I can see how they get HTTP information, since they would intercept at transit hubs - but how are they getting all Facebook private messages and Gmail?
I was also looking for another unique ID that users are identified by - perhaps a machine or browser fingerprint or some form of intel that can 'glue' different browsers together and make a best guess if they are the same person (Facebook does this with device and user cookies) but couldn't find anything. It seems they rely solely on email addresses, IP addresses, cookies and HTTP headers.
So if you are browsing via 16 tor circuits and a browser that defaults to incognito with session histories being wiped, they couldn't reconstruct your history.
Users of PGP/encryption products being singled out is terrifying. The sooner we have the whole world using decent encryption tools, the better.
Edit: Gmail messages must only be captured when they leave the Google network. They are the only provider to support server-to-server TLS: https://twitter.com/ashk4n/status/346807239002169344/photo/1
They must only be getting a slice of the Facebook chat data, since the transport there is also https.
Facebook Messenger, on the other hand, uses MQTT, so it transmits and stores in plaintext. It has support for encrypted + signed messages with OTR if you are using an alternate client such as Adium or Pidgin.
Really need to go out an audit all of these services and let users know which are better.
It has become a bit of a pet peeve of mine recently to see self-aggrandizing comments from users around the net about how "we should have known" and "none of this is new."
I'm a practically addicted news junkie (especially tech news) and while I've been aware of a fair amount of what has been exposed in this latest leak, it seems that every day there are revelations new to me, and what is revealed absolutely shocks the conscience. And I'm an outlier. I'm more plugged in to reporting on this subject than 99% of the globe's population, and this subject tangles with the rights and treatment of a large portion of the population of said globe.
The staggering majority had no clue, has no clue, and no, they were never informed. For all intents and purposes, the global media has been asleep or complicit.
It's staggeringly important to keep telling this story at every level specifically because "we" don't know, and still don't.
There is good independent media that has been covering the story for years though. Here's a Democracy Now story from February 2005:
Democracy Now has an incredible archive on this subject too. Right now it starts here:
Specifically, they've done some great interviews with previous whistleblowers:
Other interesting guests:
And the purpose of Tor might be different than you imagine:
Or are you just trying to discredit Appelbaum, Assange, and/or Wikileaks?
Also, is that your article? Should you disclose that? And is there any reason you linked to it rather than the original New Yorker article here:
It is, however, VERY easy not to have been able to have that foresight, and I think that the insights people were expecting the government to have been constrained by the fact that all the information of value is collected by neutral third parties. Google, Yahoo, Twitter, etc., aren't likely colluders with the government.
Plus, at the time of the PATRIOT Act's passage, there wasn't quite as much information being put on social media, or out to the public in general. Not as much was online, digital, or otherwise easily indexable.
There were those predicting this sort of possibility before the PATRIOT Act's enactment, and since, to be sure, but you shouldn't feel responsible for not having seen the signs yourself, or for having heeded the words of what probably seemed like kooky overreactionaries from back in the day.
The funniest part about this, to me, is that somewhere, very quietly, Richard Stallman is quietly telling us all the he told us so, and he's absolutely right, and always has been. Neverminding that, he's largely seen as a crazy old paranoiac who we should respect for his IT knowledge, while having to forgive the rest of his eccentricities.
Aside from that, I didn't mean to seriously suggest that he's out there passing judgement on us so much as I was attempting to acknowledge how hypocritical we are for having disregarded his message because of his eccentricities. I think your statement, that he should actively try to be more popular for us to care, is further proof of how wrong we are to be that way.
In an ideal world, your response would have made a perfect satire of how Americans are likely to react in the face of the responsible elder telling us to eat our proverbial vegetables. That is isn't saddens me.
Think about that for a minute, and then explain to me why that makes more sense.
You're in the bizarre position of criticizing him for being right. You're expecting Stallman to figure out a way to market to you, rather than expecting yourself to figure out how to evaluate arguments and evidence rationally. Think about that for a minute, and then explain to me why that wouldn't make more sense.
Where our expectations start to misalign is the part where he's been ignored because he doesn't know how to be a consummate human being (let alone marketer), and you say it's everyone else's fault. Idealism is fucking useless.
Second: realizing that "we should have known" and "none of this is new" isn't so much about reading news articles and being "plugged in", but rather having an understanding of how the Internet works. To oversimplify greatly, you're essentially playing a very precise game of telephone between around 10-20 different people, and usually about 1-3 different publicly-owned corporations. To be surprised at the possibility of storing packets is somewhat naive considering how simple it is to do.
They have compeley misused the power we granted them in sacred trust. We should remove it from them at once. If this has become impossible, we need to know that as soon as we can.
Most Americans still believe they have more to lose than to gain by asserting themselves...
Again, I'll chime in as the resident apologist. The people working at Fort Meade are not evil. They truly believe they're doing a great service to the nation. They may be wrong, and they've certainly thrown privacy out the window. But they are following an ideal: national security.
Post 9/11, the nation went on a war footing. We reacted the way we did to the Nazis and the Soviets. And in their search for an existential threat, the intelligence community seized on nuclear terrorism. These analysts live in constant fear of the day they miss a piece of information and New York, Washington, or London is enveloped in a mushroom cloud.
The best explanations for this type of reasoning that I have heard came from an unlikely source, my grandfather. He's a former FBI agent and WWII Navy veteran. In war time, we threw all sorts of civil, economic, and political liberties out the window to defend ourselves. When I asked him how this was allowed to happen, he said simply, "When you're facing an enemy that wants to cross over the hill into the valley where you, your family, and everyone you've ever known or loved lives, you'll do anything to protect them."
Our grandparents grew up with the threat of the Nazis. Our parents faced the prospect of annihilation by the Soviets. We have had the luxury of coming of age in a time where there is no credible threat to our very national and physical existence.
As a result, it's difficult for us to understand the mindset of someone that spends all day, every day, thinking of the most horrible ways we could be attacked, and then trying to devise countermeasures. It's almost inevitable their perspective on the balance between security and privacy is altered.
I'm not saying this reasoning is morally correct or justifiable, especially when applied to the current surveillance programs, but simply that it is understandable.
The key danger is that these efforts are qualitatively distinct from those in previous generations. The difference between extraordinary measures now and then is twofold.
First, our capacity to surveil the citizenry has exploded over the past two decades, and our legal framework is still grappling with that change. The courts are having trouble understanding that a change in scale can be a change in kind.
For example, it's one thing to have the occasional surveillance flight to search for drug operations. It's quite another to have aerostats and quadrotors watching every inch of a city all the time. But the legal rational that there is no right to privacy in public spaces allows both.
Similarly, it's one thing to say the records generated by my water company are business records not subject to the Fourth Amendment, but it's quite another to use that rationale to justify monitoring the location of my cell phone simply because my cellular provider maintains the records.
Second, wars have a point where they end, and the extraordinary measures are supposed to be reversed. That's why the "war on terror" and the "war on drugs" are so dangerous to civil liberties. They essentially extend the extraordinary measures during wartime to police problems that have no logical end.
I agree that we've gone too far as a nation. The fact that these queries don't require FISA orders flat out shocked me, even as a careful observer of these issues. But let's not demonize the individuals. After all, they're only doing what the people demanded after we were attacked. This is a democracy, and immediately after 9/11 such measures were resoundingly approved by the public and our representatives, beginning with the PATRIOT Act.
None of that changes the current reality however. We must slowly learn the lesson the British did when dealing with terrorism. If you treat it as an ordinary police matter, something that will always be present, you deprive it of its power to shock, from which it derives its effectiveness.
The fact is that the war on terror must now end. It's time for a return to normalcy.
Evil doesn't require intent. Some of the most evil acts in history were carried out by people who believed they were doing a good and moral thing. Most evil people don't go around thinking "I'm going to be so evil today!"
I suspect you are correct and that the vast majority of NSA employees think they are doing the right thing for America. That doesn't make their actions any less evil.
That isn't really a strong argument. Firstly, their actions is supposed to reflect the ideology of the US citizens in general. If it doesn't, either they are not being administered as well as they should be or they are purposefully ignoring the will of the citizens. Secondly, the idea that because they truly believe that they are doing great service doesn't actually justify any of the actions. If we are forgoing the label of evil because they think that they are doing great work (and I am OK will that, I hate the label 'evil'. It is unconditionally partisan) then it does question whether Nazis/Soviet union deserved the label as well. Because I fear that they too believed in their actions.
> our legal framework is still grappling with that change
US legal framework does not seem to be struggling (I am not a native speaker, so I am assuming that is what you meant). It has expanded the power to monitor and interfere knowingly and willfully. Let's not blame this on misunderstanding or incompetence. While it is the first thing that this should attribute to, the people who have built this system seem highly skillful and knowledgeable. If you claim that decision makers do not understand the new world that has suddenly bubbled up, well it's your responsibility and that of the NSA employees who seem to be following orders without questioning, to either make them understand or replace them. And in all fairness, US voters did. The man even won a Nobel Peace Prize for some reason I cannot understand. But his actions behind the doors seem totally contrary to what his words have been in past. Not really the fault of the voters but it definitely raises questions if he truly understood the costs and still took the leap.
I think this is a very difficult question to answer. If you're a lowly NSA tech tasked with something seemingly mundane (say, writing some automated tool to be used by an internal billing dept), at what point do you refuse to contribute to an organization that may be operating against the will of the people? Who is responsible?
Demonizing people and falsely assigning ill-intent doesn't help us address and correct the problem, even if it feels good to do so. I personally have to fight the urge constantly myself because I feel so strongly in the immorality of the net output of the programs themselves.
These are the guys that created the orders that the soldiers are following, and the war they are dying in for these criminal's profits.
The people I listed have a decades long history which brought them to the US Coup of 9/11: Cheney in particular.
The above are at the core of PNAC, the CIAs takeover of the executive branch (both Clinton and Obama are their puppets here)
GHW Bush has been running shit since the 70s.
Cheney setup the framework for the current MIC exploitation of the world when he was in Sec. Defense position in the early 90s - then setup Halliburton to be in the position to receive all the mandated private-sector contracts so the military could focus on its "core" -- the same with the Carlyle group.
(Carlyle owned CRG West (MAE WEST) and other fiber infra and DCs)
These guys worked diligently to put all this into place. Obama is just a puppet who was meant to quell the outrage that the Bush regime was bringing.
I posted a list of the key players in this, I did not post any party affiliation....
I can provide a hell of a lot more detail than this too - going back to 1920 with these guys...
You're wading far too deeply into conspiracy territory to suggest that this puppet 'was meant to quell' anything. He is a leader whose administration stands and falls on its own merits.
There is no party but the MIC party - and clearly, the NSA owns that party.
America has died, completely, 100%. There is no such thing as "Land of the Free, Home of the Brave"
The IC isn't running the government. They've got their hands full just running themselves.
The idea that we are not free is absurd. If I want to hold a rally for the Ku Klux Klan, that activity will be protected by the full force and power of the United States government. I can worship as I wish, read the books I choose, and write whatever I want (excepting direct threats of violence) with little fear, knowing that laws and courts stand ready to vindicate my rights.
I would take our extensive package of rights over single party political control, strongman leadership, civil law jurisdictions, and common law libel standards any day.
We are certainly no longer the most free nation on the planet, which saddens me deeply. But we are certainly amongst the best on that metric.
The American people overwhelmingly approved the Patriot Act, and the idea of surveillance, and the war on terror, and the actual wars on place.
The Obama administration resumed surveillance programs which had been previously shut down.
The military industrial complex has been growing steadily larger since the 1950s.
Congress people from both parties repeatedly approve the growth of the defense budget, and especially parts which gain them money and jobs for their own states and districts.
There are certainly people to demonize, but sorting them out from the well intentioned would be incredibly complicated.
You're clearly being partisan.
I don't want to Godwin the discussion here, but it's not at all rare for people to act in an evil (or whatever you want to call it -- bad, harmful) way while not recognizing their own actions as evil.
That people don't think their actions are evil doesn't prove that their actions aren't evil.
Add to that, evil acts are almost always done in service of an ideal. For example the USA has economically and socially gutted many nations by force in service of the democratic/free-market ideal. Yet it's rare to find an American who sees it this way. US-USSR proxy wars in the Middle East and Latin America from the 60s-90s weren't destructive, we were just trying to help those countries out. We wanted to modernize them, to improve their lives, not to destroy them. They were just too uncivilized, too barbaric to get it. Why would they hate us for that?
Hence 'ideology'. Easy to serve, hard to view objectively when you've spent a lifetime on the inside.
>We have had the luxury of coming of age in a time where there is no credible threat to our very national and physical existence.
The Berlin wall didn't fall until 1989. The Soviet Union didn't dissolve until 1991. The period of 1991-2001 was spent fighting proxy wars in former USSR terrories or allies . Iraq. The Yugoslav Wars in Bosnia, Macedonia, Kosovo. Haiti. All of this was an extension of the cold war. The Red threat didn't officially end until 09/11/01, Communism continued to be a spectre held over the head of the American public. It's just the discourse shifted from "the USSR has bombs that can kill us right now" to "Communism is bad therefore we're preventing it from spreading". The constancy of threat and surety of the potential for complete annihilation was always there.
And of course, from 2001 on everyone spent all day, every day thinking of the most horrible ways they could be attacked by terrorists. With great encouragement by media and government apparatuses.
>But let's not demonize the individuals. After all, they're only doing what the people demanded after we were attacked.
Again avoiding Godwinning, but to a certain extent you must demonize the individuals. Else there is no incentive for people to be vigilant of runaway ideology, like the US is operating under currently. Else there is no incentive for individuals to formulate a moral compass external to the state, because why bother when "they told me to do it" is a legitimate excuse? The state idology becomes your morality. After all, you're just tryin' to put food on your family.
 - https://en.wikipedia.org/wiki/Timeline_of_United_States_mili...
Certainly not. The issue is not their beliefs, but rather the reasoning behind them. Different experiences of the world give rise to different world views. The world view of those that operate, condone, and approve the surveillance arises from a set of historical understandings and modern experiences that neither you nor I share.
To suggest that the scare tactics of CNN and the like is comparable to the psychological effect upon an ordinary analyst of regular intelligence reports of weapons-grade uranium being smuggled out of Russia via Kazakhstan is naive at best.
The threat of true national annihilation, not a specter concocted by a manipulative elite, has been the norm rather than the exception throughout history.
Modern totalitarianism has its roots in a not too distant past in which totalitarianism was the surest defense against large armed groups of humans that would burn your fields, kill your family, and subjugate your people.
That threat didn't disappear until very recent times. The cultural history of the American people is replete with threats to our existence: the CCCP and Warsaw Pact, the Axis, the German Empire, Spanish colonial North American empires, the British Empire, the Quadruple Alliance, the Normans. The intelligence community takes it's cues from a long history of existential threats.
What seems so obvious to us is that the current world is stable, and thus extraordinary measures to protect our safety aren't justified. Those charged with national security take a longer view. They see our nation as balanced on a knife's edge between internal strife and external threats. And thus, threats to either must be vigilant observed, documented, and understood, so that if the time should come when a conflict does occur, we stand prepared.
That line of reasoning is often alien to privacy advocates. I neither endorse it nor deny it. I simply acknowledge that those who study, train, and practice for our defense are not naive when it comes to the risk of violating civilian privacy. They simply set a different value to each of the variables in the risk-reward equation. You may disagree with those values, but it is important to understand them. Blindly denouncing such views as morally bankrupt simply factually incorrect.
> The Berlin wall didn't fall until 1989. The Soviet Union didn't dissolve until 1991. The period of 1991-2001 was spent fighting proxy wars in former USSR terrories or allies . Iraq. The Yugoslav Wars in Bosnia, Macedonia, Kosovo. Haiti. All of this was an extension of the cold war.
The wars you cited were in no way related to the Cold War. Yugoslavia was a strategically unimportant area, relevant to no one in the geopolitical sphere.
The intervention occurred as a direct result of ethnic cleansing that was taking place in obvious, organized, and deliberate fashion. To suggest otherwise is simply incorrect. I've spoken with the head of UNPROFOR from the Srebrenica Massacre. It was a war crime on par with the worst parts of World War II. Clinton himself stated that his reluctance to intervene was based upon the "ancient ethnic hatreds" argument of Balkan Ghosts. The Yugoslavian intervention was about genocide. As a simple fact, it had nothing to do with the Cold War.
> Communism continued to be a spectre held over the head of the American public. It's just the discourse shifted from "the USSR has bombs that can kill us right now" to "Communism is bad therefore we're preventing it from spreading".
Containment of communism was simply not a factor during the nineties. Moscow was crushed, the former Soviet block in shambles, and Russian interests retreating from throughout the world. Hence the remarkable cooperation on nuclear arms, energy policy, and democratization between the Yeltsin administration and the Clinton administration.
>I don't want to Godwin the discussion here... Again avoiding Godwinning...
I believe the Romans had a term for emphasis by pretended omission.
> to a certain extent you must demonize the individuals. Else there is no incentive for people to be vigilant of runaway ideology, like the US is operating under currently. Else there is no incentive for individuals to formulate a moral compass external to the state, because why bother when "they told me to do it" is a legitimate excuse? The state idology becomes your morality. After all, you're just tryin' to put food on your family.
In a totalitarian state, this argument would indeed hold water. However, you gloss over the most significant part of the counterargument. We didn't simply allow extraordinary efforts against terrorism, the people of the United States overwhelming endorsed it.
A democracy is beholden to its people. Its morality is, by definition, derived from the consent of the governed as expressed through the democratic process. Vox populi, vox dei, as it were. To point fingers at talented and intelligent programmers, people with whom we would be excellent allies and friends in other circumstances, excuses the true culprits: us.
We are to blame for this leviathan. Not the NSA, not Obama, not Bush, not the DNI, DIA, CIA, FBI, or any other amorphous acronym.
We need to understand the reasoning of the those that built these programs, not simply dismiss them as callous power hungry sociopaths. We need to grasp the history that informed their reasoning, both recent and that which began far before that day in September.
Most importantly, we need to remember that blaming individuals does nothing to prevent the true failure, a systematic disregard for the right to privacy and the guarantees thereof provided by the Constitution.
"War is peace. Freedom is slavery. Ignorance is strength."
Orwell in 1984:
of the reason for this was that in the past no government had the power to keep
its citizens under constant surveillance. The invention of print, however, made
it easier to manipulate public opinion, and the film and the radio carried the
process further. With the development of television, and the technical advance
which made it possible to receive and transmit simultaneously on the same
instrument, private life came to an end. Every citizen, or at least every citizen
important enough to be worth watching, could be kept for twenty four hours a
day under the eyes of the police and in the sound of official propaganda.")
It's a surprisingly interesting novel.
I have a tremendous amount of respect for those in the security services, who have been given a rather difficult job to do, and who seem (from the vanishingly small amount that I know) to be approaching it in a professional and objective manner.
I have no desire to be nasty, and if I have personally offended anybody by what I have written, I most profoundly apologize for the hurt.
This is an important issue, and it deserves public attention and a detailed debate. I hope that some of my provocative wailing and doom-mongering has done what was intended: provoked some thought and consideration.
This is, after all, politics, and, as I have mentioned before, we sometimes need to make a caricature out of our own positions in order to make a point. Omlettes and eggs and all that.
Same with the politicians; were they really for it, or simply incredibly afraid of the political suicide that would be the results of standing up against it? Because this was a time when people did not question Bush. From today's perspective on his administration's actions, that seems odd, but it was the reality at the time.
Only 66 Representatives voted against it--62 Democrats, 3 Republicans, 1 Independent. Only 1 Democratic Senator voted against it, while another Democrat abstained from the vote.
At the time the Act passed, Americans were in the midst of a fear frenzy. It was a pervasive culture of fear and panic, the likes of which I can only compare to anti-Soviet fears of the Cold War. People all over the country actually went to stores to buy all kinds of emergency and survival supplies to build up their own anti-terror kits (I forget the name for this that was popular at the time).
Many of us questioned Bush from the moment he was declared the winner of the 2000 election by the Supreme Court. We took part in protests all over the country after 9/11 to oppose the buildup to war in Iraq. I took part in protests in D.C. It was all ineffectual. Fear gripped the country and few paused to consider the long-term ramifications of the actions taken in September's wake.
It was obvious from the length of the act alone that even Congressional staffers couldn't have read it carefully between the time of submission and the time it passed. Quite a few people that I knew were weakly opposed, but the sunset provisions may have made it more palatable.
It takes character to stand up and defend doing nothing when something "must be done".
This is a little off topic, but I always see this trotted out when people talk about big laws (like Obamacare, PATRIOT Act, etc) and it's not really true. Lawmakers usually work with and read a "normal language" version of laws that then gets transformed into a stricter legal version by staffers and experts. They will look at the actual legal version of the law if they care about a specific rule or section, but they usually don't need to.
Of course, I expect my lawmakers to actually read the legal language.
It's important too to note that this isn't a "big law" or even an American thing. Virtually all bills of any substance work this way and it's pretty much standard practice in most countries.
That being said, I'm not defending the PATRIOT Act. I just think the argument that not enough people read it is weak, especially considering all the real arguments you can make that actually attack the substance of the act.
The point is that for all lawmakers, there is both a need and sworn obligation, in addition to national expectation, that they read all the nitty gritty legal language they are voting on, by which all Americans are bound to abide.
That's what lawmakers are there for--to know what in the hell they are passing as laws. If they can't be bothered to do their job--which, at the national level, goes far beyond just securing corn subsidies, because they're voting on legislation that touches on all Americans--then fuck 'em. Throw the bastards out on their asses, and send them back to the cornfields.
To be clear, the "hawk" politicians (and let's be honest, -many on the left) believed in the legislation but also exploited the tragedy to ram it through and neutered the ability of the other side to have a reasoned debate.
Our population was attacked, angry, and for the most part followed the lead of politicians who said we needed these laws to fight the people that attacked us.
In the aftermath, the scrutiny on the part of the American people never materialized. You're basically witnessing the moment where the most scrutiny on these types of programs/laws has ever occurred since 9/11. Worth keeping in mind that many components of these surveillance programs also predate 9/11.
> incredibly afraid of the political suicide
Afraid is not the right word. Aware. When all (public) evidence concerning a law says "fight the terror!" and buildings are still blowing up, you'd have to represent a very interesting district to be "soft on terror".
You are nuts if you think that that was acceptable given the circumstances.
Just doing my job is not sufficient in jobs such as these.
I understand Nazi concentration camps. It was a manipulation of nationalist sentiment against an imagined internal enemy, conveniently one that could be dispossessed of a great deal of property, coupled with a never before seen combination of the pure survivalist id meeting modern state capitalism.
I understand United States concentration camps. While we certainly didn't starve, gas, or force Japanese, German, and Italian Americans, we did relocate large numbers of them to temporary camp facilities for the duration of the war. It was believed that recent immigrants and their children might harbor loyalty to extremely dangerous enemies and could serve as a fifth column in the event of an invasion. For what it's worth, despite the indignity and suspect constitutionality, that's a far cry better than most nations have acted in similar circumstances.
Both of those events are understandable, in that I can understand the thinking of the people involved. It does not mean I morally condone it. What I'm attempting to combat is the notion that all acts with which one disagrees must be the result of moral bankruptcy or internal failing.
Usually there is a logic, however skewed, behind even the most heinous events in human history. The first step to preventing those events is to understand that logic. Only then can we address the root causes of the problems we wish to solve.
In this case, I'm suggesting that the root cause was a panicked citizenry seeking shelter from a very real threat, not a government seeking to blindly expand its power. That's an unpopular opinion, but alternative interpretations lead to different actions.
If you feel that the outrage is in fact without merit, then attack that on logical/rational grounds, not by appealing to social proof.
These are exactly the kinds of comments I'm talking about. The preponderance of people affected by this program on the globe (a staggering amount if you will) had no knowledge of this because the media failed, and are not, in fact, technically savvy on any level and don't understand, at all how the internet works in relation to the technologies employed by these programs.
>To be surprised at the possibility of storing packets is somewhat naive considering how simple it is to do.
For the vast majority of the potential consumers of this knowledge, this just simply is not the case. At all. They aren't being naive. This is highly technical to them and severely under-reported, and where it was reported it was not explained terribly well, nor was there meaningful conversation surrounding the reporting's aftermath.
But congratulations, rmrfrmrf, on being one of the select few that are not naive. We need to get you some sort of prize.
Of course at least the mainstream media (MSM)
failed. Why? It's a very old story, rock
solid in the media: An MSM media company is
in business to make money. They have some
old techniques for doing so. Their main technique
is to get eyeballs for ad revenue; for that their
main technique is to grab people by the heart,
gut, and below the belt, always below the shoulders,
never between the ears; the content is essentially
only light entertainment following the framework
of the ancient Greeks we now call formula fiction;
the content is nearly never the information needed
by an "informed citizenry".
The best hope for the information citizens need
is Web sites on the Internet and search engines
that can help people find that information.
Funny enough, I wrote a post on this subject matter too before the Snowden leaks where I included the video as well…
That being said, I can also imagine how frustrating it must be to be a person who's spent years (maybe decades) worrying about something that's really happening, only to have their concerns dismissed with a wave of the hand or marginalized as "tinfoil hat" conspiracy theories. It's not hard to imagine how that could sour the disposition of even the sunniest person.
The emotions are most likely to be anger and disgust of having their sense of reality shattered, inciting most people who feel powerless to change their habits, to go and protest. And as we all have seen around the world and even within the united states, protests can get pretty hairy, pretty quickly and not in the favor of people who want to live peacefully…
Outside of the issue of inciting the masses to act out physically, there is very little public "mainstream" acknowledgement that corporations are collecting and sharing the same types of data (and more) between one another, where issues surrounding any type of morality become selling points for products. So then the theoretical situation becomes: Government agrees to stop its dragnet programs, non governmental entities will continue to do so as long as people use their services… where's the protest for that (and when that comes they'll hire private contractors to protect them and their interests [remember OWS 2011])?
I posted this a while back on information asymmetry and the surveillance state , which lays out simply what is going on now in the minds of people and what is at the core of the issue people are talking about. I also propose an idea about the direction I feel would be more beneficial for the energy to be placed on my post as apposed to the logical conclusion of where all the anger will be placed by people who are now willing to enter the conversation from recent "mainstream" exposure .
This is staggering, and to chide others for being staggered is the worst kind of truculence.
More relevant, and useful: What are we going to collectively do about it now that we know, beyond a doubt, what exactly is happening?
A good theory, as I have an extremely difficult time imagining anyone in an activist (non-complacent) stance on this issue ever reacting like that to these revelations.
I was shocked by having this laid out as well but I really did just assume this was probably going on. It was technically possible, it was politically possible and it was financially possible. If I shared the worldview of the people doing this and been in the position to do this, I would have been itching to start this level of collection and data mining.
I will admit to part of it being satisfaction at no longer getting the "oh put your tinfoil hat away, no one would do that" response whenever it came up, which was always based solely on the old "I don't like the implications of this being true therefore it can't be" argument. It's also relief that there is finally a discussion about a subject that was previously only seriously discussed by a small number of people.
I take your point that the I-told-you-so gloating isn't helpful and doesn't reflect well on those who do it but I disagree that that was ever meant to discourage discussion, if anything it was anger at the fact this discussion has taken so long to occur.
I'm glad that people are paying attention, but especially early on, it wasn't entirely clear that Snowden's leaks were substantially different from the leaks that have been coming out of the NSA for years that never got traction in the media.
FYI, it should be "For all intents and purposes". :)
Then back at HQ, can send
the node what are essentially 'filters'
to return 'alerts' and the associated
So, point: As a system, it's quite
obvious. As software, it's quite
And, from their description of working
with anomalies, they are being just
intuitive and elementary and not at
all advanced or powerful.
It would appear that a terrorist
do fairly well beating that system
by using a proxy server also used by
many other Internet users and also
using a lot of strong encryption --
PGP used well might be strong enough.
See? No "direct access!" Google/FB/Apple's statements, totally reassuring.
If you're waiting for someone like Snowden to come along and spoon-feed you all the ways the government can screw you, you're doing things completely wrong. Oversight requires foresight.
I agree that "know" is a bit too glorifying. I propose "suspected".
I don't find this surprising at all. Practically 99.99% of a normal user's Internet activity is centered on Facebook, Google (including Gmail) and a handful of other sites. The amount of data everyone is requiring in order to provide a service also includes pretty much anything you need in order to track someone.
It's not news you need to pay attention to but some of the more theoretical aspects of networking in a second-year course.
Ultimately, whether they intend to or not, such statements end up making other people who are hearing about this for the first time more complacent about it because they come into the comments and see a bunch of people going on about how it's nothing new and therefore the new information is no big deal.
More like a news sheep. The mass market news is and has always been 49% fluff and 49% lies.
Comments from people who already knew what the NSA does are not "self aggrandizing". The are other-insulting. You should rightly be ashamed that you walk through life in a news fog of up-to-the-minute minutiae. Read books by retired insiders, talk to current insiders and contractors. That's the only way you will learn anything about anything. To wait for the newsmen to do it for you is to sign your mind over to tampon salesmen.
The NSA story is staggeringly unimportant. Every government, many companies, and rather a lot of organized criminals run intel and counterintel operations. It is just a fact of life, like antibiotics and highway construction. It is inevitable that there must be a national American signals intelligence organization.
What os staggetingly important is why the NSA alone, out of all the spy organizations, is being singled out for a comprehensive media war. The most likely explanation is that the Democratic Party needed something to distract from its pecadillos. The next most likely explanation is that a foreign government is getting themselves some payback. In any event, if you care about this non-news, you are just another mindless pawn.
1. Downvoted to oblivion by a hivemind, and
2. Somebody like you chimes in with a content-free emotional outburst.
So exactly what did I misunderstand?
The incontrovertible fact that this really isn't news?
The fact that every history and exposé on the NSA has been saying this for decades?
The fact that the NSA tried cramming the Clipper chip and key length restrictions down our throats to make domestic spying easier? For half a decade this was a weekly running joke on Slashdot that you had to have been living under a rock to miss.
That the previous commenter claimed to be a "news junky" and then admitted that by news he means the mass media—a pack of tampon salesmen and political hatchetmen.
Absolutely nowhere did I say, or even begin to imply that. In fact, I explicitly called out the mainstream media for being complicit and/or not reporting on this issue while indicating that much of what is being reported was already known to me. Not only did I NOT say that I get my news from the mainstream media, the implication was, if anything, that I did not. The mainstream media is about the last place I'd look for competent coverage of this issue.
You're terrible at reading comprehension. Terrible. You make a lot of assumptions, all of them wrong, then proceed to insult other people based off your incorrect assumptions.
Additionally, the only thing incontrovertible is that this is news to the vast, vast majority of people who are affected by these programs. Those are the real numbers. But I know you. You're part of the Pedestal Crowd furiously patting themselves on the back. Good for you Danny. Atta boy.
It will be interesting to go back through all of those statements with this new information/evidence on hand.
Greenwald has timed this well. He put out enough information early on to give Snowden opponents enough rope with which to hang themselves.
It's an interesting problem for the talking heads: How much will be revealed? They're caught between a rock and a hard place, if they start telling the truth they might reveal something that the leaked docs don't support, but if they tell a lie they might be found out.
This trickle strategy is working very well. The best cause of action for the people under the microscope would be to shut up and if they are compelled to talk to say the absolute minimum but to still tell the truth.
It's like the Socratic method for public/government relations.
The goal seems not just to be exposing the magnitide of this surveillance system, but also the government's systemic disregard for public mandate in the USA right now.
I have to wonder if the staggered deployment of the leak has anything to do with savvy, or more with his own need to digest what he's got as he works through it and reports as he goes.
Either way, the story has more legs than past revelations, so I'm happy for that, and I certainly would love for it to be the case that there is a degree of effective calculation behind the deployment of the info with the goal of keeping the conversation alive and neutering critics. Goodness knows that this story needs all the help it can get. It's up against not only the resources of some of the most powerful governments on the planet, but also the lacking attention spans of their populations combined with relatively disinterested media.
I'm heartened that the noise level has remained so high since the first Guardian article (in this latest series).
Q: Thanks for reporting this. I have to ask though, why is it that you are doling out this information now after the recent congressional inquiry into NSA spying and not earlier?
A: We've published almost two dozen exclusive articles about NSA spying in the last 7 weeks, in multiple different countries around the world. Is that pace not fast enough?
There are thousands upon thousands of documents and they take time to read, process, vet, and report. These are very complex matters. On top of everything else that has to be done with these articles, from explaining, debating and defending them in the media to dealing with the aftermath.
People can accuse us of many things. Not publishing enough or fast enough is hardly one of them.
That House vote was about one specific topic - bulk collection of phone records - that this newest article has nothing to do with. That House vote isn't the be all and end all: it's just one small battle in what I can assure you will be a sustained and ongoing discussion/controversy.
There is a lot more to report still. Accuracy is the number one priority. That takes time.
> I can see how they get HTTP information, since they would intercept at transit hubs - but how are they getting all Facebook private messages and Gmail?
I don't know how they're getting GMail(and this is probably a slide from when GMail was accessible via HTTP and not HTTPS), but Facebook chat specifically is done over a non-secure XMPP server. The only 'secure' part of that transaction is login, as far as I remember, once you're past that none of it is encrypted.
But even then gmail is the only webmail service that offers server-to-server encryption, so data can still get intercepted when communicating with someone using yahoo mail or hotmail for example: http://news.cnet.com/8301-13578_3-57590389-38/how-web-mail-p...
You think HTTPS keeps you safe? All it takes is ONE recipient to have an insecure connection and the entire thread is revealed.
Isn't it nice how every email conveniently includes a copy of the entire preceding conversation.
httpd > tor node > tor node > tor node > rendezvous point < tor node < tor node < tor node < client
There's practical attacks for enumerating hidden service public keys, and so I wager that there's somebody somewhere with a complete map of the real server locations as well.
The bigger protection is the ease with which the NSA can mount this attack on TOR. I have no doubt that they could do it, however I do question if they can do it on a massive scale.
Think you're getting your entry and exit nodes mixed up there. Tor chooses a small number of entry nodes (entry guards) and attempts to only use those.
Furthermore intelligence agencies are well aware that every action communicates information back to their adversaries. It's a no-brainer to let Silk Road exist if you think doing so gives you the edge on terrorism, or otherwise furthers the national interest.
Once they've revealed that, then people take account of it, and it becomes harder for the NSA to monitor them.
Half of the signals intelligence game is keeping your capabilities secret, so you can keep monitoring the signals, rather than have your target change their game.
That is to say, if they can get into Silk Road, then they probably ARE already monitoring everything that happens on Silk Road, and they'd rather it stay UP so they can keep monitoring the people on it (being very careful never to reveal that they can monitor it), then bust it so the people go elsewhere.
So I would think these tools are available only to a select few, and those are more interested in more high-profile tasks like catching extremists or going after political opponents.
I, frankly, don't think SR is that high on government list. Not yet.
Briefly summarized, the only way to do secure mail is pgp, the only way to do secure chat is to avoid all the main chat networks. And microsoft actively designs their systems to be easier to access for the NSA (far beyond their legal obligation) so you may assume that any microsoft product is a direct line to the NSA.
And some proof: http://www.haaretz.com/news/diplomacy-defense/1.528529
Somewhere there is an architectural diagram of these systems that describes how to make people check checkboxes before releasing information. CYA-oriented programming that has clearly driven the entire design of this thing.
Even Gmail HTTPS use is somewhat recent and not original to the product.
Further, one might combine this with reporting about initiatives to gain company SSL/TLS private keys, account passwords, and the like, in some interesting speculation -- if speculation it remains.
Amongst all the rest, I would point readers towards browser fingerprinting. It's difficult for me to imagine they are not using it.
If the public is going to have some degree of counter-measures, this will include browser and other client software becoming more pro-active about anonymizing its own profile / usage profile. For one thing, stop sending highly unique fingerprint data such as font listings to every Tom, Dick, and Harry. Just one thing amongst many...
It seems easier for the NSA to tap datacenter <-> datacenter fiber links inside Google's network.
Why worry about decryption when you can have Google's frontend servers do it for you?
This XKS business seems about intercepting non-encrypted traffic as the references to HTTP payload quoted in the article would suggest.
Who says Google has a choice or is even complicit? The backbone providers have mostly stayed mum and it's known that the likes of AT&T split their fiber for the NSA. If we're willing to go to the bottom of the ocean to tap fiber lines it's pretty easy to believe that we'd tap terrestrial lines too.
The NSA has clearly tapped trans-oceanic fiber -- why not also tap high-volume inter-datacenter links?
"They have no direct access to our servers"
I wonder what a beam splitter consists of. Oh. A PRISM.
When one refers to a beamsplitter, it's usually a partially silvered mirror.
If it's fancy, it might use an evanescent wave to do the coupling, as in some cube beamsplitters.
Beamsplitters for optical fiber are more generally referred to as 'couplers' and involve bringing two fiber cores close enough for a long enough distance that the probability of coupling light from one to the other is the desired amount.
It is possible to split beams with a birefringent prism, but it is much less common.
Disclaimer for the following: I only work with optical fiber couplers occasionally, and not for telecom. Someone who works on telecom fibers daily will be more informed.
In summary, if someone wanted me to tap an optical fiber, I'd call up ThorLabs, get a matching coupler shipped overnight, cut the relevant fiber, slap APC ends on the fiber ends, and jack in. Splitting the beam in free space (outside of a fiber) with a prism is far more errorprone, unstable, and no more efficient. A fiber coupler has no moving parts, can't break, and won't take down a telecom's trunk line if someone breathes on it funny.
If they're actually using a prism, it's because of some sort of impedance/reflection minimization scheme; I can't conjure one that would work better than using simpler techniques though.
Anyway, you're probably right, it's probably just bog standard parts, and PRISM was a buzzword for management.
And I tend to believe him.
They can use plugins / extensions installed. Fonts installed. If cookies are enabled or not, etc. Check out:
(That is, unless you visit panopticlick.eff.org, which then sends all of the processed information over the wire in the clear...)
Perhaps you missed the news about PRISM? :)
So they didn't have access to private messages, they just intercepted internet traffic and relied on it being unencrypted. Facebook didn't always enforce https by default like it does now
Gag warrants existed before PRISM.
EDIT: "National Security Letters"
I think PRISM is just the public-private partnership aspect of this, where they have to go to service providers and install kit, as they can't tap SSL traffic.
Take facebook for example. By default, almost any and all activity on the site is catalogued for you by email -- for your convenience. Someone mentioned you in an update, you get a notification. A friend sent you a private FB message, you can an email notification with the content in line (even with the support of replying to message via email as well).
Now, because email traffic on the internet is not encrypted by default, one is able to piece together the contents of communications just by looking at the email.
Essentially anything that you receive via email (e.g. password reset links; credit card statement summaries etc) is subject to capture and analysis. Given this, it may make sense to perhaps disable (potentially sensitive) email notifications as a workaround around this particular collection method.
Moreover, the technological trend is clear; and the avenues for sharing intimate personal information proliferate and multiply with every passing month. The debate therefore needs to shift. The question cannot be over whether the state should have access to this information. We are powerless to push on that point.
The question has to be this: Given that our state (and others) will necessarily know the most intimate details of our lives, how do we want it to behave? How do we want this information to be used? What do we want the newly intimate relationship between individual and state to look and feel like? It may well be that we come to a startling different conclusion than our initial starting points might presuppose.
There are tremendous social benefits to be had by using this treasure-trove of information wisely, just as there are tremendous dangers to be risked by using this trove with carelessness or malicious intent. However, we need to think very carefully about how we manage the relationship between individual and state; how we manage the relationship between individual and peer; and how we manage the relationship between individual and technology.
I feel strongly that this is the most important debate of our generation; perhaps the most important debate to be had in this new millennium.
We should start lobbying for broader support for server-to-server TLS with perfect forward secrecy. While it alone is not sufficient to prevent the wiretapping of targeted individuals, it still makes fishing expeditions or "Big Data" level surveillance much harder. It would help keeping ordinary users' emails protected on the wire and secure the meta data of PGP emails.
It was reported earlier that the NSA has installed hardware at their "partner" companies. As you certainly remember from the slides, they are: Facebook, Google, Microsoft/Skype, AOL, Paltalk, ...
I didn't see that in the article. Do you have a citation?
Slide 16: "Show me all PGP usage in Iran"
* Industrial espionage -- it's big business, and I'm sure it pays better than being an NSA analyst.
* Foreign espionage -- since this gives unlimited querying power to every agent, a single "turned" agent could inflict massive damage on U.S. government and industry interests on behalf of a foreign power. The potential for double agents is huge.
* False positives and guilt by association -- being flagged as a "person of interest" and then essentially persecuted because you have fringe ideological interests, are looking up a lot of info on terrorism for a book project, have a friend who knows radical Muslims, etc.
* Corrupt use in political campaigns by incumbent politicians with access -- obvious.
* Blackmail and other corruption.
* Use by government agencies with access to spy on other agencies.
... I'm sure creative people can think of more.
According to a New Zealand whistleblower back in the 90s, this was one of the main purposes of the Echelon network. Imagine what happens when your larger competitor gets in bed with the NSA. According to whistleblower Russ Tice, the Bush NSA was able to request intercepts on Senator Obama, so there certainly could be enough corruption for back room deals to occur for your startup's private information.
This is yet another reason to encrypt your git traffic.
People need to look at this long term and realise that abuses of power will continue to intrude larger and larger sets of the population unless they are stopped now.
There's a staggering lack of basic competance around protecting this stuff. The CIA director who lost his job over Aimes must be wondering what the modern mob have to do to get fired.
I would also like to add /family/ as a huge pressure point, akin to your guilt by association.
IOW, one may have nothing to hide, but their family member does and one can be controlled by threats to that family member. It's disgusting and insidious, but that's how bad, scared and dangerous people operate. We are not using our intelligence if we allow ourselves to be vulnerable in this way.
We need to wake up, your post would help a lot.
The whole of your life may be innocent, but a single interaction (searched for porn? vented about someone in a private conversation?) taken out of context can almost certainly destroy you.
The "nothing to hide" trope seems to me to be entirely based on a false dichotomy that contrasts "nothing to hide" with "unpatriotic/criminal". I think this is primarily because people lack the imagination to consider the other seedier and more lucrative uses of surveillance.
If they were confronted with these other possibilities, would your acquaintances change their thinking? Or do these other risks--for example, the risk of having an employer targeted by competitors unfairly (potentially leading to layoffs), or the risk of having a representative vote against the interests of his or her district because of blackmail (potentially leading to a loss of government services and investment)--simply not resonate?
Privacy is important. But vastly more important is unaccountable power.
But that has never happened and probably never will. Nixon was caught quickly. Besides, that wouldn't even affect me, only people who do bad things or are in positions of political power.
Using the Facebook Graph API, we can gather information based on this ID: http://graph.facebook.com/1536051595
Which leads us to the Facebook profile (https://www.facebook.com/arash.gorjipour.5) of an individual, real or contrived, named "Arash Gorjipour". His email address and phone number are all exposed in one of his uploaded photos: http://i.imgur.com/0UUk5cB.jpg
I wonder what the reason for this man being in these slides is.
He's (almost certainly) a real person, by the way. I called his office. He wasn't in, but they offered to page him for me.
I'm a little worried now because I visited his page, and this will surely be logged, hence my past online activities may now be investigated.
HN fields roughly 200,000 unique visitors each day, most of which have a markedly anti-gov't-spying slant, that's enough evidence to be in their cross-hairs.
: Such that in some capacity you might participate in the creation/promotion of methods or software to get around their snooping technologies.
You could say 153xxxxxxx and "Arxxx Goxxxxxxx" just to be sure and if you need to post links you could use a URL shortener.
If I were putting together a deck on that system I'd also probably favor test data over live data, if for no other reason than it's easy to come by.
I suspect, or maybe just hope, that politicians are protected in some way from this. While it is unfair, at least it would mean less opportunities to extort or threaten lawmakers. Though, obviously, it would be best if we ALL were safe from that kind of crud.
The person has stated that he is located outside the U.S.
Human intelligence source indicates person is located outside the U.s.
The person is a user of storage media seized outside the U.s.
Foreign govt indicates that the person is located outside the U.s.
Phone number country code indicates the person is located outside the U.s.
Phone number is registered in a country other than the U.S.
SIGINT reporting confirms person is located outside the U.S.
Open source information indicates person is located outside the U.s.
Network, machine or tech info indicates person is located outside the U.s.
In direct contact w/ tgt overseas no info to show proposed tgt in U.S.
It's quite easy to lose the protections of a U.S. citizen indeed!
That, coupled with the fact that they only require 51% certainty in the foreignness factor makes me think this is intentionally designed to make every single person they come across a subject to surveillance.
I can see Weasel terms like "use of storage media seized outside of the U.s." be extended to mean pretty much anything.
Interesting, so everyone who ever hit a MegaUpload link is potentially a foreign entity?
For instance, need data from a server's hard drive? Accuse someone you know who has data on that server, not necessarily the data you want, to have an excuse to seize said hard drive and analyze it. Nope, turns out the accusation was incorrect, here's the hard drive back. Ah, is getting other data not covered by the warrant illegal? It just might be, but you can't complain if you don't know they did it and you probably don't have standing to sue over it to find out. Plus with authorities able to get double-secret warrants based on triple-super-secret laws issued by not-so-secret courts with "you can't even admit you were here" secret proceedings, how would anyone know in the first place?
Remember, government agents have the authority to lie to you in an effort to complete their goals.
Not that I'm saying the NSA was behind MegaUpload or anything, just saying it's feasible.
Just to be clear, Kim Dotcom was a NZ resident, and had broken no NZ laws.
At this point it would be a bold man who made the claim that the NSA had nothing to do with investigating a foreign person and/or their company, tracking that company's international internet usage, monitoring their involvement in possible illegal activities and providing that information to US authorities who could use it to reach out across the world and attempt to have that person extradited to the US.
In fact, I cannot understand for a second why you are trying to make that claim?
That then provides an audit trail, where something, or more likely, nothing is done to check that decision was valid,.
What we need is strict limitations on what can and should be collected, and how it's used, plus better methods of securing what's being exchanged. For example, sending email as plain-text, leaving it on the server as plain-text, maybe that's a bad idea.
The NSA isn't necessarily the only reason you'd do this. Foreign governments are going to take an interest in this, too, and it's only a matter of time before someone gets access the data the NSA is hoarding. No program of this scale is ever 100% secure.
Not really. At that point, you are just using the term as an ad hominem in a childish attempt to ward off cognitive dissonance.
You don't win an argument by calling the other guy a weirdo.
I think Stallman's observations are valid, but his method of dealing with the implications of those observations are impractical, if not completely wrong.
More specifically, what is so impractical or "completely wrong" about not using smartphones?
Given that the cellular providers are capturing and archiving location data, this is fact, his conclusion is we should avoid using these sorts of phones completely. Why? The reasoning here is a awfully thin, but has something to do with "being tracked = bad" and then goes into crazy territory from there. It's the same thing with credit and debit cards. They can be tracked, therefore bad, therefore nobody should use them.
If he's concerned about remaining invisible, then this must be applied rigorously across all aspects of his life. Does he wear dazzle face-paint or glasses with bright IR LEDs on them so that CCTV cameras can't pick him up? Does he only use methods of travel that require no identification? If the FBI wanted to retrace Stallman's activity on any given day, it'd take hours at most to piece it together.
The sign that someone's a crackpot is in how inconsistent they are in applying what they've concluded. It means they're missing something important.
For example, there are people that have a genuine need for absolute secrecy, that need to remain invisible, yet they still use cellular phones, email, and social networks. They're aware of the same risks as Stallman, but they take precautions instead of avoiding them completely.
It's notable that Osama Bin Ladin was taken down because he'd gone to such great lengths to avoid being tracked that he stood out as an anomaly, an approach that proved to be self-defeating. He had this large house, but a paranoia about electronic snooping so severe that he had no internet connection, and that alone made that house highly suspicious. If you're that affluent, you have an internet connection, even if you barely use it.
Everything Stallman advocates to avoid detection just makes him an even bigger target.
You don't understand why tracking may be bad? Or are you just trying very hard to mock his very valid conclusion?
Here's other people's thoughts about cellphone tracking: http://www.zeit.de/datenschutz/malte-spitz-data-retention/ (totally crazy, right!)
> If he's concerned about remaining invisible, then this must be applied rigorously across all aspects of his life
No, it mustn't. Every bit helps.
> Does he wear dazzle face-paint or glasses with bright IR LEDs on them so that CCTV cameras can't pick him up?
Perhaps he does not yet live in an area with seamless CCTV tracking.
> The sign that someone's a crackpot is in how inconsistent they are in applying what they've concluded. It means they're missing something important.
You must be a crackpot then because you're clearly missing that Stallman has probably managed to avoid having his daily movements tracked by some carrier.
> Everything Stallman advocates to avoid detection just makes him an even bigger target.
To whom, with what (crackpot-like) line of thought? Stallman is very open about his principles, his reasons and his actions. It would be extremely dumb for anyone to derive from this information that he is dangerous or a worthwhile target.
When I engage with social networks, use a cellular phone, I'm aware of the liability. I'm making a conscious trade-off. I really would like it to be less of a big deal, that the privacy implications were minimal, but this is the world we live in. I support political parties and representatives that would restrict how this sort of information can be used, making it less likely to be collected in the first place.
> No, it mustn't. Every bit helps.
Either you're trying to avoid being detected, or you're not. There's no half measures here.
> I'm making a conscious trade-off.
No, you're not. If you and the people who have had what you wrote happen to them (they obviously would have been more careful than you) were making conscious trade-offs, nothing bad would have happened to anyone as a result. In fact, you do not even know what information you are disclosing to FB (it's more than you are writing) and other, unknown to you, parties, so a conscious trade-off is impossible. You are just patting yourself on the back for being satisified with your ignorance.
> Either you're trying to avoid being detected, or you're not. There's no half measures here.
From what I understand, he is refusing to provide personal information to a carrier and possibly other unknown parties, because that is potentially harmful and not beneficial in any way to him. Why are you insinuating that he is trying to avoid detection, as if he were some criminal? And by the way, even criminals aren't stupid enough to do everything wrong because they cannot do everything right.
I've even got Facebook's site and associated flam blocked on my computer so I'm not bombarded with their inane commenting system, "Like" buttons, tracking features, or other garbage I want nothing to do with.
I'm taking a risk by using a cellular phone, I understand thins, however I believe the down-side of using one is better than the down-side of not using one. That I'm not a politician or celebrity factors in to this decision.
I'm not even sure what Stallman's full reasoning is behind cellular phones as it's always glossed over with some kind of hand-waving about tracking.
> I think the thing to realize here is life can change very quickly. What if, for one reason or another, you become a celebrity all of a sudden - Or happen to acquire particularly well-connected enemies. When this kind of powerful info is used against you things look quite different.
As is only using the FSF's definition of free software (where it matters less that the software itself is free, but that the software doesn't point out to you any nonfree addons. Fedora Linux is free software, as is Firefox but since they allow nonfree firmware blobs, and addons respectively, they don't count).
Or free hardware, Good Luck With That, unless you like a single netbook made by a single company in China.
You're conflating the FSF's definition of free software, and the FSF's criteria for recommending software to users.
The FSF sees Firefox as free software (now that the proprietary error-reporting system they used is removed); they won't recommend Firefox, because it recommends non-free software. Fedora is a distribution, not a specific program, and they won't recommend it because it recommends non-free software.
By the FSF definition, a license is free if it protects the Four Freedoms; but software licensed under that could be something the FSF doesn't wish to endorse.
On the other hand, I totally understand the people who firmly believe that neither governments nor rogue personnel will ever abuse this information to their disadvantage. After all, billions of people firmly believe in some arbitrary deity and we haven't managed to prove them wrong.
Using a crappy computer from some no-name company in China is a protest vote and is not pushing things forward.
On the other hand, getting hardware hackers together to create a 100% free hardware platform would. The Raspberry Pi is close, all that's really needed is for some more aggressive lobbying to get the PowerVR driver component open-sourced.
Or consider, given how people are taping out custom Bitcoin ASICs, why is it inconceivable that someone could tape out an open-source CPU?
This is very important. What do you mean by "crackpot"?
* Reading the web via email only
* Using completely free software and hardware (which as far as I can tell, limits you to a very small subset of Linux on a single Chinese-made netbook)
* Not carrying a cellphone
* Not using any social networks.
Stallman's principled stand is admirable, but untenable for most. I need to violate every single one of these tenets in an average day at work.
And that's before we even enter the realm of entertainment, which is even worse as far as the FSF's definition of freedom goes.
Over unity energy generation from the vacuum is rightly labeled as 'crackpot' imo, Stallman's position, while extreme should (again, imo) not be labeled as such.
Calling proprietary software evil is an opinion, and there are plenty of examples of evidence that proprietary software was created in ways that one could label as evil. Give it a while and there might be some revelation which will cause lots of people to go 'oh, that Stallman was such a visionary, calling proprietary software evil'.
Now on this particular aspect of Stallman's reasoning I find him hard to follow because that would mean a whole class of something is bad whereas I believe it should only apply to instances on a case-by-case basis. But I'm going to hedge my bets here and sit it out for the next decade or two (assuming I have that much time remaining) to see if he might not be on to something again that is still hard to see from where we are standing right now.
One way in which this could play out is that in order to avoid certain societal fates is to have nothing but open source for certain classes of application (for instance, voting computers, software in use by the government in general or software that is used to power network infrastructure).
Don't be too quick to judge, Stallman has been right more often than I'm comfortable with on some of his most 'extreme' views.
He's not the only one that's been crowing about electronic surveillance. Ever since things like Carnivore (http://en.wikipedia.org/wiki/Carnivore_(software)) were uncovered in the 1990s, it's been obvious that there's a lot going on we will never be fully informed about, that the internet is no longer a safe playground devoid of malevolent actors. Mailing lists and USENET groups at the same period of time were constantly aflame with these sorts of issues.
If you can cite an occasion where Stallman has had a unique insight into the situation, I'd be surprised.
Stallman, for all his posturing and relentless drum beating, which is at least admirable from the point of dedication, is still no Alan Kay, Marvin Minsky, Marshall McLuhan or Raymond Kurzweil.
In the real world, that shows a distressing lack of critical thinking and a further distressing abundance of dogmatism.
"Proprietary software is bad" -- Subjective value judgement.
"Properitary software is evil" -- Subjective value judgement that shows a lack of thought.
"You should always use free software wherever possible." -- Subjective value judgement.
"You should use absolutely nothing but free software ever" -- Subjective value judgement that shows a lack of thought.
I mean, the FSF "disapproves" of software that is completely free on its own (Fedora, Firefox), merely because they point out nonfree things you can use. (Fedora's firmware bundles and some repos, and Firefox's addons site).
That's completely idiotic. Apparently the FSF's "freedoms" do not include the freedom to run whatever software you choose if it's "unfree".
Guess what the solution to the proprietary software problem is? Not using or promoting proprietary software or platforms that enable it.
You are getting upset that the Free Software Foundation has standards to be met to consider software as "free". To dismiss their agenda as existing in 'crackpot' territory is invalidating a legitimate argument to support your shaky conclusion.
* The FSF uses computers other than Yeeloongs. The FSF also doesn't really care about free hardware. The Yeeloong has chips with non-free firmware burnt in, and the FSF doesn't care because that isn't software. It's the Free SOFTWARE Foundation, after all.
* Stallman is on a few social networks, notably identica @email@example.com (possibly now defunct). He probably has a GNU Social endpoint.
I think you're conflating Stallman's willingness to be uncompromising in his own lifestyle with his calls for reform. Stallman is fairly intelligent and understands that not everyone can live like he does, but I suppose he feels the need to answer the question of "what should you do in the present beyond push for reform."
I also don't know what "entertainment" you're talking about. The FSF is against proprietary video game engines, but their mission pertains to software, not music/movies/etc.. They campaign against DRM because DRM requires non-free software to enforce.
Surely you can't expect people to take this argument seriously. It's easy to get internet access on the go in much of the world already.
It's easy to get Internet access on the go in most of the places I've been to, but I've been to a tiny fraction of the places RMS has been to.
Then it seems that crackpottery is a term that may be removed in retrospect. I'm sure at some point in the future someone will crack the energy from the vacuum riddle, who knows.
Suggesting that people abandon social networks, never own cellular phones, avoid using the web almost entirely, these are extreme positions. What makes them crazy is when he's an advocate that everyone should follow these edicts.
Surely it's some kind of "geek social fallacy" that's being applied here. Stallman has come up with what he perceives as the optimal strategy and anyone who diverges from this is doing it incorrectly, just as how free, open-source software is the only kind of software that's acceptable, and everything else is "evil".
It isn't impossible to beat information out of millions of people. It's been done before and it'll be done again.
You say it'd invoke suspicion, but it wouldn't. If you're at the wrench phase of interrogation, you're already in a world where legal powers don't matter.
Are including the USA in the list of 'brutal military dictatorships'? Because the USA disappears people: https://en.wikipedia.org/wiki/Khaled_el-Masri
One of the slides literally says that users must be careful to and their query with another parameter to avoid running afoul of the law.
I'm sure they know everything they need to know about Stallman, just as they do about everyone else, apparently. Unless he's sitting in a cave writing EMACS source on goat hides, they'll have a window into his activities.
Only if we are talking about the same types of attack, which we aren't. If you do "wrench" style targeted attacks at a large scale, you'll leave 10%+ of the population injured, how is that supposed to work out for a government?
Stallman's counter-measures probably work as long as only very few people use them. The same is probably true for terrorists, which is why this whole dragnet surveillance does not really work towards the stated goals and "crackpots" like me suspect it may have more to do with bullying people into self-censorship.
It's an update to what was already going on.