Time For X-No-Wiretap HTTP Header?

Freshly Exhumed writes "A security blogger, acknowledging that the NSA methodically ranks communications on the basis of their 'foreignness' factor to determine candidacy for prolonged retention proposes, is proposing '...an opportunity for us on the civilian front to aid the NSA by voluntarily indicating citizenship on all our networked communications. Here, we define the syntax and semantics of X-No-Wiretap, a HTTP header-based mechanism for indicating and proving citizenship to well-intentioned man-in-the-middle parties. It is inspired by the enormously successful RFC 3514 IPv4 Security Flag and HTTP DNT header.'"

Asking them nicely will stop help?

The only way we are going to solve this NSA mess is to clean house...and the senate...

Re:Asking them nicely will stop help?

[Oysterville]

Somewhere along the line you were given the incorrect information that the US House and Senate have complete oversight of NSA, when in reality it's more accurately the other way around.

Re:Asking them nicely will stop help?

[Jeremiah+Cornelius]

NSA.

Amerika's blackmail clearinghouse.

Re:Asking them nicely will stop help?

The House and Senate do have oversight of the NSA. If only because they can just cut off funding and fire the NSA at will. That is oversight. If they want the NSA to stop doing something, they have only to tell them to stop and back it up by cutting funding.

Re:Asking them nicely will stop help?

[jonbryce]

They do have the power to reduce the NSA budget to $0, which is about the most effective oversight possible.

Re:Asking them nicely will stop help?

[Z00L00K]

Unfortunately the NSA has enough on every individual in the government to make such a move extremely dangerous for the single individual.

NSA, CIA, FBI and DoD have their own life and nobody that is sane would want to challenge them. We have to wait for the insane savior.

Re:Asking them nicely will stop help?

The House and Senate do have oversight of the NSA. If only because they can just cut off funding and fire the NSA at will.

No, they can't. Our overly corrupt president would simply write one of his "executive royal decrees" to give them all the "emergency" funding they need.

Re:Asking them nicely will stop help?

[davester666]

I believe there are still some spaces available in Gitmo...

And it would give them an opportunity to get a better understanding of the "enhanced interrogation methods" they are so proud of permitting.

Re:Asking them nicely will stop help?

[Pentium100]

And then some information from the NSA servers about the politicians who initiated this would mysteriously find its way to WikiLeaks...

Re:Asking them nicely will stop help?

[fustakrakich]

Oh please, stop with this 'cut off funding' crap. It's a tear drop in the ocean. Most of NSA and CIA funding comes from the transport and sale of contraband, weapons, drugs, any other 'controlled' substance, and money laundering through the banks. Or do you actually believe that the Iran/Contra hearings put a stop to it? They are rogues in every sense of the word, and now they have the power to keep it going indefinitely.

Re:Asking them nicely will stop help?

[schwit1]

I would prefer removing him from office. Impeachment is the bringing of charges. Good luck getting the Senate sock puppets to convict.

Re:Asking them nicely will stop help?

[egamma]

Most of NSA and CIA funding comes from the transport and sale of contraband, weapons, drugs, any other 'controlled' substance, and money laundering through the banks.

Yeah, I just read that entire article, and I don't see a single mention of the NSA or CIA. Do you have any actual citations, or only unrelated ones?

Re:Asking them nicely will stop help?

[lgw]

Congress is nothing if not masters of parliamentary process that obscures who's really at fault for any bill. If both parties wanted the NSA gone, it would be gone, as a rider to the "Declaration that terrorists are bad and pedophiles too" bill, passed unanimously by acclamation.

Sure, there's little a sane single individual in the House or Senate could do, but if the tide of popular opinion turns against he NSA, such that congresscritters left and right were all hearing about it from voters? That would bring real and rapid change.

That's the thing about democracy: it's not supposed to empower individual idealistic crusaders, it's supposed to respond to the will of the masses. You'd think there'd be a better way, but we sure can't seem to find one.

Re:Asking them nicely will stop help?

[reve_etrange]

The House and Senate do have oversight of the NSA

Hmm, I guess that's why after Congress voted down the Clipper Chip, the NSA gave up on all its plans to backdoor domestic encryption software.

Oh wait...

Re:Asking them nicely will stop help?

[HiThere]

When you talk about how democracy is supposed to work, you are corred. Many people do suppose that it works that way.

At least as implemented in the US (and, AFAIK, in other countries) it doesn't.

Re:Asking them nicely will stop help?

[HiThere]

While there is evidence that the CIA has extensive business interests that could support it independent of US funding (not only illegal drug trafficing, but also many legitimate businesses), I know of no such evidence WRT the NSA.

Re:Asking them nicely will stop help?

[fustakrakich]

Sorry, that's classified. Ask again in 50 years or so, preferably before they burn the tapes.

Re:Asking them nicely will stop help?

[fustakrakich]

I know of no such evidence WRT the NSA.

Well... yeah! That would make sense, wouldn't it? It means they're doing their job competently. The NSA itself existed for a long time before the public ever knew about it at all.

Re:Asking them nicely will stop help?

[idontgno]

The NSA itself existed for a long time before the public ever knew about it at all.

No Such Agency.

Re:Asking them nicely will stop help?

[lgw]

That's an interesting claim, but I don't see it. Mostly when people complain that democracy isn't working on some issue, the reality is the majority don't care enough about that issue to change their votes: it's not actually important to people. Democracy responds to what the majority actually finds important, not what small groups think they should find important.

April 1st?

[alexandre]

Someone can't set their date properly? :P

Re:April 1st?

[t4ng*]

The beauty of this is that people who don't RTFA enitrely, will out themselves by complaining how stupid this idea is.

Re:April 1st?

[gl4ss]

OK it's not a stupid idea - it's a stupid joke(and the comment about him forgetting that it's not april 1st still stands).

maybe I should just start adding "X-ILLEGAL-TO-WIRETAP" to my http headers. because if nsa intercepts them they're breaking the law.. if I went and got caught for wiretapping the local american embassy they sure as fuck would ask to extradite me.

Re:April 1st?

[OptimalCynic]

Try X-COPYRIGHTED-UNDER-DMCA instead, and apparently I shouldn't use so many caps.

Almost as good as Evil BIt!

[CrystalFalcon]

Yes, of course!

This is guaranteed to work almost as good as the Evil Bit, an extra field in IPv4 headers where senders of packets indicate malicious intent, so that people administering firewalls can discard such packets if desired.

(The problem in the first place was that the people wiretapping didn't give a shit about rules, etiquette, and being decent. More rules and etiquette aren't the solution to that problem.)

Rick

Re:Almost as good as Evil BIt!

For futureproofing, this should be generalized to an X-No-Evil header, optionally followed by a parameter list of evil the user does or does not want. Should the parameters be a whitelist or blacklist?

Re:Almost as good as Evil BIt!

[MtHuurne]

The "evil bit" is from the mentioned RFC 3514.

Re:Almost as good as Evil BIt!

If the general population doesn't have have guns, then someone who DOES carry a gun, and isn't in a police/guard uniform, must be evil. It makes things much simpler.

Indeed it does. If the bad guy acquires a uniform, he can carry his illegal gun wherever he wants without suspicion.

Oh, you meant simpler for us? Yeah, the world doesn't work like that.

Re:Almost as good as Evil BIt!

[Vlad_the_Inhaler]

The Evil Bit is only defined under IPV4, time to update the specs.

Re:Almost as good as Evil BIt!

[swillden]

Indeed, the author of the article specifically mentions that his proposal was inspired by RFC 3514, which defines the evil bit.

Re:Almost as good as Evil BIt!

[AlphaWoIf_HK]

There is no perfect solution

Indeed, and in the name of freedom, we must accept that there are sometimes casualties.

Re:Almost as good as Evil BIt!

[fuzzywig]

It really does. I live in the UK, this is basically how things work here.

It must work because I've never been shot :)

Re:Almost as good as Evil BIt!

[Samizdata]

And the best part was the spec was submitted by someone from AT&T Labs!

Re:Almost as good as Evil BIt!

[gigaherz]

I'd like to point you are the rest of the world outside your narrow version of the world that's the US.

Out here, we have two kinds of countries: those that don't care to see guns everywhere, and those that are in open war. For most of us, the world DOES work that way. We don't live with the fear that someone will randomly shoot us, because if anyone does shoot, it's NOT random. Said person has a purpose, a goal. And people with a goal tend not to care about little people like me who just live their lives without bothering anyone. That is, as long as we are not in a war.

Yea

[santosh.k83]

It'll certainly flag the packets to NSA as deserving of extra long retention!

You don't beg for privacy

You secure it by force.

Re:You don't beg for privacy

[stooo]

Yes, exactly.
it's more than time for generic and generalized end to end crypto. And for a working web of trust PKI.

Re:You don't beg for privacy

[Jeremiah+Cornelius]

Have fun, when the SWAT team comes. :-)

Re:You don't beg for privacy

[hedwards]

Right, because obviously there's no way of replacing them and the government doesn't have money for bodyguards.

Re:You don't beg for privacy

[Shark]

That's the problem right there though. We'll be expected to cower in fear while our neighbours are being 'disappeared'. I think the founders had a point on guns but they never thought that we wouldn't fight for each other. Yes, the government will always outgun you, their premise was that it couldn't outnumber you. SWAT doesn't go in without an agent/target ratio of about 5/1.

So people may have whatever debate they want on the 2nd amendment, it becomes pretty irrelevant if we all live in isolation. If you really want to fight tyranny, get to know your neighbours and build cohesion within your community. If the time comes when guns are actually useful, fighting alone is pointless.

Sure, we're not quite there yet. Erosion of our freedom still has a long way to go before that kind of extreme, last-resort scenario becomes a reality. I say invest in guns if you want, but don't bother if you aren't willing to invest a lot more in your community first.

Re:You don't beg for privacy

[mjtaylor24601]

With guns.

NOW do you "liberals" and "progressives" understand the 2nd Amendment?

You already have the 2nd Amendment and all the guns anyone could possibly want. It seems to me that it didn't deter the NSA one bit. I'm not sure I see the point you're trying to make.

Re:You don't beg for privacy

[Shark]

'We' are in the same boat as the US, sans 2nd ammendment. Erosion of liberty, expansion of state power and loss of community are fairly global nowadays, just consider yourselves lucky that you have a good constitution to fall back on once the dust clears. The rest of the world isn't so lucky.

X-No-Wiretap

[gigaherz]

Will be a header code that says "do wiretap me, I have something interesting to hide!"

Re:X-No-Wiretap

[Spamalope]

It's like emailing an 'unsubscribe' message to spammers, and will work as well.

Re:X-No-Wiretap

[KiloByte]

It's like emailing an 'unsubscribe' message to spammers, and will work as well.

Actually, it works pretty well. Obviously, you use a spamtrap account rather than your own as the sender. For best effects, make two: aaron@example.com and zzyx@example.com, to ensure your spam filter has a chance to autolearn first (most spammers sort their databases).

Re:X-No-Wiretap

[KiloByte]

You also need to watch what address you actually reply to, some of these spammers are cunning and will set up individual emails to respond to if they are determined enough to confirm addresses.

It's easy to spot these, as they include a long opaque string that either serves as an identifier or has your info encoded in it.

WTF?

[H0p313ss]

No seriously... WTF?

How could this be anything other than a flamebait article Tim?

Re:WTF?

[Gaygirlie]

http://dictionary.reference.com/browse/sarcasm:
sarcasm (skæzm)

— n
1. mocking, contemptuous, or ironic language intended to convey scorn or insult
2. the use or tone of such language

Re:WTF?

[DMUTPeregrine]

Or perhaps the "tongue-boring-through-cheek dept." might give someone a hint that it's satire...

Nope, apparently not around here.

Re:WTF?

[H0p313ss]

Or perhaps the "tongue-boring-through-cheek dept." might give someone a hint that it's satire...

Nope, apparently not around here.

Somehow I missed that. Makes sense now.

I blame sleep deprivation... I'm on my seventh straight day of overtime.

USA citizens safe, not care rest of world??

It is always so irritating to see that this discussion turns into "I am USA citizen, do not spy on me, dear NSA!" What about rest of the world?? How come that in your US centric viewpoint it's all ok to spy on anyone else, just not on US citizens?? What about Europe? Other NATO allies? All ok to spy on everyone else, on your viewpoint!! Love that fat bellybutton of yours!

Re:USA citizens safe, not care rest of world??

[stooo]

>> "I am USA citizen, do not spy on me, dear NSA!" What about rest of the world?

Being a citizen of country X or Y does not change anything, nobody cares in intelligence agencies. Being a citizen gives you no protection.

Re:USA citizens safe, not care rest of world??

Because from a very young age Americans are fed the belief that they are somehow better and more free than anyone anywhere in the rest of the world and that people in other countries have a hard time even conceiving of the true concepts of "democracy and freedom". Those other people are foreign nationals and the ones that don't want to immigrate to America and emulate out way of life must certainly be jealous of it and out to destroy it.

Re:USA citizens safe, not care rest of world??

[eheldreth]

For people in the US they are two very different questions. Domestic spying in this regard is a violation of the citizenries constitutional rights. Foreign intelligence is a separate legal issue though with obviously connected mechanics. Most people int the US would feel it is wrong to spy on the citizens of an allied nation but this is a matter of priorities. Foreign policy can never be fixed so long as internal policy is so uncontrolled. In this case it is likely either the NSA will be scaled back resulting in less capacity for intelligence gathering in general or we will lose any pretext of being a free and functional democratic republic.

Re:USA citizens safe, not care rest of world??

[kthreadd]

Yep. The UK does the same thing. Sweden does the same thing. France do the same thing. I can only assume that pretty much everybody does the same thing.

Re:USA citizens safe, not care rest of world??

[AxeTheMax]

Yes, Americans who think they value their liberty have a tendency to forget that their liberty depends also on the liberty of others. Starting with the slaves who their founding fathers conveniently forgot, now it is terrorists, criminals, citizens of 'enemy' countries, and finally all non citizens. As has been seen recently, spying on non-citizens gives the means to spy on citizens. What Americans have really is not liberty but power, and the Golden Rule (reciprocity) is inessential when you have power.

Re:USA citizens safe, not care rest of world??

[kthreadd]

Ehm no, not at all actually. Americans are of course not "better" or "more free" than anyone else. What do you actually base that statement on? You might confuse better with proud. Most Americans are proud to be Americans. Is that bad? That says absolutely nothing about anyone else.

Re:USA citizens safe, not care rest of world??

[kthreadd]

The majority of people that opposes the NSA spying of course wants the entire operation to cease. I don't understand what some people get anything else from. However, spying on foreign nationals is unfortunately not as tightly controlled as domestic spying. The NSA is forbidden (or should in theory be forbidden) from spying on domestic traffic. It's bad enough that they have been spying as widely as we now know, it's really bad if they actually are breaking the law as well.

Re:USA citizens safe, not care rest of world??

[squiggleslash]

Intelligence agencies have always, always, been mandated to spy on foreigners. (Of course, they've virtually always spied on non-foreigners too in practice.)

Should the CIA and NSA stop spying on Brits, Israelis*, etc? Well, only if MI-6 and Mossad stop spying on Americans. Which they won't.

* OK, I must admit that list is purposely short because I can't remember the names of most of our allies' intelligence agencies. You can fill in the rest though.

Re:USA citizens safe, not care rest of world??

[swillden]

Starting with the slaves who their founding fathers conveniently forgot

They didn't forget them. They're explicitly mentioned in the Constitution. Not in what you'd call a good way, but you can't say they were forgotten.

Re:USA citizens safe, not care rest of world??

[kthreadd]

That's a good way to say it.

Re:USA citizens safe, not care rest of world??

[AlphaWoIf_HK]

Intelligence agencies have always, always, been mandated to spy on foreigners

Irrelevant; we need to stop.

Should the CIA and NSA stop spying on Brits, Israelis*, etc?

Yes.

Well, only if MI-6 and Mossad stop spying on Americans.

We could just stop with or without the other countries. Since we're supposed to be the land of the free and the home of the brave, let's set an example by not spying on countries that aren't even hostile towards us.

Re:USA citizens safe, not care rest of world??

[AlphaWoIf_HK]

Because the US Constitution applies to US citizens

Many parts of the constitution don't distinguish between US citizens and non-US citizens.

Re:USA citizens safe, not care rest of world??

[pjt33]

You're missing the element of reciprocity. The NSA can spy on British citizens, GCHQ can spy on US citizens, and then they swap the data. If you don't want the US government having an end-run around restrictions on spying on US citizens, you need to shut down the NSA's spying on foreign citizens without probable cause, so that they don't have anything to swap.

Re:USA citizens safe, not care rest of world??

[romons]

The USGUMMIT can spy on you, but it can't really do anything to you unless you come here. Sadly, they have all US citizens here already, under their control. If they suddenly decide that they don't like people who wear plaid (and who could blame them?) they can start decrypting orders from amazon, and begin arresting folks who have bought such things in the past. They can't really do that to people outside of the US, since your own gummit would probably object.

And what makes you think

[Kanopy]

the ones that need spying on come from foreign sources? Seriously.

And the rest of the world?

[lurker412]

Few American commentators seem to be questioning the unstated assumption that spying on non-Americans is perfectly OK, even if there is no reasonable cause for suspicion. By that logic, it's perfectly OK for other countries to spy on all Americans.

Aren't we all entitled to a little privacy?

Re:And the rest of the world?

[BitZtream]

We accept that if we enter your country, you might spy on us. When your data enters our country, we might spy on you. Facts of life. As American's 'thats the way its been'.

Of course, as we're seeing, thats not the way its been, but thats the way it was supposed to have been before they found a Hadoop cluster to process the data for them and spy on everyone.

Keep your data within your own borders, then you have a much easier challenge in obtaining privacy. In theory anyone, obviously, in practice we're fucked until we get rid of congress and the supreme court and replace them with people who are actually afraid of the public and the consequences of their actions coming back to haunt them.

First step: Public hangings for politicians who lie to the public for any reason. As judged by randomly selected citizens ... They don't get a jury of their peers since their peers just let them off with a free pass in exchange for the same favors.

Re:And the rest of the world?

[Frosty+Piss]

Few American commentators seem to be questioning the unstated assumption that spying on non-Americans is perfectly OK, even if there is no reasonable cause for suspicion.

I don't know that this is true at all. What I suspect is that most Americans simply don't care. The Snowden Affair gets a lot of press, but that press gets very little traction except with a minority of Americans, which the rest think are wearing tin-foil hats.

But here's another thing to remember: Some Americans may be fixated on the idea of spying on Americans for both selfish reasons and also the fact that the NSA specifically isn't supposed to spy on Americans.

Re:And the rest of the world?

[Arker]

It is a sad and shameful fact of American society that we have become more, not less, tribal since the Constitution was written, and a large number of us today do not seem to understand that other people have rights to.

Re:And the rest of the world?

[pjt33]

So the only way to even have a reasonable assumption of privacy is to forego all communication with people from other nations? To close ourselves off from other cultures and hunker down in our fragmented fortresses? What a waste of potential!

Re:And the rest of the world?

[AlphaWoIf_HK]

We accept that if we enter your country, you might spy on us.

I accept that they might spy on me, but I don't accept that it would be moral for them to do so.

Re:And the rest of the world?

[Ken_g6]

Few American commentators seem to be questioning the unstated assumption that spying on non-Americans is perfectly OK, even if there is no reasonable cause for suspicion. By that logic, it's perfectly OK for other countries to spy on all Americans.

Furthermore, we assume that it's perfectly OK for America to share its intelligence with other nations and for other nations to share their intelligence with America. By that logic, it's perfectly OK for America to spy on everyone, as long as it's not technically Americans spying on Americans.

Hilarious

[houbou]

We are expecting people who bend the rules to play nice.. Slick.. real slick..

Re:Hilarious

[Gaygirlie]

I would like to introduce you to my dear friend, sarcasm (skæzm):

— n
1. mocking, contemptuous, or ironic language intended to convey scorn or insult
2. the use or tone of such language

Do you think this will stop NSAGul Black Riders?

[Jeremiah+Cornelius]

They are already deliberately violating the law, with impunity. They compromise your security at every step. Adding un-encrypted metadata to your traffic will only:
1 - ID you for possible actions by later custodians of this information
2 - Acknowledge your silent submission to the fact of universal collection as a normative state
3 - Divert efforts from real crypto-countermeasures

People need not to give NSA their complicity and assent, but to resist, and applaud every time somebody manages to FUCK UP their mission.

Yeah that will work

[Dunbal]

When confronted with a government entity that believes itself to be above the law and is routinely breaking the law, yeah, asking them not to hold on to your data. That will work. Right?

Because no one would lie

[WOOFYGOOFY]

Because no one would lie and terrorists are always foreign?

If we're going to solve this problem, let's state it clearly.

Small groups of people, with a limit now tending towards one, are acquiring the ability to inflict damage, now tending towards death, on larger and larger numbers of people, now tending towards everyone.

How can we stop them before they do that ? How do we need to arrange or change the things ion the world so that that never happens?

All of this Snvowden, NSA, War on Terror, WMD al Queda stuff flows directly from that basic fact.

We're never going to be in agreement on what to do until we're all on the same page as to what the problem really is. That's the problem.

Really, I don't see a solution outside of genetically engineering people so they don't want to do that. Religion doesn't work (fundamentalism of all kinds , Islamic and Christian) . Providing people with stuff and money doesn't work (bin Laden), education doesn't work (Pol Pot) democratic institutions don't work (Timothy McVeigh) . Maybe those things reduce the probability, the sheer availability of accomplices to a Pol Pot or a bin Laden. At best that buys us time.

I am not saying genetic engineering is what we should do. I can't even say that it will work, but that and making the creation of an equitable and fair world a top priority (as opposed to our current one- making small numbers of people very rich) are our best bet as far as we know.

Re:Because no one would lie

[WOOFYGOOFY]

" Phrases like that are just idiot scaremongering. What could one hacker accomplish? "

Depends what they're hacking , doesn't it? If you're hacking a computer, then, who knows really.. I'd have to work it out and have access to the data to work it out.

If they're hacking viruses OTOH then we're talking about something of a potentially unlimited death toll. I am sure you think about computers and hacking all the time like most people here. I invite you to venture outside your chosen area of specialization and have a gander at what is going on in other fields, what type equipment is needed to be productive in those other fields and what the implications of those two things could be if there were such a thing as a biological / genetic black hat hacker.

As far as stats goes, I have good reason to have confidence in my analytic skills. The fact is, there is nothing in any corpus of events which can be classify as "terrorism" , neither its frequency nor type- which can be used to infer anything at all about either the likelihood of a attack in the future or what the potential magnitude of the effect could be.

The later is a technical question and the former is locked entirely within the hearts of the terrorists themselves.

Me! Me! Pick Me!

[shawnhcorey]

Using an X-no-wiretap header is like putting your emergency flashers on when illegally parking. http://www.youtube.com/watch?v=CIcHXgY0KKo

"Please don't wiretap me"

[Horshu]

"Duhhhh, umm, OK."

Survey Form

[Tablizer]

Somebody check-mark the "Crazed Bomber" box just to see what they do.

A Modest Proposal

[mthamil]

The number of commenters failing to understand that the article is satire is staggering. Hell, look at the "department" the article is from.

Re:A Modest Proposal

[St.Creed]

It is very likely because of the 1:1 relationship between people who do not RTFA.

Once they're done cracking my TLS packet?

[bill_mcgonigle]

If you're concerned about privacy and NSA can see your HTTP headers, then you're holding it wrong.

Stupidest idea ever

[msobkow]

If you're not tracked by the NSA, you're tracked by some other nation's spy agency.

Headers are only voluntary.

So what, precisely, does this "new header" gain anyone except a circle-jerk of self-congralatory "we did something"?

Re:Stupidest idea ever

[msobkow]

Well the whole thing is just a tongue-in-cheek spoof, not a real proposal.

But that doesn't change the fact that any header-based approach presumes something that leads to a huge gaping flaw:

What makes you think the NSA is going to respect a voluntary protocol when they don't even respect the law?

Re:Stupidest idea ever

[fuzzywig]

So what, precisely, does this "new header" gain anyone except a circle-jerk of self-congratulatory "we did something"?

It gave the rest of us a good chuckle when you failed to notice that the article was a joke :)

Re:Stupidest idea ever

[GrahamJ]

A good laugh?

Fourth Amendment

[saleenS281]

Remind me again where in the fourth amendment it says we only have protection against unreasonable search and seizures for information not crossing international borders?

And what on earth makes you think they'd honor these flags regardless? They've already proven they don't give a shit what the laws are, they're just going to keep doing whatever they want. Notice after a bunch of noise early on, the media and congress quickly moved on to Syria without so much as even publicly addressing the issue beyond saying "we expect them to follow the rules" - and by that they mean we expect they'll keep right on doing what they're doing.

Re: Obama Fellatio HQ

[fritsd]

It's difficult to understand your rant.

So, you hate socialists. Fine. That's your opinion.

But then you go on about Obama and "leftist cabal" and "the socialist lot are pissing on the Constitution".

To me, this means that you are talking about USA politics and name-calling the USA Democrat party as "socialist".

That doesn't make sense in the normal way the word "socialist" is used. The USA Democrat party is very right-wing. The USA Republican party is "bat-shit crazy" extreme right-wing. We outside the USA almost never hear about the left-wing or socialist parties and politics of the USA.

I have heard that you have a Green Party, used to be chaired by the famous Ralph "Seat Belt" Nader, now run by a lady named Cynthia McKinney. She's probably left-wing.

But if you want to see real socialist parties in action (4.5 % of the parliament), read here:

http://www.guengl.eu/group/delegations (I was going to send a link to SYRIZA.gr but my Greek is so poor I couldn't even find an english language link)

Oh yeah, and "Slashdot the echo chamber of socialism" ... LOL!

Dangerous Crypto mistake - my testing results

[Freshly+Exhumed]

When I saw that this proposal "deprecates all the SSL/TLS ciphers in favor of Double CAESAR’13" (a.k.a. ROT-13) I knew it was going to be great. BTW, a big shoutout to my friends over in the Caesarian section! Okay, so I needed to run some sandboxed tests first. After using Double ROT-13 everything was going perfectly, according to the spec, but I decided to gamble on TRIPLE ROT-13. Big mistake. Don't do it! All I ended up with was a bunch of gobbledegook that I couldn't work with anymore, so I had to just delete everything and start all over again. Don't use TRIPLE ROT-13!!!!!!!1

I wish I could have been FP to warn everyone. I'm glad this proposal sticks with Double!

Re:Dangerous Crypto mistake - my testing results

[Culture20]

Your mistake was in not doubling the triple. Always use triple rot-13 twice. It's sextuplely encrypted and you can use it easily.

Wow.. just wow..

[somepunk]

I thought I'd RTFA before leaping to judgment here. It's brilliant. The proposal is to send your full name and SSN in cleartext in the HTTP headers! I kid you not. There's a couple paragraphs of attention paid to the obvious questions, which basically amount to "don't worry, it'll work out for the best in the end!" To quote:

When what's at stake is the American way of life, it's easy to put aside things that don't really matter.

Which is right up there with "think of the children!" as a strong symptom of frontal lobe disengagement.

Re:Wow.. just wow..

[St.Creed]

Congratulations, you RTFA'd. That's 5 points right there. However, you didn't click on the links, and you missed several of the pretty obvious signs that this was satire. But you get another point for replying with legible comments.

All in all, I give you 6 out of 10.

On the other hand, the article is a rather nice example of why Poe's law is valid.

Indicating Citizenship?

[Toad-san]

Oah yes, I am completely American, absolutely, you betcha! Mom and apple pie, verry good. Uncle Sam, hooray! I will be doing this for you every time, so you will be verry satisfied with this service.

Re:Do you think this will stop NSAGul Black Riders

[St.Creed]

Yup, but if you only skim the article, it's a blatant application of Poe's law.

Re:Do you think this will stop NSAGul Black Riders

[TCM]

Liberties going down the drain, secret laws, secret courts, secret prisons, killing people without any trial, but at least we still have stupid nerd jokes in the form of funny HTTP headers.

Haha, I'm so not laughing.

X-No-Route-US

[presidenteloco]

Header is read by smart switch/routers and they ensure that the associated packets do not get routed to any US-addressed (or US-puppet-addressed) host or router.

To do this one properly, an AVOID_US bit in the IPV6 packets should be used instead.

 

Re:Default?

[wed128]

Hint: no-one wants to be wiretapped.

Re: Obama Fellatio HQ

[presidenteloco]

At the risk of continuing your flamebait session, I think we can summarize your post by quoting the first two words of its last line:

"I hate"

X-Copyright-2013

[CanEHdian]

It's easier to insert an X-Copyright-2013 header; if the NSA decides to infringe on any of our literary works, it'll be $150,000 a pop. Not that they can't afford it...

WTF

[joseph90]

I presume this is a joke.

Re:WTF

[fuzzywig]

Congratulations! +1 internet to you. What gave it away?

(no really, you should feel proud, reading the other comments it seems that a whole lot of people can't spot a joke even when it rubs ROT13 in their faces)

Re:Do you think this will stop NSAGul Black Riders

[Concerned+Onlooker]

Well, then, I suggest we invoke the other Poe's law: Nevermore!

Re:Wrong date

[DoninIN]

We should also ad an X-do not oppress field to everyone on Earth's birth certificate or equivalent? That way if they don't want to be oppressed, they can just say so, and surely oppressive governments will abide by the rational, peaceful and nicely expressed desire of their citizens to be, or not be oppressed. Right?

NSA thinking

[jaxxa]

You are marking your traffic that you are an American Citizen and don't want to be monitored. What do you have to hide? That sounds like something a terrorist would say. Time to monitor every piece of traffic with this header, thanks for flagging when you have something to hide.

You secure it with Crypto, not Guns.

[billstewart]

You and your friends don't have enough guns to outgun the NSA (who are typically not armed), much less the FBI, Pentagon, and Copyright police. If you want your data not to get wiretapped, you need to use crypto, end-to-end, and use various traffic analysis obfuscation services in the middle, and get enough people doing it to have some actual cover traffic (because being the one person using an anonymity service doesn't do the job.)

Big Government is a Right-Winger thing

[billstewart]

Look, you right-wing trolls like to talk about how liberals and progressives want big government, but we're dealing with Bush's Homeland Security Mafia here, and the right-wing Drug War, and the right-wing Big Military-Industrial-Complex which goes conquering other countries on behalf of Big Oil and Hating Foreigners. And you guys talk about "Intellectual Property" like it's as sacred a thing as owning real dirt property that we stole from the Indians, so the Copyright Police are as much your fault as they are the liberals' fault. And if Obama were actually a liberal, we'd have some Hopey Changey Stuff and the warrantless wiretappers and Gitmo torturers would be in jail, instead of him telling his Justice Department to defend the Bush Administration policies.

X-Don't-Wiretap-Me-,-Bro!:

[billstewart]

Yeah, that'll work.

Protecting your messages with crypto is a start, and using traffic mixers like Tor and Mixmaster to resist traffic analysis, but it's a hard job when the Bad Guys have Moore's Law on their side and unlimited unaccountable budgets and politicians who want to keep it that way.

a "well intentioned man in the middle party"

[lee+n.+field]

Is there such a thing (this is a rhetorical question) as a "well intentioned man in the middle party?

Done!

[GrahamJ]

Just added this to my client's AJAX function for fun :)

Re:Do you think this will stop NSAGul Black Riders

[nobaloney]

How do we know they're violating the law? We have no dea what the secret security courts may have given them permission to do.

If I were running NSA the first people I'd look at would be the ones including the header.

Re:Do you think this will stop NSAGul Black Riders

[Jeremiah+Cornelius]

Secret security courts are themselves, illegal.

Fact on the ground? Yes. But? You cannot vote simple laws to violate Constitutional violation. That requires the Amendment process. Yes. This extends to Congress delegating their powers of coinage and exercise of war. Not legally possible without Amendment.