As the Obama administration campaign to stop the commercialization of strong encryption heats up, National Security Agency whistleblower Edward Snowden is firing back on behalf of the companies like Apple and Google that are finding themselves under attack.
“Technologists and companies working to protect ordinary citizens should be applauded, not sued or prosecuted,” Snowden wrote in an email through his lawyer.
Snowden was asked by The Intercept to respond to the contentious suggestion — made Thursday on a blog that frequently promotes the interests of the national security establishment — that companies like Apple and Google might in certain cases be found legally liable for providing material aid to a terrorist organization because they provide encryption services to their users.
In his email, Snowden explained how law enforcement officials who are demanding that U.S. companies build some sort of window into unbreakable end-to-end encryption — he calls that an “insecurity mandate” — haven’t thought things through.
“The central problem with insecurity mandates has never been addressed by its proponents: if one government can demand access to private communications, all governments can,” Snowden wrote.
“No matter how good the reason, if the U.S. sets the precedent that Apple has to compromise the security of a customer in response to a piece of government paper, what can they do when the government is China and the customer is the Dalai Lama?”
Weakened encryption would only drive people away from the American technology industry, Snowden wrote. “Putting the most important driver of our economy in a position where they have to deal with the devil or lose access to international markets is public policy that makes us less competitive and less safe.”
Snowden entrusted his archive of secret documents revealing the NSA’s massive warrantless spying programs all over the world to journalists in 2013. Two of those journalists — Glenn Greenwald and Laura Poitras — are founding editors of The Intercept.
Among Snowden’s many revelations are the CIA’s years-long efforts to break Apple’s security systems, and American and British spy agencies’ theft of a vast trove of private encryption keys. Snowden himself taught Greenwald the importance of using strong encryption to protect the materials.
FBI Director James Comey and others have repeatedly stated that law enforcement is “going dark” when it comes to the ability to track bad actors’ communications because of end-to-end encrypted messages, which can only be deciphered by the sender and the receiver. They have never provided evidence for that, however, and have put forth no technologically realistic alternative.
Meanwhile, Apple and Google are currently rolling out user-friendly end-to-end encryption for their customers, many of whom have demanded greater privacy protections — especially following Snowden’s disclosures.
Photo of Edward Snowden streaming through a remote-controlled robot at a 2014 TED conference in Vancouver.
Here i am a Pakistani whose iphone has been tampered such that button don’t work(BIOS hacking), Samsung galaxy S3 same issue buttons don’t work, sony ericson(again hacked buttons don’t work. Windows keep getting corrupted( a genuine copy).So next time you tell me Apple cares i have a answer they don’t.What is my crime? Because i exposed US government involvement in MKULTRA human experiments? censor it.. but no one can now why? Because it will appear thousands of place if you it gets censored.Let it go…
Snowden’s a Family guy — Company man — that association is for life. The whole Snowden story is improbable at best. Realistically it’s impossible. But everyone bought it, anyway.
And now this. Look: encryption strength is limited by law. Therefore, using strong encryption is enough to land your ass in jail. “Bad actors” can’t get “secret messages” across the internet without painting a big, bright target on themselves by using illegal-strength encryption. And, anybody using that encryption paints the same target on themselves.
This is theater. Assange was Act 1. Snowden is Act 2. More than likely this encryption gag was the whole point. Why identify people when they can be so easily led to identify themselves? Using strong encryption these days is analogous to seeing a police officer and immediately start running away from him. That’s usually a bad idea — ESPECIALLY if you have something to hide.
Legal-strength encryption is likely a known entity and easily broken. Illegal-strength encryption is enough to land you in the pokey. Snowden, a CIA agent, is urging you to use either device anyway.
I invite you to look at this story AS A STORY. Look at all the news that way. It’s all Hegelian dialectic. You are an actor in their story. By viewing their story as a story, you can suss out what role you’re being asked to play (Hint: it’s always the same role: you play The Chump).
Think first; act second. Thank me later.
I don’t think you have a clue.
Where is “encryption strength is limited by law”.
“Legal-strength encryption is likely a known entity and easily broken.”
That would be news to a lot of people listed on this page. If you don’t know who any of them are, then that shows that you have no idea about cryptographic strength and what is legal or not.
http://competitions.cr.yp.to/aes.html
I’ll save you some time, look up Ron Rivest, Ross Anderson and Bruce Schneier.
Questioning their abilities to invent strong cryptographic algorithms implies your ability to do so is superior to theirs.
Rain, dear?
Yes this is theater.
I see this argument everywhere there is a discussion on encryption.
You offer no evidence to support your argument, it is rather typical, unconvincing public scare tactics.
The evidence all points to the opposite, the math works.
Organized crime already has a strangle hold on our lives; why do we think they expect us to pay for this rotten protection racket? We’re all substantial suspects making admobsters millions while they are above reproach with their “Hillary” BlackBerrys off line? Where’s my cut, Lefty? Now that’s gonna leave a scar.
If we demand freedom from their intrusions by way of encryption – the crystallization of American persuasion, they will simply label us savages and insist we be put down for the sake of some sucky general British Welfare State…or throw a bomb in your backyard and blame it on your competition, SONY.
If all this data is so damned valuable, why hasn’t a wiser species come to relieve us of this Nibelung Treasure? It’s just a bunch of Rhinestone navel rings. Gaze on, Idiots. Enjoy the smoke, sinkholes.
Some say the Mafia made certain by way of infiltration that we must have warrants with specific items to be searched for before one loses their freedoms. But now that these admobsters run the whole show, they want to have it both ways…Ain’t it the truth?
All pudding, however curdled, supposedly needs proof, so aloof, but what of the Jell-O? So much wiggling is surely the pitts, peaches, plums, apricot bits — open palms, ugly mitts? Barely two nickels, dislike chits, HeathROW kits, extended snits… Blitz? A bit on the Fritz, Metropolis. Shit’s amiss, so not taking the piss. ’75, a near miss. The scar sets the bar, maybe lowers it from afar? The door’s been ajar, gzip, gnu tar, feather — just a bit below par, var char, motocross, no leather, bad weather, spinlock, alphabet rock. Tik tok, tick tock? Soon Cosby or block? Chock full o nuts is a terrible vintage, smoke monsters notwithstanding, you’re not sticking the landing, Comaneci, too preachy keen? There’s always a Holstein, shite’s never clean, jumping bean… still, I’ve taken a shine to your sheen, seen what I’ve scene, there’s no grass that’s green bean, Dean.
The United States government cannot be trusted. They have proven that time after time…
Good job tech companies, keep up the good work!
” … that companies like Apple and Google might in certain cases be found legally liable for providing material aid to a terrorist organization because they provide encryption services to their users. ”
Encryption is a tool that benefits not just individuals, but international commerce as a whole. And like any other tool, it can be abused by a few. But the few that abuse it cannot be permitted to indict the rest of the peaceful users by condemning the latter to a perpetual denial of the benefits deriving from end-to-end encryption, which is what they are hoping to intimidate Apple into doing.
Societies have a whole universe of tools, most of which are of great benefit to humankind but obviously not all. Guns for example – tools used mainly for the destruction of human life – mow down at least a dozen people each month in the US alone. Thousands more worldwide. And these are conservative estimates.
I have heard no one making the argument that the makers of guns would or should be held liable for the criminal actions of a few who use guns illegally. Here or anywhere else.
While I agree with him on principle/premise, I’m not quite sure I trust that Apple is doing this because they even believe it themselves, but rather just trying to win over PR relations. At least that’s my view.
Close enough for government work.
*Apple has a decidely ‘international’ clientele and I would be surprised if they let the self-absorbed ramblings of a few U.S. politicians negatively impact their bottom line. .. too much.
Does it really matter why? The other side, is the United States government, and we all know they cannot be trusted! I offer you the Patriot Act, which benefits the US government and can make your life unbearable! Read it sometime, its on-line….
This tip is for additional security for Firefox and Tor browser users who are outraged at the way websites try to get their personal information. I learnt this from my nephew who is an analyst somewhere around here.
Whenever you visit any site, right click on any photo or image on the page, and select “View Image Info”. One new window will open up. In that new window, go to “Permissions” tab and then un-check the “use default” boxes against 1) access your location, 2) use the camera and 3) use the microphone, and make sure you select the “Block” options for all these three. In the same window, the “Security” tab will give you some more insight on the mischief that particular website has up to. Make sure that you definitely do this to Google, Yahoo, Microsoft and CNN websites.
Later, you can open up a new window by entering “about:permissions” as the webpage. Then you can see what all permissions have been set and what are the defaults. This whole exercise still may not protect you sufficiently, but it will definitely make you feel like a James Bond trying to outwit Her Majesty’s enemies, that particular childhood salute notwithstanding. Good luck!
he’s a coward and a traitor, why anyone would give a rats what he says or think is beyond me and says way more about those people than this traitor
Sorry, moron, the cowards run the Big Brother show and Ed’s effort has done more for the rights and future of OUR country’s citizens than those “collect it all” fucks were EVER doing. Let me guess, you’re one of them and don’t really care for daylight. Too bad, so sad… :^)
The part about NSA collecting data on ordinary citizens was just a small piece of what he exposed. He also exposed methodologies for spying on Iranian and North Korean nuclear programs. You cool with that too?
Could you be more specific? Ideally, could you link to the documents and or the article about the documents you are basing your claim on?
Apologies for not replying sooner as I cutting grass yesterday (I try to no longer use the other phrase), then grilled some dinner and a glass or two of wine I had left me ambivalent about the effort.
Three years before Ed’s sacrifice the stuxnet attack on Iran’s nuclear program was exposed and was the first true nation-state cyber-war attack of consequence on another country that I know of, so there’s that. I also sort of expect the preeminent nuclear power on the planet to be spying on the nuclear weapons development program in any country it might consider an enemy. So, “just spying” seems sort of trivial and kind of expected compared to that actual cyber-attack on nuclear infrastructure, you know. Was it the word “citizens” that made you think I’m somehow cool with anything that’s yet been revealed from the Snowden files? Perhaps I do take some greater offense at so many members of OUR country’s government committing intentionally illegal and unconstitutional violations against fellow citizens, especially when oaths were taken. And you might be surprised at what I’m not cool with, but certainly less so if you’d been hanging out here before now. The inside-out nature of your question, focusing on that one word and those two countries in particular, seems a bit baiting but a lot of new commenters have shown up here lately and I’ll assume you’re sincere.
Coward?? What Snowdon done is so far from cowardness you can get, risking his livelyhood, personal everything, maybe a refugee for life! YOU are the coward!
How do we know that the people writing the encryption software will not sell out to the government. Money talks and shit walks….
Works better if only one or two individual devs, unbeknowst to the companies they’re visibly are doing work for, are involved in that sort of thing (and noone else including one another knows anything about it/is any the wiser). Bugs are introduced all the time. This is the sort of thing people need to keep an eye out for [though people don’t always believe things, and not all suggestions made are true; people still don’t know the whole story on this, for example: http://www.csoonline.com/article/2136901/data-protection/an-fbi-backdoor-in-openbsd-.html ; for some interesting background, see here: http://www.nytimes.com/1999/10/11/business/technology-easing-on-software-exports-has-limits.html?pagewanted=all ]
Because encryption is an open standard, and different pieces of software that use encryption have to be able to talk to eachother using those standards. It’s impossible for a company to secretly add a back door to their encryption, because that would mean they are not following the standard, and no other software that does follow the standard could decrypt what they’ve encrypted.
Funniest thing I’ve read today. Thanks. ;)
Related article and legislation:
DHS Advances Einstein Cybersecurity Deployment
The Department of Homeland Security plans to hire IT experts who can support Einstein and other security technologies.
5/26/2011 3:05 P.M.
http://www.darkreading.com/risk-management/dhs-advances-einstein-cybersecurity-deployment/d/d-id/1097980
Key Committee Approves the Federal Cybersecurity Enhancement Act of 2015
Carper, Johnson bill would strengthen federal agencies’ cyber defenses
Wednesday, July 29, 2015
[Excerpt]
Sen. Carper: “We know that with each passing day, and for the foreseeable future, our federal agencies will continue to come under a cascade of attacks in cyber space, as will our businesses and critical infrastructure. Congress needs to make bolstering our cyber defenses – and staying ahead of this evolving threat – a top priority. Today, our committee continued to make real progress on this incredibly important issue by coming together, through a collaborative and transparent process, to advance legislation that will bolster our federal agencies’ cyber defenses. I thank Chairman Johnson for his partnership in moving this bill forward and look forward to working on this bipartisan legislation with the rest of our Senate colleagues so that we can ensure every agency is equipped with the ever-improving capabilities needed to fend off future cyber attacks.”
Sen. Johnson: “The U.S. government’s computer networks are under attack. Hacktivists, organized crime syndicates and nation-states have successfully launched electronic assaults against vulnerable government networks, some of which house millions of Americans’ personal and private information. Senator Carper and I are pleased the Federal Cybersecurity Enhancement Act, to accelerate deployment of a federal intrusion detection and prevention system that will improve the government’s cyber defense capabilities, passed unanimously out of our committee today. This act will require agencies to adopt best practices in cybersecurity. Had the powers of this bill been implemented already, they likely would have stopped the hack of the Office of Personnel Management. With this act in place, it will become far more difficult for our adversaries to steal our private data and to penetrate government networks.”
… (cont.)
http://www.hsgac.senate.gov/media/minority-media/key-committee-approves-the-federal-cybersecurity-enhancement-act-of-2015
Sen. Carper Recognizes National Whistleblower Protection Day
Thursday, July 30, 2015
WASHINGTON –Today, Sen. Tom Carper (D-Del.), ranking member of the Committee on Homeland Security and Governmental Affairs and a member of the Whistleblower Protection Caucus, released the following statement in recognition of National Whistleblower Protection Day:
“Whistleblowers can help Congress improve the effectiveness and efficiency of the federal government by shining a light on wrongdoing or misbehavior and helping to root out waste, fraud and abuse,” said Sen. Carper. “These brave individuals help uphold the integrity of the missions they serve and can spark positive change. I have been a long-time supporter of whistleblowers, and am proud to be a member of the Senate Whistleblower Caucus. While Congress made important progress safeguarding whistleblowers by passing the Whistleblower Protection Enhancement Act of 2012, far too many whistleblowers still face retaliation. We need people who are willing to stand up and say something when they see something that is wrong – and to encourage people to stand up, we need to ensure that they will not be punished for doing so. I look forward to continuing to work with my colleagues in the Senate, and especially the other members of the Whistleblower Caucus, on this critical issue. And to all those brave whistleblowers who stood up for what is right, we say ‘thank you.’”
The Whistleblower Protection Caucus, founded earlier this year, focuses its mission on raising awareness of the value and need to protect individuals who call attention to fraud, waste and misconduct. It aims to foster bipartisan discussion on legislative issues affecting the treatment of whistleblowers and serve as a clearinghouse for current information on whistleblower developments of interest in the Senate.
http://www.hsgac.senate.gov/media/minority-media/sen-carper-recognizes-national-whistleblower-protection-day
Now what?? Read on …
Very likely, Linux will soon be banned as a “terrorism tool”.
Hi General –
Yeah, I’m certainly not intending to go for this monstrosity. My cousin is on the list, though. I sent her an article about the WiFi sharing. She probably won’t even bother to read it.
Mr Useful Idiots is an expert in Linux. He introduced me to Mint Linux after which I installed it. Now only I can spy on myself, thanks to Mr Idiots. Probably he can help your cousin also unless of course she is jihadi types, in which case Mr Sufi can help her give up jihadism.
Why would you think you’re the only person that can spy on yourself on Mint? Just because it’s Linux doesn’t make that true, just less untrue; your (remote) threat vectors are reduced, they’re not eliminated.
More on Windows 10.
http://www.dailykos.com/story/2015/08/02/1408113/-Windows-10-comes-with-built-in-spyware-If-your-work-requires-confidentiality-DO-NOT-INSTALL
Doing the right thing is tricky when the powers that be have dedicated themselves to creating problems.
Any dependence on Google, Yahoo or Apple to provide encryption without a way to subvert it is not even worth considering. Publicly they would be in a war with the government, but privately they would always cooperate with them. All NSA needs to do is put their own people into the company boards to get what they want.
Encryption should be good despite all that anyone, including all the above companies, can do to subvert it. Users should be taught how to use it properly. To begin with, all schools must teach their students in Grade 5 itself to use encryption in their emails. Then those folks will grow with the technology and also be able to set up the systems for their parents and grandparents. Very soon most of the hardworking NSA crowd out here would be headed eastwards with assault rifles to kill some Muslims and make the world safer than what it is today, for that would be easier than decrypting 256-bit encrypted keys.
If you have to have people ‘use’ encryption, then you have lost the battle.
Don’t you wear clothes? Or do you expect people to cover their eyes while you walk around with your birthday suit? Don’t you lock your house and car? To protect yourself is your own responsibility, especially now that you know what others are doing with your electronic world.
Agree. And while much fuss has been made over the NSA, FBI, GCHQ et al, the Internet companies have been left unscathed and pretend to be victims. Let us not forget that these companies also use our personal data – there business models depend on it.
But I disagree with your statement about company board positions for NSA. That is not necessary. Can you spell “Government Contracts”?
Actually, I am quite surprised that the Intercept has not picked up on this. Investigative reporting on Internet companies and their role in privacy is virtually non-existent.
Can we go back to “intra/inter-office” memos and emails please. Lol! Things ran so smoothly back in the old ‘daze.
To remember the difference between intra and inter, keep in mind interstate highways and company intranets:
Interstate highways take you from one state to another. A company intranet is for employees within the company.
So you can remember that inter means between, and intra means within.
http://www.businessmanagementdaily.com/29097/inter-vs-intra
“Investigative reporting on Internet companies and their role in privacy is virtually non-existent”
“Investigative reporting on Internet companies and their role in privacy is virtually non-existent.”
It’s been tried — the population (well the majority that ‘matters’ according to whomever decides such things) just doesn’t seem to want it and a need for ad revenue tends to make it go away fast/make those sorts of articles a non-starter.
To be fair, though, I’d say investigative reporting in *general* especially in the tech realm has diminished in scope and intensity. We don’t really have the same sort of hard-hitting exposes we used to have, and much of the internet-exposed have become hardened. There’s a lot of reasons for that obviously (want access and quotes? go along; if not, good luck) but ultimately I think the biggest reason is just that it’s so systemic that going after any one particular thing just winds up leading to the turtles all the way down problem; most of our entire industry (I remember you saying you’ve been in it for a while) is pretty corrupt and PR releases seem to get treated as news.
Agree on gov contracts BTW. Defunding things at this point (which wouldn’t happen anyway) would wind up truly crashing the economy is my guess — so that doesn’t bode well for defunding.
I’m so so tired of perpetrators claiming to be victims.
If anyone thinks Apple isn’t rotten to the corp, they got a lot of coring to corn, gorilla glass asses. Checked your email lately, or does it check you, mates? NYTs tells me China’s got a lot of repo billionaires. I’d like to get paid for what Uncle Clint made, but even he didn’t get a cent, urians. Corning, what a bunch of slave masters!!
@mr abracadabra
Nice to see you writing in codes, even though it defies my ability to decode. Everyone should follow your style and make life really difficult for everyone else on the planet.
Hrj9 e942 2aa2 0040 lx93 ;-)
WTB1J3JlLlMhbGx5OykK
Do wager queens? Or wager only pawns, bish?
You don’t have to a computer whiz to know that Encrypting prevents unwanted intrusions into systems; stop encrypting -anyone can intrude-why would Ed ward Snowden want that to happen. Did he suggest the same thing to the Russians and the Chines – he must know by now they spy on us as much as we spy on everybody The more he talks the more you get suspicious of his motives. Thank Snowden for telling us about our government’s spying; but I smell a big rat hiding in a non American country.
You do if you’re Onedelette or Useful Idiot and even then you know what? You’re still not safe. Oh and definitely don’t download Windoze 10…
Snowden is not calling for an end to encryption. You have misread the article.
An end to end encryption is the beginning of beginning encryption! I jest.
Terrorists will be sure to comply with every demand for backdoor access the American intel services make.
The truism applies:
When end-to-end encryption is illegal, only lawbreakers (terrorists) will have end-to-end encryption.
Is Snowden a corporate lackey now?
Edward Snowden is simple traitor.
Hey Bob,
Jim Clapper and former House Intelligence Chair (and FBI stooge) Mike Rogers. Those are your guys. Those two traitors violated their oaths to defend the foundational documents of our constitutional democracy (the United States of America) from all enemies foreign (GCHQ JTRIG CSIS) and domestic (Jim and Mike themselves as well as the FBI DHS and NSA). My question to you is did Ed violate his oath protect and defend your constitutional right to bear arms? How about your constitutional right to free speech and freedom to associate, or by extension your right to be secure in your person papers and effects, your right against self incrimination surely dovetails with your constitutional protection against housing military trained cyber intruders residing in your network an devices.
Well anyway Bob it was nice meeting you and we’ll leave the light on for ya…
Lol that is a truly hilarious interpretation of the 3rd Amendment.
United States Uniformed Services Oath of Office
From Wikipedia, the free encyclopedia
“… I will support and defend the Constitution of the United States against all enemies, foreign and domestic; that I will bear true faith and allegiance to the same; …”
Text of the Oath [edit]
I, [name], do solemnly swear (or affirm) that I will support and defend the Constitution of the United States against all enemies, foreign and domestic; that I will bear true faith and allegiance to the same; that I take this obligation freely, without any mental reservation or purpose of evasion; and that I will well and faithfully discharge the duties of the office on which I am about to enter. So help me God.[1]
https://en.wikipedia.org/wiki/United_States_Uniformed_Services_Oath_of_Office
There is one distinct difference between friends and spies. Friends do not pretend not to know you. ~ Joanne S Hosea
No…
…No..again,,
lol the intercept still exists? haha probably begging daily for a link on huffpo
and btw, nobody cares about this loser.
You do realize that people who start a sentence with “lol” are considered amongst the most stupid people on the planet and should be mocked endlessly for their vapidity. Sorry you had to hear it from me. Come back after you’ve received an actual education.
SORRY WHO, but your response to Chip Rooney just made you look like a complete fool. In today’s world of social media, electronic communication etc, you may as well get use to things like “lol”. Sorry you had to hear that from me. Come back after you get with the 21st century you moron.
DMAD, I have no problem being a fool. But I’m never going to accept the thoughts of people who have so little respect for the own ideas to bother writing them out in cogent sentences.
If you want to come to political forum to discuss complex ideas about encryption, security and government over reach, you are expected to at least be able to put together a single sentence. If you think Chip did that I feel sorrier for you than do him.
This is a true fact.
Chip DMAD and Mathme Have Zero Game…
My gues is bad haircuts too if the have any. Gotta be automated. Or if not getting paid just a little less than an Uber driver….
There is a reservation for Mr Snowden in CO!!
Yes an Indian Reservation to live with the First People. Sort of a Modern day Billy Jack.
check this out
snowden, still a traitor
To whom?
Mike, don’t expect a reply from a person who has no ideas of their own.
Who was it that issued the visas to all the 9/11 terrorist?
Boy alotta new guys. Must be something interesting about Edward Snowden in this thread.
Games theory says users will find a better way, every time.
XKeyscore users.
Games theory? Utilize the internet as a research tool. Make handwritten notes. Type documents using a manual typewriter. Welcome to the new normal … “survival of the slickest”. Lol!
As an IT technologist, I use strong encryption.
I can obtain such elsewhere if it is compromised by US and thereby open to fraud.
The government has no right to my data.
If it has data then it is likely that criminals do.
We know that people like ISSA devulges everything they get, if only for self-importance, like a peacock.
Such official back doors also hurt US economy and businesses, dumb down the electorate, and are self-defeating.
Strong encryption does not protect you from zero-day exploits, such as those employed by Hacking Team.
What HackingTeam, Finfisher, etc., do is install virus in your system using zero-day exploits in your browser or other system files that they can access. So, you may end up showing your keystrokes or screen to people in some remote systems observing you. There is a laundry list of things that you should do to reasonably protect yourself against such attacks, the foremost among them being to stop using Microsoft Windows altogether. Did it ever occur to you why Windows comes pre-installed in your machines?
Zero-days are no fault in any authentic encryption system that can be exploited. Given sufficient time, resources and luck you can brute-force any encryption, but the aim is to statistically make the time infinitely large enough to dissuade someone from trying.
Ed is a great adviser to many nations now in Russia. He is a hero to many lawmakers and Americans for stealing classified information and with advice for Greenwald he left the US to China. As China knew what Snowden had Snowden left for Russia. He is seen now giving lectures and advising now how Tech can be used. Snowden recently offered his services to Brazil. Yes many would love for Snowden to return to the US and be an instructor to students on how to learn what he does and do what he did. Who knows there could be a class Snowden could teach on how to steal classified information and offer it to foreign nations. He was so up set Ron Paul lost and the hate for Obama drove him to make something happen. Interesting to learn Snowden worked in top secret classified government jobs during 2002 when Bush announced how the spying, wiretap and eavesdropping was order. Snowden was proud of his work for 8 years and knew what would happen if he said anything when Bush was President so he waited until a new President took office.
Got news for Snowy about the “data insecurity” and if one government can demand access to private communications they all can. All governments more or less already do. A few years ago in the middle east, Blackberry had to set up a special server so Saudi could have access. Telecoms that don’t provide adequate “support to law enforcement”, don’t get licence to operate and get shut down…
There’s a reasonable compromise. If the government directly controls everyone’s devices they won’t need to request anything from Apple or Google. Thus those companies will no longer need to keep copies of your encryption keys in order to be able to satisfy legitimate government requests. So the legal liability issues disappear.
People will be free to use encryption as much as they like. There will always be some paranoid people, concerned that the government may not adequately protect their encryption keys. But the government does not have to be perfect in this regard. They merely have to be better at data security than the average person. This is not a difficult hurdle, so on average, the security of people’s encryption will increase. If someone is able to spoof the government’s access protocols to your computer, they would probably have been able to hack in on their own anyway.
Then there are the truly paranoid, who fear what government itself might do with access to all their data. But the US government is a paragon of transparency. It’s actions are subject to public scrutiny and its citizens hold it accountable.
Some may argue that not all governments behave so admirably. But no one is advocating giving this power to all governments. So people in other countries will receive the benefit of direct control and oversight by a government which is more enlightened than their local rulers. Some local rulers may object, but if they wall their country off from the internet, it will decline and eventually disappear.
Sometimes the solution is so obvious that everyone, busy arguing about whether the management of Apple and Google should be executed or merely sent to prison, overlooks it.
Really Benito?
The U.S. Government is “…a paragon of transparency.”
Really?????
Enough said!!!!
Someone missed the sarcasm bus.
God Bless Edward Snowden, Julian Assange, Glenn Greenwald, Laura Poitras, Chelsea Manning and ALL the ‘Paul Revere’s’ willing to stick their nose out for OTHER people’s freedom.
Snowden is an inspiration to us all. We have build http://www.ghostmail.com based on one of his first e-mails to Glenn Greenwald where he said it was up to the tech community to design over-engineered solutions for keeping communication private. We now support encrypted e-mail, chat and storage based on a Zero-Knowledge approach. We don’t have access to unencrypted keys or data which means we can’t read any data nor hand it over to anyone.
With all due respect, your source isn’t open, you’re hiding your funding sources and saying there is just some anonymous backer, and even the creaters aren’t being transparent. Who’s auditing you? Who are you? What’s your business model? Why should anybody trust you?
BTW: What does your ComputerWorld quote even mean (“encrypted beyond all recognition” — I mean, um, what’s the alternative there — encrypted but recognisable? :P)
In general something’s really weird about your site and its premise; I have no idea if the tech’s good but you’re giving noone really any way to know it is either, and that’s suspicious. You don’t really give anybody any reason to trust your employees or your tech.
I’m not saying it’s bad. I’m saying noone can know if it’s good or bad and the entire thing reads as a bit sketchy given the way things are these days. Things being ‘free for now’ are always predictably a lead-up to something else and hiding your funding and your names and backgrounds… that’s nice for someone who wants privacy, but it’s NOT nice for people who need to know if they can rely on YOU for privacy.
Just some stuff to consider. There are also better technical models but I didn’t bother looking into that aspect of your site more than for about one second because the other stuff stuck out so much.
Hi “Useful Idiots” (cool name)
Good questions, but it seems like you did not bother to read the information on our website as most of the “missing” info is already there. You can see our crypto overview here : https://www.ghostmail.com/crypto. Audits you can see here: https://www.ghostmail.com/docs/CSIS_GhostMail_Security_Audit_February_2015.pdf .
From our FAQ: How do you make money?
Good question! We are owned and funded by some very nice (and wealthy) people, who also believe in the human right of privacy and not being spied on. As of now, our services are free and we will always maintain a free version. We do plan to introduce some really cool extra features soon, which is worth paying a small subscription for – and hopefully we then can have our salaries and costs reimbursed one fine day!
I hope this information made you less confused. Thanks.
“We are owned and funded by some very nice (and wealthy) people, who also believe in the human right of privacy and not being spied on.” … “and hopefully we then can have our salaries and costs reimbursed one fine day!”
I’m confused. On one hand you say you are being financed by wealthy investors and on the other you say you are not being compensated. Please elaborate.
Birger Christiansen,
Yep. Its all there just like you said it was. Its cool that you’re funded by those of independent means. It makes it much harder for the spooks and LEO hacks
compromise your business model if your doing good work which you clearly are.
Would you be a scraper of intelligence to make oafs feel better about their elfs? I once searched for a man’s G-Gpa and found instead a plethora of his BS memos making him out to be the third biggest turd in the family! Yet his pile of BS data was blocking my view of his old tomato’s Westchester holdings. Lot of firemen died cutting that land lock loose. Could he really have been headed to the halter with Zooey Dechanel? He certainly made an ass of himself crying…did you undo Pforzheimer’s holdings for him? I’d love to know what it takes to take a bite out of time.
Until the tooth of never. And that’s the wrong, wrong crime.
Birger, a few more questions if you don’t mind:
– If you encryption is so “Hardcore” then why have self-destructing email and chat?
– “We don’t know anything about you” … “We don’t store your IP address”.
If this is true then in your transparent statement:
“Being bound by Swiss law, we will only start to consider cooperating, if we receive a valid legal request from the Swiss government or a Swiss court order. As we do not have the ability to decrypt any communications or data, we would only be capable of handing over encrypted data (if the data or messages are not already deleted by our self-destructing technology). ”
Begs the question: How you would know WHAT records to turn over to authorities if you have no idea who your customers are?
I have many more questions. I’m just getting warmed up.
@ UI : I have been using said ghostmail service since last year and must say its good. Yeah servers are in EU (bunker in Sweden) but as long as the encryption is strong, should mean nothing. Transparency report also is present in case you missed it https://www.ghostmail.com/transparency-report
As a software engineer that specializes in security, the “Transparency Report” is a joke. There needs to be transparency about how security is implemented. There are ways to do this without sacrificing security / intellectual property. I could give a rats ass about an audit report that doesn’t specifically address implementation.
Chin chin!
PrivateDancer? Like dancer for money? Tina’s quite the turner, isn’t she?
I agree with Useful Idiots. In addition, you are inappropriately using this venue to promote your product. For me, that raises a red flag.
JackSprat,
Every Hard Drive and Sim Card maufactured is owned at the root.
Equation Group and GCHQ NSA.
You can do 6 or 7 military grade disk
wipes and they still own you from the
root from the first reboot.
Endpoint security in end to end encryption is the wild card. I hope their new product helps the right people at the right times as frequently as possible.
“Equation Group and GCHQ NSA.
You can do 6 or 7 military grade disk
wipes and they still own you from the
root from the first reboot.”
So your position is: “they still own you” and by extension there is no such thing as cyber espionage (domestic and international)? As in, my intellectual property is first and foremost theirs? This type program or operation is legal?
Joanne Susan Hosea,
Its all illegal. Both the wholesale illegal violation of universal human rights worldwide of every user of these intentionally compromised consumer
products and the constitutional rights of Americans to be secure in their effects. Each compromised drive knowingly manufactured or installed puts every user at risk and almost every known manufacturer is partipating knowingly, via line level sabotage or under duress.
“Its all illegal.” Exactly! Thank you, Christian C Holmer :-)
Please don’t embarrass yourself. IT has been my profession for 27+ years. I know more about encryption than you will ever know. I also know that no matter how strong the encryption is, if it is not implemented properly, data will be compromised. So “excuse me” if I question these guys. But of course, you are an expert and you are willing to accept their software solution at face value without objective analysis.
If you’ve read any of my comments you already know I agree with you 100 %.
Whats more is you know I listen very carefully to most of the leaders in your field
and make technical decisions based on their twitter feeds and blog posts. By all means you should be able to audit the code on an ongoing basis. We need you doing that because you kick ass at it and I sure don’t. My only intent was to encourage them to continue developing their solutions and simultaneously remind everyone else just how deep the equation group NSA GCHQ rabbit hole goes. Richard Stallman open source evangelist took alot of heat for many years. These last two years not so much…
Q1: Richard Stallman is an open source evangelist? News to me.
Q2: What heat did he take for many years?
“Free” and “Open Source” go hand in hand…
“Free” and “Proprietary” do not…
You broke the Internet: We’re making ourselves a GNU one.
https://www.youtube.com/watch?v=DzbeETRAjN4
JackSprat
In your professional opinion is this list of experts on encryption below reasonably inclusive? Yes?
https://static.newamerica.org/attachments/3138–113/Encryption_Letter_to_Obama_final_051915.pdf
Your reply software still has some bugs.
In the Nürnberger Nachrichten, the local newspaper of Nuremberg it is written: As long as men do brush their teeth women are happy (according to a study from the US).
They do not write anything about encryption. Sad shit.
As always, thanks Edward Snowden for all you have done and are doing. Thanks Jenna and TI for bringing this to us.
keep fighting the good fight guys, people like you are few and far between. we need to hear your voices now, more than ever before. democracy is dead.
FBI officials, law enforcement and other national security agencies take a supreme (and superseding) loyalty oath – exclusively to follow the U.S. Constitution – they do NOT take an oath to protect & serve and they don’t take an oath where the “ends” justify the “means”.
The irony is Edward Snowden honored his oath, his critics betrayed that oath!
Remotely related database link as in response to: “FBI officials, law enforcement and other national security agencies take a …”
The Counted: people killed by police in the United States in 2015 – interactive | US news | The Guardian
http://www.theguardian.com/us-news/ng-interactive/2015/jun/01/the-counted-police-killings-us-database#
It doesn’t matter if Apple fights the government on encryption. They already have another software backdoor through AT&T and Verizon.
It’s the precedent that matters most, not the one specific implementation.
With 17 (over-compensated) spy agencies on the payroll, you’d think the USG would expect more from those employees than sitting on their asses in front of a video monitor all day, dreaming of a future in which the internet is no more than a giant shopping mall.
Get off your butts and go collect some HUMINT if you want to catch some terrorists. Or are you actually interested in real terrorists?
like your comment…
“dreaming of a future in which the internet is no more than a giant shopping mall.” —- one littered with automated play video ads. Horrible!
“Get off your butts and go collect some HUMINT if you want to catch some terrorists. Or are you actually interested in real terrorists?” THAT’S what everyone should be asking!
The Washington Post published a ~sort-of white flag Op-Ed triumverate-authored between Chertoff, Mike McConnell & William Lynn today. What it means for perpetuity I do not yet know.
Here> https://www.washingtonpost.com/opinions/the-need-for-ubiquitous-data-encryption/2015/07/28/3d145952-324e-11e5-8353-1215475949f4_story.html
wow. thanks for the link. It really IS a white flag!
Like to add my thanks for posting the link to that excellent article.
Interesting to note that Ed revealed that the UK was keeping tabs on Argentina and her Malvinas aspirations. Quite right. Argentina’s Falklands’ claims are scrutinised: https://www.academia.edu/10490336/Argentinas_Illegitimate_Sovereignty_Claims
Why would any true loyal Americans, be they Democrat or Republican, Male or Female, White,Black,Hispanic or other, vote for a Democrats or a Republicans when both .parties have shown their willingness to subvert the Constitution, our Civil Liberties, and our National Sovereignty through the TPP (The Trans Pacific Partnership) and have been doing so for decades & the Governments own records have proven this to be true ! We are being sold out by the Democrats & Republicans ! It now has become a choice between Fascism or Liberty & Fascism is winning !
Both parties have been complicit in this criminal activity. Some will say they don’t want to waste their vote, but you are already wasting your vote on Democrats & Republicans because they are the ones who have already betrayed us ! This should be a joint effort on the part of all Americans, Democrats,Republicans & Independent voters ! Organize now before its to late ! Your liberty is at stake and that of your children & grandchildren !
We get the Government we deserve, and nothing will change until we stop electing Democrats & Republicans after all they are the ones subverting the Constitution, & they must be held to account both politically & leagly !
No more lies, excuses, rationalizations,or justifications, the public needs to hold these officials to account to the fullest extent of the law under Title 18 sec. 241 & 242 (Google it), so any future traitors will know there will be consequences to such behavior.
As Mr. Snowden said the Politicians are afraid of you ! Now is the time exercise you power, you
may not get another chance !
REMEMBER: POLITICIANS, BUREAUCRATS AND DIAPERS SHOULD BE CHANGED OFTEN AND FOR THE SAME REASON.
Some words of true Patriots are as follows, as opposed to the words of false flag patriotism of today.
He that is of the opinion money will do everything may well be suspected of doing everything for money.
Benjamin Franklin
He that is good for making excuses is seldom good for anything else.
Benjamin Franklin
Experience hath shown, that even under the best forms of government those entrusted with power have, in time, and by slow operations, perverted it into tyranny.
Thomas Jefferson
Rightful liberty is unobstructed action according to our will within limits drawn around us by the equal rights of others. I do not add ‘within the limits of the law’ because law is often but the tyrant’s will, and always so when it violates the rights of the individual.
Thomas Jefferson
In framing a government which is to be administered by men over men you must first enable the government to control the governed; and in the next place oblige it to control itself.
James Madison
Liberty may be endangered by the abuse of liberty, but also by the abuse of power.
James Madison
The liberties of a people never were, nor ever will be, secure, when the transactions of their rulers may be concealed from them.
Patrick Henry
“We the People are the rightful masters of BOTH Congress and the courts, not to overthrow the Constitution but to overthrow the men who pervert the Constitution”
Abraham Lincoln
America will never be destroyed from the outside. If we falter and lose our freedoms, it will be because we destroyed ourselves.
Abraham Lincoln
We should not forget the warning of President Eisenhower .
https://www.youtube.com/watch?v=vLqWfWxqh_0
The NSA is controlled & operated by the DOD & the MIC (Military Industrial Complex) Private Corporations.
“The very word “secrecy” is repugnant in a free and open society; and we are as a people inherently and historically opposed to secret societies, to secret oaths and secret proceedings. We decided long ago that the dangers of excessive and unwarranted concealment of pertinent facts far outweighed the dangers which are cited to justify it.”
President John F. Kennedy
Waldorf-Astoria Hotel
April 27, 1961
As is said in the law, falsus in uno, falsus in omnibus. (“False in one thing, false in all things” is an instruction given to jurors: if they find that a witness lied about an important matter, they are entitled to ignore everything else that witness said.)
As a reminder Hermann Goering said at the Nuremberg Trials .
“The people can always be brought to the bidding of the leaders. That is easy. All you have to do is tell them they are being attacked and denounce the pacifists for lack of patriotism and exposing the country to danger. It works the same way in any country.”
“Fascism should more appropriately be called Corporatism because it is a merger of state and corporate power.”
Benito Mussolini
Time to start removing the corporate Congress from office & defunding the NSA & the Police Surveillance state, to pre 9-11 levels & force them to comply with the law & impose jail time for non compliance under USC Title 18 Sec. 241 & 242 (Google it) .
Disclaimer: Be advised it is possible, that this communication is being monitored by the National Security Agency or GCHQ. I neither condone or support any such policy, by any Government authority that does not comply, as stipulated by the 4th Amendment of the U.S. Constitution.
Thanks for the citing 241 and 242. Important for targeted individuals for know these laws. (fightgangstalking.com)
I don’t want to accuse you of trying to discredit the “Fight Gang Stalking” website, but it’s interesting that you’ve decided to associate the inane ramblings of gezzerx with a site that provides a sane and accurate picture of illegal counterintelligence crimes currently being perpetrated throughout the US and other countries. The difference between the two is stark; one is merely irritating spam, while the other is a comprehensive site which cites legitimate news sources that support claims that COINTELPRO-type operations are illegally being used on innocent, everyday people.
Again, I don’t want to accuse you of trying to discredit the “Fight Gang Stalking” site, but maybe you can see how one would reach this conclusion.
They even have gang stalkers working in MAJU university Islamabad as a good group of 10-20 girls plus guys. They have network everywhere now. They usually chose Pakistani kids at age of 15 for monarch programming to make Monarch slaves.You will be suprised that 80% of targets in Pakistan are females(lot of free slaves for US government staff?).Yes, i was informed by Government of Pakistan official channel that this is a psy op of US government and NGOs where they are making Monarch slaves and Pakistani government has no control or ties or understanding to what they are doing.On my protest, Government did take action in June 2015 against NGOs and tried to close save the children Islamabad which they claimed has deep roles in this. Save the children is actually enslave the children kind a thing.I was suggested by government officials to keep quiet and ignore them. They told me they are using EMF waves to torture you.I do thank Pakistani government for letting me know unofficially about this evil insane US government programs to enslave mankind. Even government officials admitted that they have ability of some weird type through which they read minds using EMF waves because of which they all use 8 band frequency jammers to protect Pakistani senior policy makers minds all the time.
Jenna,
thank you for keeping this issue “public”. The planet is indebted to Mr Snowden for his bravery, his resolve, and mostly for the selflessness he included in his heroic actions to “out” the liars in DC. I applaud Glenn and Laura and am a huge fan of all three of you. I ALMOST want the government wonk’s to win this battle – only to see them lose the war – as Edward outlined in his e-mail.
I am sickened by the disgraceful course our corrupt government, the too big to fails, and multinationals are charting out for us. Anyone with half a brain can see – no good can come of this.
Thanks to all of you.
The gov should clean house first before they start pointing fingers at others. How about IBM supplying punchcard machines and monthly maintenance to the nazi’s in concentration camps. How about the government poisoning its citizens with gmo foods and pesticides. How about 16783828995674 other things they could be pursuiing instead to make a positive change. Oh wait, sorry, that government doesn’t exist. Carry on.
As we have learned pre Snowden Apple and Google worked cooperatively and with little or no resistance and for mutual benefit with NSA/GCHQ/BND and others. After Snowden they started by lying about it, then found that wasn’t such good PR so they started “encrypting” their products – so they say.
Really, I find no compelling reason for trusting one part of the Neoliberal power structure ie giant tech monopoly corporations which, I believe, continue to work with government is every way necessary and possible because there is no evidence they have stopped as far as I know.
As Snowden has said on more than one occasion ONLY end to end verifiable, self installed, powerful and easy to use encryption will protect privacy. Reliance on giant corporations to protect your privacy is dangerous and foolish and lazy.
It is foolish, it seems to me, to trust any part of the Neoliberal power structure, which includes Apple and Google with protecting privacy – or for that matter any ideal which came form the Enlightenment.
“…ONLY end to end verifiable, self installed, powerful and easy to use encryption will protect privacy. Reliance on giant corporations to protect your privacy is dangerous and foolish and lazy.
Spot on! This charade is disinformation at it’s worst.
All righty then. The argument in the latest junior journalism piece on encryption is essentially as follows:
1) The government (King Benjamin I ibn Wittes, anyway) wants to declare Apple and Google terrorists;
2) Snowden (PBUH) is the god of all things Intercept;
3) God says the 4th Amendment notwithstanding, companies should not honor warrants issued upon probable cause, because;
4) The Dalai Lama (who’s in India);
5) Cf. Jenna McLaughlin on the nitty gritty of how encryption works or doesn’t.
Therefore: Everyone applaud Apple and Google because, goto step (2).
Can we have Micah back?
You have to read these stories in the context. This was not a long-form piece, it reported on Snowden’s response to the lofty legal assertion from the article Jenna covered yesterday. And that’s OK, because not every journalism story can or should be long-form.
RE 3: I don’t see where she mentioned that Snowden said companies should not honor warrants. There is a major difference between a warrant issued on probable cause and a mandate for leaky encryption. One requires a judge and an investigatory target, the other requires subverting all hardware and software in the nation for everybody. You misunderstand the issue or are exaggerating the correlation between a valid warrant and a mandate for restrictive technology.
RE 4: It doesn’t matter where the Dalai Lama’s physical location is because if you recall this year the DOJ is demanding that Microsoft disclose private customer data for customers located in Ireland on servers located in Ireland. You think China has more legal honor than the DOJ to honor state sovereignty? (Microsoft is fighting this demand, by the way)
RE Micah: This wasn’t a tech article, it wasn’t an explainer or a how-to. Micah does great work and writes great posts, but this story is not his domain.
RE Jenna: I actually like Jenna’s writing here, I think she has a good voice and brings good articles to the table. Maybe she has some long-form stuff in the works, who knows? She is relatively new here, after all. You think they hand you an air-gap with Snowden docs on day one??
“This was not a long-form piece, it reported on Snowden’s response…” – luda
Precisely. As Steve noted as well, these articles are specifically not designed to be an end-all, answer every question essay.
This and other short-form articles here are meant as reminders in order to keep the dialog at the forefront, offering new information and insights; while still linking to previous and/or related work to provide context and depth for those that haven’t been keeping up on these already, much reported on issues.
Taking them out of this context, as is the wont of ondelette, CraigSummers, and Nate (among others) not only serves little purpose, it reliably makes those who do so look completely uninformed.
I see. So they’re fillers in order to keep the story current in, like, Google’s news search or something? Okie Dokie, if that’s the purpose then I guess the article doesn’t really have to make much sense, after all, I fill packages with excelsior and don’t ask what was written on the newspaper before it was shredded.
My quarrel with it wasn’t just the light weight. It also cites her previous articles, with all their inaccuracies. That helps establish those inaccuracies as the official narrative, when she has no technical expertise with which to do so.
Lately I’ve been feeling like most of the stories here have been more or less filler and human interest. I’m not saying that’s not important — but it really isn’t/wasn’t what I was coming here hoping for (especially given the new tabloidish tiling look/etc). Repeating what I’ve said so many times (in re your statement about citing oneself) my biggest concern about this site has always been that it reduces diaspora — which tends to create bubbles that self-perpetuate instead of providing challenges both to other journos and to their readers.
Never got that contact info/reply. Gonna check back in next week but probably not posting much after this. I tend to suck at getting in touch and I haven’t provided the same though, so :P.
Really? I did send a reply. I also left two replies to you that said,
I don’t know how A can do B, given the vagaries of C. One is about your screen name. I also told you I was unfamiliar with one of the protocols you mentioned and was looking into it.
No, the reply was later — in one of Glenn’s articles. I’d given a direct link to the comment in another article since it had basically been timed off easy accessibility (it was either the NY Times one or the one just after that about journalists learning a lesson); I think all of them have now though. I had also managed to get a message in on the original thread before it got closed (suggesting we just go with a one key to a message with another key to a message with contact info — it’s not a great solution but I don’t think there is one (if you’re talking about the one thing I suggested as a possible future model to the remailer guy, then I should warn: I’m pretty sure that never took off — it might have had a chance a few years ago; lack of noise would make it generally unviable now).
BTW are you interested in astronomy?
Sometimes. I spent a lot of time on planetary motion (the restricted three-body problem) once, and have a current interest that overlaps cosmology. Was really interested in non-linear optics at one point, the interest isn’t gone but no time to pursue.
The message I probably got sidetracked by was the one which mentioned xmpp, because I’d never heard of it before and found it fascinating.
Ah, yes, xmpp is interesting — and chunky, so chunky. A subset of it is how jabber (and Google Talk or whatever those fierce moneymakers are calling it now) works, though I assume you’ve learned that by now. :)
Your interests are so harmonic. :D I hear you on a lack of time to pursue. Sigh. Gleik, then?
(Incidentally I don’t really ‘write’ like a lot of my comments most of the time. ;))
Re 3):
He does indeed say they shouldn’t honor a warrant. Or did you have some other piece of paper in mind?
Oh right….thats where he mentions the National Security Letter.
Lighten up Onedelette,
Micah never left. Neither has Morgan.
The masses don’t understand encryption. Theyre getting there slowly. Don’t be so impatient. I’ve been reading your multiplicity of extensive posts here for some time now and you’re clearly well informed on this subject and a number of other salient
issues.
Your capacity to briefly encapsulate the implications of these admittedly technical issues for a lay audience could be improved and no doubt very much appreciated.
Many NSA employees are selected for their technical skills just like The Intercepts go to “deity” Mr Snowden. A whole lot of technically and scientifically gifted people work for our intelligence “community” much as many of those similarly gifted did in the financial sector after Glen-Stiegel was repealed leading up to the crash. We need more people with those skills and that perspective guiding the less technically inclined in many many discussion venues to be sure. Perhaps even those dicussion venues more frequently visited by IC employees for the purposes of their ongoing education rewuirements rather than the more political sites they’re more actively gaming using the trolling techniques of our day.
My god (the god of reason) says General Warrants cannot be issued on probable cause. Thats what makes them general warrants – their inspecificity as to who is being targeted, why and what for. Weakening or denying encryption altogether for everyone to streamline serving a specific warrant on a specific person based on probable cause is ridiculous and you don’t need a mechanical or elecrtical engineering degree to grasp that. Congressional representatives Ted Lieu and Will Hurd grasp that and they are both self-admittedly “recovering computer scientists.”
You dont need to know how to write the software to use the software (XKeyscore)
and EVERYONE here uses software.
You don’t need to proficiently code in C Java or anything else to enter a search term into JTRIGS project development wiki.
Additionally while it would be enormously helpful for personal opsec to know how to build our own hardware and write our own software scores of the top tech people have stated clearly that even THEY are completely vulnerable to the ordinary essentially non-technical Xkeyscore (and all of their friends) user with the right permissions.
You can help all of us here in so many constructive ways just as Edward has and does and Jenna will…
Cue Useless Idiot….
Lighten up?
If you bill yourself as a site practicing “adversarial journalism” by taking on the big boys and defeating them with the sword of unmitigated truth and righteousness, the very least we could expect is the truth. And the truth is, Jennah has pretended that the government, not a speculative Lawfare column by a neocon blogger, is interested in making Apple and Google the subject of material terrorism accusations. The truth is that Jennah is citing her own expertise on the notion that there is no technologically feasible method for what Comey proposes, and she isn’t capable of determining that at all.
But you apparently do need such a degree, or more, to grasp that making statements on what the only way of doing something is requires that you can prove it’s the only way. And as long as there is no proof, statements that rely on polls or worshiped experts are not verifiable.
as usual, any attempt here or elsewhere to be reasonable is dismissed here as if it is complete insanity.
Ondelette is right, and Snowden IS saying that Apple should refuse legal, targeted warrants. Further, Apple has added a new encryption scheme that is different from other company’s schemes. It could go back to the scheme it had without weakening anything. Apple no longer has the keys to the messages sent on its phones. it used to have the keys, and it could still have them. That’s Apple’s choice. It is different from how most businesses currently do encryption. and it is designed to block targeted, legal, Bill of Rights-compliant warrants.
And I for one am concerned about the parts of the Bill of Rights that no longer apply when warrants can’t be honored.
The AG of New York state has already provided pretty convincing evidence of more than 70 criminal warrants–targeted, legal warrants–service of which Apple’s new scheme has blocked. In the brief time that this new encryption scheme has been in place. In one state. Of criminal law only. Think about that.
So yes, Apple is about going well beyond what the 4th Amendment prescribes, and Snowden’s (and The Intercept’s) continual prevaricating about it is really deceptive.
Not Onedelette. OK. Is that you Useful Idiots? If not mea culpa.
All tech companies should ignore ALL legal targeted warrants issued based on evidence laundered through paralell construction. Prove it wasn’t.
Note to C.C. Holmer: Just because people approach a subject in an analytical manner doesn’t make them the same people — nor do they necessarily agree. It’s this sort of assumption that is one reason I’ll be happy to leave here. There seems to be a few types of people and one type seems to believe everything is some twisted game of a conspiracy (often against them). It’s time-consuming.
I agree there shouldn’t be parallel construction btw; it should be flatly outlawed (and generally that’s because the original source shouldn’t been illegal as well).
Note to C.C. Holmer: Just because people approach a subject in an analytical manner doesn’t make them the same people — nor do they necessarily agree. It’s this sort of assumption that is one reason I’ll be happy to leave here. There seems to be a few types of people and one type seems to believe everything is some twisted game of a conspiracy (often against them). It’s time-consuming.
I agree there shouldn’t be parallel construction btw; it should be flatly outlawed (and generally that’s because the original source usually should’ve been illegal as well and to begin with).
You read like a counter intelligence agent, it’s disgusting.
A government mandate for compromised encryption is not a “targeted warrant”. A “targeted warrant” pertains to an individual’s legal rights. A mandate for compromised encryption pertains to the diminished security of all individuals, regardless of the issuance of a warrant, general or targeted.
The two can not be compared. Discussing warrants in this context is merely a distraction, intentional or otherwise.
If it makes you feel any better most of the ‘crypto backdoors’ have been by f’ing with random number generation and backing faulty RNG/PRNG, leaving the actual code that works around it seemingly working well and fully intact.
Feel any better, of course, is sarcasm. No civil society should ever *want* compromised encryption. It’s not even the technical difficulties that are problematic — it’s that people keep assuming they’re asking the right questions.
@not ondelette: What sort of society do we want to live in? One where open source projects get infiltrated by people with TS/SCI clearances to benefit governments by providing really really tricky bugs to exploit (easy if you start from creating the bug instead of just finding it, and much harder to spot) and companies get paid millions to back/use less-secure algos? Or one where this sort of thing is decided to be unethical and those who do so are punished/penalised for it just like any other criminal would be if they inserted or bribed their way into that sort of thing? It’s not a relative thing. It’s the creation of an arms race that works against not only other societies but ALL of (civil) society. We’ve lost our way. Nothing makes that okay. Why should any company be able to have the data to be able to fill that sort of warrant is a question I’d like a response to. It implies a skewed concept of ownership, and at some point I’d argue this really belongs more in the realm of property law than most people want to treat it as.
I guess I’m going to have to answer this idiocy, because Christian is repeating it now.
Nope. Not only aren’t I an agent, unlike you I’ve actually affirmatively eschewed such jobs multiple times before. Meaning in my case, I actually made a conscious decision not to support them, when both of us agreed I was probably capable of doing that.
Lots of people do, that isn’t something for which someone necessarily should be lauded, after all, it’s kind of “in the line of duty” for some professions and some requests. But unlike you, I do know about all of the incentives, and if you think really hard about it, I probably know what the work would have been.
What’s really disgusting is when someone ad hominems someone else like you just did. People shouldn’t have to defend the fact that they understand technical stuff to such charges, it’s pretty much McCarthyite guilt by association on geeks, and just like McCarthy, it isn’t being done in the public interest but rather to further your own point of view. A word to the wise is sufficient.
My counter intelligence agent comment was not directed to you, it was directed to “not ondelette”, which I did not believe was you. If that is you, my apologies.
The comments from “not ondelette” implying that somehow the fourth amendment requires cryptographic backdoors I found to be suspicious.
And if you read my response to “not ondelette” I do not accuse him of being an agent. I said he reads “like” one. And then I discuss a specific point about his post which I disagree with.
You can act like an agent without being one, some people are just that way. I never accused “not ondelette” of being an agent.
“as usual, any attempt here or elsewhere to be reasonable is dismissed here as if it is complete insanity.”
…and its speaker treated as an insensitive asshole who wants data and logical analysis instead of opinion and faith. That said that doesn’t mean I agree with you or ondelette per se but I do believe that’s what a dialogue is supposed to be about, not just repeating things and pandering: analysis.
NB: I trust Apple and MS and Google crypto very little to begin with and believe a lot of these stories are actually a smokescreen anyway; I also don’t necessarily believe that what Jenna posited couldn’t happen — it’s just not likely to happen to the Big Companies. It’ll probably close down a lot of little ones I’d trust more, though (and do so in ways that benefit the big ones and create even more monopolistic lacks of choice).
AND NOW ITS TIME FOR ANOTHER EPISODE OF “THE DISSEMBLERS”
(Dont trust anything you’ve read or heard from anyone especially experts because its year zero and the last two years are only shadows and dust Onedelette says shadows and dust)
Christian: Weakening or denying encryption altogether for everyone to streamline serving a specific warrant on a specific person based on probable cause is ridiculous and you don’t need a mechanical or electrical engineering degree to grasp that.
Onedelette: But you apparently do need such a degree, or more, to grasp that making statements on what the only way of doing something is requires that you can prove it’s the only way.
Christian: Wow. No dissembly required.
Downtown Clown Town.
And as long as there is no proof, statements that rely on polls or worshiped experts are not verifiable.
Christian: All the technical experts are talking about “how NOT to do something” and that something is? Careful its a trick question specifically designed for dissemblers. Oh and for the record (since your copy appears to be scratched) no polls are cited here and Edward Snowden has proven his veracity hundreds of times with no worship required. You’re clearly out of your depth contextually and never watch any of the public testimony congress solicits. CCC? DEFCON? TED?
Onedelete: And the truth is, Jennah has pretended that the government, not a speculative Lawfare column by a neocon blogger, is interested in making Apple and Google the subject of material terrorism accusations.
Christian: You ever hear of the revolving door? Dont let it hit you on the way out. Benjamin Wittes is now and always has been a National Security State Shill. Maybe he can point you to the stenographers pool so you can do some long form stenography.
Onedelette: The truth is that Jennah is citing her own expertise on the notion that there is no technologically feasible method for what Comey proposes, and she isn’t capable of determining that at all.
Christian: So you technical “expertise” superceeds the collective conclusion of EVERYONE that has testified before congress on this issue now and two decades ago. Seems like Jenna defers to Matt Blaze. I know I do. At this point you’re just wasting my time. You are the tool the carpenter left behind knowing he wouldn’t need it again.
Do you know what a proof is? When you think you do, trot it out and we’ll go from there, Christian. All this stuff like testimony, TED talks, DEFCON talks, it’s all the polling of experts, or the opinions of experts without a proof. Did you know that there isn’t even any proof that the discrete logarithm problem is always hard? And yet, most of your encryption that has “no back door” relies on it being true.
Let’s go through this and see what we find, shall we?
First off, unless you’re going back to Turing’s enigma machine, I sincerely doubt that a mechanical engineering degree will help here. EE is just about anything you want it to be at the advanced degree level, so maybe.
Next comes the assertion that we will weaken or deny encryption altogether to serve a particular warrant. This assumes a traditional backdoor, a superkey of some kind that anyone who knows it plugs it into their software and out pops plain text. But the reason for assuming that is that you have assumed that the way we’re doing encryption now is the only way to do it, and/or you assume that possession of a key is the only way to defeat it.
And the reason for assuming all those things — because you definitely can’t prove any of those things, and some of them aren’t really true — is because you went and asked the people who invented encryption as it is right now, who have a much bigger vested interest in it being the only way to do it than any of the “revolving door” special interests you probably know about. Starting with that a goodly number of them owe their positions or their income to the solutions staying where they are expert.
In order to do a good job of encryption, you need to do a few things very well: You need cracking your key exchange for whatever key you are using to be hard. You need a 1-1 correspondence that is mixing to the greatest extent possible, and you need the mixing transformation to be sensitively dependent on the choice of the key. And you need the output to have high entropy with respect to the input.
That leaves all sorts of algorithms up for grabs, did you know that given any countable set of separated points in the plane, there is a smooth function that has them as its set of zeroes? Obviously there are an infinite number of ways to create high entropy (and that one isn’t even countable) there is an infinite number of ways to create a mixing transformation (although they generically contain some special attributes) and there is an infinite number of ways that they can be sensitive to the key. And lord knows that Godel would tell you there are more ways to find a hard mathematical problem to use for your key than anybody can ever know.
That’s a pretty big space in which to sit around and trust some TED talk.
Dont believe all the experts. Got it. Getting late on rhe west coast. Think I’ll turn in.
But is it getting late where you are? :P
11pm is late on a farm when you’ve got to knock out the chores early before more 100 degree heat my friend.
RE ondelette:
Your conjecture on theoretical encryption is very philosophical and perhaps merits discussion in an academic setting — not when the FBI, the DOJ, the White House, all of British government, etc. are demanding for a cryptographic circumvention to civilian encryption. If J Edgar Hoover demanded that lock manufacturers ship locks with hidden pins for government circumvention, would you be making the same claims for the need for the government to have this privilege?
Security is best achieved by reducing the attack surface area. If you willingly increase the attack surface area — for any reason at all — it necessarily means that security has decreased. With that in mind, for the government to demand cryptographic circumvention necessarily means that they are demanding the reduction of security, inadvertently or otherwise.
Never mind that. The FBI has employed some of the best “hackers” for decades now. Do you really think they don’t know that what they’re asking for is impossible? Of course they do, but they don’t care. They are willing to spin any untruth necessary to achieve their perceived goals of the moment. Any any cursory glance of the history of the FBI will tell you that, from the 30s through 9/11 to now.
And the “National Security Letter” is not a warrant, not even close. And in the hypothetical scenario of the government mandated cryptographic circumvention, it would be a law (or executive order) which requires the restricted technology. No warrant need exist, we will all be subjected to the technology whether a judge or a congressman understands what encryption means or not.
So let’s see. Here are your arguments:
1) Maybe there is a technical solution to what is being demanded, but with all those evil people demanding it, do you really think this is the time to find it?
2) Security is best achieved by reducing the attack area. This is something that comes out of martial arts or military warfare, but I just thought I’d apply it to encryption, and any government demands for cryptographic intervention no matter what is bad anyway even if it doesn’t compromise any security.
3) The FBI employs the world’s best hackers and has for decades, if they can’t solve this problem it doesn’t have a solution.
4) The phrase “piece of paper” has to be interpreted as a National Security Letter, because, well, I dunno and J.Edgar Hoover was a bad man.
5) Now that I’ve erected the NSL straw man, I’d rather argue against it and try to explain it to you in terms I understand.
Re 1): Yes, I really think now is the time to figure out how to do the whole thing right. I’ve thought that for 20 years now working in industry. The current internet doesn’t do what it’s supposed to do, and the solution is to change it or reform it back to doing that.
Re 2): What’s being demanded is that the system be secure and that if a lawful warrant is produced, the information sought can be rendered to the holder of the warrant. What you’re saying is that unless that second ability is eliminated altogether, the system isn’t secure. So you’re joining Mr. Snowden in demanding that nothing be produced on production of a lawful warrant. What I’m saying is that it very well may be that if all encryption use matches certain characteristics, the demand can be honored, and in a way that doesn’t imply that anyone can “do the same hack”. Obviously, I’m not necessarily talking about a digital solution, but don’t let that bother you if you can’t figure it out.
Re 3): Actually, it’s the NSA/CIA who employs them and they aren’t hackers all of them, many of them are mathematicians and computer scientists at the Ph.D. level. We don’t know what they’ve come up with or might come up with, necessarily, and even if the combined weight of all the mathematicians in the world don’t come up with something for “decades” that doesn’t mean it isn’t possible. Cf. Fermat’s Last Theorem, Cf. the Poincare Conjecture, Cf. the Four Color Map theorem, all of which took more than 100 years and in some cases more than 400 to solve.
Re 4): He said “piece of paper” and he really did mean any piece of paper, look at the rest of his words surrounding that. And that includes lawful warrants issued upon probable cause.
Re 5): Yeah, Christian, I already know what an NSL is and why they are evil. That isn’t what we’re discussing.
RE Onedelette :
We have some irreconcilable beliefs about technology, what is and what is not possible with it, what role it is supposed to play in society and the nature of government.
There is no law that says you must trust the government. And there is no historical reason to trust the government either. So with this in mind, I say, why even bother with the government’s dreamy technological goals? They are asking for something that is impossible (to have “secure” encryption with a government circumvention mechanism), and that fact alone exposes their continued deceit as far as I am concerned.
Although I highly doubt what the government is asking for is possible (based on the attack surface area and can’t-trust-the-government principals), it would make interesting research at MIT for a PhD thesis. Maybe when they find the golden ticket they can export the technology to North Korea. I don’t trust the government, I don’t see any reason or need to, I am an individual and what technology my computer uses should not be the subject of a government mandate for god-like surveillance capabilities. The entire point of encryption is to keep a message secret. Any cryptographic mechanism which explicitly goes against that premise is a security flaw. Yes that means even if there is a warrant, I don’t care, the government just needs to deal with it like a big boy.
The government needs to Fuck Off. It is nobody’s fault but the government’s that they have this reputation (please don’t tell me it’s Snowden’s fault, now now). Two years after the Snowden documents revealed that the NSA has intentionally been trying to weaken encryption standards for years the government thinks they can change their strategy by just demanding the weakening in public outright? Nice try buddy, whether they try to weaken encryption secretly via subversion of industry or try to do it openly in the public, I still don’t want or need it, and the fact that they want it just exposes the lust for power our government has fallen under.
I believe we’ve found an example of the “Gish Gallop” here. Looking for confirmation?
(From Mona a few stories back)
This is a technique seen often online and in TeeVee debates, used by various advocates of unwarranted conspiracy theories, as well as creationists and proponents of other irrational beliefs systems. (It is named for the creationist Duane Gish, who “won” many debates against scientists via this dishonest method.)
It’s written, online corollary is Argumentum ad tl;dr.
The Gish Gallop is the debating technique of drowning an opponent in such a torrent of small arguments that the opponent cannot possibly answer or address each one in real time. More often than not, these myriad arguments are full of half-truths, lies, and straw-man arguments — the only condition is that there be many of them, not that they be particularly compelling on their own. They may be escape hatches or “gotcha” arguments that are specifically designed to be brief, but take a long time to unravel. Thus, galloping is frequently used in timed debates (especially by creationists) to overwhelm one’s opponent.
…
While the Gish Gallop floods an opponent with many, but relatively short points, argumentum ad tl;dr flings text walls so massive and impenetrable that even… Marcel Proust would blush. Both tactics, however, have exactly the same purpose: to bury and obfuscate the core points that need to be discussed under a quantity of superfluous information.
Read more here: http://rationalwiki.org/wiki/Gish_Gallop
? Reply
Hey Onedelette,
Here is a short list of 150 technical and legal experts that pretty much everyone of consequence trusts on encryption. Is your real name on it?
https://static.newamerica.org/attachments/3138–113/Encryption_Letter_to_Obama_final_051915.pdf
My question to you is can we trust any one of the 150 signatories?
A simple Yes or No will suffice. Thanks in advance.
You wrote:
“You dont need to know how to write the software to use the software (XKeyscore)
and EVERYONE here uses software.
You don’t need to proficiently code in C Java or anything else to enter a search term into JTRIGS project development wiki. ”
Why in the world would you think you understand what *was* being used, not to mention what’s currently being used? Because you read a few documents on here, while not having the technical background to be able to parse most of it even at face value, and taking other peoples’ words for what it all means when most of them don’t know any better either (and in general those that do are wise not to say as much)?
It’s dangerous to assume you know what’s going on — to engage in hyperbole in either direction (I’ve seen you choose both oversimplifying and freaking out at the complexity) generally reinforces the idea that you know more than you know. Most of those that do aren’t going to go around talking about it (and for good reason) in any depth, and any attempt to do so generally winds up being misconstrued by those without a background.
BTW — you were talking about warrants… but look, for example, at GCHQ’s use of warrants (required — but every six months with only a reassurance there are natsec requirements, so what’s the point?) to be able to RE antivirus and security products. Warrants are largely meaningless if you can get them one way or another (and people have, for a long time, just generally not nearly as much in bulk; American payphones were monitored in bulk long before any of this stuff became public, for example).
As for opsec — you’re only as secure as your weakest link. Everybody has weak links and weak points (even people who live in caves and don’t own electronics) — and most people have a lot of them. Building your own hardware is pointless if you don’t understand how it works and you’re not building your own low-level code, bios, and all that other good stuff, burning your own chips, etc. If any top tech person tells you they’re secure, they’re lying to themselves and to you. Security is only relative and comes by degrees. That’s why you need to know who the enemy is you’re most concerned about.
Outta here.
Useful Idiots ? Christian C Holmer
Aug. 1 2015, 1:42 a.m.
Christian: “You dont need to know how to write the software to use the software (XKeyscore) and EVERYONE here uses software.
You don’t need to proficiently code in C Java or anything else to enter a search term into JTRIGS project development wiki. ”
UI: Why in the world would you think you understand what *was* being used, not to mention what’s currently being used?
Christian: Have something you’d like to share with us about whats “currently being used” UI.
UI: Because you read a few documents on here, while not having the technical background to be able to parse most of it even at face value, and taking other peoples’ words for what it all means when most of them don’t know any better either
Christian: like the “technical training” received by those uncredentialed raw recruits using XKeyscore to swap
naked pictures of our teenage daughters?
UI: (and in general those that do are wise not to say as much)?
Christian: Threats. Gotchya.
UI: It’s dangerous to assume you know what’s going on — to engage in hyperbole in either direction (I’ve seen you choose both oversimplifying and freaking out at the complexity) generally reinforces the idea that you know more than you know.
Christian: Thats the whole point UI. We don’t know all thats going on. We know some. And I’d venture to say that most of us are here in part to find out more.
UI: Most of those that do aren’t going to go around talking about it (and for good reason) in any depth, and any attempt to do so generally winds up being misconstrued by those without a background.
Christian: Misconstrued by those without a background UI? Like Ed Snowden, Thomas Drake, Bill Binney, Bruce Schneier, Jacob Appelbaum, Matt Blaze, and Julian Assange and by that “logic”
no doubt misconstrued again by most us as well. I hear you. Like fingernails on a chalkboard quite distracting.
UI: BTW — you were talking about warrants… but look, for example, at GCHQ’s use of warrants (required — but every six months with only a reassurance there are natsec requirements, so what’s the point?)
Christian: Not much of a “point” to parsing that jumble. Anyone else care to take a crack?
UI: Warrants are largely meaningless if you can get them one way or another (and people have, for a long time, just generally not nearly as much in bulk; American payphones were monitored in bulk long before any of this stuff became public, for example).
Christian: Hey UI. I knew you’d show up. For this one I’ll just quote Ludas recent exchange with Onedelette
Luda to Onedelette: You read like a counter intelligence agent, it’s disgusting.
A government mandate for compromised encryption is not a “targeted warrant”. A “targeted warrant” pertains to an individual’s legal rights. A mandate for compromised encryption pertains to the diminished security of all individuals, regardless of the issuance of a warrant, general or targeted.
The two can not be compared. Discussing warrants in this context is merely a distraction, intentional or otherwise.
UI: As for opsec — you’re only as secure as your weakest link. Everybody has weak links and weak points (even people who live in caves and don’t own electronics) — and most people have a lot of them.
UI: Building your own hardware is pointless if you don’t understand how it works and you’re not building your own low-level code, bios, and all that other good stuff, burning your own chips, etc. If any top tech person tells you they’re secure, they’re lying to themselves and to you.
Christian: All my above (and elsewhere) have indicated cited and/or named “top tech experts” to use your term professing their insecurity. Even Snowden told Poitras that you have to assume your adversary is capable of a trillion guesses per second. Source Citizen Four.
UI: Security is only relative and comes by degrees. That’s why you need to know who the enemy is you’re most concerned about.
Christian: Who is the enemy you are most concerned about UI?
UI: Outta here.
Christian: You’ve been saying that for a couple of weeks. Why are you leaving?
Cancel
OBTW, Christian, your attempt to doxx “not ondelette” was duly noticed. Speaking of people who can’t be trusted with the privacy of others.
Some peoples privacy is more overated than others. They’re both fake names.
Our SF government transparency discussion boards wouldnt allow anonymous accounts. If you have to
put your real name on everything you
write you tend to write less and think more.
Thanks for the enlightening reply. So it’s up to you as privacy god who’s privacy is important and whose is “overrated”, and people who don’t use their real names all think less and write more?
Not bright enough to understand privacy are you? The tactic of using a pseudonym has been used for quite literally thousands of years by people that have a reason to use it. But that won’t stop some guy who thinks a lot of his own decision to use his real name from attributing personality traits to those who don’t and making assumptions on the quality of their discourse.
My “fake name” has been a constant in public discourse on the internet for longer than many of the people writing here have known about public discourse. It’s always been the name for the same person, and for all things political, is that person’s only pseudonym. It’s used because I have a confidentiality issue that dictates that I not use my real name. But even though I have that extremely good reason to use it, the reasons why people choose pseudonyms to protect their privacy really aren’t your business, are they?
Thanks for confirming what I said: That you believe you are entitled to decide who gets privacy and who doesn’t and make judgments on people based on their names alone.
Not much of a reliable privacy advocate, are you?
I didn’t ask you for your real name Not Onedellette. I just believe that the anonymity of online dissembling trolls is overrated. I believe the anonymity of persons filing Suspicious Activity Reports is overrated. I believe protecting the anonymity of unquestioned government sources at the New York Times and Washington Post once they’re proven liars is overrated. Of course we all have right to remain anonymous. We also have the responsibility to stand up and be counted when we assess our threat level will allow it because that annoys them more than anything else. Cue Citizen Four…
I’m not “not ondelette”. That should be obvious, but not to you. The reason it’s not obvious to you is that your impression of anything at all you look at is colored by what you believe about that thing. Just like everyone else’s. And since you’ve decided I’m a troll — based apparently in no small part on my use of pseudonymity — therefore you believe that I share identity with whoever it was who left a comment and you tried to match with another commenter.
I don’t give a damn whether you asked for my real name. Your bullshit about standing up and being counted would look like what it was if all the facts were on the table. They aren’t, so you can fool yourself into thinking you’re particularly courageous for using your name. You aren’t. You’re particularly useless to anyone who’d hurt someone. People don’t have to justify their anonymity to you to avoid a character judgment. Rather you have to justify your character judgments, and face the mirror of having no decency at long last for making them.
What I “believe” is of little consequence.
I’m sure you’ll agree.
No, but your belief that other people are not entitled to decide on their own anonymity is. My anonymity can’t possibly protect me from the consequences of my opinions since I’ve been using it so long that there are people who were children when it started being use now taking professional slots at places like The Intercept. So it’s just as accountable as my real name. This fact gets overlooked by all the media “experts” who pretend that pseudonymity is responsible for lack of polity on the internet and is only useful to trolls.
The second fact that gets overlooked is that there are multiple forms of privacy and confidentiality. One of them is protected by encryption for example. Another quite different one is protected by the 4th Amendment. And whether you consider it manly or not, one of them, the protection from showing up in routine searches and therefore from casual inference by harmful parties, is protected by a pseudonym.
Since that’s precisely the only political and professional privacy I need, I use one consistent pseudonym across all sites (including my own, rather defunct one) and it suffices for all the necessary identification you need for things like these comments. Just look at Mona, who “researches” me (i.e. tries to do the crummy lawyer dig dirt thingy) without having to know my real name. A pseudonym that has been consistent and unique over close to ten years is just as good as a real name out here, and I’m not shirking my courageous duties using it.
In fact, given all the shit I take from anti-privacy advocates like you about it, the fact that I choose to protect rather than “man up” to my real name is actually the harder thing, but totally necessary. If you want me to use a real name, then provide me with proof that there are no deadly governments left in the world, and I will comply.
And that’s what I mean that your interest in figuring out which person corresponds to which pseudonym is the most dangerous threat to privacy here. And I do mean dangerous. Drop it. And drop the ego-trip of thinking you are brave for using your own name. You’re just safe, that’s all. Many millions of people aren’t.
My comment on your beliefs is to warn you that nobody has a brain that can deduct what they believe from what they perceive. In the case of severely impoverished interfaces like, say, this comment column, the two can get so mixed with each other that if you depend on them for your sense of right and wrong, you will fuck up with probability one.
Blah blah blah.
I said I was leaving as of a couple of weeks ago because I was trying to help Tom C see the errors of his ways on the backend. I said I was leaving once that was (likely and indeed unsuccessfully) done with and I am. I’m just tying up my loose ends here.
I’m not sure why you get your news from twitter and blogs of other people who are parsing other people who read other people who read literature. Your experts aren’t even experts. That’ll be one of my last pieces of advice: If you see ‘evangelist’ (eg security evangelist, crypto evangelist, privacy evangelist), walk away. Here’s another: You don’t know who the real experts are. In general most people don’t, unless they’ve been in a field for a really really long time, and they get those names from scholarly publications and cites. I don’t accept “Citizen Four” as a cite, and I don’t think “top tech experts” means what you probably think it means. I won’t even call myself an expert (at least not a ‘tech expert’ — way too broad); I’m not sure you should take anybody’s word for being an expert — and if you can’t, and you lack the background to know if someone’s bullshitting or not, then you’re probably chasing in circles, despite how good your intentions might be. Instead of quoting blogs and tweets, or trying to do things on the surface, maybe you should pick up some good books and really learn how things work (which is to say, don’t just go to Wikipedia either). Learn a programming language, read a good book overviewing networking and tinker with it, grab mysql and learn how to maintain a small database — get to understand what people are talking about, then work outwards — not inwards from the furthest and most specialised reaches. Generally at some point you’ll figure out that when you start feeling you know nothing, you’re on your way, and that none of us really know everything. Definitely not the people who say they do.
I’m leaving because this place is a time sink and I have better things to do. I’m not accomplishing anything productive here and unlike some people, I don’t get paid to comment here. Also I’m not really big on ‘comment sections’ to begin with and this was my only real dip into that territory; I haven’t enjoyed it and I won’t miss it. I avoid social media for much the same reason. I enjoyed the dialogue here much more a year or so ago.
As for the rest of your comments, I’m deferring to ondelettes replies to you, because she made most of the same points I would have made.
Good luck on the farm. :)
I really liked the title of your last submission “Blah Blah Blah” as it perfectly encapsulates both its quality clarity and significance.
Luck on the Farm. Bought it for 210k invested 150k worth 500k today.
Luck in SF. Bought for 295k invested 40k worth worth 1.5m today.
Luck on Vegas strip. Cute high end luxury unit. $250 to $500 a night.
But no luck for you here UI. Here is a short list of technical and legal experts that pretty much everyone of consequence trusts on encryption. Please note that neither your or my name among them.
I guess the bigger professional loss in this case is yours I suppose.
https://static.newamerica.org/attachments/3138–113/Encryption_Letter_to_Obama_final_051915.pdf
Blah blah blah wasn’t a ‘title’ it was a summary of what you said. You just keep reiterating in different ways that you truly don’t know what you don’t know. Which makes you pretty much like almost everybody else short of a demigod but that doesn’t make your knowledge equivalent (not to mention superiour) to other peoples’.
I can’t tell if that was a weird attempt to try to ‘doxx’ me by commenting on the paper but you’re not being productive by linking to that pdf over and over again. Either way I’m pretty sure you don’t even know who on that ‘short list’ knows who on that ‘short list’, their level of respect for one another, or what they do in their free time. I’m pretty certain you don’t understand what they do or how any of them would have gotten their reputations. And that’s fine, because that’s not what you do and it’s not your world. You can have opinions; what some of us are bothered by is that you keep claiming your opinions are facts because other people said so. That’s not science, nor analysis, and it’s definitely not a proof (or ‘proof’).
You’re not processing what people are telling you. That doesn’t make you special or different or unique — few people really process anything anymore — but it means you aren’t really understanding that you have no idea what you don’t know.
BTW: Way to turn a sincere ‘good luck’ into an interpretation of being attacked (again proving you’re not capable of civil discourse). Not everybody’s out to get you. A lot of people have been trying to HELP you and you don’t even realise it because you interpret any useful criticism and advice as sarcasm and insult.
I’m not seeing any professional loss, btw. What’s my professional loss in not replying to you? Perhaps you should enlighten me. Maybe you can tell me some of the people on that list’s favourite musical instruments and how you know them? No? Ok, who on your list is a better chess player? Who tells funnier jokes? None of those matter, but they’d show you had some idea of who the people are and what they are or are not able to analyse themselves. This question may be more applicable: Who has more publications on that list? Who do the people on that list respect more than other people? Can you follow their papers and publications and do their math?
You don’t have to be able to. Noone expects you to, but if you wanted to learn then that’s totally cool too — and I was attempting to communicate that. I’m not even saying that you couldn’t get to that point. I’m saying it’s a hell of a lot of work, most of us IN these fields can’t keep up, and attempting to comport yourself as an expert is dangerous to other people who don’t know enough to be able to differentiate between your advice and someone with a strong background in these subjects. You’re doing people a disservice by presenting things as FACTS and basically spamming things. If you’re doing this knowingly then, well, enjoy yourself I guess. If you’re not and you really DO care about what you say you care about then you might want to consider the ramifications of your actions — which is to say how other people interpret things.
Facts are awesome. I love facts. And I do happen to respect a lot of people on that list (not that I’m going to open a pdf linked from here, I’m not, but I’ve seen the list before). But I know WHY — and I every person I’d be WILLING TO SAY I respected I’d be able to point out individually and say ‘I respect so-and-so’ about — because I maybe know them personally or have read their work, or even know their work.
Do you?
All I wanna know *lie* is this: Is the Dalai Lama subscribed with The Intercept_? Lol!
Dunno.
Om mani padme hum.
“…companies like Apple and Google might in certain cases be found legally liable for providing material aid to a terrorist organization because they provide encryption services to their users.”
Then riddle me this… Why is American-based Cloudflare (DNS services/dDos protection-site caching) not being enjoined from ‘hosting’ 2 of the 3 most popular ISIS chatrooms?
Wikipedia: https://en.wikipedia.org/wiki/CloudFlare#Controversy
Okay, I admit Angela Merkel is a bad actor. The French are obviously bad actors as well–just look at French cinema. What about the UN? Are they bad actors? All of them?
Is the UN going dark?
You’ve clearly never seen Rififi.
They SHOULD. But the reason they’re going to do so is because they don’t want to share their marketing data, even involuntarily. Apple makes most of it’s money on… … … ‘residuals from marketing’ the same way Google makes most of it’s money on copyrights (and now land development in the SF bay area).
Apple doesn’t want anything interfering with their bottom line and the government being able to access their data threatens that, otherwise they simply wouldn’t give a fig.
Yes Apple and Google are players.
Driven by bucks not social ethics.
They are not the defenders of surveilliance but active users of it.
It is how they make their money selling data to third parties.
@razerray @tombrown
Apple makes the vast majority of its money selling expensive hardware with a high profit margin.
Google makes the vast majority of its money selling advertisements online.
Can you cite any credible evidence that either sells user data to third parties?
Chris J writes “…can you cite any credible evidence that either sells user data to third parties?
Seriously? No kidding?
For starters read Bruce Schneiers Data and Goliath and search his (entirely accessible to the layperson) website https://www.schneier.com/
@christianchomer
Google of course tracks everything we do, the better to sell ads. All companies and all governments do it too, to whatever extent they can afford to. And companies and governments buy and sell and otherwise exchange that data to make more accurate profiles of all of us, all the time. Hell, Bruce Scheier wrote a whole book on the topic.
My question was, is there any evidence that Apple or Google specifically sell user data they’ve collected to third parties?
I dunno… Would you consider the Apple Store 3rd party? One of the disgusting things about Apple is their vertical integration, just like GM was famous for before it deconstructed into a company marketing cars made for them instead of cars made by them.
As I said in so many words. Apple doesn’t want to share it’s data, with anyone, because that’s how they make a large chunk of their money.
Their profits from hardware sales, after expenses, is most likely a breakeven proposition, but the ‘residual sales’ from having captive users buying music etc from ony THEIR source (themselves, apple) IS where they ‘make their nut’, and the money rolls in daily. Not every so many years as their computers wear out or become obsolete.
You have that around the wrong way. Apple make most of their money through high margin hardware.
http://www.statista.com/statistics/382260/segments-share-revenue-of-apple/
Were Apple and Google compensated for their compliance costs for their participation in PRISM?
Was the FBI corporate store compensated for reselling every users data stolen by the NSA directly frim Google and Yahoo servers even though they were fully complying with PRISM.
Surreal. Is Ford taken to task in cases of vehicular manslaughter?