Lounge

What has Snowden taught us?

 
 
Picture of Visvanath Ratnaweera
What has Snowden taught us?
Group Particularly helpful Moodlers
The Moodle land is extremely quiet. ???
 
Average of ratings: -
Frankie's the name, Moodle's my game!
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

That everything secret will come out in the open...eventually.

 
Average of ratings: Cool (2)
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

The people who are aware of this kind of behaviour (historically speaking) aren't surprised at all. Secret spying agencies do tend to spy on people secretly and that usually means circumventing constitutions, treaties, laws, and people's rights. It's what they do. The NSA is behaving very much like the east German Stasi during the cold war and many other examples of security police agencies running out of control.

Will we be hearing more stories about the inevitable Tuttle/Buttle type mixups? (from the film Brazil by Terry Gilliam http://www.imdb.com/title/tt0088846/ )

 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

More news, Mega to fill secure email gap left by Lavabit: http://www.zdnet.com/mega-to-fill-secure-email-gap-left-by-lavabit-7000019232/

Other services like Freenet https://freenetproject.org/ and RetroShare http://retroshare.sourceforge.net/index.html might become more popular among the more privacy conscious.

And end to end strong encryption can easily work alongside popular email services like GMail, Yahoo!, and Outlook. Just use an email client that supports it and exchange public keys with our contacts, e.g. Mozilla Thunderbird + GnuPG for Windows (GnuPG is standard in most Linux distros) + and the Enigmail plugin for Thunderbird. However, this doesn't stop them from watching our metadata which is the cheapest and easiest way to perform blanket/dragnet surveillance. The FBI has been using social network analysis (SNA), i.e. watching suspects' metadata, to great effect for years in bringing successful prosecutions against corruption and organised crime.

 
Average of ratings: -
Picture of Visvanath Ratnaweera
Re: What has Snowden taught us?
Group Particularly helpful Moodlers
Frankie

Your said,
> everything secret will come out in the open...eventually

Like "all the waters flowing to the ocean"? Highly philosophical!
smile

My question is whether the digital secrets behave the same way. Assuming we are not talking about real time encryption, the secrets have to be archived, encrypted within a reasonable time and discovered. Or do we pay those NSA buildings and there machines the same respect as to God?
 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

You can trust Oxford historian and documentary film maker Adam Curtis to put things into perspective.

http://www.bbc.co.uk/blogs/adamcurtis/posts/BUGGER

BUGGER

 
Average of ratings: Very cool (1)
Picture of Visvanath Ratnaweera
Re: What has Snowden taught us?
 
Average of ratings: -
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

I definitely disagree with that article. The real issue lies not in technology; we do not need engineers fixing security, nor privacy, nor anything at all. Make a superb gun available to children, let them play with it until they start shooting themselves in their feet; then, being everyone as focused on the gun as they are and in how wonderful it is, they'll start suggesting that the gun needs fixing. Far from the truth. As always has been and always will be, it is just human nature.

As much as one would like Curtis to be wrong --whom would like to know that "MI5 were completely incompetent"?-- one has only to watch carefully to realize that people not only live in a state of self-delusion but they sure seem to strive to keep it that way. Heard of P.T. Barnum? He was supposed to have said "the bigger the humbug, the better people will like it".

Anyway, what people really want is easy to use applications, the easier the better; nothing more nothing less. Oh, and if you can keep them entertained at the same time then you'll definitely have them eating out of your hand.

 
Average of ratings: Very cool (1)
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

From what I understand, the USA, UK, Canada, Russia, China, Saudi Arabia, et al are all implementing blanket surveillance on their citizens/subjects. They have limited resources so they're going for the cheapest, easiest options and they seem to think that blanket surveillance is cheaper and easier than the targeted, legitimate, due process of law kind.

The obvious response of citizenry/subjects is to make blanket surveillance more expensive thereby removing the financial incentive. We can do this democratically by demanding that we no longer allocate our taxes for such purposes. As their employer, it's our duty to hold them accountable.

 
Average of ratings: -
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

Well, it actually is cheaper, so why waste precious resources? In an utopic world, what you say would be true and people would do things in quite a different way. Truth is that people care less about government surveillance activities, world order conspiracy theories or anything else. Let me rephrase then, what people really want is an easy to live life, the easier the better; nothing more nothing less. Oh, and if you can keep them entertained at the same time then you'll definitely have them eating out of your hand. smile

Have you heard of the Knowledge computational engine? http://www.wolframalpha.com/ This is really a fascinating system, one can spends hours there (just for fun, try, "How many theoretical physicists specializing in general relativity does it take to change a light bulb?"). But where do people go when they they are looking for answers? Wikipedia, obviously; the encyclopedia from the people to the people, easy to use and a system that do not forces one to think. Do you know how many times I've seen documents created only with texts literally copied from Wikipedia? If I had a dime... And do you know what is the saddest part in this? That this is not from youngsters doing their homework, but from people with masters and doctorates, yes, quite pathetic actually; so, "what people really want is..." Anyway, while this might have not been the best comparison to prove a point, examples abound.

 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

From what I understand, the USA, UK, Canada, Russia, China, Saudi Arabia, et al are all implementing blanket surveillance on their citizens/subjects. They have limited resources so they're going for the cheapest, easiest options and they seem to think that blanket surveillance is cheaper and easier than the targeted, legitimate, due process of law kind.

The obvious response of citizenry/subjects is to make blanket surveillance more expensive thereby removing the financial incentive. We can do this democratically by demanding that we no longer allocate our taxes for such purposes. As their employer, it's our duty to hold them accountable.

 
Average of ratings: -
Also me
Re: What has Snowden taught us?
 

I like slashdot big grin

And while I'm tossing my opinions around willy nilly, I'm not so sure we have a working democracy anymore Matt.dead

 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

Hi Sam,

I'm not sure we ever had a participatory democracy... if Adam Curtis' view is anything to go by: https://archive.org/details/AdamCurtis_TheTrap

I'm surprised the TV networks aren't rushing to show the film version of George Orwell's Nineteen Eighty-four... or maybe the NSA got to them first?

1984 wasn't supposed to be an instruction manual

 
Average of ratings: Coolest thing ever! (1)
Also me
Re: What has Snowden taught us?
 

Adam Curtis makes a lot of sense and the stories he presents are so appalling they border on farcical.

Did you ever see inside Victor Lewis Smith? Paranoid satire/comedy from the early 90's I think. It has similarities in style and presentation.

 

 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

I love Victor Lewis-Smith's work and have been a big fan of his comedy ventures since I was knee-high to a grasshopper smile

I think he still writes for http://private-eye.co.uk/

 
Average of ratings: -
Also me
Re: What has Snowden taught us?
 

You'll have to excuse my flippancy today. I'm fiddling while Rome burns tongueout

 
Average of ratings: -
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

Rome has always been burning :D

 
Average of ratings: -
Also me
Re: What has Snowden taught us?
 

This site looks useful:

https://prism-break.org/

 
Average of ratings: -
Also me
Re: What has Snowden taught us?
 

This is a long post.

TL:DR: Give them the finger and laugh; it's funny.

I have a friend who works in the security field. I asked him, on the subject of privacy, this question:

Should I bother? Does big data join me up regardless of my efforts?
Is what I do to maintain some privacy a token? Is it worth it? Is it too late?

I think his reply is well thought out and a geek fest of techy goodness so I'm pasting it in it's entirety here. This was on Facebook. I wonder if the NSA et al scrape moodle.org.

I've censored the expletives but I find that slightly ironic given the subject matter:

Those are some interesting questions; much of what makes them interesting is the difficulty of answering with any degree of certainty, because much of what we know is actually speculation. There are things I've heard in confidence, too, that I can't divulge without breaking confidences, so where possible I'll mix 'heard it from someone who really,really knows' with 'this is idle speculation, wink wink'. Nonetheless, an attempt at an answer is warranted.

We can be certain of a few things:
1. The UK can monitor every single bit of data that passes its borders.

2. So can the US.

3. They share information with each other and the other gang of five (Echelon/whatever, [hi NSA/GCHQ et. al, please go suck a bag of XXXX]): UK, USA, Canada, Austrlia, New Zealand.

4. The NSA has access to Yahoo!, Gmail, Facebook, and Verizon messages. Probably AOL, ComCast, AT&T (ok, almost certainly AT&T) and other major providers.

5. GCHQ can read (store/index/search) email hosted all the major UK ISPs and very likely many of the US ones, too.

6. NSA/GCHQ capture basically everything you do online. How long they store this data, and which data in particular, is less certain.

7. NSA, possibly others, have highly sophisticated international intercept capabilities. They can taps phones in Pakistan and spin up centrifuges in Iran. Caveat emptor.

8. All of this data contains metadata: who sent what to whom, where, when, how often, using what browser, with which cookies, etc. They know your operating system, your browser, your VPN provider, your email provider and can cross-reference this information in real time to ask questions like "who did soapyspannerbag@gmail.com send emails to yesterday, and what websites did each of those people visit in the hour prior to receiving his email? Show me any encrypted documents they accessed during that time." No, really. They can.

9. By linking your identity to your emails to your IP address to your browser signature, it is possible to build a database of vulnerable software across the globe. Imagine knowing that a particular individual doesn't always apply security updates to his browser - you'd be able to use advanced 0day exploits targeted at that person. Or extend that to a group of people; a company; an multinational; a nation state. Further, the NSA is provided with advance notice from Microsoft about all security issues in their software. Imagine being able to make a query like "show me people in Iraq who are running IE10.x on Windows Y.Z" and then hitting them with 0day. That's a known capability of the NSA today.

10. This is the least surveillance we'll ever have and, in some ways, it's a tipping point right now. See, despite the amazing data collection capabilities of our governments, they're still somewhat lacking in data retention capabilities. You can be sure that super-useful stuff is squirreled away forever, but a lot of data is cycled through databases because there's simply too much data to store for long periods of time. They're drinking from the firehose. That's why the NSA is building the Utah datacenter: storage. If they're able to store everying in the US for 30 days just now, they might be able to store it for 6 months very soon. Then a year. Then a decade. By the time I have children old enough to use the internet, everything we do will be logged for decades if not longer.

So, what to do?

Well, exploit what you've got.

1. Time. In a year a lot of your history will be gone, but like I said: you don't have this luxury for long. Exploit it while you can.

2. Habits. Form good ones now.


* Never use commercial email vendors like Gmail, Yahoo!, Hotmail, etc. Try alterntives like https://user.riseup.net/forms/new_user/first for example. Or host your own server.

* Never use Facebook private messages.

* Never use Skype.

* Never use Yahoo!, Google, Microsoft/Live/Skype or Facebook instant messaging/chat.

* If you use instant messaging, do so using a service that supports OTR (see here for a list of IM clients that support OTR: http://www.cypherpunks.ca/otr/software.php)

* Avoid Google, Yahoo!, and Bing search engines. I use http://duckduckgo.com/. You can always fall back to the major engines when the smaller ones let you down.

* Encrypt everything you can. Tools (like HTTPS-Everywhere) can help with this. Encrypt your all of your computers with whole-disk crypto (https://www.truecrypt.org/ for example). If you have tech-savvy friends with whom you communicate online, don't. Go to the pub. But if you must, why not swap PGP keys and setup an email client to use PGP/GPG automatically between like-minded friends? Have key-signing parties.

* Make sure your browser is configured to use HTTPS for all search engine activity.

* Never access a webmail system over HTTP - always use HTTPS.

* Never trust HTTPS. It's broken and can be intercepted by our Governments using CA certificates trusted by everyone's browsers.

* Don't install Facebook on your phone.

* Purchase a cheap VPS (Virtual Private Server) that's physically hosted in another country (e.g. https://backupsy.com/ - check search engines for discount coupons). Use the VPS server (normally Linux) to host a VPN, like OpenVPN. Don't trust commercial VPN services. Use the VPN for as much of your online activity as possible.

* Never, ever, ever use public wifi without a VPN. Good God, no.

3. Tools. You can go to the Nth degree here.

* At home, reconfigure your home network to use a Linux box (wireless router, Raspberry Pi, whatever) as an internal DNS server. Install dnscrypt (https://www.opendns.com/technology/dnscrypt/ and https://github.com/opendns/dnscrypt-proxy) and make sure that all of your laptops, desktops, etc use your internal DNS server instead of your ISP's DNS server. This is HUGE. Do this. Do it now. It will encrypt all of your DNS traffic such that nobody, not your ISP nor the NSA, can see it. Note: when browsing, your browser sends a "Host" header with every HTTP request, and this will give the game away. That's why it's important to use HTTPS where possible - so that your HTTP traffic can't be seen.

* While you're at it, configure dnscrypt to use a caching DNS server such as Unbound (https://unbound.net/ - packages are already part of all major Linux distros). Dnscrypt will use Unbound as a cache, making things faster, but you can also build a blacklist into Unbound (for example: http://winhelp2002.mvps.org/hosts.htm) that redirects all known advertising and trackers to http://127.0.0.1, which ensures ad traffic never leaves your home. It makes things faster, too

* Lock down your browser. In Windows, use SandBoxie (http://www.sandboxie.com/). Macs use IronFox (https://www.romab.com/ironfox/). Linux make sure to enable AppArmor (https://wiki.ubuntu.com/AppArmor).

* Add privacy plugins: NoScript, RequestPolicy, RefControl, FlashBlock, AdBlock Plus, BetterPrivacy, HTTPS-Everywhere. Others as needed.

* Use a browser fingerpring randomizer. Check out FireGloves for more info on why this is awesome: https://addons.mozilla.org/en-US/firefox/addon/firegloves/

* Use Tor (http://www.torproject.us/projects/torbrowser.html.en) whenever you don't care about browsing speeds. Certainly use Tor when in hotels, airports, etc.

4. XXXX it. There are more important things than the government invading your privacy... like... the government creating a giant spy machine that watches and records what everyone does online.

Basically you're XXXXXX. Unless you're deeply technical, eternally vigilant, and willing to sacrifice a great deal of convencience for privacy, you're gonna be tracked. Oh, and by the way: this Facebook post just tripped so many government trigger words it's not even funny. You just got added to a watch list along with me... remember my comment about the watchers eating a bag of XXXX? Yeah. Still relevant.

Since reading the above (and Matt's post of Adam Curtis' blog adds to this) I've relaxed and found the funny side to the whole thing. If I have no choice as to whether I have my privacy infringed or not, at least I should try and have some fun while it's happening. I've installed http://trackmenot.org/ as a Firefox addon. It issues randomized queries to popular search engines. Makes me smile.

 
Average of ratings: Coolest thing ever! (4)
Tim at Lone Pine Koala Sanctuary
Re: What has Snowden taught us?
Group DevelopersGroup Documentation writersGroup Particularly helpful Moodlers

This an irony about this if you live near Bletchley Park. If you visit there (highly recommended) you hear about the heroic efforts of the boffins who read a large majority of all Germany's communications during the second world war, and hence helped the allies win two years earlier than they otherwise might have done. (Depending on which historian you ask.)

That organisation evolved into GCHQ, which is now in trouble for trying to read all the communications of the whole world, including their own citizens.

 
Average of ratings: Very cool (1)
Picture of Visvanath Ratnaweera
Re: What has Snowden taught us?
Group Particularly helpful Moodlers
Sam

Thanks for the comprehensive list!

I'm not sure whether you've included the new generation of "security hardened" Linux systems like Ubuntu Privacy Remix http://distrowatch.com/table.php?distribution=ubuntupr or http://distrowatch.com/table.php?distribution=tails ?

I had a look at the latter, it is fascinating. A great gag is its "Windows XP look alike" mode.
 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

An update about browser based Javascript encryption algorithms. Apparently, they're inherently insecure and we should never trust them. It makes sense since Javascript is top of the list of security vulnerabilities on every platform that supports it. It also does nothing to stop them from knowing who's messaging who, where, and when.

This means that Mega's promise of secure end to end encryption for its file storage service and its soon to be email service must have security agencies rubbing their hands in anticipation.

At the end of the day, facing the considerable resources that security agencies possess, if they really want to monitor us, it's incredibly difficult to stop them.

 
Average of ratings: -
Also me
Re: What has Snowden taught us?
 

I agree. I think the game now is not to try to stop them but to make it as expensive as we can for them.

Muddy the water, encrypt the meaningless and trivial, use as many different identities and pseudonyms as you can, only use your real details if you have no other choice. Keep your families details off the net, especially never link them to your own. If you have to post your picture, wear a fake moustache, glasses and cigar. The more people do this kind of low level resistance the more noise we make, the more expensive it will get for them, the more funds they will ask for and the less needles they will find in the haystack. In theory at least ;)

 

 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

I tried but I think I got the cigar bit wrong:

Groucho Marx

Wanna come up and see my haystack sometime ;)

I had dual boot on my laptop (Samsung R780) for a while Windows 7 and Ubuntu 13.04. However, when running Ubuntu it got really hot even after trying every remedy I could find on the Ubuntu forums. It seems to be a problem for a lot of laptops.

I'm not that keen on the direction that Canononical seem to be going in at the moment either. By default, Ubuntu broadcasts all your keyword searches on your desktop to the web. There's also some difficult to disable and uninstall apps that also connect to the web for no benefit to the user and without their permission, e.g. Ubuntu One.

Firefox seem to be doing similar things too. Do we really want to share our bookmarks, browser history, passwords, etc. with 3rd parties? (Firefox's sync)

Has the NSA "required" them to do this? We'll never know unless an insider blows the whistle.

 
Average of ratings: -
Picture of Visvanath Ratnaweera
Re: What has Snowden taught us?
Group Particularly helpful Moodlers
Oh, please hand over the gun!

The whole affair was a big misunderstanding: NSA didn't know what privacy means. They have just created a "Civil Liberties & Privacy Officer". Once that post is filled, the world will be a better place.
https://www.nsa.gov/psc/applyonline/EMPLOYEE/HRMS/c/HRS_HRAM.HRS_CE.GBL?Page=HRS_CE_JOB_DTL&Action=A&JobOpeningId=1039797&PortalActualURL=https://www.nsa.gov/psc/applyonline/EMPLOYEE/HRMS/c/HRS_HRAM.HRS_CE.GBL?Page=HRS_CE_JOB_DTL&Action=A&JobOpeningId=103&;

Now discussed in http://yro.slashdot.org/story/13/09/23/1137255/nsa-posts-opening-for-civil-liberties-privacy-officer.
 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

Update

Re: the Ubuntu privacy issue, thankfully it's still open source Linux so there are fixes available. This seems to be a good one but you need to use the Terminal (command line). My mum can easily do it but she's a bit of a geek like me. It would make more sense for Canonical to make giving up your privacy an "opt-in" feature rather than "difficult to opt out of":

https://fixubuntu.com/

From their site:

"Why do we need this?

If you're an Ubuntu user and you're using the default settings, each time you start typing in Dash (to open an application or search for a file on your computer), your search terms get sent to a variety of third parties, some of which advertise to you.

Ubuntu should protect user privacy by default. Since it doesn't, you can use the code to the left to disable the parts of Ubuntu which are invasive to your privacy.

Note: This privacy problem only affects Unity. If you use GNOME (sudo apt-get install gnome-shell) or any other desktop environment, or if you run an Ubuntu derivative like Linux Mint, Xubuntu, Kubuntu, etc., you won't have this problem."

Also note the links to articles in the press about how Canonical tried to sue them in order to take down this site. The community responded and Canonical backed down. Couldn't see that happening with Google, Microsoft, Apple, etc.

 
Average of ratings: Cool (2)
Picture of Visvanath Ratnaweera
Re: What has Snowden taught us?
Group Particularly helpful Moodlers
Hi all

Having recently installed Ubuntu (for this https://moodle.org/mod/forum/discuss.php?d=246408#p1069428) I almost couldn't find the simple terminal. Amazingly one is supposed to start the "Dash" and then type a phrase, say "term", only then select one from of the "search result".

I was wondering why is it that cumbersome. Now I know why.
sad

> This privacy problem only affects Unity.
Thank God!
 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

Hi Visvanath,

Yes, the Dash relies on keyword searching rather than going through nested drop-down menus, a la MS Windows. I don't think it's any more difficult or complicated just different and unfamiliar.

BTW, Ctrl + Alt + t starts the terminal too ;)

I put a fresh install of Ubuntu 13.10 64bit on my wife's computer because Windows got corrupted and wouldn't system restore without a password we didn't have (the HD wasn't encrypted and passwords weren't enabled for logging in). Backup up her files and data and overwrote the HD - Windows gone forever smile However, the laptop got hot and occasionally shut itself down running Ubuntu. I tried every power management and performance enhancement recommendation I could find but still had problems. I eventually scrubbed it and did a fresh install of Lubuntu 13.10 64bit. Now it runs fine.

So Ubuntu itself isn't a resource hog, just Unity... and Unity is the main concern for privacy issues. Lubuntu uses LXDE which is more similar to Windows XP, Vista, and 7, so more familiar for Windows users to switch to.

Of course, such solutions only address consumer corporate surveillance by Google, Microsoft, Apple, Yahoo!, Facebook, Canonical, et al. There isn't much we can do about the NSA, GCHQ, etc. and if these incredibly powerful govt. agencies are acting in the public interest, i.e. under effective, democratic oversight according to the rule of law, it's a good thing to have those capabilities. Unfortunately, the NSA, GCHQ, et al have been "rogue" pretty much since their inception and it's time to bring them in under the rule of law and to make sure they act in the public interest.

Might be a good idea to make some more films from John le Carré novels, like "The Constant Gardener." Perhaps some big budget productions of "Our Kind of Traitor" and "A Delicate Truth." You know, just to get across the levels of corruption and incompetence in those agencies.

 
Average of ratings: Coolest thing ever! (1)
Picture of Visvanath Ratnaweera
The perils of Ubuntu [OT]
Group Particularly helpful Moodlers
Hi Matt

> Yes, the Dash relies on keyword searching rather than going through nested drop-down menus, a la MS Windows. I don't think it's any more difficult or complicated just different and unfamiliar.

I don't use Windows neither nested drop-down menus. For me (on Linux) the most logical thing is to keep a control terminal open and type the name of the program in it. To start a "Dash" to find the terminal is for me like the people who type "Google" in the Google search field to search for Google!

> BTW, Ctrl + Alt + t starts the terminal too ;)

On my OpenBox the most common programs are assigned to hot-keys, Super+Letter. (Super is the key with an awful icon on it.). Incidentally Super+T is for 'terminator' http://gnometerminator.blogspot.ch.

Anyway, moodle.org is quiet about Linux distributions these days. In the discussion I previously mentioned we touched Ubuntu Linux and Linux Mint: https://moodle.org/mod/forum/discuss.php?d=246408#p1081833.
 
Average of ratings: -
Also me
Re: What has Snowden taught us?
 

Thanks, I'm getting a new PC and would like to loose windows.

The time has finally come for Linux to be ready for the desktop.

 
Average of ratings: -
Picture of Visvanath Ratnaweera
Re: What has Snowden taught us?
Group Particularly helpful Moodlers
Sam

I'm sure, you've tested a couple of Linux distributions and found the one you like most. http://distrowatch.com/ is your starting point otherwise.

Since you have replied to my post, just a short note to avoid any misunderstanding: The "security and privacy hardened" distributions like Tails http://distrowatch.com/table.php?distribution=tails are not meant to replace the desktop, to be the work horse. You run them for special cases like online banking and casual and not-so-casual Internet applications where you need higher security and privacy. On the down side the Tor network https://www.torproject.org/ will throttle the bandwidth.

Yes, you can't have everything! But with today's cheap hardware and desktop virtualization you have a work horse and a stealth horse.
 
Average of ratings: -
Picture of Visvanath Ratnaweera
Re: What has Snowden taught us?
 
Average of ratings: -
Picture of Visvanath Ratnaweera
Re: What has Snowden taught us?
Group Particularly helpful Moodlers
Tor users (and Linux users), be warned:
NSA Considers Linux Journal Readers, Tor (And Linux?) Users "Extremists"
http://yro.slashdot.org/story/14/07/03/1846215/nsa-considers-linux-journal-readers-tor-and-linux-users-extremists
 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers
George Orwell summed it up so well with Nineteen Eighty-four and Terry Gilliam made the film Brazil http://www.imdb.com/title/tt0088846/ along similar lines. These were supposed to be warnings, not instruction manuals.
 
Average of ratings: -
Also me
Re: What has Snowden taught us?
 


 
Average of ratings: -
Also me
Re: What has Snowden taught us?
 

Oooo...definitely fake after all.

Suspiciously though..the street view map link you sent shows up dark. I tried 3 different browsers surprise

Map view works fine so the question is; what are they hiding? Do you think they have the black ops helicopters in?

Perhaps I'll just have a small lie down for a while...

 
Average of ratings: Coolest thing ever! (1)
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

I guess this just shows that we're getting close to the point where it'll be impossible to know what's real and what isn't.

http://www.tomsguide.com/us/augmented-reality-future,news-19099.html

 
Average of ratings: -
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

Just until now? Mhh... The following is from a year old article:

http://www.darkreading.com/risk-management/want-nsa-attention-use-encrypted-communications/d/d-id/1110475?

We all agree that PGP --and related software-- users have been tracked or targetted since forever (or at least they must have tried to).

Will someone knock at my door for writing a post with the "bad and dangerous" acronym?

 
Average of ratings: Cool (1)
Picture of Visvanath Ratnaweera
Re: What has Snowden taught us?
Group Particularly helpful Moodlers
But this is getting absurd: Using Linux or even reading Linux Journal makes you a suspect! I think they are out of their minds.

Anyway, Tor is definitely under attack: "NSA 'targets' Tor dark web servers and users" http://www.bbc.com/news/technology-28162273.

And it is cold war, between partners: http://www.dw.de/german-intelligence-employee-arrested-on-suspicion-of-spying-for-us-on-bundestag-nsa-committee/a-17758337.
 
Average of ratings: Very cool (1)
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

Any attempts at "being legal" by govt. security agencies are ad-hoc, post-facto attempts to cover-up or ramp-up what they've already been doing for years, probably decades. International espionage and covert military operations happen in secrecy and with impunity outside of any laws and outside of any democratic channels and mostly outside of what most people believe to be "in the public interest." People like Edward Snowden, Craig Murray (British Ambassador to Uzbekistan), Daniel Ellsberg (Pentagon Papers), General Smedley Butler, and many others have shown us that over and over again.

However, the problem that Snowden and previous whistle blowers have highlighted with this kind of dragnet surveillance is that they're making almost everyone an extremist/radical/person of interest. It makes their jobs harder and increases the risks of "false positives" and missing more likely suspects under the sheer weight of numbers, i.e. almost everyone's a suspect so who do you watch more closely? Wasn't that partly the excuse for the failure to act on information about the 9/11 attackers and the Boston Marathon bombing?

 
Average of ratings: -
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

Given that not many would like to be one of those "false positives", what better strategy than spreading fear?

Yes, decades:

http://en.wikipedia.org/wiki/ECHELON

 
Average of ratings: -
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

You have actually pulled a big laugh from me! Yes, I know, that is beyond words! More the reason for people to start using, as much as possible, that kind of tools (anonymizing, encryption, privacy, etc.). Of course, as we know that that is not going to happen any time soon (nor any time later), what is one to do? Should one yield and get rid of any "bad" software and stop following any "bad" practices? A question not to be taken lightly. How much would one be prepared to endure at defending a principle, assuming one would actually get processed or questioned by any three-letter agency?

---

The following thinking applies, obviously, to both sides.

"If you are not one of us, you are one of them".
~Morpheus.

 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

Yes, privacy guarding tools and protocols are still difficult for most people to understand and to implement so it's generally not workable; security and privacy are only as good as the weakest link. However, security and privacy conscious developers are stepping up their game as a result of the media attention on Snowden, the NSA, and other related stories.

I think a first step would be to standardise public key exchanges in all web apps (email clients, VoIP clients, etc.) to allow for simple, intuitive, easy to use, end-to-end encryption where there's no "middle man" holding the keys (i.e. Google, Yahoo!, M$, Apple, Facebook, etc. acting as conduits to the NSA and other security agencies). That secures the content of messages but not people's identities. For that, we need anonymising proxies like the TOR network.

We also need to get people off of so called cloud services: They're slow, expensive, and vulnerable to abuse by too many agencies and organisations, e.g. Why do you want to upload GB's of photos, home videos, etc. to a remote server, using up bandwidth (that some users have to pay for) when you can store them faster, more cheaply, and more securely on a home system, and not effectively lose access to your files when your ISP slows down/cuts out? And what if net neutrality ends in the US? Will users' files be held to ransom by the telecoms companies?

Decentralising and anonymising the web will make it better for everyone, except the big IT monopolies and spy agencies.

 
Average of ratings: -
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

I'm totally pro all these concepts, so I agree with you, but even if we resist to acknowledge the fact, we must accept that we are really talking Utopia here: for most people, the hassle is simply not worth it at all; as you said, "the weakest link". That is never going to happen.

For the weird minority that likes spending time on these issues... a few days ago I found this: https://www.mailpile.is/

 
Average of ratings: Coolest thing ever! (1)
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

Hi Guillermo,

Yes, I've seen MailPile before and there's also a few crowd-sourcing campaigns to set up "little black boxes" pre-loaded and pre-configured with free and open source content management and communications software for every day use, just plug it in (to electricity and modem/router), turn it on, enter your account data, wait for it to set up, and off you go. The little black box sits somewhere in your home, out of sight, and you can connect all your computers and devices to it securely. It's only a matter of time before they're widely and cheaply available. We already have them in every high street and big box store as so called home media drives/servers. The beauty of this approach is that anyone with the skills and know-how can create downloadable software installer image files, like they do with Linux distros, and make them freely available. Users can use old hardware, i.e. PC or laptop, to repurpose and reuse them as their personal servers.

I guess they should also include automated backup software and drives so that disk crashes aren't catastrophic.

BTW, it looks like MailPile are doing something right:

https://www.techdirt.com/articles/20130905/08233824411/insanity-paypal-freezes-mailpiles-account-demands-excessive-info-to-get-access.shtml

http://arstechnica.com/business/2013/09/paypal-freezes-45000-of-mailpiles-crowdfunded-dollars/

 
Average of ratings: Coolest thing ever! (1)
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

Inconceivable! PayPal No

 
Average of ratings: Coolest thing ever! (1)
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

Remember that PayPal, Mastercard, and Visa have all played their part in trying to starve Wikileaks.org of funds. When corporations reach sufficient size, they become indistinguishable from branches of government.

PayPal is a dreadful organisation which skirts consumer and banking laws, regulations, etc. so that if anything goes wrong, the end users/customers are left in the lurch. They also control both ends of the transaction which gives them far too much power. You're better off using a reputable, regulated local banking service.


 
Average of ratings: Cool (1)
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

Not being a PP user and not having much to do with them, I wasn't really aware of their behavior, of these situations. Thanks. Good to know. Yes, that's right, once they reach a certain size or get some power, everything changes, and not to benefit people.

 
Average of ratings: -
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

Another interesting project; it is just starting:

http://invisible.im/

 
Average of ratings: -
Also me
Re: What has Snowden taught us?
 

I installed Google Analytics a few months ago. Very useful. I'm responsible for opening up another avenue of monitoring our few thousand students.

I might have to get rid of it despite those above me wanting good stats.

Anyone recommend good alternatives?

 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

I've tried Google Analytics but the EU guidelines for web privacy and the fact that it's a freemium service (you have to pay for better access to your own site's data) made me investigate self-hosted free and open source software. I've settled on Piwik:  http://piwik.org/ but you could also try Open Web Analytics: http://www.openwebanalytics.com/

It's also important to give informed consent options to visitors and users of your sites, i.e. an easy, simple "don't track me" opt-out button. A lot of CMS' have informed consent plugins but I haven't seen one for Moodle yet. My Wordpress privacy page is here: http://blog.matbury.com/about-matt-bury/privacy-policy/ and I also embed the Piwik opt-out into the site policy page of my Moodle 1.9.

 
Average of ratings: Very cool (2)
Also me
Re: What has Snowden taught us?
 

Interestingly, when I approached our hosts about installing Piwik I was told that they were already setting up a server for it and that we could be the first of their clients to start using it.

Obviously they saw the writing on the wall too. Nice to know they are thinking along the same lines as I am.

 
Average of ratings: -
Gareth J Barnard
Re: What has Snowden taught us?
Group DevelopersGroup Particularly helpful Moodlers

Snowdon has taught us that you can build a vernacular steam railway to the top of it, get to the top and still only see four feet ahead because of the fog ;)

 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

XKCD's take:

Opinions on internet privacy

 
Average of ratings: Very cool (1)
You either love it or you hate it
Re: What has Snowden taught us?
 

Lets get some pics up of GCHQ and MI6

 

 

 
Average of ratings: Very cool (1)
Picture of Visvanath Ratnaweera
Re: What has Snowden taught us?
 
Average of ratings: -
Picture of dawn alderson
Re: What has Snowden taught us?
 

Visvanath, it is so nice to correspond with someone who has their profile pic.....adds a humanistic element eh.

And there was me thinking....given all the rock and roll you muster up in the forums...that you might have been in the mould of the following:  :0)

Dawn 


 
Average of ratings: -
Gmads
Re: What has Snowden taught us?
 
Average of ratings: Very cool (1)
Picture of dawn alderson
Re: What has Snowden taught us?
 

Guillermo,

next time you decide to run off with the aliens...or hide in a cupboard somewhere, can you let us know? I can recommend some nice biscuits and coffee to accompany you!

lovely to read that you are here-been sometime eh!

warm wishes

Dawn

 

 

 
Average of ratings: -
Also me
Re: What has Snowden taught us?
 

Any one have an invite code for rise up?

https://www.riseup.net/en

 
Average of ratings: Cool (1)
Picture of dawn alderson
Re: What has Snowden taught us?
 

Sam, hi

will explore-ta.

Folks, a question....So is this the type of solution to avoid our data travelling, across the big fat cable under the sea.....through the clouds and into the vats at the NSA?  (Although I hear that story is not so for Sweden-am I wrong?-oops! two questions mixed)

(Was going to draw a diagram, but thought better of it smile)

Just a little thought from a little person.

Dawn

 

 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

Hi Dawn,

On the NSA and govt. surveillance front, what the Snowden documents have revealed is that just about every country in the OECD is developing aggressive, illegal programmes for capturing everyone's telecommunications. France's programmes are even more aggressive and invasive than the NSA's. Germany's doing it too.

#1 - The EU (and other countries) have been publicly embarrassed by the public revelation that the US is gaining the upper hand in international trade and political negotiations (good ol' fashioned industrial espionage). They're acting as if they didn't know and feigning moral and self-righteous indignation publicly, while privately... who knows what their game is? This is international espionage!

#2 - US corporations dominate the web services industry and they suck the life out of IT sectors elsewhere in the world funnelling billions in profits and opportunities away from them. As China has shown, the only way that other countries/regions can compete is by localising web services (What do you think the real reasons are for booting Google out of China?) in order to allow their tech industries to develop and grow.

I wouldn't be surprised to see regions placing more restrictions on US web services in order to "level the playing field." I see this as a good thing since we need a more distributed and diverse internet so that it benefits more people, not just US interests. And diversity also encourages creativity and innovation.

 
Average of ratings: Coolest thing ever! (2)
Picture of dawn alderson
Re: What has Snowden taught us?
 

Clear Matt, got you.

...time to get the tiddlywinks out then eh.

smile

nice weekend all.

 

Dawn

 
Average of ratings: -
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

A couple of tools to get started:

GNU Privacy Guard, TrueCrypt.

 
Average of ratings: Very cool (1)
Picture of Visvanath Ratnaweera
Re: What has Snowden taught us?
Group Particularly helpful Moodlers
Guillermo,

End-to-end encryption is ineffective in the face of such a foe. They may confiscate your equipment and extort the keys from you. If you want to be adamant, you need to keep the master key engraved in to a cyanide pill.

Of course, through encryption you can make their life miserable, but it doesn't make you immune.

And, what about meta data: http://www.wired.com/opinion/2013/06/phew-it-was-just-metadata-not-think-again/ ?
 
Average of ratings: -
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

Hi Visvanath,

Contrary to what has been published (e.g. NSA defeats many encryption efforts or NSA able to foil basic safeguards of privacy on web), encryption technology is actually quite effective:

While the possibility of that extortion you mention is a rather far fetched one, there are other elements or tools, besides encryption, that also have to be taken into consideration and used to lower, or maybe even discard, that possibility from happening.

Regarding meta data, why should people worry about three letter agencies collecting it when Google et all have been doing it since forever (and very few do something about it, like using any of the five alternative search engines that respect your privacy)?

Besides, meta data could say something about someone, but unless a specific series of events are also included or taken into account, for most purposes that meta data will be actually useless: they could know that from my phone number a call was made to a rather sensitive kind of service (e.g. suicide prevention) but would that prove that it was me doing that call? Or would that prove that I was actually in need of the related service?

At first instance it all comes down to how each side uses, or not, technology. However, while the problem could seem to be that most people really don't know how to use these technologies properly or don't care about using them at all (which then allows a government to have easy access to people's private info) the real problem is that, for the (supposedly) sake of finding the bad guys, governments are actually acting against the very people that they should be protecting. Why? Who is actually they? Why are they so afraid that they need to scrutinize everything being said of communicated?

 
Average of ratings: Very cool (1)
Picture of Visvanath Ratnaweera
Re: What has Snowden taught us?
Group Particularly helpful Moodlers
16 March 2014
Who is winning the 'crypto-war'?
http://www.bbc.com/news/magazine-26581130

History, starting in 1976.

And today, "What we're learning from the Snowden documents is not that the NSA and GCHQ can break cryptography but that they can very often render it irrelevant… They exploit bad implementations, bugs in hardware and software, default keys, weak keys, or they go in and break systems and steal data."
 
Average of ratings: -
Tim at Lone Pine Koala Sanctuary
Re: What has Snowden taught us?
Group DevelopersGroup Documentation writersGroup Particularly helpful Moodlers

That is alwasy the way the crypto has been broken. I recommend a visit to Bletchley Park. If the Germans had acutally followed their own procedures for using Enigma, it would have been unbreakable using the technology of the time, and history would be different.

 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

No sooner do I mention it, someone else goes and writes more informedly about it: http://www.businessinsider.com/the-snowden-effect-is-crushing-us-tech-firms-in-china-2014-1

The US and its "partners in crime" could suffer the blow-back from their actions for years to come. For national leaders, I think it's the embarrassment factor more than anything else. Nobody wants to look naive/stupid/ineffective on the world stage.

 
Average of ratings: Very cool (2)
Picture of Visvanath Ratnaweera
Re: What has Snowden taught us?
Group Particularly helpful Moodlers
"partners in crime"? Ha, ha, partners to be laid once you have the bounty! Mme. Europe will never forgive those sleezy *s for recording her private conversations.
smile

Seriously, the european industry is looking intensively for alternative. Only the states still hang on to NSA & Co., I guess they are the only (cyber) weapon producers right now. The tide may change soon, unlike the (real) heavy weapons, the blueprint of a cyber weapon is the weapon! Snowden-2 is possibly smuggling them, byte-by-byte.
 
Average of ratings: Coolest thing ever! (1)
Picture of dawn alderson
Re: What has Snowden taught us?
 

Mme. Europe,

big chuckle Visvanath smile....can't blame her for being unforgiving though eh.

cheers,

Dawn

 
Average of ratings: -
Frankie's the name, Moodle's my game!
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

Where is Michael Moore, now when you need him?

 
Average of ratings: -
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

 
Average of ratings: Coolest thing ever! (1)
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

OK, breaking the silence...

Here's an interesting story about "Big Data": Big data: are we making a big mistake? http://www.ft.com/intl/cms/s/2/21a6e7d8-b479-11e3-a09a-00144feabdc0.html

The tools and methods may turn out to be a bit of a blunt instrument. My biggest fear is that police and security agencies might start looking for crimes and criminals with algorithms instead of investigators. I'm sure Google's and Yahoos!, as well as private security and defence sub-contractors' sales and marketing staff can be very convincing when they sell their hot new version of the future of law enforcement and intelligence gathering.

The Joint Special Operations Command (JSOC - a division of the CIA) already uses what it calls "signature strikes" to identify and execute suspected insurgents with drones and missiles.

How long before the police and security services start arresting people and/or harassing them because they unluckily fit an automatically generated algorithm's profile? How about finding out that you're on a no fly list when you try to go on holiday or to a conference?

 
Average of ratings: -
Frankie's the name, Moodle's my game!
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

Judging from the number of replies in this thread, the real question should be:
"what has Snowden NOT taught us?"

 
Average of ratings: -
Also me
Re: What has Snowden taught us?
 

Analysis on radio 4 has an interesting...er...analysis on the internet.

It doesn't move the debate on any further than it has on this page but identifies how the internet was first conceived and implemented as part of why we have got to where we are - which is new to me at least.

In short, because the internet was built by hippies on the west coast in the 60's/70's who wanted a "free" to the user system with egalitarian, communal and open values, commerce has been forced to provide services for free.

But commerce has to make money so they find increasingly innovative ways to monetize the free service - which includes collecting information.

Because of the network effect, those better at this gain a disproportionate share of the cash, power and data and the surveillance problems follow.

On this analysis then, we can quite clearly place the blame on the hippies for our Orwellian problems :P



 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

Hi Sam,

I think it would be more accurate to describe the Silicon Valley entrepreneurs as libertarians and laissez-faire capitalists rather than hippies. A frightening number of the original companies are named after Ayn Rand and characters and ideas from her books.

BTW, it was CERN and more specifically Tim Berners Lee who "invented" the internet as most people understand it (HTTP/TCP). Silicon Valley was too busy building its own walled gardens to control and monetise IT to think that big... it looks like they haven't really changed their ideologies much since then. The LCD screen was also a British military invention.

I guess we can blame the international scientific community for creating a platform that allows people to connect, communicate, and share information freely. Govts. around the world were listening in on their own citizens' and other countries' telecommunications long before that.

 
Average of ratings: -
Gmads
Re: What has Snowden taught us?
Group Particularly helpful MoodlersGroup Testers

Matt,

So are we to expect the same unfair, unjust and sad ending as in We the living?

 
Average of ratings: -
Matt Bury
Re: What has Snowden taught us?
Group Particularly helpful Moodlers

Hi Guillermo,

Happily, no. I think govts. and society in general are becoming more liberal and more socialist as populations and technology develop and grow. I think it's a natural process and pretty much inevitable. Yes, some of the "powers that be" don't quite seem to understand participatory socialist democracies, have issues with it, perhaps feel insecure, and want to go back to the old days that they could understand better (it's not surprising that security agencies tend to attract insecure personality types, among others).

Ayn Rand's philosophy of Objectivism couldn't have been more wrong (as was one of her followers, Milton Friedman with his Monetarism hypothesis). What we're learning about the human condition is quite the opposite, e.g.  Social: Why Our Brains Are Wired to Connect http://www.randomhouse.com/book/212681/social-by-matthew-d-lieberman and this is nothing new: Lev Vygotsky ( http://en.wikipedia.org/wiki/Lev_Vygotsky ), the Mozart of developmental psychology upon whose theories Moodle is based, essentially rewrote our understanding of epistemology and how we learn in Soviet Russia back in the early 1900s.

 
Average of ratings: -
Also me
Re: What has Snowden taught us?
 

In soviet Russia, understanding of epistemology rewrites you.

 

 
Average of ratings: -
Gmads
Re: What has Snowden taught us?
 
Average of ratings: -
Picture of dawn alderson
Re: What has Snowden taught us?
 
Average of ratings: -