Just the fact that we have to start websites like these, and march Capitol Hill to make the government realize its mistake is depressing, infuriating, and is gently, gradually tapping at a hot, steaming teapot of rage within every rational individual's psyche.
What is the root cause? How did this get so incredibly bad? Is it the fault of the public? Is it the public's fault we are in an Orwellian state of Soviet-era Germany? Or does Hanlon's Razor apply here?
In any case, there needs to be more action than just bandage measures like petitions and phoning your Congressman. This level of government negligence deserves an uproar, and sadly we're not getting it because many trust government, and are not skeptical in the slightest about it.
We have those animals called "politicians" to blame for that.
So, if people really want to change, lead a march on Capitol Hill. Be attention-seekers, make a change for the better, not for the worse. Let your life have value, and use that value against the worthless individuals sitting at their desks in Washington.
Just do something worthwhile, not sitting behind that sRGB display of yours. Painless encryption, countermeasures, protests, whatever -- we need to do something.
The reason freedom of speech, freedom of assembly, freedom to petition and host of other freedoms are important is that, from time to time, you need to use them.
Democracy isn't a guarantee that everything will be perfect, quite the opposite, but that we have a reasonable chance of rightening a wrong without erecting guillotines on the national mall.
The challenge IMO isn't petitioning Congress, it's petitioning the public to make sure this issue remains on the radar for the upcoming election (Part of that, though, could well be a noisy march on Washington).
That is one reason I wish this leak had happened two years ago, or two years from now, when it could affect the Patriot Act extension vote. The only thing members of congress can do now is try to defund it, because voting to repeal it might be political suicide.
Democracies have emerged from scandal and abuses of power before, so it not actually insane to believe that it can happen again.
Believing that the outcome will be a perfect fairy-tale land of milk and honey, on the other hand, not so much. It's important to keep in mind that victory in this case probably looks a lot like better constitutional oversight of the FISA courts.
I want to create an integrated, user centered platform, that will provide ( mail, blogging, storage, ftp, feed reader, an openid identity & social networking ) and make it really easy for somebody to install it on a raspberry pi + some external storage and have its own personal micro data center.
For XMPP, I recommend checking out Prosody (http://prosody.im). You can get a working system up with Off-the-record instant messaging and internal file transfers in an afternoon, if you're familiar with UNIX system administration.
If you use a client like Jitsi, you can do ZRTP encrypted calls through the server as well. Use your own SSL certificates for SSL.
Ejabberd is also good, however the debug information was pretty inadequate. Also helps to be familiar with erlang.
Hosting your own email server is sub-optimal for several reasons.
Email is still being sent as plain text. Encryption is possible even if you're using someone else's server.
Your deliverability is reliant upon other people's good will. Those people have no idea who Joe Sixpack in Idaho is, and have no reason to extend goodwill. Your deliverability is also subject to wingnuts using a variety of good and not so good blocklists. You may find your time is better spent doing work rather than working around various weird blocklist delisting policies.
Hosting your own email does nothing to prevent traffic analysis.
The only thing it does is to stop your email being held in a big bunch at an email providers servers, but you can do that by wiping it from their servers and holding a local store. (tl;dr use a commercial email provider but keep your email on your machines not theirs; encrypt everything before sending it; consider using tor if you want anonymity.)
I just want to start by holding my own data. (While you my be right that big providers allow to wipe your mails, they can make copies). I just don't want for a third party to relay my data in the first place.
While your points are right there are solutions, and in the long run it's worth it
More than that. Big companies have big backups. Once a piece of information leaves localhost it is logged somewhere permanently. Even if you go and purge all your email now, Google is not going to spool up tape backups and erase all copies.
Well, I wonder why cant we create too many false positives for them to make the whole data meaningless ?
Instead of hiding all our private communication we can generate fake communication across the whole internet which might raise flags in NSA's system. (I would have given more concrete examples but I am scared that tomorrow some NSA freak might knock on my door.)
I do like the fuzzing idea, but you need some incentives in place. Bandwidth is pretty cheap these days but how would you convince people to install some software that just visited random websites and send randomly generated messages around? But how would actual people filter out the junk messages in a way that the NSA couldn't?
I seems unrealistic. Just run a Tor exit node and encourage a lot of other people to do the same, similar benefits and no downsides.
A more realistic and useful one would be for email clients sending mime email (almost all of them) to always send an encrypted version as well no matter the options in the client. No keys set up? Then just send random data that looks right.
Email providers might hate this because of the bandwidth but if you start sending a lot of encrypted data around right now you are going to match a profile you probably don't want to match. I think step one is to make sending encrypted text around a normal thing.
I want to say a sentence to someone, but in order for an unintended listener not to understand what I'm saying I will say 10 sentences. Five of which will be "I will kill you and everyone you know" and "I will bomb America".
Isn't that just a meaningless waste of energy?
--
The government spies on you because you make it easy for it to do it. Instead, keep your personal data personal, use encryption and there's not much more that it can do, without becoming physical... ( it has no problem doing that either, but at least its intentions will be more obvious that way, and hopefully will wake up all the ignorants that think that some old guys peeking into everyone's lives is justified).
It is. People suck at being random, so there's a good chance that those "false positives" will actually be trivially filtered out. And even if not immediately, this is an algorithmic problem - they will just throw few dozen kUSD at some math and CS graduates to make it go away.
There are some extensions that generate a lot of extra traffic. They were developed around the time that Phorm[1] was being introduced in the UK.
I agree with you and TemPorAL (apologies for incorrect capitalisation!) that these are probably a waste of time for the user - they don't work.
NSA and GCHQ are very good at math - I'm constantly surprised that people don't appear to get this. Maybe it's because secret government agencies don't publish much?
Well I've just learned that the guys from https://www.cozycloud.cc/ have come a long way implementing a user centered platform ( personal cloud ).
It really looks promising.
I have been messing around with this idea for a while with a few friends. I'd love to talk more if you're interested. You can find my contact details in my profile.
The root cause is power, of which money is a conveniently quantifiable manifestation. Power-seeking has occurred continually over time since human populations became dense enough to extrude persistent hierarchies.
Interesting sentiment, and I can't help but think this is why the government seems to fear the youth the most/ships them off to wars in other countries.
Wait, you think a little march and a couple of websites will change anything? Someone still has a some unwarranted faith in humanity!
What will happen is some politicians will make some noises from their face holes, they might promise a few reviews, or to look into a few things. These will be accompanied by rationalisations that seek to marginalise concerns and make it look like these measures are to protect the children and tall buildings.
In a few weeks most of the public will stop caring, partly because of the noise from politicians flapping their gums, partly because of a low attention span. If a review actually takes place, it will report that there was nothing wrong with what's been going on, it's all within the law. A few people will mutter about changing the laws, but most people won't care by this point and the political classes will have a new hot button talking point by then.
Wait, you think a little march and a couple of websites will change anything? Someone still has a some unwarranted faith in humanity!
Organizing and demonstrations can make a big difference.. for those involved in them :P That is to say, it sometimes just plain feels good to see you're not alone with being fed up -- or even better, that you're not alone with the things you're for, either.
Hanlon's razor is my favorite of all razors, and is the principle that keeps me calm in moments like this:
>Never attribute to malice that which is adequately explained by stupidity.
I don't think that the (mostly lawyers) who represent us and run this country are malicious. They're just incompetent. They're simply not qualified to understand and make decions in the fields that they affect. So they call in 'experts' to help , who end up working for or being otherwise paid by a particular group or corporation. Of course these people are paid to bias their groups preference, so the 'expert' advise they give them is tainted, and the representative has no basis to detect the bullshit.
As I follow what has been going on in greece and turkey, I wonder when/under which circumstances we will reach our tipping point?
Maybe when MQ9's start patrolling the skys regularly state side, someone will intercept and take control the line of sight feed and send a message to the individuals sitting in their desks in Washington that the chickens have come home to roost…
What is the root cause? How did this get so incredibly bad? Is it the fault of the public? Is it the public's fault we are in an Orwellian state of Soviet-era Germany? Or does Hanlon's Razor apply here?
In any case, there needs to be more action than just bandage measures like petitions and phoning your Congressman. This level of government negligence deserves an uproar, and sadly we're not getting it because many trust government, and are not skeptical in the slightest about it.
We have those animals called "politicians" to blame for that.
So, if people really want to change, lead a march on Capitol Hill. Be attention-seekers, make a change for the better, not for the worse. Let your life have value, and use that value against the worthless individuals sitting at their desks in Washington.
Just do something worthwhile, not sitting behind that sRGB display of yours. Painless encryption, countermeasures, protests, whatever -- we need to do something.