Recent Items

What Are You Doing to Protect Yourself From NSA? #SafeData

Posted on by

Before we get to the Consumerist part of the post, I thought I’d highlight a speech by Alan Grayson on the NSA surveillance revelations. For most NC readers, a lot of his talk will be old hat. However, he does a good job of unpacking how the Verizon order and PRISM programs violate long-standing laws about the scope of Department of Defense operations, the one Supreme Court ruling on phone record requests, and the Fourth Amendment. This video is also a great introduction for friends and family members who want to catch up on this story.

I’m opening up the thread for readers to discuss what they have done or plan to do in the wake of the revelations about the extent of NSA surveillance. Those of you who were clued in to how bad it is and have taken appropriate precautionary measures might give the rest of us some pointers. For instance, one buddy in the IT business stopped having anything to do with Google a while back.

A fellow finance blogger is of a similar mindset: “I have since moved my email away from Google and stopped using Google’s browser. I have installed a VPN as well.”

I’m actually very bothered by the geolocation issue, the idea that my movements can be tracked. Fortunately, I have an ancient stupid phone (no GPS). I promptly went and bought another as well as another battery, and I’m keeping it off the overwhelming majority of the time. I’m at my desk a ton, and I actually believe in being off duty the little bit of the day I’m away, so unless I want to make a call during my peregrinations, it can wait.

I wonder what iPad users will do. I had been told by a colleague (prosecutors in his family and lots of government contacts) that any iPad after the iPad 2 was a surveillance device, as in it could spend videos and sound from the room it was in. He refused to own one precisely because he was concerned about government snooping. NC regular Ned Ludd provided some confirmation:

The woman is visible from thousands of miles away on a hacker’s computer. The hacker has infected her machine with a remote administration tool (RAT) that gives him access to the woman’s screen, to her webcam, to her files, to her microphone. He watches her and the baby through a small control window open on his Windows PC, then he decides to have a little fun.

This is the type of thing that black hat hackers can do. The iPad and iPhone are suppose to be malware-proof since all the apps are approved by Apple. However, Apple could include spying technology, into iOS, for the NSA. The iPad contains a built-in microphone and a camera. It can technically spy on you and what you are doing, unless you stick it in a soundproof bag.

Will some clever developer come up with a program that sends a white noise (or better yet, horrible Muzak) to the mike and a test pattern to the camera when not being actively used by the owner? I bet iPad users who understood the issue would pay $10 in a heartbeat (but the reality is you just might get an escalating software war on this front).

Of course, I have subversive ideas that are just too hard to implement, like for arranging for friends (or better yet, cooperative strangers, if you could figure out how to find trustworthy ones) to take your geolocation device, um, cell phone, on visits to places you’d NEVER go, say like having one of my gay buddies take my cell phone with him to a bathhouse. If you can’t escape the NSA, the next best is to corrupt their data.

The mainstream media is starting to peddle advice, not all of which is good. I’m astonished to see an Associated Press story on how to keep your information secure put encryption of e-mails at the top of its list. Encrypting e-mail is like waving a big red “Look at me, I have something to hide” flag to the spooks UNLESS a large number of people start routinely encrypting at the same time.

Now of course the other route is Otpor to make fun of the NSA as often and in as visible a way as possible. Here’s one idea from GitHub. And that is one last advantage of the Web. While the officialdom will stomp on public stunts (too many people people in one place is now deemed a danger to public safety), Web-based tauntings are still a tolerated form of protest.

Maybe we just need to recognize that we live in a world like the one depicted in Robert Heinlein’s novel Friday, where the only communiques that are secure are carried by special couriers. If so, that’s yet another way the world has been redesigned so that the 1% have a better option, but woe betide the rest of us. Nevertheless, any reader idea or actions very much appreciated.

Print Friendly
Twitter23DiggReddit0StumbleUpon0Facebook45LinkedIn0Google+7bufferEmail

175 comments

  1. bbot

    Will some clever developer come up with a program that sends a white noise (or better yet, horrible Muzak) to the mike and a test pattern to the camera when not being actively used by the owner? I bet iPad users who understood the issue would pay $10 in a heartbeat (but the reality is you just might get an escalating software war on this front).

    Apps are sandboxed from the OS– they can get a video stream from the camera, but they can’t insert their own spoofed feed.

    NSA spyware would of course operate at the level of the OS, not as a limited user-mode app.

  2. curfuzzled

    I’ve always run my own email server and, when I wasn’t so shiftless, I’d run it at home. I think being able to be your own email provider is important in keeping the internet a semi-open system. I suspect (not that I am at all interesting) that physically hosting your email inside your own home has potentially interesting implications in regards to search. If my email is physically inside my house, do I have a reasonable expectation of privacy? Probably much more so than entrusting some webmail provider.

    Post the latest leaks, the main thing I’ve been inspired to do that is take a closer look at what ciphers I’m using (such as investigate elliptic curve crypto).

    1. curfuzzled

      The Stored Communications Act is why I am thinking about the physical location of my email:

      “Furthermore, users generally entrust the security of online information to a third party, an ISP. In many cases, Fourth Amendment doctrine has held that, in so doing, users relinquish any expectation of privacy. ”

      https://en.wikipedia.org/wiki/Stored_Communications_Act

    2. Richard Kline

      And here again we see why ‘the cloud’ is a bad, bad idea. Putting all your files routinely through the ether into government wormholed mega-servers is simply an invitation to have the spy boys sift through all without even having to bother hacking your ‘little iron.’ As Yves raised above, actively encrypting all your uploaded files will be exactly the kind of thing that will draw deep-sweeper scrutiny also.

      The best security is tell no one and share little if anything. Encrypt your own, and keep important files _off_ your device.

    3. lakewoebegoner

      Sorry, but the physical location of a server may be irrelevant as reportedly/supposedly/possibly the NSA has tapped into the fiber optic backbones that criss-cross the oceans and transmit all internet data.

      speculation is that information regarding the physical tapping of the global fiber optic network by the NSA is one of the “bombshells” yet to be revealed in one of the 40-something Powerpoint slides that Greenwald hasn’t released yet.

      see: http://www.wired.co.uk/news/archive/2013-06/11/prism-powerpoint-slides

      and from 2005

      http://www.washingtonpost.com/wp-dyn/articles/A38444-2005Feb19.html

      all pure guesses, but quite reasonable inferences.

      1. Richard Kline

        Such tapping has been widely bruited for years to the point that doing so is an open secret. Of course the spy boys routinely deny it, but they’d be crazy not to do so. All the blather in the paper press in the last few days about ‘we go to them and talk about bugs and exploits’ is chicken feed: NSA goes to the big servitors to tap their primary feeds and cables, that’s Mecca to them. But yes, getting actual confirmation that this is done routinely would be a major cock-up for the spy boys, especially where the assets they are jacking aren’t even US built and owned, which doubtless many of them are not.

  3. zezorro

    Hi there!

    What I can on the fast recommend, is to bookmark the site
    http://www.prism-break.org . I endorse all products on the right side, having checked them personnally. It does not mean they are the only games in town, but that the people behind the site know, what they are about.

    The good side of recent developments is that people aware of the risks are no loger stamped with ‘conspiracy theorist’ mark on the forehead by default. It is a good start, just like ‘a hundred lawyers on ocean’s ground’, but needs some further action.

    Coming to action there is one slight problem though – there is no all encompassing solution that I’m aware of. Neither is it possible to write a foolproof abstract of ten years worth of expertise in the field. It happens that I run a site devoted to this topic specifically ten years, I mean three computer generations ago, and you can guess my Schadensfreude for becoming in the end mainstream.

    What I can do is propose some sort of workshop course or a “Surveillance for dummies” e-book [subscription] with working solutions, advice and tutorials on individual basis. No ‘one size fits all’ stuff. Impossible.

    Cheers

  4. Mrs. Watanabe

    I don’t know… I’m not that concerned; hopefully, I’m not being naive. A few thoughts.

    1. When you watch something like the Bourne Identity or its sequels… or a James Bond movie and the CIA or MI6 is doing x, y, and z, did you stand up and say “outrageous” or “no way could they do that” or did you just go along with it? I mean, should anyone be surprised at this? I thought the government monitored communications a long time ago.

    2. All this information is being collected already by Google, your bank, Visa, Verizon, any store with a membership or rewards card, your ISP… and somewhere down the line, you probably signed a contract giving them permission to sell the data. People get creeped out when Target starts sending diaper coupons before they are made aware that their teenage daughter is pregnant. These stores know more about you than the government does.

    3. When something is an unconstitutional or “illegal” search, it does not mean that the government “can’t” do the search or is breaking laws to perform the search. It just means that whatever they find cannot be used as evidence in court (as well as fruit of the poisonous tree). I guess I grew up in a much worse neighborhood than the average reader here. Illegal searches were somewhat regularly performed. While the evidence could not be used by the police, it certainly could be used by mom and dad. Somehow, we all managed to survive.

    4. There is a big difference between punishment for crimes / criminal law / due process (all of this concerns bad stuff that has already happened) and the prevention of terrorist attacks (which is a future action).

    Oh, by the way, I sure wish I had read about the diseases with eye licking earlier. So that’s where my pink eye came from.

    1. ltr

      What an inane comment. Civil liberties and the Constitution mean nothing as long as the movies show spying being done or as long as it was done in “my” bad neighborhood.

      1. Mrs. Watanabe

        The movie comment has to do with expectations. I didn’t think that I would have to break it down to the kindergarten level, but that’s the Internet for you.

        1. Mr. Sakimoto

          Most people are able to distinguish entertainment from real life. They no more expect their rights to be violated than for people to be able to jump from airplane to airplane mid air.

  5. C

    Ooops, bad formatting sorry it should look like so:

    Yves I hate to say it but:

    Fortunately, I have an ancient stupid phone (no GPS). I promptly went and bought another as well as another battery, and I’m keeping it off the overwhelming majority of the time. I’m at my desk a ton, and I actually believe in being off duty the little bit of the day I’m away, so unless I want to make a call during my peregrinations, it can wait.

    This won’t help. The phone location data they are after is cell-tower data. With modern (non-android/ios) phones the GPS data is not sent to the network. Rather the GPS unit is used separately. What they log is which tower(s) your phone is in contact with at any given time. This information is necessary for the network because it is used to route calls and keep your line in contact as you move around and this exists for all cellphones. So however old it is it is still leaving that trail.

    Interestingly, however some of the location data may not actually have been obtained at least under the Verizon order. According to some of the reporting in Wired the request that was released was targeted at landline customers who don’t leave that kind of info. Which is, in its own way, much more sad as it means that the FISA court doesn’t even read these things for correctness.

    IOS devices are known to store a location history. I believe they use the list of cell towers/wifi hotspots that it connects to. This data can be pulled by anyone with access to the device and is uploaded to any mac you sync to. Apple, however has not allowed users to delete it from the device although I believe there are 3rd party tools available.

    Android devices don’t, so far, store location information. However if you have google services signed on and enable location-based services then it will report the device location to Google constantly along with account info and other features. This, however can be turned off by disassociating the device from an account and/or turning off location services. You can also, unlike IOS, opt to use other browser and mapping tools and avoid the google search feature.

    As to what I am doing? I avoid social networks in any case. I am also reviewing my encryption policies. In general I have avoided gmail and other such services like the plague along with cloud storage for anything sensitive. My greater worry, however, is that any of this might be moot. If what has been reported about AT&T doing a full network dump is still true, and it probably is, then any use of any online service should just be assumed to be public. Which, when you think about it, makes even wikipedia seem less preferable than a good old fashioned print encyclopedia.

    1. Richard Kline

      So C and Yves: ” . . . [A]ny use of any online service should just be assumed to be public.” This has been my operating assumption for fifteen years. If you do _anything_ online, on a transmission device including a phone, or on a device that uploads YOU ARE ACTING IN PUBLIC. As we see with the tech now spoken of, if the guvmint wants to hack ‘n’ sniff your device they can, and certainly have no compunction against doing so. You can protect yourself against amateurs, but against NSA’s iron not so much.

      So I’ve taken the opposing view to security: assume you are watched, and act accordingly. There are several reasons why I use my real name in commenting on public issues, but that is one of them. Hiding only fools oneself that one can’t be seen. This is, in part, the Otpor strategy, but more widely the broader approach in nonviolent activistm to act in public: the awareness of others is a better defense than fooling oneself that one’s identity and behaviors can’t be tracked, since they certainly can.

      If one is involved in things actively illegal, that is of course a problem. So if you’re doing activism or commentary, that’s to be borne in mind: you are setting yourself up as low-hanging fruit if the guvmint decides on a necktie party with you as the featured guest. At least go to the trouble of forcing them to frame you up. Even when Staling sent Yagoda and Yezov to sweep up many thousands, the best defense was to refuse to sign anything and stand on principle; you were convicted anyway, but often they didn’t bother to hang the worst sentences on you what with the extra paperwork involved in faking all that.

      Seriously, consider that you are acting in public, and accept the implications of that for how you choose to live your life. You don’t have to _tell_ everyone what you do, just be prepared for it come out. . . . And if you really DO decide to do something that needs a dodgy path, for gods sake learn some basic spycraft about how to move around, communicate surreptitously and ambiguously, leave few tracks, and tell damn few people what you’re really doing. That includes not taking a spy-eye in your pocket everywhere you go. If I’m heading for the hills, my iPhone will be neatly reporting me as asleep in my bed long after I’m a face in the crowd. It helps to knowingly establish a pattern—and then go off that at a time of your own choosing. Machinery is pretty dumb about perceiving that and casual human observation not much better.

      We are all watchable, so assume that unless you are _really_ trying HARD to cover your tracks. Which means no electronic communications whatsoever for starters.

      1. jrs

        Live like you are always being watched so you can be safe. MAN F SAFE!!! There’s no life in living in quiet desperation while the world collapses and the vast majority are hung out to dry. I’d rather die political.

      2. hunkerdown

        It helps to knowingly establish a pattern—and then go off that at a time of your own choosing. Machinery is pretty dumb about perceiving that and casual human observation not much better.

        Machines can draw conclusions even in the absence of certainty just as can humans. In fact, they’re much more capable at quantifying and organizing uncertainty than human judgment typically allows. Machines may lose you for a minute, but even flawless opsec might not stop them from instantly associating your new patterns to the rest of the old you as soon as a link becomes known to it.

    2. Yves Smith Post author

      I think you missed what I wrote.

      I am keeping my phone turned OFF EXCEPT when I choose to make an outbound call.

      If it is off, it is not in contact with the tower. I don’t have one of those newer phones that sneakily pings for info even when it is nominally off. I have a really stupid phone, a brick (so older than even flip phones). So my understanding is I am geolocated only via trinagulation when I am making a call.

      And the phone’s behavior is consistent with that. When I turn it on, it takes it a LONG time to have signal. If I try making a call immediately on turning it on, or even in the first 30 seconds, the call fails and the screen says “no service” and I see no signal bars.

      1. C

        Ahh, well then yes they would only have the cell-tower data for the call in that case so you would be less tracked than someone who carried it around with them at all times.

        One thing that isn’t clear, however, is how much of the “walking around data” is actually retained by the phone companies. I know they keep the call info and my understanding of the verizon order is that it requested call-time data. However it may very well be that they get the rest of the info too.

      2. KnotRP

        So you think wake-up packets from a cell tower cannot
        wake up a “turned off phone”? Welcome to the world of
        “we can do anything we want with hardware, including
        not show visible signs of being ‘on’”….

        It’s important to understand that there are superficial
        levels of security (security theater), which allow the
        true level of intrusive capability to continue to exist.
        If the phone is with you, it can be used.

        Heck, even desk phones have been hacked to listen (using
        the handset as a microphone). The government itself requires
        phones to have a physical disconnect when the handset goes
        on the cradle (because they know about this), but of course
        who knows what funny business has been inserted into the
        various chips by various competing governments….

        Welcome to the Man With One Red Shoe world…there
        is a 3 ring circus running all around us all day long;
        the difference is, some dude said “Hey, look at that
        bear!”:

        http://www.youtube.com/watch?v=Ahg6qcgoay4

        The interesting thing is we’ve given up our Liberty,
        in order to “protect us” from losing our…uh….Liberty.

        (Otto says: Wait, what was that middle thing?)

        1. Yves Smith Post author

          My phone is an extremely low end phone as well as being close to stone age in terms of how old it is.

          Given that (now I’ve timed it) it takes a minimum of 1 minute, 15 seconds to connect to a tower when it is turned on or comes out of a “no signal” zone, I am quite confident that a cell tower can’t get to it when off. If it take that long to make a connection when in “on” mode and trying hard, it’s not going to have the resources in off mode, given how long it takes when having full power.

          You are basically assuming I have a higher end phone. This was the super duper cheapie of a decade ago.

    3. Frank Miata

      C,
      How about Pidgeons? I come from old NYC. The real old guys had birds that they raced. These birds were your Carrier Pidgeons. This “solution” ha sthe added benefit of getting everyone to write more economically.
      I realize that pidgeons would not be a soluation for cross continental or intercontinental messaging. But, as granny said,” Nothing good happens when you leave your neighborhood.”

  6. Gallagher

    Yves,

    Anyone who works in an environment sensitive to corporate espionage will tell you that since the early 2000s and possibly before, they’ve been taking their cell phone batteries out during meetings since the microphone can be used as a bug. Most of the defensive tactics against corporate espionage also protect against NSA spying.

    This is necessarily so since there is also a widely believed rumor that the NSA spies on small corps and foreign corps for the benefit of big corps.

    The cloud is a no go and so is BYOD. VPNs have always been big. Meeting rooms are often built to be shielded in such a way that sound and electromagnetic signals can’t escape. TOR is used to check out competitors without them knowing who it is. Harddrives are automatically encrypted using SED drives, and some are meant to self-destruct/self-wipe when removed.

    1. MRW

      Anything that is duplex can be accessed. That includes your regular landline or VoIP phone. It’s a simple matter to activate the microphone in any regular landline or cell phone by using a series of codes with a certain phone number. For those who remember the days of dial-up BBS, it works on the same principle and is just as silent. it’s also how the old telephone answering machines worked when they were in baby monitor mode.

      We were doing this for fun in 1985 at Bell Labs. It’s beyond a wiretap to listen into someone’s bedroom.

      If you don’t want to take your battery out (ONLY way to avoid recording) buy an old CD player and a ‘white noise go to sleep’ CD and charge your phone with the phone mike facing the speakers, aluminum foil the whole thing loosely so there’s still some air, and use a bluetooth earbud to hear calls.

      1. PacosF

        http://www.camera2000.com/en/rf-shield-block-pouch-bag-for-cell-phone-mobile.html
        this is on sale for $4 : Since the IDevice is not friendly to battery removal.

        Also, the iOS devices are only usable after root access is achieved. The community is strong and take care of just about anything you can dream up. ex; the location data logfile is frequently deleted after installing a small modification.
        I “fake” my location with various mods so forth, but it gets annoying when I do want to use the mapping features. Besides, as mentioned above – it’s the celltower location data . I feel like I’m paying my wireless carrier but not really getting what I want, because in the Cap’n’s own words: “You can’t get away with the Crunch, because the crunch always gives you away!”

  7. Godiva

    I’ve considered TOR but find it painfully slow – probably because there simply aren’t enough folk volunteering servers – and am loath to add further pressure to its capacity by using it to carry the inconsequential trivia I generate.

    I also have to wonder if many of the servers in the TOR net aren’t in fact volunteered by NSA and its bed-mates as even if they can’t access the encrypted data, they can access the IP addresses in the packet headers and, as pointed out above, the question then becomes: “Why use TOR if you’ve nothing to hide?”

    1. jrs

      Basically to protest? I think you use it to protest. I have nothing to hide except the fact I’m protesting the NSA. Wait, maybe that’s something to hide afterall …

    2. Brooklin Bridge

      The simple answer is that if enough people use it, it becomes very difficult for the NSA or whoever to flag each one of them as having something to hide. As the commenter above me pointed out, it’s also the right thing to do. If they are going to monitor us, it is our job to make that as difficult as possible in a democracy such as ours with a Bill Of Rights and a Constitution such as ours.

    1. Yves Smith Post author

      1. This isn’t “NC insists”, it”s “WordPress insists”

      2. I see your IP address, so you are kidding yourself if you think I don’t have better data about you than an e-mail address.

      1. Godiva

        1. “WordPress insists”? So you’re only obeying orders which makes it OK.

        2. The IP you have for my communications will tell you no more than that I’m one of 50-odd (some of them very odd) folk who share an internet gateway. To get to me you’d have to break into the gateway server and sort through the (ad hoc) IP masquerading.

        1. Brooklin Bridge

          Writing your own blog/comment software is out-of-the-question expensive. You can be silent, or you can use what you’ve got, such as WordPress, with it’s good and weak points. There used to be better comment packages for anonymity, but for reasons that should be obvious those packages where phased out, ostensibly due to the difficulty of swatting/managing trolls and other obnoxious users. NC has no control over this and is lucky to have doing their best with WordPress.

          It’s true that one can obscure their IP address by proxies or VPNs as various comments such as mine below and even Yves post above make clear.

    2. Any Email

      You really do not have to use a real email address to submit a comment. This comment is proof.

  8. MRW

    Install DoNotTrackMe or Ghostify. If the latter, you will have to figure out which ones you have to leave open to see videos, like Brightcove, etc.

  9. MRW

    Witopia.net has Cloakbox, a router (not cheap and an annual fee) which encrypts from your computer to their servers where it then goes out to the net, and back through their servers to your computer.

  10. Godiva also says:

    Your email address is only visible to you and the webmaster ( email “will not published”), hence this prevents any third party from assuming your “name” and posting using your ID as if post is by you, as i have done here soley for the purpose of demonstrating the point.

    I am NOT “Godiva also says:” and nakedcapitalism can easily deduct this by the exclusion of your (normally used) email address.I have entered the email address which is regularly associated with my posts.

    Fíréan

    Fíréan

    1. Fíréan

      the above post was made in reply to Godiva also says : post “Ps. Why does NC insist I append an email address to these replies?”
      Sorry it ended up abit out of sequence.

    2. Godiva barely

      I’m not personally troubled by giving an email address to NC as over the years I have followed NC – and contributed to some of the threads – it has never in my experience misused it. Nevertheless I can not see any purpose or reason for having to provide one, and that which I do no understand concerns me.

      However the same cannot be said for some – perhaps many – other sites who pass or even sell member’s email addresses on as evidenced by the sudden influx of spam or vaguely related information to them.

      Hence the email addresses I use now for sites like this are ad hoc and disposable.

    1. diptherio

      That’s a horrible idea!!! Now people will go to google and facefook just for the great tunes! What was he thinking?

      …just kidding. Seriously though, if I installed that add-on I would totally end up going just keeping a google tab open when I wanted some background music…

    2. Brooklin Bridge

      This could potentially get the developer in a lot of trouble since it might be construed as causing denial of service.

  11. Dean

    I will be deleting Facebook account. In addition to seeing it as an unwilling partner of the NSA, it has jumped the shark. I find it wastes my time as well.

    My next prediction: all of our credit and debit card metadata (ie everything except what we actually purchased) will have been found to be submitted to the NSA as well, either directly or indirectly (via the Fed or some other industry enabling government agency). To that end pay cash to the maximum extent practicable.

    1. timotheus

      Pay cash: a back-to-cash movement seems to me an appropriate response and something that if sufficiently widespread could seriously displease big players.

    2. Richard Kline

      Be a little smarter, Dean. Have a card, and use it for some routine things. —But use cash for what you want to be hard to trace. Avoid big cash withdrawals, just build up a stash gradually so you can drop $100-$2000 when you want to and not have a blip withdrawal show up. Like I said, establish a pattern that says you’re a sheep and just take the cloak off at the time and place of your choosing. You have a ‘fake identity,’ it’s just that that is the one seen as the real one.

      1. Wendy

        this is all I have really changed, removing most day-to-day transactions from a credit card, and using cash instead.
        also, ceasing providing Facebook with any new info on me (old info is already there, deleting it won’t change what’s out there).
        I agree with RK: assume all data you provide is being watched, or at least is being collected to be watched retroactively if deemed necessary at some point, and act accordingly.

  12. Skeptic

    Here are two protective ideas:

    1. If NAT STASI and other criminal organizations search on key words, then MISSPELING becomes the order of the day. A simple word such as subversive can have many variations such as sobversive, subverseve, sibversive, etc. So, NAT STASI first has a tougher job to even figure out what each misspeled word is let alone what the significance/importance of the total message and what it means in context. Additionally, NAT STASI may have a problem in this area anyway since the US is tending towards illiteracy through poor education, MSM entertainment and fascination with and the demands of tech amusements like Twitter. So, the Meek shall inherit the Earth and the Misspelers will avoid Guantanamo. The additional benefit of this is that it will drive your anal retentive Grade 11 English teacher krayzzy.

    2. Firefox already has an addon TRACKMENOT which generates randomized searches and thus obscures a user’s activities. Building on this concept, when there is unused CPU time, other computer activities could take place which would further obscure the user’s profile such as visiting unusual or STASI approved sites. This could easily be done when the computer is not normally being used. Thus, similar to Number 1, NAT STASI no longer is dealing with a Sitting Duck. Programmers, I am ready to BUY software like this.

    The two above based on GIGO, Garbage In Garbage Out. The more Garbage that can be injected into their STASI bin, the more resources they must devote to either keeping the Garbage out or to sorting through the Garbage for what is usable. Those who live in Recycling jurisdictions, realize this, If you do not separate your Garbage at source, nothing can be recycled, it’s all Garbage, even the Recyclables. So, load these snoopy folks up with all the Garbage they can secretively cart away!

    As has been mentioned, my fellow antelope of the savannah, there is Safety In Numbers. That is, if everyone used encryption, for example, they are overwhelmed; they can only pick at the periphery. Thus, we have Pirate Bay. For a time I lived in Montreal, where Jaywalking is an Art, a Sport, a Challenge and a Skill. It is also illegal but almost everyone does it and enjoys it. That is the principle to apply to software to solve this STASI problem.

    To awl reesysters, hav a gud 1.

    1. diptherio

      I know an old Dutch ex-pat who, when confronted by a police officer for jay-walking, responded in his thickest accent “what is this jay-walking? is it like cake-walking?” The cop just told him to pay attention to the signal and walked off confused. Dada, I think, can be an effective tactic for putting off the authorities

      Later he queried me: “tell me, what is this cake-walking?” The man is a genius…

  13. Stephanie

    Honestly, what I’d like is for the government to stop. My life is full enough, and stressful enough, that I don’t want to be bothered to do anything else. And I probably won’t. What I will do, however, is to campaign against Mike Rogers, since he’s my representative. He’s horrid.

    So, I guess that’s my answer. I’ll take a political route, and not so much a technological one.

    1. Jim Haygood

      The political route is being barred, even as we speak.

      George W. Bush repeatedly cited the AUMF (Authorization for Use of Military Force in Iraq) to justify all kinds of power grabs, including NSA domestic spying.

      http://news.findlaw.com/hdocs/docs/nsa/dojnsa11906wp.pdf

      Like the AUMF, Obama’s intervention in Syria provides a new trump card for the NSA to continue and expand its activities. It’s hard to argue for clipping the NSA’s wings during ‘wartime’ when ‘our troops are in harm’s way.’ And that’s precisely the intent.

      If Obama can get away with this transparent diversion, then he is justified in thinking that he can away with absolutely anything.

    2. Jackrabbit

      I agree. IMO, the political route is the only sensible route.

      See my comment below.

    3. craazyman

      that’s the first sensible comment I’ve seen for normal people.

      I think they’re tracking my keybboard strokes. so i type dandfnjkcvkasdjfaskljf asldjf;slf jslkfjasf jsaljdfdsk

      and let them figure it out. they may think it has something to do with communism or with the coming rapture.

      If somebody think they can hide off line in the woods alone with nothing but a tent, knife, water bottle and some rope, I’ve got news for you:

      A room full of good remote viewers at Ft. Meade can locate you in 10 minutes by channeling and drawing pictures.

  14. Marty Heyman

    Our little technology collective (yes, we are in fact a C Corp) has its own email servers, our own instant messaging server, and our own voice over the internet phone system with a server on our premises. All these services use SSL encryption across the “public internet” so our information in the clear is only email in transit between mail servers, a gap we are looking to fill by encrypting email content on our laptops (PGP, GPG, whatever). Yes, the encryption is crackable … at a cost. Yes, we consider this something of a red flag but we would rather cut down the number of folks who can read our stuff casually.

    1. Banger

      This simple solution is one of the better ones I’ve read. The idea is that the public internet is territory that is, essentially, hostile territory. We need no comprehensive solution just many little ones. Can the gov’t hack your servers–probably, but as long as we have people one step ahead of the feds and their corporate allies.

    1. optimader

      1.) been using duckduckgo.com for a while, have recommended it here. Don’t miss the configuration options. (if you know nothing else, it is Bruce Schneider’s website default search tool.)

      2.) http://security.stackexchange.com/questions/12330/how-do-i-use-duckduckgo-securely

      3.) Use a VPN to a secure private server , those that have fallen into the cloud , might want to DD a product like this.

      4.)http://www.econtalk.org/archives/2013/06/schneier_on_pow.html

      Bruce Schneier, author and security guru, talks with EconTalk host Russ Roberts about power and the internet. Schneier argues that the internet enhances the power of the powerless but it also enhances the power of the powerful. He argues that we should be worried about both corporate and government uses of the internet to enhance their power. Recorded before news of the PRISM system and the use of Verizon’s customer information by the NSA (National Security Agency), Schneier presciently worries about government surveillance that we are not aware of and explains how governments–democratic and totalitarian–can use the internet to oppress their citizens. The conversation closes with a discussion of terrorism and the costs of the current system for reducing the probability of a terrorist attack.

          1. rur42

            paltry secrets, that what strikes me about this whole discussion, like, there’s so much paranoia about this it’s laughable…as if we’re important enough to be under someone’s scrutiny (reminds me of the fear thsat neophyte poets have of someone stealing their work and making a lot of money off it), in other words a kind of grandiosity that we amount to more than a gnat’s ass in the general scheme of things….

          2. diptherio

            I don’t think that’s where Aby was going with that one.

            Look friend, a whole bunch of our personal data and communications are being stored by the government, which can be searched at any time for any reason by any person with a high enough security clearance (12,000 just at Booz Allen) with no warrant, no probable cause, no nothing. If that doesn’t bug you just a little, I think maybe you didn’t pay very close attention in civics class.

            This is the sort of thing we have a bill of rights to protect us against. If the authorities want to spy on someone’s communications, they are supposed to have to obtain a warrant by showing probable cause for believing that individual is engaged in criminal activity.

            Being allowed to search anyone’s data at any time with no warrant is laying the ground work for a totalitarian regime. Think about it: if you wanted to change things so that the executive branch would be able to utterly crush any form of dissent, wouldn’t building a database with files on every single citizen be a pretty good place to start?

          3. AbyNormal

            thank you diptherio! never imagined the quote would take that path.

            and thank you for taking the time to write out some of the most serious aspects of this despicable situation we face.

    2. JCC

      Everything connects to Google eventually. Once you leave a search engine like DuckDuckGo, StartPage, etc. by clicking a link you searched for, you will, either primarily or secondarily be tracked by Google, Facebook, Twitter, et. al.

      If any of you are interested in seeing connection tracking as YOU weave your way through the web, add the “Collusion” plugin to Firefox ( https://www.mozilla.org/en-US/collusion/ ). Some of you (not all) would be shocked.

      For example, if you clicked the DuckDuckGo link posted above you were directly tracked directly by:

      Google Analytics, Facebook, BufferApp, SpringMetrics, Disqus, VisualWebSiteOptimizer, Wistia, GetClicky, and ScorecardResearch.

      And don’t forget this:

      https://www.youtube.com/watch?v=wogtTQs8Kzw

      1. JCC

        Bad form, again, replying to my own post…

        But… using Collusion and reloading this page ensured I was directly tracked by:

        google.com, google-analytics.com, youtube.com, po.st, cloudflare.com, bizographics.com, blogger.com, quantserv.com, doubleclick.net, voicefive.com, sitemeter.com, invitemedia.com, paypal-objects.com, paypal.com, gravatar.com, scorecardresearch.com, loggly.com, blogreaderproject.com, and odiogo.com

        Now I don’t even know who half these people are, but I’m sure some of you have noticed that both scorecardresearch.com and google-analytics.com were informed of my last two webpage loads, the link above regarding DuckDuckGo and the link to this posting. All these sites have now set tracking cookies on my browser.

        Easy to delete, but over time this stuff adds up to a near perfect general profile.

  15. ex-PFC Chuck

    Here’s one idea from GitHub.

    Yves, did you intend to embed a link here? If so, it’s missing.

  16. Ray Phenicie

    The subject of encryption is tough to understand but basically it involves private and public keys. Guess what?
    The government, during the rosy Clinton years, gained access to all commercial products’ private keys through an act of Congress. So all commercially produced keys -even those produced through open source or non profit organizations- by law have to be turned over to the government. If someone is using a home made encryption system with a private key that has not been given over to the government that someone will open themselves to felonious prosecution.

    Making an encryption system for oneself is not too tough but does require a good deal of programming expertise. Plenty of that around but how many programmers would want to risk jail time to develop software that would seen as design with criminal intent?

    Not much one can do on the internet or cell phone since ultimately the government will gain access by strong arming the ISP or cell phone company. The point about use of cell phone towers raised above in the comments applies to all other forms of technology-cell phone towers are owned by just a few of the major players in the telecommunications industry-AT&T pretty much owns all of the land lines and a lot of the internet infrastructure.

    Could an IT expert please brief us on encryption?-The Wikipedia article I found is pretty good – I would encourage folks to read this:
    http://en.wikipedia.org/wiki/Public-key_cryptography

    So to bottom line it-either stay off the technology grid or accept that we now enter the land of the Borg whenever we sign on to the internet or place a phone call.

  17. David Wright

    The one question I have which isn’t being discussed is what do the contractors do with the information?Everyone is up in arms about specifically what the ‘government’ is doing, but, most of this activity is being outsourced – so when are we going to find out what Booze Allen and their ilk are doing to make more $ off their publicly funded spying activities. It’s time to start asking what are the private synergies from the government activities that the contractors are doing.

  18. Banger

    Personally, I won’t do anything that different. I don’t care how if the gov’t knows all about me–they do already as does the corporate sector–I have profiles, ratings, of all kinds. I’m sure there is a number for each of us to be arrested depending on the level of security. I’m sure some pictures of me at demonstrations in the 60s are somewhere.

    I think information is a good thing–I don’t feel threatened by data mining and even if I did it’s too late now. There is no turning back–laws are irrelevant because the powerful don’t feel bound by them. If you are doing something that the authorities want to stop then encrypt and do everything on your own servers.

    I think it’s more important to take the offensive and start doing two things: 1) encourage whistleblowers by providing them with an income and a system of safe houses; 2) monkey-wrench the most corrupt parts of the system as much as possible; and 3) create alternative networks, jobs, lives.

    I saw Brooks on The News Hour last night while he vented his spleen against Snowdon as a narcissist and the usual garbage. This issue on the authority of the state is one of the central issues we face–I see the spying issue as symbolic and divides us along more proper political lines than the media’s definition of the left and the right.

    1. jrs

      My last post didnt’ go through. What did I do to get on NC enemies list? :(

      The point is actual “narcissists” and “selfish people” and “atomized people” have nothing to fear from the NSA. It’s people involved in things larger than themselves like political activism that have things to fear. Live only your tiny life and never get involved in any thing else and don’t fear (or like David Brooks kiss up and dont’ fear). But start thinking you have a responsibility to the community, to the future, etc. And .. Of course at this point if we want to have decent selfish little lives we may need to fight for them, it’s that bad.

      1. Yves Smith Post author

        You need to wake up and smell the coffee. Snowden pointed out that people can be implicated by mistaken phone calls. What if a suspected terrorist misdials to your phone number? You are on the suspect list.

        And you are saying you resign yourself to having no political voice.

        1. optimader

          For those that are comfortable w/government intrusion because the don’t do anything “illegal”

          Paraphrasing Orwell, if you don’t control your government you don’t control what is illegal

          1. private benjamin

            Privacy is more than that. There’s nothing wrong with going to the bathroom, but I don’t want the government or anyone else to have a webcam in the toilets.

            The same goes for private conversations. It’s impossible to have intimacy if the government and big business is recording everything.

            In other words, it’s impossible to lead a dignified and full life without privacy.

          2. jrs

            You’re right here of course. It destroys aspects of being a full emotionally mature human being: intimacy, having authentic conversations with other human beings (at least over the phone or email etc.). All gone for good and now you will constantly think in the back of your mind about the monitoring.

            I focus on the political (ability to scare away dissent … or worse) rather than the personal as I think it’s most urgent. But it is a totalitarian TOTAL STATE right? Even the non-political parts of our lives are now political.

        2. jrs

          Now, now, I didn’t say I would choose to be “safe”. I was saying my read of the police state is what they’re after most is people who get involved with politics, they’re not actually after the “atomized” people that David (idiot) Brooks like to babble on about. But I suppose some could get drawn in by accident. Eventually police states expand beyond all bounds like cancer I guess. But I don’t think Mr and Misses perfectly atomized and apolitical will be the first targeted.

        3. Gerard Pierce

          Ives, what you say is true, but IT MISSES ON CRITICAL FACT.

          When you wind up on the list, no one is going to send you an email. It may have no effect at all – until someone does a background check on you (using one of NSA’s pet collaborators).

          When you don’t get the job, or your insurance is cancelled, the company requesting the background check is not going to tell you what information they used or where it came from.

  19. Brooklin Bridge

    As far as your web browsing goes, it might be helpful for some to get an overview. One way is to go to Wikipedia (http://www.Wikipedia.org) and enter, “Anonymous Web Browsing”. You’ll have plenty to read.

    One of the simplest techniques to avoid commercial tracking (tracking to sell you stuff) is to avoid using Google or Bing and use a search engine such as http://duckduckgo.com or https://ixquick.com/. These two search engines promise not to store your query or use your IP address and I imagine there are others. But using these search engines alone will do nothing as far as the NSA goes, or even to avoid commercial ads as soon as you click on an actual link returned by DuckDuckGo, for instance, from your query. Once you do that, your IP address is embedded in that request. So typically, you would turn off cookies in your web browser and then use DuckDuckGo or some other such search engine and this would help (only help mind you) to avoid sites storing your IP for purposes of creating an advertizing profile on you.

    I’m not sure how useful the following is. You will get the information anyway from Wikipedia with enough reading. Also, I expect most NC readers know this stuff better than I do and I imagine this crude description could stand considerable correction or improvement, but anyway (this is why God created the scroll bar)…

    Remember that when ever you request or send data over the internet, the IP (Internet Protocol) address your service provider assigns to you (I don’t want to get into the weeds of Wifi) is being embedded in that data so that the target web site, NC for instance, will know who is requesting or sending the data and how to get it back or acknowledge it to you. That IP address, in effect, establishes or helps to establish your identity and before your request gets to the NC server or back to you, it goes through a lot of other servers along the way, one or more of which might be “kissed” by the NSA, and that’s one of the more obvious ways you can be “tracked” and have the content of your data, as well as the metadata, stored for ever. Unfortunately, it is not the only way, but be that as it may…

    So to make it difficult for someone to track you by your ip address, software has been developed that allows your browser to send your data first to a remote server (a proxy or a virtual private network (VPN)*) that will copy the data you sent but strip out your ip address and store it locally just long enough to send your data as if it were being sent by THAT server – not your machine – to the target and once it gets the response, send a copy back to you using your IP address and then, in theory, discard it. So the proxy sends your request or your comment or whatever using IT’S IP address and this, in theory, makes it difficult or impossible for spy software on the target server, or on the servers involved along the way, to know who actually sent the data other than the proxy. *The VPN works somewhat differently than described. Essentially, you “remotely log in” to the VPN server and it then becomes your environment and so IT’s IP address becomes the one the outside world sees (and in many cases it will then use it’s own proxy (remote server) for additional indirection and thus security).

    There are lots of problems with both of these approaches and one of them is performance as has been noted elsewhere. Another, also noted elsewhere, is that some of these proxy servers are Trojan horses, servers that the government, or the NSA in this case, has set up on purpose which renders the whole exercise useless. There are other problems as well such as sophisticated software that manages to connect the dots anyway and track the data back to your IP address at a minimum. Then there is the question of just how much can you trust the proxy server or the VPN or the software that hooks you up to them in the first place?

    This is but one aspect of how one can be spied upon, and one scheme to thwart such intrusion, but it is fairly significant since most of the data typical users send and receive is over the web, meaning for the most part via your web browser or in terms of data via the Hyper-Text Transfer Protocol (http) or some other protocol (such as FTP or HTTP) where IP address are used as part of network routing.

    Ultimately, most of this stuff isn’t necessarily very useful unless you like the idea of making things a little bit more difficult for the NSA or others who want to track you. To really hide from them, you need to be a very sophisticated user indeed.

    Also, if you use any of this and then go on Google or use Google email or Facebook or Twitter or anything you have to “log into”, thus providing an alternate way of identifying you, then you have utterly lost any benefit since they are all just gushing – no matter what they say – to share your data and your meta data, for a small fee.

  20. Chibboleth

    The thing about trying to avoid NSA surveillance is that short of not using a phone or the Internet at all you basically can’t. They’re tapping at the ISP / trunk line level so changing online service providers does nothing, and I think it would be prudent to assume that the NSA can break any consumer-grade encryption.

    IMO the best things you can do are:
    1. Do not use social networks. If you’re someone who just has to use LinkedIn, keep everything on there strictly work related. It’s a very bad idea to post the kind of personal information typical of Facebook and twitter users – not only does the NSA data mine the hell out of both services, they’re also extremely popular with marketers. I work in online marketing (yes, I know, but I’m young and have debt and have to pay the bills somehow) and have been in many meetings in the last few years from which I took the clear message: don’t ever use Facebook or twitter.

    2. Don’t put anything in an email or say anything on the phone you wouldn’t want a potential blackmailer to hear. (I would be prepared to wager significant money that the NSA is in fact capturing the actual phone calls, not just metadata.)

    3. If attending a rally, protest, meeting, etc do not bring any “smart” devices. Go out of your way to avoid people who are “live tweeting” the event or engaged in similar activity.

    1. Brooklin Bridge

      Pretty soon, with Google Glasses and Insurance “Snap Shot” devices, etc., all you will have to do to be monitored is go outside or get in your car.

  21. samhill

    All this survellaince everywhere makes people feel wanted, it’s why there’s little resistance.

    1. Brooklin Bridge

      There is a grain of truth to that (look at me big brother!), but mostly people don’t resist because they really have no idea they are being spied on and even when they do, they still don’t realize all the consequences, intended and unintended, subtle and not so subtle, of a government that’s willing to secretly monitor it’s citizens.

      1. gonzomarx

        in the UK the rise of the surveillance state (especially CCTV) mirror’s the rise of the “reality tv show”….. i wonder?!!

  22. dennis bloodnok

    “Fortunately, I have an ancient stupid phone (no GPS).”

    guess you’ve never heard of cell towers ….

    1. Yves Smith Post author

      I’m aware of triangulation. You missed that I also said I am keeping my phone OFF except when making outbound calls (and I don’t use the cell much, 0-2 calls/day, with the average closer to 0 than 2).

  23. Juneau

    Re: phone surveillance-I have gotten into the habit of using code words when discussing sensitive topics (folks on the other end of the line are as paranoid as I am).

    Never ever admit to any wrongdoing when using an electronic device. Ever. Ever ever.

    I have avoided social media completely.

    A friend who know alot about this still feels encryption of emails helps, anything to make it harder for the surveillance people and computers to understand what is being read.

    1. Brooklin Bridge

      Email encryption requires that both parties are using it. Built in encryption is useless unless you wrote the email server yourself or are willing to trust it.

      1. Brooklin Bridge

        Actually, unless you wrote the email sender/reader or the email server yourself or trust it.

  24. Will King

    There is so much that needs to be said, it would take an entire post on this blog just to begin. I will not include links because there would be dozens. I’ll leave it up to the readers to do their research.

    In essence let me say that most of the approaches offered here are pointless. Encrypt your emails and your VoIP calls all you want. What’s being searched by the NSA/CIA/FBI is for patterns in the metadata (as the news reports have stated), which can’t be encrypted because it’s not under user control. (For instance, you can’t encrypt the number of the phone you want to call because the phone company wouldn’t then know what number you’re calling.) Turning off GPS is pointless because it’s cell tower data that’s important (as was pointed out above). Sending your cell phone to a bathhouse while personally going someplace else is pointless (see TrapWire below).

    If you have followed this subject for more than the last two weeks, you will remember that the NSA has taps on the Internet backbone (AT&T’s famous Room 641A) all across the country (ref: William Binney et al.). You host your own email servers? You don’t use Facebook or Twitter but use TOR or DuckDuckGo instead? Pointless. The IP packets that carry your data to and from your computer have to go through the Internet, and the metadata associated with that IP traffic is what is of interest to the collecting agencies. The content is irrelevant; whether it’s encrypted is irrelevant; whether the servers at the end of the line save user data or not is irrelevant.

    Before this kerfuffle, some may remember Total Information Awareness, the supposedly failed attempt to create this all-seeing system that was reported as defeated by Congress in 2003. Well, recent news has proved that TIA wasn’t defeated, merely morphed.

    Before TIA there was ECHELON which also soaked up everything electronic going back into the 1990s, if not earlier.

    If you think that leaving the electronic world behind will keep you safe, it likely won’t. Binney and others have claimed that there’s at least 10 years of history available to the NSA, so if you choose to pull out of all electronic communication now it’s too little too late.

    Then there’s TrapWire. If it does exist as reported, it’s trying to knit together all the traffic and security cameras in the nation. Remember that just about every cash register has a video camera watching it somewhere. Traffic cams can read and understand license plates, security cams can be tied to facial recognition software. If you use only cash, your movements are still potentially traceable.

    Think you’re safe if you move to no-man’s-land Montana? Have you ever really gone in to full zoom in Google Maps (satellite view), Google Earth or Bing Bird’s Eye View? Remember, the DOD’s satellites have much more resolution than anything the commercial services have.

    And then there are the camera drones.

    So, in short, you are potentially trackable, and there’s really nothing you can do about it. Even if you stop the US government dead in its tracks and it ceases all domestic spying activity, are you safe from Britain, France, Russia, China, Israel, India, Pakistan, Australia or any other government on the face of the planet? Have you looked at all the listed countries on Google’s transparency report recently? Think they’re only making these requests of Google? Think they’re only using public methods to get at user data?

    I think the notion of privacy as imagined by the Fourth Amendment is gone, we just don’t want to admit it.

    Does this mean everyone is being monitored on a minute-by-minute basis. I don’t believe so. CPU cycles are much cheaper than manpower, by which I mean that these agencies can soak up and store all the data they want relatively inexpensively, but to actually analyze that data and to determine that they want to send police or military into the field to take action is much more expensive, both in direct costs and in wasted time if they follow the wrong lead. For instance, if you buy commercial fertilizer for your petunias on your windowsill, I think you’re safe, but if you live in a New York apartment and buy enough fertilizer to cover half of Iowa you might think twice about making that purchase on your Visa card.

    But why all the controversy now? Businesses and corporations have been doing this since the Internet became a commercial entity long ago. We’ve happily accepted the loss of privacy for commercial purposes. Businesses today, with only a few data points, can predict your politics, your movie-going habits, your income, your purchasing preferences, your brand allegiances. Why is there so much concern over the government doing the same thing?

    1. PQS

      Because Target and Macy’s aren’t going to pack us off to Gitmo and waterboard us.

      You raise good points, however. I don’t plan on doing anything different, although I am not on SM except for LinkedIn, and I don’t have I-anything.

      The sheer volume of information they’ve collected, as you point out, has got to present some challenges to them. There just aren’t enough people in their employ to sift through it all, and really, if we ALL start to smile and wave in their direction, what will they do?

      Americans just haven’t realized yet we outnumber them.

      1. Jackrabbit

        There just aren’t enough people in their employ to sift through it all…”

        This is a silly argument that is repeatedly made to make complainers seem ‘paranoid’ and marginalize the threat. It’s very similar to: “if you’re not doing anything bad, you have nothing to worry about”.

        A Congressman or official that cheats on their spouse becomes open to blackmail. A hedge fund with the right connections might consistently purchase stock of companies that will be acquired. There are dozens of ways that this info can be misused by targeting certain individuals or groups.

        Perhaps the worst is when used as a oppressive weapon, where ‘terrorist’ becomes anyone that disagrees with anything that the ruling party has made law … and thereafter anyone that doesn’t show sufficient deference to, or enthusiasm or, our doubleplus leaders?

        This seems far-fetched to most, who put all-too-much-faith in our political traditions and values. But lies and misleading statements from government officials and political leaders should give people pause.

        ===

        Its also dangerous to accept the arguments that is encapsulated in “this is nothing new…they’ve been doing this for years.” Data collection and analysis capabilities have not previously been sufficient to be a real threat to democracy. But I think we are now at a tipping point where they are or soon will be.

        1. private benjamin

          It’s worth emphasizing that the sifting is automated. For example, in earlier news reports it was revealed that a computer determines whether there is a 51% likelihood you are foreign.

        2. PQS

          I’m not trying to minimize anything or marginalize anyone. I’m just wondering when all this capability will hit the wall of reality….we are already going broke imprisoning more people than the Chinese – states are setting prisoners free because they don’t have enough money to keep them locked up. So when will all the data just be too much for even the vast powers of the NSA? I think it is a legitimate inquiry and doesn’t minimize the threats that they pose to us, which I find considerable.

      2. The Rage

        Sure Target or Macy’s may waterboard you. In a market state, the capital behind them set the rules.

    2. wunsacon

      I suspect you’re right about everything you just said.

      >> CPU cycles are much cheaper than manpower

      The constraint on TPTB will disappear before too long. As AI matures and CPU cycles become ever cheaper, *analyzing* everything (either already collected or being collected) will become easier and easier.

    3. Brooklin Bridge

      Some of your conclusions about what is irrelevant are simply wrong whether or not the NSA has a tap on the Internet backbone. I tried to post a sub-comment like this one in reply but it got separated from your comment and is down thread.

  25. Sam

    Like my mother-in-law sez, if you’re not doing anything wrong, you have nothing to worry about. The proper use would be money, two times the US GDP, sitting in offshore accounts. When the NSA starts shutting offshore accounts down, that’s the proper role of spying.

    1. wunsacon

      >> Like my mother-in-law sez, if you’re not doing anything wrong, you have nothing to worry about.

      If you doubt Authority’s narrative about 911 or speculate publicly about other BS, it might cost you your job or other opportunities. With the invasion of privacy, you need not explicitly be “public” about any of your thoughts.

      Anyone with a brain enough to question the Matrix will also increasingly worry about self-censoring what they say. With self-censorship, forget about even questioning evil leaders let alone doing anything about it as a democracy.

      So, if your mother-in-law comment isn’t snark, she’s part of the problem.

  26. Jerry

    I read this book where the person being followed bought cell phones used them for a short time, taped them to the bottom of semi trucks, so it was hard to tell where the was.
    He also only used computers in public places i.e. business centers of motels. To communicate otherwise, he ran an ad in the paper giving his friends a frequently changed name to be used for Skype calls. I not a teckie but some of these might have merit….especially the buying and taping of cheap cell phone to the bottom of trucks if lots of people did this at least monthly

  27. NOYB

    First, you must recognize just how disadvantaged you truly are after decades of federal efforts to deprive you of privacy. None of the options available to you are mainstream.

    That said, you *can* cobble together reasonable security for your family using closed systems.

    1. For email: Salvage an old laptop…perform a clean OS install and do not install anything other than an IMAP mailserver. Netwin makes a good server…with very nice webmail support for those email fools in your family ($$$), though many of those free IMAP servers should work too. One key feature IMO? A login timed lockout for incorrect passwords. Setup your server on a dyndns address and force https connections. With dynamic IPs you must generate your own certificate (a weakness) and it’s sometimes hard to get family members to pay attention to certificate warnings. Setup your server to accept only direct ssl connections (no relays), issue a mailbox to each family member, then encrypt the entire drive with diskcryptor or some other *open source* product.

    Be advised, there still remain several vulnerabilities here…but this is still about as good as it gets. The big advantage to this scheme? Not having to teach family members PGP. If you really distrust your users – configure an ironkey for each of them. Doesn’t guarantee they won’t still screw up …but gives you a fighting chance.

    2. For voice: The only simple product I’ve found is Vsee, and you must take them at their word that their servers never touch the session keys. I’ve tried to setup locally hosted zfone/zrtp without much success. Tis a pity – because new android apps support zrtp. That would be a very nice NSA workaround.

    3. General communications: Retroshare is very promising and does work. Not so sure it’s ready for prime time. If you had nothing else – this would still be pretty good.

    The real fix of course is to force all these military industrial complex types to get real jobs while jailing their bosses. Not gonna happen until the public has had enough.

    And folks, these stubborn, cantankerous, NRA guys (not Lapierre and cronies – the real members) are truly your very best friends. They are the ones who stood up early for our Bill of Rights…before you even realized they were under attack. Think about this next time you’re inclined to throw rocks….even for “noble” reasons.

    1. wunsacon

      >> And folks, these stubborn, cantankerous, NRA guys (not Lapierre and cronies – the real members) are truly your very best friends.

      I’ll sum up how effective *those* NRA guys are at defending liberty: They’re guarding a Maginot Line while conceding all the other strategic territory. As a result, their constituents’ guns likely *will* be taken from their cold, dead hands without them firing a shot.

      More likely, Alex Jones’ crew are our “best” friends. Yes, Alex, too, talks about gun rights. He also talks and has been talking about a lot more.

      >> They are the ones who stood up early for our Bill of Rights…before you even realized they were under attack.

      What?? … Okay, depending on how you define “they” and “you” and “realized” in your sentence, your statement could conceivably be correct. I think you’re giving the NRA leaders undeserved credit.

      1. NOYB

        Try the portable version, I’ve heard reports of problems with the full install.

        And at least one of the nodes needs to be exposed to the internet for effective forwarding to nodes behind firewalls. I wish they packaged a dedicated livecd for this (read only so it cannot become infected).

        With an exposed relay, system access is pretty quick.

        Retroshare may be more effective, but a standard IMAP server setup as a closed system is still pretty good. That netwin product runs for years between reboots (very rare with windows software).

  28. Conscience of a Conservative

    I can’t take Alan Grayson seriously these days. His Taliban Dan attack ads were below the belt and rather sleezy. Not at all what I expect from members of Congress.

        1. Yves Smith Post author

          I seldom watch TV, but when I was at gyms that forced it on me (in NYC, Texas, Maine and Alabama) in 2012, I can’t recall seeing a political ad that wasn’t an attack ad.

          As for Grayson 2010, it might help if you had some context. He was the most progressive rep in Congress. The Republicans targeted him and raised boatloads for his opponent. And the Dems wanted him nuked too, the DCCC did not give him a dime (pretty much unheard of, and remember the party has worked hard to centralize funding, so the big donors give much more to the party than to individuals once you get outside the Presidential race). I believe his district was also gerrymandered. And the sorry bit is the Taliban Dan ad did NOT misrepresent his opponent’s position on women, he’s uber conservative, but it did take the statement in question out of context.

          1. Jason Boxman

            Indeed, and now I am stuck with Taliban Dan here in former FL-08. Sigh. At least Grayson got back into Congress in the new district here in central Florida.

  29. Jackrabbit

    Taking individual action against pervasive government surveillance is like asking: what are YOU doing about Global Warming? Individuals action can not solve the problem. Only political action can.

    There is a fundamental difference between what corporations and hackers can do and pervasive government surveillance. The government has the resources and the legal authority (trumped-up, if necessary) to circumvent almost all steps you might take against hackers.

    And the government appears to want to keep all information about you for a very long period of time (I believe that Snowden has said it is 100 years or more). To what purpose? The intention appears to be to gain extraordinary, privileged insight into who you are and what you are thinking. This God-like insight is well beyond a hacker’s desire for kicks and/or money.

    Pervasive, long-term data collection and retention provides the means by which governing political factions can subvert democracy (even more than it is already subverted by money in politics). Today they can make life miserable for activists (e.g. IRS targeting the Tea Party). Tomorrow they could make life miserable for anyone that simply complains (publicly OR privately), and after that for anyone that isn’t sufficiently deferential to, or enthusiastic about, our doubleplus leadership.

    NSA has over-stepped their authority. Officials have lied to Congress. Political leaders have misled the American people. No one is held accountable; and whistle-blowers and journalists are under attack. Doesn’t this strongly suggest where we are headed?

    I don’t see any middle ground here; I don’t see any way that an oligarchical society can safely regulate pervasive data collection. The information and capabilities inherent of such a system invite abuse by whatever political party or oligarchical faction is currently in power. And no faction/party that controls such a system would be inclined to give it up to another faction/party thru a democratic process.

    Thus, the time to act is now. The willingness of whistle-blowers to come forward will greatly diminish from this point on, as will the likelihood that any respectable media outlet finds the courage to publicize the allegations. Individual ‘work-arounds’ and improved oversight are foolish measures that provide a false sense of security. Anything less than the strong privacy protections afforded by the Constitution – and stronger privacy laws for private companies that obtain our personal information – puts our democracy on a slippery slope.

  30. Eric W

    Most of this comment stream is about trying to stay under the radar. One commenter wrote about supplying “garbage in”, an interesting idea. For some of us that have done “nothing wrong” but choose not to live in fear, we can go ahead and get on the lists, and in a feeble way stand up against the machine.

    My signature on emails says “NSA computers, I protest your unconstitutional existence.”

    I also wrote to my Representative, knowing that most likely it will put me on a list. I reached my own point of not caring any more, I want to speak freely. Here’s what I wrote:

    I would like to make sure that Congress knows that we average citizens are not particularly stupid. Gen. Keith Alexander in testimony to Congress said that surveillance has stopped dozens of potential terrorist attacks. Attempted terrorism is a crime. Where are all the arrest records for these “dozens of thwarted” attacks?

    We common Americans know that the NSA is seizing data on all Americans simply to have a hold over them whenever someone in power thinks it is necessary. It’s not about terrorism, it’s about control… the control and paranoia of a tyrannical police state, which is exactly where this unconstitutional activity is inevitably leading.

    There is no, absolutely no, way that collecting all this data and metadata is in any way constitutional, despite supposed “states of emergency” and “it’s for your own protection” and executive findings or even Congressional approvals. Twisted logic is not truth, and the truth is that this is all unwarranted search and seizure.

    As such, these unconstitutional actions that are active now and ongoing for the future are quite simply, quite obviously, and quite unequivocally grounds to start impeachment proceedings against all involved, including, by grave necessity, the President of the United States.

    For too many decades Congress has been unwilling to hold anyone accountable and enforce the laws. For too many decades Congress has played patsy to the Executive Branch and relinquished all forms of checks and balances. Congress has stood by while the Constitution is used as toilet paper, and the Geneva Convention is shredded.

    Congressman Lance, your peer group is behaving in a similar way to the members of the Reichstag in 1933 as they paved the way to a totalitarian state. The Reichstag rescinded most German civil liberties, they allowed the police to detain people indefinitely without charges or a court order, and they violated their own constitution. In wikipedia this is listed under the heading “Nazi seizure of power”. You and your peers have been complicit in today’s corporate seizure of power, what even more terrible seizure of power is occurring on your watch, behind the unconstitutional surveillance of the NSA?

    1. NOYB

      Ultimately, nothing happens until some are willing to stand up. Takes angry people spoiling for a fight….

      And most of those will be turned into “examples”.

      When the abuse finally becomes so egregious the public will stand it no longer – we’ll finally see change.

    2. Jackrabbit

      Gen. Alexander says that they helped foiled ‘dozens’ of attacks and Obama says that Congress has been briefed on these programs.

      Yet it takes D-A-Y-S for the nsa to put together a list of attacks that have been stopped.

      Does that make any sense? If Congress HAD been briefed, wouldn’t NSA have already have provided Congress with examples of how their efforts have born fruit to justify the expense and unconstitutionality?

      1. PQS

        If “they” had stopped even one idiot with an underwear bomb or a wig bomb, or a cigarette bomb, they would have plastered it all over the tube in order to bolster their own image.

        We heard about the underwear bomber and the Times Square bomber and the Boston bombers for weeks. Yet all these supposed threats minimized have yielded nothing to publicize. I don’t buy it.

        1. Yalt

          I’ve been arguing for some time that the purpose of torture is not the acquisition of information, but the acquisition of confessions and denunciations and the demoralization of the targeted population.

          Megadata seems, to me, to work on the same principle. The point isn’t to get actionable information, at least in the common-sense meaning of that phrase, it’s that the more data one has the greater the number of tenuous connections can be made, so that a target, once identified, can be easily smeared.

          Megadata allows a relationship to be established, after the fact, between any two persons of interest. And with a minimum of work, since the data is already in place.

          What they’re looking for isn’t underwear bombers–they’re looking for “PQS is a close acquaintance of Yalt who posts regularly on a message board hosted by John Q., a known subversive who named his cat after Friedrich Engels.”

          1. Robert Hurst

            They don’t even need any sort of metadata to cook up alleged connections between “persons of interest.” That sounds expensive and time-consuming. With our lovely secret laws and secret courts all They have to do is contend that such a connection exists. There need not be any metadata connection at all. Why bother even looking for one.

    3. JCC

      As a reminder to all, since it’s almost impossible to lead a “normal” life and not get tracked, you might consider adding something like this to your email signature:

      “WARNING: The National Security Agency is likely recording and storing this communication as part of its many unlawful spying programs. The people who created the NSA spying program say that this communication – and any responses – can and will be used against any U.S. Citizen at any time in the future should the U.S. Government decide to go after any U.S. Citizen for political reasons. Also, private information in digital communications may also be given or sold to Multi-National Corporations by the U.S. Government.”

      Just a simple reminder :) Something close to this was suggested by George Washington’s BLOG

  31. Owen Crump

    A letter to my elected officials in Washington, DC

    Congress and federal government officials continually tell us that “terrorists” are everywhere, scheming and plotting to kill us. Therefore the borderless and endless and very convenient War on Terror. Aside from the hundreds of billions of dollars being paid to the military, the “defense” contractors, and the “security” industries, why, actually, does “terrorism” exist? This is something that’s never addressed, we are simply to accept that there are those hiding in the shadows all around us just waiting to strike. “Why” are there all these “threats”? Is it really because of our (quickly disappearing) “freedoms”, or is it because the US government’s clandestine agencies and military have been fomenting discontent and mayhem across the globe for decades? Does terrorism exist because the US government is spending trillions of dollars on alternative energy research developing solar, wind, and other forms of power? Or is it because instead of those worthwhile pursuits the US government is spending trillions of dollars (it had to print out of thin air) to fight baseless senseless wars halfway across the globe where (aside from the corporate petroleum interests) the US has no business? Is it possible that because Congress is now clearly controlled by corporate interests, which seems to be fine with most Americans, that the US has lost the respect it once had? Does it seem reasonable that we have military bases in 135 countries yet our own infrastructure is in serious decay? Our educational standing against other nations is gradually falling, thank you Department of Education. The US is still dependent on other countries for oil, thank you Department of Energy. We have a serious immigration problem, the dollar has lost 96% of its value since 100 years ago when the Federal Reserve Act was passed, health insurance costs are through the roof and continue to rise unabated, and fraud in the financial industry is pervasive and unpunished. Yet our leaders claim we have it all figured out, we know just how things are supposed to be done, and all you other countries better listen. Either yer with us, or yer agin’ us. “Why” are there all these “threats”? Why indeed!

    Most Americans found out last week that the NSA is, as a direct result of the handy and profitable “War on Terror”, practically speaking, recording every single communication it can get its tentacles on. This is very interesting because until just recently, individuals who referred to the NSA data gathering program were ridiculed as conspiracy theorists. However President Obama has confirmed that the NSA is seizing and recording data from some 3 billion personal communications every day, communications between Americans never suspected of having committed a crime, let alone “terrorism”. He called it a “modest encroachments” into our lives and said we need to strike a balance between privacy and security, constitutional issues aside. Of course, as is always the case in these matters, the justification for the NSA program is “national security”, therefore there’s nothing that can be discussed as it’s all top secret and as such citizens mustn’t know about it. We’ve been told that dozens of potential terrorist plots have been broken up but nowhere on any government propaganda media outlet is there a list of them, how many and who were charged, and if they were ever tried. Sorry, I forgot, it’s all secret.

    Here’s the thing: Congress and those in the federal government are fast losing their credibility, the NSA activities are unconstitutional, and nobody believes that worn out national security lie anymore. I won’t vote for any incumbent who does not forcefully seek to end the NSA’s illegal spying on American citizens.

    1. Jackrabbit

      I won’t vote for any incumbent who does not forcefully seek to end the NSA’s illegal spying on American citizens.

      But can you trust anyone in the two main Parties. It may be necessary to vote for candidates in a third party with a platform that includes restoring Constitutional rights.

  32. NOYB

    Another angle.

    If Oooma would just turn on the zrtp support on their freeswitch platform – all of us could get rid of the NSA through simple purchase. Probably the only VOIP phone worth owning.

    But for “some” reason Ooma insists upon using SRTP – which they can tap.

    (Full disclosure – Always hated VOIP even though we still use it. Our primary line is circuit switched (only the feds can tap it). Am willing to take a chance on Ooma if they will just protect my privacy.)

    Ever notice how domestic carriers avoid supporting zrtp?

  33. allcoppedout

    I don’t get worked up about the surveillance itself. Awful people using mobiles incessantly in public and ghetto blaster clowns do much more damage to my space, along with idiots loading my PC and email with what amounts to spam. I’d see the big problem as to do with business models rather than security surveillance – though the two are linked as US agencies give huge contracts to US firms that give them competitive advantage as they commercialise what they develop with these subsidies ($600 million to Amazon – currently contested by IBM).
    Really bad Big Brother stuff (Gestapo, Stasi, various Sino-Soviet, Middle Eastern) have always relied on courts not really contesting the vile gossip used in evidence and we are seeing some examples of this in the West, from corrupt use of forensic science (e.g. Nico Bento) and people making ‘private’ twitters (Robin Hood Airport). Both these UK cases were eventually corrected, but it is alarming to see cops and courts accepting such dross in the first place, and many unfair convictions are going unnoticed.
    Frankly our protests are years too late – when did the Robert Redford film ‘Three Days of the Condor’ get aired?

    We can and probably should ‘de-Google’, but we are only in there in the first place because it is free to us and we can put up with the backdoor advertising. I saw intelligence reports on all kinds of people long before the electronic age and many of them were disgusting intrusions into the lives of decent people like union reps and activists.

    I would ask, given all the metadata analysis that can bring down the odd general and his mistress, how it is there are no prosecutions of the tax dodgers and control fraudsters.

    1. Yalt

      I hope that last comment is meant ironically. Tax dodgers and control fraudsters are not threats to national security, union reps and activists and whistleblowers are.

      1. JCC

        Let me fix that for you :)

        “Tax dodgers and control fraudsters are not threats to The Status Quo, they are part and parcel of The Status Quo. Union Reps and Activists and Whistleblowers are.”

        1. allcoppedout

          If national security means ‘us’ then the tax dodgers and corporates are a much bigger threat than any union organisation. Any irony concerns the age of the problem and the flap we get into imagining it has much to do with new technology. I’d see unions and activists as an essential part of any democracy. I’m not old enough to have taken photographs of Banger (say) at 60′s demos, but did meet people whose files I’d reviewed as a cop when injury forced me back to uni as a post-grad. They were salt of the earth and not even the agitators claimed in the files.

          Surveillance is often misdirected and it is very expensive. Whilst focusing the technology on political agitators (almost all of the ‘left’) we were missing the real traitors and such as paedophiles and organised sexual abusers – some strangely coming to justice 40 years on. I just don’t see surveillance itself as the problem – its our lack of democracy and law that treats all with the same respect.

          This said, technology has given us Faceflop and other gossip and teenage toys and is only bringing us decent news and political discussion at its fringe. Pity, in many ways, that the NSA doesn’t suck it all up and destroy it! I’d be happier in a smoke-filled beer cellar! In Northern Ireland, the equivalent tended to be chip-shop cafes. There, failure to deal with the real information – on civil rights, housing and employment led to chronic, violent dispute because our politics were so naff and could not respond to gross inequity. Is our current system a mirror (rich v poor) of the Catholic/Protestant divide of ‘the troubles’? We have undercover cops in animal rights movements – yet none in the banks. I can’t post here without ‘risk’ of scrutiny, but every big UK corporation has offshore accounts that are not.

  34. jfleni

    BATTERIES: In or out, On or off might not make much difference if you have one of the sneaky phones that have extra (additional non removable) batteries, a _feature_ made common in the last few years.

    If you really want to be invisible, get a plastic bag, line it with a heavy layer of aluminum foil, put the phone in it, and feel somewhat more secure. Naturally, you’ll never be able to get any calls whatever.

  35. yojimbo

    It’s impossible to evade the NSA and their ilk, but there are some other considerations for security of electronic communications.

    -As you make your data relatively more secure, you make it more difficult or impossible for those individuals, companies, and government agencies with lower computer skills and access to adversely affect you. For instance, using a VPN makes it more difficult for whatever random person to get data from you over a public wifi connection, buying things with cash means acxiom has that much less data about you to sell, etc.

    -Avoiding use of electronic “services” forces you to reevaluate just why you spend so much time and money on them. Facebook is a waste of time, and “burner” phones are a hell of a lot cheaper than droids and make calls just as well.

    -If some jerk is making $200K a year to surveil you and everyone else, you really don’t need to work pro bono.

    A while ago I went to the trouble of “deleting” my google ID, and found that I could no longer install apps to my droid phone. This meant that I could not install the app necessary to send images of checks to my online-only bank; without a gmail address I couldn’t deposit a check. I’ve also realized that decent paper maps have become very difficult to find, I wouldn’t be too surprised if hard drives go the same way in the next few years now that The Cloud is apparently the only way reasonable people strore their data…

    1. yojimbo

      I meant to say you don’t need to do this hypothetical jerk’s job for him, for free.

  36. Pet_henry

    I am NOT tech-savvy about internet security. But I can use common sense. Here’s what I think is going on:

    The NSA et al are living in a pipe dream if they truly believe that by gathering and analyzing patterns of communications among a good percentage of the public they can detect and prevent terrorist attacks. No evidence has been presented, or is likely to be presented, that this is the case. There are many logical reasons which make this an extremely doubtful proposition:

    - The incredible mass of legitimate global electronic communications, which is increasing at an enormous rate. No matter how big their server farms are, they cannot hope to hold all of it. And no matter how much computer power and signal bandwidth they have, they can’t possibly analyze enough of it in real-time to decide what’s worth storing.

    - The amount of false information, garbage (spam etc.) and mistakes which are out there, which dwarfs the amount of real information.
    - The vanishingly small number of actual terror plots. They are way, way more likely to zone in on a low-probability mistake than on an infinitesimally lower-probability event.

    All terrorist plots that have been openly discussed to date involve traditional methods of investigation, or are events staged by agents provocateurs.

    What all this data gathering CAN do, and IS doing, is providing a data trail for whoever they have decided, or may decide in the future, to track. Once a person is identified, for whatever reason (political enemy, attendance at an Occupy protest, speaking out at a mosque, sitting in a tree …) then there is likely stored some information which has been tied to that person, and which can identify their friends, etc.

    I think that it’s best for everyone to take reasonable precautions (e.g. don’t use email for truly sensitive communications). But to focus on individually becoming less of a target is similar to the “survivalist” mindset. Burying oneself with like-minded bitter-enders in a corner of Idaho isn’t likely to work. Instead we need to work together. There needs to be a public challenge – together we have somewhat of a chance to affect events. By ourselves, we have none.

  37. Elliot

    The Church Commission was successful, in its day (speaking of Idaho). If we can stir ourselves to work for the common good, it is not impossible to do the same again. Ed Snowden gave up that cushy job for us to have a chance to do more than hide under our desks about privacy. We need to get off our collective asses and push, prod, demand that this is changed at the top, because every way we find to circumvent spying while allowing it to remain “legal”, they will re-circumvent. It’s clearly unconstitutional, and needs to be stopped.

    And then, bulldoze the data centers.

  38. constant reader

    I’m going to make another martini and do some gardening. It’s time they changed, not me.

  39. charles sereno

    This is about James “Itchy” Clapper. He claims there’s no room in that new Utah facility (tax funded I remind you) for storing data on American talking to other Americans. You call that keeping us safe?! God save us from such misplaced incompetents. Back in 8th grade, we had a teacher, Brother So-and So, who compulsive scratched his groin while lecturing. You got it. He became “Brother Itchy.” Later, he became Principal. Clapper scratches his bald pate. He’s also promoted. Coincidence?

  40. Brooklin Bridge

    Your conclusions of irrelevance are incorrect as far as computer communication goes:

    If you have followed this subject for more than the last two weeks, you will remember that the NSA has taps on the Internet backbone (AT&T’s famous Room 641A) all across the country (ref: William Binney et al.). You host your own email servers? You don’t use Facebook or Twitter but use TOR or DuckDuckGo instead? Pointless. The IP packets that carry your data to and from your computer have to go through the Internet, and the metadata associated with that IP traffic is what is of interest to the collecting agencies. The content is irrelevant; whether it’s encrypted is irrelevant; whether the servers at the end of the line save user data or not is irrelevant.

    If you set up a VPN using https and TOR, then all data going through the pipe from your machine to your VPN is encrypted and that encryption includes the metadata that will be used by the VPN to actually send your data to the appropriate url. Multiply this by hundreds, thousands and tens of thousands, have it all bouncing from node to node in TOR to further confuse what url is to be matched with what user, and the NSA simply can’t keep track of it. The pipes go dark as they say. Even with today’s processing power, that level of decryption to get at all the encrypted metadata and match it up with the IPs to which response data is returned would be impossible. Whether or not the NSA has a tap on the Internet backbone has nothing to do with this process. As Yves has pointed out elsewhere, if only one person were using this, it would be a snap, but not when even hundreds are doing so and that is the whole power of these VPNs. Moreover, the new TOR versions allow keys to be used for the meta data that doesn’t even include IP info and those keys are somehow resolved inside some sort of TOR cloud.

    There are services that provide this level of security with few of the messey details and if you get one that’s honest, then your browsing, or network communication, is relatively secure. To set it up oneself is fairly difficult for the average user. And as to cell phones, there are services that go through Canada, for instance, that set up a similar situations with non subscription cell phones. The NSA can tell where the cell phone is, how long the call is, but not who is getting the call at the other end, and not even who is calling. Again the service costs money. On the computer, it also has some performance issues.

    1. Brooklin Bridge

      The above comment was intended as a sub-comment response to Will King up thread. Unfortunately, the NS server doesn’t keep track of my name or email as well as the old one and so somehow the comment ended up down here.

  41. Dan Kervick

    I’m not planning on doing anything at this point. I have long taken it for granted that if TPTB in government are interested in what I am saying online, they will always be able to find out one way or another. I do my best to present my honest opinions on everything I communicate about electronically, and am willing to keep doing so and let the chips fall where they may. I’m not about to spend my valuable time carving out some kind of paranoid online bunker. Life is too short.

    1. AbyNormal

      many moons ago an older woman warned me ‘careful what you put in writing…it’ll haunt you without mercy’.

      hmmmmmmm

    1. jrs

      The U.S. strongly appears to be heading toward a police state. The million dollar question is not whether there is evidence of this but: why is it happening?

      revolt theory:
      1) it’s the only way to keep people in-line in a more and more unequal society that offers less and less to most people. It’s to keep down revolt.

      collapse theory:
      2) it’s in preparation for economic collapse. A theory often held by libertarians or Austrian influenced types. But you don’t need to be an Austrian – not with the level of derivatives out there. To prevent revolt as well but only after collapse.
      3) in preparation for environmental collapse – see Chris Hedges. This is what I tend to think

      corruption theory
      4) it’s all about enriching the security contractors, the prison system, Haliburton/Xe/whatever etc.. A police state just because of profits. I can’t entirely buy that it has no larger objective though.

      incompetence theory
      5) they really are after terrist, they are just so lost in their own self-delusional self-reenforcing worlds, with limitless amounts of money, that a police state was an unintended consequence.

  42. HT

    I worry a lot more about google, facebook, my bank, credit card company, cellphone provider, etc having so much information about me than I do about the government. Consider thistaking one for the team, while they spend their time on the boring details of my life you can continue with exciting occupations with only Page, Zuckerberg, Cook and their minions knowing the intimate details of your activities and “monetizing” them.

  43. Expat

    Spam the NSA with encoded mails. But instead of real messages; just send nonsense. But use something akin to Pig-Latin for the sign off: “Uck-fay Ou-yay, SA-Nay”.

  44. Lafayette

    BIG BROTHER

    As well we should be concerned, if we live in America.

    France has one up on the US. The French saw this coming a long, long time ago. So, they passed a law in 1978. It can be found here, in French: http://www.legifrance.gouv.fr/affichTexte.do?cidTexte=LEGITEXT000006068624&dateTexte=20110224

    I am not about to translate French laws. But this one is so pertinent, so specific to the matter at hand that I will translate its preamble, which goes like this:

    Computing has to be in the service of every citizen. Its development has to take place within the framework of international cooperation. Information Technology must not damage either human identity, or human rights, or one’s private life, or personal or public freedoms.

    (My italics.)

    How that objective is accomplished – that is, the safeguards that are put in place to assure that an individual knows what information is being kept about them – is specified in the law as practiced by a national organization established to guaranty to its citizens protection of the law. That organization thus has the right to enact legal action against those parties, civil or private, that it deems to have transgressed the law.

    The organization’s embodiment and range of powers is found (again in French) in this document, here: http://www.cnil.fr/fileadmin/documents/Guides_pratiques/Guide_securite-VD.pdf

  45. Gitta M

    I’m surprised that no one has suggested the idea of forming a movement (or really supporting existing movements) toward creating crowd sourced social media alternatives. Yes, all communications are public but there is a world of difference between privately owned companies masquerading as the public square, who can pull the plug or selectively filter at any moment…and a true public square that is crowdsourced and dispersed in ownership – across national borders.

    It would be a long process to wean people away from facebook, google, twitter…but as people become more aware of the issues perhaps not impossible.

  46. RueTheDay

    Go get yourself a Smart NAS (Network Attached Storage) appliance from Synology or QNAP. $300-$500. Then put a couple of 1-3 TB drives in it. Setup is simple. Presto – your own personal cloud that includes file storage, an FTP server, a web server, and a VPN, that you can access from anywhere in the world.

  47. Jason Boxman

    I think the short of it can be best distiled as this:

    It’s possible to hide the contents of a digital communique, but not its electronic transmission. Any secrecy is subject to the veracity of the encryption method chosen. That one is saying something and to whom can be as important as what is being said.

  48. allcoppedout

    If I re-enter former paranoid detective state for a moment, I have to say that anyone hiding or encrypting information goes up the suspect list. There are ways to go ‘Samizdat’ – but this inevitably draws the attention of police state operatives. Literature warns us all the ‘agitators’ may, in fact, be secret agents or cops. The ultimate idea of working undercover is to be accepted where people speak freely, believing they are secure.
    We could converse here using servers in Panama (some commercial organisations already do)and via encryption, but the irony of such amongst people wanting free speech can hardly be missed. One can almost imagine we might do this to bring about a change in law so as to make commercial firms putting their information beyond jurisdiction!

    What we need is to get to a point where collective action and whistle-blowing could prevent the wrong information being kept and used in court – and the right information being gathered and investigations and prosecutions delivered. The sad thing is we require substantial constitutional change to get somewhere we thought not far away 40 years ago.

    Trashing Google (perm any from a dozen) might be more political than at first sight. What else would come down if we had a secure, non-tracking cloud providing what is now the dated software forms we use for a small fee and a social network that allowed us to order products to cut out sweat shops and lots of lousy retail non-services (banking)? If you think this through a bit, how would we cope with the loss of jobs and re-organise wealth distribution and work obligations? Who would be against us in this ‘war’ against the advertising and government agency subsidised business model?

  49. SteveD

    What I’d like to see is a english language search engine with servers in Norway that DOES NOT save your personal information.

  50. craazyman

    Grayson rocks! That was a good speech.

    I’m glad he’s back in congress. I have him money last time! Even though he has 10000 times more money than me. President of a phone company, huh. all those zeros look like little eyes surveiling the peanut gallery.

    I guess this scandal takes the heat off the banksters and mortgage fraudsters. How many scandals can somebody follow at once in their limited spare time? I can hardly follow one.

    This is overwhelming me emotionally. How can somebody cope with this and function? I got off the subway today and there were 6 guys in black with assault rifles and body armor. They looked like they were posing for a photograph. No clue what that was all about. There was no armored car nearby. sometimes in the old days when they cleaned out the tokens from the turnstiles there’d be a dude with a pistol looking around. this was waaay beyond that. they were just standing there in a line by the curb, it was weird. If I see them tomorrow I’ll ask them what they’re doing there.

  51. Phrase

    @ Banger … You wrote : ” I think its time to take the offensive and start doing … ” I agree !
    .
    Yes, there are many different facets to discuss, and enabling personal cyber-security by utilizing appropriate hard-&-soft-ware is certainly conducive to furthering a sense of personal privacy and the protection of one’s sensitive data. …
    .
    That being said it has been pointed out the NSA has a very significant lead.
    .
    I remember reading an essay titled … “Emancipating Truths” … wherein Little Big Pine wrote : … ” Why are concentrations of power and money almost invariably inimical to truth? Because they are themselves the embodiment of untruth, seeking political cover for the violation of limits in pursuit of more power and money.”
    .
    So I would focus on, as Grayson suggests … fixing the law … so that the regulation of NSA’s activities would further democracy and return the legitimacy of a truly representative government. … But, is Congress captured ? … If so the need for whistleblowers and deep investigative journalism is essential to check and balance rogue power.
    .
    I too felt that … Edward Snowden’s actions were principled and courageous, the actions of a true whistleblower.
    .
    Further, I believe that the disruptive transformative powers of the present technological advances, … far surpass civil societies ability to recognize and regulate for future impact. … We simply don’t know ! … Society becomes aware when there’s a critical fracture as exemplified now by the moral/ethical/normative debate which Snowden’s leaks have precipitated. …
    .
    The philosopher Gilles Deleuze’s wrote about a … control society. In this control society the state used ubiquitous advanced surveillance technology. … It was the _awareness_ of being constantly surveilled in open and closed spaces which conditioned individuals to internalize self-disciplining restrictions as a mode of survival. …1984 … That’s not freedom, that’s fear and oppression. … We need to feel comfortable in a world which embraces the technological advances in a positive way.
    .
    Point being that surveillance, dataveillance, cyber-security, or high frequency trading, manipulation, sovereign debt etc. are techno-aided, if you will. …
    .
    For me, … our world has been made less civil because the moral/ethical principles of a cultured society cannot ever be hot-wired into technology … and the world today reflects a disfunctional sociopathological society of a self-distructive outmoded materialistic paradigm. … That may be a little harsh, but there sure is alot of pain around the world.
    .
    So for me the question is, … will civil society be able to formulate a socio-political economic paradigm which fully … embraces technological innovation, while being able to regulate with the wisdom so that technology will empower humanity, civil society, the public good, and return justice, truth, and security to our streets and minds ? … I hope so !

  52. generic celebrex canada

    There are many factors that can cause erectile dysfunction,
    but this condition usually has its origins in physiological causes such as penile injury or damage,
    some medical disorders or because of side effect of certain medications.
    It is often referred to as impotence, which actually includes all of the above mentioned sexual problems along with
    erectile problems. Many leading pharmaceutical
    companies sell them online through some reputed online portals.

  53. SteveD

    “Opt out of PRISM, the NSA’s global data surveillance program. Stop reporting your online activities to the American government with these free alternatives to proprietary software.”

    http://prism-break.org/

  54. Omar

    The general tone of this discussion is that there’s nothing to fear IF you can opt out of the surveillance system. I think this is dangerously wrong and it is similar to the problem with those who think consumer activism can change the behavior of capital. The case has to made — and done so with zero alternatives — that the Government must stand down or lose its legitimacy as defined by Jefferson’s Declaration. That means that Grandma and Grandpa must be on the same side as every 16 year old whiz kid using encrypted email — and that means they have to be IN THE SAME BOAT. We all need to be free of the police state wherever we roam and however we communicate. The Private realm must be returned to a legal status in harmony with the US Constitution and that idea must be legislatively extended to the private sector as well — since we’ve all seen how much the combination of corporate consumer intelligence and state power works now. In other words, I should not have to shop around to “maximize” the protection of my rights.

  55. LiLi

    YOU CAN ALL IMAGINE THAT WHAT YOUR THOUGHTS ARE ON THE HACKING, IT IS A THOUSAND TIMES WORSE AND NOT ONLY THE NSA IS INVOLVED BUT AS A TEAM BECAUSE THERE WERE TREMENDOUS QUADRILLIONS STOLEN MANY TEAMED UP TO GET IT DONE AND THE NSA IS TAKING THE BLAME, THEY ARE GUILTY BUT THE BANSKTERS, FEDS, CIA, ANONYMOUS HACKERS, BILDERBERGS. ILLUMINATIS AND MANY HEADS OF COUNTRIES AND BANKS AND ON AND ON.
    IT IS OVER TEN YEARS THEY ARE HACKING INTO ME AND ROBBING ME OF HUGE TRANSACTIONS AND DOING THE SAME TO MANY IN THE FINNCIAL BUSINESS, GOLD, DIAMONDS, IRON ORE, BANK INSTRUMENTS AND WE CAN GO ON AND ON.

    THEY LAUNDERED THE FUNDS TO HIDE THE HISTORY AND TODAY OWN THE WORLD. ALL THE BIG COMPANIES, ALL THE RESORTS, HOTELS, BUILDINGS, REAL ESTATE, ELECTRIC, GAS COMPANIES ETC ETC CAN GO ON FOR HOURS AND THAT WORLDWIDE.

    THEIR AIM IS TO MAKE ALL OF US HOMELESS AND REENACT HITLER. TO PUT US IN THEIR FOR ED LABOUR CAMPS AND USE US AS THEIR SLAVES. THEY CALL US THE COCKROACHES. THEY THINK THEY ARE THE ELITE AND WE ARE USELESS.

    IF THESE GARBAGES ARE NOT JAILED, I WONDER WHT IT TAKES TO PICK THEM UP.

    OH YES EVERYONE SAYS THEY ARE TOO STRONG, THEY MADE TOO MUCH MONEY.

    BUNCH OF GARBAGE DOUBLE FACED LOSERS ARE GETTING PAID HANDSOMELY BY THE CROOKS SO THEY WILL DO NOTHING.

    THE PRIME MINISTERS OF CANDA, FRANCE, ETC ARE ART OF THE BILDERBERG GROUP OF ELITE THIEVES AND KEEP HAVING THEIR SECRET MEETINGS TO HANG US IN THE FOR ED LABOUR CAMPS AND DESTROY A HUGE PART OF HUMANS ON EARTH.

    NO ONE HAS DONE ANYTHING SO THEY ARE EXECUTING THEIR PLAN AND REMOVING YOUR GUNS, YOUR GARDENING TOOLS, YOUR HAMMERS AND WITH ALL THEY ARE SETTING UP OUR WATER IS DRUGGED AND DRUGGED AND DRUGGED AND IN OUR SLEEPY STATE THEY KEEP THEIR PLANS IN ACTION.

    THEY ARE GANGSTERS AND BAD MEN FULL OF DEVIL ENTITIES RUNNING THEIR BODIES……..SO WHAT DO YOU EXPECT? YOUR BROWSER IS NOT YOURS, YOUR CAR, TV, PHONES, ALL IS MONITORED WORLDWIDE NOT ONLY IN USA. MANY LEGIONS ARE WITH THEM.

    REMEMBER THE BANKSTERS ARE GERMANS NOT JEWS, THEY FUNDED HITLER AND TOOK THE IDENTITY OF JEWS TO MISLEAD AND CONTROL EVEN BETTER.

    WE ARE BEING DUPED BUT BECAUSE THEY DRUGS US WE DO NOT REACT

Comments are closed.