Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Silicon Valley Helped the NSA

Posted by samzenpus on from the with-a-little-help-from-my-friends dept.

theodp writes "The U.S. tech giants' pledge to up their privacy game in the wake of reports that all-your-data-belong-to-the-NSA rings a little hollow to Abraham Newman, who reminds us that such protections run counter to the business model and public policy agenda that tech companies have pursued for decades. 'For years,' writes Newman, 'U.S. information technology (IT) firms have actively backed weak privacy rules that let them collect massive amounts of personal data. The strategy enabled the companies to work their way into every corner of consumers' lives and gave them a competitive edge internationally. Those same policies, however, have come back to haunt IT firms. Lax rules created fertile ground for NSA snooping. In the wake of the surveillance scandals, as consumer confidence plummets, technology companies' economic futures are threatened.'"

16 of 163 comments (clear)

  1. Strange by Anonymous Coward · · Score: 4, Insightful

    How all of us were "ok" with the companies collecting this information. When an intelligence agency combines this info, we suddenly scream for privacy. I'm scared enough that google accesses my Gmail content, and Apple my iMessages and contacts.

    1. Re:Strange by mrbluze · · Score: 3, Informative

      When the telephone was invented, it was obvious to all and sundry that it was prone to eavesdropping. It's the case with all forms of communication. Privacy is never a given, it is something that has to be actively sought and maintained, like any other human "right". What is insulting is that companies are going out of their way to betray the customer. I am not thinking so much of software giants but Intel which forces you to relinquish your privacy with apparently no way to get around their backdoors.

      --
      Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
    2. Re:Strange by Mitreya · · Score: 4, Insightful

      all of us were "ok" with the companies collecting this information. When an intelligence agency combines this info, we suddenly scream for privacy.

      Google does not have the ability to put us on the no-fly list. "Ok" or not, the threat level just isn't the same.

    3. Re:Strange by Anonymous Coward · · Score: 3, Interesting

      All of us were NOT "OK" with companies collecting this information. If you were, I'm sorry for you. In order to be OK with that you'd have to believe that corporations don't have disproportionate power over peoples' lives, that they won't sell you out in a heartbeat because it's profitable or because they don't want to be bothered, and most importantly, that information once collected won't be abused. Information will ALWAYS be abused and there are only two cures for that: don't collect it in the first place, or jail the abusers of it. That latter is kind of satisfying, but rather hard to pull off unfortunately. It is far better to not allow the collection in the first place, and that means reeling in corporate power in addition to government power.

      You say the threat level isn't the same. I would submit to you that the only reason we don't have private corporate armies running around the US (we used to) is that they have simply outsourced that task to the government. So when you speak of government or corporations in this country, you're just talking about the same large entity which has to be stopped.

    4. Re:Strange by AHuxley · · Score: 5, Insightful

      Most wanted to believe the articulate sock puppets:
      Legally you had the US Constitution to keep the US gov away.
      Legally you had teams of in house (corporate) lawyers defending the 'brand' from hints of warrantless gov collaboration.
      Your political leaders that would 'out' any goverment domestic spying just for party political points.
      The US stock market would never allow the US gov to risk its international sales and would side against warrantless gov and keep sales up.
      You had the public, gov hardware and software 'interface' that would be uncovered very quickly with great press coverage by so many skilled staff.
      You had staff, academies and skilled members of the press who would find some trace.... and then win media prizes with the story of the decade...
      Skilled academics, code reviews, gov standards, software brands and teams of individuals had all looked over net encryption and found it usable for consumers.
      After Snowden it was all found to be a hoax.
      Political leaders did nothing, lawyers said nothing, academics educated the junk code to generations of fee paying students, the tame press never followed any stories, corporations took gov cash and helped, telcos ensured the optical was in place. Mercenaries and contractors enjoyed the overtime.
      The brands are now a joke.

      --
      Domestic spying is now "Benign Information Gathering"
    5. Re:Strange by WoLpH · · Score: 3, Insightful

      Even besides that. It doesn't matter if you're ok or not. Even if you don't share your information, if one of your friends has your information on a phone and shares this with facebook it will still be shared...

      Regardless of whether you've ever consented to share it with facebook or anything else.

    6. Re:Strange by Runaway1956 · · Score: 4, Insightful

      "How all of us were "ok" with the companies collecting this information."

      Speak for yourself, Kemosabe. There were a lot of us who have been bitching about the invasion of privacy all along. Were we listened to? Of course not - we were shouted down. "There is no privacy on the internet, everything you put out there is available for public consumption. Grow up dummy, if you've done nothing wrong, then you have nothing to hide!"

      Always, the conversation was derailed with just such words.

      Fact is, conversations on the internet are about as private as discussing your private life on the town square. Of course it's not "private", but you don't expect snoops to be actively engaged in eavesdropping activities. On the town square, you can look around to see if the town gossip is lurking behind the nearby bench. Or, whether the Chief of Police is loitering within earshot.

      The internet? Only some of the more savvy users are aware just HOW LITTLE privacy they have. We are forced to avoid monitoring and eavesdropping. And, it's impossible to tell just how effective our efforts are. And, we know all the while that if NSA or any other agency takes an active interest in us, they can just tap into everything at the ISP level.

      Those of YOU who were "ok" with data mining - it's about time you woke up, and understood that we have valid concerns. Now - what ya gonna do about it? Can we get NSA and a few dozen of the programs that they support defunded? Can we get some of the various police tools shitcanned? What are we gonna DO? Resort to the darknets? That really isn't a solution. All that the NSA has to do, is to install a few thousands of their own onion routers and I2P routers, and whatever else comes along. Perfect MIM attack vectors, since they straddle the backbones anyway.

      What ya gonna do? Just sit around and bitch, with those of us who have been bitching for years? Do you have a plan?

      You might join us, in writing your congress critters. Repeatedly. Often. Write to your own, and everyone else's as well. Sign all the online petitions that you can find. Start your own petitions. And, bug hell out of your congress critters. They HATE to get hate mail. They much prefer not to hear from you at all, and they love fan mail, so send the HATE MAIL.

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
    7. Re:Strange by Runaway1956 · · Score: 5, Interesting

      Actually - you DO have some choice. Did you fill out that frequent shopper's survey? Chump. Did you supply your telephone number the last time you purchased a pizza over the counter? Chumped again. Do you give out your cell phone and email address everytime a vendor requests it? Chumped, chumped, and chumped, over and over again. Do you use that credit card for ALL your purchases? You are so chumped!

      Use dollar bills, in person, and refuse to supply information of any kind to the vendor. THEY DON'T NEED ANY INFORMATION TO MAKE A SALE!!

      But, if you insist on getting that penny discount on your next bag of Cheeto's, go ahead and play their game.

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
    8. Re:Strange by BitZtream · · Score: 4, Informative

      Not all email is sent in clear text. Some admins aren't clueless.

      For instance, my mail server communicates with many other mail servers using SSL, including when talking to other servers. Yahoo, Google, and Outlook.com all use TLS and upgrade to a secure connection on HELO. Likewise my mail servers REQUIRE SSL AND AUTHENTICATION for picking up mail or sending from our addresses. Include SPF in the mix and the only clear text version of the mail is sitting on my server hard drives and the client machines.

      I'm fairly confident the NSA hasn't gotten into my system yet, and they didn't fake our certificate chain since its an internally generated chain that no cert provider is in, just our own not network connected CA.

      Email can be secured with current technology and protocols. Easily.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
  2. Who can spare a thought for such matters by korbulon · · Score: 5, Funny

    When the next iPhone will be curved?

    http://apple.slashdot.org/story/13/11/11/0353252/apple-developing-curve-screen-iphones-and-improved-sensors

  3. Vote with your feet by FriendlyLurker · · Score: 4, Informative

    Take your business elsewhere whenever possible. Only thing that will make companies sit up and pay attention is when their bottom line starts to be affected. Computer professionals advise non-techy business types on how best to protect sensitive company information against the massive industrial espionage spy network. People may not care about their facebook page and personal email is being compromised, but they sure as hell care when their companies sensitive business information is put at risk...

    1. Re:Vote with your feet by Joining+Yet+Again · · Score: 3, Funny

      tl;dr return to the '80s and '90s where businesses had servers in their server room.

      Never left it. Feels good, bro. My only "conspiracy theory" (in that I extrapolated from the available evidence quite a bit) has turned out to be mostly accurate.

  4. Backward by Jah-Wren+Ryel · · Score: 4, Insightful

    Lax rules created fertile ground for NSA snooping.

    No, rules don't make any difference to criminals, NSA or otherwise.

    It is the high value of centralizing all that data info which makes for fertile ground.

    --
    When information is power, privacy is freedom.
  5. That's the convenient viewpoint by argStyopa · · Score: 3, Insightful

    ...perhaps I could correct this a little:
    "'U.S. citizens have passively accepted weak privacy rules that let companies collect massive amounts of personal data. The strategy enabled the companies to work their way into every corner of consumers' lives ..."

    I keep hearing about the "US govt" this and "companies" that.
    The fact is that the whole 'privacy' thing is comparable to the cigarette issue for the last 50 years....NOBODY believed cigarettes were in any way good for you, and by the late 1960s pretty much everyone recognized that they were quite harmful (regardless of what the cigarette companies insisted).

    In short, the consumers willfully participated and knew (when they bothered to think about it) that companies were collecting massive amounts of data with every transaction, using (without complaint) their social security number as an id#, etc.

    When I've got a friend or three complaining about companies/government gathering private data, they're usually paying for their meal with a credit card.

    --
    -Styopa
  6. No threat to companies: we've forgotten already by fygment · · Score: 3, Insightful

    Few people really 'got' what was going on; some people remain unaware; and most really don't care.

    Companies will lie, politicians will lie, and the people will pretend to believe them and carry on.

    --
    "Consensus" in science is _always_ a political construct.
  7. This is not just about surveillance by gmuslera · · Score: 3, Insightful

    This is also about attacking; hacking, intrusion, modifying systems, sabotaging hardware, etc. Is not a passive "i want to know this", but an active/aggresive "i will plant a backdoor/rootkit to be able to do there whatever i want", including hitting you as a person, as a country, or as a trusted media that reach enough/certain people/companies.

    We already knwo they planted backdoors on Tor users and Slashdot and LinkedIn users, and with Silicon Valley cooperation, probably they will be bundled in a lot more software/hardware/services. Time to stop playing boiling frog.