While I understand and sympathise with the compulsion to resist surveillance in this practical, technological way, I think it might be the wrong reaction to the information. It's typical of techie people to seek technical solutions to social problems, and this is one such case.
It may well be possible to mitigate their ability to watch you by wearing enough tin-foil hats. Even if you succeed, all you've achieved is to protect one solitary person at the cost of considerable personal inconvenience. Worse, once you consider yourself "safe enough" from prying eyes, your incentive to actually act on what they're doing will be diminished.
I think that we should try not to be meek about this issue, passively hiding ourselves and then getting on with our lives saying "Fuck you, got mine". Why should the tech community flee the very Internet that it has played such a crucial role in building? Is the idea that our democracies could eventually fix this situation really beyond all hope?
If you live in the UK, write to your MP (http://www.writetothem.com/). Support PPUK (http://www.pirateparty.org.uk/) if you feel strongly enough, as they're seemingly the only political group treating this matter with the seriousness it deserves.
I'm starting to think people should begin to create "crypto-selves". I've seen a lot of talk saying essentially "get off facebook! get off gmail!" But that's a lot of persistent effort even for fairly technical people. Plus even in secure, anonymous environment interacting with your real life friends, purchasing your favorite books on amazon etc will reveal who you are anyway.
In non-web life we have private and public spaces and there's plenty of study on how these two play together and how important they are. Most people have erroneously thought that because your computer is in your private physical space that it's also 'private', but that's clearly not the case.
What people need is the education to create the technological equivalent of locking yourself in your bedroom for the afternoon to clear your head.
Gmail is like sending a postcard, facebook like chatting with friends at the mall or park. Tor/truecrypte/pgp etc for parts of your life you want private. Separate usernames, interests, tones of voice, etc in this private space.
Trying to hide your real (ie public) self is silly as should you become a target of the nsa & co. they'll find a way to dig up something even if you've been completely hidden from july 2013 on. What people need is a reasonably benign public self and a hidden crypto-self.
Also I'm all for fighting the surveillance state, but I'm extremely cynical of it's success. I see no feasible way to reduce the power and authority of the militarized aspects of our government(s). I can't think of a single example of where public knowledge and outcry has changed anything other than getting a few puppets punished anywhere except the non-militarized parts of government.
>I see no feasible way to reduce the power and authority of the militarized aspects of our government(s).
I partly think it's because people are asking for the wrong things. People say things like "stop NSA surveillance" which is vague and impractical. What needs to happen is to hit them where it hurts: Reduce total defense spending to 50% of what it is now. That should be the demand from everyone. Money is power. If you want them to have less power, stop giving them so damn much money. And besides, who can't get behind massively lower taxes?
If you want them to have less power, you need other powerful entities to tell them to stop abusing their powers. Boycott the tech giants and you'll see it happen. it's way more effective than any protest or online petition.
The problem is that the selves bleed into each-other. For instance, making up a completely different city to claim you live in while still talking to other people from your own city is hard.
If the NSA spots half a dozen people on Crypto-Reddit's /r/boston who claim to be from San Francisco, New York, Seattle, Chicago, rural Tennessee, and Miami respectively, then it knows it has probably found six actual Bostonians.
Individuals are in many ways an expression of our context. To remove all information leakage that would tell what our context is or, more simply, who we are, you basically have to remove the person entirely. Even 4chan-grade anonymity won't cut it, since writing style and narrative threading can be used to extract some sense of pseudonymity from even a /b/ thread.
I thought about this problem, but it was more to do with soliciting anonymous feedback from a group of close nit friends. It's a hard problem to fix, but I think maybe running the text through something that reduces it to all lower case and all txtspk, with some sort of grammer-fucker-upper might remove some of the personality attached to the original text input.
The root problem isn't the surveillance state. As long as we keep fighting and have conflict over resources and past wrongs, we're locked into this feedback loop of an arms race. Information and intelligence are a key advantages in conflicts.
We want our conveniences, we want our privacy, yet we don't want terrorists. We want our iPhones, our cars, and our comforts, and we don't want to see the price exacted from the rest of the world.
Surveillance seems like a very big problem, but only because it is so personal. It's distracting us from the real problems of the world, and that is pretty much every one of us are selfish, adding fuel to conflicts. We're crazy.
> Separate usernames, interests, tones of voice, etc in this private space.
I'm a big fan of this approach, as it allows people to explore different facets of their personality. Unfortunately, for the past year the big players, led by google, have been waging a war on it.
There are a number of flaws in your argument. The first is that we can do two things at once. Using privacy-protecting technologies is not mutually exclusive with promoting privacy-protecting legislation. We can, and should, do both.
But the more significant point is that using this stuff, as an individual, isn't really going to cut it without more, but who says that's the idea? We need to be creating things like this. What we have here is a list of open source projects you should all be contributing to and promoting to anyone you have influence over, and a list whose holes and shortcomings provide opportunities for creating new things.
I mean what good is Diaspora if everyone you know is still on Facebook anyway? But if you create an account and use it regularly, and convince as many people as you can to do likewise, that's how change ultimately happens.
And what you can do is: Read Facebook, write Diaspora. Don't shut off your Facebook account if all your friends still use it. Not enough people are sufficiently purist for that to scale. Just stop posting anything to Facebook that doesn't consist of "I just posted something you might be interested in to Diaspora" and then let all your friends wonder what they could be missing.
That's a very fair point. There's certainly nothing bad about making privacy conscious technology choices.
I also think that the very URL of this project - http://prism-break.org/ - invokes a certain over-focus on NSA's PRISM. As a UK citizen, however, my Internet traffic itself is being stored and monitored by GCHQ. So to me it seems especially futile switching from Chrome to Firefox, or from Google to DDG, or from Facebook to Diaspora.
Unfortunately, https://prism-break.org/ was registered before Snowden's revelations about Tempora. I'm working on adjusting the site's wording to apply equally to all governmental surveillance.
But let's also be realistic -- if this technology reached mass adoption, the predictable outcomes are either 1) The government outlaws it or 2) They figure out ways to work around the security
Mass adoption is a bulwark against legislation, not a promoter of it. Eg. alcohol is legal because it's popular, not because it's safer than drugs which are illegal.
But even so, a large percentage of developed countries did prohibit alcohol for a few years, both despite and because of its popularity, and it took years of people being turned into criminals before those laws were rolled back.
Popularity provides some protection, but it also creates a more desirable target for legislation amongst those who oppose it.
It seems to me that, for example, PGP is much more vulnerable to legislation than SSL, simply because of the latter's popularity. Not that I think either are currently particularly likely to be legislated.
People still puts locks and alarms in their house, even though they could avoid being burglarized through community watches and educating the public about the morals, ethics, and long term costs of stealing people's stuff.
I don't think the analogy works. This is using consumer-grade retail padlocks to keep out the world's richest and most well-equipped criminal organisation. The fact that the shops don't sell strong enough padlocks to stop them isn't the real problem: the deep-seated corruption in law enforcement allowing them to steal with impunity is.
> America's government is so corrupt it is no longer democratic.
Unfortunately yes, absolutely.
And you begin to see a direct cause-and-effect relationship between the level of corruption and the "quality" of the policy decisions that are made, example: The Iraq war. Another one: the "inertia" regarding climate change action (it's just corporate power effing it all up for us).
It really has a grave effect on all human beings on this planet. It's clear that this has become a fundamentally global problem.
You forget that we are as a whole a up-and-coming group and
in 10 years, many of us will be in very powerful positions. The digital revolution did not enter mainstream before the 2000s: What we can and should do now, is talk to others, explain what is going on, share our ideas. Be the change and the world will follow.
No doubt. The element in question is the state authorization for burglary. Letting "authorized burglars" walk into your house and take a look around when you are having dinner with your family.
Locks and Alarms are the lowest common denominator of security - it stops people from walking in but more than anything just gives an illusion of security.
More importantly, they make the distinction between a welcome entry and forced entry much clearer, which is very important from the legal point of view. It's not an illusion of security, but a precondition for a safety and recovery framework to kick in (police action, insurance, etc.)
This is a very strange way to think. In an ideal world it could be enough to just continue to use insecure services. But we are clearly not living in an ideal world, and even if all governments could be stopped from doing this type of thing there would for sure be others that would take advantage of the information. Just acting politically is not enough.
I strongly disagree with your statement that using encryption will make you passive. Instead it is the other way around: if you continue to use compromised services despite knowing the dangers you will become passive and lose your ability to think clearly about the issues at stake.
... what exactly have we uncovered with PRISM and the NSA bulk wiretapping, if not code having been corrupted from its original purposes in ways and extents unforeseen at the outset?
One has to write anonymizing p2p proxies because the old stack was corrupted. It's hardly different than the reason one would want new laws to address the way the old ones have been corrupted.
And our new p2p proxies? They're also (going to be) subject to corruption, by unforeseen things like Sybil attacks. Just as any new law is subject to possible future corruption.
Don't use template letters -- put your thoughts in your own words. MPs/their staff tend to weight template letters lower as they indicate less effort and thought, and writetothem blocks them if it detects them.
> Is the idea that our democracies could eventually fix this situation really beyond all hope?
Of course not. We should vote these creeps out of office and elect someone that really stands for privacy and civil liberties - like this promising young man: http://www.youtube.com/watch?v=B6fnfVJzZT4
> I think that we should try not to be meek about this issue, passively hiding ourselves and then getting on with our lives saying "Fuck you, got mine". Why should the tech community flee the very Internet that it has played such a crucial role in building?
Who is "the tech community"? I'm in the tech community, and I'm pretty sure I didn't create The Internet, or Facebook, or the NSA. I think the goal here is to provide people with resources so they can the internet more safely, and to normalize safety measures in order to guard against their demonization or prohibition.
Edit: However I absolutely agree that it's important to fight on social and political fronts as well as technological ones.
For Europeans, writing letters to foreign politicians is obviously pointless. And given the ongoing TSA facepalmery, I don't think my tourism boycott has made a difference in the US either. What else can we do?
Talk to your own government and local representatives and let them know you're not happy with their collaboration with the NSA. It's very unlikely they don't collect and share your information already, and very likely they're breaking local laws to do so. Agitate for laws to be passed banning this sort of surveillance and for the repeal of those authorising it.
There's lots we can do, it's just that some of it is hard, time-consuming and probably frustrating. I do know that this will be the first question on my lips when a politician next asks me for a vote.
> your incentive to actually act on what they're doing will be diminished.
Because you already have acted on it, they attempted to violate your privacy and you solved the problem, there's no point wasting time with useless political solutions that are largely ignored. That is the route which could more fairly be described as "not actually acting on what they're doing"
You're right in the sense that tech will never be the "final" solution.
But we need to use all the privacy-enhancing tools we can get our hands on, on the way to "real" solutions: You can't organize activities and exchange your thoughts freely while being watched by the government. The fear of being put on "the list" will stifle free speech and therefor sabotage the creation of any meaningful movement. It's called "self-censorship" and I've been told it's the worst form of censorship.
So yes, migrate all of your communication towards encryption and use an open-source operating system.
Several of these suggestions seem somewhat disingenuous - e.g. many of them to be about free software more than actual concerns about tracking, as reflected in the labels "Proprietary" and "Free alternatives". In particular:
- None of the proprietary browsers will track you - well, beyond what's specified in the privacy policy. Two of the alternatives are Tor applications, but the other two are Firefox (which provides no additional protection) and GNUzilla IceCat (which has little reason to exist other than free software politics).
- Most of the browser add-ons are mostly about third-party tracking; these could be subject to PRISM, but the notes suggest that the concern is more about the third-party tracking itself and non-free software (in the case of Ghostery).
- Ditto with the notes in cloud storage, which discount three storage systems with client-side encryption (i.e. equal protection) because they are proprietary.
- The media publishing section promotes third-party blog publishing services for "privacy and security", even though most blogs are public and thus have no need for either.
- Ditto above with Icedove vs. Thunderbird in the email desktop clients section.
- iOS is advised against with a misleading claim that "iOS devices contain hardware tracking" due to an long-patched bug. The claim about it being impossible to verify whether an iOS app was compiled from the original source is disingenuous, as this is rarely done on any platform, but would certainly be possible to do on iOS if the developer cared.
- OS X and Windows won't track you. (Chrome OS won't either, but it strongly encourages using cloud services which will, so I'll concede that.)
In the claims that proprietary software won't track you, I am assuming that the NSA will not compel (or has not compelled) these companies to modify their software to include secret tracking. This claim is made explicitly under the operating system section: "Apple, Google, and Microsoft are a part of PRISM. Their proprietary operating systems cannot be trusted to safeguard your personal information from the NSA." But even considering all that we have heard about the NSA, this seems absurd, far beyond what they are willing to do, and even if it were true, using free software would not necessarily prevent the US-based host of the download from being similarly compelled. Moreover, someone would probably notice (unless it were an intentionally introduced but otherwise unremarkable security bug, but it's sure easy enough to find real zero-days in software, free or not, without having to resort to that! - not that that should necessarily make you feel better.)
> Several of these suggestions seem somewhat disingenuous - e.g. many of them to be about free software more than actual concerns about tracking [..] None of the proprietary browsers will track you.
No, these issues are very much related. It is the very nature of proprietary software that you cannot inspect and modify it, so you cannot know if it will track you or not, and cannot fix things if you are.
(Inspecting outgoing traffic is helpful, but unless you monitor all activity all the time, and make the effort to actually understand every single bit that is transmitted, you can't be certain.)
Furthermore, some of these browsers explicitly do track you. For example, Internet Explorer, Chrome and Safari provide ways to sync your bookmarks, all of which track you - and some of them encourage you to do this, for example if you do not log in to Chrome it says "you're missing out". (Firefox also has a sync service, but it is encrypted on the client, so the server cannot read the information, and you can't be tracked.)
Although proprietary software may be easier for a government to compel to be modified to add tracking, it still runs the risk of being noticed in most reasonable cases, and there is in fact no evidence that any Western government is doing any such thing. It does increase the chance that you are being tracked due to incompetence, but I don't think this is particularly likely for such well-known software.
True, there is a difference with the bookmark sync - I do not think it is valid to discount a browser entirely based on this.
You seem to be assuming that tracking only happens either through incompetence or government mandate? Companies also track users to make money. Just today there was the news that twitter is starting to track its users, for example (at least it is opt-out).
Tracking in client-side software that occurs to make money is typically described in privacy policies, and a browser adding additional tracking would likely cause an uproar. While Firefox may provide a better default regarding sync, there is a difference between saying "stop using Chrome" and "enable client-side encryption".
> Tracking in client-side software that occurs to make money is typically described in privacy policies, and a browser adding additional tracking would likely cause an uproar
Emphasis mine. Yes, you might trust them not to track you, or to trust that someone will find out if they do, and that you will hear about it if so. But far better would be to use an open source browser (either Firefox or Chromium).
Twitter has been and will continue to track users' (and possible non-users') external web activity through their embedded buttons on so many pages. They're now beginning to sell that data, and that's what you can opt out of.
> For example, Internet Explorer, Chrome and Safari provide ways to sync your bookmarks, all of which track you
Safari is getting especially terrible. You can either sync "Safari" with iCloud or you don't. This includes bookmarks, but also ALL OPEN TABS ("iCloud tabs"). My bookmarks are absolutely harmless, my open tabs are highly sensitive. Apple sucks at services. :(
"In the claims that proprietary software won't track you, I am assuming that the NSA will not compel (or has not compelled) these companies to modify their software to include secret tracking."
The assumption that the NSA would never compel software vendors to include tracking code seems completely unjustified to me. It makes no sense at all to accept all the inconvenience that comes with avoiding NSA tracking and then use closed source software.
But I think many of the suggestions on this list are completely unworkable. Using Tor isn't just a little slower. It's unusably slow for regular browsing. Using noscript is nonsense. It breaks almost all websites nowadays.
They do not use visited URLs. While Firefox separates its location and search bars, this seems to me more of a design choice than a privacy one. I could be wrong! - but then again, the much bigger privacy risk is using Google in the first place, and if you switch to a different search engine then Google stops receiving autocomplete too.
You are wrong, they specifically say that this is a privacy measure to anyone who whines that they want a "superbar" like Chrome's.
Using Google is a privacy risk but at least you can control it with Firefox, when typing URLs that need privacy. Who the hell can verify what Google (and the NSA listening to their pipes) does with your visited URLs? If you use another search engine, Google can see that, and it's one more piece of information.
> None of the proprietary browsers will track you.
Can you elaborate a bit on this, how do you know they won't? My default assumption is that anything I can't see the source code of and compile myself is compromised.
Sociologically: there is a surprisingly large contingent of people who believe that if a company makes a claim, it's the God's honest Truth. The OP may not necessarily fall into this camp.
Technically: if the browsers were somehow phoning home, even if the data were highly fuzzed, I'm sure there would be guys like tpatcek who would manage to detail, if not the content of the tracking, at least the amount of data sent and the targets. I don't recall there being such a scandal in recent memory.
It is possible to send data along with other data so that it's reaaally hard to find. Also, they don't need to send data all the time, but rather activate this mode on request, say when a person using this browser is a suspect for some reason and govt needs to track his every move on the internet. This would make detecting of such a functionality virtually impossible, because it'd be turned off most of the time for most people.
It is possible. However, considering that it would only take one person being exceptionally curious with IDA, one employee to blow the whistle (the source is still "open" to a fairly large number of people, and a backdoor is far harder to hide than passive collection of existing data), or one slipup to cause a massive amount of PR damage, and this has never occurred, nor does the Snowden leak suggest this is happening, I personally consider this claim extremely improbable. YMMV.
I wonder if anyone tried frequency-modulating the data stream they send home, i.e. encode the sensitive data as changes in frequency of sending packets. Now try to Wireshark that one.
> Although proprietary software may be easier for a government to compel to be modified to add tracking, it still runs the risk of being noticed in most reasonable cases, and there is in fact no evidence that any Western government is doing any such thing. It does increase the chance that you are being tracked due to incompetence, but I don't think this is particularly likely for such well-known software.
Do you inspect every single line of code? Or at least grep the file list to see if you find a suspicious looking name? Don't think so. Your default assumption should thus be 'everything is compromised' since you did not verify it :]
Unless they frequency-modulate the packets they send home to transmit additional data and you'd probably never figure it out looking at Wireshark output that they are sending more than meets the eye. This is a simple trick; there are probably many other I can't even think of.
I've never heard the term "frequency-modulate" applied to software, and Wikipedia only knows about the radio kind of modulation. Can you please explain what this is?
This is an interesting idea. I assume by "frequency modulation" of data, he means adjusting the timing of the transmissions to create an out-of-band channel that might be more difficult to notice when packet sniffing. As a crude example, if I uploaded War and Peace to you, not as a steady stream of traffic, but as bursts of dots and dashes, I could send "The Magic Words are Squeamish Ossifrage" in Morse code. (Although in the context of apps phoning phone, I'm not sure what the advantage is over simply encrypting the stream...)
I'm at a bit of a crossroad, and I'm not entirely sure whether it's worth it; I've converted to Firefox from Chrome, moved to Piwik from Google Analytics, moved from Google Reader to Fever and so on. But it's just that it doesn't feel like it'll make a difference in the long run because nothing I'm doing will stop them if they actually do go after me.
It might help against tracking and such, but I feel like it's just an illusion that I'm making for myself. No matter what I do to try to prevent it they it won't matter in the long run, it just makes it that much more inconvenient for me.
It won't stop the government from getting at your data if they have time to spend actively targeting you. But it will stop them from passively slurping up your communications (possibly along with many other users') as part of an everyday protocol, which is surely an important difference.
(At least, for the present! I could totally imagine a near future where the government had a standard method to collect the data of various self-hosted services from VPS providers.)
On an individual level you’re probably right, if the government wants to track you, they might find a way—so this is more about doing the right thing because you hope more people do it. Google analytics, for example, is mainly problematic because everyone uses it, which creates a graph where at Google’s end, ip numbers can get a very detailed surfing history, as users hop from GA using server to GA using server. One person using Piwik changes nothing, many people using it will.
In relation to OSX, Windows, Chrome, IE, etc, I thought it was more to do with the fact that Apple, Microsoft and Google have all willingly turned over data to the feds...
Up until 2000, export control regulations made it illegal for a U.S company to release cryptographic tools internationally with a key size greater than 40 bits. Lotus Notes got around this by making a deal with the NSA to let them encrypt an additional 24 bits with an NSA key to allow greater security from everyone else but let the NSA still access things easily. At least some have speculated the Windows NSAKEY was for a similar purpose.
A claim that has been explicitly denied by the companies in question. As serious as Snowden's leaks are, he has repeatedly made exaggerated claims regarding them, and I wish he would stop.
If you're going to continue using Google Mail, it's a dumb idea to deliberately switch away from Chrome. The connection between Gmail and Chrome is among the more carefully guarded TLS connections on the Internet.
Then my comment didn't say your comment said that. But I want to add that I remember very few nicknames from HN, and yours is one of those. I remember it because you once said that Google takes their users' privacy very seriously, which is hard to forget. Ever since, I saw you defending Google, no matter what. Something isn't right...
By controlling both sides of the connection, and by investing in people like Adam Langley. And yes, other sites should. Not "control both sides of the connection", which is unrealistic, but in modeling their server configurations on Google's so they can take maximal advantage of Chrome's TLS features.
Prefect forward secrecy is a lot more secure since if google's private key were compromised any traffic -- including traffic captured in the past -- would still be secure (baring some further compromise).
Each connection has 2 possibly transient negotiated public/private key pairs made just for that connection. In theory, google could store all these pairs as well and they could be compromised, but that adds up to a lot more ifs.
As near as I can tell, the extra computation required to do perfect forward secrecy is a large part of why its not more frequently implemented.
When Google.com's certificate was faked, it was discovered because Chrome restricts what CAs are allowed to sign Google's certificates, if I recall correctly.
If you think you can do as robust a job at securing your mail as Google does with Gmail, by all means. But I'd feel awfully dumb if I migrated from Gmail to some other web mail provider only to lose my mail to a 17 year old with a Perl script.
I'm paying hushmail. But I suppose it's no better, they still honour warrants, and I haven't actually used the encryption provided, other than notes to self. I left google, when they changed the privacy policy last year, all google services build one personal profile etc. This is a ramble, but hushmail works, thus far.
If you really bet that, it says more about you than me.
But anyways: what does it matter if your webmail provider isn't beholden to the government, if a suitably motivated teenager can read your mail because of software vulnerabilities?
Google Mail isn't likely to be more secure just because Google is inherently better at building software than anyone else. Rather, it's because they allocate more resources to the problem of keeping Google Mail secure than any other mail provider does (or even can) allocate to their security.
First, I don't think "equivocation" means what you think it means.
Second, the equivalence isn't false. The Venn diagram of sites that can be compromised by script kiddies is entirely contained by that of sites that can be compromised by NSA.
Let's pretend I'm the NSA. I don't care right now about what your saying, I just care about who you associate with and where you are hanging out. If those raise my suspicions then I will also track the where/who connections and create a map of activity. Those dots might start to line up and create further interest.
If suspicions are founded as actual threats I will do anyone of the following and probably more.
FISA request
Look into your credit card records and bank transactions
Serve your host/ISP with a request and also get your SSL private keys
Listen in on your cell phone/home phone/sat phone
Use traditional listening devices (these are great btw..)
Find an exploit in something you use (I'm pretty sure I have some zero days lying around).
Listen in on your girlfriend/wife/husband/boyfriend/friends and family.
Create lots of tor exit nodes and track your patterns
Ask some actual spy's/moles for some intel
Use satellites and tracking devices, maybe even some drones
Torture
Wait for you to mess up..people are lazy.
I made this to point out some real tactics that are actually used and why the vast majority of PRISM related posts like these are a bit silly...aka..you're probably not a terrorist. The NSA tracked bin Laden's courier Abu Ahmed al-Kuwaiti's cell phone which eventually led them to Bin Laden. Does that sound like anything you're doing?
The NSA is not above the law and I generally support Snowden, William Binney, etc .. I just think people need to get grip on reality here. The only people tracking you are ad trackers.
ps. Don't fret too much about the NSA, Google Glass will have citizens spying on each other in no time flat.
> I made this to point out some real tactics that are actually used and why the vast majority of PRISM related posts like these are a bit silly...aka..you're probably not a terrorist. The NSA tracked bin Laden's courier Abu Ahmed al-Kuwaiti's cell phone which eventually led them to Bin Laden. Does that sound like anything you're doing?
I find this mindset really weird and alien. Surely people who are not terrorists using security measures is exactly what's needed, so that security measures become normalized and the web's vulnerability to malicious actors is lowered. I agree that the site's focus on the NSA and PRISM is a bit misleading, but that doesn't make the site silly (although other things might).
Have you even seen the slides leaked by Snowden? They tracking everyone. Of course no one has a problem about using FISA requests. The very problem that started this is that they disregard the constitution and track people regardless of their history.
You completely missed the point. The NSA is tracking everyone. They're building a database of everyone's activities. Nobody knows who the "terrorists" are going to be 20 years from now. The moment you become a suspect, they can bring up everything they've recorded you saying or doing and use it against you.
The NSA is above the law and the rules they follow are set by a secret court appointed by a single man who has his position for life.
Also extremely likely - the NSA/GCHQ/Whoever siphon off all "metadata".
At the next Boston bombing, or whatever, they analyse that metadata for the perpetrator. And the next one. And the next one. And build a profile of what a "terrorist's" communication patterns look like.
And then they single out everyone matching that profile and stick watches on them, or bring them in.
It's Minority Report without the psychics. Google Now for Homeland Security.
Wow, that never occurred to me. Analyzing Metadata really is a lot like "pre-crime".
Sure, in a sense all police or intelligence work can be looked at in a way that makes it seem "like pre-crime" - after all, crime prevention does have its merits. But putting every single citizen on the list is something different entirely and really does smack of "psychics".
Surprised Arch Linux [1] isn't listed. It's probably one of the most secure distros by limiting the installed packages to a bare minimum. Combine that with App Armour (or SELinux designed by the NSA) with a firewall and basic network monitoring to protect against rootkits. Plus always-on VPN, dm-crypted harddrive, noscript etc.
NSA also released SEAndroid [2] which hardens Android significantly. It's included preinstalled w/ Samsung S4. Although still not very popular and I'm sure not heavily code-reviewed.
I'm more surprised that Mint is being suggested at all in this. Considering how ridiculous this list is in the first place, the 'curator' should have noted that Mint, by default, installs search engines that are partnered with Mint[1].
Even more surprising is that BSD just got a cursory mention. You may as well switch to OpenBSD if you're going to switch to a majority of these alternatives.
I've added a note about Mint's search engine policy, thanks.
Also, BSDs will get greater emphasis in future updates. I'm working on a way to promote more operating systems without the page getting even more overwhelming than it already is.
Tor should NOT be on here. It has little to do with "breaking" PRISM. PRISM is a voluntary program wherein a handful of endpoints have chosen to submit copies of their database to the NSA. Regardless of the mechanism or browser used to access Facebook, the reality is that all of that data gets uploaded to the NSA anyway, so who cares? People aren't interested in the real solution to PRISM, which is "Don't use services provided by PRISM participants".
Furthermore, Tor's outproxy network (i.e., accessing normal internet sites through Tor) is heavily compromised, rife with honeypots run by both non-governmental and governmental operatives, and nothing stops anyone from injecting more honeypots. New exit nodes are automatically registered and used by the network as soon as the client flips his/her bit. While ostensibly exit nodes are not supposed to be sniffing these packets, since it likely violates wiretapping laws in their jurisdiction (unless it's an NSA-owned exit node, of course), one would be very naive to presume such sniffing is not occurring. This means that any data that eventually hits the exit node should be considered, for all intents and purposes, public (correctly-implemented SSL may mitigate this risk where employed). This is fine if you're just trying to circumvent a firewall (remember, Tor was originally designed as a firewall-circumventer so that dissidents in China et al could convey their traffic to blocked sites; the goal was simply "get this public blog post out of China and to the rest of the world", not "hide all data from the NSA", hence the design of the exit node network) so you can use IRC, where your conversations are public anyway, but it's not fine for all kinds of browsing applications, so "try using Tor for everything" is actually horrendous advice.
The upshot of that is that like most other privacy software, you really need to understand the software well to a) actually obtain any meaningful privacy from its usage and b) not accidentally seriously harm yourself.
On top of all that, Tor traffic is easily distinguished and most likely automatically flags your NSA profile for additional attention.
Cyanogenmod should have a big asterisk beside it noting that it's system is signed with PUBLICLY AVAILABLE KEYS. Also they have just the same proprietary blobs (most of them) that other android devices have (radio firmware, camera drivers, etc) that have just been pulled out of shipping factory android images. The description (without these) is playing people false IMO
Ugh, really? So is there no smartphone OS that you can be at-least-sort-of certain doesn't have a backdoor (leaving aside unintentional exploits)? My understanding was that even FFOS was built on top of an Android kernel...
> What components of DDG are partly proprietary and which are not? (not a criticism of DDG just this page) What is a "free search engine" anyway?
These parts are open source: https://github.com/duckduckgo. I've added this note to PRISM Break. A free search engine would be a search engine where users have the freedom to run, copy, distribute, study, change and improve the software. YaCy fits this description, but there are currently not a lot of people using YaCy at the moment.
> Why is chromium not listed as a free alternative to Chrome/IE/Safari?
Chromium will be added once I get a list of good Chromium extensions that rival the Firefox addons.
> Why are Firefox and Thunderbird listed alongside Iceweasel and Icedove?
Iceweasel and Icedove are difficult to install on Windows and OS X. If users are unable to switch to Linux, Firefox and Thunderbird are still really good options.
> How do you list OpenNIC if they have not adopted an official privacy/anonymization policy?
Good point. OpenNIC will be removed for the time being.
>Speaking of official privacy policies; I see that you tried to load /analytics/piwik.js. Where is the privacy policy for prism-break?
PRISM Break does not track the last 2 bytes of your IP - e.g. 192.168.xxx.xxx. A Privacy Policy is on the todo list.
There isn't much of a thought process. I opened an issue arguing for a more focused and defined modus operandi, but as it stands, the site is a community generated list.
New poster here, but someone needs to say this. Tor is amazing and great, but if you don't think the US/NSA don't know how to run their own Tor hops and cache the very same traffic that you think is on "anonymous" servers. . . then you have a more serious problem of understanding how this works. It's easy to run Tor servers. Even easier when you have an NSA budget. Also, ask yourself why wouldn't they be running thousands to tens of thousands of them knowing that most of that traffic is "suspicious".
This is great for us. We understand these tools and can use them. But most people don't. So if all geeks switch to the things on this list, we've left most of society just as susceptible as before.
Other, possibly better, solutions:
1) If you work for one of the companies listed as "proprietary", you can do the most. Stand up and say you care in company meetings. Tell managers and executives that it's worth finding better ways to secure, anonymize, or not collect information in the first place. Even if it comes at the cost of profitably or usability.
2) Authors of lists like these: Instead of saying all commercial software is lousy, compare them to each other! Make having secure, private software an actual selling point that people can understand.
3) Developers, designers: make beautiful, usable software that is secure and anonymous by default. Don't have privacy as your ONLY selling point. We can only win if we're private and amazing.
It is important to mention that "self-hosted" by itself, does not make one Prism-Free.
In most cases, if the hosting platform provider will be asked to provide access to the infrastructure, it is most likely that SSL private keys that stored on the virtual machine will be taken along with other data.
I praise this effort. Whatever the criticism may be, it's a useful site and it educates people. Folks like them do a lot more than us ranting here in the comments :)
I am not sure what kind of education does it provide. If NSA has access to GMail, it does not matter what email client you use, open-source or proprietary. If your ISP logs all your activity, it does not really matter what browser do you use.
And in general it is simpler and more revarding to target services providers instead of client apps for those services.
Interesting, I learned about the Autistici/Inventati collective only from this link, even though they seem to already be a large (>1k users) organization and in existence for a decade now. Useful info.
Is there any indication that this isn't disinformation geared toward a false sense of security? Call your government representatives instead, it'll have a greater effect.
What about obscuring rather than hiding? For instance, a script that emails hundreds of random addresses, tweets on hundreds of different accounts, visits thousands of different urls, texts and voice calls hundreds of numbers (for those with "unlimited" mobile plans), etc. every hour or every minute or what-have-you.
It seems that would be the digital equivalent of a paper shredder - imperfect but not necessarily easy to pick up and read. Just as well, all these collection operations that seem to be in place would fill up with mountains of useless data.
With systems like Tempora https://en.wikipedia.org/wiki/Tempora in place and the main goal of intelligence organizations (probably around the whole world) being to "know all information", the only way to be safe from losing your secrets is not to disclose them in any electronic form on the net. Simple as that.
And with your "secrets", I mean any piece of information you don't want them to know: email, websites you visit, mobile phone calls (and locations)...
Since Echelon/PRISM/Tempora/etc is practically public knowledge at this point, I would imagine that most "real terrorists" have also deduced the above facts and are living by them, making the whole exercise a fishing expedition paid with regular Joe's privacy and tax money...
The listed software is usually a good idea, but there should be a bit more explanation. Using TOR to access non-SSL website for example, might be bad idea.
Also, noticing TextSecure, it's great, but I have personal gripe with it -- you can't use it without using Google play, and that means irrevocably pairing your phone with Google account and therefore some identity. Would it be that much of a hassle to put APK on f-droid? Software that's supposed to be secure but requires you to have Google account is a sad view.
EDIT: of course, after the (de)cryptocat debacle, using TextSecure without reading the source code might not be a good idea. Homepage of "security" software like that should always include page about security: what algorithms it uses, stuff like that.
Very nice. Didn't think we'd be seriously discussing alternatives to the Internet in 2013 =) (https://projectmeshnet.org/) ... maybe this will spur innovation! Cheers.
Although it relies on Mega and Chrome, neither of which is recommended in the article, http://www.nimbusvid.com streams encrypted videos from your private cloud storage in your browser.
No other service does this and it allows you to have the convenience of the cloud and video streaming while maintaining the privacy that you would get by viewing videos on your local computer.
As far as I know it is one of the few examples of a (client-side) web app based on encrypted cloud storage. (I would like to know other examples, I don't know any).
Maybe its me, not completely unlikely, but when I open the left hand nav menu, with the button at the top left, the whole site shifts to the right to show the menu, but that cuts off the text in the last column. As well as that, no bottom scroll bar appears. Maximizing or resizing the browser window makes no difference. This is in Chrome, Iron(which you don't list and I reckon should), and firefox. Tried in IE, but the menu button at the top left doesn't work at all.
On the up side, the site name gave me a welcome chuckle!!!
I want to like this page but there are many problems...
* Who is the target demographic for this page? If it's lay-users, many of the suggestions are inappropriate: no-script, arch linux, "host-your-own cloud provider"... these are useless if you're not a programmer.
* Many of the suggestions don't do anything to improve your privacy. As tptacek noted, host-your-own may protect you from gmail handing your emails over en masse, but it doesn't protect you from yourself (you eliminate one attack surface but add many many new ones). Switching your email client... again, if the gov't can just ask your provider for all your mails, your client is irrelevant (excepting gpg which is a different question). It seems like many of these will create a false sense of security, which is even worse than no sense: "Yay I switched from outlook to icedove, take that NSA."
* There are way too many alternatives listed. What is the point of listing six different linux distributions? Pros are aware of the fact that there are many distros, newbs need a recommendation, not a dizzying list of alternatives with no guide to how to pick one. (I see mint is listed as newb choice; why are qubes, trisquel, etc. listed at all?). Ditto mail clients, browsers, and especially social networks. It seems little care was taken to ensure that the software on this list has any merit beyond being "free." Hey I made a free [barely functional, never updated] chat client, why isn't it on your list??
* The list reeks of politics over practicality. Seriously, IceDove? Trisquel? I'm a linux user at home, have used tbird, pidgin (& finch), adium, OTR, debian, ubuntu, mint, etc. etc. and I've never even heard of these tools. I suspect they are being listed because they are "FSF Endorsed" not because they are actually more useful. This is an AWESOME way to alienate new users: steer them toward ideologically pure but hard-to-use or nonfunctional software.
My suggestions:
* pare down the list (only list 1 or 2 of the best alternatives, maybe with a "more options" link for IceDonkey or whatever);
* Indicate how much technical expertise is needed for different tools. NoScript is USELESS for lay-users, disconnect.me (if it's like ghostery) & adblock are set&forget, very low friction options for new users. Ditto arch linux &c.
* Don't include things just because it meets the requirements of being "free"!! You don't need every half-functional email client in the world because it's "free"- this makes the list worse, not better.
* Make clear what tools do and don't do!! Merely switching to pidgin to connect to your does nothing for you, your list suggests it does. Blocking google analytics does not stop the NSA or whomever from requesting information from your ISP about your browsing habits!!! This needs to be more clear on your list.
* Don't make outlandish, inaccurate, unrealistic claims! "Stop the American government from spying on you by encrypting your communications and ending your reliance on proprietary services." 90% of these tools have nothing to do with encryption and/or aren't any more secure by default. You can't "opt out of prism." You're not "stop[ping] the American government from spying on you" by hosting your own wordpress. This claim is horsefeathers and it needs to be removed.
Oh well... at this point I'm feeling that in its current state your list does more harm than good, overwhelming users with too many (shitty) choices, creating a false sense of security, and muddying the waters about online privacy like crazy. These tools require attendant tech education: you can't just dump Adium in someone's lap and say "now you're protected from spying."
Spideroak.com - online backup and sync with zero-knowledge client side encryption should be represented in cloud services in my opinion, though since we are not yet 100% open source I understand the arguments against it.
We are however very close to opening nimbus.io and crypton.io open-source secure and private storage APIs based on our storage infrastructure.
Quite aside from protecting your data from the NSA, this site has a lot of software it's good to be aware of -- Jitsi, git-annex, Etherpad [1], and Piwik seem particularly interesting.
[1] I've seen Etherpad mentioned multiple times on HN, but I somehow never realized that it's self-hosted FOSS.
Aren't these all false suggestions? (Except for Tor like software maybe)
For example: DuckDuckGo might hide your search but when you click on a link in the result list the request to that link is still monitored by your Internet provider.
For the sufficiently paranoid, DuckDuckGo is available as a Tor hidden service: 3g2upl4pq6kufc4m.onion
They also run a Tor exit enclave for DDG searches, so using https over tor for DuckDuckGo searches should provide about as much anonymity as you can get doing search engine queries.
I was wondering the other way. If you just open Chrome in incognito mode and search Google without logging in, is it very much different from DDG? Except for the results quality, of course.
Is the big difference being your IP tracked with the searches by Google?
Yes but how much is a claim worth? Anything centralized is at risk to be tracked by the government. It's not as if Google put in the TOS that the NSA is monitoring their data.
Its kinda nice of a list thanks :)
I'd add here.com as proprietary maps. Its actually pretty good. yes its proprietary - but even having proprietary alternatives is good.
Nice resource, thanks for posting. It would be really cool to have some kind of ratings and reviews for each service/app listed. Maybe an official review/rating and then user contributed.
The only way you can truly guarantee you haven't been rooted is to at least trust your compiler. Even if you have the compiler's source code, how are you compiling it...?
Surviving in the current situation, will require a radical change in attitude and education - you know, effort - not just switching out bits of software.
sharefest.me is another alternative to secured file sharing.
The main advantage is browser only - sandbox security. And p2p - files don't touch the server.
Although not yet as secured as the other, we're working to improve it. Would love any security feedback on github.com/peer5/sharefest/issues
You are on Hacker News. Go fix it then or write a better one. Just keep in mind that you must make it open and non-proprietary, or else it will suffer the same fate as Skype. You see the conundrum here?
It may well be possible to mitigate their ability to watch you by wearing enough tin-foil hats. Even if you succeed, all you've achieved is to protect one solitary person at the cost of considerable personal inconvenience. Worse, once you consider yourself "safe enough" from prying eyes, your incentive to actually act on what they're doing will be diminished.
I think that we should try not to be meek about this issue, passively hiding ourselves and then getting on with our lives saying "Fuck you, got mine". Why should the tech community flee the very Internet that it has played such a crucial role in building? Is the idea that our democracies could eventually fix this situation really beyond all hope?
If you live in the UK, write to your MP (http://www.writetothem.com/). Support PPUK (http://www.pirateparty.org.uk/) if you feel strongly enough, as they're seemingly the only political group treating this matter with the seriousness it deserves.