Why would France wants to leave the EU? Unlike Britain, they get more from the EU in the form a subsidies than they pay into it. Those wanting to get out of the EU are those people who are feeling that they are constantly paying more than they are getting back, like the Brits (and the Germans, Finns, Dutch...). The financially poorer "Club Med countries" like France would stay as long as they can find financially more stable countries in the EU like Germany, the Netherlands, Finland etc. would will be more or less willingly footing their bills. Greece, Italy, France, Spain,... would be the last to leave. I'll be more worried about the northerners, and, maybe the easterners at this point in time. What we're seeing right now is an "Who is John Galt?" kind of Ayn Rand-ish moment, Euro-style. Maybe more countries will quietly vanish from the EU as times flies by...
Actually, very long-term sysadmin here, responsible for huge number of servers and users. Believe it or not, once you're herding a certain threshold of users/machines, you stop being curious about individuals' behaviors, porn, lives, whatever... it becomes totally irrelevant.
Those guys working at 3/4 letter agencies are in the same position: I'll bet what you want that most of them are bored senseless when they are alerted by the algorithms that they have to look into some real-life data, just to find out that it is in 99.9% a false positive, again! Sure, you'll have some rogue PFY in there too with BOFH phantasies doing his or her thing w.r.t. their near relatives, but hey, that's bound to happen anyway, with or without surveillance agencies. That's NOT the rule, that's the tiny exception.
Personally, I'm not worried at all about that kind of surveillance and their personnel; as I've said, I'm more concerned about keeping THEM and their commercial and criminal counterparts out of networks they persistently try to infiltrate for industrial espionage purposes. THAT's where they are a nuisance, not their amateurish-organized mass-surveillance business that is still in its infancy, despite claims to the contrary.
Yes, I'm strongly pro-privacy, but I'm too long in this area to be easily impressionable: there are simply logistical and physical limits to what such a system of mass surveillance can achieve; limits that can't be overcome, no matter what efforts are being put into it. Some will be worried by this fact, others will be reassured by it, but however we see it, that's life. I'd rather prefer life to be somewhat random, and not totally under control, and I think it will always remain this way, thankfully.
Don't know about IR, but gamma and X rays definitely go through tape and can be picked up by the camera sensor, effectively turning the smartphone into an improvised Geiger-Mueller counter...
I'd think that doing this would put a bigger target on you.
What's so bad about this? I mean, seriously? You'll be drawing a couple of mW and CPU cycles of NSA/GCHQ's computers more than they would have wasted otherwise, and occupied a couple of additional bytes in their storage system. That's all there is to it. No more, no less. As long as your behavior doesn't trigger an alert that forces a human operator to briefly look at your data, no harm has been done. And if a human op has to look, the only harm done is his or her wasted time, time that would be better put to use to investigate real targets instead of false positives. They don't care about your petty life, that's not what their mission is about.
Mass surveillance is widely overrated, IMHO. Even directed surveillance is not as effective as it should have been... so relax. The only ones who should be worried are foreign corporations whose trade secrets are being systematically spied upon, and, of course, governments who have traditionally always been a legitimate target of spying. Regular people aren't interesting enough, even though they would be flattered if it were otherwise.
Sure, it's annoying to be tracked by algorithms around the clock via smartphones, but let's see it in a positive, or at least less negative, light for a change. Suppose you have the same name and/or a similar profile as someone who has raised some red flags and who landed on a couple of Governments' black lists. If you are really unlucky, next time you want to board a plane, you'll be in for a nasty surprise at secondary. Even if things get sorted out this time, next time you'll be again in trouble, and again, and again...
Now, suppose you are the privacy-conscious guy, who shies away from smartphones, who doesn't use credit and debit cards any more than absolutely necessary and prefers to pay cash as much as he can, and who in general keeps a low digital footprint. Now you're screwed, because you'll have a whole lot of red flags floating all around you. Not only can't you prove that you were not where your alter ego was, your disappearance from the surface makes you prime suspect and will have you listed on even more lists than ever before. Good luck cleaning your name and reputation after that! Maybe having carried your private portable Orwellian telescreen with you would have spared you all those troubles.
Yes, I know, that's not the world we would like to live in: being forced to accept surveillance as a way to prove one's innocence would have been considered a typical dystopia some 30-40 years ago, but sadly, that's where we're living in right now. We've allowed ourselves to fall into a collective panic, but that's how it is.
Only amateur terrorists / criminals use encrypted Messenger Apps... knowing full well that not only the smartphones' OS/hardware platform itself is insecure, but that meta data is king in today's surveillance scheme, making encryption in that environment somewhat of an exercise in futility. Sophisticated groups hide in plain sight.
Seriously, if a group really wants to hide from surveillance, they won't under any circumstances communicate their intentions, neither in the clear, nor encrypted, electronically, period. They'll meet ahead of time, and, at the most, agree on a trigger code... and not something as sophisticated as a one time pad. That code would be both simple, and would sail under the radar of surveillance: it won't raise any red flags whatsoever.
So, for instance, Alice will text Bob and say: "Hey Bob, you must really watch this awesome clip on YouTube from [INSERT-POPULAR-BAND-HERE]!", insert jargon of target group to make dialog more authentic. That would be a pre-agreed code for something totally different. Of course, Alice and Bob would have to establish a history of similar (dummy) messages in the past to evade raising eyebrows later: the crucial message should be indistinguishable from the ocean of regular messages they both exchange regularly.
One could even conceive a whole code made up of little blocks of such dialogs that appear like usual teen chatter on the surface... but that would open up this code to analysis. The less they communicate (in code), the unlikely they'll be detected. As an illustration for variation: use 20 pop artists in the phrase above, for 20 pre-agreed messages. If you need 400 messages, combine with 20 pre-agreed adjectives "have you seen INSERT-ADJECTIVE clip from INSERT-ARTIST on YouTube?"... there are endless possibilities to communicate discreetly over a low-bandwidth plain-text channel this way.
C'mon CIA Watchdog, don't be so cheap: cough up a Bitcoin or two to get the decryption key to that CIA Torture Report from your friendly Ransomware Provider...
Why go all the trouble to get a warrant etc, when reading out publicly available hi-res photographs from surveillance cameras showing the finger of the target would be more than enough to print a fine replica of the fingerprint on a 3D printer, to be applied / pressed on the fingerprint sensor by some FBI agent at a later time? C'mon, image data processing has come a long way to read your fingerprints from most photos with a decent enough lighting and resolution. Transferring that to the sensor is trivial from here.
Basically, it's not the hardware that is the problem right now with phones, it's the OS. Specifically, stock Android still doesn't allow IBSS mode, so it's not possible to build ad hoc P2P communities to extend the reach and range of Wifi networks. Or, maybe, to create the new killer-app, like say, nomadic file sharing. There are some patches out there for Cyanogenmod to enable IBSS for some Broadcomm chipsets, but unless Google finally decides to merge them back into mainline Android AOSP, there won't be any momentum to see widespread adoption of ad hoc networks, and therefore new uses for smartphones any time soon.
Just because they post with real names (do they really?) doesn't prevent people from using hate speech on Facebook. The times when people used to act with more civility on the Net because they used their real names are long gone.
You miss a major thing about the NSA: it's designed to hoover up foreign intelligence, and forbidden from doing so domestically. Putting EU data in EU silos makes it easier for the NSA legally: no one can object that they're stealing US citizens' data. An EU silo is totally, awesomely fair game for them to hijack.
Indeed! It's much more easier to bypass all those pesky FISCprocedures. Up to now, NSA had to do some pretty heavy vetting to distinguish between US and non-US Persons; EU persons self-segregating themselves out of the pool of people stored in US data centers makes it much more easier for the NSA.
That's an excellent example of the law of unintended consequences.
Basically, doesn't this means that data will be stored in EU data centers, e.g. in Ireland, UK etc..., where it will be (more or less) lawfully intercepted by British GCHQ and handed over to the NSA based on the Five Eyes Agreement? So this ruling won't change anything fundamental for the spying a.k.a. mass surveillance of EU citizens. The NSA, instead of siphoning the data from data centers in the US, will just have to route the traffic through a couple of big VPN pipes via GCHQ from data centers in the EU. Or does anyone really thinks that mass surveillance will suddenly be curbed because of a (supreme) court order in EU land?
Right. However, if you're not a US Person (i.e. if you don't have US Citizenship or a Permanent Resident Permit), there's no due process for you as well: NSA can access your GMail account without a warrant, because, well, you'd be a foreigner in their eyes, and foreigners are NOT protected by US laws in this area. No FISA court for you, comrade! That's the point: in Russia, they may pretend to follow due process (even if they don't), in the US, they don't even pretend to follow due process if you're no US Person. That's why some States are considering encouraging their citizens to move their personal data out of the US cloud.
Seen from the outside world, most, if not all, US clouds are accessible to the NSA and other US state agencies. Especially if you're not a US Person, those agencies can request your data without a warrant at all. So what the Russians and Brazilians and soon to follow other nations are doing is this: they don't want you to post your potentially incriminating personal data on NSA-controlled servers when the NSA could use them to blackmail you should you work in an important position in politics, industry etc... They rather want you to post data on servers THEY, on only they, control. What's so wrong about this? If you are about to freely give your personal data to a spying agency anyway, it could as well be your own domestic spying agency, instead of the NSA. At least, that agency would be bound by your local laws w.r.t. the respect of privacy and protection of data of its own citizens, while the NSA is free to do what it wants with data of non US Persons, including selling them on the black market (not that they would do such a thing, of course, but in theory, they could). All this is due to the NSA overstepping its original mission that was code breaking and code development, and embarking on the Orwell program of TIA.
Would it be really so hard to relocate GitHub (servers, company and all) outside the US to avoid those DMCA take downs? Especially considering that it would also make life for the NSA a little harder too (no NSLs could force GitHub to secretly include backdoors here and there, and keep silent about it). Next question: what country would be most friendly to Open Source yet resisting the insatiable hunger of the copyright trolls?
Is it really wrong to spy on the worldwide communication infrastructure, as long as you can? This ubiquitous spying can only spur the deployment of more encryption, anonymizing protocols and generally hardening the infrastructure. As long as that infrastructure is so easily vulnerable to snooping, why should the NSA, GCHQ and other spying agencies refrain from exploiting it? After all, it's our fault that we keep communicating in the clear, and that we keep trusting commercial companies that provide closed source products that we can't inspect (at least in theory).
Suppose the inquiry board wants needs the testimony of anonymous whistle blowers (NOT Snowden, he's known). How do you suppose the anonymity of those testifying can be granted, if the inquiry is being public? I guess the NSA through the BND wanted to know who was testifying there, and what they exactly said.
Unless governments can rebuild the released version of Microsoft products with said source code, they'll be fed a sanitized version of that source code, but not the original full code base needed to build the final binaries. Backdoors could still be added later at build time, so what's the point?
Slashdot Mirror
Why would France wants to leave the EU? Unlike Britain, they get more from the EU in the form a subsidies than they pay into it. Those wanting to get out of the EU are those people who are feeling that they are constantly paying more than they are getting back, like the Brits (and the Germans, Finns, Dutch...). The financially poorer "Club Med countries" like France would stay as long as they can find financially more stable countries in the EU like Germany, the Netherlands, Finland etc. would will be more or less willingly footing their bills. Greece, Italy, France, Spain, ... would be the last to leave. I'll be more worried about the northerners, and, maybe the easterners at this point in time. What we're seeing right now is an "Who is John Galt?" kind of Ayn Rand-ish moment, Euro-style. Maybe more countries will quietly vanish from the EU as times flies by...
Those guys working at 3/4 letter agencies are in the same position: I'll bet what you want that most of them are bored senseless when they are alerted by the algorithms that they have to look into some real-life data, just to find out that it is in 99.9% a false positive, again! Sure, you'll have some rogue PFY in there too with BOFH phantasies doing his or her thing w.r.t. their near relatives, but hey, that's bound to happen anyway, with or without surveillance agencies. That's NOT the rule, that's the tiny exception.
Personally, I'm not worried at all about that kind of surveillance and their personnel; as I've said, I'm more concerned about keeping THEM and their commercial and criminal counterparts out of networks they persistently try to infiltrate for industrial espionage purposes. THAT's where they are a nuisance, not their amateurish-organized mass-surveillance business that is still in its infancy, despite claims to the contrary.
Yes, I'm strongly pro-privacy, but I'm too long in this area to be easily impressionable: there are simply logistical and physical limits to what such a system of mass surveillance can achieve; limits that can't be overcome, no matter what efforts are being put into it. Some will be worried by this fact, others will be reassured by it, but however we see it, that's life. I'd rather prefer life to be somewhat random, and not totally under control, and I think it will always remain this way, thankfully.
Don't know about IR, but gamma and X rays definitely go through tape and can be picked up by the camera sensor, effectively turning the smartphone into an improvised Geiger-Mueller counter...
Check this paper..., and you'll be even more worried.
Good luck spotting a quick flash of the cam LED when malware is taking just a picture of you with that camera; esp. when you're not looking...
That may be precisely the problem here... (at least for Apple)
What's so bad about this? I mean, seriously? You'll be drawing a couple of mW and CPU cycles of NSA/GCHQ's computers more than they would have wasted otherwise, and occupied a couple of additional bytes in their storage system. That's all there is to it. No more, no less. As long as your behavior doesn't trigger an alert that forces a human operator to briefly look at your data, no harm has been done. And if a human op has to look, the only harm done is his or her wasted time, time that would be better put to use to investigate real targets instead of false positives. They don't care about your petty life, that's not what their mission is about.
Mass surveillance is widely overrated, IMHO. Even directed surveillance is not as effective as it should have been... so relax. The only ones who should be worried are foreign corporations whose trade secrets are being systematically spied upon, and, of course, governments who have traditionally always been a legitimate target of spying. Regular people aren't interesting enough, even though they would be flattered if it were otherwise.
Now, suppose you are the privacy-conscious guy, who shies away from smartphones, who doesn't use credit and debit cards any more than absolutely necessary and prefers to pay cash as much as he can, and who in general keeps a low digital footprint. Now you're screwed, because you'll have a whole lot of red flags floating all around you. Not only can't you prove that you were not where your alter ego was, your disappearance from the surface makes you prime suspect and will have you listed on even more lists than ever before. Good luck cleaning your name and reputation after that! Maybe having carried your private portable Orwellian telescreen with you would have spared you all those troubles.
Yes, I know, that's not the world we would like to live in: being forced to accept surveillance as a way to prove one's innocence would have been considered a typical dystopia some 30-40 years ago, but sadly, that's where we're living in right now. We've allowed ourselves to fall into a collective panic, but that's how it is.
Seriously, if a group really wants to hide from surveillance, they won't under any circumstances communicate their intentions, neither in the clear, nor encrypted, electronically, period. They'll meet ahead of time, and, at the most, agree on a trigger code... and not something as sophisticated as a one time pad. That code would be both simple, and would sail under the radar of surveillance: it won't raise any red flags whatsoever.
So, for instance, Alice will text Bob and say: "Hey Bob, you must really watch this awesome clip on YouTube from [INSERT-POPULAR-BAND-HERE]!", insert jargon of target group to make dialog more authentic. That would be a pre-agreed code for something totally different. Of course, Alice and Bob would have to establish a history of similar (dummy) messages in the past to evade raising eyebrows later: the crucial message should be indistinguishable from the ocean of regular messages they both exchange regularly.
One could even conceive a whole code made up of little blocks of such dialogs that appear like usual teen chatter on the surface... but that would open up this code to analysis. The less they communicate (in code), the unlikely they'll be detected. As an illustration for variation: use 20 pop artists in the phrase above, for 20 pre-agreed messages. If you need 400 messages, combine with 20 pre-agreed adjectives "have you seen INSERT-ADJECTIVE clip from INSERT-ARTIST on YouTube?"... there are endless possibilities to communicate discreetly over a low-bandwidth plain-text channel this way.
C'mon CIA Watchdog, don't be so cheap: cough up a Bitcoin or two to get the decryption key to that CIA Torture Report from your friendly Ransomware Provider...
Why go all the trouble to get a warrant etc, when reading out publicly available hi-res photographs from surveillance cameras showing the finger of the target would be more than enough to print a fine replica of the fingerprint on a 3D printer, to be applied / pressed on the fingerprint sensor by some FBI agent at a later time? C'mon, image data processing has come a long way to read your fingerprints from most photos with a decent enough lighting and resolution. Transferring that to the sensor is trivial from here.
Basically, it's not the hardware that is the problem right now with phones, it's the OS. Specifically, stock Android still doesn't allow IBSS mode, so it's not possible to build ad hoc P2P communities to extend the reach and range of Wifi networks. Or, maybe, to create the new killer-app, like say, nomadic file sharing. There are some patches out there for Cyanogenmod to enable IBSS for some Broadcomm chipsets, but unless Google finally decides to merge them back into mainline Android AOSP, there won't be any momentum to see widespread adoption of ad hoc networks, and therefore new uses for smartphones any time soon.
So, both Perl 6 and GNU/Hurd are finally production-ready? So let's start migrating Facebook and Google then...
Just because they post with real names (do they really?) doesn't prevent people from using hate speech on Facebook. The times when people used to act with more civility on the Net because they used their real names are long gone.
Indeed! It's much more easier to bypass all those pesky FISC procedures. Up to now, NSA had to do some pretty heavy vetting to distinguish between US and non-US Persons; EU persons self-segregating themselves out of the pool of people stored in US data centers makes it much more easier for the NSA.
That's an excellent example of the law of unintended consequences.
Basically, doesn't this means that data will be stored in EU data centers, e.g. in Ireland, UK etc..., where it will be (more or less) lawfully intercepted by British GCHQ and handed over to the NSA based on the Five Eyes Agreement? So this ruling won't change anything fundamental for the spying a.k.a. mass surveillance of EU citizens. The NSA, instead of siphoning the data from data centers in the US, will just have to route the traffic through a couple of big VPN pipes via GCHQ from data centers in the EU. Or does anyone really thinks that mass surveillance will suddenly be curbed because of a (supreme) court order in EU land?
Right. However, if you're not a US Person (i.e. if you don't have US Citizenship or a Permanent Resident Permit), there's no due process for you as well: NSA can access your GMail account without a warrant, because, well, you'd be a foreigner in their eyes, and foreigners are NOT protected by US laws in this area. No FISA court for you, comrade! That's the point: in Russia, they may pretend to follow due process (even if they don't), in the US, they don't even pretend to follow due process if you're no US Person. That's why some States are considering encouraging their citizens to move their personal data out of the US cloud.
Beware that the foreign government can secretly or openly cooperate with your own government to rat you out.
Seen from the outside world, most, if not all, US clouds are accessible to the NSA and other US state agencies. Especially if you're not a US Person, those agencies can request your data without a warrant at all. So what the Russians and Brazilians and soon to follow other nations are doing is this: they don't want you to post your potentially incriminating personal data on NSA-controlled servers when the NSA could use them to blackmail you should you work in an important position in politics, industry etc... They rather want you to post data on servers THEY, on only they, control. What's so wrong about this? If you are about to freely give your personal data to a spying agency anyway, it could as well be your own domestic spying agency, instead of the NSA. At least, that agency would be bound by your local laws w.r.t. the respect of privacy and protection of data of its own citizens, while the NSA is free to do what it wants with data of non US Persons, including selling them on the black market (not that they would do such a thing, of course, but in theory, they could). All this is due to the NSA overstepping its original mission that was code breaking and code development, and embarking on the Orwell program of TIA.
Perl 6 in Perl 5, as in Lisp in Lisp?
Would it be really so hard to relocate GitHub (servers, company and all) outside the US to avoid those DMCA take downs? Especially considering that it would also make life for the NSA a little harder too (no NSLs could force GitHub to secretly include backdoors here and there, and keep silent about it). Next question: what country would be most friendly to Open Source yet resisting the insatiable hunger of the copyright trolls?
Is it really wrong to spy on the worldwide communication infrastructure, as long as you can? This ubiquitous spying can only spur the deployment of more encryption, anonymizing protocols and generally hardening the infrastructure. As long as that infrastructure is so easily vulnerable to snooping, why should the NSA, GCHQ and other spying agencies refrain from exploiting it? After all, it's our fault that we keep communicating in the clear, and that we keep trusting commercial companies that provide closed source products that we can't inspect (at least in theory).
Well, Germans are Americans too (in a certain way...).
Suppose the inquiry board wants needs the testimony of anonymous whistle blowers (NOT Snowden, he's known). How do you suppose the anonymity of those testifying can be granted, if the inquiry is being public? I guess the NSA through the BND wanted to know who was testifying there, and what they exactly said.
Unless governments can rebuild the released version of Microsoft products with said source code, they'll be fed a sanitized version of that source code, but not the original full code base needed to build the final binaries. Backdoors could still be added later at build time, so what's the point?