Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Silicon Valley Helped the NSA

Posted by samzenpus on from the with-a-little-help-from-my-friends dept.

theodp writes "The U.S. tech giants' pledge to up their privacy game in the wake of reports that all-your-data-belong-to-the-NSA rings a little hollow to Abraham Newman, who reminds us that such protections run counter to the business model and public policy agenda that tech companies have pursued for decades. 'For years,' writes Newman, 'U.S. information technology (IT) firms have actively backed weak privacy rules that let them collect massive amounts of personal data. The strategy enabled the companies to work their way into every corner of consumers' lives and gave them a competitive edge internationally. Those same policies, however, have come back to haunt IT firms. Lax rules created fertile ground for NSA snooping. In the wake of the surveillance scandals, as consumer confidence plummets, technology companies' economic futures are threatened.'"

29 of 163 comments (clear)

  1. Strange by Anonymous Coward · · Score: 4, Insightful

    How all of us were "ok" with the companies collecting this information. When an intelligence agency combines this info, we suddenly scream for privacy. I'm scared enough that google accesses my Gmail content, and Apple my iMessages and contacts.

    1. Re:Strange by mrbluze · · Score: 3, Informative

      When the telephone was invented, it was obvious to all and sundry that it was prone to eavesdropping. It's the case with all forms of communication. Privacy is never a given, it is something that has to be actively sought and maintained, like any other human "right". What is insulting is that companies are going out of their way to betray the customer. I am not thinking so much of software giants but Intel which forces you to relinquish your privacy with apparently no way to get around their backdoors.

      --
      Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
    2. Re:Strange by Mitreya · · Score: 4, Insightful

      all of us were "ok" with the companies collecting this information. When an intelligence agency combines this info, we suddenly scream for privacy.

      Google does not have the ability to put us on the no-fly list. "Ok" or not, the threat level just isn't the same.

    3. Re:Strange by Anonymous Coward · · Score: 3, Interesting

      All of us were NOT "OK" with companies collecting this information. If you were, I'm sorry for you. In order to be OK with that you'd have to believe that corporations don't have disproportionate power over peoples' lives, that they won't sell you out in a heartbeat because it's profitable or because they don't want to be bothered, and most importantly, that information once collected won't be abused. Information will ALWAYS be abused and there are only two cures for that: don't collect it in the first place, or jail the abusers of it. That latter is kind of satisfying, but rather hard to pull off unfortunately. It is far better to not allow the collection in the first place, and that means reeling in corporate power in addition to government power.

      You say the threat level isn't the same. I would submit to you that the only reason we don't have private corporate armies running around the US (we used to) is that they have simply outsourced that task to the government. So when you speak of government or corporations in this country, you're just talking about the same large entity which has to be stopped.

    4. Re:Strange by AHuxley · · Score: 5, Insightful

      Most wanted to believe the articulate sock puppets:
      Legally you had the US Constitution to keep the US gov away.
      Legally you had teams of in house (corporate) lawyers defending the 'brand' from hints of warrantless gov collaboration.
      Your political leaders that would 'out' any goverment domestic spying just for party political points.
      The US stock market would never allow the US gov to risk its international sales and would side against warrantless gov and keep sales up.
      You had the public, gov hardware and software 'interface' that would be uncovered very quickly with great press coverage by so many skilled staff.
      You had staff, academies and skilled members of the press who would find some trace.... and then win media prizes with the story of the decade...
      Skilled academics, code reviews, gov standards, software brands and teams of individuals had all looked over net encryption and found it usable for consumers.
      After Snowden it was all found to be a hoax.
      Political leaders did nothing, lawyers said nothing, academics educated the junk code to generations of fee paying students, the tame press never followed any stories, corporations took gov cash and helped, telcos ensured the optical was in place. Mercenaries and contractors enjoyed the overtime.
      The brands are now a joke.

      --
      Domestic spying is now "Benign Information Gathering"
    5. Re:Strange by Joining+Yet+Again · · Score: 2

      This fascistic "only following orders" mindset really needs to be nipped in the bud. America understood that it was unjustifiable in the 1940s, but it's their first refuge now.

      If for profit(*) you maintain a product knowingly used for evil, you are just as responsible as the person directing you.

      (*) A person who has little choice will have diminished or zero responsibility. So, a destitute person who gets a job as a cleaner for Google when there is nothing else on offer, or someone given forced labour in a prison, cannot really be judged.

    6. Re:Strange by WoLpH · · Score: 3, Insightful

      Even besides that. It doesn't matter if you're ok or not. Even if you don't share your information, if one of your friends has your information on a phone and shares this with facebook it will still be shared...

      Regardless of whether you've ever consented to share it with facebook or anything else.

    7. Re:Strange by Runaway1956 · · Score: 4, Insightful

      "How all of us were "ok" with the companies collecting this information."

      Speak for yourself, Kemosabe. There were a lot of us who have been bitching about the invasion of privacy all along. Were we listened to? Of course not - we were shouted down. "There is no privacy on the internet, everything you put out there is available for public consumption. Grow up dummy, if you've done nothing wrong, then you have nothing to hide!"

      Always, the conversation was derailed with just such words.

      Fact is, conversations on the internet are about as private as discussing your private life on the town square. Of course it's not "private", but you don't expect snoops to be actively engaged in eavesdropping activities. On the town square, you can look around to see if the town gossip is lurking behind the nearby bench. Or, whether the Chief of Police is loitering within earshot.

      The internet? Only some of the more savvy users are aware just HOW LITTLE privacy they have. We are forced to avoid monitoring and eavesdropping. And, it's impossible to tell just how effective our efforts are. And, we know all the while that if NSA or any other agency takes an active interest in us, they can just tap into everything at the ISP level.

      Those of YOU who were "ok" with data mining - it's about time you woke up, and understood that we have valid concerns. Now - what ya gonna do about it? Can we get NSA and a few dozen of the programs that they support defunded? Can we get some of the various police tools shitcanned? What are we gonna DO? Resort to the darknets? That really isn't a solution. All that the NSA has to do, is to install a few thousands of their own onion routers and I2P routers, and whatever else comes along. Perfect MIM attack vectors, since they straddle the backbones anyway.

      What ya gonna do? Just sit around and bitch, with those of us who have been bitching for years? Do you have a plan?

      You might join us, in writing your congress critters. Repeatedly. Often. Write to your own, and everyone else's as well. Sign all the online petitions that you can find. Start your own petitions. And, bug hell out of your congress critters. They HATE to get hate mail. They much prefer not to hear from you at all, and they love fan mail, so send the HATE MAIL.

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
    8. Re:Strange by Runaway1956 · · Score: 5, Interesting

      Actually - you DO have some choice. Did you fill out that frequent shopper's survey? Chump. Did you supply your telephone number the last time you purchased a pizza over the counter? Chumped again. Do you give out your cell phone and email address everytime a vendor requests it? Chumped, chumped, and chumped, over and over again. Do you use that credit card for ALL your purchases? You are so chumped!

      Use dollar bills, in person, and refuse to supply information of any kind to the vendor. THEY DON'T NEED ANY INFORMATION TO MAKE A SALE!!

      But, if you insist on getting that penny discount on your next bag of Cheeto's, go ahead and play their game.

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
    9. Re:Strange by BitZtream · · Score: 4, Informative

      Not all email is sent in clear text. Some admins aren't clueless.

      For instance, my mail server communicates with many other mail servers using SSL, including when talking to other servers. Yahoo, Google, and Outlook.com all use TLS and upgrade to a secure connection on HELO. Likewise my mail servers REQUIRE SSL AND AUTHENTICATION for picking up mail or sending from our addresses. Include SPF in the mix and the only clear text version of the mail is sitting on my server hard drives and the client machines.

      I'm fairly confident the NSA hasn't gotten into my system yet, and they didn't fake our certificate chain since its an internally generated chain that no cert provider is in, just our own not network connected CA.

      Email can be secured with current technology and protocols. Easily.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    10. Re:Strange by Runaway1956 · · Score: 2

      And, that is such an adult comment. I got my first paying job in 1971. Graduated high school in 1974. Joined the Navy in 1975. Discharged from the Navy in 1983. Need I go on?

      I have walked out of stores where the staff was overly prying. "Why do you need my phone number?" "It's required, we're supposed to ask everyone!" "Good bye then!"

      If you CHOOSE to be corporate America's chump, that's fine. But don't make excuses to me for it.

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
    11. Re:Strange by Fuzion · · Score: 2

      Neither are required for life in even the slightest way. Plenty of fully functional people have jobs, homes and families and they never fly and don't have Internet access.

      Just as a reminder, since it seems to be forgotten so often.

      Airplanes are barely a 100 years old.

      The Internet, or more specifically, the web, is only about 20.

      These are not 'requirements' for life. You will survive without either.

      Technically no freedoms are 'requirements' for life, you can survive without them. 150 years ago people of a certain skin colour didn't have any freedoms in the US yet they were alive. Even now, in many countries, plenty of people have jobs, homes and families without ever having the chance to freely express their political views.

      The standard for freedoms isn't what's a 'requirement' for life, and it'd be a very unfortunate world if it was.

      --
      "Knowledge makes us accountable." - Che Guevara
    12. Re:Strange by geminidomino · · Score: 2

      Then you should be old enough to know that, valid or not, your "loyalty card" rant was almost completely out of context for the discussion at hand.

    13. Re:Strange by LWATCDR · · Score: 2

      "Email can be secured with current technology and protocols. Easily."
      "Include SPF in the mix and the only clear text version of the mail is sitting on my server hard drives and the client machines."
      So only when it is on your server. And even then it is not secure for your other users since you can read it. Most sys admins are too ethical to do such a thing but I have run into at least one that read everyone's email. Again I say no more secure than a postcard. Anyone in the postal service can read it.

      --
      See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
  2. Who can spare a thought for such matters by korbulon · · Score: 5, Funny

    When the next iPhone will be curved?

    http://apple.slashdot.org/story/13/11/11/0353252/apple-developing-curve-screen-iphones-and-improved-sensors

  3. Vote with your feet by FriendlyLurker · · Score: 4, Informative

    Take your business elsewhere whenever possible. Only thing that will make companies sit up and pay attention is when their bottom line starts to be affected. Computer professionals advise non-techy business types on how best to protect sensitive company information against the massive industrial espionage spy network. People may not care about their facebook page and personal email is being compromised, but they sure as hell care when their companies sensitive business information is put at risk...

    1. Re:Vote with your feet by Joining+Yet+Again · · Score: 3, Funny

      tl;dr return to the '80s and '90s where businesses had servers in their server room.

      Never left it. Feels good, bro. My only "conspiracy theory" (in that I extrapolated from the available evidence quite a bit) has turned out to be mostly accurate.

  4. Backward by Jah-Wren+Ryel · · Score: 4, Insightful

    Lax rules created fertile ground for NSA snooping.

    No, rules don't make any difference to criminals, NSA or otherwise.

    It is the high value of centralizing all that data info which makes for fertile ground.

    --
    When information is power, privacy is freedom.
  5. Yeah right by StripedCow · · Score: 2

    ... as consumer confidence plummets ...

    As if the average facebook user cares about privacy.

    --
    If Pandora's box is destined to be opened, *I* want to be the one to open it.
  6. Re:There is no free lunch by geogob · · Score: 2

    There is no free lunch

    It depends. From the point of view of the company CEO accepting to help the NSA or other agencies, there might be a lot of free lunches. That all that counts, right?

  7. Re:Corporate America by cheekyjohnson · · Score: 2

    Put away your tinfoil hats and see the real threat.

    What tinfoil hats? Are you suggesting that it is crazy to be afraid that the government might abuse the massive amount of power we've given it, even though every government has abused its power without fail? The people who work for the government are humans, not perfect angels; thus, it makes no sense to me to not be wary of them.

    Of course, I don't think corporations having all this data is a good thing either, but there are no tinfoil hats present here.

    --
    Filthy, filthy copyrapists!
  8. should be how Americans helped the NSA by Gothmolly · · Score: 2

    Everyone wanted free Internet, free search engines, free Webmail, free coupons, free 5% off clubs, free 1-click shopping.... what did people think was going on there?

    --
    I want to delete my account but Slashdot doesn't allow it.
  9. Re:There is no free lunch by phayes · · Score: 2

    Riiighht. The Internet will be balkanised because the US is only govt doing this & there is no cooperation between the intelligence agencies. Hey, it's not like the Communications that the French govt was complaining about was collected by the DGSE & then passed onto the NSA as the price for the USA deploying drone assets to Mali, or that the Germans perform "legal" surveillance of their population secretly or that the Brazilians spy on diplomats or ...

    Government heads are protesting much too loudly about NSA practices that they already knew about & that they themselves indulge in. I smell grandstanding to internal audiences & my prediction is that will be little long term effect.

    --
    Democracy is a sheep and two wolves deciding what to have for lunch. Freedom is a well armed sheep contesting the issue
  10. That's the convenient viewpoint by argStyopa · · Score: 3, Insightful

    ...perhaps I could correct this a little:
    "'U.S. citizens have passively accepted weak privacy rules that let companies collect massive amounts of personal data. The strategy enabled the companies to work their way into every corner of consumers' lives ..."

    I keep hearing about the "US govt" this and "companies" that.
    The fact is that the whole 'privacy' thing is comparable to the cigarette issue for the last 50 years....NOBODY believed cigarettes were in any way good for you, and by the late 1960s pretty much everyone recognized that they were quite harmful (regardless of what the cigarette companies insisted).

    In short, the consumers willfully participated and knew (when they bothered to think about it) that companies were collecting massive amounts of data with every transaction, using (without complaint) their social security number as an id#, etc.

    When I've got a friend or three complaining about companies/government gathering private data, they're usually paying for their meal with a credit card.

    --
    -Styopa
  11. Re:There is no free lunch by SirGarlon · · Score: 2

    Either you pay upfront with cold hard cash, in which case you can make indignant noses about unlawful uses of your data. If you don't want to pay cash, and instead have a "free" service, your data is what the developers will try to monetize.

    I would love it if I could pay for an effective search engine that didn't track my search habits in order to alter the results.

    I would love it if I could pay for a social network to keep in touch with my friends and business contacts and it didn't spy on me and spam me and sell my information to all and sundry.

    I would love it if I could pay for news that didn't watch me back, or for videoconferencing that gave me the same privacy assurances my landline phone has (weak as those may be).

    These paid service you speak of, they don't exist. The choice is between surveillance-funded services, and no services at all.

    --
    [Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.
  12. No threat to companies: we've forgotten already by fygment · · Score: 3, Insightful

    Few people really 'got' what was going on; some people remain unaware; and most really don't care.

    Companies will lie, politicians will lie, and the people will pretend to believe them and carry on.

    --
    "Consensus" in science is _always_ a political construct.
  13. Re:Useless opinion is useless by DuckDodgers · · Score: 2

    It's useless encryption, though. Thanks to the Patriot Act, the NSA can ask Google to decrypt and hand over any information on any person for no stated reason. Google can't even challenge the order in court. Google's decision to use encryption internally was a publicity stunt that only convinced people who didn't take five minutes to think about the value of that encryption (i.e. none).

  14. Re:Even Firefox by DuckDodgers · · Score: 2

    The Mozilla Foundation, which makes Firefox, gets most of its funding through hundred million dollar grants from Google. Google gets most of its money from advertising.

    That's why Firefox browser (and of course, the Chrome browser) will never take any serious steps to block user tracking. If Mozilla ever got serious about user privacy, the next grant from Google would never arrive and Firefox development and bug fixes would slow to a trickle.

    If any browser vendor would put real investment into blocking user tracking, it's probably Microsoft. Cutting ad revenue would hurt Google more than it hurts Microsoft, so Microsoft would love to move in that direction. But of course Microsoft makes proprietary software, so as soon as any grand plan to modify Internet Explorer to enhance user privacy actually worked, the NSA would probably just order Microsoft to insert a backdoor into the browser and track all user activity through that.

  15. This is not just about surveillance by gmuslera · · Score: 3, Insightful

    This is also about attacking; hacking, intrusion, modifying systems, sabotaging hardware, etc. Is not a passive "i want to know this", but an active/aggresive "i will plant a backdoor/rootkit to be able to do there whatever i want", including hitting you as a person, as a country, or as a trusted media that reach enough/certain people/companies.

    We already knwo they planted backdoors on Tor users and Slashdot and LinkedIn users, and with Silicon Valley cooperation, probably they will be bundled in a lot more software/hardware/services. Time to stop playing boiling frog.