If the NSA is saying that all encrypted communication is automatically suspicious, then everyone should use encryption for all data they send over the internet.
Starting today, I am writing email encryption software that, when you send an email to someone else with the software installed, will automatically encrypt it on the way out, and automatically decrypt any encrypted messages on the way in. (A "zero user interface" once installed).
The intention is that this will allow people to encrypt their messages with zero effort on their part.
Initially it will encrypt email and will run on unixlike machines (Linux and Mac). Later it will run on all major platforms (Windows, iOS, Android) and have functionality for VoIP and social networking (the intention is to replace Skype and Facebook with secure alternatives).
No, that's not what the NSA is saying. The regulations only apply to material inadvertently collected while targeting a specific foreign target (who, presumably, might be routing their traffic through the U.S. to evade surveillance). If the information is encrypted, the NSA doesn't know if it's real domestic communications, or foreign communications, until it can be decrypted, so it's kept until it can be decrypted. Otherwise, a foreign target would easily be able to evade intercept simply by making their traffic appear to be domestic.
And all of their arguments start from the wrong side. It should not be "We stop listening as soon as we know that it is a US citizen." Instead, it should be "We only start listening once we know that it is not a US citizen."
And that is ignoring the whole aspect of it that they shouldn't be doing blanket surveillance to begin with, and should only be doing targeted surveillance, whether or not it is against a US citizen.
If you really want this to work you should target the webmail use case for the big three webmail providers. Nobody wants to use a standalone client on a PC, if that's what you are suggesting. Next up is a mobile client for Android and iOS that works identically to the existing mail client on those platform so there is no learning curve.
In other words, this will be a long slog where most of the work is product-oriented and feature Xerox'ing, and not whiz-bang cool encryption oriented. Good luck :)
Im unsure of what you are describing. Are you stating that hotmail should be able to display your decrypted emails? That would imply that they themselves would be able to read it and therefore remove any benefit. Any website you would build would have the same problem unless you resort to js crypto in which the js can be changed on you in a second (when the government forces your company to do so) and send the private key to the nsa. How exactly are you envisioning a solution?
Hacking out a local client usable by unix nerds punts on these problems, more or less. Solve these problems in a way that fits into the workflow of present day average e-mail users (ie, my mom) and you will have something.
What if your standalone client is a website running on your local box with an interface similar to gmail?
> In other words, this will be a long slog where most of the work is product-oriented and feature Xerox'ing, and not whiz-bang cool encryption oriented.
Yes, you're right. The crypto itself isn't that complicated.
> Users can't and won't securely store key material, even their own.
I believe it is an interface problem. I am surprised Mozilla isn't re-activating Thunderbird with an easier to use encryption procedure and an educational campaign to raise awareness in users instead of making petitions around Firefox.
When I encrypt, I have a reasonable expectation of privacy. Period. Stop trying to violate that privacy, unless you are accusing me a specific crime and you have probable cause.
I could be wrong, but I don't think any of the recent PRISM brouhaha hinges on whether you have a reasonable expectation of privacy. Everyone agrees that you do. Telephone calls (made in non-public places) explicitly enjoy this expectation.
http://itlaw.wikia.com/wiki/Reasonable_expectation_of_privac...
Rather, the recent issue is a disagreement over what constitutes a violation of privacy, e.g. whether electronic collection of data (without a human listener) constitutes violation.
Rather, the recent issue is a disagreement over what constitutes a violation of privacy, e.g. whether electronic collection of data (without a human listener) constitutes violation.
If you think accessing private communications should not be allowed except in limited circumstances, you should be very worried by the storing of all this information. The implications are that anyone's privacy can be violated simply because of a policy change by those agencies who store and swap this information across national borders at some unspecified point in the future. In addition to future use by your national agency - your data might be collected in one country, and used in 10 others without control. The only way to stop future abuse is not to collect the data.
The intelligence agencies have arrogated to themselves the right to listen to any communication by using lawyerly arguments like yours over the difference between collection and listening, and denying that they are using all this information they are collecting without proper legal authority (of course for the NSA, that legal authority turns out to be a six-monthly rubber stamp on their procedures, not oversight of their actual work, but oversight of what they say they do).
So I think your distinction between storing and accessing is unimportant and not worth arguing about - storage enables later access, so once it has all been stored, you have no control over the way it will be used (and it will be used).
It would also be an obvious privacy violation for the NSA to install cameras in our bedrooms, even if they promised to never watch the video without a warrant.
Yes, but that's because it would require access to your bedroom, not because it's evil to capture data per se.
What if, instead, you had a bedroom camera (maybe for tracking frisky escapades) and it streamed wirelessly to a home server? The more relevant question then becomes whether it's OK for the NSA (or rather, FBI) to sit on the street and capture that WiFi stream from a public road.
As you consider this question, also consider how many open WiFi hotspots you've ever used (or broke the WEP for) in your hacking career. :) The idea that it's OK to hack the stupid because their system was so open to attack might finally die due to PRISM, if people are intellectually honest with themselves.
I think there's a significant difference between using an open (or even poorly secured, although I've never done that) hotspot in order to get onto the internet, vs deliberately capturing personal data from that hotspot with the intention to analyze it and possibly use it to harm the subjects of that data.
Wait, there are no "issues", there is no "disagreement", not in any conventional fashion.
From the state, we have seen nothing but the boiler-plate propaganda that comes out when any large bureaucracy faces an embarrassment.
They sort-of say it's OK to invade the privacy of (any vaguely accused) terrorists, they sort-of say they can look at anything and it's not an invasion of privacy and they sort-of say they can collect anything and as long they don't look its not an invasion of privacy. But none of it matters, it's not a "debate", there are no "disagreements" in the sense of a dialogue.
These are just press releases arguments are clearly wrong to everyone but morons, and they are naturally aimed for the mass of the morons out there (or the mass of ignorant and prefer-to-be-ignorant if you want).
So "reasonable expectation of privacy" is an objective standard. The question isn't, do you, (betterunix personally), expect information to be private, but do people in general reasonably expect information information they throw out onto the intertubes to be private (in other words, you can't create zones of privacy by having a subjective expectation of privacy).
I don't think that's the kind of clear-cut argument you'd like it to be. To me, for example, if I'm letting AT&T or Verizon see the encrypted bits (as well as any intermediate carriers and backbone operators), I don't really have a privacy expectation on the encrypted bits themselves. I might be persuaded that I have a privacy expectation on the decrypted bits, however.
> if I'm letting AT&T or Verizon see the encrypted bits (as well as any intermediate carriers and backbone operators), I don't really have a privacy expectation
Why? Because ISPs handle your data, they get to spy on you? If you asked UPS to ship a memory card full of photos, does that give them permission to copy it and use it how they wish?
Your ISP is already "spying" on you. They subject the bits you send to traffic analysis, they might do deep packet inspection, they record your use of the network, etc.
Also, the government doesn't need a warrant to intercept a UPS package.
I would expect UPS to inspect and record anything that they would come across in the course of delivering the package. So taking pictures of the outside, recording the destination address, etc. Similarly, given that AT&T can't send your bits without at least temporarily storing or buffering them, and indeed does a lot more inspection of your traffic than that, I don't have any particular expectation of privacy with regards to the bits short of their actually decrypting them.
Interesting, because I would look at the UPS box as the equivalent of the packet headers. Looking inside box or packet would be forbidden if I had my way.
They do this nowadays, do they not? I thought FedEx and UPS X-ray inspected boxes (at least randomly) to look for dangerous materials. They fly planes too, after all.
What if UPS could scan your package and interpret the bits on a memory stick inside? Would that be reasonable? (They could frame it as "we scanned the bits, transferred it over the internet to another memory stick, and copied and delivered those contents".
> Similarly, given that AT&T can't send your bits without at least temporarily storing or buffering them
They're probably buffered on a Microsoft OS. Do they get a copy too? Can I expect my Dell not to be keylogged? It seems like in a "post 9/11 era" we have no expectation to anything short of getting your balls fondled.
> I don't have any particular expectation of privacy with regards to the bits short of their actually decrypting them
None at all? Would you share your network traffic with me?
I don't think it has anything to do with "post 9/11." I think it all has to do with knowing exposure of information to third parties. If you want to keep information private, don't give it to other people.
It's hard* to find credible sources on this on the open web, if you read something like the Silk Road[illegal eBay for drugs, you pay with bitcoin] forums on tor, this is widely reported, and verified by self-proclaimed employees of the companies(ups FedEx). More convincingly vendors universally ship through USPS explicitly because they provide a warrant.
Disclaimers: I am not a customer, and have not used the service, but believe that looking at the security methods used by those actively prosecuted is a decent way to figure out with precautions/security measures work.
*though a quick google of ups open package on warrant will reveal many on dubious forums
A world in which there was truly no privacy is one in which anyone on the planet could log into your bank account, and get an itemized list of every transaction you've run through it. Obviously, that's not the case. Just as obviously, your medical records are not a matter of public record. Nor are your job performance reviews, your tax returns, or the contents of your medicine cabinet.
Indeed, there's a TON of material that people both expect to be private and which, in the normal course of life, IS private. Moreover, the "reasonable expectation of privacy" standard is not based simply on what's technically possible to conceal, but on the boundaries that are socially necessary to maintain a free and open democracy.
And I'm sorry, but this is a VERY clear cut argument. The lines are as straight and as bright and as shining as they've ever been. For the government to search records that a citizen has made a legal effort to shield from public view, it must have specific and articulable cause to suspect that citizen of a specific crime. Whether my correspondence is printed on paper or stored in my smartphone has exactly zero bearing on the fundamental law governing the government itself. None, zero, nada, zip.
Apologies for the caps used as emphasis. I try not to use them unless the comment in question is not just stupid and wrong, but dangerously stupid and wrong. And this comment is about as stupidly dangerous and wrong as asserting "if you've got nothing to hide, you've got nothing to fear."
You fundamentally misunderstand what "privacy" refers to in this context. "Private" information is not everything that is not public. The assumption is not that the government can only access that information you make freely available to the whole world. "Private" information is that information that is within your personal sphere of privacy. The archetypal examples, specifically enumerated in the Constitution, are your physical person, your home, and your personal property. The farther away you get from these examples, the more other people that have access to your information, the greater the expectation that the government should be able to access that information without a warrant.
> For the government to search records that a citizen has made any effort to shield from public view, it much have specific and articulable cause to suspect that citizen of a specific crime
This is "alexqgb's interpretation of what the law should be" not what the framers had in mind when they drafted the 4th amendment.
Again, no. And as your own links demonstrate, this is not simply what I personally believe. It's also what the ACLU believes. Seriously, did you even read what you posted?
For instance, the one about medical records is discussing warrants, and whether the government needs one IN ADDITION to clear and articulable suspicion pertaining to a crime, and not just suspicion. Even in cases where the constraints on searches are eased, the reasonable expectation that privacy exists remains very real. Indeed, if there weren't a reasonable expectation of privacy, there wouldn't need to be clear rules describing how and when it can be pierced.
The article goes on to discuss the additional exemptions to the need for warrants pertaining to national security concerns, but as it points out, the existence of these provisions in law IS NOT to be interpreted as a validation of their constitutionality. In fact, the whole point of the link you provided is to underscore how dubious the claims to constitutionality really are.
Here's the crux of it:
Q: Is it Constitutional for the government to get my medical information without a warrant?
A: The ACLU believes that this easy, warrantless access to our medical information violates the U.S. Constitution, especially the Fourth Amendment, which generally bars the government from engaging in unreasonable searches and seizures.[viii] However, because the Patriot Act and the HIPAA regulations have only recently gone into effect, their constitutionality remains largely untested, although at least one legal challenge to the HIPAA rules is underway, and more challenges are likely.
Don't read what you want the articles to say, read what the articles actually say.
Specifically (from the first article): "Thus, some Supreme Court cases have held that you have no reasonable expectation of privacy in information you have 'knowingly exposed' to a third party — for example, bank records or records of telephone numbers you have dialed — even if you intended for that third party to keep the information secret."
Going on: "Records stored by others. As the Supreme Court has stated, 'The Fourth Amendment does not prohibit the obtaining of information revealed to a third party and conveyed by him to Government authorities, even if the information is revealed on the assumption that it will be used only for a limited purpose and the confidence placed in the third party will not be betrayed.' This means that you will often have no Fourth Amendment protection in the records that others keep about you, because most information that a third party will have about you was either given freely to them by you, thus knowingly exposed, or was collected from other, public sources."
That's the law, that's what the Supreme Court has said, not what the ACLU hopes or believes.
From the second article: "Q: Can the police get my medical information without a warrant?
A: Yes. The HIPAA rules provide a wide variety of circumstances under which medical information can be disclosed for law enforcement-related purposes without explicitly requiring a warrant."
That's the statutory law, at this moment, based on the Congress's reasonable interpretation of the Constitutional basis above.
Of course the ACLU hopes to get the courts to go the other way, but as they tacitly admit: courts have not done so to date. E.g. http://www.law360.com/articles/376791/warrantless-seizure-of... (Warrantless Seizure Of Medical Records OK'd In Drug Case).
At this moment, it's hard to describe 4th amendment protections as applied to medical records anything other than aspirational on the part of the ACLU.
Holy crap dude, don't blame the weatherman for making it rain. He's telling you how it actually is. If that's not what you think it should be then he's telling you exactly what you need to (help) get fixed.
How generous of the NSA to admit to a DDOS attack surface. You may all commence emailing each other PGP-encrypted copies of the complete Star Trek: TNG (Blu-Ray, natch), now.
No, it's like targeting your house for frequent drive-bys because your blinds are drawn.
You're presupposing that capturing data you have flowing over the internet is something that requires a warrant, and the NSA's position is predicated on the idea that it generally does not.
You can request a FOIA request for the brainscans of the alien found inside of FDR's skull. Of course you won't get anything back, but that is another matter...
As a user of an online backup solution that encrypts everything client side, I am reluctant to use it anymore. Would knowing that encryption makes you more vulnerable for illegal online search and seizure change your online behavior?
Have you seriously missed the dozens of articles on HN recently explaining why privacy is important even if you have nothing to hide? Or are you just trolling?
Sort of, yes, But I felt I was not adding to the point I was replying to.
But do know, I find the idea of having nothing to hide absurd, and see far too much of authority actually treating us people as guilty before we have done anything even slightly suspicious.
So, yeah, sarcasm, I suppose, but my intention was to back up the original point.
I should have also added that you keep software up to date. Any previously exploited vulnerabilities (ideally) get patched over time. Of course, if you've been pwned at ring 0 by a persistent and active attacker, you've got more problems to worry about than automated exploitation of out-of-date software.
Assuming it's not ring0 or something equivalent, they will have, at most, whatever the time limit is between rotations. If you rotate every six months, they could conceivably have six months of data. And if the zero day is still not patched, they could have another six months, and another, and another. There's no guarantee of not being compromised. It's just a matter of not making it easy by using the same passwords and same software versions for years at a time.
If your disk encryption software gets exploited, then presumably it's a hop skip and a jump to make your way into the kernel, rendering recovering from tainted backups pointless. You'd have to start from scratch with new encryption software that you trust hasn't been exploited.
There's always a chain of trust that you have to follow down. It just gets harder to mess with the deeper you go. Not impossible, just more difficult and less likely to be entirely automated.
I'm curious to what options we have as citizens, short of organizing militias, can really do here. I think the government play is just "wait til this blows over" and they might get away with that.
Call—actually call your members of Congress. It's a lot more effective than sending an email. Urge others to call too. If they get enough calls to understand a large number of people are actively angry about this, they might actually do something.
Also encrypt everything possible, and encourage others to do that too. It might attract more attention to you, but it's also a strong assertion of your right to privacy. Everyone should use encryption for even the most mundane of things. The government says we have no right to privacy for emails older then 180 days because we are sharing them via someone else's server. If we encrypt them, that argument is invalid, because we are making it clear that only the recipients are intended to read it and it is private from everyone else.
If your data isn't safe when someone has access to it "forever" then you haven't encrypted it good enough. I'd still prefer them not to keep it though.
So, tell me - did Google start encrypting so many services just to give the NSA a better excuse for siphoning all data, including SSL encrypted communication, E-Mails etc.?
Yes, but since the user encrypted it, he's suspicious and more likely to be snooped on, right? So by enforcing encryption, Google helped get the NSA an excuse to grab data (even the unencrypted copy) in more cases.
Starting today, I am writing email encryption software that, when you send an email to someone else with the software installed, will automatically encrypt it on the way out, and automatically decrypt any encrypted messages on the way in. (A "zero user interface" once installed).
The intention is that this will allow people to encrypt their messages with zero effort on their part.
Initially it will encrypt email and will run on unixlike machines (Linux and Mac). Later it will run on all major platforms (Windows, iOS, Android) and have functionality for VoIP and social networking (the intention is to replace Skype and Facebook with secure alternatives).