Slashdot Mirror
Schneier: The US Government Has Betrayed the Internet, We Need To Take It Back
wabrandsma writes "Quoting Bruce Schneier in the Guardian: 'The NSA has undermined a fundamental social contract. We engineers built the internet – and now we have to fix it. Government and industry have betrayed the internet, and us.
This is not the internet the world needs, or the internet its creators envisioned. We need to take it back.
And by we, I mean the engineering community. Yes, this is primarily a political problem, a policy matter that requires political intervention. But this is also an engineering problem, and there are several things engineers can – and should – do."
Demand IPv6. Yell at your ISP. At least ask for it and tell them how important it is. With IPv6 people can start running own servers and more P2P stuff. The Internet before the last 10 years worked that way and it was good. The "Internet" of today is centralized and that is a major problem. No wonder it's easy for Intelligence agencies to do what they are doing if the only thing they need to do is attack 10 or 20 corporations to succeed.
Teach people around you about technology, encryption and how the Internet works. Give them an image of how their clear-text messages hop around and where they land and what happens to it when it does.
Don't be ignorant and don't say stuff like "well, I've known it all the time - I don't have anything to hide anyway so I don't care". Are your really sure about that? Do you know how your life will look like in 10 or 20 years time and how the political climate will look like where you live at that point?
Support organizations fighting for your freedom - I don't care if it's EFF, FSF, Pirate Party or something else. There are people willing to take on the big guys for you when you are not, but they can't do it without your help.
Just wait until the character assassination begins for Schneier too. He's been taking very strong positions, I'm waiting for a photoshopped picture of him fucking a sheep to be released on the Internet for the whole world to see. Pretty soon, he'll be living in a South American country's embassy.
All fair points. Gag orders are gag orders however and they do not care for big famous names. If it does not have peer reviewed source code hanging out there - how can we trust it especially given this latest bombshell of a revelation showing just how far they are willing to go to "undermine the social contract" of the Internet?
Peer review is no panacea. I'm not going to argue against open-source, but open-source is at significant risk too. You can't pull an _NSAKEY but with the resources available to the NSA it is no big feat to weaken an implementation in a non-obvious way.
Silent Circle's approach is that they sell their software to the US and UK government. If the NSA were to require them to install a secret backdoor then the NSA would be compromising the security of all of their government customers because they don't sell two different versions of their software, it is the same for all customers.
When information is power, privacy is freedom.
The exact same process has been going with doctors (The Red Cross, Doctors without borders, World Polio programs etc.) being used as cover by intelligence services and special forces. This practice is forbidden by the Geneva conventions, and now real doctors working in war zone's are being treated with suspicion at the very least, or shot on sight at worst.
"Ah, arrogance and stupidity all in the same package. How efficient of you!"
"Kill 'em all and let Root sort 'em out"
That's what I'm hoping, but also wonder if the deployment of fast net in the US is being deliberately crippled so the NSA can keep up with it. "You can't install that tech until our capacity is up to speed" If everyone has 1gb connects to/from the net, and decent encryption is used on everything moving up and down the pipe, even the NSA would have trouble keeping up to speed on it all. Everyone would/could be running various TOR (and whatever comes next) to make it a moving target. But for now.. speeds what they are, it's got me wondering. The tech's there, other countries have deployed it, as well as breaking the internet, is it also slowing it down for US citizens to facilitate spying?
Waiting for an amusing sig.
Open Source is really tricky to do well and make money from and sometimes it is just not a viable business model.
Agreed, but the counterargument is that if it's closed source, you can't trust its security, and nobody should really trust it anyways. Why would I use some security software if it may well be carrying around an NSA backdoor? Why should anyone pay for it?
Once you close the source to your security product, you effectively have no product anymore. Open source is not 100% bulletproof, but closed source is by this point bloody close to 0%.
I have left slashdot and am now on Soylent News. FUCK YOU DICE.
I worry more about the NSA putting something in the binary on popular linux distributions. If they modified the c compiler to put backdoors in the programs it creates it would be very hard to detect. The backdoors would not be in any visible source code but would magically get inserted during the compilation, especially the complilation of a new compiler.
Does anyone know if anyone is actively looking for that type of exploit?