I think most people who are not in this group would expect it to be private. My snail mail isn't encrypted, but I have an expectation that it is private.
Yes it is. USPS first class (ie regular not bulk) mail IS absolutely private and may not be opened by authorities without a warrant (and tampering with them by non authorities is a federal crime).
What security agencies have done is scan and collect all envelope info (metadata) which was ruled to be not private (makes sense) but with powerful enough cameras, lights, and enhancement software that most letters sent in standard envelopes can leak their contents.
I live in the US and have had snail mail opened without my permission and forwarded to me at the post office before. Once they put a sticker on it, once they didn't even bother. So, no, your snail mail isn't private at all. Government is free to open it and examine it any time they want. Legally the inspector is only supposed to open discount classes of mail, which is about half of them, to make sure you aren't lying to ship something cheaper, but in practice they are free to open anything and do.
No one is surprised that non-encrypted channels are being surveilled. What's interesting is how offhand it's becoming, that a police officer can casually peruse someone's private messages and apparently doesn't take much care to conceal this fact, even from a journalist.
Can 100% confirm this happens on imgur too. Shared a link - I don't remember what it was, unfortunately - trying to ID someone who'd done something stupid on the internet, that sort of thing.
My "I just sent an interesting PM and it probably won't disappear but just in case it does this is a canary message" stayed, and the interesting message actually did disappear. The chat bubble remained, the message content was gone (so the bubble was tiny).
Feel really really stupid I believed "nah, it won't disappear" enough not to screenshot both messages beforehand >.<
TIL that day that the imgur moderators (that, like all unpaid moderator situations, have a reasonable amount of drama associated with them) have access to PMs. Nice.
An IRC network owned by PrivateInternetAccess, Snoonet, also applies censoring filters to your private messages, and redirecte them to volunteer moderators in case you should use words that they consider worthy of censoring ("to prevent spam", of course)
I think that says everything one needs to know when even companies that claim to focus on privacy do this.
Maybe something deeply cultural in this. An American couple I knew went to China back in the 90s, to teach English. They discovered all they had to do to request say, more towels was to mention it aloud in their room. Must have put a bit of a damper on their love life.
They are not “private messages” if they are sent though a medium where there is no reasonable expectation of privacy. I’d even argue if there is a reasonable expectation of privacy, one should not bet one’s life on anything they send being private.
It’s gotten to the point where if a message I send touches the internet in any way I consider its privacy compromised.
I no longer have twitter, but isnt it called DM/Direct message and not private message? I dont condone the spying, but I dont think I would ever pretend to think that my twitter activity is "private".
At this point, what messaging app is truly OTR? Signal doesn’t allow third parties to build the source, Telegram is compromised for sure, same with WhatsApp.
> Signal doesn’t allow third parties to build the source
No. Signal is GPLv3.
They don't allow third parties to distribute modified binaries that connect to their servers. You can argue if that is a good idea, but don't misrepresent the situation.
The only way I can get a Signal binary is through OWS. Why should I trust them?
The whole spirit of GPL and FOSS is to be able to examine the source, modify it, and distribute it freely. It’s a form of DRM to restrict who can and cannot distribute the Signal binary.
That's... that's really weird. I definitely argue that it's not a good idea, and I'd also argue it puts quite a few nails in the coffin in terms of my trusting it as a good protocol.
Maybe this is an unpopular opinion, but IMO the fact that Facebook "trust" it means that I have a lot of reserve about using it myself.
It's not that weird from their point of view. "I was using Signal, but my messages were intercepted anyway" - "But were you using original Signal, or a third-party build with ads and malware?"
(if that's the rule anyway - I couldn't find confirmation for that)
Additionally, you end up with crap like Noise (a Signal fork that uses the main servers) where features inconsistently work or are available and the devs of Noise don't actually pull down new code very often, resulting in a two tiered network that has many unreliably working features.
Hence why Moxie doesn't think federation is practical with an evolving communications protocol.
You say that, but Noise and Signal-CLI work just fine. Not that either actually keeps current with features, which is mainly why Moxie has stated he doesn't like people using unmaintained forks of Signal on OWS's servers.
I mean, I think it's true, solely based on the things I know about China's surveillance... But it does not mean we should just take this tweet as a fact...
You're right, this is a tweet about part of a conversation where not even the author knows what the other party knew.
For example, it could be the author PM'd another journalist about an event, and the 3rd party then posted it publicly. Or they just ratted her out to the feds. Who knows?
The FT uses a modern(ish) communication stack. Gapps and slack throughout. So if this ia a work feed, then that raises interesting issues. However I suspect this is based on her private devices.
For certain journalist there is a "secure room" (well its not a room yet, that comes later) with isolated throwawy hardware for viewing potentially insteresting files. But I don't shes not part of that team.
If you're in a situation where throwaway-hardware makes sense, you'll care how the throwing-away is actually done.
While not throwaway hardware, the company I work for destroys hard drives and other persistent memory devices before discarding computers. If the persistent memory device cannot be easily and reliably destroyed, the whole device is.
I bet journalists with sensitive information are far more thorough.
I suspect something that wipes out hardware many times without magnets would still be very safe. Only when it is decommisioned does it make sense to use physics to destroy it fully.
Yo seem to assume that everyone working at a news outlet is a journalist. IT, legal, finance, HR, facilities, production, sales, marketing, distribution...
Your kind words of encouragement are most appreciated
I'm not a journo. More importantly the browser I was using didn't have a working spell check. This all compounds the obvious, which is; I can't spell for shit, and my proof reading is also notably weak.
It doesn't necessarily imply surveillance or a flaw in the message channel - a plausible (and IMHO more likely) scenario is that they simply have seen the messages for one of the recipients.
It takes two to keep a conversation secret, and if one of them is unable to do so (e.g. has their papers and devices seized/searched), then no channel can be secure. OTR algorithms won't help you if one endpoint is compromised and its message history revealed, so switching to another app will help for some threats but not this (quite common) one.
Plausible deniability is kind of bullshit in this and similar cases - sure, one can't prove that the message was from her, there are all kinds of possibilities, but the authorities can reasonably assume (especially combined with an interrogation results and possible other circumstantial evidence) what was the likely sender, and that's completely sufficient for them, they don't need to prove anything. Just as in this article - no proof is provided (nor will ever be), and a reasonable assumption alone is enough to reject or evict a foreigner or detain and punish a local.
I.e. plausible denial is essentially based on the hope that the opponent will follow some high standard about what constitutes evidence/proof and what is the level of plausibility. In a good legal/political environment you don't really need plausible deniability that much, and in a bad legal/political environment plausible deniability won't save you from harm; your plausible denials can simply be ignored.
E.g. in the Signal standard "plausible denial" means that the message might have been spoofed by your recipient as it involves a shared secret that's not solely available to you - but it's not particularly likely (without extra evidence, motivation, etc) and not really that plausible. A good lawyer in USA might succeed using it as an argument to prevent a conviction, but any totalitarian regime will simply disbelieve it and declare it not sufficiently plausible; they are not really looking for solid proof of wrongdoing, hints of wrongdoing are good enough.
She says "fuck tencent" but she's dealing with a totalitarian government that restricts fundamental human rights like privacy, speech, movement, and even procreation!
The question to ask is: why are you as a foreign-based journalist working with/for the Communist Party of China in the first place? Why are they cooperating with you at all?
Lets be realistic here, she obviously doesn't understand technology in any shape, form, or way, and (considering the Chinese Govt lets her reside in China) doesn't do hard hitting or quality journalism.
Its unlikely a journalist in name only will improve anytime soon, but morons like her being flabbergasted that WeChat is giving all her comms away is hilarious! She is obviously inept.
Next up, in-your-face "fuck-you-yes-I'm-doing-it" active MITM attacks breaking through "secure" messaging systems like Signal and ZRTP, that perform next-to-no key validation ("your partner probably reinstalled") or with very low entropy validation material (SAS).
Fix the key persistence problem on mobile, stop encouraging people to reinstall new keys every 2 weeks.
69 comments
[ 2.7 ms ] story [ 140 ms ] thread"....he saw that by surveilling my private messages and not on my public feed...."
https://www.forbes.com/sites/erikkain/2013/12/29/report-nsa-... https://www.theverge.com/2013/12/29/5253226/nsa-cia-fbi-lapt... https://en.wikipedia.org/wiki/Postal_interception https://books.google.com/books?id=2OZgDQAAQBAJ&pg=PA97&lpg=P... http://www.nytimes.com/2013/07/04/us/monitoring-of-snail-mai... http://www.pucl.org/from-archives/81july/mail.htm https://www.theguardian.com/commentisfree/henryporter/2010/m...
Regardless of what your expectations are, it's not private. Just because you expect something to be private does not mean that it actually is.
What security agencies have done is scan and collect all envelope info (metadata) which was ruled to be not private (makes sense) but with powerful enough cameras, lights, and enhancement software that most letters sent in standard envelopes can leak their contents.
Not when you have all of congress (minus a very select very few) wagging their tails and eager to please you it's not.
My "I just sent an interesting PM and it probably won't disappear but just in case it does this is a canary message" stayed, and the interesting message actually did disappear. The chat bubble remained, the message content was gone (so the bubble was tiny).
Feel really really stupid I believed "nah, it won't disappear" enough not to screenshot both messages beforehand >.<
TIL that day that the imgur moderators (that, like all unpaid moderator situations, have a reasonable amount of drama associated with them) have access to PMs. Nice.
An IRC network owned by PrivateInternetAccess, Snoonet, also applies censoring filters to your private messages, and redirecte them to volunteer moderators in case you should use words that they consider worthy of censoring ("to prevent spam", of course)
I think that says everything one needs to know when even companies that claim to focus on privacy do this.
It’s gotten to the point where if a message I send touches the internet in any way I consider its privacy compromised.
https://www.theverge.com/2018/2/1/16721230/wechat-china-app-...
No. Signal is GPLv3.
They don't allow third parties to distribute modified binaries that connect to their servers. You can argue if that is a good idea, but don't misrepresent the situation.
The whole spirit of GPL and FOSS is to be able to examine the source, modify it, and distribute it freely. It’s a form of DRM to restrict who can and cannot distribute the Signal binary.
Maybe this is an unpopular opinion, but IMO the fact that Facebook "trust" it means that I have a lot of reserve about using it myself.
(if that's the rule anyway - I couldn't find confirmation for that)
Hence why Moxie doesn't think federation is practical with an evolving communications protocol.
[1] https://matrix.org [2] https://riot.im
[1]: https://cointelegraph.com/news/skype-wechat-snapchat-thrashe...
I mean, I think it's true, solely based on the things I know about China's surveillance... But it does not mean we should just take this tweet as a fact...
For example, it could be the author PM'd another journalist about an event, and the 3rd party then posted it publicly. Or they just ratted her out to the feds. Who knows?
How do we know that she is a person?
How do we know that China is a country?
How do we know what a tweet is?
You're right. There are many assumptions we can make here. Can you say why you chose that particular point of abstraction?
https://www.theguardian.com/world/2018/jan/31/this-is-over-p...
The FT uses a modern(ish) communication stack. Gapps and slack throughout. So if this ia a work feed, then that raises interesting issues. However I suspect this is based on her private devices.
For certain journalist there is a "secure room" (well its not a room yet, that comes later) with isolated throwawy hardware for viewing potentially insteresting files. But I don't shes not part of that team.
And chances are there are some security researchers who wouldn't mind diverting those devices from the trash...
(My curiosity honestly probably stems from the fact that I'm always on the lookout for unorthodox ways to upgrade my own _very_ old tech)
While not throwaway hardware, the company I work for destroys hard drives and other persistent memory devices before discarding computers. If the persistent memory device cannot be easily and reliably destroyed, the whole device is.
I bet journalists with sensitive information are far more thorough.
destruction is rather fun actually, after wiping, memory/disk is removed and taken apart manually. lots of magnets to play with.
I'm not a journo. More importantly the browser I was using didn't have a working spell check. This all compounds the obvious, which is; I can't spell for shit, and my proof reading is also notably weak.
It takes two to keep a conversation secret, and if one of them is unable to do so (e.g. has their papers and devices seized/searched), then no channel can be secure. OTR algorithms won't help you if one endpoint is compromised and its message history revealed, so switching to another app will help for some threats but not this (quite common) one.
I.e. plausible denial is essentially based on the hope that the opponent will follow some high standard about what constitutes evidence/proof and what is the level of plausibility. In a good legal/political environment you don't really need plausible deniability that much, and in a bad legal/political environment plausible deniability won't save you from harm; your plausible denials can simply be ignored.
E.g. in the Signal standard "plausible denial" means that the message might have been spoofed by your recipient as it involves a shared secret that's not solely available to you - but it's not particularly likely (without extra evidence, motivation, etc) and not really that plausible. A good lawyer in USA might succeed using it as an argument to prevent a conviction, but any totalitarian regime will simply disbelieve it and declare it not sufficiently plausible; they are not really looking for solid proof of wrongdoing, hints of wrongdoing are good enough.
The question to ask is: why are you as a foreign-based journalist working with/for the Communist Party of China in the first place? Why are they cooperating with you at all?
2. Ensure your journalism is helping to improve the world and not enabling oppression.
Its unlikely a journalist in name only will improve anytime soon, but morons like her being flabbergasted that WeChat is giving all her comms away is hilarious! She is obviously inept.
Fix the key persistence problem on mobile, stop encouraging people to reinstall new keys every 2 weeks.