypt it (either by encrypting it to someone's public key whom you trust or by encrypting it for your own secure decryption later).
So again, the only real change is that the tinfoil hats were verifiably right for once. The question nobody seems to be answering is, what (other than nothing) will the general public do about it? The answer to that is, only as much as they are forced to.
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
And we Brits want our Turing Machines back!
Is there really anything worthwhile on the non-Western Internet, at least from the perspective of most Westerners?
I know I couldn't care any less if I could no longer access Russian or Chinese websites, for instance. Due to language differences, they're already pretty much useless to me. I know this also holds true for most Americans and Australians, and many Europeans, too.
Yeah, I know, there are probably a small number of expats and academics who find some use in such information, but there aren't many of them. Aside from them, I don't think that Westerners in general would really miss those very foreign parts of the Internet if they suddenly disappeared.
I don't know why this is a surprise to anyone out there. The internet was never a secure place to store any information, or discuss anything. Putting something in "the cloud" is like putting on your front porch. When is the general public going to realize this? Google is giving you email for free, do you really think no one is reading it?
If a citizen of the United States is not committing a crime, then why does the United States Government need to know the full text of everything that he reads and writes on the Internet?
That's not a concern. That's just a paraphrase of "if you're not doing anything wrong, you have nothing to hide."
If one is still asking that question at this point, when it has been answered a hundred ways on a hundred days, then he doesn't care about any answer, and will continue to dismiss it.
IMHO, the author's conclusion is a bit overly dramatic. I think a more realistic conclusion is a gradual fade out of cloud computing and cloud storage. Business and people will be more inclined to keep their private data on local, closed systems now because they no longer trust the government not to stick their nose in where it doesn't belong. How long will it be before the same effect happens to socialized medicine? Would you trust the government not to use your medical status against you?
I've got nothing to hide, so there is no reason to look. Should work both ways.
What is not illegal now might become illegal in the future.
http://en.wikipedia.org/wiki/Persecution_of_homosexuals_in_Nazi_Germany_and_the_Holocaust
... is that, either literally or metaphorically, it's vulnerable to someone holding a gun to your head and demanding the key. We're seeing this (the literal version) in the USA already. I agree with the thesis of the original article: The farther you can keep your data from USA-entangled entity, the better.
This is why:
"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
Long story short? Unless the government has demonstrable cause to read/know the full text of "everything", it's none of their fucking business.
Quo usque tandem abutere, Nimbus, patientia nostra?
Substitute government with your neighbor. Does that clear things up?
In particular, government, being comprised of mere human beings, should (logically) not be trusted with any more power than the average human being.
Most people won't really care/comprehend much past the drama generated around the whole thing. In the US, Reality TV wins, everything else is lucky if it gets a confused, apathetic nod. If it's more work than walking to the checkout line at a Walmart, people just won't do it.
Join the Slashcott! Feb 10 thru Feb 17!
It's still a global network, and will continue to be a global network even if it's balkanized. Your business network is part of "the Internet" even though it's protected by a firewall. You might use different servers and services, but it's still all connected.
The Internet has never been so uniform a thing as what this summary implies. Different countries have been filtering access, providing different services, etc. Even in cases where access is unfettered, there are still language barriers, cultural barriers, an geographic barriers. I don't access Russian sites and services very much because I don't speak Russian, I don't live in Russia, and I'm not Russian. But we can still access many of the same sites, and we can still send email to each other.
Von Neumann was born in Hungary; he moved to the US in 1933. Einstein was a German; he moved to the US only in 1933, decades after he published his famous relativity theory in the 1910s. Now, if we were to follow your logic and only those countries where technology x was invented can use this technology, then the US would still be a well.... hunter-gatherer society. You can attribute many 20th century inventions to US citizens, but they tend to build on earlier industrial revolution technology. And where did that happen? Right, in Europe. Now, take your nationalistic bullshit, and put it up your ass. Technology is for all of mankind.
The key here is trust. Before people might have said, 'Well AWS, Google, Microsoft won't cave because it would hurt their business models." But now we are even asking if the chips themselves might have back doors. So I suspect that now people are looking at their infrastructure and saying, "Trust nothing" Thus you design your infrastructure to assume that nearly everything is compromised.
But this brings back a new tool into the tool into the toolbox. Security through obscurity. The idea is that if you are using well known protocols and systems then the voracious data monsters may very well have ways to tap into them. But if you adopt the weirdos then you might very well avoid easy data loss. These can be layered. So you might use SSH(or some VPN) for the outer layer but underneath you might even use some homebrew encryption. As everyone knows the chances of getting your own encryption right is low but it takes you out of the realm of automated data harvesting. Some group of humans have to now pick through your protocol and crack it. Then you just keep making regular tweaks to your protocol, not to make it better but to change the weirdness.
But this whole thing is a huge opportunity for a country with good privacy protections. A whole industry of secure routers and whatnot could be created that people would trust. I would infinitely prefer a router from an Icelandic(designed and built) company than a technically better router from Cisco (designed in the US and probably made in China).
Also this is where opensource is going to get a whole lot more interesting. Tools like Skype would be better trusted if the code was opensource (they can still retain the copyrights and say, you can poke through it and compile it for your own use but not modify and distribute it). This way when the NSA demands a back door. Skype can say, "No problem but people will discover it in 5 seconds." On top of that it would be great if tools like skype had better plugins for things like encryption and comm. This way you could download 3rd party tools all day to keep shaking things up. Your buddies would have to have the same plugin but among friends or corporations this would not be a problem.
The ideal setups would allow you to know that your ISP was compromized, your software provider was compromised, and the feds hated you, yet you could still use the Internet in complete privacy.
Personally the only security I would trust if I were wanting perfect secrecy would be one time pads. By hand I would deliver one time pads to my trusted companions (divided into slices and delivered by multiple trusted couriers) and use only those for communications. The occasional HD should suffice for nearly all communications. Also the machines being used for communications would not be networked. You would take the transmission from an (assumed compromised) machine, put it on a storage device, then read it on the trusted non-networked machine using the matching one-time-pad, prepare an encrypted response, and then put it back on the compromised machine for sending. Good luck back dooring that setup.
The issue here is in part interpretation of the 4th amendment, in part the fact that "meta-data", whatever form it takes, has long been viewed as not being considered "personal papers" and in part it's irrelevant to the large mass of humanity on the Internet. Even if you win the battle in the US and meta-data is either constitutionally protected, it doesn't help much if a US ally doesn't have such stringent protections. A major aspect of what Snowden's leak revealed is that the US and its allies shop the data around, so that if the US can't read an email because it is nominally obeying the 4th Amendment, no problem, the UK will happily do it.
The world's burning. Moped Jesus spotted on I50. Details at 11.
Good god, how did this get modded up? The way to deal with a globalization and the myriad cultures on this planet is to stick you fingers in your ears and avoid anything that doesn't interest you directly? How many expats, or 3rd or even 4th generation folks do want access to that? How many "academics," which apaprently to you means "anyone with an interest in a culture I don't care about?" Probably more than you think.
Battle of Athens
I think it will be the end of "social networks" and return to the Internet, which based on open source technologies.
The approach - "trust me, trust my closed binaries, as I am good guy" - is over.
I expect clearer interfaces, as people will not trust convoluted websites and OSs anymore.
It could be a chance for small and medium companies from all over the world. Why, for instance, to have one Skype when we can have several competing clients talking via open protocols.
If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him.
You can tell your relation that the main flaw in her thinking is that she presumes herself 100% legal. The basic reason NOT to allow the government to collect this data is that everyone breaks the law all the time, simply because the law is so complicated, and sometimes unjust (oppressive). Anyone who has private communications exposed becomes a low-hanging fruit for the prosecutors. The public does not benefit from prosecution under irrelevant and/or unjust laws, and the negative outcome is huge: more abuse of power, and a slide towards a police state.
The most ironic and insidious part of this whole mess is.. They got us to pay for the surveillance network above our taxes. They got us to pay for the cable lines, they got us to pay for the websites, they got us to pay for Windows, they got us to pay for iPhones and Android phones, they got us to practically beg for all of it and take our money.to build our own cages.
"Battle of Athens"
End result? Business as usual.
You were saying?
The government has thrown out the constitution, and voters approve. The end...
“He’s not deformed, he’s just drunk!”
There are no innocent people.
There are so many laws today that you've probably committed six crimes before breakfast. If laws were actually enforced, not only would everyone be in jail, but they'd rapidly discover that the laws are so inconsistent that they can't even tell whether or not some things are crimes.
Look, it's not just the US that does this, it's every developed nation. The UK does it the EU does it the Far East and Middle East nations do it, no there's no escaping it.
Why do they do it? National security- same reason the US does it.
Fact: the internet is how non-state actors plan their violence, raise their money, spread their vision, do reconnaissance . Of course it gets state scrutiny- as much as the state can bring to it.
The reason that's a Big Deal in the news now is because the U.S. government appears to be contravening the US Constitution's Fourth Amendment and lying about it to the American people, and purely instrumental John Yoo-style of "findings" does not count as "lawful".
It's pretty clear to all Americans that their internet searches, their contacts, the time place and duration of those contacts qualify as their "papers" which the Constitution expressly says shall be free from unreasonable search and further that capturing those and rifling through them, analyzing them, drawing conclusions and inferences about the people behind them and then indexing all that away under the key Smith, John , well that's pretty much the definition of "search".
To Americans, myself included, that's a big fucking deal and something that needs to be publicly, seriously and and in a sustained and methodical way considered with the goal of reaching a consensus about how we should go forward.
The government ignores this at their own peril: the terrorist have as their explicit goal to provoke reactions from the US government which de-legitimize that government in the eyes of its own people. They intend to do this and it's their greatest and perhaps only real weapon.
The purpose of doing that is divide the nation against itself and thus generate home-grown discontents which they can cynically join in a common cause (hating the US government). One of the reasons we haven't been hit the way the UK and say Spain have been is because, aside from sleeper cells composed of foreign nationals, al Queda is having a tough time finding Americans who want to support them locally.
Provoking such responses from the US government also serves to undermine the US government's legitimacy with their foreign partners by de-legitimizing the US with those nation's citizens.
So far, they're winning. They won with Abu Graib (thanks Cheney!!!!! Thanks Yoo !!! ) . They won when they turned the Depatment of Justice into a made-to-order *legal* sausage factory , thanks to Yoo , Cheney, David Addington Jay Bybee and Alberto Gonzales.
Now they're poised to win again with this shit. This time it's structural. As one of his first official acts, Obama nullified and set aside all of messy diapers John Yoo left behind in the DoJ. But this time, it's all going to be carried forward.. it's going structural folks. You need to take this seriously.
This is Obama's legacy. This and what he does about climate change are the things history will judge him on, Obamacare is small beans in comparison.
At this exact moment in history Snowden has given him something no one could have foreseen- the perfect excuse to engage the nation in a meaningful debate over complex and fast changing relationship between personal privacy and national security and the 4th Amendment.
It's been presented to him on a mother fucking silver platter, and is he going to engage the nation like a goddamn motherfucking leader and bring us, together, as a nation, as Americans into a shared and accepted understanding about this issue strong enough to take us forward into the next century or is he going to blink this nettlesome thing before him away and let mere circumstance, some random future chain of unfortunate events decide the issue for us in a way that is incoherent, chaotic, instrumental and divisive?
Which is it going to be, Mr. President? This is an issue that is all, and only, up to you.
That's the REAL issue that no one in the main stream media is talking about.
This is why:
"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
Long story short? Unless the government has demonstrable cause to read/know the full text of "everything", it's none of their fucking business.
Government's trump card: National Security Letter
The People's trump card: Constitutional Supremacy Clause
The Government declared the Constitution of the United States of America as a "worthless piece of paper".
Considering that "worthless piece of paper" is the only document that actually authorized a federal government, I'd say that's a really bad idea on their part.
An enigma, wrapped in a riddle, shrouded in bacon and cheese
Let me get this straight. Did you really just say that, because you believe that "most people" lead a one-country/one-language existence, I'm obliged to give up the global life I've led for most of the last 30 years?
Just who the hell do you think you are?
Il n'y a pas de Planet B.
I would assume you meant to say 'sign with your private key'. As noted above, encrypting with the private key so everyone can decrypt it would be pointless. However, if it was signed, it still serves are purpose as you could be ensured of the author of the message.
If you really wanted to encrypt the content of the message between parties you would always use their public key to encrypt, then only they could decrypt with their private key.