Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Privacy and Security


  • Please log in to reply
369 replies to this topic

#31 Stolen

Stolen
  • Topic Starter

  • Members
  • 669 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:21 PM

Posted 22 August 2013 - 09:41 PM

First, thank you to everyone for the debate and comments. Trying to get my head around several important things.

 

Here goes...

 

@quietman very disturbing. Hypothetically, could this eventually lead to the government having complete say in individual health care choices or prescriptions and approving or denying them rather than your own personal physician? The financial implications are awful to consider. The privacy and security implications are huge. And there is that little thing called HIPAA. I have not really looked at Obamacare closely but am aware many in the medical profession are quite apprehensive. And many young people are no longer studying medicine.

 

@yabba you are always full of much history and all kinds of interesting things...TY :)

 

@synergy thank you for all the insights, and …sorry but your tortie cat avi is kyoot.

 

Hi newbleeping…I do not know. I do think it is most important for people to be educated and aware, especially young people because they think, “Oh, it’s fine, I am not the one saying or doing anything wrong.” Is it really that simplistic?

 

@patriot. Thank you for clarifying your point. No, we are not so naïve as to believe this is ‘new’ news. Who said it is Snowden’s fault? Whistleblowers are supposed to be protected by Federal Law. He was smart enough to get out of Dodge, and the sad reality is, once you blow the whistle, your days are numbered. And that is also unfortunate. Again, blame should be placed with Congress and the Administration(s), not just the current one.

 

And last, but certainly not least, Animal posted in General Chat a link to another related article today: The German government is warning key entities not to use Windows 8. Why? Read it, i was blown away (by this and more). So, thank you.

 

Animal said it best, hope it is ok to quote him here, “Interesting development with the German government and their ideas on the NSA's reach. The title is a bit over the top, and rather sensationalist. But this is what happens when you get caught with your hand in the proverbial cookie jar. You can't put the genie back in the PRISM bottle.”



BC AdBot (Login to Remove)

 


#32 tellus

tellus

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:11:21 PM

Posted 23 August 2013 - 09:32 AM

Just the other night I watched an episode of the old show The Prisoner called "It's Your Funeral".  They introduce the concept of a group of "jammers" being active in the village... the idea being that the jammers constantly pretend to plot against the government in situations where they shouldn't be under surveillance so that the spies end up chasing their tails and doing a lot of paperwork that leads nowhere...  The places where you should be safe are the best places to plant the bugs, after all.  That's where you send the most gifted spies... 

 

In the present, there is no limit to the number of email addresses you can create and messages you can send.  Counter-espionage networks could be set up to make it too complicated to bother trying to monitor everything.  Just sayin :-)

 

I don't think most people realize the prevalence of espionage in the modern world.  William Gibson just wrote a trilogy of books about it (Pattern Recognition, Spook Country, Zero History).  They are an interesting read, considering that Gibson predicted more about how the future (present) is than Arthur C. Clarke ever did.  He's so good at it that his books are now written to take place in the present day and are 'fiction' despite the fact that they read like one of his sci-fi books that take place in the far-flung future.  Our present level of tech and the way we live has caught up with technological and sociological aspects of his predicted future.

 

Essentially, the military are schools for future free agent spies.  We pay for the military training and subsequent college education of the people that the corporations and governments then hire, sometimes on our behalf, to spy on us.  It boggles my mind that some people are acting legitimately surprised when someone says the gov't is spying on us - seems more like their playing dumb to the spies watching them!

 

What no one really predicted was that we would want to betray ourselves so much, so often!  I bet the CIA laughed their heads off when people started using facebook.  For free, we betray ourselves through words, pictures, and videos - all of it indexed and stored until we need to be ridiculed, blackmailed, silenced, controlled, prosecuted - you name it.  All of it indelible, instantly available, and ready for manipulation.  Anything you said from any time can be grabbed out of context and used to make a case against you.  When facial-recognition image search comes online a whole lot of people are going to be embarrassed - get ready to hit the untag button, America!  Those google spiders don't sleep.  But I digress...

 

We get to live in the world we make.  It's sort of been like this for a long time - nearly balanced.  Earth is paradise for us - we co-evolved with it.  We ended up the way we are because the earth is the way it is and vice-versa.  It's always been easy to survive on Earth without being very proactive...  Our suited-ness to our surroundings is the main limiter on average intelligence.  That being said, there is always room for improvement.  The time to change things is when you can't be strung up, excommunicated, imprisoned, blackmailed into silence, or otherwise punished for speaking your mind.  When things are 'pretty good', that's the time to try to make them great.  We're in a (temporary) arrested state of missing our chance to make things make sense for the first time in human history - possibly even backsliding into a situation we won't be allowed to get out of.  When you're foraging for taproots in a radioactive wasteland, quality of life is the last thing on your mind.

 

The fatal chink in the armor of fanaticism and zeal is the illusion that they are unwavering.  Intelligent, questioning individuals know that everything wavers - nothing is absolute.  It's up to us individuals to make sure that we increase in number as a group, if that makes sense :-)

 

I apologize if this seems like a long and rambling post, but I only point this stuff out because there is zero chance of making any headway by treating (or simply being aware of) surface phenomenae, such as the existence of a certain type of surveillance.

 

If you want to watch, The Prisoner is on netflix instant (I think) and crackle.com



#33 bludgard

bludgard

  • Members
  • 934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:No Clue Whatsoever, Western Hemishere
  • Local time:11:21 PM

Posted 23 August 2013 - 06:59 PM

The net has been monitored since it's inception.

Privacy, wealth and freedom are pie-in-the-sky illusions conjured by master magi and fed by our darkest fears and insatiable greed.

Only path back to privacy wends down a boring path of no electronic devices.... I remember the days.

We can change passwords more frequenly and/or encrypt transmissions; however someone has the key to decrypt.

 

Hell, just enjoy it while it lasts. lol

Tomorrow may not arrive....

 

Great reading, BTW. Thanks for all posts therein.

One

 

All but the last bit can be considered trash and disposed of accordingly.



#34 Stolen

Stolen
  • Topic Starter

  • Members
  • 669 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:21 PM

Posted 23 August 2013 - 10:59 PM

Tech Legal News Site 'Groklaw' shutting down citing email privacy concerns link here

omg



#35 Stolen

Stolen
  • Topic Starter

  • Members
  • 669 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:21 PM

Posted 24 August 2013 - 10:06 AM

coffee1-smiley.gif

good morning!  

 

@bludgard thank you! And that last sentence…that was good. lol

 

@tellus. I remember the Prisoner, but the version I watched was the 2009 remake/miniseries, and it was really good with Jim Caviezel, i think was same show, just remake. Coincidentally, in a nod to both technology, computers and surveillance, Mr. Caviezel also stars currently in Person of Interest on CBS, which story line is loosely connected. (Plot: A computer system was built by character named Finch for the government to use information gleaned from omnipresent surveillance to predict future terrorist attacks. Finch also discovered that the computer was predicting ordinary crimes. The government was not interested in that result, so enter John Reese, Caviezel’s character, former CIA and field officer). I remember the first episode was very good but have not watched the entire series.

 

Will have to check the Gibson books, had not heard of them before. 

 

I just have to quote those two things here:

“Military are schools for future free agent spies. We pay for the military training and subsequent college education of the people that the corporations and governments then hire, sometimes on our behalf, to spy on us.”

And

“I bet the CIA laughed their heads off when people started using facebook.  For free, we betray ourselves through words, pictures, and videos - all of it indexed and stored until we need to be ridiculed, blackmailed, silenced, controlled, prosecuted - you name it.  All of it indelible, instantly available, and ready for manipulation.  Anything you said from any time can be grabbed out of context and used to make a case against you.  When facial-recognition image search comes online a whole lot of people are going to be embarrassed - get ready to hit the untag button, America!  Those google spiders don't sleep.” 

 

hmmm, which to discuss ….

Facebook?

Facial recognition image search online?? or

Google spiders, please, please?


Edited by stolen, 24 August 2013 - 10:08 AM.


#36 Stolen

Stolen
  • Topic Starter

  • Members
  • 669 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:21 PM

Posted 25 August 2013 - 11:42 AM

Great article explaining encryption here. One note made by the author: “You might have protected yourself from the creep on the public Wi-Fi network, but did your doctor or accountant? Maybe not.”

 

And from another related article :

 

Last week, Mega chief executive Vikram Kumar told ZDNet that the company was being asked to deliver secure email and voice services. In the wake of the closures (LavaBit and Silent Circle), he expanded on his plans.

 

Kumar said work is in progress, building off the end-to-end encryption and contacts functionality already working for documents in Mega.

 

"The biggest tech hurdle is providing email functionality that people expect, such as searching emails, that are trivial to provide if emails are stored in plain text (or available in plain text) on the server side," Kumar said.

 

"If all the server can see is encrypted text, as is the case with true end-to-end encryption, then all the functionality has to be built client side. [That's] not quite impossible, but very, very hard. That's why even Silent Circle didn't go there."

 

A big issue is handling emails to and from non-encrypted contacts when Mega's core proposition is end-to-end encryption, Kumar said.

 

"On this and other fronts, Mega is doing some hugely cutting-edge stuff," he said. "There is probably no one in the world who takes the Mega approach of making true crypto work for the masses, our core proposition."

 

Kumar said Mega is taking theoretic sounding technology such as Bloom filters, and making them work for the masses. Work is also under way to keep Mega secure, even if SSL/TLS is compromised.

 

"[It's] exciting stuff, but very hard, so I think it will take months more to crack it," he said. "But Mega will never launch anything that undermines its end-to-end encryption core security proposition and doesn't work for the mythical grandmother."



#37 Stolen

Stolen
  • Topic Starter

  • Members
  • 669 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:21 PM

Posted 26 August 2013 - 07:56 AM

Open Sourcers Pitch Secure Email (entire article: here)

 

“Einarsson is doing his part with Mailpile, an open source web-based e-mail client that you can run on your own computer or in the cloud. With this creation, he hopes to make it easier for every day users to encrypt their mail — without giving up the sort of search tools they get from a service like Google’s Gmail. The team has already raised over $100,000 dollars on the crowdfunding site Indie GoGo to fund its future development.”

 

“I’d become addicted to being able to search and process large volumes of e-mail quickly,” he says. “When I started to become uncomfortable with using a proprietary solution living in the cloud I began to look for alternatives and couldn’t find anything. I had a realization of how I could design something that would function like Gmail on my own computer at home, so I wrote the code and it worked.”

 

“Novak’s biggest task is to make the application’s security and privacy tools more easily accessible to average users. Most major e-mail clients have plugins that add support for encryption — Mailvelope for Gmail, Enigmail for Thunderbird or GPGTools for Apple Mail, for example. But PGP encryption remains notoriously cumbersome to use.”

 

“Because those things are plugins they don’t have access to your entire client,” Novak says. “For example, the one for Apple Mail is really good, but it doesn’t have access to the address book.” He believes that tighter integration from the very beginning will make the difference.”

 

“Even if Novak doesn’t get the interface right, Mailpile is providing an open source platform that other designers can easily modify. Because it’s built on web technologies, such as HTML, CSS and JavaScript, web designers will have an easier time contributing alternative user interfaces and templates. He says that’s actually one of the biggest advantages to Mailpile: it will give people the chance to experiment with the platform in ways that you could never tinker with Gmail.”

 

 

 

 



#38 yabbadoo

yabbadoo

  • Banned
  • 510 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:21 AM

Posted 26 August 2013 - 03:15 PM

This thread opened with the announced closure of Lavabit Email services, a very small player in the Email providers team.

 

With Gmail, Yahoo and Hotmail  soaking up well over 1 Billion users and dominating the market, how come we have not heard any squeals from these Goliaths ?

 

It is  common practice in the market place  for small guys to keel over under the slightest problems, so the exit of Lavabit is no surprise, being a small sprat in a very large sea. If this US Government privacy intrusional pressure is so great and we have not heard a wimp from the big boys, what exactly are we getting so emotionally concerned about ?



#39 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,905 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:08:21 PM

Posted 26 August 2013 - 09:54 PM

My perception is it's not the size of the company that is an issue here. It's the fact that niche market providers who offer a different type of service than the Goliath's as you say are affected. What the government is doing directly affects their business model. It would be like telling a magician that now he has to use a transparent hat when he pulls a rabbit out for each performance, when the Goliath's don't even do that trick.

The government is attacking legal business models that they now feel they have a need to know things. When there are no laws against the business model. Instead of bowing to pressure to violate their business model, customer confidentiality agreements/TOS and 'play along' by Uncle Sam's new rules. They chose instead to cease doing business as a moral and ethical choice. The reason the Goliath's aren't in play here is because they already dance to this tune and have for years. Somebody finally said NO I won't and thats what you're hearing. Somebody dared say no loud enough that everyone is listening to the conversations in the back room now.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#40 yabbadoo

yabbadoo

  • Banned
  • 510 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:21 AM

Posted 27 August 2013 - 07:52 AM

Lavabit may have been a small shrimp in a very big sea, but perhaps they offered a service which suited the bad guys with an encryption facility and NSA did the right thing and torpedoed them. 

 

Whilst I do not trust Governments in most things they do and say, you have to start somewhere and trust the authorities that YOU  elected. My  conclusion is that these Government agencies know exactly what they are doing and do a good job.

 

Nobody is perfect and if they need to spy on us, then they have a reason to do so, it is the only way that a society can be forced into complying with civilised behaviour. Why then do we need a police force and security organisation ?

 

The whole business of wimping about so called "snooping" is preposterous. What else do you want ? Anarchy and a free-for-all, because if you do, I certainly don`t.

 

Let it rest and trust your Government and security forces to do their jobs as they professionally wish. If you have something to hide then expect an almighty clout from our diligent law enforcement agencies. If you are innocent, then for God's sake just get on with life and  enjoy it.  You have nothing to fear from the people who are paid to protect you.

 

Just stop whining and wimping and have confidence in your Government and security administrations. You will find life infinitely much better.

 

Oh  come off it ! if Gmail, Yahoo, Hotmail and several other big Email fish are not worried, what the hell are we wasting time on this thread for ?


Edited by yabbadoo, 27 August 2013 - 07:55 AM.


#41 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,954 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:21 PM

Posted 27 August 2013 - 08:15 AM

Quote:
“Sometimes it is said that man cannot be trusted with the government of himself. Can he, then, be trusted with the government of others?”
-- Thomas Jefferson, 1801

"The truth was that all men having power ought to be distrusted to a certain degree."
-- James Madison, 1787 debate at the Constitutional Convention


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#42 yabbadoo

yabbadoo

  • Banned
  • 510 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:21 AM

Posted 27 August 2013 - 08:50 AM

@ Quietman

 

At the risk of being boringly repetitive, your posts are an astonishing series of sheer wisdom, tact, extremely interesting, diplomacy and a pleasure to read.


Edited by yabbadoo, 27 August 2013 - 08:52 AM.


#43 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,954 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:21 PM

Posted 27 August 2013 - 08:57 AM

Thank you.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#44 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,905 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:08:21 PM

Posted 27 August 2013 - 01:50 PM

@Yabbadoo you said: "Whilst I do not trust Governments in most things they do and say, you have to start somewhere and trust the authorities that YOU elected. My conclusion is that these Government agencies know exactly what they are doing and do a good job."

The NSA are not elected, they are contractors hired by the lowest bidder overseen by public sector employees who have repeatedly lied to and covered up and minimized their actions to the so called elected officials. These so called elected officials then have refused to hold this three letter agency operated by the lowest bidder responsible for their actions against the public trust in the 'name of national security'.

I too agree we need some sort of monitoring program for national security. I too think we should trust our elected officials to do the right thing and properly. However when it's revealed that too many people are asleep at the switch and when questioned about their actions we get lies and distorted information. We as the electorate have the inalienable right to question those we put in place and hold them accountable.

It's time for Toto to pull the curtain back on the 'Great and Powerful OZ NSA'.

Challenge delivered.... Regain my trust NSA. I double dog dare you. Will it be accepted?

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#45 yabbadoo

yabbadoo

  • Banned
  • 510 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:21 AM

Posted 27 August 2013 - 03:07 PM

@ Animal

 

An excellent post and information.

 

All my comments are valid when referring to the US Government, elected representatives and security services. The OP makes this statement - " Rather than comply with US government surveillance" in connection with the Lavabit closure and therefore my emphasis on Government intrusion is perfectly accurate.

 

​To comply with the OP statement, we are not dealing with private independent agencies bombing around all over the place stealing private public  data. Whoever they are and whatever they are doing as security operatives or contracting subordinates, comes under the direct control  and authorisation of central Government security administrations. 

 

To have the necessary authority to exert pressure on an independent  commercial company to reveal private public data like passwords etc. has got to have Government and lawful backing. Otherwise it would be a serious criminal offence.


Edited by yabbadoo, 27 August 2013 - 03:09 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users