Skip to main content

View Diary: Julian Assange Spills the Beans --> PRISM (200 comments)

Comment Preferences

  •  No expectation of privacy (36+ / 0-)
    I guess the real lesson here is that we need to no longer expect that our personal communications via electronic media are to be considered private on any level.
    There has never been the expectation (at least on my part) that my personal electronic communications, including this comment, are private or secure on any level.  That's why I read TOS's rather than just "agreeing" and then flying past that page during the signup process on any website.

    Facebook and Twitter are the crack cocaine of personal communication.  I no longer have accounts on either.

    The real lesson here is that people should have been paying attention since they signed up for their first email account many, many years ago.  There are quite a few computer pros here on DKos, including me, who have been banging this particular drum for a long time, mostly to no avail.

    "Mitt who? That's an odd name. Like an oven mitt, you mean? Oh, yeah, I've got one of those. Used it at the Atlas Society BBQ last summer when I was flipping ribs."

    by Richard Cranium on Mon Jul 08, 2013 at 08:44:58 AM PDT

    [ Parent ]

    •  and yet a subpoena is needed (13+ / 0-)

      for the access and presentation of personal emails in any court in the nation (I guess, except for FISA). . .

    •  banging the drum (11+ / 0-)

      I'm surprised, but I guess I shouldn't be, that no one at DKos except a few old computer pros seems to remember Phil Zimmerman and the whole PGP thing.  

      Although I haven't kept up with encryption technology since 2007 or so, according to Wikipedia (yes, I know), as of about that time "the government" was still unable to decrypt PGP-protected communications and instead resorted to "rubber hose cryptanalysis" to get what they were after:

      A more recent incident in December 2006 (see United States v. Boucher) involving US customs agents and a seized laptop PC which allegedly contained child pornography indicates that US government agencies find it "nearly impossible" to access PGP-encrypted files. Additionally, a judge ruling on the same case in November 2007 has stated that forcing the suspect to reveal his PGP passphrase would violate his Fifth Amendment rights i.e. a suspect's constitutional right not to incriminate himself.[6][7] The Fifth Amendment issue has been opened again as the case was appealed and the federal judge again ordered the defendant to provide the key.[8]

      Evidence suggests that as of 2007, British police investigators are unable to break PGP,[9] so instead have resorted to using RIPA legislation to demand the passwords/keys. In November 2009 a British citizen was convicted under RIPA legislation and jailed for nine months for refusing to provide police investigators with encryption keys to PGP-encrypted files.[10]

      We must drive the special interests out of politics.… There can be no effective control of corporations while their political activity remains. To put an end to it will neither be a short not an easy task, but it can be done. -- Teddy Roosevelt

      by NoMoJoe on Mon Jul 08, 2013 at 09:25:28 AM PDT

      [ Parent ]

      •  May have been the case six years ago (7+ / 0-)

        I firmly believe they're hoovering (interesting choice of term, I know) up all the emails and such because while something wasn't possible six years ago, ever more powerful computers and ever more powerful programs can crack these encrypted items eventually and if they have them in storage, there's no problem to produce a warrant to a friendly FISA judge to go back and look at things when they want to.  So what may have been safe six years ago might be five minutes of cracking now.  What's safe now might take five minutes in a few years.  I think that's a pretty safe assumption.

        •  Currently, I am using a Tor Browser and CryptoChat (12+ / 0-)

          Anonymized encrypted traffic....for the most banal of chats with friends.

          All encrypted traffic, just to waste the NSAs time and my tax dollars. If they are going to spy on me, I am making them work for it. If I am paying for it...well, at least I get to spend some of it on myself.

          Put an OS on your router that doesn't use NSA-based encryption AND reports all outside originating inbound traffic.

          It doesn't matter how hard you try to hide, they will save it for later. They have access (thus, ownership) of the hardware that routes all traffic.

          The point is that our government needs to be snapped out of the secrecy bullshit. If they were open and honest (and legally required to be so), and focus on real threats (heart disease, cancer, hunger, texting while driving) that kill more Americans each year than any terrorist could ever hope to kill, we would be better off.

          The hyper-scary bogeymen that they are fighting can't even compete with the death toll from texting while driving!

          Fucking cowards hiding behind National Secrets!

          Another flaw in the human character is that everybody wants to build and nobody wants to do maintenance. Kurt Vonnegut

          by ToKnowWhy on Mon Jul 08, 2013 at 10:47:23 AM PDT

          [ Parent ]

          •  You DO know that..... (5+ / 0-)
            Nothing stops the operators of PRISM from operating TOR exit nodes

            You have no way of positively identifying which exit node is under the control of the entities you are trying to hide from

            SSL traffic CAN be (and is known to have been) intercepted and decrypted under certain conditions (think M-i-M) which are similar to what is being described here

            The gist of this particular diary is that the entities in question have unfettered access to the platforms in question

            In the legal interpretation of these entities, the mere act of using encryption reduces the level of legal protection that your communication can be afforded - you see, because the communication is encrypted, they can't tell that it has ANY constitutional protection unless (and UNTIL) they have been able to peek in first to determine that fact

            I sure hope that you know these things. In light of what we are reading and hearing about these things, it'd be a disservice to your reader to offer them some measure of "safety" where none exists.
          •  Golf Cart accidents kill more American each year (3+ / 0-)
            Recommended by:
            JohnnyBoston, ColoTim, ToKnowWhy

            than terrorists do. I can't actually find a citation for that but wouldn't be surprised if it was true.

            Reaganomics noun pl: belief that government is bad, that it can increase revenue by decreasing revenue, and unregulated capitalism can provide unlimited goods for unlimited people on a planet with finite resources.

            by FrY10cK on Mon Jul 08, 2013 at 12:10:33 PM PDT

            [ Parent ]

          •  I'm also looking at firmware for my router. (0+ / 0-)

            So far I'm favoring Tomato over DD-WRT.

            Reaganomics noun pl: belief that government is bad, that it can increase revenue by decreasing revenue, and unregulated capitalism can provide unlimited goods for unlimited people on a planet with finite resources.

            by FrY10cK on Mon Jul 08, 2013 at 12:11:41 PM PDT

            [ Parent ]

            •  I have recently started sharing (1+ / 0-)
              Recommended by:
              FrY10cK

              My wifi hotspot from my truck, using Legitimate WiFi as the SSID with no key and a Tomato Build for logging...makes being a soccer dad very fun.

              Another flaw in the human character is that everybody wants to build and nobody wants to do maintenance. Kurt Vonnegut

              by ToKnowWhy on Mon Jul 08, 2013 at 02:31:46 PM PDT

              [ Parent ]

              •  Sorry for my dunderheadedness. (0+ / 0-)

                I've put custom firmware on my old (now defunct) Linksys router but I'm definitely not a router (or Linux) expert.

                Is it the snooping on wifi traffic that is fun? No disrespect intended. Seriously.

                I've been thinking about mesh networks a lot lately and how ordinary people with low power machines (new low power CPU's powered by a small solar PV panel) could keep the internet free from a gov't gone out of control of the people it is supposed to serve.

                There's also digital signals via Ham radio (analog baud rate slow if I recall correctly) and SDR (Software Defined Radio).

                I'm obviously out of my depth here but I'm looking at options to keep communication free as my gov't descends into what Der Spiegel called "soft totalitarianism."

                Reaganomics noun pl: belief that government is bad, that it can increase revenue by decreasing revenue, and unregulated capitalism can provide unlimited goods for unlimited people on a planet with finite resources.

                by FrY10cK on Mon Jul 08, 2013 at 03:11:34 PM PDT

                [ Parent ]

                •  It is nice to have a wifi connect (0+ / 0-)

                  Everywhere you go. I like to play with packets of data. I was an infrastucture guy.

                  The folks that use my connection to get out to the internet are all safe.

                  We have many very talented kids in our bedroom community for the Silicon Valley.

                  I play with the kids that try to hack into the router and take control.

                  I learn new techniques of forced entry and ways to dodge their attacks.

                  On the topic of SDR: I love that stuff! I was a big ham and scanner listener back when I was home bedridden as a kid. SDR gives me decrypting and modulation tweaking on the fly.

                  I have a few remote units set about town that give me a 3D radiomagnetic landscape of my area. With a frequency halver and doubler, I am able to cover almost all radio communications in the area.

                  All from a few little $50 USB dongles and some Raspberry Pi!

                  Another flaw in the human character is that everybody wants to build and nobody wants to do maintenance. Kurt Vonnegut

                  by ToKnowWhy on Mon Jul 15, 2013 at 07:55:56 AM PDT

                  [ Parent ]

              •  Also, I selected the ASUS RT-N16 (0+ / 0-)

                http://www.newegg.com/...

                as my new router because I plan to flash it with Tomato firmware.

                Reaganomics noun pl: belief that government is bad, that it can increase revenue by decreasing revenue, and unregulated capitalism can provide unlimited goods for unlimited people on a planet with finite resources.

                by FrY10cK on Mon Jul 08, 2013 at 03:19:22 PM PDT

                [ Parent ]

        •  Yes, indeed. (2+ / 0-)
          Recommended by:
          New Minas, ColoTim
          ever more powerful computers and ever more powerful programs can crack these encrypted items eventually and if they have them in storage, there's no problem to produce a warrant to a friendly FISA judge to go back and look at things when they want to.
          As I understand it, that's one of the main reasons behind that huge center in Utah.

          Still, I suspect that it will be quite a long time, if ever, before the NSA achieves the capability to do mass decryption of all the collected data.  If, however, you become "interesting" to the security apparatus, they can go back, search the unencrypted metadata, and then focus their decrypting power on individual items.

          We must drive the special interests out of politics.… There can be no effective control of corporations while their political activity remains. To put an end to it will neither be a short not an easy task, but it can be done. -- Teddy Roosevelt

          by NoMoJoe on Mon Jul 08, 2013 at 11:58:16 AM PDT

          [ Parent ]

      •  This is a compelling reason... (1+ / 0-)
        Recommended by:
        New Minas

        ...to do two things:

        Use strong encryption for routine matters so that such communications don't appear suspicious.

        Generate a new set of keys and use them to encrypt random data. Post that encrypted data in various places and retain copies locally, but destroy the keys and wipe any media they ever resided on. It's better if the data is genuinely random and unknown to you; given the clear text I imagine that key recovery would be much simpler. Something like a jpg of noise, perhaps?

        •  Another Layer Of Defense (2+ / 0-)
          Recommended by:
          Sunspots, New Minas

          Some disk-encryption programs such as TrueCrypt make it possible to create a hidden volume with a separate password, such that revealing the first password will expose only the top layer of files without revealing the content or presence of the hidden ones (accessed via a different password).

          On the Internet, nobody knows if you're a dog... but everybody knows if you're a jackass.

          by stevemb on Mon Jul 08, 2013 at 11:05:42 AM PDT

          [ Parent ]

          •  I've never used TrueCrypt (3+ / 0-)
            Recommended by:
            Sunspots, New Minas, kyril

            ...but I've heard many people speak favorably of it.

            I personally don't have information that I care that much about keeping secure, but neither am I going to volunteer it.

            There was a sidenote to the Snowden leaks that went largely unnoticed, though... the NSA claims that if they "inadvertently" collect content (not meta-data) on US persons, they destroy it except if "there's evidence of a crime" (how would they know that unless they look at it warrantlessly?) or if the data is encrypted... in which they retain it for 5 years. Sorry, I don't have a citation for that.

            Apparently using encryption results in the presumption of guilt. By needlessly using encryption and polluting their database with sense-free encrypted content, a message is sent that privacy is of value to people other than criminals.

            Hmm. The NSA is a heavy user of encryption. We should therefore presume them guilty of all the allegation, right?

    •  I don't think you can delete your (3+ / 0-)

      fucking facebook account anymore than you can delete  my fucking account kos.

      Someone here said you can't delete anything on Snoopbook, only hide it from yourself.

      give the NRA the Royal Flush join Stop The NRA

      by 88kathy on Mon Jul 08, 2013 at 10:53:32 AM PDT

      [ Parent ]

      •  You can delete your Facebook account (4+ / 0-)
        Recommended by:
        88kathy, Loge, wasatch, kyril

        They don't make it easy, and it isn't an instant process, but it can be done.

        http://deletefacebook.com/...

        "Mitt who? That's an odd name. Like an oven mitt, you mean? Oh, yeah, I've got one of those. Used it at the Atlas Society BBQ last summer when I was flipping ribs."

        by Richard Cranium on Mon Jul 08, 2013 at 11:00:32 AM PDT

        [ Parent ]

        •  But (0+ / 0-)

          If you read the Facebook agreement, even of you don't post, but someone else posts about you, or uploads a picture of you, or tags you in a picture, Facebook owns that info.

          By agreeing with all the social network agreements, are we, in a sense, giving up some of our privacy?

          •  Anyone can post info about you anywhere (0+ / 0-)

            The only way to even get an inkling that such data exists is to occasionally google your own name.   And, IIRC, no one can tag you in a photo on Facebook unless you're a Facebook member.  They could caption a photo with your name, I suppose, but that's about it.

            I guess my larger point is, why shoot yourself in the foot by posting the details of your life online under your own byline, unless it's a professional necessity?

            "Mitt who? That's an odd name. Like an oven mitt, you mean? Oh, yeah, I've got one of those. Used it at the Atlas Society BBQ last summer when I was flipping ribs."

            by Richard Cranium on Mon Jul 08, 2013 at 01:52:33 PM PDT

            [ Parent ]

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site