
German minister: Stop using U.S. Web services to avoid NSA spying - Libertatea
http://www.zdnet.com/german-minister-stop-using-u-s-web-services-to-avoid-nsa-spying-7000017631/
======
HSO
Stop using US services?! That's where I started but as of today, I'd go even
further:

* _Americans no longer welcome in Europe_ ; you think you can spy on us, torture people, kill innocents, trample over longstanding diplomatic conventions to ground a president of a country, put the full might of your police state to hunt down your own freedom fighters, and then come here and have a good time or do business? Think again. US citizens not welcome here anymore!!! You can do what you want in your country, but don't come here if you don't respect our way of life and our privacy.

* Let's kick the Brits out of the EU (they don't seem to be too happy in there anyway); they are basically just a foothold for the American fascists in the EU and do their bidding

* Let's not stop at moving our own email and social accounts to European providers. Refuse to accept emails coming from gmail, yahoo etc. domains! Send automatic replies that explain why and suggesting ways what is acceptable.

The point is: The US electorate and businesses are either pro surveilling the
whole world, even their own allies, or they are lethargic and indifferent. If
the former, we should draw the consequence and stop having contact and
exchanges with them. If the latter, we should increase the cost of doing
nothing. Hurt them the only way we, as citizens of the world without a voice
in the American police state, can hurt them: In their pocket and in their
options to travel and have fun. America is always so happy lecturing the world
about democracy. Well then, now you can show us which way the wind really
blows in America and its relation with the world.

~~~
kimlelly
I get your outrage, but I think this:

It's not about the _People_ of USA or Europe. So let's not become hostile
against each other. (It's almost _never_ about the _people_ between nations.
It's _governments_ that fuck up things for the people.)

It's about a rotten system, which unfortunately is the US government today.
(It's not even about Obama, this is way above people like him.)

~~~
fnordfnordfnord
>It's not about the _People_ of USA or Europe. So let's not become hostile
against each other.

It _is_ about the people. We call this a "democracy" (I know, it's a
republic), yet as a whole we fail to engage our government meaningfully. That
makes it the peoples' fault.

We tolerate this crap in the US because as a whole we suffer no visible
consequence from it. Most US citizens remain blissfully unaware. Many of those
who are aware don't care because it doesn't affect them in any way they can
measure, and/or because they think it makes them safer. If we as a whole
suffer in some measurable way, especially of those of us who are wealthy
enough to travel are rudely made aware of our own rudeness and inconsideration
for others, maybe then more of us will actively oppose this crap.

I wouldn't see the revocation of visa-less travel for US citizens in Europe as
hostility, or as an unreasonable response to US gov't aggression in the form
of our unilaterally spying on everyone.

~~~
kimlelly
> It is about the people. We call this a "democracy".

What I meant to say is this:

It's not that Americans hate Europeans or vice versa or that Muslims hate
Americans or Muslims hate Europeans. We are human beings that share the pains
of this existance. We _all_ want to live together in peace - all of us.

Now, when you are part of those that _know_ more (better and fully transparent
media available, skill of critical thinking acquired in school), it means that
you, as an individual, have more _responsibility_ to change things for the
better.

And I believe this is the case with HN readers (the majority of the general
public in the US is probably not part of this priviledged group). So go out
and inform your peers about what they can do to advance democracy on this
planet.

~~~
fnordfnordfnord
>It's not that Americans hate Europeans or vice versa or that Muslims hate
Americans or Muslims hate Europeans. We are human beings that share the pains
of this existance. We _all_ want to live together in peace - all of us.

I was born in the US. I've lived in North America, Europe, and Asia. I agree
absolutely.

>Now, when you are part of those that _know_ more (better and fully
transparent media available, skill of critical thinking acquired in school),
it means that you, as an individual, have more _responsibility_ to change
things for the better.

IMO, my generation has grown up with and grown accustomed to a kind of
powerlessness with respect to gov't policy. Demographics heavily favor the
Baby Boomer generation in most parts of the country. The psychology of living
for twenty years in a "democracy" where gov't policy has to be approved by our
parents, or else it will fail, seems to have produced a lot of apathetic
people in my cohort. That's my excuse anyway. Nevertheless, without some
meaningful feedback concerning our gov't's, or some galvanizing event, I don't
see much chance for progress on this front.

~~~
freetibet
That's quite a walk back from Americans are no longer welcome in Europe.

~~~
fnordfnordfnord
I don't understand your comment. I'm an American. What I said is that I wish
some country(ies) _would_ ban Americans from unrestricted travel. What I wish
is that Americans become conscious of the behavior of our government both at
home and abroad. Without some corrective feedback, I doubt we'll do anything
other than maintain our collective ignorance/apathy.

------
antr
At work we've already had this discussion regarding the location of the web
apps we use. Not because we manage "highly sensible" data, but because this
entire situation bothers us at many levels.

Although not 100% decided, the "biggest" change we are planning is to move all
of our Google Apps email/server to a private mail server located here in
Europe + encryption for all. This is a relatively easy transition. A tougher
change is finding (if it exists) a Box alternative.

~~~
davidw
Spam filtering is also something that Gmail does pretty well. If you've got a
public email address that's 'out there', a serious spam solution is pretty
important.

~~~
mjn
I've been not very happy with Gmail's spam filtering, though I admit it's hard
to do right. But its false positives were the main reason I moved away from
it. The last straw was when they spam-filtered an email from my landlord
because it contained some Danish text in it (I live in Denmark!). I eventually
found it in my Spam folder (which I thereafter had to check regularly) with
the explanation that it was filtered because "It's written in a different
language than your messages typically use."

~~~
davidw
What have you replaced it with?

I regularly get emails in both Italian and English and it seems to get things
right most of the time. And it filters out a ton of spam - I probably get at
least 20 an hour, so without a good filter, I'd be "up a creek".

------
alan_cx
Since the UK is acting as the USA's slurp gateway, I reckon the Germans should
be having a word with us.

Also, if the EU wants to block the US in what ever way, its going to need to
block the UK too, since it will side with the US.

~~~
mc32
It's either naivete or posturing.

All major gov'ts intercept each other's traffic and do espionage (industrial
or intelligence) on each other. It's a kind of gentleman's agreement. We know
you spy on us, you know we spy on you, but let's pretend we don't, publicly,
and if something becomes public (one of us is careless), act outraged and
protest. (the Lady doeth protest too much)

~~~
mjn
> It's either naivete or posturing.

Possibly a bit of commercial opportunism as well. Regardless of whether it
improves security, it would be in Germany's economic interests for more
Europeans to use Europe-based webservices rather than U.S.-based ones.

------
ianstallings
This is not going to help.

But we now see how the fall out from this scandal will affect us. When I build
my next API or service will people around the globe use it? Or will they be
skeptical and decide to roll their own or go with an offshore competitor? Very
irritating.

~~~
BrandonMarc
I believe this may be very helpful. If enough Europeans stop / limit using
Google services, then Google's stock price on Wall Street will see the
consequences.

Google has powerful lobbyists on Capitol Hill, and they will use their
influence to change the playing field such that they either don't have to
cooperate as much, or can be more transparent about the cooperation. Either
option, or both, would help polish the tarnish on Google's reputation due to
this.

Perhaps this is wishful thinking ... kinda like believing Europeans, Asians,
etc will build their own Google-replacement ... but it's small a reason for
hope, all the same.

~~~
sneak
It's not just Google. It's anything running Apple OSes (iPhones/iPads),
Microsoft OSes, Google OSes (Android!), gmail users, AWS, any company _hosted_
on AWS, but, most importantly, any US company built _in the future_.

We've now learned that any US-based company can be secretly forced to spy on
their users at the behest of the military. And then in a stroke of genius,
Obama went on tv to explain that it's not cause for alarm because it only
targets foreigners.

Because we have FISA, because we have secret courts, because we have PATRIOT
NSLs, because we have gag orders, every single American internet company now
has a permanent credibility problem in the global market.

We're capital-F Fucked.

~~~
nikster
Indeed.

I'd like Obama to explain why any business anywhere has any reason to trust US
could services now. Right, they don't. If they're smart they stay the hell
away from any US servers.

It's a well known fact that the NSA/CIA are not just hunting for terrorists.
Their normal day to day agenda is industrial espionage as well.

I guess spider oak is still ok thanks to client side encryption. Other than
that - no thanks.

------
malandrew
They should go one step farther. I would love to see Germany set up a program
to woo American tech talent to Germany to work on anti-surveillance systems.

Make it a no strings attached program. All you need to do is move to Germany
and work with software/hardware that ensures secrecy. You would be given
assistance to either join an existing company or set a new one up. Your
choice. Financing would also be made available to build anti-surveillance
startups.

~~~
weland
If they start it, count me in.

~~~
malandrew
If someone is in Germany and has access to the right ears in government, you
should pitch this idea.

I would love to see some country champion any and all startups and open-source
technologies that promote decentralization. We need more projects out there
that are consumer friendly and use DHT based solutions like Kademlia for
mutually shared data.

------
Fuxy
I say block all US services in EU. It will be inconvenient as hell and
incredibly annoying but it will give European companies a chance to fill the
void.

And yes I know it can be bypassed but jumping through hoops is always annoying
and if European alternatives show up people would be less likely to bother.

I would do it just to see what happens :)

~~~
krapp
No, the only real solution is for the EU to come up with its own proprietary
replacement for the internet. Replace everything from HTML up to HTTP with
closed source software built by EU governments. Remove any server or computer
hardware either built in the US or built by a company that also services the
US, and replace them with systems built in the EU. And since you can't trust
American IT workers not to be NSA moles they'll have to expel all of them,
revoke American visas and bar Americans from entry into any EU nation.

Only then will Europe be truly free.

~~~
sneak
> Replace everything from HTML up to HTTP with closed source software built by
> EU governments.

The new boss looks surprisingly like the old boss, don't you think?

Also, you sort of lost me at closed-source, or are you being hyperbolic for
sarcasm's sake?

~~~
krapp
Hyperbole and sarcasm.

------
a3n
No such action will have any direct effect on surveillance. I think it's clear
by now that the NSA hoovers everything, regardless of citizenship or location.

But if it has an economic effect, that might get someone's ear.

So yeah, shun US data companies, it may compel the NSA to at least be a little
more transparent.

~~~
flyinRyan
Are you saying the NSA is spying even on traffic that never goes near the USA?
That would be one of the biggest claims so far.

EDIT: appears the claim isn't as big as I thought, though I'm surprised that's
not the case!

~~~
dragonwriter
> Are you saying the NSA is spying even on traffic that never goes near the
> USA? That would be one of the biggest claims so far.

Foreign signals intelligence is the whole point of the NSA [1]. The only
reason their spying on domestic traffic is controversial is that, unlike
purely foreign traffic, there is a history of abuse of surveillance for
domestic political purpose which has produced both laws imposing limits on and
public expectations of restraint with regard to domestic surveillance.

So, no, the NSA spying on purely foreign traffic with no domestic nexus
wouldn't be "one of the biggest claims so far", it would be _exactly what the
NSA exists to do and a non-issue_.

It would be news if the NSA _wasn 't_ spying on purely foreign traffic, not if
it _was_.

[1] From [http://www.nsa.gov/](http://www.nsa.gov/) : "The NSA/CSS core
missions are to protect U.S. national security systems and to produce foreign
signals intelligence information."

~~~
flyinRyan
I think that would be news to the rest of the world since it's likely illegal
in most of it.

~~~
dragonwriter
> I think that would be news to the rest of the world since it's likely
> illegal in most of it.

The specific _details_ of the NSA's (or _any_ foreign intelligence service of
any nation) intelligence gathering would be news, but the fact the NSA (or any
foreign intelligence service of any nation) actually gathers intelligence
outside of its home nation, quite often in violation of the laws of the places
from which the intelligence is gathered, really isn't news.

I mean, that's the whole _point_ of foreign intelligence services.

~~~
GHFigs
It's terrifying that people are even forming strong opinions about such things
without understanding such basic information.

~~~
flyinRyan
I was furious when I was under the impression they were slurping up any data
that came near the US. Now I'm even more appalled.

~~~
GHFigs
Precisely my point. Extreme emotional reactions are not a good basis for an
informed opinion. Learning about a subject is much more important than telling
people on the Internet how mad you are about it. The downside (and I admit, it
is a downside) is that it's much harder to maintain that sense of absolute
certainty and self-righteousness that constant outrage affords. The world
becomes much more complicated and forming an opinion that you can be confident
in actually takes effort.

------
lazyjones
Such short-sighted outcries do not help. He should first consider asking
people to stop using US-made, closed source operating systems. Then he should
ask Germany's secret service (BND) what they are doing with the data from DE-
CIX (e.g. sharing with the NSA ...).

~~~
flyinRyan
Of course it fucking helps. Every step helps. Your suggestion is so useless to
be irritating. "Oh, we can't say anything because there might be some asshole
on the internet who could make it sound hypocritical. We best just keep doing
fuck all because that's worked so well thus far".

~~~
lazyjones
It does not _expletive_ help to make the problem sound smaller than it
actually is, which is precisely what he did with his dumb advice.

------
zby
The journalist forgets that tapping into the cables only works for unencrypted
traffic - this is actually the reason that NSA bothered Google and others in
the first place.

~~~
voidlogic
And you know the NSA hasn't been given or stolen SSL private keys of major
players?

Most big sites don't use forward perfect secrecy making MITM achievable.

~~~
sneak
MITM always unambiguously refers to an active attack. That's not what they do
or have ever done. It stands for man-in-the-middle. They aren't in the middle
when they tap fibers.

Lack of forward secrecy ciphersuites does allow for retroactive decryption
upon server secret key compromise though, which is what I assume you meant.

------
seanmcdirmid
Why doesn't Europe just block US services for "national security reasons?"
Like say...china does.

I have to admit, this puts china's blocking in a completely new light...they
might have a real argument if I didn't already know they just want to spy on
us themselves.

------
blueprint
Idealistic and hypocritical. That is advice aimed at diverting attention from
the full scope of surveillance occurring on the people of Germany.

~~~
flyinRyan
Actions have to be taken. Germany is spying on its citizens. The US is spying
on _everyone_. It's pretty obvious where the priority should be here. Man I'm
so sick of _any fucking action_ anyone suggests getting met by a bunch of
morons pointing out how it might be "hypocritical". Who gives a fuck?

~~~
blueprint
Because the US' problem originated in hypocrisy. This world will only change
into one that is for the living people when everything that is in truth and
falsehood is revealed. To engage in action that is connected to falsehood is
to make a relationship with falsehood. To do so under the guise of acting to
solve these problems makes oneself a hypocrite.

------
mhd
Expect lots of new Samwer copy/paste startups if people actually care in the
end.

------
whiskeychaser
Like the NSA is limiting itself to just the US? C'mon, if they can do it here
without anyone knowing why would they stop at our borders/servers?

~~~
BrandonMarc
Exactly. The NSA's purpose for _existence_ is to intercept communications of
non USA citizens outside USA borders. Right or wrong, it's simply why they
exist in the first place.

The current scandal is due to how much they do it to USA citizens within USA
borders ... without getting into the right or wrong of it, the latter is
against the Constitution, while the former is not.

~~~
robin_reala
That might be the focus of the scandal in the US, but it certainly isn’t in
the EU.

~~~
sneak
Yeah. If Google/AWS/AWS-hosted companies/Apple/Microsoft/Facebook know what's
good for them, they'll quickly do literally everything they can to force the
US government to stop this foolish bullshit. They have far more non-US-citizen
customers than they do US-citizen customers.

------
esolyt
What are the alternatives? Why are they more trustworthy?

~~~
kimlelly
Avoid web services as much as possible and use desktop software whenever
possible.

Then make sure your operating system is open source.

~~~
huhtenberg
Open source doesn't imply trustworthiness.

(edit) That's unless you build every single piece of the OS from the source
that you either proofread by hand or obtain from a trusted distributor. While
you can be reasonably sure that Linux _kernel_ you just built from kernel.org
sources (after diligently verifying the .tgz sig, of course) is clean, any of
the binary packages you install afterwards may be rooted all the same.

~~~
kimlelly
Sure, not 100%, but way more than closed source any day.

(edit) Now, for comparison's sake, you'd have to try and apply that same
rigour to MS Windows or MacOS/iOS...

~~~
MisterWebz
Would we be able to detect any suspicious activity on our closed source
operating system, or would a backdoor implemented specifically for
intelligence agencies allow undetectable communication between hosts?

~~~
vidarh
We probably would be able to. But consider that the "backdoor" can be
incredibly sneaky. Look up the claimed "Crypto AG" attack, which involved pre-
internet crypto devices. The claimed way it worked was to include the key or
enough data to allow decryption in the transmitted message in some form.

NSA wouldn't need something to contact their data centres and leak the
information, because presumably they can tap some fiber connection or other
your data ends up travelling to. All they'd need would be a slow leak of your
keys. Even, say, just a few of tweaked data per packet, or tacked on to a file
format that is resistant to it, so that they can pick up key information
together with the data stream, and they're good.

Or even just intentionally introducing a specific way of generating keys,
known to the with sufficient precision to allow them to reduce the key space
enough that brute forcing the remaining bits is feasible. For a conceptual
example, look up the old Netscape SSL vulnerability (Netscape's SSL used to
rely on factors like the host time and pid, that especially on a typical
Unix-y system also running services like mail servers that often would include
the pid of of the delivery agent in headers etc., was extremely easy to narrow
down)

It's difficult to do this in a way that can't/won't sooner or later be
discovered, but given the number of likely unintentional mistakes that have
been made that still have taken in some cases years to be discovered (publicly
at least), it's plausible that there are intentional flaws in at least some
software to make it possible for specific parties to be intended to be able to
break it.

~~~
huhtenberg
Predicatable PRNG is _the_ sneakiest way to weaken any crypto, even those
based on mature standards.

------
embolism
This is the same Germany that issues mandatory RFID based national ID cards,
and requires all citizens to register with the police when they change
residences?

------
DanielBMarkham
This might be a good time to remind the angry mob that other nations spy just
as much, or more so, than the US.

The US just got caught.

This is like the secret of the atom bomb. Once it's out, it's out. No
pretending that it doesn't exist any more. Guess what? What you put on the
wire is fair game for any of scores of different intelligence agencies. No,
not usually the criminal law enforcement folks, but the spy guys.

And most of the politicians in these countries don't know. In fact, for a
program like this to be effective, very few people should know.

You can't put that genie back in the bottle by getting mad at the US and
pulling your data out. (Not that I blame you. Might make a fine protest. It
just does nothing to ensure your privacy and anonymity) In fact, you could
actually be opening your data up to even more abuse. Who knows?

The world needs to decide once and for all whether to make this data
completely transparent and accessible to all, or an international crime to
collect. Pretending this is a USA-only problem is just another way of sticking
your head in the sand.

~~~
dragonwriter
> This might be a good time to remind the angry mob that other nations spy
> just as much, or more so, than the US.

Probably not "as much"; quantity of spying is limited by quantity of resources
available for spying, and the US probably outspends most other nations (quite
likely, as with military spending more generally, at or near the amount of all
other nations combined) on spying.

~~~
moheeb
It is so cheap to collect and store nowadays that your argument won't be true
for long, if it even still is.

~~~
dragonwriter
This is true, perhaps, of voluntary collection of data from cooperative
partners, which is, to be sure, one of the controversial aspects of the NSAs
domestic surveillances that has come out, but hardly the _limit_ of the NSA's
spying.

It will continue to require resources to collect information from people who
are trying to prevent you from having it.

------
sbmassey
The only way to stop this kind of thing is to restrict the size of your
sovereign nation to a size where the citizenry can actually have some idea
what their state is doing ... maxing out at a million or so, say: you dont see
governments like Iceland or the Swiss cantons acting in this kind of out-of-
control manner.

------
BjoernKW
Funny thing is, this is coming from a politician who usually shows no qualms
when it comes to invading people's privacy. If anything, he's merely envies
the NSA for its extensive surveillance capabilities.

If German politicians really wanted to do something they could to do so easily
by granting asylum to Edward Snowden.

------
ekianjo
It's not just the US Web services, the traffic anyway goes through the US and
can be intercepted.

~~~
sneak
Germany-to-Germany traffic does not go through the US.

~~~
ekianjo
You might as well make a closed Internet for Germany only... The point of the
Internet is to be global in the first place.

~~~
sneak
Every country already has a closed internet for their own domestic use. It's
called the internet.

This makes the article relevant: "Stop using US services."

------
xedarius
Just out of interest, given the revelation that the UK is tapping underwater
fibres, anyone know if they have a plan to stop doing it? Or they just going
to carry on?

If they do decide to stop, how do we check?

------
noiv
German here. All these after Snowden proposals from German government or
opposition are fake. Either they call it a Hollywood fantasy, want to escalate
it to the EU or now ignore snooping happens at the cable.

The day anybody proposes encryption to the public I'll consider to start
voting again. And regarding some other comments here, I think it's a stretch
calling a country democracy, if the voter turnout is below 50%.

------
lars
I work in a European branch of one of the very large tech consultancies, and I
know that decisions to this effect have been made in several of the countries
we operate in. There's _a lot_ of money that isn't being funneled to Amazon
and the like because of this.

~~~
pekk
Also avoiding the UK and France? Probably not. Why not? Because this isn't
really about surveillance, it is about an excuse to boycott the US.

------
k-mcgrady
I have started doing this with some services and there were good alternatives
available. But for search I can't find one. I tried DuckDuckGo for a few weeks
but the results were awful compared with Google. Can anyone recommend a good,
more secure alternative to Google?

~~~
kimlelly
> ...recommend a good, more secure alternative to Google?

[https://startpage.com](https://startpage.com) has currently the best results,
IMO.

~~~
junto
^^ This ^^ has just been added to my favourites bar. I'll give this a go, and
if I like it, I'll be removing Google. Thanks for the tip!

------
tyang
Stop using Google, Microsoft, Yahoo, Facebook, Amazon and Apple?

And how's that Baidu filter working for ya?

------
elchief
"Can you think of a single European search engine?" Yandex.

------
anigbrowl
I'm somewhat amused by the grammatical error in this headline.

------
kimlelly
And some general advice to keep more of your privacy:

1\. Use an open source operating system.

2\. Communicate over RetroShare:
[https://news.ycombinator.com/item?id=5983913](https://news.ycombinator.com/item?id=5983913)

