
Edward Snowden: ‘They’re setting fire to the future of the Internet’ - Libertatea
http://www.washingtonpost.com/blogs/innovations/wp/2014/03/10/edward-snowden-theyre-setting-fire-to-the-future-of-the-internet/
======
bestrapperalive
_While the video and audio feed – routed from Russia through seven proxy
servers – was choppy, Snowden’s message was clear._

Edward Snowden is the gift that keeps on giving. I feel like "seven proxies"
is the proof of concept for a practice that should be more common. From now
on, every statement about technology, especially the intersection of
technology with important issues like civil rights, should be watermarked with
at least one meme or obviously absurd statement. If a reporter regurgitates
the meme as fact, readers are warned about the reporter's lack of general
knowledge about the subject and will be primed to read the rest of the article
with a more critical eye.

~~~
SDGT
I thought the 7 proxies thing was just an homage to the well known meme[1]

[1] [http://knowyourmeme.com/memes/good-luck-im-
behind-7-proxies](http://knowyourmeme.com/memes/good-luck-im-behind-7-proxies)

~~~
bestrapperalive
No doubt. I'm sure it was. I just think it was also a genuinely useful
indicator of exactly which reporters aren't/ don't have access to people with
general knowledge of the subject and that more people should make jokes like
it for that reason.

~~~
stcredzero
"Truth and heroic goodness through meme knowledge," seems as morally and
intellectually bankrupt to me as Ivy leaguers on Mad Men using preppy/main-
line subculture as a proxy for ability. Knowing about memes only says
something about where you hang out online. It's the same sort of proxy for
actual ability or trustworthiness as being a member of the right country club.
Such proxies can work, but they depend highly on particular circumstances. The
company town residents in Matewan using Bible verse knowledge as an impromptu
code uses the same principle. This is not evaluating character from first
principles! It's trusting a label! It's knowing that one group has a bit of
information that another does not. However, we of the Internet era should know
how rapidly and irrevocably this can change.

(Actually, a good test for whether someone has A-lister perception is to see
if they can see past their own prejudices.)

~~~
bestrapperalive
I've never seen Mad Men, but your comparison seems at least a little unfair.
In this case, knowledge of the particular meme or participation in the culture
that created it is not necessary. A complete stranger to internet jokes, who
happened to be at least generally acquainted with the technologies being
discussed, could very easily identify Snowden's claim as a joke (or at least
something very odd and worth investigating) whether or not they had been
exposed to the original meme. "Seven proxies" should make your eyebrow raise
whether or not you're aware of the original joke.

~~~
stcredzero
_I 've never seen Mad Men, but your comparison seems at least a little
unfair..."Seven proxies" should make your eyebrow raise whether or not you're
aware of the original joke._

Because, in your words, someone should know on the face of it, that "seven
proxies" is implausible? Please explain how I should know that. Would it be
worse or better if it were 6 or 8? Please answer from first principles
concerning network technology. (The fact that you are not accounting for the
fact that there are multiple interpretations to the term "proxy" makes my
eyebrows raise.)

------
maqr
I was in this session and the biggest take away I had was that the ACLU and
Snowden believe a technical solution is possible to end _mass_ surveillance,
but they aren't concerned with individual targeted surveillance. I think this
was a good way of framing the discussion with actionable steps like PFS, end
to end encryption (Snowden name checked Whisper Systems), FDE, SSL everywhere,
not storing data forever, etc. The ACLU seemed to think that pressure can be
brought on big companies to at the bare minimum require SSL immediately makes
mass surveillance more difficult.

~~~
cheald
SSL only makes mass surveillance difficult for the people who can't lean on a
CA. I somehow suspect that if the NSA decided it wanted to, it could get
itself an intermediate cert that it could use to MITM SSL sessions.

~~~
eyeareque
I don't think they need to get one; Take a look at the CAs are in your
browser. Do you implicitly trust all of those organizations and governments?
It doesn't matter if you do as your browser already does.

~~~
lern_too_spel
This hasn't been the case since Chrome implemented certificate pinning in
2011.

~~~
throwawayaway
Chrome pinning doesn't break corporate MITM proxies.

[https://www.imperialviolet.org/2011/05/04/pinning.html](https://www.imperialviolet.org/2011/05/04/pinning.html)

~~~
lern_too_spel
Obviously, if they can install additional Root CAs, they have enough access to
do absolutely anything as your user on your maxhine, including installing
trojaned versions of all your apps. That isn't the issue gp was discussing.

------
johngalt
It's been obvious since the 90s that if the internet fulfills half of it's
promises that nations would seek to control it.

Anyone who thought that the internet wasn't going to have state actors and
control, also must think that the internet would never be important.

~~~
mpyne
If anything Snowden himself has and will accelerate the erosion he fears.

Even if the UK, France, Germany, etc. can somehow assume that NSA will stop
(which is laughable, but let's assume it), they still will have to deal with a
resurgent Russia, Iran, and China.

Whatever methods can protect them from China can protect them from NSA, and
vice versa. If anything they've been trying for a long time to put up "cyber
borders" but policymakers have blown it off as unnecessary when it's just a
matter of cyber crime.

Now that Snowden has opened up peoples eyes to the possibilities (quite
forcefully, I might add), there is now political cover to build those cyber
walls, only under the guise of "blocking the NSA" instead of blocking Chinese
hackers.

You're right that this has been obvious too. There are _no_ commons that are
not regulated by the nations, and militarized when and if they become a
threat. Antarctica is only left alone because it's unimportant. The Arctic
_is_ a growing strategic concern, and space itself is only a step away from
being militarized.

If the U.S. cannot gain strategic value from cyberspace they will certainly
not leave it open as a strategic weakness dragging along a "PLEASE HACK ME"
sign, and a similar calculus applies to all of the democracies. Whether it's
borders, or a national Internet kill switch, or both or more I don't know, but
it won't be the same as it was before.

~~~
nitrogen
Internet borders and national kill switches are like killing a mosquito with
an H-bomb. There are far more surgical options for defending against
cyberattacks, and instead of trying to sound sage by predicting doom and gloom
(and claiming we knew it all along), we should be implementing and advocating
these more appropriate approaches.

~~~
mpyne
> There are far more surgical options for defending against cyberattacks

We still can't even get our coders to stop using C for security-critical code,
and you could effectively throw C++ in that complaint bin too. We can't get
people to implement crypto appropriately. The list goes on and on. And with
cybersecurity you only have to get one thing wrong, especially on an open
Internet, while the attacker gets effectively unlimited time and numbers of
attempts (although they don't even need that so far, as long as 0-days can be
bought off the shelf).

And all the stuff we can't do in the civilian sector, it's even harder to do
right in government and military (and apparently critical industry). There's a
whole host of things we can do to be better, but half the reason walls will go
up is because they are so much better at dealing with novel threats than the
idea of "just design and implement everything perfectly, geez".

But either way, Germany's complaint wasn't just cyberattacks. There was also
data privacy, and that complaint is centered entirely around the fact that
they can't control whether a German's data gets routed to France, UK, etc.
even in the course of entirely .de <-> .de Internet traffic.

But the roots are already here, it's not simply a prediction. After the 2007
Russian cyberattack on Estonia, Estonia was able to adapt and recover very
effectively... but they still now have a national cyberborder in place, and
are just waiting to hit the button (a useful button to have right now, given
the crises in the Crimea).

Ironically things like open source will only make this trend easier I think.
It's not hard to imagine governments setting up things like ownCloud with a
federated model, with replication channels open to friendly nations' instances
of ownCloud and closed otherwise.

------
JacksonGariety
20 points, no comments.

Hacker News has nothing to dispute here?

That means something is very, very wrong.

~~~
Zigurd
Many people here wish this would all just go away.

Many people here work at companies that are on the PRISM list, or work for
core infrastructure gear makers, or telecom network operators.

Some people here work in the "security" industry, which relies on an
appearance of security that can be cracked "to catch the bad guys." These
people know their tools and services are also used to put dissidents in
prison.

The only way forward is to make everyone secure to the highest standards,
routinely, for all communications and data storage.

~~~
rhizome
_Many people here work at companies that are on the PRISM list_

And many, many more work at companies that would very much like to be acquired
by a company on the PRISM list.

------
brokenparser

      While the video and audio feed – routed from Russia *through seven
      proxy servers* – was choppy, Snowden’s message was clear.
    

Seems legit. (Anyone else got that reference?)

~~~
pyrocat
I'm imagining the scene from Goldeneye when they're tracing his signal.

~~~
bitJericho
I'll create a GUI interface using Visual Basic; see if I can track an IP
address.

~~~
samstave
I told Google all about it!

------
Eleutheria
Guys like Snowden, Assange, Stallman, etc are the best fire fighters humanity
will ever have. Bitcoin, Bitmessage, Meshnet, Tor, etc are the tools of the
rebels.

We can go to sleep safe. With an eye always open.

------
tptacek
_“If we allow the NSA to continue unrestrained, every other government will
accept that has green light to do the same.”_

Drink ejecting through nose.

~~~
pyrocat
Do you disagree?

~~~
tptacek
YES.

~~~
rgrieselhuber
Care to share more? This happened when we started fingerprinting all new
visitors to the US at airports. Now it's done all over the world.

~~~
psykovsky
He must have some interest on the NSA continuing their mass surveillance
efforts, or something. Juicy federal contracts aren't something you turn your
back on when you're a 20 year old kid with a public voice.

~~~
Phlarp
I disagree with Tptacek in this particular instance; but to allege a conflict
of interest like this is petty. AFAIK his security firm specifically does not
do defense contracting.

