Hacker News new | past | comments | ask | show | jobs | submit login
Today is The Day We Fight Back (thedaywefightback.org)
2061 points by brokenparser on Feb 11, 2014 | hide | past | web | favorite | 258 comments

All of the people who built the site and the banner are volunteers who met on HN across various threads, and not members of any of the advocacy orgs or companies listed on the site. We're really interested in getting feedback on how future campaigns can be better, and happy to discuss some of the decisions we made. The non-profits involved did all the legal and organization lifting, and this is a great opportunity to donate to the EFF and Demand Progress if you haven't recently.

Likely the most impactful thing you can do right now is to add the banner to your own site and ask the companies you work for to do the same. We've tried to make it as easy as possible to add the banner; you can find all the options (including a Cloudflare app and Wordpress plugins) here: https://github.com/tfrce/thedaywefightback.js

Pushing for technical solutions to the surveillance is also really important. Friends at Fight for the Future are launching a campaign along those lines as soon as this one wraps up, and there are a lot of open source projects (e.g. the great work done by [Whisper Systems](https://whispersystems.org)) that deserve attention.

But legislation and technology need to work hand in hand for things to change in the long run. Even if we have decent technical solutions, legal measures can easily limit the scope of their success (see Lavabit).

(My comment here is about the international version of the site - the USA one is much clearer in its purpose.)

One crucial piece of information I haven't been able to find is what happens to the names and email addresses people enter. How does filling in those boxes amount to taking action?

I am strongly opposed to mass surveillance, but thedaywefightback.org doesn't seem to be communicating successfully how exactly it is going to help. If it is doing something that will truly help (which seems likely, but I can't really tell), that needs to be clear in its message, and it isn't.

That's a really valid criticism, we're just pushing some changes that we hope address those concerns (will be up in about 10 minutes).

Edit: Changes are up. It's not perfect, but hopefully it addresses some of your concerns.

Hey mkl,

So they'll be a shorter version of this on the main site soon, but I can spell it out at greater length and more informally here. (I'm EFF's International Director, btw)

The short answer is that you're signing your support for a set of 13 principles on the application of human rights to communications surveillance ( see https://necessaryandproportionate.net/ ), that were worked out last year (pre-Snowden, actually) by a coalition of technologists, privacy activists, and legal scholars.

The long answer: We've been using this language to push the idea in international venues and among key lawmakers in various countries that mass surveillance (as well as a bunch of other practices conducted by the NSA and other spooks, including corruption of crypto standards and backdoors) is a violation of existing human rights standards.

This is important internationally because if the NSA gets away with its current behaviour, it'll establish a norm that such surveillance is okay for any government to conduct. We need to push back against that norm.

To do so, diplomats, policymakers and others need language and arguments to back that up.

The Principles give them that language in a familiar context (and we're working together to provide more detailed arguments and other legal guides). It has found favor among politicians, experts and other influential people I think partly because the smarter ones are genuinely worried that pervasive surveillance really could undermine their own societies -- they recognise what it could do in the wrong hands as much as anyone else.

In providing that leverage, it helps to convey that it's not just a bunch of domain experts that think forbidding mass surveillance is a bad idea, but that an increasingly large number of citizens find it abhorrent. That's what the signatures will do. It really makes a difference in this arena, because so few obscure technical documents have hundreds of thousands of supporters :)

I'd encourage anyone who wants to understand better how we're trying to get all governments, not just the US, to craft better surveillance legislation to read the full text of the principles at https://necessaryandproportionate.net/text You can also ask me questions at danny@eff.org . It's a long haul project, and we're conducting it alongside legal actions in the US and abroad, shoring up and disseminating crypto tools, and other non-policy defences. But it's pretty amazing to get unanimity with hundreds of privacy groups on some basic principles with which to start building proper, 21st century, surveillance law.

A (unofficial and probably wrong) precis of those 13 Principles:

1. Legality - privacy restrictions must be prescribed by law.

2. Legitimate Aim - What you want to break privacy for must be to support laws.

3. Necessity: We cannot (reasonably) achieve the aim without breaching privacy.

4. Adequacy: Listening to your phone calls must reasonably allow us to achieve the aim.

5. Proportionality: Don't listen to everyone when only some will do.

6. Competent Judicial Authority: Any breach of privacy must be authorised by Independant, capable judges.

7. Due process: Who follow a clear process

8. User notification: and tell you you are being watched (unless that might hurt the Aim)

9. Transparency: We get to see the metadata on their phone tapping

10. Public oversight: and a few of us get to see everything not just the metadata

11. Integrity of communications and systems: backdoors are not allowed, if you are bugging us legally, you dont need a back door

12: Safeguards for international cooperation: No playing arbitrage with different jurisdictions

13: Safeguards against illegitimate access: and secure your stuff.

I hope those help

It's a great action - and technically speaking takes us to a new level I think - I look forward to adapting the code for other campaigns I'm involved with. I appreciate the background and your work involved in bringing groups together internationally.

But my question is, with the publication/confirmation yesterday of the basis of the US drone assassination program in NSA cellphone spying (see https://firstlook.org/theintercept/article/2014/02/10/the-ns...), will you be incorporating a demand to reign in the NSA because their surveillance is killing innocent people? I think it is a real opportunity to reach out to many other groups and individuals who are opposed to and organizing against the drones both in the US and abroad.

> The short answer is that you're signing your support for a set of 13 principles on the application of human rights to communications surveillance

Yesterday, I was this close to putting my name+email there, until I thought "wait, what am I even signing for, either this might actually accomplish something important and I really should know what exactly before I can honestly give my support, or it's a rather meaningless gesture carrying just a vague anti-surveillance sentiment" (given the names and people involved I was pretty sure it was the former, but not knowing what I'd feel disingenuous about just adding my name to a list "just, make it better, or something").

Knowing this now, I signed it right away.

Your point is very good! It needs to be specified how our signatures will help in the fight against mass surveillance. We signed, and now what? Spread the word. But what is next?

I think the solution to this has to be on multiple fronts. It would be a good idea to push for laws which forbid certain kinds of surveillance. In the US the situation with the constitutionality of the NSA activity needs to be clarified. In the UK it would appear that the activities of GCHQ - particularly using DDoS and other "dirty" methods - is against the existing computer misuse laws. Investigating and following up on that would be useful. Probably they will make all of that retroactively legal, but there might be an opportunity to challenge and stop that in parliament.

On the technical front if you're a software engineer you can spend some of your time helping to develop, test and debug the various encrypted communication systems. Often security audits are needed. If you're not a software engineer then find out how to use encryption tools - PGP, XMPP/OTR, Tor, Bitmessage, etc and encourage your friends to use them.

First off I love the "we'll call you and do all the work" implementation. Really lowers the barriers to entry.

Second there are two tricky bits of the workflow that didn't quite work for me.

1. Feinstein doesn't have a mailbox, and if you wait on hold for more than 2 minutes the line hangs up.

There was no mechanism to have tdwfb "try again later." So now the burden is on me again. (tiny violin)

2. I was connected to two congresspeeps.

Only one is valid, but zip is ambiguous. I suggest that if someone spends time talking to the first rep, then the second shouldn't even be mentioned.

Re: 1., we've just raised the time limit for calls to 20 minutes. Thanks for using the tool!

I'm sorry 1 was ambiguous. Feinstein's office hangs up and asks you to call back. The higher limit on your side is good though!

Assuming these comments are being watched. The "thirteen principles" link on the main page gives a 404, it looks like there was a copy/paste error, it goes to:


Fixed. Thanks :).

excellent! well, i guess i played my part in the fight against surveillance today. ;)

Your comments were being watched.

Everyone's comments were being watched, now he's been escalated to a contributor and added targeting! :p

You'll probably go on the no fly list for that.

I think this is really great.

Since you are asking for feedback, I heard this on IRC when I mentioned adding thedaywefightback.js to a site I manage.

    <Erkan_Yilmaz> lukeshu did you tell 'em already:
        #findTheError "The Day We Fight Back" against mass
        surveillance has on its website #twitter and
        #facebook offered (only) thedaywefightback.org
That said, I'm not personally sure what's popular these days in terms of decentralized social networking.

Great site and resource, thanks!

When I shared the link with a friend he mentioned he was uncomfortable giving his number and email address. Maybe consider having a link close to those fields to help the visitor find the number or email address of their Representative. That way if someone doesn't want to give out that information there is a quick alternative available.

Yes, this is always what I look for when I see one of these sites. As well-intentioned as you may be, I have no way of verifying that you're not putting me on a bother/solicit list, so the thing that is most likely to get me to participate is if you take all the "we do it for you" machinery and have an option where I can walk through the flowchart myself. Provide me a way of doing the mapping from my home address to the relevant phone numbers myself, then coach me on exactly what to say when I call.

Exactly. It's asking to help get back privacy by giving private information. I understand why it's done, and it's quite useful to a lot of people. Still, having another option would be nice.

"Likely the most impactful thing you can do right now is to add the banner to your own site and ask the companies you work for to do the same."

Why do you feel this is the most impactful thing that [I] can do? Specifically, do you believe that putting a banner on webpages will prompt more phone calls to legislators, which will in turn lead to the reduction of surveillance?

The video is heavy handed (actors and names-the-common-person-would-know with sweeping music) saying that surveillance is bad, but it's never clearly articulated _why_ one should believe that data mining by the government is wrong (besides unqualified claims of it being unconstitutional and against imagined civil liberties).

I personally think that there's risk in allowing a government to harvest and store data indefinitely (primarily because an unscrupulous politique could perform a character assassination to push a narrative), but I'm not the target audience for this advertisement.

I'll preface by saying that the USA freedom act will pass because congress does not like finding out when an agency is going behind their backs, and also voting against it is electoral suicide in close districts. So, in my opinion a calling campaign is a gestural action.

That said, fighting an information war against intelligence apparatus is a losing battle. This will only push the program deeper into the classified bowels of the massive US intelligence machine. They are currently operating through classified intelligence and loopholes, and once the FISA court loophole is closed they will find or produce another.

Next time you do this, you should create a widget for calling Congressmen directly, the way Tumblr did it with SOPA last year I think. Calls are much more effective than signatures or emails and I barely even see a 2-step call to action for it. It should be the big immediate and obvious call to action right on the front.

So a congressman is going to pickup all these calls with a pen and pencil ready?

Congressional staffers answer the phones and keep a tally of issues that have generated phone calls from constituents.

Oh, and this shouldn't be only a single day thing. I mean I see no reason why this couldn't have gone for a whole month, or even in perpetuity, and ask websites to keep it until we see real change from Congress.

I'm actually curious how long it takes before Google adds it to their frontpage :)

They seem to be celebrating "Safer Internet Day"

no doodle, when I Feel Lucky! https://www.google.com/trends/hottrends

Google's in, along with a few others, but no App for that... http://www.reformgovernmentsurveillance.com/

Push even harder during elections.

What does that buy us, when politicians ignore campaign promises and so much of this is secret enough that it takes more than 4 years to come out?

It's as if real political change requires investment in the process throughout various means for an extended period of time, isn't it?

I know, right?

politicians ignore campaign promises You should back or elect different candidates. Don't simply choose the candidate others have chosen for you, get involved earlier in the process to make sure the person you're voting for has a greater chance of voting for the issues you care deeply for.

That worked really poorly with the last "Hope & Change" candidate.

If you suggest voting for an independent... That is sort of a pipedream in the current US election climate. Noble thought and effort to push for such a candidate, but they have little to no chance of actually being electable. And even if they do get elected... Whats to stop them from being totally corrupted, or just overtly ignored by the rest of the government?

You think Obama had a hard time pushing through legislation? Just wait till some independent has to fight both Dems & Repubs on every issue because he/she isn't part of either party (and basically a slap in the face to their power structure.)

Edit: The biggest issue (in my opinion) at this point is the two party system that is entrenched beyond belief.

> Edit: The biggest issue (in my opinion) at this point is the two party system that is entrenched beyond belief.

Entrenched to hopelessness.

Money buys politicians so much power and there is no amount of regulation (which would have to be passed by those in power and getting the money, HA!) that could curtail it. Eventually you are going to step on someone's first amendment right to "say" (buy ads upon ads upon ads) what they want for/against another candidate.

I think the only way I can hope for actual change is for more people to get involved and not be so easily swayed by various types of media. But the majority is lazy..

There are 3rd party candidates...

In the election of my local representative there are only two realistic contenders - both from the 2 main parties. No one else has the resources to send out all the junk mail and recruit all the college kids to harass people.

And the funny thing is - just like probably most of the congress people - our representative isn't really all that bad. She's just not really good. She's just a nice old lady that's a vanilla career democrat. The chances she'll be voted out are effectively zero.

So I just don't vote for people any more (i leave it blank). However, I still go to the polls to do the ballot initiatives

But that only works if what they say at the outset correlates sufficiently with what they'll do in office.

> We're really interested in getting feedback on how future campaigns can be better

I'd recommend addressing the actual problem, which the all-encompassing surveillance is a symptom of. The actual problem is that there is a government in place. For more information, look up Stefan Molyneux, Larken Rose, Michael Huemer, Murray Rothbard, David Friedman, etc.

And the actual problem that cancer is a symptom of is that we have bodies. So we should really be working towards the Matrix, not doing dead-end research on curing or treating diseases.

You're not following, but that's expected. It's not exactly difficult to see reasons for why governments should not exist. They're all around you, and there are countless of them.

As a very simple example, why are laws like SOPA and CISPA passed in secret, unless there's a massive uprising against them? Obviously, they're passed in secret, or stealthily, or all of a sudden - they're just rammed through exactly because they know the people would be against these laws if they only fucking KNEW ABOUT THEM.

Did you think defeating SOPA would be meaningful in the grand scheme of things? If they're passing one law that's harmful to the masses and against their will, why wouldn't they pass another? .. and another, and another?

Well, if they're passing harmful and unnecessary laws all the fucking time, do you think they just might not be on your side? I mean, how difficult is it to figure out that "your" representatives don't actually represent you? They're constantly passing laws that are against your will, after all. Oh, and they're extorting you too! (It's called "taxation" to make it more palatable)

Now then, since it's obvious that the government and its legislators are not on your side - contrary to what people commonly believe, strangely enough - doesn't it make you wonder whether having a government is a good idea in the first place?

It's not difficult to see that government should not exist ... Do you have any idea how ridiculous you sound? No one should take you seriously; I don't see what espousing that ideology is going to get you.

> Do you have any idea how ridiculous you sound?

Did you even read what I wrote? But I get it. It's difficult to process this information.

> No one should take you seriously

Don't just take my word for it. Go investigate the collective works of the people I listed above. If you do that, you'll agree with me (unless you've been severely traumatized as a child).

> I don't see what espousing that ideology is going to get you.

Me? -Possibly nothing. But it's good if I can help ordinary people everywhere avoid whatever seriously unpleasant fate awaits us all if we don't wake up in time. People not being subjected to coercion is not much of an ideology by the way.

Yeah, having roads and running water are just awful. Schools, sanitation, energy, parks, rights for minorities and laborers. I just HATE that stuff.

Ah, this again. Is there something special about all those services that makes them impossible to provide with money that has not been extorted from millions of people?

Yes. It's called a coordination problem: http://raikoth.net/libertarian.html#coordination_problems

That FUD is not relevant to my question, and I don't have the time and energy to dissect his contrived, unrealistic fearmongering scenario now.

But for example, why would other people let Mike pollute the water despite everyone else having signed the "Filter Pact"? Mike's selfish actions would directly affect other people making a living, and therefore, some kind of intervention would be warranted - and would happen too! After that, everything is fine again.

Even if you're silly enough to argue against your own freedom, you can't just leave things at presenting a problem, expecting it would not get solved, and thinking you've proven that freedom "doesn't work".

Government exists for all animals. It is an immutable fact of the universe. Ants have government. Termites have government. Naked mole rats have government. Wolves and caribou have government.

It's not up to us. All we can do is decide what structure the government will take.

> Government exists for all animals. It is an immutable fact of the universe. Ants have government. Termites have government.

Wow. At least you're being original :p

> All we can do is decide what structure the government will take.

Actually, as long as we have rulers, we can't even do that. You may be aware of the US quickly turning into a nasty police state. Do you think the people being "governed" had a say in that?

The only possible solution is to have no rulers.

Saying "let's get rid of rulers" is like saying "let's get rid of the ends of a piece of string." It's a logical impossibility. All you can do is replace rulers.

All it takes is for the belief in political authority to dispel. Unfortunately, that's a massive change from where we are today.

And how does massive social change come about? Via organized campaigns. Which have leaders. Who become the new rulers if they succeed.

In the last century the Chinese and Russians collectively agreed to give up concepts of property and privilege for the betterment of all. Except, some of them only pretended to do that. So they ended up with everyone else's property and privilege.

It's not hard to convince every single person that they should not be ruled. It's impossible to convince every single person that they should not rule. There's always someone who thinks they could do it better if they were in charge.


I switched into writing Markdown by accident. We've got the site frontend running on jekyll so it's static and easy to scale, and I've gotten too used to using the syntax.

I can't edit that comment any more (time expired), but the correct link is https://whispersystems.org

Here is great post from reddit by SomeKindOfMutant:

"Right idea; wrong methods. Let me explain. An email to your legislators may result in a form letter response and a phone call to the office may amount to a tally mark on an administrative assistant's notepad. But, if you want to get their attention, a letter to the editor published in one of your state's 5-10 biggest newspapers that mentions them specifically BY NAME is the way to go.

That is the crucial thing to know--the rest of this comment is an explanation of why I know this is true. I know this because, when I interned in the D.C. office of a senator one summer, one of the duties I shared was preparing a document that was distributed internally both online and in paper format. This document was made every day and comprised world news articles, national news, state news, and any letters to the editor in the 5-10 largest newspapers within the senator's home state that mentioned him by name. I was often the person who put that document on his desk, and it was the first thing he read every morning after arriving to the office.

I began to suspect that this was standard operating procedure because several other senators' offices share the same printer in the basement of the Russell Senate Office building, and I saw other interns doing the exact same procedures that I was involved in. Since the internship, I've conferred with other Senate and House employees past and present and determined that most--if not all--offices use essentially the same procedure.

Edit: I don't mean to suggest that calling or emailing your legislators is worthless. It isn't--it's just not the most effective route to getting their attention. However, if you don't have the time to writer a letter to the editor, please consider at least calling or emailing them. In fact, there's no reason why you couldn't use multiple tactics by calling them, emailing them, and writing a letter to the editor. If you would like to go the call or email route, tools to help with that can be found at https://thedaywefightback.org/"

I would bet that the sheer fact most every competant reporter has come across a website promoting thedaywefightback.org today that most every newspaper in the nation will be talking about it tomorrow in some regard.

Why don't we (as the hacker/programmer community) also "fight back" in the meaningful & legal way that is our core strength?

Resolve to push for encryption if there is any PII data in an app that you work with especially if it is a e-mail/mobile/social app. at scale

Refuse to work with/at NSA until their policies change

Refuse to participate in any committee/standards body, conferences, with NSA employees (or their cohort companies who have willingly forsaken the public's interests)

Encourage non-tech folks to adopt stronger privacy practices

etc etc...

>Refuse to work with/at NSA until their policies change

When the NSA demands your data, you're not really entering a business partnership.

>Refuse to participate in any committee/standards body, conferences, with NSA employees (or their cohort companies who have willingly forsaken the public's interests)

That said, if you're part a committee or a standards body and you have opinions, the only way that you'll get your changes in place is if you show up.

> When the NSA demands your data, you're not really entering a business partnership.

True, but I saw the original comment as relating more to recruiting. The NSA works just as hard as any tech company to compete for skilled employees.

If you're the kind of person they want to hire, you have lots of fantastic other choices. So choose something else. Unless you're planning to pull a Snowden (and have gonads of steel).

And if you do decide to help code the surveillance state, the rest of us may take that into consideration in future hiring, buying, and investing decisions.

>If you're the kind of person they want to hire, you have lots of fantastic other choices. So choose something else.

I am the kind of person they'd want to hire and what has kept me from applying is the relative low pay and not being in my area. As an engineer, you'd get access to cool tech in an interesting domain.

>And if you do decide to help code the surveillance state, the rest of us may take that into consideration in future hiring, buying, and investing decisions.

Really? Because you don't use Amazon, Microsoft, Google? You wouldn't hire a qualified candidate if she had worked at the NSA?

So are you saying that the actions that the NSA have taken are not against your conscience? If so, then I would hesitate to hire you because ethical and conscience-based decisions are key to having trust in employees.

>If so, then I would hesitate to hire you because ethical and conscience-based decisions are key to having trust in employees.

Because every employee working for the NSA is doing a-thing-that-you-don't-like(tm) and not something different or important. I wouldn't want to work for someone that simplifies complex issues anyway.

In this scenario, the qualifications of the person or what function they served at the NSA is pretty much irrelevant. (That said, as a hiring manager I wouldn't take what a former NSA employee told me about the functions they served at face value.) The poster is brainstorming ways in which average citizens could cripple an organization seen as out of control. While this particular method may hurt the individuals who work there, and leave the overall hiring a little less unqualified, it doesn't mean that the idea has no credence.

> Refuse to work with/at NSA until their policies change

Don't agree with this. Boycotts relying on cooperation and trust between unorganized members are doomed to fail and only hurts those that take part in such boycott.

There's also such a thing as having a conscience. I agree that organizing and solidarity are necessary for effective political action but let's not discount the power of resistance against the moral turpitude of the day.

I'm not going to jail due to fighting the government about disclosure of the users of my dumb smartphone game. It's fun to play the moral high ground, but let's not pretend we're the bastions of society because we encrypt user data.

So you think that after you join NSA, you'd participate in such a boycott against NSA? Or will you be even more terrified about losing the job you've already gotten, and try to be on the "safe side" as much as possible to keep your job?

If when you join a company, you lose your personal identity, your employer has gotten a bargain on your hourly rate. There will always be another job.

I think it would be hard to build a movement around the things you list. The core competency of the hacker/programmer community is technical and a lot of the technical solutions tend to have significant difficulties in implementation (such as email encryption).

Why not focus on a very limited number of simple to understand technical goals. For example, you could advocate the creation of private encrypted tunnels between large corporate networks. So that all traffic is routed by default over a VPN if such a route exists. This lets encryption be a compliance issue for an IT department rather than a user level app problem.

My little fight back are some instructions on how to provide your own internet services, including encryption.


It's not ideal, of course, but in the short term since there seems to be no political appetite for relinquishment or meaningful reform then technical mitigation strategies - if they can be sufficiently popularised - may help to reduce the harm resulting from mass surveillance.

Ultimately the solution is both political and technical. When politicians or other public figures make claims that what's going on is "not mass surveillance" or try to imply that collecting metadata is unimportant then they should be challenged.

Some feedback:

* don't use md5 as a security feature! I suggest to replace the use of md5sum with sha256sum (not even sha1sum is really safe anymore). The only use of seeing md5 in security contexts is to indicate that the person recommending its use doesn't understand security, which may admittedly be a worthwhile feature in itself. Perhaps you're really saying "this is one of the weak links in our security chain, the source code we're getting here might be hijacked or have huge security holes, and I haven't checked the sources, so it doesn't matter much anyway whether you're using the same sources as me anyway"? Then perhaps point this out, like using sha256sum and at the same time mention "(although I haven't verified the source code against security issues or backdoor (yet?))".

* I'm not a cryptologist, but regarding "the security of encryption depends upon how random the pseudo-random number generation on your system.." I think that's the wrong use of the term "pseudo-random number", as /dev/random really is about randomness, not pseudo-random numbers at all. /dev/urandom does stretch the collected entropy using pseudo-random number generation, but I think even the phrase "how random the pseudo-random generation" is mathematical nonsense, as it's not random at all, just random-looking when not knowing the generator inputs. Perhaps say "The security of encryption depends upon the randomness of the random source used on your system"?

(* I think the NSA is able to track you anyway, regardless of whether you're using your own server on the same IP or not. Thus the suggestion "make you more vulnerable to traffic analysis" will probably only hold for companies trying to track you.)

Good points. Thanks. I used md5sum mainly because it was given on the original sites from which software was downloaded, but if sha256sum is more unique then I'll use that instead.

Although there are some systems where I'm familiar with the code - such as Bitmessage - in most cases I havn't personally checked the code myself. Ideally Freedombone would be a pure blend (I think that's also the aim of FreedomBox), but for now it does involve downloading some non-packaged systems.

> more unique

That makes it sound like you're thinking that the chances for a conflict (same hash value) depend just on the size of the hash value. But it's worse than that, thanks to algorithmic insights, inputs that produce the same hash value can be found more cheaply than just by chance. Also, they can be found so cheaply that it's computationally trivial to do even for an individual [1]. Thus anyone who can change what data you receive, can trivially also make it hash to the same MD5. (I haven't checked whether publicly available software exists to generate conflicting files that are also, for example, valid gzip files, but I surely expect that an entity like the NSA (and perhaps blackhats, too) can create such software on their own.)

[1] "produce a collision for two inputs with specified prefixes within hours, using off-the-shelf computing hardware": https://en.wikipedia.org/wiki/Md5#Security

Yes, there are many sites that still tell users to check MD5 hashes. I think it's evident that those are totally worthless for some years now. Worse, it may be giving some people a false sense of security. OTOH those places might give those who do know a hint that perhaps the authors or distributors don't know about security. (Sorry for the harsh words...)

Thanks for the information about this. I didn't know that md5 was quite that easy to fool. The hashes have been duly changed to using sha256sum. I'll file bug reports for any md5 hashes that I see in future.

I used md5sum mainly because it was given on the original sites from which software was downloaded

That is indeed a limitation. I'd suggest you explain what md5sum is, how to use it, and what its limitations are -- specifically that collisions are now trivial to instrument.

Developers / vendors still relying on md5sum really should be named and shamed these days.

This is really, really, well done. It'd be nice with some simple styling, to not make it look too "alpha-geek" to the wider tech sphere. Otherwise, cracking work.

Anyone with better web page design skills is welcome to make changes or forks via the Github site.


Presentation and clear readability is certainly an important factor.

That's a good little installation document. I'm going to give that a go with a raspberry pi when I get home.

How up to date are the instructions?

It's not little - it's quite comprehensive. Excellent job done. It's explained quite well in a very enjoyable writing style.

I think anyone who knows enough to add a banner to a webpage can work their way through the document.

It's a good idea to promote it as an alternative because from the outside at least, it seems freedombox has lost momentum since the privoxy release, even though the idea is sound.

Yes, that's the intention. Anyone with minimal skills should be able to follow the instructions in a straightforward way.

Until such time as FreedomBox or maybe ArkOS are in a more developed condition this is about the best I can manage.

I didn't mean to belittle it all, I'm well impressed with it. Nicely explained for the most part and I saw afterwards that it's up on github too so it's easy to send in corrections for it.

I had to look up Friendica and Movim to see what they were (I'd never heard of them before), it'd be nice to have links to the respective homepages, so off I'll go and add them in.

Pull requests for corrections or installation sequences are welcome.

No problems, I can see one or two bits that I think could do with clarifying (not least to get rid of emacs :P ). I'll have a go at it this evening and take notes.

The particular editor isn't all that important. You could just use nano or vi. I don't think any of the instructions contain anything really Emacs specific.

I happen to use Emacs and the source for the site is an org-mode document, which makes editing it very easy. Exporting it as HTML is a few key presses.

As a vi user, i'd be willing to leave the great war to one side and give nano the thumbs up, many people not used to the console struggle to quit out of vi or emacs while being competent with sublime text or notepad++. nano works better for them.

Only messing. I just couldn't resist bringing up the great editor debate :)

These instructions have been put together recently - mostly in January this year. It's an ongoing effort to include as much useful communications software as possible.

If you want some quick-and-dirty CSS to make that slightly cleaner:


... it's just a set of styles I slap on blank pages myself.

Consider it GPL v2 or better, BSD / MIT licensed, though honestly, I couldn't care less how it's used or by whom.

Needs some work, but that makes quite a difference. Thanks.

You're welcome. Anything specifically?

The image probably needs to be smaller or the license text placed somewhere else.

Unfloat the image.

Extremely well-done. Thanks, will build one.

I'm amazed that nobody's mentioned the biggest weapon we have against the political class:

Primary elections.

Not the final elections - by then the incumbents are in place and it's too late ... for national office, incumbents resign / die more often than they're beat by an opponent.

Primaries are where the action is, for two reasons:

* it's the one time an incumbent is most vulnerable

* very few people vote in primaries compared to election time, so each person's vote makes a bigger difference

Want change in D.C.? If you primary just 10% of the critters there, you'll get their full, undivided attention.

Yes, emails, letters, and phone calls have an effect. So does K Street. Politicians care about their re-election and money / resources to make it happen, so in the game of influence, I (a normal taxpayer with neither the desire nor the ability to bribe them) will always have the disadvantage. That's why I'd rather fight outside their game - in the primary race.


More info:

Yes, these links are from a tea partier perspective, but guess what? The tools they describe work for everybody just the same.


http://www.campaign4primaryaccountability.org/ One of the organizations in this space; there are others out there.

http://www.youtube.com/watch?v=eSib8MfaQLQ Leo Linbeck describes the general strategy and how it can work.

Primaries are mostly about gay marriage, abortion, and conspiracy theories.

The way to measure your political effectiveness is how many people have lost their jobs. We're not making real progress until Diane Feinstein and Barbara Boxer are unemployed, just like we aren't making real progress on IP law until most patent attorneys are working traffic tickets.

The Tea Party began by running primary challengers to GOP incumbents, and they remain a powerful force today. It turns out that politicians listen when their friends lose their jobs.

Yep. The thing is, though, that a lot of Republican primary voters support the Tea Party's message of lower taxes, limited government, and a return to constitutional norms -- to the extent that they're willing to toss out an incumbent, which loses DC seniority and risks having an even-worse Democrat elected instead. That's trading short-term costs for long-term benefits.

It's not yet clear whether R and D primary voters care enough about NSA surveillance to vote out incumbents on those grounds alone. (What about abortion? Environment? The need for higher or lower taxes? Gay rights? Firearms? Etc.)

I suspect that NSA revulsion among R and D primary voters is insufficiently strong to make displacement a real threat. Look at SOPA author Lamar Smith's easy cruise to primary reelection victory in Texas hill country -- after being feted by those SOPA-loving liberals in Hollywood and opposed by Reddit's TestPAC. Smith won nearly 80% of the primary vote. BTW, Feinstein, one of the most prominent NSA loyalists, isn't up until 2018.

If anti-NSA activists really want to have a tremendous political impact, they should unseat Rep. Mike Rogers, who beats out even Feinstein in his defense of warrantless surveillance. But National Journal last year said Rogers is in a "safe congressional district that’s poised to keep reelecting him until he decides to retire": http://www.nationaljournal.com/congress/the-reason-mike-roge...

So good luck with that.

There are a lot of Michiganders uncomfortable with surveillance. Maybe some of them can eat a longer commute and move to Lansing?

Boxer is an odd target to single out. She's not been prominent or powerful in the NSA discussion, so far as I'm aware, and the most relevant thing I see on her Wikipedia page is:

"In June 2008 Boxer spoke in the Senate in opposition to the FISA Amendments Act of 2008,[51] a pending bill in the United States Congress to amend the Foreign Intelligence Surveillance Act,[52] and later broke with her counterpart Sen. Dianne Feinstein and voted against it.[53]"

I support this effort 100%, but... there's something a bit off about the messaging that I can't quite put my finger on. Perhaps "the day"? This is going to be a long haul, not like killing SOPA or some other bad bill. This system is entrenched, and has a lot of support. It's going to be a long fight, and it's going to be a slog.

For those in the US, though, please do call your representatives.

If I had to point to one thing it would be "the day".

* It's clearly going to take more than a day to achieve a positive outcome in a system that was established over many decades

* What happens when "the day" ends?

* Since the action is framed as "the day", this is how the media will report on it - including outcomes of the day. These outcomes, whatever they are, will be packaged with the day and thus more easily dismissed than, say, "the movement" (which continues to grow) or "the tide" (that is turning) or "the big cleanup" (which must be repeated regularly)

I think drives like these (whether intended to or not) result in heightened awareness of a problem, not necessarily a fixed outcome.

If something like this took place once a year (where sites protest mass surveillance) it would assure that people continue to discuss the issue instead of slowly forgetting about it.

Labeling the effort "The Day We Fight Back" has a certain "shock" value that intrigues people. If instead it were marketed as "let's talk about long-term strategies for dismantling mass-surveillance" support would probably trickle in.

After all, signing a petition or putting a url on your site isn't really "fighting back," it's a protesting.

Agreed. Even if the media gives "the day" plenty of coverage, their 24-hour news cycle will simply bury it, and CBSABCNBCCNNFNC viewers will have forgotten it by Friday, and likely not see it again.

This is the marketing effort.

Getting out a message means bringing as many voices together at the same time. Getting press coverage. Making noise.

Diluting that influence over a longer period of time dilutes the call.

That said: yes, a longer-term call to action would be a damned good thing.

I honestly think this is naive at best, and at worst useful idiocy on behalf of the companies dependent on the illusion the aim is even achievable.

Mass surveillance, if technically possible, is going to happen. Therefore make services where it isn't possible. If that screws with your business model you're part of the problem.

I'm put off because "The Day We Fight Back" sounds like something a 17 year old would say.

Are they forming a political action committee and hiring professionals? That is boring stodgy stuff but it's the boring stuff that makes up politics and has a good track record of being successful.

I do not put much faith in it simply because I bet the majority of people who are behind this voted for the guy in charge and will vote for the next person that same party put up all because they cannot think rationally.

As in, you vote for a candidate who is protected by identity politics you will never have a voice. You vote for a politician who adheres to the D or R and your just doing nothing.

I wish I could upvote this 10x.

"Mass surveillance, if technically possible, is going to happen. Therefore make services where it isn't possible. If that screws with your business model you're part of the problem."

Let's just extrapolate this.

Mass surveillance is possible because of the connected style of world we live in. Anything that is created can be corrupted in some fashion by world governments or corporations looking for an advantage. Therefore, we shouldn't do anything, because it's hopeless, or we should make something that is so needlessly complicated that no one will use it.

For Christ's sake, does your sense of superiority feel better now that you've poo-pooed this entire thing? Do you know what makes mass surveillance and government abuse in general quite successful and allows it to keep happening? Apathy and arrogance. Either you're so smart that you see this will always happen, so you can beat it for yourself, but not anyone else; or there is no way to fix it for everyone, so why even try.

You're right, this isn't achievable. UNLESS YOU GET INVOLVED IN THE SYSTEM. Like it or not, dirty or not, the current political system is what we have, and you have to work within it. That means talking to people, calling, writing letters to the editor, donating money, forming local groups, doing all of the old-school things that our representatives respond to. It doesn't mean resigning yourself to defeat before even fighting.

You don't like the way this initiative is running? Then pull your head out of your own ass and get involved in the real world. Take your almighty skills and put them to use for everyone, not just yourself. You're just as much a part of the problem as those other people seek to disrupt.

Sorry. Much rant.

Oddly we had an international phone system that worked without routing all calls through servers in the US before, and the same could and should be done for cloud services.

We should move to a model where the end user has a cloud end point in their own jurisdiction which contains all the apps and services they want. Stuff like docker looks a lot like an enabling technology. For example, this means Google shouldn't host gmail, but it should be available as a component for local hosting.

But we should be clear, the problem is not governments (there will always be bad ones every now and again), it's naive companies that believe that if they collect the data it's not going to be stolen from them. I would go so far as to say regulating the companies to prevent this stupidity is more likely to effect actual change than attempting to regulate the government.

It seems to be the focus is a lot on the NSA .. The NSA just happens to be the best at what they do. The Brits and Germans are pretty good too. As a Dutchman I know a lot of the HUMANINT stuff here relies on hijacking SQL databases and metasploit, and what is provided from other sources. But everyone is trying to catch up and make friends with ..

We basically need a publicly audited restructuring of our entire communication infrastructure. The problem has grown to such proportions that we now know that we can not trust governing institutions like NIST, or chip manufacturers like Intel for example. What makes matters much worse is that the U.S. government will just keep playing the same card of supposed reforms, while operations will not cease, but instead will do a illusive dance to more black on black policies.

At the same time, public interest in the matter has already massively dwindled due to over saturation in media coverage. While the cointelpro is working hard to dismiss everything as essentials to provide us with a (sense of) security for the global fight of terrorism and crime, apathy will prevail.

Also I'm referring to U.S. policies a lot, since they are the ring leaders and are influencing international policy and operations at the highest level.

But obviously this is a problem across many if not all governments. The nature of intelligence agencies is to gather intelligence by any means. This will never change, never disappear unless we get full transparency on government. Which will never happen due to concerns for national security. And we know where that road will lead to.. ask how Bradly Manning is doing.

So no, I'm a bit too informed, and have become way too cynical to be counting on a revolution any time soon :(

It is a positive day for the freedom of information and I am happy to support it, make the calls and emails, and tell friends about it.

I also think framing it as a one day campaign where the “fighting” involves passive action at the individual level is not a game winning strategy. It is still a great rallying signal though, and its effects have already gone beyond the single day, and for every person too lazy to change their avatar back, they will carry on for a good while longer in some way.

However, the motivation for the average person to even think about engaging such an overwhelming and invisible force as mass surveillance is very close to zero. For those who are willing, involvement seems to be passive (donating to a more capable organization, hitting a like button, resharing links), bursty (waiting for organized events to rally around), or demoralizing (low visibility of opponent, lack of support from uninterested peers or locals, extremely slow and indirect feedback loop for any action).

For these reasons, I hope that a campaign modeled as a constantly running open source game engine emerges, because that is actually just the bare minimum required for victory - to at least continue playing the game as long as your opponent is playing, no matter whether you are winning or losing at the moment.

A game model will at least make undeniably clear that there exists a thing worth playing for (your personal information perhaps), that there are actual opponents who can and will take this thing from you, and the visibility and mechanics needed for you to take action to protect that thing.

I would say for most of us a more accurate phase is, "The Day We Decide To Fight Back."

As far as I am concerned, fighting back for a day is useless. The NSA is probably going to find they have already lost this battle because we now trust their co-conspirators a lot less. It's the slow, relatively minor pressure over time by billions of people that will change things.

But the real danger is with the next battle. I think we are going to see a major showdown over legality of encryption generally within the next few years with a push for legally required back-doors (since it will be harder to guarantee cooperation unofficially and there is almost certain to be a lot of effort into guaranteeing better security). That's the one we should be steeling ourselves for.

So I won't be participating in this "The Day We Fight Back" not because I think it is unimportant but because I think it is too important than to relegate to a day of action.

I really, really don't think anyone is trying to say that this is the /only/ thing you should do.

Many of the people organizing this campaign worked on any number of different campaigns over the last 6 months (Stop Watching Us, Restore the Fourth rallies, a rally in DC, Defund The NSA), so we'd be the last to say that this is the only day you should take action.

Rather, this is a single day for all of us who care about the isuee to rally round and do something to reach a critical mass of action that gets noticed on capitol hill. And also to help educate people who've tuned out of NSA stories by reiterating all the things the NSA is doing to erode privacy.

> Rather, this is a single day for all of us who care about the isuee to rally round and do something to reach a critical mass of action that gets noticed on capitol hill. And also to help educate people who've tuned out of NSA stories by reiterating all the things the NSA is doing to erode privacy.

To be honest, I am jaded enough to wonder how much politics actually matters here. The NSA isn't going to stop spying on us because Congress tells them to. It isn't even clear that Congress knows enough about what is going on to really oversee it. And if they don't, then what? We get some feel-good legislation which purports to solve the situation but really just plants the seeds of the next great abuse. That's exactly what happened with FISA.

The current battleground is not on Capitol Hill. it is in the insistence that we make companies pay for what they are doing with the NSA and insist on the development of secure alternatives.

The next battleground (as we make gains in private industry) will be in Capitol Hill, and believe me, when it comes, we will need business interests to be on our side.

I think this is more about making noise to remember people -- people which does not follow tech and NSA news -- that surveillance is still a problem, that Snowden is still stuck in Hong Kong, that the NSA still collects a huge amount of personal information from non-targets.

But you're right the battle is much bigger than that.

He's actually on a temporary asylum in Russia, his stay in Hong Kong was short lived.


I think it's interesting that there are ~200k Twitter/Facebook shares at the time of this comment, but less than 10k calls/emails. The message seems to be, "I think contacting legislators is a great idea! I hope some of my friends do that.."

Chiming in as one of the developers, these share totals are the total from when the campaign first started. The tools for calling/emailing/petitioning have only been active for two or so hours.

Ah, got it. Thanks for the explanation and good luck with the campaign.

It is currently 4:27 AM on the east coast of the US. Most Americans are sleeping at the moment, and I doubt congressional offices are open.

Some congressman/senators are busier at night than during the day ;)

Afaik NSA is/was gathering information worldwide.

True, but as congresspeople are elected by the people of the US they would only be keen on hearing from them (well, that's the idea at least - in reality they don't seem to worry a lot about what a small but informed contingent cares about)

Indeed: they only take calls from their own constituents. I, as an Oregonian, will be ignored if I call a representative, from, say, Iowa.

Hash tags to show support? History is fucking laughing at us today.

History's not the only one. This is just adorable. I'm sure everyone involved feels like a really, really good person, though.

People are trying to get the law changed in the USA. It needs a show of support to help get this done.

It's much harder work than writing snarky one liners on some internet forum for nerds whilst you sip your expensive coffee.

This is the day to ask them to stop spying, and to ask our leaders to make them stop spying.

I mean no snark here, just clarifying my interpretation of the OP's point:

The only vote any of the mass majority has is where we spend our dollars & labors. These kinds of movements make everyone involved feel good and I do not deny this campaign is for a cause the participants feel is just...I agree in principal. However, joining another mineable database feels like doing the same thing that we are talking about curtailing, with the added potential of making participants part of a larger target if anyone threatened decides to go on the offensive. Legislators only listen to the hoi polloi when reading scripts in front of cameras or they are drumming up votes for the next election. Even more pertinent, the corporate environment that exists in the Western world has morphed to influence our every waking moment and would never allow an organized collective get too big or gain too much traction before well-publicized character attacks and disinformation fill the airwaves(or the startup is 'incorporated'). The status quo owns the media(even Reddit), the 'tubez(backbone) & most western governments(lobbying is corruption, whatever the laws have been tailored to say), thus they have the loudest message and currently control all infrastructure in this global society(think 'good ol boy' network rather than conspiracy theory). The antagonists and would-be 'movements' of late are diminishing from the public consciousness faster than other entities can make noticeable ripples: Wikileaks, Occupy Wall Street, Manning, Snowden... This is how group dynamics has worked since the dawn of tribalism. Adding sentience to the equation has potential to improve the human race above limbic compulsions but so far has only worked to increase the polarization to meet the desires of the controlling interests(most powerful? influential? smartest?).

I am sentient and have principals I believe in. These principals require me to make sacrifices sometimes, and that includes how I earn & spend my monies. I walked off a job in October that would have multiplied my income by a factor of 10, problem is they asked me to endanger myself, compromise my principals and break some really well-founded national safety codes, never mind the organizations' 'professed' safety policies. Instead, I'm living hand-to-mouth in a shack making a small fraction of my potential earnings and reading/commenting on HN. C'est la vie, I have made my choices and still sleep really well at night. Of the few dollars I make, I spend them just as judiciously as I earn them. There are unavoidable expenses in a modern society; housing, utilities, food. Other spending may seem crucial, but ultimately distill down to wants or conveniences and I've minimizing or eschewed those, too; ISP, TV signal, formal education. Then, of course, there's the disposable income and all that encompasses. How I earn & spend my money(times a factor of a few billion others), this is what drives the world economy and this is what I determined I can influence to create or realize meaningful change within 'my circle of influence'[1]. I must change myself first in order to change the world. I encourage anyone who reads this to contemplate doing the same. It's the only way to scale up a paradigm change, IMO.

PS: I also exercise my own tools that sometimes sacrifice useability in order to maintain my privacy and spread disinformation to those who believe they value my privacy more than I do; NoScript/AdBlock/Blender/UserAgent Switcher/HTTPS Everywhere/bleachbit/firewall monitoring/On+Offline switch/disposable accounts/disposable emails/old & tired maemo phone, etc... Even after two decades I still smile when a clerk says "Thank you for shopping with us today, Mr. Revell"[2].



Coordination of phone calls and emails to legislators seems to make a bigger difference than uncoordinated phone calls and emails. Posting banners on websites and sharing it on facebook isn't enough - by miles - but it helps people feel they're a part of something and if we hammer home that there are next steps to be taken maybe we can make some difference. Mockery only helps the establishment.

I really like the banner, although, in all honesty, I don't think this will have any effect on spying. I truly believe that the NSA cannot be stopped by words alone. People lie all the time. The only thing I think words can do in situations like this is drive it more underground, and make the NSA lie that everything is back to normal...

Presidents lie. Politicians lie.

Now, if every American refuses to work 1 day, and all head to the NSA's office, datacenter (and actually destroy the thing), that'd really mean taking matters into our own hands (extreme scenario, I know). The NSA knew people wouldn't like this, but they did it anyway, because nobody knew. We will never truly have 100% transparency what the NSA is doing. People can no longer trust them. Period.

> Now, if every American refuses to work 1 day, and all head to the NSA's office, datacenter (and actually destroy the thing), that'd really mean taking matters into our own hands

You forget the part where the USA is a militarized police state that, unlike (say) the Ukrainian government/police will not hesitate to use lethal force at these people.

Not that it will happen, but if it were to happen, that's what's going to happen.

Remember the police violence excesses with the peaceful Occupy protest? They didn't get friendlier in the mean time. The police did, however, get equipped with more shiny military war toys.

Please reply to this message with more applications that you find useful.

Self-host your email and keep it secure and encrypted https://www.mailpile.is/

Project Tox, also known as Tox, is a FOSS (Free and Open Source Software) instant messaging application aimed to replace Skype. https://github.com/irungentoo/ProjectTox-Core

Host your own file sync solution http://owncloud.org/

Torproject anonymous surfing https://www.torproject.org/

The invisible internet project http://geti2p.net/en/

GNUnet is a framework for secure peer-to-peer networking https://gnunet.org/

Kali Linux - Linux distribution with security focus http://www.kali.org/

Nothing on this page effectively answers the single most common response to mass surveillance:

"Why should I care if they read my emails? I'm not important and I don't do anything wrong. If it helps them catch terrorists, who cares?"

Until this question is answered clearly and effectively, nobody except all those splinter groups represented by so many logos will care about this.

The fact that an insider-heavy oversight panel said this stuff is ineffective and intrusive and should be stopped seems like a strong point, even if you value nothing more than the billions of taxpayer dollars.

I'm going to make the assumption here that you would not be happy with your government installing and monitoring surveillance cameras in your home bathroom.

This isn't really all that different; it's just your private communications being observed, instead of your private parts.

Follow it with this question:

"As long as [the IRS] is [accused of] targeting [tea partiers], who cares? Besides from what I know they probably aren't."

... then tell them to fill in those blanks with something else. You might also follow it with this line of reasoning:

"And I trust this party who's running things. And I trust the other guys will never be in power again. Because that would be a healthy democracy, and my guys would never overstep their boundaries."

Hopefully the ironies, contradictions, vulnerabilities, and fallacies are so plain little more need be said, and you can then focus on how to address the issue, since it's agreed there's an issue.

Did you watch the video? Didn't the parts about protecting what our founding fathers fought for and preventing abuses of power by elected official like Richard Nixon make sense to you?

To me your quote sounds like a smoker who has been shown evidence of a history of smoking causing cancer but prefers to ignore it and make excuses because its easier then accepting they need to make a change.

It's a post on /r/conspiracy, though. A good deal of people are going to be turned away by that fact.

I don't think this is the single most important question. Most people would not stand for their phone calls being listened to, email is not much different.

Snowden, the NSA scandals and the subsequent political and media responses are very clear example of our right eroding. But, they are mostly concerned with the US Government and US citizens.

This is a global fight. The perpetrators and the victims are everywhere.

So the suggestion here is to "fight back" by asking politely the people who are abusing you to please stop.

Thats what it seems like to me too. Can someone explain how this is not just another slacktivism thing? Hashtags and banners on a website...

In one day, nothing.

The objective of this is to generate awareness, and it is achieving it's goal.

My mother knows what the NSA is and sees the problem.

The only thing that might get us to a better place is to slowly change awareness and with it, will start the political pressure.

Why one day? a focused campaign will generate much more visibility.

Think of how fast the zeitgeist has changed for civil right to minorities, you'd be surprised, maybe in 10, 15 years privacy might be on it's way to being respected again.

Hashtags and banners are only helpful for raising awareness. Phone calls to congresspeople actually can have an impact. Congresspeople keep track of issues that generate a lot of phone calls, and it influences how they vote and what they spend their time on.

Picturing the scene at the NSA offices: Oh shit guys! They hit 100000 signatures, shut the machine down!

Did you miss the part where a new proposed law in congress could curtail NSA powers if enacted?

Well... We should tell TLAs to stop spying (we already did, long time ago, with obvious results). We should make such activity illegal (it is what's happening), because a big part of problem is secrecy and legal consequences leading to inability to tell anyone they're being spied upon.

But, indeed, sole laws are not proper security measure. And for some reason I don't see calls for any technical measures to make mass surveillance costly (and strongly believe it's necessary). We have locks and safes for a reason.

The Catch-22 is that if I had faith in my fellow Americans, then we would not be sitting in this deep well of depravity.

If you look at where we are, today, as a nation, how can anyone have hope? We're a nation that finds it more politically convenient to kill people by drones than to close Gitmo. We're a nation that, quite probably, kills people by drones simply because our leader promised to close a prison camp that would have normally taken said people, but can't now because it would be too visible and too much of a political issue to have people arriving to a place that is supposed to be closing. So America invents remote-control murder from the sky. You can't deny that we're a crafty, ingenious people.

Today we know that George Carlin was not cynical enough.

Just heard a report on Democracy Now, where the EFF spokeswoman interviewed raised some important points that shouldn't be overlooked regarding privacy rights and when searches take place, &c, but seemed to accept Obama's assertion that they are only looking at collected data when there is cause. From my understanding, that is false. It is probably true that they are only supposed to look at data when there is cause, but the reports of instances of "LOVEINT" - spying on (current, former, or potential) romantic partners - seem to indicate more access, especially the fact that the instances of such abuses as have been found were self-reported (so other misdeeds may very well be going undiscovered).

Great initiative, I've shared & supported it. But is compiling a database of (full) names and email addresses of internet dissidents really wise given that that's the very medium these organisations are abusing?

And would it be enough to deter a significant number of people from putting their details in and showing support?

Why do I have a feeling that this is like changing your Facebook picture because you think it might make a difference?

I get the same feeling.

From the website: Governments worldwide need to know that mass surveillance, like that conducted by the NSA, is always a violation of our inalienable human rights.

Sorry, but the governments of the world already know this. Obama, Merkel, Hollande, Cameron or Putin isn't going to stand up proclaim: "I'm sorry, we didn't know".

It's not that we shouldn't do anything, nor do I have the answer as to what we're suppose to do, but this, "The Day We Fight Back", is pointless. Changing your Twitter icon to green didn't stop the war in Libya, the Internet "Blackout" is already forgotten and just pissed people of, it didn't encouraged anyone to resolve or change anything.

'Internet "Blackout" is already forgotten and just pissed people of, it didn't encouraged anyone to resolve or change anything.'

SOPA and PIPA were defeated after several legislators changed their stance, purportedly in response to phone calls surrounding the blackout.

Yes, SOPA and PIPA were defeated with much fanfare and attention, while some different laws doing the same damn thing were passed just a month or two afterward.


Victory in the battle, not the war. But the ability to win a battle is huge.

True ... I just hate when a won battle draws attention away from a hidden, lost battle over the same ground, because in a way you're worse off if you think you won when you really lost.

Agreed. We need strategy as well as tactics, and we need to keep our attention trained.

mass surveillance... is always a violation of our inalienable human rights.

Whenever I see something like this, I think of Inigo Montoya:

   Protestor: They're taking away our inalienable rights!
   Inigo: You keep using that word. I do not think it means what you think it means.

Because you can recognize distributed narcissism at thirty paces?

What disturbs me is not once was Obama's image shown in this video. More than anyone he is the person pressure should be put on to start change(no pun intended).

Before we knew the extent of surveillance we saw images like this of Bush: http://www.funny-games.biz/pictures/648-vampire-bush.html

I never had to go looking for the imagery above during Bush's tenure it was everywhere. Where is it now for the current administration?

Obama is the Smiler.

Since you guys are reading this, a huge thanks for putting the time and effort in to organize this. Here's hoping you are able to keep that up for the long haul.

The suggested script is kind of awkward if your representative is already supporting the USA Freedom Act. However, even if they are already in support, it seems important to let them know you have their back on this, and that your future support will continue to be contingent on their stance on surveillance-related issues (if indeed it is). I know not of these things from a political angle, but the following seems reasonable to me

1. Start the call by asking if they're cosponsoring of the USA Freedom Act.

2a. If they are not, use the script, it makes sense.

2b. If they are, thank them for their support of this bill. You can also let them know how important these surveillance issues are to you and the extent to which your representative's actions on these matters will affect your behavior at the polls and in donations.

Just a heads up to those planning to call (please do!). I felt kind of silly finding out that the first senator on my list was already a cosponsor after reading through the script, and wanted to save others the minor embarrassment. It should feel good to call your representatives and express your support for such important issues!

That aside, this is a really great campaign. Thank you so much to everyone who put it together and made it happen!!

"Each time a man stands up for an ideal, or acts to improve the lot of others, or strikes out against injustice, he sends forth a tiny ripple of hope, and crossing each other from a million different centers of energy and daring those ripples build a current which can sweep down the mightiest walls of oppression and resistance.”

Senator Robert F. Kennedy, June 6 1966 (South Africa address)

FYI as of 11:30am ET there are approximately 5,000 calls per hour going into Congress right now through this effort. Keep it up everyone!

I'm going to play devil's advocate here and suggest that if political involvement is what we're shooting for, robo-calling your representatives isn't the best way to achieve true reform.

Pissed that the NSA (or insert gov agency here) is running amok? Get involved in your government, vote out the lawmakers who let/made [it] happen, and advocate for and vote in representatives who will invoke the change you want.

Appealing to the public in this manor encourages laziness and while it may be "practical" (as we can't expect everyone to throw themselves into the process) I don't think it's the best long term solution.

Not trying to torpedo this movement but I cringe whenever I see the words "script" when talking about invoking political or societal change.

Can you give us a list of "representatives who will invoke the change you want?" Are there any?

You are correct, though, that following the DC pattern of "follow this script while calling your congresscritters" is insufficient. This turns privacy advocates/Internet users into just another special interest group -- which is dwarfed by AARP (40+ million members) or the NRA (which managed to defeat congressional efforts at more firearm restrictions last year despite the most favorable climate for gun banning in two decades).

The HN community can do better than mere phone calls. Here are some of my suggestions from 12 years ago: http://news.cnet.com/2010-1023-971115.html

Great article, I enjoy the input from someone who was or is "inside DC" and isn't looking at this issue purely from a tech/IT angle. I'm not suggesting I have a list of lawmakers to vote out, just that in an effort to enact political change we should become part of the process, not just the members (as you stated so well) of another special interest group.

Oh sod off.

The point about things like this is that by raising awareness and getting people on board to do concrete action, we move the "collective consciousness" in the direction we'd like to see it go. Imagine if 20 years ago everyone had that attitude about gay and lesbian rights. Imagine if 80 years ago everyone had the same attitude about equal rights for minorities.

You people are jackasses. Just because someone can't dedicate their full time job to fighting this doesn't mean they don't care or are lazy. And even if they did dedicate their full time job to it, what exactly do you suggest they do? The first thing that comes to mind to me is that they should start trying to rally others. Which is, as it turns out, exactly what is being done here.

I suppose it's common knowledge now, but a lot of people seem to think a phone call will get more attention then an email in political scenarios.

It's a matter of effort, I suppose... "proof of work" as the bitcoin people talk about. Clicking a button is less effort than making a phone call and talking to a person.

Or... do both! and more!

This is a good initiative, but I still find it depressing that we have to fight entities operating outside the law or in violation of it, using methods strictly within the boundaries of the law. It's not a fair fight and it's not likely to be successful.

Ultimately, uses of technology reflect a society's values. Unfortunately, mass surveillance will be a mainstream value until the fear of terrorism fades. As frustrating as it may be, all the protests in the world won't make these values mainstream.

Consistently, through history, fear of terrorism is what destroys democracies. We need to make these values mainstream.

If the organizers really want to make a difference, the site should replace the words "call and email" with "buy and pay".

Acutally that would make a lot more sense, having a: "Click here to fund our own lobbying group".

Just called my representative of district 7 and told her to support the USA Freedom Act. Hope more people call.

I get the following message when going to the page to email my legislators:

Heroku | No such app

There is no app configured at that hostname. Perhaps the app owner has renamed it, or you mistyped the URL.

First off, way to go with all of this. While I don't believe in "raising awareness" in general, I think this is the best way to keep this in the spotlight.

There's one thing to keep in mind though. I don't think any of us actually hate the NSA (in particular), or your local version. The piece I hate are the policies and their implementation. I'm sure that like all organizations there is some work being done by the NSA/CIA/FBI/KGB.... well maybe KGB was going too far.

I'd love to see links in this thread to the other ways people are supporting the struggle, whether it's blog postings, tumblrs, or something else. In that vein, here's my blog posting:


I think some people are missing the point, this is clearly intended to raise awareness, nothing more.

On the US side it's primarily about creating an opportunity for pro-privacy legislators. Specifically, the legislative goal is to push through the passage of the USA Freedom Act with amendments to prevent the NSA from undermining encryption standards and to protect the rights of non-Americans.

Raising awareness is definitely part of it too, but it's not the main objective.

I find it a weirdly ironic that a protest opposing government collection of personal information, such as political affiliation, from opt in data stores on the internet consist of declaring your political affiliation in an opt in data store on the internet.

All the logos in the world aren't going to make foreign organizations trust American companies with their data again.

The blow to trust has been struck. Operating a data processing or data storage business inside US jurisdiction is now a liability.

It's time to leave.

I sent an email, but I'm not a fan of the auto-opt-in of the random mailing list.

Nice to see this is now a link at the very top of HN. Well done to everyone involved.

So what I find interesting is that as of 4:38pm EST this page has: * 72,000 tweets * 312,000 FB likes * 21,000 G+ shares

At the same time... there 54,700 calls made and 114,122 emails sent.

The number of social media shares is almost double the number of people that followed through with the "call to action" here. Why?

If you are publicly passionate about the cause, I think you would do both (social media share + contact legislator). If you were privately passionate about the cause, you would just do the later; contact legislator.

But what is your mindset if you share this via social media, yet don't actually follow through with the call-to-action yourself?

In my opinion, the front page should really, really highlight the call-back-and-show-script feature. Sending this out to family and friends, this is the piece I really want them to see.

I'm all for this (fighting back) ... but (and I sincerely don't mean to be cheeky) but how exactly is putting a banner on your website 'fighting back' ?

The goal here is to get people to call their senators and congress reps to influence passing the right laws. You can contribute by calling yourself, or encouraging others, or doing both.


What is going to happen with the script after the campaign? https://github.com/tfrce/thedaywefightback.js/issues/98

My personal view: I still don't get why it is bad, #pleasesurveilme --> https://twitter.com/stefek99/status/433307672838819840

Wow, so much negativity here. The whole thing does seem a little disappointing, but we have to start somewhere, don't we?

Added to our (moderately large) site.

I like the idea of the "enter your phone #, we'll call you and show you a script, then connect you".

But I wish there was also a link for a more traditional "here are the phone #s of your representatives and a sample script".

With the latter, I could just print out that page and find a private place at work - away from my desk - to make the brief phone call.

The irony to me is that they have two of the worst offenders when it comes to mass surveillance advertised on the side of the page. Facebook and Google, despite their attempts to say they weren't aware of the NSA gaining access to their info, are probably just as much of a threat to privacy as the NSA total information awareness.

It goes like this: let the private companies run wild when it comes to privacy violations, and then gobble up all their data via national security letters, subpoenas, secret taps via NSA tech, and warrants for higher profile stuff and then only if desperate, and that is assuming an adversarial nature between the private sector and the government. In fact the C-levels are often directly approached and goaded into silently and secretly cooperating. (and if they refuse, ala Quest, they get targeted by the system)

Of course there is the matter that it is governments who will take the surveillance information and then act upon it, making them the slightly more evil evil in the room, but that does not negate the issue of private sector mass surveillance that is for sale to the highest bidder.

I've been one of those who has ranted about the dangers of the NSA since the late 90's, and now that it's a mainstream issue, it seems to have taken on a "oh yeah, the NSA is bad! stop that surveillance" kind of hipster social wave that lacks any kind of detailed nuance or explores the origins and destinations of this admittedly huge issue.

Yes, the surveillance is unconstitutional. So have been many of the other activities our American oligarchic powers have been engaged in over the past decade, including the assassination of American citizens without due process.

All of these things point to a much more deeply rooted issue than simply "surveillance", namely, that our fundamental governmental structure is in ruins as a result of a combination of corruption and apathy that has gutted the already precariously positioned checks and balances system.

Russ Tice has said he held in his hand the wiretap papers for a then hopeful senator from IL, who happens to now be in the Whitehouse. Are we really so naive as to think that Obama is clean coming from such a notoriously corrupt political arena? The intelligence agencies have been using the same techniques for ages, namely, bribery and threats. Russ Tice has also said he held in his hands the papers for judges who now sit on the SCOTUS, and FBI whistleblower Sibel Edmonds has a source who was responsible for vetting potential judges (up to SCOTUS level), and according to her, he said that anytime a judge came up clean, he was immediately removed from the roster of potentials. The implication being that only controllable people are allowed.

The point is that all three branches of government are corrupt and no longer (if ever, don't mistake that phrase for golden day idealism) functioning as servants of the people and defenders of the constitution (I wonder what the legal importance of oaths really is these days, because I seem to be surrounded by oath-breakers(USMC combat vet)).

And of the three branches, it is the executive which lords it's power over the other two.

The really sad part is that it seems to be the private sector which lords power of the executive. This is the trail of breadcrumbs that truly concerned people need to start discussing, researching, and following. It's very difficult to do. It's hard to track down the global supranational corporate structure. I am still often referencing this paper: http://arxiv.org/PS_cache/arxiv/pdf/1107/1107.5728v2.pdf

Oh, and as far as technological surveillance goes, there are two main starting points. 1) open source EVERYTHING (especially our trackers ahem cellphones) 2) decentralize everything possible. That is how we gain control of our data back... but that's becoming more and more difficult.

Honestly, I think RMS was simply a man far ahead of his time, and the history books (if he isn't wiped from their pages) will refer to him as a visionary in a sea of overly pragmatic corporatists who failed to see the big picture.

I could go on quite a bit about this, but that's where I'll leave it for now.

As I've said before, I wish I could upvote 10x ...

Including a third party javascript to protest and spread awareness about mass surveillance... That seems a little ironic.

It's opensource, check it out: https://github.com/tfrce/thedaywefightback.js

It being closed source or not isn't what makes it ironic. Enticing people to include a <script> tag on their website that then makes their visitors download a .js that will leave an entry in cloudfront's log file documenting that your users visited your website (via the referrer url) is what makes it ironic.

I'm not getting any feedback in Chrome or Firefox (Mac OS X) that my signature has been registered... what a shame!

Trying to fix now!

Same for me (Firefox on Linux).

Great to see this being done. I wonder what number of emails a typical member of Congress must receive before they take note of an issue. Furthermore, how many emails does it take to sway their opinion on said issue, or are dollars the only medium that can induce the wild thought of reevaluating one's perspective.

"THE DAY WE FIGHT BACK AGAINST MASS SURVEILLANCE" ... by entering your phone number and email address. LOL!

Odd. The call count seems to go up and down with every refresh.

Also, when you call the 202 number instead of having it call you, you the message talks about something related to the trans-Atlantic partnership, not the NSA issue.

Thanks for putting this together. I called and was pleased with the experience. Really hope some good comes of this.

Posted this up on our Meetup Group & sent out an e-mail to ask members to participate. One person left the group due to this. Funny thing is, she works for Cloudera!


It is treat as a "Tin Hat" issue, or a Occupy Wall Street movement. The people in my circle (several hundred) see this as a non-issue.

We have an issue of education and clear message. Especially how this counters the Constitution.

Maybe a push for everyone to read "1984" :)

I think that 1984 references, while apropos, are counterproductive. 1984 isn't documentary, and it's not prophecy; it's fiction used to make some political points. It is entirely reasonable for someone to not weight it very highly, in their assessment of likelihoods in the real world. Those not already sympathetic see comparisons to 1984 as hyperbole, those making them as out of touch with reality, and it doesn't help us seem less "tinfoil hat". Actual and potential abuses, with historical analogue, should be substantially more important - though precise reaction is hard to judge (can we get some polling done?)

Let's all add an external javascript file to our site, that will sure stop the tracking.

The privacy policy link (international version) points to a page written in Serbian. For a campaign all about privacy, really surprised about this. Sorry, I can't give you my name and email if I can't read your privacy policy.

I wish the "send email" button is more responsive, or at least shows some kind of progress. Clicked once and nothing happened so I thought I misclicked or missed and clicked a few times more, resulting in 6 emails. womp womp!

I don't see the point, so what if legislation is changed, the NSA and all the other clandestine agencies will operate outside of the law because they are untouchable.

Might just as well play flappy bird instead, it will do about as much good.

I felt compelled to give a fake address for fear of automated reprisal. If the NSA builds up enough of an anti-surveillance (in their minds anti-American) dossier on me, I could be added to the no-fly list or worse.

If you fear that now just imagine if no changes are made and the NSA & US Gov't are allowed to continue stomping on your rights. At some point you must stand up for yourself and others for you may not have the chance in the future.

If it gets to the point of the NSA adding people to no-fly and/or worse actions being taken, the situation would become hostile and more dangerous than the current peaceful political debate.

How much traffic can your infrastructure handle?

Would it be too much to ask for an easy to clone repo (github?) that would allow one to serve the content directly rather than by including some 3rd party javascript widget?

Calling it fighting is a bit of stretch, if you're still paying taxes.

I called the three New Mexico lawmakers through the tool, and was able to reach human beings at all of the offices (Senators Heinrich and Udall and Representative Luján). Thanks for making it so easy!

Asking politicians who have broken laws in secrecy to stop being secretive and stop breaking laws isn't going to work. The only useful course of action is to vote them all out of office.

So...the number it tells me to dial (202) 999-3996 tells me I'm calling to fight the Fast Track for the Trans-Pacific Partnership. This isn't related...could someone fix this?

The best laid plans. I received that message. I tried to use it anyway. It successfully connected me to Howard Coble's office (I'm in NC), and I communicated the message to an assistant. The recording then said it was connecting me to Richard Burr, but immediately seemed to think the call was over and said "You're doing great". Finally, it successfully connected me to Kay Hagan's office, but 5 seconds into her recorded message everything went silent. That was it.

So this is an NSA honeypot to collect email addresses... right?

Great idea for the Call Congress feature.... however when I tried it would not accept my zip code. I hit 9-8- "Sorry we don't recognize your zip code"

Man I wish campaigns like this would happen for issues I care more about. For example, guantanamo bay or climate change or corrupt elections, etc

Can we be a little more digitally violent in our protest?

For example, crowdsourced black hat hacking bad links to any companies funding NSA loving politicians?

To your call for violence, I make a similar call: let's make sure we don't and instead adopt a more visible but equally peaceful approach.

so passive. :/

This is the only comment in any of the NSA articles that actually justifies the existence and mission of the NSA. You should delete it.

Should be a year of fighting back and it should be 2015 and we should plan the hell out of it to the point of people fearing it.

Why not just demand that the NSA to be disbanded?

I mean... does anyone have any evidence to indicate that we need it?

Oh, a flash protest, one that seems to have been announced with a press release only yesterday and pushed by the EFF just one hour ago.

Well, it is too short notice for me to invest the time to black out my website, so I will not be supporting this. Maybe there will be a similar action next year that I will support, if it is better advertised beforehand.

It was announced here a month ago: https://news.ycombinator.com/item?id=7037548

What did that page say back then? I missed that story. I subscribe to several EFF feeds and I recall nothing about a Swartz anniversary protest.

Maybe you're not on the EFF email list or Facebook group? They've been promoting this for several weeks (actually too much for my liking, so it's interesting for me to hear that others weren't aware of it).

Can you be any less likable if you tried? It's been advertised, you just haven't seen it.

That's not entirely their fault, advertising is not free. You don't have to be all snobby about it. Sheesh.

I would make the source code for the android and iPhone apps available.

Looking at results, it could be: "...the day we step back."

I used my zipcode in AZ and it worked great.

Hilarous, homus lupi est. Homus spy est.

This gave me a chance to collect my thoughts. I sent the following email to my representatives. Thanks, Sina, for your role in organizing this.


I think I understand what is going on. The folks at the top look at all the huge centralized information stores like Facebook, Google, Verizon, etc., and I guess they think, "well, it's gonna get collected anyway, so we may as well have access to it." President Obama actually hinted at this line of thinking when initially caught off-guard by the Snowden revelations. Instead of responding directly, he deflected, suggesting that what we really needed was a larger conversation about mass collection of data, i.e. not just the collection by governments.

The trouble with mass data collection, either by governments or private entities, is that it gives the possessors of such information extreme amounts of power. Left unchecked, it will almost certainly lead to severe economic and political corruption. The free market is compromised when a small group of people can spy on the private communications of executives and other business people, for example by stealing trade secrets or conducting insider trading. Meanwhile, democracy is compromised when politically active people, including politicians and activists, are made subject to intense scrutiny. Since virtually no one is totally free from legal or moral wrongdoing, the possibilities for politically motivated blackmail and retaliation are massive. And of course the data collection has serious chilling effects on free speech and freedom of the press.

If no course correction is made, the U.S. will become more and more oligarchic, more and more like China and Russia. This is unfortunate not just for its implications vis-a-vis individual freedom, but also from a larger perspective. This century we are faced with a diverse array of extremely difficult problems: economic, political, social, and environmental. Non-democratic governments have a historical tendency to fight with one another rather than cooperate, so it is hard to imagine how we will effectively confront these problems in the absence of strong democratic institutions.

What worries me is that some of the people in positions of power may actually believe that this massive data collection is somehow necessary to protect Americans from terrorism. But it is patently obvious that terrorism is not, and never has been, a serious threat to the personal safety of most Americans. Over the past two decades, something on the order of 800,000 men, women and children have died in car crashes, while around 3,000 have died as a result of terrorism. If this were a matter of saving lives, we'd be much better off fighting a "War on Car Crashes" than a "War on Terrorism." If this is purportedly an economic issue, i.e. the fear that a dirty bomb will go off in Manhattan and upset commerce, well, the fact is much worse things have happened (i.e. Hiroshima) and economies have recovered. This perspective may sound cynical, but in truth it is idealistic. I am not dismissing the tragedy of the death of perhaps thousands of people, but rather saying that, for the sake of a free and democratic society, such sacrifice is worthwhile.

The idea that "collection is going to happen anyway, so we may as well have access" is not unreasonable, but it is ultimately self-defeating. What we need is real leadership on this problem. Not only is there no strong voice against mass data collection, but the overwhelming thrust of the government is to reach its tentacles as deeply into the data gathering machine as possible. Instead of working to lessen the danger, the government is acting to accentuate it, amassing and centralizing even more data, and meanwhile using its media access to legitimize such activities to the public.

Again, what is needed is strong leadership. We need a group of people at the highest levels of federal power to put up a fight in congress and explain clearly to the American people why, in fact, we are on a very dangerous road. If not corrected for, this road will lead to the end of the democratic experiment, and a very uncertain future for our children. I hope that you, as my elected representative, will seriously consider taking a stand on this issue.

Just one day?

Distributed Denial of Misservice Attack

Meanwhile in the NSA canteen: "and then they said 'today we fight back' and this time they REALLY meant it, they even had banners you could copy on your website!" massive laughter

Gotta love slacktivism.

And what would be your proposal for an alternative? That is also capable of involving, if even a tiny bit, the amount of people this idea probably will?

There are potentially a lot of other ways to achieve the same goal, but if we don't hear them, we can't analyse/debate and decide to act upon them.

Not being sarcastic or anything, but if you do have an opinion on how to change/make this better, by all means please do so!

You want to fight back? Turn off Google services, MSFT services, Facebook, Youtube, Yahoo, DDG, Reddit, Tumblr, etc. for a day, that'll raise awareness like never before. But all these companies don't really care, do they? A day's worth of profit is more important.

This does not mean they care more than someone posting angry anti-nsa comments on reddit. It ain't gonna change a thing

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact