28 comments

[ 3.0 ms ] story [ 67.9 ms ] thread
I'm not sure why he's switching from Google search to Duck Duck Go if he's concerned about privacy. Using any cloud service poses a risk and Google has one of the best records for privacy (check the EFF "Who's got your back" list.). Also, shutting off your Android phone instead of just not using the cloud & GPS services (and maybe installing a custom ROM if you're extra concerned) seems silly. Android works fine without Google's (or anyone else's) services.
"I'm not sure why he's switching from Google search to Duck Duck Go if he's concerned about privacy."

Obviously you're not up-to-date.

I may be wrong, but I don't see how anything is worth doing while the security services can quickly and easily compromise ISPs, and while we believe they can also crack encryption, or force us to reveal keys we may not have.

All that is really left is to alter out behavior in order to up the amount of work the security services have to do and to send a message. So, using services like DDG simply send a message. If enough people do it, the message might get heard. IMHO, that is really all using DDG achieves. And frankly, I suspect that is more about annoyance at creepy google data slurping than NSA type slurping. The NSA would still be able to compromise DDG, but using DDG tells google something. I use, or try to use DDG not because I think it makes me safe from the NSA, but because I don't like google's policies on using my data. Im not kidding my self that using DDG makes me NSA immune.

There is no way to ensure electronic privacy. Frankly, there really never was. Its was an illusion we kidded ourselves was real. In the end, a wire goes from an ISP to my house. That wire is traceable.

The worst part is that if reports are to be believed this has been going on for at least a decade. Cant find a link, but there is that ex-FBI officer who has claimed that they can get phones calls from 10 years ago, or there abouts. They already have our data archived, available for their use when ever they like for what ever purpose they like.

Now they have this power, they will never ever let it go. Neither will our data from the past decade be destroyed. Now we are so dependent on electronic communication, we are pretty much penned in. No one will take the risk to change it. Just imagine if they cancelled PRISM, and destroyed all their archive data, and then 9/11 Mk2 happened... Would we all say, "that's OK, we the people took tyhe risk and we are fine with possible consequences"? You might, I would, but would the general population agree?

We now live under electronic totalitarianism. It is here to stay. Get used to it.

Would someone please invent or do a kickstarter project for an "email server in a box" project. A plug and play email server with webmail, TLS, etc? Maybe running the whole thing on a pi that you just plug in to your home network so you can host your own mail?
What is tricky in email is what's going on outside of the box: MX records, SPF, whitelist and all those things put in place to avoid spam.

Last time I tried, I could easily receive mails, but a lot of people complained my mail ended up in their spams. Never managed to configure that part properly thus I gave up.

Mailpile is not a 'full server' but a nice part of the solution, they are running a funding campaign at the moment. http://www.mailpile.is/
What I truly love about this article is it shows how many open source alternatives exist out there. I think the big problem with people is they think there isn't a tool that can be equivalent to what they use now. I am also stuck on facebook. I like your indirect solution though!
It isn't equivalent to what they use now! How would a private cloud someone hacked together be as secure as the billions of dollars Google has poured into engineering elite, class-A data security?

Before someone accuses me of fanboying Google, recognize that (as I stated in a top level comment), Google as a company is probably one of the safest in the world for your data.

The only leg someone has to stand on in saying an open source alternative might trump Google is that the company willfully allows access to their data, bypassing the heavy security entirely. If you want to make that argument, fine, but you better have something else prepared aside from the NSA scandal regurgitation.

http://googleenterprise.blogspot.com/2010/01/keeping-your-da... http://gcn.com/articles/2011/11/10/cloud-hack-via-google.asp... i guess this was before google poured the billions into it with it's engineering elite, class-A data security. Google may be more secure but google is also a big target. a personal cloud is less likely to get hacked. if i live in the woods with $1000 and only have one lock, i'm probably less likely to be broken into than a giant bank filled with tons of money in the middle of a city, even with it's heavier security.
The problem with this whole mentality is that is probably made him more vulnerable to surveillance, not less. No organization in the world spends more money to protect email and messaging services than Google does. This is a fact that frustrates people on HN endlessly, but all I can tell you about that is "sorry".

Your assurances that OVH adequately protects its IMAP servers, particularly from newly discovered vulnerabilities in its server software, are very poor. On the other hand, you can generally take assurances about Google's seriousness on these issues to the bank.

The mentality in this article is that hosting information outside of Google makes you less susceptible to lawful intercept requests from the USG. But that doesn't make game-theoretic sense given the worldview that mentality arises from. The only thing moving your data off of Google protects you from is a "lawful" request. But if you think that the USG is willing to bend or break the law to get your information --- an article of faith on HN --- moving that data elsewhere doesn't help you at all. They'll just use extralegal means to get the data.

Meanwhile, you've expanded the class of external actors that can get your data, by hosting it somewhere less secure.

Moxie Marlinspike, on this same topic, suggested on a liberation-tech mailing list that a dissident asking him how to securely communicate online would be steered towards Google Talk.

I don't agree. Google may have spent a lot of money, but that hasn't kept them off of the PRISM list and so far I've not read any really convincing explanation from anyone at Google about why they're on that list.

I think in the post-Snowden world it's game over for the idea of expecting reasonable privacy or data security from the likes of Gmail. Once someone can routinely exfiltrate 100% of your data without a warrant - particularly if you are a "non US person reasonably believed to be outside the US" then the security model is not just a bit wonky, it's utterly destroyed.

You haven't managed to disagree with me here, because my point accommodates the fact that Google might cooperate with the USG.
Google cooperating with the USG is a much larger risk factor for being surveilled. Currently, the USG does not need to exploit server vulnerability to access Google messages, but for a foreign-owned ISP, they don't have this back door, at least not as readily. That means a targeted attack, which is inherently more expensive.
Vulnerabilities in your mail provider present a superset of the problems of Google Mail.
Not really. They're more of intersecting sets. Is a foreign mail provider as likely to succumb to PRISM? No. Is it possible for GMail to have vulnerabilities unique to GMail and not to a more standard mail setup? Of course.
I think the issue is that we disagree, probably very very strongly, about the relative likelihood of vulnerabilities in Google Mail versus vulnerabilities in any other mail service provider.

It's O.K. to disagree! We don't have to agree on anything, let alone this. Just know that my opinion is a professional one in this specific case. There are extremely smart people working on Google Mail's security, and on the security of every component in the stack that Google Mail depends on, and that is an arrangement (in both degree and kind) that is pretty much unique to Google Mail.

I'm just pointing out that asking for data from a database is always going to be easier than exploiting a system, no matter whose it is. From what we know, it seems that the USG has the ability to do surveillance on Google Mail by querying a database, but likely does not have that same ability on a foreign mail service. Therefore, it is likely that it is easier for the USG to read mail from a Google user.

As you know, security is not about making things impossible but making them more difficult and resource-intensive. So far, we have little evidence that Google has been making anything difficult for the USG.

I don't completely understand. Because of PRISM, NSA has direct access to everything I store at google. If I store it on my own, badly secured but unique little server, they'll have to actually do effort to get to my data. Why isn't that better?
PRISM does not give NSA "direct access" to anything you store at Google; they have to file a legal request, which Google's counsel reviews.

If you believe that NSA is simply going to ignore the law to get whatever data they want --- and again, most of HN believes they will --- then moving your mail off the most secure mail provider on the Internet isn't going to make it harder for NSA to get access to it.

What you're essentially saying is this: stick with Google because you're still likely to be subject to surveillance outside the "Google-sphere" but with Google, at least your data is secure from network attacks.

He says quite clearly in the article that he moved away from Google to own his data and online identity. What does it matter if his new setup is less secure that Google? Now that he's stopped using some of Google's services, they no longer have a detailed record of his behaviour on the web.

Good on him for taking a principled stand and acting on it.

You've missed my point. He's taken an active stand, but he probably hasn't made his data harder for the NSA to get, and probably has made it easier for other people to get.
Can you provide arguments to your assertions that Google is #1? Any points, details to support your claims?
I applaud the tenacity with which people want to be "self-secured", but this is misinformed.

It would not be hyperbolic to say that Google is one of the greatest companies in the world in terms of network security fidelity. It uses literally billions of dollars in resources, some of the greatest minds of this generation to implement them, and cutting edge technology to secure its data.

By contrast, the author has a somewhat hacked together approach here, with capital orders of orders of magnitude lower, and, frankly, less expertise than the combined skill of the GMail engineering team alone.

Google, for all the slander it received during the NSA scandal, is like a secure island oasis in a sea of vulnerabilities. You are much more secure with the large corporation that everyone loves to hate than on your own.

Let's talk strategy as well. Do you imagine you'll be safe from the NSA - or any agency - because you boycotted one of their alleged sockpuppets and decided to run your own stack? If they really cared about your data, do you think this would stop them? And, more importantly, as I detailed in the first paragraph, do you have more engineering chops than the combined weight of even a single Google team?

> It uses literally billions of dollars in resources, some of the greatest minds of this generation to implement them, and cutting edge technology to secure its data

The problem is when all that is working against you rather than for you. There's no point in putting in your star player if they're just going to take a dive when you need them most.

The Snowden leaks indicate that assuming your data is safe and secure from warrantless access while residing blissfully in plain text on the cloud servers of the PRISM list member companies is at best a hopelessly naive expectation. That applies particularly if you are a "non US person reasonably believed to be outside the US", which means that you're considered to be fair game for any and all exfiltration schemes.
1. Doing everything yourself means knowing how everything works and being able to manage it all. No one knows enough or has enough time to do that properly. You've increased your attack surface all while giving yourself a false sense of security.

2. If you communicate with anyone that hasn't broken out of prism, you are still observed and recorded. Watchers may not know what you say, but they will know when and to whom. What was said isn't all that hard to obtain or infer if they own one side of the conversation.