Slashdot Mirror
Why the NSA Piggybacks On Consumer Tracking
An anonymous reader writes "'Snooping on the Internet is tricky. The network is diffuse, global, and packed with potential targets. There's no central system for identifying or locating individuals, so it's hard to keep track of who is online and what they're up to. What's a spy agency to do?' In a Slate op-ed, Ed Felten explains how consumer tracking makes the NSA's job much easier. Felten was the first-ever Chief Technologist at the Federal Trade Commission, serving as the agency's lead technical expert on privacy issues. Now back in academia, he argues that the NSA gets a 'free ride on the private sector,' from distinguishing users, to pinpointing geolocation, to slurping up network traffic."
But to say it "gets a 'free ride on the private sector'" ignores the fact that the reverse is (possibly) even more the case. We paid for the Internet and did so with the expectation that we would receive and keep certain rights. Instead, Verizon, Comcast and their ilk do everything in their power to clamp down on Internet access and usage either directly (through their greed) or by worming their way back and forth into and out of lobbyist and politically appointed government positions. Add to that the MPAA and RIAA with their (what in a sane world would be illegal) demands that people spend more time in prison for "piracy" than for murder and you see everyone but the public getting a "free ride" for something we already bought.
Bark less. Wag more.
Encrypt everything, make life as difficult as possible for those who would snoop your traffic. You mention Firefox plugins, perhaps you should also be using the HTTPS Everywhere plugin: https://www.eff.org/https-everywhere
Also make sure you are using the SSL Observatory function, this should at least help prevent MITM type attacks against you.
Even ISP routers are being used to get in our private networks, our VPN and even our Tor connections. In NSA/GCHQ sources and methods uncovered there are some suggestions to improve things a bit.
Murdering in America is tricky. The streets are packed with concerned citizens, some of which are armed, and there's local police to avoid. There's no central system for murdering or stowing dead individuals, so it's hard to keep track of who been murdered and where their dead body is. What's a murder to do?
There, that puts it into perspective. I wonder how many goddamned NSA stories slashdot is going to pump into today's atmosphere.
Politics; n. : A religion whereby man is god.
A post in a thread a few days ago gave a good list. (I'd link back to it, but I can't find it.)
I didn't list Lightbeam because while it is good at visualizing tracking, it doesn't actually stop it.
I also currently use
I'm also looking into running a YaCy server so that I don't depend on centralized (and therefore inherently trackable, even if some say they don't) search engines at all.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
Browse with TOR whenever possible and restart the TOR session frequently.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
I'd consider TOR exit nodes to be fully monitored, so obviously you'd want to take all of the steps above as well, when browsing over TOR.
Or just ignore the whole thing and let them spy on the TERRORISTS that they are actually looking for.
Can't tell if you're being serious, but in case you are: No, the problem here is overreach and feature creep. They are applying their rules for dealing with terrists (essentially none) to the population in general and foreign heads of state in particular.
I don't expect that ignoring the whole thing is a strategy which is likely to limit their ambitions, at all.
Gosh, thanks. That must be why the other ships call me Meatfucker -- GCU Grey Area (Eccentric)
You can also play games with your browser sessions. Both firefox and chrome support multiple browser sessions running simultaneously. I have one just for google searches, another just for youtube, another just for banking, etc. That keeps your cookies and other fingerprinting information like extensions, browser history, etc unique to each task.
If you run firefox with these arguments it starts up with a picker that lets you choose which profile to run:
firefox --ProfileManager --no-remote
I give each profile a different theme and change the titlebar to start with a prefix (like "GOOGLE: xxx" or "BANK: xxx") with the customize_titlebar add-on to make it easy to visually distinguish between different sessions.
I also use the user-agent switcher extension to give each browser session a different user-agent. I usually set them to say the OS is Windows (I'm on linux) to blend in better with all the other Windows users and then each one is set to report a slightly different version of firefox (like 25.0 or 25..0.1 or 24.0 etc).
It is not just about hiding yourself it is about polluting their databases. Switching the user-agent isn't 100% -- some javascript can figure out the browser version via other means. But it is low-hanging fruit because the user-agent gets transmitted with every single http request your browser makes, so anyone passively sniffing the wire will get whatever you set it to.
https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher/
There is a similar add-on for chrome by a different author, haven't used it myself:
https://chrome.google.com/webstore/detail/user-agent-switcher-for-c/djflhoibgkdhkhhcedjiklpkjnoahfmg?hl=en-US
For firefox you have to make an additional change in about:config in order to have your user agent stick permanently because java gets confused on startup if it is spoofed. Create a new preference 'useragentswitcher.reset.onclose' and set it to false.
When information is power, privacy is freedom.