Main Area and Open Discussion > Living Room
Internet freedoms restrained - SOPA/PIPA/OPEN/ACTA/CETA/PrECISE-related updates
Tinman57:
Aaron's Law sounds like some good legislation, if it gets passed....
The Internet and all those who care about Aaron Swartz took a big step forward today
Rep. Zoe Lofgren and Sen. Ron Wyden just introduced "Aaron's Law", which would fix some of the worst parts of the Computer Fraud and Abuse Act (CFAA), including those which make it a potential crime to violate terms of service agreements -- that fine print that nobody reads at the bottom of a website.
The CFAA is the law under which Aaron and other innovators and activists have been threatened with decades in prison. It is so broad that law enforcement says it criminalizes all sorts of mundane Internet use: Potentially even breaking a website's fine print terms of service agreement. Don't set up a MySpace page for your cat. Don't fudge your height on a dating site. Don't share your Facebook password with anybody: You could be committing a federal crime.
It's up to us to keep the Internet open, a place for sharing ideas, exploration and activism -- not for stifling creativity and criminalizing innovators.
As the bill's sponsors put it in a Wired.com Op-ed, "The events of the last couple of years have demonstrated that the public can speak loudly thanks to the Internet. And when it does, lawmakers will listen."
Let's make sure they hear us. Join us in calling on Congress to pass "Aaron's Law."
http://act.demandprogress.org/sign/aarons_law_intro
--- End quote ---
IainB:
I have put this here for information as something in the wider context of total communications freedom and privacy, rather than just the Internet per se.
Depressing that the evidence we now have apparently shows that reality aligns very well with what we had often presumed or suspected to be the reality, and which reality would be an understatement to call a less-than-ideal norm. >:(
Told You So: If You Have Been Using A Centralized Comms Service, You Were Wiretapped[
Saturday, June 29, 2013
tags: Headlines, Privacy
Rick Falkvinge
Privacy:
This night, news broke that the USA’s security agencies have been wiretapping essentially every major centralized social service for private data. Photos, video conferences, text chats, and voice calls – everything. We have been saying this for years and been declared tinfoil hat and conspiracy nuts; it’s good to finally see the documents in black on white.
This night, European time, the news broke that the USA’s National Security Agency (NSA) has had direct access to pretty much every social network for the past several years, dating back to 2007, under a program named PRISM. Under the program, a number of social services voluntarily feed people’s private data to the NSA. In short, if you have been using/uploading
* e-mail
* video or voice chat
* videos
* photos
* stored data
* VoIP calls
* file transfers
* video conferencing
* (and more)
…from any of…
* Microsoft (incl. Hotmail et al), since Sep 11, 2007
* Google, since Jan 14, 2009
* Yahoo, since Mar 12, 2008
* Facebook, since June 3, 2009
* PalTalk, since Dec 7, 2009
* YouTube, since Sep 24, 2010
* Skype, since Feb 6, 2011
* AOL, since Mar 31, 2011
* Apple, since Oct 2012
…then you have been wiretapped, and still are.
This piece of news broke just after it was revealed that the same NSA is demanding phone records from one of the major telco operators in the USA, and presumably all of them.
In short, practically every single service you have ever been using that has operated under the “trust us” principle has fed your private data directly to STASI-equivalent security agencies. Practically every single one. The one exception notably missing from the list is Twitter (but Twitter uses broadcast messages – you shouldn’t write anything secret on Twitter in the first place).
Carefully note that this PRISM program is not unique to the USA: Several European nations have the same wiretapping in place, Sweden among them. Also, these agencies share raw data freely between them, trivially circumventing any restrictions against wiretapping the own population (“I’ll wiretap yours if you’ll wiretap mine”).
This piece of news practically detonated when it hit this night. We have been saying that this is the probable state of things for years – it’s good to finally get rid of those tinfoil hats, with facts on the table. Predictably, the social comms companies named in the NSA slides are out scrambling with statements and comments.
Google, for example, said in a statement to the Guardian: “Google cares deeply about the security of our users’ data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a back door for the government to access private user data.”
As a politician, what strikes me is how carefully crafted this statement is to give the appearance of denying the allegations, without doing so. It stops exactly short of saying “the presented allegations are lies”.
[UPDATE: The follow-up response from Google's CEO changes this picture completely. See the followup article. You've still been wiretapped if you've been using a centralized communications service, but through no fault of Google.]
For example, a system could be in place that continuously fed the NSA data from Google servers in accordance with the NSA documents, and the above Google statement would still be true (if Google feeds data to the NSA, rather than the NSA fetching it from Google).
Microsoft – whose motto is “Privacy is our priority”, the Guardian notes – was the first to join the PRISM program in 2007. On the other hand, that company was never trusted much, so I don’t see a lot of surprise.
What we learn from this is something that us net liberty activists have known and practiced all along: if you want your data to be private, you can trust no one with it. No one. You must make sure to encrypt it yourself. Only then can you place it in the custody of somebody else. Putting an unencrypted file on Dropbox, Google Drive, sending it in e-mail, etc., is and has been the equivalent of shouting it out to the entire world.
A system that requires privacy, but is built on the assumption on trust in a third party, is broken by design.
You can only trust systems that are built around the principle of distrusting the entire world (like bitcoin, nota bene), or systems that are physically under your control. Note that I say physically: having virtual servers “in the cloud” is not enough, for an administrator of that cloud can trivially go in and take everything you’re processing there and feed it to whomever they like, and must be assumed to do so. For the same reason, having your own servers in a rented datacenter is not enough, either: an administrator of the datacenter can give access to your computers to whomever they like. That is the reason why I have servers for this site and other sites of mine running on my own balcony:
The servers for this journalistic site, and other sites with more sensitive personal information.
The servers for this journalistic site, and other sites with more sensitive personal information, are under my physical control.
This is the reason you cannot trust Dropbox and similar services with anything remotely sensitive. If you have sensitive data, you need your own servers to store and communicate it. Servers that are physically under your control. That is why you should be running encrypted SparkleShare on your own file servers rather than Dropbox in the cloud; that is why you should be running default-encrypted Mumble on your own servers rather than using Skype; that is why you should be using RedPhone from your cellphone instead of regular voice calls.
It’s already a matter of life and death in many places on the planet. Also, do note that it may not be the laws today you have to worry about: Everything is recorded and stored, and your innocent words today may come back to haunt you 30 years down the line under a different administration.
Privacy is your responsibility. You can trust no one.
As a final note, this shows very much why pirate parties are needed – worldwide – to kick politicians who authorize these egregious violations out of office, off the coast and into the ocean. (I usually write “next state”, but people from that state always complain how people there don’t want them either.)
--- End quote ---
Tinman57:
There are times that I wish I could gather up all the people that told me I needed to take off my tin-foil hat and say "TOLD YOU SO!!!
But then I wish that they were right..... :(
IainB:
In an email from demandprogress.org today:
...The Obama administration just revived one of the worst provisions in SOPA (the Stop Online Piracy Act).
The Commerce Dept's Internet Policy Task Force has proposed making it a felony to stream copyrighted content (aka Section 201 of SOPA). Interpreted broadly, this proposal would apply to anyone who puts copyrighted music in the background of their YouTube video or uploads a video of themselves covering a song without permission -- which means, under these rules, Justin Bieber would be a felon.
Even sharing a video of your friend's embarassing karoake performance or your family singing "Happy Birthday To You" could put you in jail! Click here to fight back.
This is all because the federal government wants to make streaming -- including material which falls under the "public performance" category -- punishable by years in prison.
Jail time for streaming videos? Tell the Obama administration: NO!
Obama apparently hasn't been paying attention the past two years: The American people don't want SOPA-style internet censorship or to open the door for more prosecutorial abuse. Period.
We've stopped them before -- from SOPA to PIPA to CISPA -- and we can stop them again.
Tell Obama: we still won't stand for SOPA-style censorship. ...
________________________
--- End quote ---
Whatever the country or governing political party, this form of protectionism would rather seem to indicate the actions of a puppet government, to me.
Stoic Joker:
Whatever the country or governing political party, this form of protectionism would rather seem to indicate the actions of a puppet government, to me.-IainB (August 21, 2013, 03:08 AM)
--- End quote ---
+1 - Me too. I just wonder when/if our corporate masters will decide to come out of the shadows.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version