Law Professor: Tech Companies Are Our Best Hope At Resisting Surveillance

An anonymous reader writes: Fusion has an op-ed where Ryan Calo, Assistant Professor of Law at the University of Washington, argues Google, Apple, and Microsoft pushing back against government surveillance may be our only real hope for privacy. He writes: "Both Google and Yahoo have announced that they are working on end-to-end encryption in email. Facebook established its service on a Tor hidden services site, so that users can access the social network without being monitored by those with access to network traffic. Outside of product design, Twitter, Facebook and Microsoft have sent their formidable legal teams to court to block or narrow requests for user information. Encryption tools have traditionally been unwieldy and difficult to use; massive companies turning their attention to better and simpler design, and use by default, could be a game changer. Privacy will no longer be accessible only to tech-savvy users, and it will mean that those who do use encryption will no longer stick out like sore thumbs, their rare use of hard-to-use tools making them a target."

Get a bear to guard your honey

[markdavis]

>"Law Professor: Tech Companies Are Our Best Hope At Resisting Surveillance"

Except they (tech companies) are just as guilty for surveillance. Plus, all the data they do gather is still information that the government can obtain legally through warrants and "illegally" through other means (which WILL continue).

Re:Get a bear to guard your honey

[TheRaven64]

Exactly. With the exception of Microsoft (which sells software, yet still doesn't have a great track record, especially with the Windows 10 fiasco), all of the listed companies have business models that rely on collecting as much information as they possibly can from their users (not to be confused with their customers). If you want to resist surveillance, then don't buy into large centralised communication systems.

Or the Gordon Dickson approach

[smittyoneeach]

Would it not be ironic if a parallel, completely pre-Information Age system of handwritten, couriered messaging evolved in response to the whole Big Brother thing?

Re:Or the Gordon Dickson approach

There is a special government program going on in the US right now where for $0.49 a uniformed representative of the government will hand deliver your sealed correspondence to its destination.

I find this to be a useful way to communicate and do business in the Digital Age.

Re:Or the Gordon Dickson approach

[GLMDesigns]

Do you not feel that we have gone too far in the way of centralized control? You're not horrified at a child's lemonade stands being closed down due to lack of licensing? Or that you must have a fence around your pool else a trespasser who falls in your pool can sue you?

Is there no happy medium between regulatory micromanagement and your description of how horrible it was in the 1800s?

The professor is an optimist

[Mostly+a+lurker]

Big Brother is here to stay. Surveillance tools are being built into the hardware and BIOS. End to end encryption becomes moot when the data is collected at source.

No

[TCM]

Cryptographers are our best hope.

What is this headline supposed to suggest? Trust cloud providers? LOL.

Re:No

[Sloppy]

Communication is too basic to not be a commodity. If you have a software "vendor" then you're doing it wrong.

What is really getting fucked up here, is that we are using the names of these three companies in our discussion, rather than the names of standard protocols. Because the public isn't using standard protocols. That's intolerable.

Re:No

[Bob+the+Super+Hamste]

The key in your statement is backdoors and people suspect that some may have been put in to things like bitlocker, Android and iOS full device encrypt and other closed source products. This however doesn't prevent you from using things like TrueCrypt (included because there hasn't been shown to be any real red flags even with the limited audit), PGP/GPG, the various TrueCrypt successors, other encryption programs. Something that requires 2^256 bit flips is going to be awfully energy intensive even if it is done with the magic of quantum computers which can speed up the process but not that much (I want to say it can cut the exponent in half but I may not be remembering it correctly). So if we take an optimistic view with quantum computers that still means it takes 2^128 bit flips and good luck finding enough energy to do that. Basically proper cryptography without backdoors or flaws is something that cannot be broken even using all of the available energy in the universe. If that doesn't offer enough protection then you could always use a one time pad.

Re:No

[sociocapitalist]

The key in your statement is backdoors and people suspect that some may have been put in to things like bitlocker, Android and iOS full device encrypt and other closed source products. This however doesn't prevent you from using things like TrueCrypt (included because there hasn't been shown to be any real red flags even with the limited audit), PGP/GPG, the various TrueCrypt successors, other encryption programs. Something that requires 2^256 bit flips is going to be awfully energy intensive even if it is done with the magic of quantum computers which can speed up the process but not that much (I want to say it can cut the exponent in half but I may not be remembering it correctly). So if we take an optimistic view with quantum computers that still means it takes 2^128 bit flips and good luck finding enough energy to do that. Basically proper cryptography without backdoors or flaws is something that cannot be broken even using all of the available energy in the universe. If that doesn't offer enough protection then you could always use a one time pad.

You're making the assumption that those attacking it are using the same technology that you are aware of - which may be the case. Then again it may not.

Whatever you rely on, there will be ways around it and governments just have a lot more resource to throw at something than you do. Of course they probably don't care enough to make the effort.

Windows 10 = privacy tool

I'd say Free Software is our best hope, not companies like Microsoft who build surveillance into the operating system and encourage people to store all of their files in the cloud. Didn't Microsoft destroy Skype's decentralized architecture so that they could make it possible to wiretap?

While Microsoft hands them the keys

Windows 10 will safely backup your key to the cloud whenever you encrypted data with Bitlocker. Making the whole process useless. Any government agency, Microsoft employee or hacker who can get in there has full access to your data.

Hotmail wouldn't attach encrypted zip file

[sasparillascott]

Yesterday I wanted to get a small file from one computer to another, didn't want to use a thumb drive (didn't have cloud storage on one as well) so I just figured I'd Hotmail myself (via its web interface) an e-mail with the attached file zipped and encrypted (it was a tax doc) to another e-mail address of mine...no problem right? So I try to attach the file and Microsoft decided it had to be able to scan and identify (and log?) what I had in that zip file before it would allow it to be attached (since it was encrypted it wouldn't allow it to be attached...tried it several times...the NSA must be pleased)....so much for user's privacy.

With all the information, since Snowden, about Microsoft working hand in glove with the U.S. government I have to laugh a little at them being included here - as it seems a PR stunt on their part.

http://www.theguardian.com/wor...

Re:Hotmail wouldn't attach encrypted zip file

Assuming the file is below whatever the attachment size limit for Hotmail, try renaming it to a JPEG or some other picture format file extension.

Re:Hotmail wouldn't attach encrypted zip file

Had this problem when I was in the military. Charged the extension to .txt or .ppt to get around it.

If that is true....

[Revarg]

... we are screwed. If our best hope against government surveillance are companies who spend most of their time collecting our information to sell to the highest bidder, then we are in for some heavy government surveillance.

Hey - hear him out!

[megaronic]

His argument comes with the weight of jurisprudence.

Really good for him to put the facts on the table for all to appreciate.

And it's also been very brave of Google, Apple, Microsoft and Facebook to criticize governements and corporations who don't have high standards of privacy or care to protect the rights of others.

Well done these four!

They all deserve a big award.

Rapists in savior's clothing

[macraig]

"Tech companies" are no saviors of anyone but their executive staff and their shareholders. It has been well established that, as a general rule, sociopaths are in executive control of virtually every human hierarchy, be it a corporation or gang or government or military. The Peter Principle is a myth, a misdirection; the real principle at work is that sociopaths willing to make the "hard" unethical decisions that disproportionately benefit each organizational tribe are the ones who consistently get elected, appointed, promoted. Tribalism is very alive and well, and it's sociopaths who benefit the most from exploiting it.

In the case of tech companies, at the same time they appear to be resisting government oppression they are also supplying government (and anyone else with cash in hand) with the tools it needs to oppress. That doesn't sound messianic to me at all.

So who is this Ryan Calo that he is motivated to publish such misdirecting tripe?

Govenment Is Not Working For It's People

[BrendaEM]

Is this how it ends?

End-to-end encryption in email

[nickweller]

"Both Google and Yahoo have announced that they are working on end-to-end encryption in email."

Unless the keys reside only on the end devices then it ain't secure.