429 comments

[ 2795 ms ] story [ 1480 ms ] thread
Lets not try to code our way out of this.

We succumb to terror pushing away meaningless bits of code on Github as a crypto projects in response. Some projects flourish sure but the same forces that profit off the court-less killings of others are collating your data, your pet projects. Harvesting your stolen info out of botnets.

Giving you a salary for technician work keeping infrastructure ticking.

Enough enabling the beastly mess that is privatized 'national' security. The payments to infrastructure providing companies for data access. The kidnapping/torture/drone fire of others when technological routes don't work.

If you have a career with Dell, AT&T, Booz Allen Hamilton, SAIC, and many others, start making demands or make resumes. Stop being complicit.

That's nice to say. Get angry, be outraged. But what do we do, day-to-day, while things are still a mess? How do you organize a revolution under the noses of the people you're revolting against?

The code still has a purpose, even if it's not the "right" solution, long-term.

It really comes down to lobbying lots and lots of politicians who can stop the NSA by significantly slashing its funding or by enforcing existing laws. The Occupy movement showed that revolutions don't work in a state where government and police will conspire against its citizens by infiltrating and undermining its civil rights movements.
The problem with Occupy was that there was no demanded reforms, only complaints and protests against things. Protests aren't ever enough though.

It is telling how little credibility Occupy had with Washington when Obama, giving his jobs speech during the protests, called for the deregulation of Wall St.

While Occupy DID make some demands; they were just made by the individual groups.

It would be more correct, though, to say that "demands" weren't really the point of Occupy. They changed the national dialogue, and made a LOT of traditional euphamisms and arguments obsolete and useless by putting the core issue of class warfare back up in front where it belongs.

"Cutting out decades of distraction an propaganda" may not have been an explicit "goal", but it was certainly a victory for the movement.

Revolution is not what you think. It consists of the small actions of millions of people. The small actions are usually more revolutionary than the large.

The NSA has just created a huge market for guaranteed secure communications infrastructures. The technology is there. It may need some extensions but it is there.

Some ideas (again no time for a startup now and this is too important):

1. An email-like service based on TOR with content encrypted via public key encryption end to end.

2. The second is an encrypted voice network. This can't encrypt metadata a swell in a way that central offices can't see it, but the contents could be encrypted easily enough.

The code is a means to an end. We can't code our way out of the problem. We can build businesses that get us out and code is supportive of that.

Encoding your own mail means that you are playing by rules of the game NSA has set up. The only way is to make your own game and make them play by YOUR rules. If you encode your communications there is a barrier that they will break down directly by making you disclose the keys while threatening with Tax audits, jail time etc. Or by breaking down encryption commications. They are the largest employer of IT/Security/Cryptographers on the face of the earth.

So the only way to do this is to make them not play their game.

Frankly whole cancerous security apparatus has been fueled by privatized sector just like the one with privatized jail system.

Sad to say this but there only way I can see this being resolved is political/etc. Start websites cover the stories. Find methods of figuring out whether they are listening to you or not. For example set up fake drug deals so you can draw them on fact of monitoring your communications. Sue them every instance you find them breaking down your doors. Yeah I know it is not pleasant.

Just like OP said there is no easy way out of this.

Also make working for contractors of NSA and being employee of NSA being a very unpatriotic and scummy thing to do - akin to digging around underwear drawer of your next door granny neighbor.

My 2c.

> Encoding your own mail means that you are playing by rules of the game NSA has set up.

well, actually, I was talking about encoding other people's email, for a fee. The goal is to change the game and change the rules. The NSA has created this market. Let's use this to reshape the game.

> If you encode your communications there is a barrier that they will break down directly by making you disclose the keys while threatening with Tax audits, jail time etc.

This is true, so the game is not just to get your own keys taken care of but everyone else's and locate the business in a country that will be better interested and able to stand up to NSA interests here.

> Or by breaking down encryption commications. They are the largest employer of IT/Security/Cryptographers on the face of the earth.

Again true, which is why the game has to change.

> So the only way to do this is to make them not play their game.

So the new game is to make sure as much traffic as possible is encrypted. All of the above take time. They could bug the end points, they could break down the encryption with massively parallel supercomputers. They could threaten individual users of the service.

So the game is to make sure that everyone encrypts everything every time (or at least that enough do to make individualized efforts prohibitive on a dragnet scale).

We know they don't like that game. They've been trying to get control over all encryption since the days of Clinton but they haven't yet.

> Frankly whole cancerous security apparatus has been fueled by privatized sector just like the one with privatized jail system.

Very true. BTW, read "The Servile State" by Hilaire Belloc if you want a really depressing read....

> Sad to say this but there only way I can see this being resolved is political/etc. Start websites cover the stories. Find methods of figuring out whether they are listening to you or not. For example set up fake drug deals so you can draw them on fact of monitoring your communications. Sue them every instance you find them breaking down your doors. Yeah I know it is not pleasant.

If someone wants to, great. I am not in the US at the moment so my options are more limited.

> Also make working for contractors of NSA and being employee of NSA being a very unpatriotic and scummy thing to do - akin to digging around underwear drawer of your next door granny neighbor.

How do we do that? How many of us know such contractors?

> But what do we do

Stop bothering with the articles here, and "get out of the building":

* Call or write a real letter to your representatives in congress (assuming you're American).

Hopefully that is something everyone has already done.

* Coordinate - isn't there some place where people are organizing/coordinating this stuff?

* Write a letter to the editor in your local newspaper.

* If you're in the bay area, how about helping to organize a primary challenger for Nancy Pelosi? She did not vote to defund the NSA. People in SF have the money, the means, and the incentive to get someone in office who cares more about this stuff.

* Donate money to politicians/groups opposing this stuff. The EFF, for instance.

"I don't have to tell you things are bad. Everybody knows things are bad."

I've taught more people about the Web Of Trust and how to use GPG in the last ~1.5 months than in the last ~1.5 decades.

"...and we sit watching our TV's while some local newscaster tells us that today we had fifteen homicides and sixty-three violent crimes, as if that's the way it's supposed to be."

Something about this current drama has made the whole concept of encryption and the realities of surveillance suddenly resonate with a LOT more people. It's not a majority yet, of course, but a change in perception this dramatic is a amazing.

"We sit in the house, and slowly the world we are living in is getting smaller, and all we say is, 'Please, at least leave us alone in our living rooms.'"

I have people emailing me encrypted email now, who just last year ignored the idea with the usual dismissal of it being "unnecessary" or "too complicated"[1].

"Well, I'm not going to leave you alone. I don't want you to protest. I don't want you riot. I don't want to write to your congressman because I wouldn't know what to tell your to write."

So now that people are finally noticing the reality they live in, and are finally getting mad, I see this as what educators call a "teachable moment" to try and suggest a few broader concepts tan the gpg lessons they are asking for.

"I'm as MAD AS HELL, and I'm NOT going to take this anymore!"

A few things I've been trying to teach recently, now that there are actually people listening:

* General education on the concept of data mining, and the power of a handful of JOIN clauses. The idea of grabbing all your phone calls is something most people already understand. Connecting a few random bits of entropy together to get a surprisingly reliable primary key is still not widely understood.

* Web Of Trust - Starting small and local is good, just like in elections. It would be amazing if somehow the Key Signing Party could be worked into some traditional social ritual.

* Stop supporting the feudal model of email, by tying your identity to an @company.com domain. Land is king IRL, and staking your claim on the internet is important for similar reasons. It would be nice if everybody could change their MX records and hosting service as easily as they change POTS long distance providers.

* Stop using webmail - many of the benefits of encryption are lost if you don't keep the keys in your physical possession, as demonstrated by lavabit and elsewhere.

This doesn't directly fix the problem[2], but it is stuff that can be done (and is being done) now, and these are certainly things that would help immediate problems faced when organizing a revolution. The NSA doesn't have the manpower or money to strong-arm their snooping routers into every last-mile endpoint. This kind of long-term cutting of the data the NSA can see is one of the better weapons we have against them.

"Then we'll figure out what to do about the depression and the inflation and the oil crisis. But first get up out of your chairs, open the window, stick your head out, and yell..."[3]

[1] You would think a Biology professor would understand an argument about how this isn't necessary about them, but about maintaining the "herd immunity" of the email ecosystem...

[2]: It might in the long run, once a lot more software support is written, and it finally becomes possible for regular people to extend their web of trust as far as, e.g. groklaw.

[3]: Incidentally, the lecture at the end of Network comes to mind every time the government panics about Snowden: "...and YOU have meddled with the primal forces of nature, and YOU...WIIL...ATONE!"

edit; formatting

> If you have a career with Dell, AT&T, Booz Allen Hamilton, SAIC, and many others, start making demands or make resumes. Stop being complicit.

Unfortunately, the majority of wage-slaves are so indentured to their overlords that simply leaving is not an option, as the alternative is penury and starvation - particularly when you work for a giant like BAH, who'll ensure nobody will ever employ you again.

If you want to make a stand, don't hand in your notice, don't make a resume, don't make demands, just don't show up, and let 'em flail. Worst they'll do is fire you, and in today's world you do not need to pledge fealty to an employer in order to survive, and the fewer people that do, the more rapidly things will change.

If all the IT folks simply walked away from their machines, they would stop working, but we do not, and instead we strive to make their machines work perfectly without our intervention.

Jump ship before they decide to push you overboard, anyway - because they will. If you think your employer respects you, and will give you a job for life... you are wilfully deceiving yourself.

Nobody on HN should say that she cannot stand up and walk away. We're have one the most sought-after and best paid jobs in the world. If we cannot give up some comfort, nobody is going to.
Absolutely. I quit my well paid job for a bank in 2006, as the stink of corruption was too much for me - and quit by just walking out one day, and not coming back. 'lo and behold, banking scandal and collapse, not long later. Fuckers I'd been working for had been hiding $bns of bad debt by shunting it into a director's name every quarter. SEC nabbed 'em. I spent several years broke, getting my own outfit off the ground. Means I'll never work in that industry again. Good riddance.
Code won't do enough. You are right. What will help will be businesses in privacy-friendly countries which offer secure communications infrastructures. This can be guaranteed by careful development and placement of business assets and, yes, carefully designed code.

Many of the people at these businesses you mention are wage slaves and they can't so easily just get up and leave.

Code gives us tools. Such is a start, but only a start. We need solid, internationally federated businesses, which can be built to take on this challenge. Yes open sourcing the tools is important too, but only as a means to an end.

We need to build up an infrastructure for actually using these tools and that means businesses offering services.

I do not have time to do another business (I am ramping up two businesses right now). I do have time to consult, advocate, and advise on this very important topic.

> Lets not try to code our way out of this.

I disagree. Let's use all our skills and avenues, not just some of them.

> We succumb to terror pushing away meaningless bits of code on Github as a crypto projects in response.

That is a subjective opinion. Email itself is meaningless bits of code. You want us to stop using email altogether? What about the web? Why are you even posting on this forum so?

> Some projects flourish sure but the same forces that profit off the court-less killings of others are collating your data, your pet projects. Harvesting your stolen info out of botnets.

That is alarmist hyperbole.

> Giving you a salary for technician work keeping infrastructure ticking. Enough enabling the beastly mess that is privatized 'national' security. The payments to infrastructure providing companies for data access. The kidnapping/torture/drone fire of others when technological routes don't work. If you have a career with Dell, AT&T, Booz Allen Hamilton, SAIC, and many others, start making demands or make resumes. Stop being complicit.

Dell? A computer hardware device assembler? What on earth are you on about. You appear to think that the entire info-tech infrastructure, companies and "wage-slaves" alike are complicit in all this. Computers are a kind of tool, you can use them for beneficial, neutral or nefarious means. Let's keep the spotlight where it is needed -- on the secrest out-of-control governmental surveillance organs of various nation states.

In short. Think a bit before you post and spare us the melodrama.

> Dell? A computer hardware device assembler? What on earth are you on about. You appear to think that the entire info-tech infrastructure, companies and "wage-slaves" alike are complicit in all this.

"Former intelligence contractor Edward Snowden began downloading documents describing the U.S. government's electronic spying programs while he was working for Dell Inc in April 2012, almost a year earlier than previously reported, according to U.S. officials and other sources familiar with the matter.

David Frink, a spokesman for Round Rock, Texas-based Dell, declined to comment on any aspect of Snowden's employment with the company, saying Dell's "customer" - presumably the NSA - had asked Dell not to talk publicly about him.[1]"

Thanks for the heaping pile of denigration.

[1] http://www.reuters.com/article/2013/08/15/usa-security-snowd...

That's a completely new one on me. I seem to stand corrected on the Dell issue (could someone expand on this?) -- but I still think you are casting your net a bit wide. I apologize for the heaping pile of denigration as you call it but maybe tone it down a bit and take the time to show (and link) in more detail why you are saying what you are saying, ok?
The time for toning it down has passed.
"Some projects flourish sure but the same forces that profit off the court-less killings of others are collating your data, your pet projects. Harvesting your stolen info out of botnets."

> That is alarmist hyperbole.

Those were two direct references, the first being SAIC with their military drone[1] and domestic 'domain awareness center[2]' operations. The second being Endgame Systems and their monetization of botnet data/malware[3].

> Let's keep the spotlight where it is needed -- on the secrest out-of-control governmental surveillance organs of various nation states.

On it with laser-like focus, sir.

[1] http://articles.latimes.com/2011/dec/29/world/la-fg-drones-c...

[2] http://oaklandwiki.org/Domain_Awareness_Center

[3] http://wiki.echelon2.org/wiki/Endgame_Systems

Thank you for taking the time to provide these links, sir.
Lets try to code our way out of this.

Crypto sucks hard for beginners and it's pretty much in diapers.

Why is Dell on that list?
"Former intelligence contractor Edward Snowden began downloading documents describing the U.S. government's electronic spying programs while he was working for Dell Inc in April 2012, almost a year earlier than previously reported, according to U.S. officials and other sources familiar with the matter.

...

David Frink, a spokesman for Round Rock, Texas-based Dell, declined to comment on any aspect of Snowden's employment with the company, saying Dell's "customer" - presumably the NSA - had asked Dell not to talk publicly about him.[1]"

[1] http://www.reuters.com/article/2013/08/15/usa-security-snowd...

So basically Dell sells computers to the government?
They run their own version of AWS that's sold to the NSA.
Also, they recently bought Perot Systems (remember H. Ross Perot?), a large government contractor with fingers in many pies.
Hello, random new account advising us not to come up with electronic solutions to electronic government surveillance!

>Some projects flourish sure but the same forces that profit off the court-less killings of others are collating your data, your pet projects. Harvesting your stolen info out of botnets.

What in the fuck does this even mean? How is it relevant? The only problem with "fresh" crypto projects is that if you fuck it up, and you have bad crypto, it's as good as no crypto.

Most of us here don't work for those companies, nor do most people being spied on, so this advice sucks.

Legislation and regulation are the long-term methods of stopping this, but the short-term method of dealing with a technological problem is better technology.

> What in the fuck does this even mean? How is it relevant?

It means projects with sound footing are likely to be undermined aggressively by all means. Through courts, around courts, under courts. Undermined using infrastructure and resources provided by many potential contributor's day jobs.

A bit like trying to build a castle on the weekend while getting paid to help knock it down during the weekdays. Wondering why it didn't amount to much some time later.

> It means projects with sound footing are likely to be undermined aggressively by all means.

So we shouldn't even try?

Sad but also very understandable. Thanks pj for all your hard work throughout the years and for being one of the most diligent watchdogs in the foss community.
OMG.. Groklaw shut down!?

I'm in shock.

A part-solution.

All tech geeks set up mail servers with encryption and volunteer to migrate their non-tech friends and family to new email homes. We also show how to configure encryption in their mail clients and start getting them to use native email clients rather than webmail.

This will have two effects. It will send a message to Google/Microsoft/Yahoo!/insert big mail provider here/... that they have been lax in protecting the privacy and interests of their users. Of course, given the free-as-in-beer model of webmail it was long apparent to some that the user was actually the product and the advertiser was the actual customer. If a user is seen as a mere data-point then there is little incentive to assure these mere data-points privacy. maybe this will be the kick in the pants the big providers need. Maybe that model is irredeemably broken and always has been but we just didn't know it yet.

Email should be like snail mail. Everybody acts as their own mail server and mail client in snail mail land. Your inbox is the physical letterbox and you would never let some corporation provide that value in return for some dubious positive (convenience? a nice interface to your mail store? the ability to search your mail store? ...)

The second effect is that it sends a message to the spooks and claws back a vital channel of our privacy. We can work on safe and easy anonymous browsing and safe and anonymous and federated social networking and whatever else further down the road -- mail needs to come first.

Think about it. There are enough tech geeks. Every geek should need to know how to do this anyhow. This will scale. We need to build a movement around this. When something in the political arena forces the immeasurably invaluable Groklaw offline something tangible needs to be done. We have had a series of ever more alarming wake-up calls (though I hate how clichéd that sounds) since the first Snowden revelations. We need to start acting on these calls. Sure our response needs a political dimension (a global moratorium on digital mass surveillance) as well but I think that this technical part-solution has got legs.

What do you think?

> All tech geeks set up mail servers with encryption and volunteer to migrate their non-tech friends and family to new email homes.

I certainly wouldn't be comfortable with my peers having the opportunity to control my email and the myriad of accounts associated with it. I can't imagine they would be happy with me doing the same with their data.

> We also show how to configure encryption in their mail clients

Encryption is fairly useless without authentication, and we can safely assume that the NSA has control of Certificate Authorities.

> Think about it. There are enough tech geeks. Every geek should need to know how to do this anyhow. This will scale.

I've been battling with the concept of hosting my email for quite some time, and it always boils down to being a horrific thing to set up. There's a pile of easy ways you can screw up and make something insecure or spam-ridden. I spent a good day trying to put together a solution I was happy with, but couldn't.

> Encryption is fairly useless without authentication, and we can safely assume that the NSA has control of Certificate Authorities.

You don't need CA's for e-mail encryption. You need keyrings and networks of trust (I exchange keys with my closest associates via offline means; I sign a certificate stating that I vouch for the authenticity of their certificates; my associates can then choose whether or not to trust the signatures I've signed, and whether to trust the signatures they've signed again).

Yes, there's room for infiltration, but it is vastly better than relying on central CA's for this type of usage, because it allows people you trust to contradict infiltrators.

You need a CA for TLS-secured comms between MTAs. Many MTAs are set up to do opportunistic encryption out of the box, but they won't be validating the certs they get, so there's no guarantees about who's got the private key.

Of course there's no need to rely on a central CA - it's not hard to run your own, and you can make it reasonably secure - say, a small ARM Linux board with passphrase-protected private keys on a removable SD card. Generating the keys in a secure way is perhaps a bigger problem - untrusted hardware RNGs, poor quality entropy after boot etc.

One can also keep a virtual machine CA on a hardware-encrypted USB device (IronKey, say, depending on your level of trust with Imation) - it's easy enough to bootstrap a tiny Linux distribuution from source with just OpenSSL and some utility scripts to issue & revoke certs.

You don't necessarily need a $5000 HSM solution to issue your own SSL certificates at this level.

> You don't necessarily need a $5000 HSM solution to issue your own SSL certificates at this level.

Well sure, I can issue them myself in a few minutes, the issue is that arbitrary mail servers won't be able to authenticate me. Which means we're means we're back to MITM attacks—better than plain text if the observer can't manipulate the data stream—but I wouldn't bet on it. Work with the assumption that the NSA is Mallory, not Eve.

How is that different to the web of trust between friends that the parent referred to?
The WOT at least provides some authenticity, but only for people you already know. If I want to email you and aren't part of your WOT, then it's as good as plaintext.
That still leaves the metadata exposed. to make this effective, you'd have to come up with something sort of like SMTP and something like Tor.
Ah. True. Metadata. Maybe e-mail in its current shape has run its course.
There is also https://mykolab.com that PJ now uses:

If you have to stay on the Internet, my research indicates that the short term safety from surveillance, to the degree that is even possible, is to use a service like Kolab for email, which is located in Switzerland, and hence is under different laws than the US, laws which attempt to afford more privacy to citizens. I have now gotten for myself an email there, p.jones at mykolab.com in case anyone wishes to contact me over something really important and feels squeamish about writing to an email address on a server in the US.

Wow. I completely missed that first time around. Good catch!
Want to keep your rights and freedom? It's time to act, now. History is full of great things going all the way down. Don't wait for the Superman.
> It's time to act, now

Suggested courses of action?

Tried and didn't work:

* voting

* not voting

* protesting online / offline

* writing about these issues, raising awareness

What options do we have left? Violence? Hopefully there's more.

It is in the little things.

But it is also in everything together. My rule is that if I protest, I write my congressmen. If I voted based on issues I wrote about I write them and explain my votes. I have at times gotten interesting responses that show I have sometimes managed to get folks to stop and think which is all one can hope to do.

But beyond that we need to do what is needed now. We need to get guaranteed secure email services going in nations which have strong privacy protections. We need to create networks of end-to-end encrypted voice traffic which use open source architectures designed for privacy. The NSA has handed the good guys one heck of a market. All that is needed is the time and effort.

In this battle, there is no quick win, no proverbial low-hanging fruit.

Never forget that by changing your actions, and your awareness, you are influencing other to do the same.

What about waiting for something drastically bad to happen? That'll wake people up, won't it? I think the issue here is that the US populace on average is much too complacent. People don't "care", they don't see how it affects them, etc.
There's a great podcast called Hardcore History[2] which has some significance here. There's a podcast titled something similar to "Justifiable Insanity" that talks about the end of WW2. People got into the mental trap of "Well, if we do something particularly heinous, they'll HAVE to surrender!". This lead to things like firestorms of Dresden and Hamburg, which had immense (esp. for the time period) death tolls.[0][1] So, be careful with the tactic of "Well, if something REALLY bad happens.."

[0]: http://en.wikipedia.org/wiki/Bombing_of_Hamburg_in_World_War... [1]: http://en.wikipedia.org/wiki/Bombing_of_Dresden_in_World_War... [2]: http://www.dancarlin.com/disp.php/hharchive

What country are you in? Because as far as I can see, there has not been much offline protesting (participation-wise).

And online protests are mostly useless. 10.000 people in the streets raise more attention than 10.000.000 facebook likes.

Governments are inherently prone to corruption and abuse of power. It is stupid to grant the single entity the right to proctect you, your life and your well-being.

What we need is multiple court systems, multiple police systems, etc. And what's more important -- the ability to freely choose between them. Just like you're able to choose Pepsi over Coke or to choose Google over Bing, or to choose one bank over another.

This isn't easy system to achieve, but mostly because a lot of people are skeptical.

More on this topic: http://mises.org/rothbard/newlibertywhole.asp

Teach people about client-side encryption.
As an IT professional I cannot honestly do this without going much further (like teaching them about using an Open Source OS instead of Windows, the dangers of modern hardware components like PCI NICs, BIOSes that may be remotely infected by malware/modified, keyloggers, TEMPEST, defeating Truecrypt, PGP, Bitlocker with memory dumps etc.), way out of scope for a normal person.

I don't think it's feasible for most IT-savvy people to access the Internet using commodity hardware (regardless of software) without exposing themselves to mass-surveillance or at least inherent weaknesses that may be exploited for that purpose at some point when secure client-side encryption becomes more widespread so that just snooping traffic at major backbones is no longer sufficient.

As a result, it would feel wrong to give people a false sense of security by teaching them about client-side encryption only.

What a joke. Please educate yourself about the history of successful social movements like labor rights, civil rights, environmental protection, etc.

The privacy movement has not even begun to begin what is necessary to change the law. For example: can you name the leading organization that works solely on privacy? There isn't one. The issue is only sort-of covered if you add up the partial work of a bunch of different orgs, like the EFF, ACLU, NRA, Emily's List, etc.

So: want to move the needle? Start an organization, raise many millions of dollars, collect thousands of contacts, and then run a big scary public and grassroots campaign. Give money to privacy-friendly politicians, and spend independent money to defeat opponents of privacy. Recruit privacy-friendly folks to run for local, state, or federal office. Take meetings with corporate, regulatory, and congressional staff to find folks who are sympathetic to the cause. Run privacy conferences. Pay people to write privacy blogs. Pick a nasty law and create a test case to get it into litigation. Etc, etc.

Now you might say "we shouldn't have to do that." And you're right. But: life isn't fair. Black people should not have had to risk lynchings in order to vote, but they did--and they did it. And they fought it.

good suggestions (I'd add HRW), but you could leave the disrespectful attitude aside. Instead of your first paragraph, maybe mention the publications of the Albert Enstein Institute (http://www.aeinstein.org/).
I don't see the necessity to play exactly the same game our political establishment is playing (raising millions, spin-doctoring, bribery) in order to beat the system from within. It may be one way to do it, but it's costly and seems extremely inefficient. Hopefully there are other ways to achieve something.

Frankly, I am unsure about your intentions for writing the above post. You insinuate that organizations like the EFF are not suitable to fight the fight for privacy. You make this look like a gargantuan effort to even get started. Are you trying to discourage people or have you just given up?

My point is that it is, objectively, a gargantuan, costly, and difficult effort to make a significant change to U.S. federal law. Wishing it was easier does not make it so.

My disrepectful tone was not nice and I apologize for that.

I just get so frustrated when I see people who seem unwilling to face that reality. Your comment above read to me like a hopeful programmer saying "I've read a few books and done some coding exercises but none of that seemed to create the next Google." (And yes, I am saying it is that hard to make big changes in the law.)

>Please educate yourself about the history of successful social movements like labor rights, civil rights, environmental protection, etc.

Given that the current context involves opposing government power, I'm not sure labour rights and environmental protection are relevant examples; both resulted in massive expansion of the effective scope government power.

Civil rights would perhaps be a slightly better example simply because what was being fought against were largely government creations (e.g., legally compulsory discrimination). And even then the civil rights movement had a visible violent side[1].

[1] http://www.reddit.com/r/Libertarian/comments/1ds5fa/a_march_...

Civil rights would perhaps be a slightly better example simply because what was being fought against were largely government creations (e.g., legally compulsory discrimination).

And the "solution" was to exchange these for other government creations, like the EEOC. Which on net resulted in a massive expansion of the effective scope of government power (not least because many of the previous government creations were at the state level, but what we have now is mostly federal).

Corporate boycotts. Massive, Internet-wide corporate boycotts. Corporate lobbyists influence/fund politicians so influence the funders.

See "Lawrence Lessig: We the People, and the Republic we must reclaim" (http://www.ted.com/talks/lawrence_lessig_we_the_people_and_t...)

What would the effects be from a flash boycott if X-million people suddenly stopped buying from a corporation? Someone could devise a model to calculate the effects and find potential candidates.

The SOPA blackout showed what's possible when the Internet organizes (http://en.wikipedia.org/wiki/Protests_against_SOPA_and_PIPA). Turn it into an Internet meme that empowers the people, and keep it going until the echo grows too loud to be ignored.

It would probably require the cooperation of a team of computer scientists, finance geeks, and social-marketing gurus to organize the campaign. Or maybe one clever hacker could pull it off.

See "Derek Sivers: How to start a movement" (http://www.ted.com/talks/derek_sivers_how_to_start_a_movemen...)

Rootstrikers: http://www.rootstrikers.org/ted_promo

(comment deleted)
Organize. It's the only course of action that has ever worked.

Voting/not voting/protesting/etc. are tactics that are only useful as part of a larger campaign, and as part of a large group committed to a particular goal.

There is this annual event "Freedom not Fear" which is about protesting against government surveillance - this year in Germany there is a huge coalition organizing demonstrations on September 7 http://blog.freiheitstattangst.de/

Hashtag: #fnf13

The pirate parties together with other organizations all over the world plan to join in. Spread the message and contact me if you plan to organize something.

For me, personally, this is much more sad than Lavabit shutting down. Groklaw was an icon, it has huge significance.

I do not know whether this - i.e. shutting down - is a good strategy in general. It raises some awareness, it might cause some change ... but what if change does not happens? What other means of protest will we have?

He's not shutting down to raise awareness, but because he feels unable to conduct the blog without feeling his communications with his readers are private.
She. I remain surprised by how often this mistake is made, given her name is on every page and the whole thing a few years back where someone accused her of being a fiction made up by IBM.

Also, I wonder what the other contributors she had given post privileges to think of this (I thought she had stepped down/away from some of the cases groklaw was covering).

(comment deleted)
My take away from this is she is doing it for her own sanity more than an act of protest. She isn't doing this with the thought that her closing down the site will help spur conversation or change minds but that she can't continue to live a happy, digital life and that the site can't function as intended with the current surveillance. She views privacy and intimacy as a crucial part of both retaining your own humanity and also a part of having a frank and honest discussion.

But I have to say, this is getting to me too... more than I would think something like this would.

Not only that, but also that she is, to some extent, responsible for also safeguarding the privacy (or at least anonymity) of people who contact her, and she doesn't feel that's possible.
How feasible is Freenet for email? We can use PGP today, but the metadata is available to all. But what journalists who need to communicate more anonymously that that used pseudonymous PGP keys - one per story, rather one per person, and posted encrypted messages on Freenet?
When you think about totalitarian internet monitoring, like the one the US seem to have, there's almost no point aiming for anonymity. Almost all sensible means are broken when you have deep levels of traffic interception in many countries.

The Tor Anonymity Router mentions the types of monitoring they attempt to subvert, and mention that full internet monitoring is not one of their design goals. This is simply because with any low-latency system, correlation between the entry and exit can be obtained. Similar attacks exist for networks such as Bitcoin for similar reasons.

> But what journalists who need to communicate more anonymously that that used pseudonymous PGP keys - one per story

In this case you run into troubles with authenticity. Without persistent keys being authenticated in some way (see "web of trust"), there's no way in telling if the person is communicating with a government proxy or the real target journalist.

That's the issue with the "encrypt everything" mantra, authenticity is stupid difficult to verify.

It's just non-feasible. Freenet is a distributed file/web database, not realtime internet.
Email does not have to be real time.
Maybe realtime was not the best choice of a word, but Freenet cannot handle email in any case.

Freenet is a global distributed p2p file database. Email does not fit that medium.

> Email does not fit that medium.

Why not?

Email can be implemented in a global p2p file database. Every "email" simply adds another file. Privacy can be ensured with encryption (as long as the encryption is not broken, at least). See existing Freenet message boards for an example.

It may not be Internet RFC821/822 (and subsequent standards) Email, but it is email.

What part of this will not fit the Freenet model?

How would you send the new file to your recipient?
The same way that message boards do this already on Freenet.

See https://freenetproject.org/understand.html.

Something like:

Publish a site using a USK (perhaps one per recipient), containing all encrypted messages sent recently. Update the site with an additional message when you need to send one. The recipient checks it for updates periodically.

I'm not sure if my understanding is inaccurate, but since Frost already achieves something like this, I don't see that it's automatically impossible such as what you seem to be inferring.

In fact, now that I look, there's: https://freenetproject.org/freemail.html

I'm dubious about the safety of using non-Freenet clients, but surely this demonstrates that it's possible to build a messaging system built over Freenet?

Yep, you're right.
(comment deleted)
Should be feasible with GNUnet [1] which has pretty generic foundations for implementing anonymous and secure peer-to-peer services. Think of an encrypted overlay network that uses addresses that cannot be linked to IP addresses and relaying transfer mechanisms that are hardened against traffic analysis attacks.

There seems to be research under way to get a messaging protocol built into GNUnet. Google turns up this pdf [2] for example.

[1] https://gnunet.org/

[2] http://rp.delaat.net/2012-2013/p88/presentation.pdf

I think Tor would be a better idea of what to try to emulate, but the full envelope (including envelope from) would have to be encrypted such that it would be decrypted at the end-point.

I think something sufficiently secure is possible for email. I think it would require a whole new set of protocols and approaches, and for some things (like voice) it is not.

(comment deleted)
A sad day indeed. The government has become "the terrorists".
The government has always been the terrorists.
White house and three letter agencies is the next "Al Qaeda"
When folks like Lavabit and Groklaw preemptively shut down because they cannot take the security & privacy of their communications for granted, it makes me wonder the converse: how are other companies that deal in sensitive information (patents, lawsuits, competitive bids etc.) dealing with it?

Have they resigned themselves to it? Are they devising new corporate communication policies that assume always-on surveillance? Are they thinking things will improve after this storm has passed?

I doubt many companies care about it.

My personal information for my apartment is stored on an FTP server and their offices use WEP encryption on their WiFI. They have a scan of my passport, every facet of information about me; if their storage was compromised it would be fairly devastating to their tens of thousands of clients.

Unfortunately I have no clout regarding the storage of this information, and no choice as to who I store it with.

(comment deleted)
So about botnet data, here is one NSA related company that deals with data the coders are jailed over, Endgame Systems[1].

"botnet-analytics package gets you access to a database of Internet addresses, organization names, and worm types for hundreds of millions of infected computers, and costs $1.5 million."

Folks like the industrious pj have much to worry about when 'outside channels' are made into a a for-profit process. Combine 'parallel investigations' with 'outside channels' with a healthy dash of money for the ringleaders and some for the heads of the companies they pay (Google) and you plenty of reason not to talk law or much else over Email.

It is becoming a desperate situation for noncombatants.

[1] http://wiki.echelon2.org/wiki/Endgame_Systems

Wow. Crazy.

PJ presents it generically, but I can't help wondering if that is for legal reasons and something specific has happened that cannot be told.

Either way, a tragedy - the world needs, right now, exactly people like PJ and websites like Groklaw.

From the way he presented it, I would be very surprised if there was anything specific that cannot be told.
she
In this case, yes. PJ being a woman is very well known and it irks me when people automatically assume that anybody that runs a thing as successful as groklaw has to be a guy without checking. If you don't know use a gender neutral word or check, it's simple.

It's not purity in language, it is paying basic respect to a person who is named several times in full in this thread.

> ... If you don't know use a gender neutral word ...

"it"?

"They" generally works, it's just not commonly used and so sounds a little odd. Try using "they" instead of instead of "he" and "her" for a few minutes to see. It works.
I think you're brilliant, but I don't know if you are right here. PJ is a private person, kept her name out of the blog for a long while, and I've never seen her make an issue of her sex. This error is made frequently in the Groklaw comments, and I haven't seen her correcting them. While disputable, it's not clear to me that it's more respectful to correct an irrelevant factual error than to follow the authors lead.

The "basic respect" part is tricky. While getting this correct may imply more respect, it also reinforces the idea that the difference is relevant. For example, if she was identified as "Miss Jones" and you happened to know that she was married, does it merit a correction to point out that she is actually "Mrs. Jones" to show proper respect to her status as a married woman?

Hofstadter skewers this in one of this examples: "Ble conveniently sidesteps the fact that there is a tradition in our society of calling unemployed blacks 'Niss' and employed blacks 'Nrs.' Most blacks --- in fact, the vast majority ---prefer it that way. They want the world to know what their employment status is, and for good reason. Unemployed blacks want prospective employers to know they are available, without having to ask embarrassing questions. Likewise, employed blacks are proud of having found a job, and wish to let the world know they are employed."

I don't have an answer, but thought you might enjoy thinking about the issue in the context of Hofstadter's article.

I'm not sure what point you're trying to (obliquely) make, but the fact that you're bringing up that essay in response to someone correcting an incorrect pronoun makes me suspect you've grossly misunderstood it.
Hofstatder's paper doesn't just add linguistic specifiers for race, it also removes their significance for sexual differentiation. Hofstatder demonstrates the insidious effect of forcing the use of sex specific terms in cases where sex is not relevant.

In Hoftstadter's scenario, assume that that PJ had been misidentified as the "author" of the piece. Would it be a good impulse to correct the mistake and point out that she is actually an "authoroon"? I take Hofstadter to be arguing that rather than being more precise with our he's and she's, we need to move beyond them.

(comment deleted)
While I understand her (1) personal reasons for shutting down Groklaw, this is an extraordinarily bad decision for privacy and democracy.

In the last few weeks quite a few providers of private communications and/or freedom (for some definition of freedom) have shut down. Lavabot, Freedom Hosting, etc. If the US could shut down The Guardian they would.

This leaves fewer and fewer secure channels for private communication, and less and less information about what is actually going on.

This is an incredibly dangerous road to walk down, and is akin to the Intelligentsia leaving Germany in the 20's. We all know how that ended.

(1) edited his to her - thanks for pointing it out rolux

> While I understand his personal reasons

pj = Pamela Jones

But yeah, it's devastating -- especially when it comes just one day after a editor of the Guardian states that they can no longer report on certain topics from London.

It seems like we need entirely new communication protocols.

> we need entirely new communication protocols

Whole new enforcement of privacy laws, you mean?

No, I mean protocols.

While elsewhere in the comments, there is the sentiment that "you can't code yourself out of this", my hopes of voting myself out of it (or otherwise "fixing" a system, as if it was just accidentally "broken") are much lower.

(But note that "protocols" may also have non-technological components.)

Its a subject I keep an eye on, e.g. freenet and off-the-record messaging.

I think these systems cannot work :(

If you can make a system that is immune to traffic analysis - http://williamedwardscoder.tumblr.com/post/54088903127/onion... is my own blog but I'm about to shoot it down - then you basically have an open router and the spam abuse that implies.

Any reasonably anonymous system will collapse under the weight of abuse :(

Just two points:

- That's why I prefer to think about protocols, as opposed to a system (i.e. global implementation of one or more generalized protocols)

- You don't always have to solve the problem theoretically; solving it practically may be good enough. A system can be usable for a long time, before it collapses under abuse.

Its not as though we don't have a spam problem already…

Freshly pulled-out-of-the-air suggestion – anonymous but requiring micro-payments. Say, 500 or 1000 satoshi (around a tenth of a cent) per message delivered – not as a means of generating revenue, but as a way to destroy email's current "if I only get one sale per 100,000 emails I send, that just means I need to send 10,000,000 emails a day to get my desired 100sale/day" vulnerability - if that actually cost the spammer $10,000/day, it just wouldn't happen.

('course that required having hard currency to bitcoin exchanges easy enough for the general public to use, and scalable enough to service a significant proportion of internet-using people)

>Freshly pulled-out-of-the-air suggestion

That's not fresh. I think it may have even been entertained by Congress for a while.

Your final statement here is not true. The way in which you keep anonymity with an onion system is as follows: 1. Use a central originating server for onion packet sourcing 2. Make it public who all users are 3. Have onion packet creation contain "token of receipt" for all messages along the chain. 4. Rate limit message origination from users 5. Ban users who refuse to forward encrypted packets at a steady rate 6. Only allow small message sizes ( 10k ) 7. Have all online users constantly originate "bogus" packets to random users 8...

I am currently writing such a system. Some details up at circleofdistrust.com in about a month or so.

How do you rate limit users? Are not originator traffic and pass thru traffic indisquishable, so a receiving peer cannot tell the if a node is just well connected and has a lot of traffic on behalf of others, or is an abuser?

And how to measure forward rates?

There are two types of nodes in the system, "servers" and "users". All servers communicate with each other so that they are all aware of all existing "servers" globally. There will likely be a limit on who is allowed and authorized to be a server. ( likely a list of their public keys published to the main site for the project )

All packets must be hashed and authorized ( signed ) by the server before they can be sent out. Any packet not authorized by a server will be rejected. In this way, servers will rate limit originating packets.

The traffic is distinguishable because the onion layer is identified at each level. If, after unwrapping your layer, you discover the underlying "level" is not 1 less than your own informed level, the ip origination will be flagged back to the server for spamming.

Current estimate for number of onion levels is 100. Actual destination should be somewhere in the middle 60 or so, to prevent government tracing of the packet because all hops.

At each hop, random delays will be implemented, as well as injection of extra data and/or disguising the entire packets as other forms of tcp communication. ( to prevent dropping of the packets through filtering )

The "servers" know that users are sending out origination packets at a specific rate and to whom, but nothing about the layers beyond the first. Additionally, the entire onion packet is never sent to any server, only a hash of it with specific other information. This way, "servers" can never be accused of harboring illegal data of any sort.

Forwarding rates are measured because each onion layer containing a "message of receipt" that is sent back to the server. The server receieves all of those from the originating user before approving the onion packet.

The only think attackers of the system could try to do is attempt to DDOS users of the system. This is prevented inherently by it being known at all types all users logged into the system ( this is public knowledge in the system ). Communication is only allowed from valid behaving users.

It would be great if you could share your thoughts about this earlier.
If your laws are being ignored by institutions in power, you have bigger problems, and you can't code your way out of each one fast enough.
>While elsewhere in the comments, there is the sentiment that "you can't code yourself out of this", my hopes of voting myself out of it (or otherwise "fixing" a system, as if it was just accidentally "broken") are much lower.

So you intent of fixing just a small point of the whole mess (the surveillance thing) and not the overall mess (bad governments, something that affects 100% of our life and countries)?

Not to mention there is nothing to fix this way. Everything can be outlawed, including mere use of unlocked general purpose computers as a non authorized professional in, say, 20 years time.

No, I'm just saying that working technology (like general purpose computers as affordable consumer goods) may be harder to ignore than "the voice of the people".

(In Philosophy, you'd call this position "materialist", I assume.)

"Everything can be outlawed, including mere use of unlocked general purpose computers as a non authorized professional in, say, 20 years time."

I think that genie is well out-of-the-bottle.

Did you see the article recently about installing linux on the microcontroller on a hard disk controller board? There's no end of "consumer electronics" that have "general purpose computers" inside them. Hell, I'm helping out some people deploying christmas lights with a half-gigahertz ARM Linux board with wifi as a controller. (hardware details here: http://dev.moorescloud.com/2013/07/06/holiday-hardware-is-op... if you're curious). They've shipped over a million RaspberryPi's in the last 16 months - they're mostly still going to be useable in 20 years time, and between now and then pretty much every toy,appliance,car,tv,phone,coffeemachine,whatever is going to contain something capable of running linux...

Fertile ground for David Suarez' Daemon...
You need to fix both of course. The broken political situation needs to be fixed, but communication protocols need to be improved too.

And of course, as long as the current political situation in the US lasts, cloud services in the US cannot be trusted. Run your own server, or use a server abroad.

Popular movements have accomplished incredible things over the centuries, and almost none (I'm hedging, I want to say there were none at all) of them were achieved by ticking a box on a voting form. The level of repression in the West today, while certainly not at its lowest point ever, is still lower than it's been for much of the past century.

It's easy to feel helpless and isolated, to feel like you can't do anything because the government is so big and you're so small. Realise that this feeling of helplessness is not based in reality. It is fostered; not by some kind of global conspiracy between government and business, but because it serves the interests of powerful people and institutions everywhere. There is no need for them to cooperate, for them to get together in shady backrooms to decide how next to disempower you. Their interests just happen to align.

But that isolation is not something you're forced into. You can break free. It's not easy, but if people suffering under military dictatorships can do it, then in our (still) relatively free society, we can do it too.

Anyone who feels like this should read Howard Zinn's A People's History of the United States. I'm rereading it these days (relistening, actually), and while it's certainly not perfect, you'll get a lot out of the shift in viewpoint.

I think we need to press hard on all the above (and below). Code, vote, protest, move money, organize people, &c.
> It seems like we need entirely new communication protocols

How about new government - one that isn't broken and tramples on all of our civil liberties? The first step is to dismantle the military industrial complex

> The first step is to dismantle the military industrial complex

Yeah that'll happen

BRB building cover for drone attacks.
in order to dismantle the MIC, you first need equivelent or better millitary power. How else do you do it?
Obama continues to push hard to steal what little privacy rights US citizens have remaining. He is openly hostile about it, and lies about it constantly.

Am I exaggerating here? The scary thing is I'm not. He's not done. It's going to get worse.

What is even more scary is that we have been in freefall in this regard mostly since at least Nixon signed the Banking Secrecy Act.

This was followed by Carter signing FISA....

Regan followed, signing among other things legislation to allow the military to enforce drug laws domestically as an exemption to Posse Comitatus. This meant that the military was involved in surveillance at both Ruby Ridge and Waco, and also directly provided military equipment and in some cases personnel to these operations (in addition to Navy SEALs raiding crack houses in some cities).

Then came Clinton and things got worse again with the Anti-Terrorism and Effective Death Penalty Act and some other laws.

Then came GWB, no further comment required.

And now we have Obama.

Whoever we elect screws us. That's the truth.

The purpose of elections is to give the populace the false idea that they have a choice. If they could actually change anything, they'd be outlawed.
What you can use elections for is to extort policies from elected officials. The problem is that means being willing to vote for the greater evil if you don't get the things the country needs and our country is unwilling to enter into that mentality.
I think you're missing the point that the actual important policies are not up for debate and are agreed to by both sides before the two winners are picked for us to vote on. All the electorate gets to decide on is meaningless stuff. Both candidates will always want the elimination of privacy, destruction of the middle class, complete subservience to wall street, etc. The electorate gets to decide on unimportant stuff like the skin color of the winner... it doesn't really matter because either winner will implement the same policies, although perhaps with slightly different PR campaigns.

A fundamental impedance mismatch is the public wants/needs policies. However they're only allowed to vote on two hand picked two sides of the same coin "leaders", not the actual policies. The "winner" is the candidate who tells the best lies about policies, which will of course be forgotten after inauguration, and both are going to do the same thing anyway so it doesn't matter very much which wins.

That's why voting is the final act of a series of political actions, and merely should be cast as an up/down "keep this guy" vote without looking too close at the alternatives.

We have to take over the conversation and stop listening to the challenger. The challenger doesn't exist. It is up/down on the incumbent.

I fail to see the point of that. By definition, both the incumbent and the challenger were hired by the same political action committee to achieve the same outcome by using different PR techniques.

Your suggestion is that the general public should slightly modify how they select which lie is told to them. The result will be they'll be lied to slightly differently, and no change in actual outcome.

With enough money, and it'll take a lot of money, the public could purchase their own candidates... That would be interesting, although unlikely. And there's an awful lot of intentional divide and conquer PR work already in place to prevent it.

Once wealth inequality and income inequality exceed a certain level the system spirals out of control until it crashes and reboots. In that scenario the most sensible way to limit total overall human suffering is to floor the accelerator and encourage the process, rather than hold it back, so it crashes quicker and we get back to normalcy sooner. Given that background, a lot of current events suddenly make more sense. Look at federal reserve policy, or pretty much anything in contemporary politics.

Although people often bemoan political apathy as if it were a grave social ill, it seems to me that this is just as it should be. Why should essentially powerless people want to engage in a humiliating farce designed to demonstrate the legitimacy of those who wield the power? In Soviet-era Russia, intelligent people did their best to ignore the Communists: paying attention to them, whether through criticism or praise, would only serve to give them comfort and encouragement, making them feel as if they mattered. Why should Americans want to act any differently with regard to the Republicans and the Democrats? For love of donkeys and elephants?

EXCERPT FROM

Orlov, Dmitry. “Reinventing Collapse.” New Society Publishers, 2011-04-06. iBooks. This material may be protected by copyright.

I used to disagree with you and Mr Orlov, but there is a point where apathy is the correct response because it frees up energy to build a better future through other means.
The funny thing is that FISA was originally intended to curb the intelligence abuses that had come to light earlier in the '70s, in which phones were tapped, and international telegrams seized en masse, with no legal authority whatever. It doesn't seem to have been effective in that regard even before it was effectively gutted by the FISA Amendments Act of 2008, but it's still not quite of a piece with the stuff that came later.
I don't think that it's useful to be talking about Obama specifically. Before Obama there was Bush Jr, who was the sitting president when most of these programs were put in place. It should be clear now that it's not one specific President, or one specific party, but the whole political class that has been corrupted. Thinking things will get better at the next election will absolutely not help things, unless the issue du jour of the next election is privacy, and the new president chosen based on their commitment to privacy. Even then it's not sure whether such a President could successfully make meaningful change.
I lot of people were hoping Obama was the start of a new direction. I'm now hoping he'll be the last of the old direction. The big problem to solve is: how do you elect someone different? As long as the two parties get to decide who American can elect, democracy is a hollow gesture. And the media are all in the pocket of the main parties.

Honestly, it seems like only Al-Jazeera US might be the only independent news station.

how do you elect someone different

Start by being intellectually curious about the person, who he is, what he has done on the past, what philosopies he is associated with. Quit labeling people who try to do this as wingnuts or racists or employing other logically fallacious arguments to try to shut down debate.

"lot of people were hoping Obama was the start of a new direction"

Anyone who thought that wasn't paying attention, of course, but it's not like that's a new thing.

And it makes sense: it's not like your vote is actually going to do anything, so why bother paying attention? Just go vote if you remember, and pick the guy with the letter by his name that you voted for last time. (Can look up Ilya Somin's writings regarding "rational political ignorance" for more on that.)

"As long as the two parties get to decide who American can elect,"

No, its one set of political campaign donors, not two parties.

One set of donors, hires two competing PR firms masquerading as political parties, to implement two different messages aiming at the identical goal.

Its relatively effective and stable as a technology for social control. Its also effective at benefiting the people who are running it, which is obviously not the general public or humanity overall or the environment or pretty much anyone but a couple 1%ers.

> I lot of people were hoping Obama was the start of a new direction. I'm now hoping he'll be the last of the old direction.

As long as people are hoping for some politician to deliver them from government unaccountable to the people, its not going to happen.

> The big problem to solve is: how do you elect someone different?

Elections are important, but they aren't everything. More needs to be done to think about "how do we effectively hold those we do elect accountable".

> As long as the two parties get to decide who American can elect, democracy is a hollow gesture.

To the extent this is part of the problem, it is probably more tractable if you realize that it is a problem effecting many elections, isn't amenable to a quick one-step fix, and that elections to the Presidency aren't the best place to start.

(comment deleted)
We -- all citizens of Western countries -- should seriously stop voting altogether. And I mean full stop. When the next election comes, nobody votes. That'll destabilize things right quick.
I think it'd be too difficult to execute this plan.
Not ever going to happen. All you've accomplished then is abdicated your vote to people who did.

Would be more realistic to elect a third party, meaning someone who is not part of the corrupt R/D duopoly.

More pragmatic would be to vote anti-incombant regardless of party until things change. Let the elected officials know that if they want a second term, they had better cooperate.
most people in the US already don't vote, and look what that has accomplished ...
There is no "we", but I also disagree that it would "destabilize things". I think that after a brief initial upheaval, it would stabilize things to a great degree, and in a positive manner.
It is a curious quirk of psychology that a single vote for a two major parties is considered to matter, despite being guaranteed not to sway the outcome, while a vote for a third party is considered "wasted". And even curiouser, choosing not to vote at all is considered the more rational option.

Here's hoping that the people eventually figure out that instant runoff can be implemented state-by-state.

"Here's hoping that the people eventually figure out that instant runoff can be implemented state-by-state."

I prefer approval, but hey, your state can have IRV and mine can have approval and thanks to the electoral college that doesn't break things!

Unless we're in the same state, in which case we'll have to agree on something I guess.

Unpack "approval" for me?

Honestly, I'm in favor of any modifications to winner-take-all. "None of the Above" would be a major win for the protest vote, with a huge meta-electoral effect even if it never wins. And while it would boost morale and turnout for presidential years, the real effect would be seen if we elected Congress that way as well.

http://en.wikipedia.org/wiki/Approval_voting

Basically, you check yes or no for everyone, and the winner is the one with the most "yes" votes. Less expressive than IRV, but also simpler to understand and tabulate.

Belatedly: thanks for sharing. It does seem an easier sell, because the counting process is so easy to understand. It's not as favorable to third parties as IRV, because "[X] Minor [X] Major" obviously doesn't carry as much weight as "[1] Minor [2] Major", but at least it still kills the spoiler effect. While IRV seems more "pure" in an information theory sense, Approval is elegant in its simplicity.
That's mostly my views as well, yeah. There are a couple (narrow) weird cases with IRV, too... but IRV is unquestionably a tremendous improvement over FPTP.
"the real effect would be seen if we elected Congress that way as well."

Elaborate on that a bit - I know it's popular to say that Congress has a low approval rating, but no one votes for "congress" - they vote for their congresspeople, who typically have high approval ratings. There may well be other effects I'm not spotting, though...

> Here's hoping that the people eventually figure out that instant runoff can be implemented state-by-state.

Here's hoping that people eventually figure out that better voting systems can be implemented state by state, including non-single-winner systems where appropriate (e.g., legislative elections), and single winner systems better than IRV (which is pretty much the preference voting system that does the most to preserve the problems of majority/runoff) for the places where single winner systems are still needed, as might be the case with executive elections (or not, if you reform more than just the election system.)

Add a third option on the ballot for re-doing election with different candidates:

"Dont like either of these two (expletive) - come back with better ones".

If this option comes tops in the election, both parties pay a percentage towards the cost of next round. Can't say their donors would be very happy if this shit goes on for months. Oh my god, how will we function without a government? Well, its not like the government we chose is doing/gonna do all that better.

Atleast it'll slowdown most of the shitty laws that get passed with alarming efficiency.

Sadly, I think this is part of our problem. "Obama".

Attaching his name to this just makes it so that we all vote for a Republican next year, congratulate ourselves for getting rid of the guy who loved spying on us all, and everything stays exactly the same.

I'm not trying to defend him or say he is blameless here. I'm saying that it's bigger than who is in the President's chair at the moment, and I wish we could think about these things in a more systemic way.

Exactly. The problem is so far beyond partisan now that people still framing it in terms of "Bush" or "Obama" have the blinders on.

The problem is systemic and cultural, the federal bureaucracy is more influential on elected officials than elected officials are on the federal bureaucracy, at least in matters of intelligence and national security.

Every politician elected into this system faces extraordinary forces of compliance, and only a few on both the left and right (Wyden, Paul, etc) seem able to resist.

I made the same mistake WRT pj's gender. Read groklaw for a long time before noticing.
> If the US could shut down The Guardian they would.

That's stupid. Of course they wouldn't. They would require them to stop reporting on the security state. But that is vastly different from shuttering them all together.

The Guardian certainly performs a public service in a variety of other domains (from which the government can and does benefit). The security state just doesn't want the press banging around in their domain.

Let's not let the hyperbole get away from us here.

Even better, would be to have them report favourably or obtusely instead of shutting them down. I fail to see the hyperbole here... just a difference of method.
Shuttering a press outlet is a different thing in kind than what is happening right now.

The US is not Zimbabwe or Burma or Jordan. It has its serious flaws and issues that need to be addressed, but we shouldn't mistake the kind of creature that we are dealing with. Making that mistake will lead one to seriously misunderstand what the interests and possible courses of action that western governments will pursue.

Also, if one wanted to be really crabby about it, it's kind of disrespectful to all of the journalists who paid with their lives to contribute to the civic sphere to equate pervasive surveillance (as serious and insidious as it is) with the pervasive fear of physical harm and death that some journalists face.

Marcela Turati did a terrifyingly good job of conveying the price that Mexican journalists pay at the Investigative Reporters & Editors conference this year. If you really want to get a sense of that, you can watch the video here: http://ire.org/conferences/ire-2013/keynote/

Intimidation, confiscation/destruction of property without due process, invasive surveillance and retention under 'terrorist' laws for family of journalists is a difference of degree than what happens in Mexico.

I hold the liberal Western governments to higher standards though, and see the difference in degree as being eroded more easily than you suggest.

You're still falsely equating. Even if it were a slippery slope along a line, it's still a line. Not all of the points are directly adjacent to each other.
Let me try and phrase this in terms that aren't loaded such as 'slippery slope' or rhetorical geometry.

I believe in the importance of a free press, and recent developments are troubling and lead to understandable concerns about the ability of ordinary people and journalists to discuss, report on, or investigate without undue duress, potential criminal activities by rogue agents exceeding their mandate as proscribed by their democratically elected governments.

Since we weren't allowed to say it when it was relevant, and the point was muddled and trampled on in pseudo-rational debates (“Can you find evidence that they’re abusing this new legislation?”, etc.), I'll go ahead and say it now: it's happening.

There's still a big world outside the Internet, and yet ironically, we live in a world where some employers are so stupid that they won't hire someone without a Facebook, making the abuse and surveillance of Internet more relevant than it needs to be.

I find it hilarious that in most of the threads I've read on here for months, that people who have actually lived in oppressive regimes say that the US is at least displaying a likelihood of being on the slow descent to Hell, while people in the US are quick to point out that it's still fine because we have elections and we aren't being forced out onto the streets and shot in the back of the head.

Read any book on history, strategy, authoritarianism or "real" conspiracies and it's abundantly clear that the best way to control a population is to analyze and manipulate the information they consume; I will not be surprised when we find out in 30-50 years that the tech companies were not only complicit in passive surveillance, but in active manipulation to control public opinion and perception.

Further, people self-actualize and learn to evolve to higher ideals, so once you debase intelligent debate/freedom of expression and make every personal detail of a person's life that passes over an electronic medium open to dissection and survellience, you debase the minds of the people as a whole and open the door to committing worse atrocities.

It's actually less difficult than it was 50-100 years ago to control public opinion. Before, you'd have to burn books and control every major newspaper and broadcasting corporation. Now you can just astroturf on Reddit or Twitter, or edit Wikipedia is subtle ways, and have the same effect.

> best way to control a population is to analyze and manipulate the information they consume

That brought back a quote from a past: "He who controls the past controls the future. He who controls the present controls the past."

I had to look it up to get the exact wording right. Was only half surprised that it comes from Orwell's 1984.

Agreed. Some time ago on HN: Law firms forcing online newspapers to delete older articles. No one cares, it's old news right? Step by step they're changing history.
That implies you have not read 1984. You should.
Oh, I have. It's just far too long ago, and I had the misfortune of reading a translation. A bad one, at that.

So I couldn't place the quote. I just knew it from different context.

Much the same way it took me years to find a quote that my gradeschool math teacher used and which had lodged itself firmly in my brain. Namely: "To study and not think is a waste. To think and not study is dangerous." - Confucius

I like the Confucius quote. There IS a certain danger in taking shortcuts in your thinking. It's probably best to use shortcuts anyway when in discovery mode, but then to check those shortcuts rigorously.
Ha! Almost like "Trust, but verify" :)
Kudos for this accurate and relevant Confucius quote, it is rare nowadays.

In fact, reading this guy's Analects, you'd find a mine of secular wisdom aphorism that sound obvious but are all the more urgent to remember by the times running.

  There's still a big world outside the Internet, and yet ironically, we live in a world where some employers are so stupid that they won't hire someone without a Facebook, making the abuse and surveillance of Internet more relevant than it needs to be.
You know what's my thought towards such employers? A big fat FUCK YOU! Those are companies, where I rather collect unemployment benefits than ever working one day for such an outfit.

The same sentiment is extended to any service, which requires me to have a Facebook (or any other social media) account.

Right, right, but for everyone that isn't a lean rockstar Node ninja programmer agile kanban expert--e.g., most of the population of the United States--it is far, far too easy to weigh going hungry against getting a "harmless" Facebook profile.
No programmer is going hungry in the US.
Was anyone here speaking exclusively about programmers?
Yep, for those of us who can read, the point of the comment was that not everyone has as many options as programmers.
Replying to myself as this could have been misunderstood: programmers are not going hungry in the US, and yet, comply with things they may consider unscrupulous. We shouldn't, even if we were starving, but that's a tall order for most human beings.

I'm not intransigent, but I try not to redraw the line of how low I'll go according to context.

> the best way to control a population is to analyze and manipulate the information they consume

The comparison that some have made between the US Government and Stasi is more accurate than you think, with regards of Zersetzung:

> By the 1970s, the Stasi had decided that methods of overt persecution which had been employed up to that time, such as arrest and torture, were too crude and obvious. It was realised that psychological harassment was far less likely to be recognised for what it was, so its victims, and their supporters, were less likely to be provoked into active resistance, given that they would often not be aware of the source of their problems, or even its exact nature. Zersetzung was designed to side-track and "switch off" perceived enemies so that they would lose the will to continue any "inappropriate" activities.

Source: http://en.wikipedia.org/wiki/Stasi#Zersetzung

Data mining is a very interest challenge and represents a major step in large-scale computing technology, but it pales in comparison to data manipulation.

Imagine for a moment if the intelligence-surveillance apparatus were redirected outward: methods used for parsing human communication would be re-purposed for disseminating seemingly-human propaganda. Who you're responding to on Twitter, reddit, or HN may not be a person.

Imagine for a moment if spammers were quite a bit more convincing in their emails, and that their poor grammar and spelling were improved.

(comment deleted)
While I see the potential for "Zersetzung", it just doesn't scale as well as mass surveillance.

If your communication (and location) data is stored by US companies complicit with programs like PRISM, and there is no hope that this data will ever be destroyed, then that's enough to make you communicate (and move) a lot more cautiously.

> once you debase intelligent debate/freedom of expression and [...] you debase the minds of the people as a whole and open the door to committing worse atrocities.

see: the cultural revolution

I'm not saying things are good in America right now, but I think our problems are due to my fellow citizens, not some evil cabal of overlords. If we're all gonna steer the plane into the ground, well, I wish we wouldn't, but from everything I see we are doing this to ourselves. We went crazy over terrorism, and we didn't come back.
If 75% of the polled public believes that linking minimum wage to the cost of living is a good and correct thing, and legislation continues to be passed attempting to lower or inhibit raising minimum wage, who would you suggest controls the legislation? It's certainly not the 75%.
We went crazy over terrorism? Who's we? Am I part of the we that helped pass the PATRIOT Act (which was an Act of Congress) without reading it?

Am I the one who pitched Saddam's Weapons of Mass Destruction to justify an invasion of an irrelevant country that resulted in ~125,000 dead civilians?

Am I the one who has been helping build the system that has devalued an American college degree to the point of worthlessness? Did I decide to over-advertise the college experience to impressionable kids? Did I decide to give more student loan money to college students? Did I decide to raise the cost of my university to account for said federal dollars that I can now obtain out of greed?

Of course there's a bleeting majority supporting all of this. They're, like all citizens in a democracy, only as good as the media they're fed: http://fsi.stanford.edu/publications/how_to_subvert_democrac...

But many of the policies and actions are coming from a higher-level than your average citizen.

EDIT: However, I agree that the stupidity and apathy of the general populace is at least partly to blame. The people who know what's up ahead of time aren't confident enough to act until it's obvious, in which case it's usually too late. The rest just don't care and assume someone else will solve the problem. Further, following trends and the subsequent inability to make it through a turbulent or confusing time without devolving into mass panic and animal-like behavior is also a problem.

(comment deleted)
Holy crap. Groklaw? I'd never for one second thought that the fall out from the NSA debacle would reach so far as to cause Groklaw to be shut down.

PJ feels extremely genuine here, she is definitely not using this as an excuse.

Wow. There is something very unhealthy in the air or in the water these days. Lots of people seem to be totally immune to the consequences of rampant surveillance and frankly bizarre powers executed by the current set of governments. And all that in the name of the war on some nebulous entity that could not even capitulate if it wanted to (and that's assuming such central command and control even exists).

2013 is fast shaping up to be a year of notoriety, so many things happening in so many places that are all linked to governments overstepping their powers.

Who would have thought 20 years ago that we'd see US whistleblowers hiding in Russia of all places. That there would be meaningful comparisons drawn between the Russian government and the UK government when it comes to dealing with the press, that we'd see torture committed by the people we routinely thought of as the good guys.

It's a weird world we are living in at the moment.

Since comments are turned off there:

Thank you PJ for all the extremely hard work and the dedication. A lot of good came from this, I'm quite sure that there were some cases where both the plaintive and the defense were spending as much time reading groklaw as they were reading their email. It certainly counted for something.

Seconded. I hope you read HN PJ!

Thank you, PJ, for the invaluable and remarkable work you have done for the FOSS community and, as a consequence, wider society in general over the years. On a personal note, thank you also for helping me with some research for a paper I was writing a couple of years back even though you were a busy person.

That 'something unhealthy' is called privilege, and most people assume that it will protect them from government atrocities.

Little do they know that privilege is given at the behest of the oppressor, and can be revoked instantaneously.

I suspect that US tech companies who are complicit in dragnet surveillance - and PRISM specifically - are already understanding this.

> I suspect that US tech companies who are complicit in dragnet surveillance - and PRISM specifically - are already understanding this.

Absolutely. Just as 2013 is the year where "ordinary people" have begun to understand that "the cloud" is a scam.

(And that is doesn't make that much of a difference if they store their data with Google, Apple, or directly with the NSA. If the blueprints of PRISM can't be kept from leaking, then subsets of the actual data will leak as well. Five or ten years from know, you'll have a huge grey market of -- medium to low quality, outdated, etc. -- surveillance data.)

There's no evidence the blueprints of PRISM were leaked, just training slides for analysts. There's also no evidence that actual surveillance data was leaked.

This particular slippery slope argument seems weaker because one would expect the government to place tighter controls on the data or the blueprints.

I was using the term "blueprints" colloquially, meaning "plans" or "details". Quite a few of the leaked slides are exactly the type of material that one would expect the government to have "tighter controls on", compared to petabytes of mostly useless data.
I disagree. Training documents are meant to be shared to a much wider audience than the developers of the system. Data coming from the system is meant to be used in a report.
If no actual surveillance data was leaked, though, that's likely because Snowden is an idealist. It seems that he had access to that data. If the next leaker just wants some cash, things could change. (Or, hell, maybe the previous leaker--maybe spy is a better word here--who didn't get caught because s/he didn't go public, or was purely the victim of an ultra-sophisticated phishing attempt!)
Which is precisely what I was hinting at. The idea that the NSA would be capable of keeping this data absolutely confidential is ludicrous. And that's why in the future (most likely already today) it will be relatively safe to assume that there are other parties, be it individuals or organizations, that have access to some aspect of your private communication.
At this point, you and I are just speculating on which outcome is more likely. I'm arguing there are probably significant data controls. You're arguing that the data was accessible but not leaked because he was an idealist. Until there's evidence pointing either way, this is just speculation.

I would argue that the most direct way to prove the extent of spying would be to actually expose the data that was gathered. Therefore, after weighing the privacy of the unfortunate soul versus demonstrating to the world the power and pervasiveness of this system, he might have an incentive to leak the actual data, if he had access to it.

Just as 2013 is the year where "ordinary people" have begun to understand that "the cloud" is a scam.

And the year when we understand that we are all lemmings. I remember the 90s when people were afraid of putting their credit cards on ecommerce sites, and now they put their whole lifes and assets online.

My hope would be that at least corporations are not lemmings.

For a non-US company that does anything remotely sensitive or competitive on an international level, it's simply insane to use, say, Google's cloud services.

I don't know to what extent Google depends on foreign corporate clients -- but I'd be surprised if this wasn't something they were very seriously concerned about.

(And the recent revelations about the NSA are really just the icing on the cake. If there is high demand for some confidential data, it's likely that there will be supply.)

The beauty of corporations is that they are still accountable to a much greater degree than than the NSA. Those who run Google have a fiduciary responsibility to shareholders. Up until a few months ago this always meant to many that if there was anything fishy going on at Google that they would quickly resolve the problem by firing the individuals guilty of any transgression and quickly instituting security policies to make sure something like that doesn't happen again. After all, individuals can mount class action suits, as can shareholders and the FTC or other some other regulator can come down on them.

The problem with what we discovered a few months ago is that the government can use fiduciary duty of the officers of these companies against the companies and they can do so in a way that guarantees that the executives won't talk about the abuse. They made demands for access and every corporation in the world knows that when push comes to shove, you don't want to piss off any organization that can unleash the IRS on your bookkeeping. And if someone does push back, its possible that there were additional threats of jail time for obstructing justice or contempt of court. Add to that the ability to gag anyone with an NSL and you have a situation that is wide open to abuse.

Unlike corporations, the people don't really have real recourse for transgressions of the NSA, CIA or LEO in general when it involves secrets that we are not privileged to, especially not any recourse within the capabilities of the common man (unless you are a common man within those institutions and you're willing to give up everything to whistleblow). Most attempts to sue get thrown out on state secrets grounds. All we have left is the ability to vote, but its pretty clear from some of the facts that that is unlikely to make any difference for most voters since the only people who knew what was going on were on the intelligence committees and even then both the ICs in both houses and the FISA court have admitted that they don't have any real oversight.

Facing this reality, I'm not entirely surprised people like pj at groklaw and ll at lavabit are checking out.

"Just as 2013 is the year where "ordinary people" have begun to understand that "the cloud" is a scam."

Disagree. So-called "ordinary people" don't really know or care about this issue. They care that "hey, my phone calendar syncs with my Google calendar!". They care that "hey, I can listen to my music on my computer, my phone AND my tablet". They care that they don't have to worry about backing up some things (Google Docs / Microsoft Office 365). They care that their pictures can be accessed by their friends without having to attach them to email. No average person is running away from the cloud for this reason--they're running towards it because overall, they still feel it makes their lives easier.

This, sadly, is the ultimate truth. We may have already lost this battle for one simple reason: the average person is too apathetic to care what their Government is doing to them.

Its not "By the people For the people" anymore. Its By those in power (who aren't elected, by the way) For those in power.

When hasn't it really been like that?
I agree. I start getting wound up, only to be gently reminded by my wife that just because I am only now discovering it for myself does not mean it hasn't been there all along...
> So-called "ordinary people" don't really know or care about this issue.

In one sense, they're right. For the most part, they really don't have anything to hide except maybe a few naughty pictures taken at a less-than-sober moment.

What people don't get (and I do not claim to be an expert, just a cynic) is the ability for others to take two pieces of information and form a previously-unthought-of conclusion. They aren't mean, nasty or suspicious enough to even think that is a possibility.

I still hew to the idea that this isn't a technical issue. We can come up with all kinds of secure protocols and systems until we're drowning in them but it still won't fix the problem that large parts of our society are just plain broken at some fundamental level.

We passed the laws that allowed this. We hired the nosy bastards that are doing this. Hell, we made the terrorists that required us to pass the laws and hire the nosy bastards. Somewhere along the line, we decided it was more profitable to set countries on fire than it was to work on conflict resolution.

We didn't need a computer to do that.

Fix the philosophical issue because all the tech in the world is just a bandaid.

No, but yesterday a friend of mine asked me how to back up her pictures from her computer. I told her to use a removable drive. My wife said: "Just store them on Facebook". I said: "The US government makes a copy of anything you upload to the internet." My wife was shocked. Our friend said: "I don't want that." (She's from Hungary). We settled on 32 GB flash drives.

Moral of the story: Just like Groklaw, the ordinary people will stop trusting the internet because people in the know (in her case lavabit founder) say not to trust it.

Ordinary people, for the most part, trust the geeks they know to guide them through the computing landscape.

Of course, the people who the NSA and GCHQ are trying to find and track will not be using email or other forms of electronic communication or storage for anything.

It remains to be seen what happens to the general marketplace. I suspect we may see a number of startups specialising in organising face to face meetings...

"The US government makes a copy of anything you upload to the internet"

So accuracy isn't really something you're all that concerned with? It is my understanding (and certainly could be wrong) that the whole PRISM thing was the ability for the government to get their hands on any data they wished, not that they're making copies of everything. I believe metadata is stored, which is an entirely different animal.

I'm just saying that "ordinary people" will follow what us geeks say, even when we're slightly wrong, because our guesses are much better than their guesses.
It's the least untruth.
That's PRISM, one of tens of programs that exist. Look up XKEYSCORE, for an example that does include mirroring "all" internet traffic. Pot and kettle; make sure you read everything, and don't get caught in their "Oh no we shut down that specific program a long time ago!" plausible deniability schemes that neglect to mention the 7 other programs they run that do the same thing.

I think it's unlikely that the NSA is actually storing all photo's uploaded to Facebook long-term, of course.

Wait, you're really gonna call BS on someone who doesn't pin their hopes on the fine line between 'can make a copy' and 'makes a copy?'

You realize the agencies have been using a bizarro definition of surveillance where they can capture everything and it's only surveillance once an agent listens to it? ( http://www.slate.com/articles/news_and_politics/politics/201... )

Snowden says they can do it. ISP sources confirm the government is trying to do it, but they are forbidden from disclosing the exact nature of what is done. You're really going to believe the people who have been busted lying about it and say anyone who doesn't is not concerned with 'accuracy?'

And what does metadata mean, anyway? If the government stores everybody you've been in a picture with, or who's looked at your pictures, but doesn't store the picture, is that really supposed to make us feel better?

At this point, it would make more sense to store data with the NSA. They have that entire, taxpayer-funded Utah Data Center full of storage. Why not just open it up for people to backup their files cheaply?

The slogan could be "It all ends up here anyway."

Absolutely, I bet someone in the govt is thinking about giving each citizen say 10GB of free space that is secure from: hackers, identity theft, foreign espionage etc.

All the ones that won't use this offer can then be even more meticulously monitored.

10 GB? How about a terabyte. Between the photos, the movies and the music, 10 GB is much too little. Heck, make it 10 TB, then you're talking.
That reminds me of the prostitute quote "Now We're Just Haggling Over the Price" by Winston Churchill.
Just don't pretend it actually applies. You replied to a comment talking about whether such a service would actually be capable of backing up people's data, not in the slightest a discussion of price.
I can image a lot of people evaluating the price of having nothing to hide vs the capacity of 10GB -> 10TB. That is where the comment lead me.
While that is not unreasonable, you cannot get to that point of haggling between 10G/10TB unless the 10GB option can physically be accepted. If people take photos and videos, the 10GB option of uploading everything is logically impossible, and must be discarded.
My guess is that that hard part in PRISM is actually building it. You have to have tons of money and cooperation from big powerful companies and government because it's illegal(unless you're NSA).

The blueprints are probably the easy part.

Since like a beginning of the Future History kind of rule. Then good thing is, it will last for only a couple of the decades before people wake up and restore the freedom. At least it was like that in the book.
Don't be very optimistic about Russia. Things are even worse here, but local and worldwide ignorance presenting the problem as non-existent.

As for whistleblowers — it's all about politics and “your enemy is my friend” between States and Russan rustlers.

    I have now gotten for myself an email there,
    p.jones at mykolab.com in case anyone wishes
    to contact me over something really important
    and feels squeamish about writing to an email
    address on a server in the US.
PJ could help people understand the real issues if she explained that all plaintext mail is vulnerable. It's not only about the mail host, it's the network itself that's compromised.

Switching to Kolab is false comfort for people who are "squeamish" about sending mail to "a server in the US".

I'd love to see PJ publish her public key and encourage people to learn how to use it.

> I'd love to see PJ publish her public key and encourage people to learn how to use it.

That helps, but it doesn't mask the data groups like the NSA are really after (who is talking to who, and when).

I am in the process of developing a new messaging system to address exactly that issue ( anonymous communication where it is unclear who is talking to who )

The way in which it will work is having all users of the system constantly send encrypted streams to each other ( mostly gibberish ). When you want to send a real message you simply replace the encrypted gibberish with some real content.

It will implement "onion" style repeated encryption to prevent direct links from being statistically analyzed as well.

Look for it in 6 months or so. Details will be up at circleofdistrust.com in about a month or so.

Anybody building such systems today should have a plan for when (not if) they receive a National Security Letter.
Fuck the NSA.

Dear NSA: I can and will be designing a fully anonymous open source distributed messaging system that is entirely secure even if you tap every line in the world. At the very best, you will be able to accuse people just of running the software. If you don't like this, I'd advise you that your only option is to hire me and/or pay be enough money to become disinterested in finishing the creation of the software.

I take it you're not a US citizen?
Or a citizen of any country that is friends with the US, or someone who is ever planning on passing through the airport of one of those countries.
If you succeed in your endeavor, they probably would want to hire you.
I am a U.S. citizen. I still believe in freedom of speech, as well as my right to "Life, Liberty, and the pursuit of hapiness".

I am also a Libertarian, which means I don't believe in large government, due to the corruption that follows.

So long as my goals and beliefs are for freedom and privacy, the creation of secure anonymous messaging is of little interest to the NSA. Will they "like" if it is intentionally designed in a way that it could be used by criminals? No... But I should have no fear of that.

Just because guns can kill people doesn't mean you should use them for that. Just because atomic theory can be used to make large bombs doesn't mean nuclear energy is wrong. Just because pressure cookers contain heat well at pressure doesn't mean you should use them for anything besides cooking your food.

Trying to blackmail the NSA ? please let us know how it goes, it could be an interesting story.
> If you don't like this, I'd advise you that your only option is to hire me and/or pay be enough money to become disinterested in finishing the creation of the software.

So, I think you just lost my trust. You're coming at this from the wrong angle, instead of coming from a princpled stance you're approaching this as a value proposition.

Too bad, up to there you had my attention.

Check out the mixmaster anonymous remailers:

http://en.wikipedia.org/wiki/Mixmaster_anonymous_remailer

The problem with this is that it is basically this "server x supposedly receives stuff and then sends stuff on without linking identities A and B".

What if I don't trust server X to really be doing that?

What if the government contacted owner of server X and altered the software not to do that?

The system I am designing keeps anonymity without any need to trust the server. Hence the name. Don't trust anyone.

The idea of masking real content with gibberish always seems hacky to me, and in security hacky is not a good idea. While I suspect you might be able to make it work, I think a better solution is to go to more of a bitcoin approach.

Essentially, set up a new block-chain that allows transactions to contain 'large' messages (IE. large enough for long plaintext, but probably not enough to embed videos). Then, when you want to send a message, encrypt it using the intended recipients public key, then publish the cipher-text to the blockchain.

Have you heard of bitmessage? It basically does what you suggest.
Bitmessage is essentially a torrent server where everyone gets a copy of everyone elses emails, so you get your email by downloading all emails.

Unfortunately in such a system, you have to download all emails, or request what you want in order to actual get the email you want.

The system either does not scale, or will leak information in order to remove the requirement of getting everyone elses emails.

Also, the government can collect -all- of the encrypted messages easily, and potentially eventually correlate who an anonymous id is based on their knowledge of who received messages on which day.

Basically, it sucks.

I haven't checked Bitmessage's protocals, but that it is not nessasary to identify the intended recipient. If you publish the ciphertext with no meta-data, then everyone can attempt to decrypt it. Only the intended recipient would succeed, but an ease dropper would not be able to identify who successfully decrypted the message. This raises an obvious scalability question, as you need to attempt to decrypt every message that is used in the network (in addition to simply downloading it which you have to do anyway). There are probably ways to mitigate this overhead without compromising security.
If you read the wikipedia entry is says that the destination id is required. I assume these must be created somehow and communicated to the sender before being able to receive anything.

So long as this is occurring, the way the scheme works, unless you download every message, it could be determined which id belongs to whom. Once you determine that it is easy to track originating packets to that destination since it is not an onion system.

Additionally, without side channel communication ( in person or posting that address somewhere publicly ) it is impossible to anonymously communicate to an intended recipient.

I don' t have a list of urls right now, but papers on the lack of anonymity of bitcoin and bitmessage are not hard to find. It is a very difficult problem against NSA level attackers. Masking when content is being exchanged by exchanging something on a fixed schedule seems like one of the few things that can be done to at least mask something.

Edit: OTOH, this this does just mean they attack one or both nodes if they care when content is being sent.

I still can't speak to bitmessage. but anonymity is not part of bitcoin's design goals.
It's definitely a good first step. Iterative development!
2013 is fast shaping up to be a year of notoriety

Bruce Willis said it best. :)

http://www.youtube.com/watch?v=vD94dVu8lqQ

I really hope that people look not only into the current list of abuses, but also into the whole nature of government that _inevitably_ led to this point.

Band-aids and spin doctors are not going to make these problems go away. At best they'll just make the problems go further underground so that we don't hear about them as often in the news.

Do you think the NSA is looking to cut back its authority or is it looking to prevent public awareness of this kind of thing in the future?

I have said this on HN several times, and I will say this again. Dragnet surveillance of private digital correspondence by the US and other governments is wrong, and a gross, unjustified, overreaction to the real threat of terrorism.

And yet, when taken as part of the whole picture that is the internet, government surveillance is little more than a drop in the ocean. While governments may collect a possibly significant amount of correspondence and analyze some of it, almost all online data, e-mail correspondence as well as photos and documents, search history, browsing history, our physical location, the driving, running and cycling routes we take, the busses we use and more, is constantly collected, analyzed monitored and used, all day every day, by private corporations. These corporations are even less subject to oversight than any democratically elected institution, and their employees are less carefully screened.

Government surveillance is wrong, but at least it raises an outrage that, in time, is almost certain to bring about change. Corporate surveillance is a more dangerous beast. It employs manipulation and deceit rather than plain-old secrecy, and worst of all – it causes little outrage.

Some have compared the current state of things to George Orwell's Big Brother government, but those who've read the book know that Big Brother does not rule through secrecy and intimidation. Big Brother is never mistrusted, never hated, and never feared or suspected. People subject themselves to his control willingly. Big Brother is loved. That is how absolute power is gained. And that is why a democratic institution has little hope of ever attaining Big Brother status, especially in America where any government is automatically suspect. The real danger to our privacy and our freedom, the true potential Big Brother and the danger that dwarfs any government surveillance online, is Google, Facebook and their ilk.

> ... Google, Facebook and their ilk

... usually don't destroy hard drives of journalists or don't detain people as a matter of harrassment just to name two recent actions undertaken by governments who use their introspective powers to take conclusions ("we have to have this Miranda guy") and act upon them ("we know he's in Berlin. Check the flight records")

The point is that the control of the governments does not seem to work anymore OR, at the same time addressing that "Big Brother is loved": nobody cares, because governmental agencies do the right thing. (That is my impression until now, living in Europe)

> ... usually don't destroy hard drives of journalists or don't detain people as a matter of harrassment

I actually remember a similar action taken by Apple (though through the use of a government agency). But bear in mind that corporations' rights to employ violence have been taken from them, but only after they'd been put to good use. They had a long history of terrorizing and killing people (in the US it was during the days of the Pinkertons), and Google is already more powerful today than the robber barons ever were. If government is weakened enough, corporations will gladly fill the void.

A purely quantitative comparison between governments and corporations is completely pointless.

Governments have a monopoly on the use of force, on law making and on many other things that we all depend on. Governments have much greater powers than any particular corporation, and hence the abuse of that power is a lot more dangerous.

> Governments have a monopoly on the use of force...

They do now, but that was not always the case: http://en.wikipedia.org/wiki/Pinkerton_Government_Services

> ... on law making

How elected representatives vote is public record. How corporations and lobbyists sway them, however, is not.

> Governments have much greater powers than any particular corporation

Yes, but unfortunately this may be changing. I don't think any government in the history of mankind has ever had as much information about people as Google does.

Corporations can't put me in jail.
Not directly, but who do you think runs the jails and lobbies for stricter laws to fill those jails?
"Corporations" are not a single entity. Some are more aligned with the development of society, some hinder it. It is harmful to lump all corporations in one group.
People must understand that every interaction with an Internet service means voluntarily sending your data to them. These companies don't just "vacuum it up", the data is simply sent directly to them. Maybe you don't see it that way, but that is why the perception needs to change.

When you use Gmail you are sending your mail to Google, first, and then it is relayed to the recipients. When you search for driving directions to an address, you are sending data to Google that says "I want to know how to drive/cycle/walk to X location right now". When you search for some phrase you are sending a request to Google that says "I want to know about this".

There is no reason why they wouldn't hold onto that data. You sent it to them, because you want the response that they can provide. It's an exchange.

> People your you you you your you you you they You them you they

People who do not understand technology to the depth and detail that you do are not halfwits or children. They know what they intend to accomplish and giving up their most personal information for perpetual archival is seldom a property they are asking for. If the technological tools they possess do not faithfully obey their intentions with a minimum of unintended side effects then the problem is with the technology or the services not the user.

Technology is neat and important, but it exists to serve the user. Faithfulness to the users needs and intentions are the only criteria by which we can judge technology.

Putting users' needs first is a great ideal, but ultimately any exchange with a company in a private market context is an economic one.

I don't think anybody is an idiot just because they don't understand this. They've come to see Internet services as something like public utilities. There is very little to reinforce the idea that you are indeed giving the provider something for the service, since what you are giving is invisible/intangible.

> But for me, the Internet is over.

This is how I've been feeling about it for the last few weeks.

The internet is imploding.
I guess I don't get it. Didn't we "know" about things like Carnivore in the 90s? Isn't it rather expected that unencrypted communications are going to be gathered? You don't even need a nation-state to do so. Anyone with physical access can place taps, and parsing and saving port 25 traffic ain't exactly Manhattan Project level work.

I agree it's upsetting and citizens should be demanding oversight. But to assume your plaintext transmissions over uncontrolled wires are somehow private seems absurd. It's like the silliness people got whipped into over Google's WiFi collection which was essentially passing "-s 0" instead of "-s 64" to tcpdump.

I know. We're all so gullible and dumb right?

Tell me. You're speaking with a friend in a public square or park in your town. You're not speaking in code with your friend. Judging by what you just said I expect you assume your every conversation is being monitored.

We have certain expectations of privacy and basic human decency. Just because it's possible to wiretap and hoover up all unencrypted communications I wouldn't have concluded that the spooks are doing so because I would have thought they wouldn't stoop to this behaviour. Sure there was a little bit of info here and there but there's nothing like hard evidence (Snowden-style) for changing ones mind.

You don't have to show us all how smart you are, we know already -- so you can keep these types of comments to yourself.

>Tell me. You're speaking with a friend in a public square or park in your town. You're not speaking in code with your friend. Judging by what you just said I expect you assume your every conversation is being monitored.

You should be aware of the possibility that someone may be eavesdropping in this situation, yes.

>We have certain expectations of privacy and basic human decency.

Our expectations of privacy are valid in private contexts, like a home or business. Public contexts, like a busy shopping center or the internet, do not contain inherent guarantees of privacy. Even though one can normally assume that no one dangerous is listening in, it's a risk you always take when you engage in any conversation or behavior in a visible location.

>Just because it's possible to wiretap and hoover up all unencrypted communications I wouldn't have concluded that the spooks are doing so because I would have thought they wouldn't stoop to this behaviour.

This is pretty naive. Whenever there is a large benefit:cost ratio in play, people should expect that someone at some point _will_ stoop to that level. The ability to record and filter huge portions of worldwide communication is obviously hugely beneficial to all nation-states, so they're obviously going to do it. There are even some who would argue that this is not fundamentally immoral, so it's an even less clear-cut case than things that are obviously fundamentally immoral, meaning it should've been even more expected.

These monitoring programs have been occurring for a long time, most likely since Snowden was a child.

>You don't have to show us all how smart you are, we know already -- so you can keep these types of comments to yourself.

I think just the opposite. We should be using this as an opportunity to educate everyone on the critical importance of encryption (analogous to placing your comms in a sealed envelope, instead of leaving them bare on a postcard), not express moral outrage that some people would "stoop so low". I guess if you're into that, you can do that too (I find it trite, personally), but it shouldn't be done at the expense of the resolution to this problem, which is widespread adoption of full client-side encryption.

> Our expectations of privacy are valid in private contexts, like a home or business. Public contexts, like a busy shopping center or the internet, do not contain inherent guarantees of privacy. Even though one can normally assume that no one dangerous is listening in, it's a risk you always take when you engage in any conversation or behavior in a visible location.

Or even if you talk in your house with your door wide open. Does anyone else remember Star Trek VI?

But either way we also don't expect every conversation we make outside to be monitored as a matter of course. To the extent that NSA is doing this we are right to be very upset.

The flipside is that even before email there were few options for communications between third-parties that could not be intercepted at all (without a full warrant) by the U.S. government within the U.S. Probably USPS was it (though later telephones received that same protection). And there were about zero methods if you were talking international communications (maybe diplomatic pouch was safe, probably nothing else was). So in that regard modern comms are still an improvement.

But I do agree with you that things people need to have private, need to be encrypted, as there are more threats out there than just the NSA.

First, I don't see you really addressing my point, which is that this behaviour dates back a long time (Carnivore was public knowledge before Snowden even worked for the NSA), and it doesn't even take a very powerful entity to implement it. (Jeez, I regularly get customers sending me traces of their customers (metadata+voice contents) just for troubleshooting purposes.)

Advances in massively deployed array microphones aside, I don't find speaking in a park to be remotely similar to transmitting over a large public network. On the Internet, you are willing handing your data off to multiple third parties. You have little control over which third parties, or even which countries, your data flows through.

I'm not insulting anyone's intelligence. I'm simply questioning why anyone assumes they've got privacy other than "because it feels like it should". And, hey, that might be a good argument and something to get enshrined in law. (Although, I'd be surprised if the USG backs down at all, except perhaps to concede to some more oversight audits.)

Snowden's "hard evidence" is great because it gives bigger, solid ammunition to argue against mass surveillance. But it's not like anything has suddenly changed, nor should anyone's behaviour change (other than to use encryption when possible).

P.S. Your comment would be better without the sarcasm. I'm being honest and serious in my attempt at commenting here.

Do you believe that physical mail enjoys no reasonable expectation of privacy either?
Physical mail, at least in the US, enjoys privacy due to specific law. As I understand, a court order/warrant is needed to open a USPS letter.

With private carriers like FedEx (which aren't allowed to offer normal letter service in the US) there's no such restrictions. FedEx directly states "We may, at our sole discretion, open and inspect any shipment without notice."[1]

1: http://www.fedex.com/us/service-guide/terms/express-ground/i...

This to me is the most pernicious thing about this whole surveillance business. The mere presence of a comprehensive surveillance apparatus, even when you don't live in a totalitarian state when jack booted thugs pay you a visit to "get your mind right", does incalculable damage to the first amendment. In a free society, it's "game over" without the first amendment. This is in some ways even more damaging than the actual surveillance (which in theory could be shut off today) because once the public feels they've lost the freedom of speech, it is extremely hard to convince them otherwise. Look at how hard it has been for the citizenry of forer communist countries to embrace and internalize the freedoms we in the US have had for a few hundred years.
This is such depressing news. And I've been trying to think of a way to solve this technically, but the Government has the five dollar wrench, and all we have is the crypto.

Code will not be enough, the system only respects one thing, money. If enough people move to services outside of the States, the real people in power will tell the government to reinstate at least some civil liberties and human rights. But even then, don't expect too much.

As mixmax said, this is "akin the Intelligentsia leaving Germany in the 20's." It will start with moving to hosting and services outside the country and will eventually be followed by people physically leaving the country. As James Joyce said, "silence, cunning... exile"!

It's not so bad. I've been an expat for 26 years and I've never looked back.

>> If enough people move to services outside of the States

What service can we trust at this point?

After the Evo Morales flight debacle, it's pretty clear that their five dollar wrench works equally well on other nations as well.

The internet is broken, everywhere.

Can anyone explain for the uninformed how anything like surveillance affects Groklaw?

I was under the (probably wrong) impression that most of what Groklaw did was explain the law and court cases in simple terms.

Groklaw started with some serious in-depth background knowledge of the whole SCO - Linux stuff (there's too much to describe it as anything else).

That sort of information comes from having serious inside, in-depth background information.

You know, the sort of stuff serious investigative journalists /used/ to do. Like the Washington Post in 1972 when they reported on illegal activity by the President (http://en.wikipedia.org/wiki/Watergate_scandal#Role_of_the_m...) rather than the Washington Post in 2013 when the report on Presidential Broccoli (http://www.washingtonpost.com/blogs/post-politics/wp/2013/07...).

We've seen a rare example of serious investigative journalism and how /our/ countries respond to it by targeting family and loved ones of the journalists. That's the way we used to say only the KGB or the Gestapo behaved in the Bad Old Days. Guess what ? The Bad Old Days are right here and right now.

No wonder PJ is concerned that continuing Groklaw may expose her to serious risk from the authorities. Commenting on court cases and filling in the background through back-channel information from Deep Throat (or whatever pseudonym they use today) sure does not seem to be worth that risk to me.

It's sad that any comment on this stuff makes it sound like you go around wearing a tin-foil hat.

I may have missed it, but I don't recall any back channel information from Deep Throat type sources there. What I recall was a lot of documents readily available to lawyers but somewhat a pain in the ass for average people to track down and get copies of, especially for free.

Note that I am not saying there were none...just that I never noticed them. Anyone have an example or two?

Sure, look at http://www.theguardian.com/technology/2013/aug/20/groklaw-sh...

States explicitly "Groklaw relied in some cases on email tips from readers and other anonymous sources".

Following the early days of the SCO reporting it was obvious there was unreleased information being shared. There was even lots of discussion about whether Groklaw was some secret group of IBM agents and stuff like that due to the knowledge and insight being displayed at the time.

Jesus, it's only two, short sentences in, "The owner of Lavabit tells us that he's stopped using email and if we knew what he knew, we'd stop too. There is no way to do Groklaw without email. Therein lies the conundrum."
The point I am confused about is why a legal analysis blog is worried about government surveillance, so I am wondering if my perception of what Groklaw actually does is incorrect.
PJ doesn't (and likely never did) understand how email works.
PJs coverage of several cases contained information that often found its way into the court room much to the chagrin of the Plaintiff. PJ was subject to a very nasty, dishonest expose by a shill for SCO at one point. PJ also regularly put out calls for prior art that resulted in patents being invalidated. A strategic leak of information by the government could be very damaging to some of Groklaw's contributors... even though the contributors likely did nothing they could go to jail for.

Oh, and she did all of the above in simple terms. Groklaw is easily one of the best blogs ever. Sad day to see PJ go.

Groklaw has been a jewel in the crown of the free internet. We are all unbelievably impoverished by its passing. This is truly awful.
On the plus side, so far as it goes, I don't think we could make a better case for "chilling effects"...
Comment of the CEO of the service PJ chose for her communications: http://blogs.fsfe.org/greve/?p=625

"While we’re happy to provide a privacy asylum in a safe legislation, society should not need them. Privacy should be the default, not the exception."

So it's come down to privacy asylums and digital refugee camps now. WTF?

Years ago, when I was a little involved with the FSFE, I did a bit of graphics design for some people there. One thing I made was that small graphic one you see in the header there.

Seeing it again now after years... Weird.

Then I went to http://planet.fsfe.org/ and found out they're still using my site design there.

Wow. I'm floored.

This is... I don't know. With the storm brewing right now, they need help. People help.

Guess I know what to do.

that's what THEY want: get in bed with the big ones and scare the shit out of/shut up the small ones. result: complete control.

what a huge pile of shit for one single day.

...Can PJ not figure out GnuPG? Is she officially retiring from any and all digital correspondence contrary to her notice that "[her] email [addresses] still work"? She says she's getting off the internet to whatever extent possible, and then asks people to continue to send her mail. I also find it cute that people believe facilities based in other Western nations are outside of the NSA's reach.

I gotta say that stopping Groklaw, which is a public site anyway, because someone else might be reading it, doesn't seem to make a lot of sense, despite the emotional ploys in this article. She can write and save drafts locally in a (GASP) local word processor and encrypt anything she chooses to upload to remote storage. The government will then not be able to read unfinished Groklaw articles. Does this resolve the issue?

This whole article should've just been a public key and a PO box address with this note: "I will not acknowledge plaintext mail. If you are uncomfortable transmitting encrypted data over the wire, please send a USB disk to this box."

>Can PJ not figure out GnuPG?

I'm sure she can, but by doing so has reduced the set of people capable of sending her mail significantly by imposing the requirement that they figure out GnuPG before they send her an email.

If you want to use it, you can figure it out. It requires more work than most people care about.
Not in the same way that you can use email though. It is unsafe to use GnuPG on a computer you do not own or trust like a computer at a public library or an Internet cafe. It is, however, possible to register an email address on such a computer and send unencrypted email on that same computer with some precautions and still be fairly sure that the contents will not be connected to you.
It's just as safe to use GnuPG on a public terminal as it is to use any other password-protected functionality on a public terminal. You run the risk that the terminal is recording your input and that your password may be compromised. In one case, this may compromise the security of your private key, and in the other case, it may compromise the security of your email account.

One could argue that GnuPG is actually safer on a public terminal than generic online email access, because if you keep your keys on a USB stick, it's another critical piece of data that would have to get collected separately before the captured input data was of any use (this could be automated, but it'd be much harder than just running a keylogger, especially if one undertakes avoidance techniques). If one accesses an ordinary email service, the log would look like "gmail.com↲cookiecaper↲mypassword", which obviously contains all information necessary to access an account. As long as the private key is not automatically copied by the terminal, you can simply change your passphrase after each usage of a public terminal and it simply won't matter if someone stole your input or not.

The only issue is that in the real world, most terminals do not have GnuPG installed. We should be using taking this opportunity to try to change that, while public interest is on the topic.

The main point I was trying to make is that, if you don't own a computer of your own and you are trying to leak something, an internet cafe or other public terminal that sees use by several people might be an effective way of hiding that you sent something. If you don't own a computer of your own you have no trusted place you can go to generate a PGP key, to set its passphrase securely, to encrypt email before you use the public terminal, to decrypt what you retrieved from the public terminal on your home machine (so your passphrase can't be keylogged or your key cannot be copied), and so forth. If you use a mass-market operating system (Windows, Mac OS X) you might have a computer that you own but cannot trust in any way. That's where opening a "throwaway" email address and sending something unencrypted is a viable use case. If you muck it up by trying to encrypt using PGP then possession of the key is persuasive (but not conclusive) evidence that you are the one that sent the email, and quickly becomes conclusive evidence if even the most basic automated surveillance techniques are used on that untrusted machine.

>One could argue that GnuPG is actually safer on a public terminal than generic online email access, because if you keep your keys on a USB stick, it's another critical piece of data that would have to get collected separately before the captured input data was of any use (this could be automated, but it'd be much harder than just running a keylogger, especially if one undertakes avoidance techniques).

One would be wrong. If an adversary is keeping a copy of every file that is opened on a USB stick (which would be trivial to add as an "update", "patch", or "option" to, say, an on-demand antivirus scanner) then it's game over.

>If one accesses an ordinary email service, the log would look like "gmail.com↲cookiecaper↲mypassword", which obviously contains all information necessary to access an account. As long as the private key is not automatically copied by the terminal, you can simply change your passphrase after each usage of a public terminal and it simply won't matter if someone stole your input or not.

If they have your key from the previous step then changing your passphrase does absolutely "jack" and "shit". Where are you going to change this passphrase anyway that's on a computer owned/trusted by you if you don't own a computer or don't want to tie that key back to your home machine and identity?

>The only issue is that in the real world, most terminals do not have GnuPG installed. We should be using taking this opportunity to try to change that, while public interest is on the topic.

Then you'll have backdoored copies of GnuPG installed on these machines that will offer you no security.

>If you don't own a computer of your own you have no trusted place you can go to generate a PGP key, to set its passphrase securely, to encrypt email before you use the public terminal, to decrypt what you retrieved from the public terminal on your home machine (so your passphrase can't be keylogged or your key cannot be copied), and so forth.

Correct. We should consider it a pre-requisite that someone interested in swapping secure communications has at least one computing unit which they can control. This is like asking "but if someone doesn't have fingers, how will they type at a public computer?" Most people have administrative access to at least one machine, at least a phone if not a laptop. The requirements to generate a key are not excessive.

>That's where opening a "throwaway" email address and sending something unencrypted is a viable use case.

Never said this won't ever be a viable use case. There are times when it'd be appropriate to use a one-time mail address from a public terminal and then discard it. It's really up to the individual if encryption is necessary for the content they're seeking to send.

>One would be wrong. If an adversary is keeping a copy of every file that is opened on a USB stick (which would be trivial to add as an "update", "patch", or "option" to, say, an on-demand antivirus scanner) then it's game over.

So first, this is another level of complexity, another barrier, that makes things more difficult, even if it could plausibly be executed. A random joe who sneaks a hardware keylogger between the board and the machine will not be able to do anything with this. Many amateurs will fail to understand that this kind of thing is needed. It is still much more secure to use a public terminal with the knowledge that this may happen than putting all your eggs in one basket and relying solely on keyboard input ("something you know") for security.

Secondly, if they're copying EVERY file off every USB drive that's plugged in, they may have difficulty distinguishing your key, especially if you take avoidance techniques as mentioned in my first post. Private keys that are used by GnuPG are binary, not plaintext (you can export them as armored keys, but GPG won't use these files directly). You can name the keyfile whatever you want. You can embed your key inside another file and extract it to /tmp with dd. You can put your keyring in a TrueCrypt volume. You can put it in a password-protected rar file. You can encrypt it against a key that is embedded on the stick outside of the filesystem, so that even if the terminal copies the full contents of the filesystem, they still won't be able to use your key. There are all kinds of things one can do to ensure that his key is not just sitting there to be taken, and to be reasonably secure that even if it is taken, it will be difficult to extract in a meaningful manner.

>If they have your key from the previous step then changing your passphrase does absolutely "jack" and "shit"

Yes, I'm aware of this, which is why I prefixed my statement with "[a]s long as the private key is not automatically copied by the terminal..."

> Where are you going to change this passphrase anyway that's on a computer owned/trusted by you if you don't own a computer or don't want to tie that key back to your home machine and identity?

You're not, you must have a machine you trust, as most people trying to leak content will. One could use a virtual machine to manage his identities that he didn't want registered on the host box.

>Then you'll have backdoored copies of GnuPG installed on these machines that will offer you no security.

This is a good point. You should use your own GPG binary hosted on your USB stick instead.

What stops you from encrypting the body of the message on you own computer and use USB stick to just copy over an encrypted file?
Nothing, and this is a valid solution if it fits your needs.
Not wanting to be in possession of key material which could tie the original message back to you would be a good example. PGP messages are not deniable.

I was thinking more of a situation where a worker trying to expose abuses has knowledge of how to use a computer but does not have a computer at home that they can trust. Either it's shared, is running an operating system that cannot be trusted (due to malware or other reason), is under active surveillance (not necessarily by a state-level actor), otherwise untrustworthy, or the leaker simply does not own one.

In that case there is no safe way to generate and store a PGP key, and possession of the associated key is a great way to break anonymity.

Encryption is mentioned in the article, but dismissed as encrypted e-mails are stored for 5 years in hope of new discoveries for decrypting without the private key.

I still agree with you, though.. PGP is pretty good, after all :)

She makes the observation that any encrypted email is held on to for ~5 years--this may be why she didn't want to bother with the GPG bollocks.
The thing is, GPG is not bollocks. Barring a major unforeseen discovery, RSA cryptography will easily stand up to five years' retention.

If you're worried, use a long keylength. I've been using 4096-bit keys for over a year now and there's no noticeable performance hit for regular comms on my computer. On my phone, 4096 is noticeably slower than 2048, but it still works fine (probably about a 5-10 sec operation to decrypt an ordinary email, and I have a comparatively "old" phone).

The longest key in the world won't protect you from a FISA warrent.
What.

A FISA warrant doesn't magically render RSA invalid. If all your comms are encrypted, they can get whatever warrants they want, and they still won't be able to read your information unless you surrender your passphrase and key.

They can, and do, force you to divulge your key.
I understand that they can, and sometimes may, force you to divulge your key, but it's not a consistent thing in the United States. There are judgments that require the divulgence, and judgments that claim such forced divulgence is precluded by the Fifth Amendment.

In any case, you buy yourself a very large amount of time if you don't just leave all your communiques out for them to read in plaintext. If you're encrypted, you have a lot of due process to exhaust before they ultimatley MAY order you to divulge the key. They have to go through your lawyer. He can file motions and appeals. The accused may incidentally forget the password. There are a lot of options. With plaintext, there are no options; there is only the government with all your content, and you with no control over anything.

See this here, with reference to the conflicting case law in the U.S.: https://en.wikipedia.org/wiki/Key_disclosure_law#United_Stat...

The point is really that they could just change their mind. It's already obvious that the gov't will go to great lengths to violate privacy and what we assumed were constitutional protections, so why would they respect your 5th amendment right and not just demand keys in the future?
Yet you're using gmail and voluntarily surrendering at least part of your correspondence to Google's prying eyes.
And there's nothing necessarily wrong with doing so. It should further be noted that anything you upload to a Google server is automatically packaged and delivered to the NSA by Google directly, so don't send anything to Gmail that you wouldn't want the NSA to access.
Forget the NSA, why should we give our information over to Google? I don't trust the NSA the least bit, but I trust Google even less.
More to the point though, is that forcing the NSA to work on a specific message is computational power that they can't use to oppress the populace at large.

I know PJ is quite private (and probably rightfully so after the private investigators that were sicced on here during the SCO trials), but I was still shocked to read about this. Imagine if the New York Times and Washington Post had shut down in the 1940s, 50s, 60s when phone wiretapping was completely legal for the government to do.

Not only did they not shut down, but they didn't even have encryption to use back then. The people are far better armed today to be able to protect their communications.

> More to the point though, is that forcing the NSA to work on a specific message is computational power that they can't use to oppress the populace at large.

This, precisely.

Too many people throw up their hands because it's impossible to be 100% surveillance proof. But you don't need to be. If we can make surveillance orders of magnitude more expensive, we win.

GnuPG is not a solution for this. The problem is not just about the contents of the message, but knowing your communication habits. GnuPG can't encrypt who your message is going to, being replied to, when, or even the subject.

The NSA probably isn't storing all the contents of voice calls either, but it really doesn't matter all that much. They can still tell who you communicate with when and how often. That's not conducive to democracy or free speech.

Furthermore, because of how few people use GnuPG or other such tools, I would expect you'd only be targeted harder for using them.

> GnuPG is not a solution for this. The problem is not just about the contents of the message, but knowing your communication habits. GnuPG can't encrypt who your message is going to, being replied to, when, or even the subject.

GnuPG is PART of a solution to this. If you do need to hide the recipient, sender, subject line, etc., then you'll have to bolster your solution with other offerings. One suggestion may be to use temporary email addresses created through Tor, so that the gathered mail header data is not meaningful. Another suggestion would be to encrypt the data and dump it onto a filehost and send the link through a non-email channel. But in any case, it is crucial that the content of one's messages remains private.

>Furthermore, because of how few people use GnuPG or other such tools, I would expect you'd only be targeted harder for using them.

Indeed this is the case now, but as we get more people set up with GPG, it will no longer be an effective method of discrimination.

I think she just wants to take a break (maybe even subconsciously) and this is the excuse she can use to do it.
at the risk of encouraging brainless anger responses.

yes lets all bend over and take it up the ass...

because someone says what they learned makes them not want to use e-mail? this is precisely the opposite of how to stand up to oppression.

no matter what it is the response should not be "well i'm going to stop being free and let them oppress me" you may as well just lay down and die in my mind...

you are born free whether you like it or not and nobody can take that away but yourself.