Hacker News new | past | comments | ask | show | jobs | submit login

One thing I see people saying on here is that people should care....and I do...but I don't know _what_ to do with it!

Can someone show/tell me what I, an average person, can do? It feels a bit overwhelming and things like this point out how powerless we really are. I hope I'm wrong and there are things we can do...I just don't know what they are.

EDIT -

Asking two more specific questions:

1. What can we do technically to be safe?

2. What can we do to fight this? Petition Government? Support EFF? Other? Very much at a loss on #2




Yes to Petition your government, contact your congressperson, and support the EFF.

The problem with making yourself 'technically safe' is that it realistically leaves most non-technical people exposed.

The only way to 'protect' everybody is to cure the cancer, not just your symptoms.


The problem with making yourself 'technically safe' is that it realistically leaves most non-technical people exposed.

then lets make everybody safe technically. it's hard, but doable. if everyone ran tor and 10% of users ran tor relay, that should be a hell to track, no?


I think you missed the point of my comment. Though running tor or other technical solutions are possible, getting penetration into the non-techie world is very difficult.

You're proposing a technical solution to a legislative problem. Working with the law (constitutional or otherwise) creates the environment where you aren't trying to work around the issue or 'hide' from anybody.

Privacy laws are there for your protection. As another commenter mentioned, you wouldn't accept the gov't or private corporations reading your mail, e-mail shouldn't be any different.


Whenever I mention libertarian principles on HN I get a mixed response, but this is one situation where we must demand individual rights. We need to elect politicians like Ron Paul who oppose big government intrusions into our privacy. This country is supposed to be a bastion of liberty and we go to war to "protect freedom" and "democracy" and yet we are less and less free every day. When we see articles about Chinese "human rights abuses" many are quick to condemn them and other countries perceived as less free than ourselves. Yet I have observed that the US has been headed in a very totalitarian direction for at least the past decade while China has been headed the opposite way, towards more and more freedom. Yes, the Chinese have filtered Internet today, but in the last century they've moved from Feudalism to Communism to a mixed economy. We have gone from having the most freedom in the world to having a Department of Homeland Security, TSA, NSA, Patriot Act, full-body X-Rays, and country-tapping.


The flip side of course being that libertarians generally oppose the kind of government regulation that could stop this heinous merger from further destroying an already non-classical market.


We need more government regulation to stop...government regulation?


Government regulation will not stop this, it's top secret. Just give the NSA less money.


We need to elect politicians like Ron Paul

Ran Paul has a pretty safe seat in the house. It is not practical to expect Americans to elect him president. I believe the OP asked for practical advice.


Maybe his son, Rand (Senator-KY), will someday run. He may stand a better chance.


Not really. Any political consultant worth his salt could easily paint Rand Paul as a racist, given his comments on the Civil Rights Act. (http://voices.washingtonpost.com/right-now/2010/05/rand_paul...)

Just to be clear, I'm not saying I think Rand Paul is a racist. I'm just saying I don't think he has a chance in a national election.


It is clear from the context what Paul is saying and I don't think anyone who hears him speak for more than 2 minutes will believe he's a racist:

PAUL: Well, I think what you've done is you bring up something that really is not an issue, nothing I've ever spoken about or have any indication that I`m interested in any legislation concerning. So, what you bring up is sort of a red herring or something that you want to pit. It's a political ploy. I mean, it's brought up as an attack weapon from the other side, and that's the way it will be used.

But, you know, I think a lot of times these attacks fall back on themselves, and I don't think it will have any effect because the thing is, is that every fiber of my being doesn't believe in discrimination, doesn't believe that we should have that in our society. And to imply otherwise is just dishonest.


I suppose not caring at all about black people is not expressly racist, indifference and dislike are rather different, no?


Paul is neither indifferent nor racist. He is explicitly pro-civil rights and anti-racist.


This.


Now you have an excellent opportunity, AT&T wants to merge with T-Mobile. Start a campaign saying that the merger will expose T-Mobile customers to NSA wiretapping. Buy some facebook ads and start something.


What is to say T-Mobile isn't already doing something similar? AT&T was only exposed because of the whistleblower.


Do you think T-Mobile's spokesperson is going to make a factual correction to that claim, something along the lines of 'don't worry all our customers are already wiretapped?'. Since this will never happen the argument is valid.


Besides using SSH and VPN more, the only thing I can do is avoid ATT.

I was on T-Mobile for years (out of ATT spite) until Verizon got the iPhone and I jumped within the week. I also spent a lot more money on internet using alternatives to ATT DSL (although I doubt my information was more secure from that choice).


I'm guessing those other big companies are just as bad, however. Might not have the facts yet, but being paranoid leads me to think that way....


I feel the same. What we would need is a telecommunication company that puts the respect of privacy as one of its core goals (think Zappos), and not just in the boilerplate license agreements. Although entering that arena has high entry costs, it seems like a huge demand for such a service exists.


Quest communications was allegedly the only telecom co that didn't roll over to the NSA:

http://en.wikipedia.org/wiki/Qwest#Refusal_for_NSA_spying

A lot of time has passed, and they have a new CEO. I wonder if they have continued to hold out, or have quietly installed the black-room...

EDIT: I see they were just acquired last year by CenturyLink. I have to doubt that they have now not rolled over (call me a pessimist).

Very sad that corporations are so willing to forsake the privacy of the entire country's citizens (on the level of a constitutional breach) in order to make a dime or curry favor. Beyond sad, it is terrifying that the government then used warrantless wiretapping to specifically target our journalists:

http://www.theregister.co.uk/2009/01/25/tice_nsa_revelations...

...at least according to the same source that was responsible for leaking the existence of the black-rooms in the first place.

Sigh. Maybe I'll pick up my old copy of 1984. It's getting ironic now.


Considering other ISPs peer with AT&T this is really everyone's problem.


Try doing a trace route to several different sites on the internet, you'll find that -- so long as your traffic is hitting the US at some point -- your information is crossing AT&T's networks.


Not to nitpick but the article says that the sniffing is on "traffic to and from AT&T customers".

So it is not clear whether this applies to all traffic through AT&T routers, or only traffic to and from AT&T customers.


This applies to a large majority of traffic in and to, and even through, the United States. Because of the way traffic 'finds the quickest (or best) route possible' you're almost guaranteed to pass through one of their points of presence.

Since this article was published it's likely that other providers were pushed into doing the same thing. If I'm not mistaken, there was even an exec. shake-up at Verizon as a result of them not wanting to concede to the NSA's demands.


Verizon has claimed that their disclosure of customer's private data is protected by the first amendment.

http://arstechnica.com/tech-policy/news/2007/05/verizon-says...

http://www.democraticunderground.com/discuss/duboard.php?az=...


This is probably related to AT&T's role as a backbone provider, which probably predates their purchase of McCaw Cellular.


Tweedledum vs. Tweedledee


worse than that- AT&T is buying T-mobile apparently.


T-Mobile was the only telco that has avoided logging the goods that the feds want: http://paranoia.dubfire.net/2011/03/negative-impact-of-at-pu...


If any of the major webmail providers, with millions of active users, offered "brain dead" PGP (i.e., PGP signatures by default, and automatic PGP encryption and decryption whenever possible), many of the others would follow suit and a lot could be done to counter this kind of program ...

... and, furthermore, it would take a huge bite out of spammers and phishers while allowing you to, e.g., talk to your doctor and banker over email without needing to sign in to some other closed service.


For a while, I've liked the idea of a client-side PGP plugin for Gmail. Essentially, you have a greasemonkey (or bookmarklet, whatever) script which performs the encode on send and save draft, and the decode on receive.

Of course, it kills Gmail's big feature, which is search. But for that, I figure you could take the wordlist from the email, hash each one individually, and then paste that at the bottom of the message. So your searches would still find matching messages, they'd just be a garbled mess to Google or any interceptor.

This doesn't seem like it'd be terribly complicated, but I don't think anyone's done it.


Encrypt each word with a secret key, rather than just hashing it.


We could use GPG for normal e-mail correspondence. But I really don't know if this would do anything more than delay any problems.

In a similar vein, I've deleted all the trusted root CA certs from my computer, and am now marking individual certs trusted as I hit them. Not fail-safe, but safer, I think.


I don't understand what you're doing. When you get an individual cert, are you adding another trusted authority to verify that cert? If you're just trusting the individual cert, you're exposed to MITM.


Yes, you're exposed to MITM. But if you permantly mark the cert as trusted, and the MITM goes away, you'll know somethings has changed. You'll be blind as to which way things changed, but at least you'll know to investigate.


Haha, this doesn't make any sense. How can you possibly know the real cert from the one generated by NSA?


Great question! Unfortunately, I don't think you can.

If you use CA certs to trust site certs, the site certs can change on the fly (i.e. be replaced with an NSA interloper) without you knowing.

If you kill your CA certs, and mark individual sites trusted, than at least your browser will notify you if the site's cert has changed since you lasted trusted it. Theoretically. I haven't actually tested this yet. :(


Call them on the phone and ask them to read you their cert fingerprint. Or use this: http://www.networknotary.org/firefox.html


Phone lines are secure of course ...


>In a similar vein, I've deleted all the trusted root CA certs from my computer, and am now marking individual certs trusted as I hit them. Not fail-safe, but safer, I think.

Excuse my ignorance, could you tell why it's useful to remove the certs from a PC. I've heard about root certs a couple of times already but don't understand what they really are.


Basically if you see a certificate on the interwebs, it goes through and says:

"This particular website is X". And it can back this up with all sorts of fancy math.

The problem then, is how do you know that the particular certificate is correct? I can go through and make a certificate saying that i'm santa clause. How you get around that is by using another certificate that you already have, and using that to certify the websites certificate. Ie. if you trust godaddy (or the hong kong post office), and I have a certificate saying that i'm me, signed by godaddy, then you can trust that i'm me.

The collection of certificates that you trust are then called the "root ca", and having random certificates there is a problem because if one of them was to produce a forged certificate, you'd never know about it. ie. by adding in untrusted certificates to your root ca, you lose trust in the whole certificate chain of trust process.


Thanks for the explanation. After taking a look at the certificates that come with Windows, I can see that there are dozens of trusted root certificates, issued by some organizations that I've never heard of. Can I really trust those "root ca"? especially that I noticed some differences between the two PCs that I've checked!


Usually the OS or browser vendor chose them, so it is normal that they differ between computers. But the CA trust chain really sucks, as one compromized CA compromizes everything (the security of the system relies on the security of the weakest root CA).


Can someone show/tell me what I, an average person, can do?

Get personally involved with your representatives and senators. Write paper letters, call, and show up in person. Be friendly and talk with other voters at the events you show up to. Educate them on this issue. Abandon party affiliation, work with both Democrats and Republicans.


Use https as much as possible.

I note that Hacker News still doesn't have https access...


Is there anything private on HN? The packet headers will still say that you went to HN, and when. The only thing it's blocking directly is knowing your username. That's pretty straightforward to figure out from correlating POSTs to the comment timestamps.


My password might be considered private.


#2 - What about writing some sort of client that sends data with sensitive phrases to overwhelm the system with false positives?


It's called "spook". In Emacs, "M-x spook":

cryptanalysis Roswell blackjack Exon Shell Ruby Ridge NORAD Al Jazeera world domination Becker cybercash nuclear csim SHA Leuken-Baden BLU-114/B


That could be construed as a denial of service attack and would be illegal (or at least in a very murky legal grey area).

Also you seem to have forgot that most AT&T customers have bandwidth caps in place that would make it difficult for them to run this attack in the first place.


The idea isn't to spew data at AT&T like a DoS, just taint all your boring communication to make them have to sift through more junk. For example, add extra "scary" keywords in your outgoing HTTP headers.

  X-Spook: Hamas subversive War on Terrorism Kosovo Delta Force


I am pretty sure it doesn't bother them. They don't actually go through the data, otherwise encryption would defeat the surveillance.

There are many other more useful signals (and the fact that you use encryption is probably one). The goal is to find outliers, not people using scary words Furthermore it would be probably quite easy for them to filter that kind of "DoS", it is just too simplistic. If you come up with something more clever they probably are interested about knowing more about you anyway.



1. Donate to the EFF and the ACLU.

2. Encrypt everything. Or at least something randomly. Even the NSA will have a hard time cracking AES 256 when large amounts of traffic are encrypted.


So after applying to YC today (worried that I borked my app) I had the following idea - which is an evolutionary idea from the one I applied to YC with, I dont know if this is possible - but I want to throw it out to HN:

I would like to see mobile end-to-end secure communications apps that allow for users to have completely encrypted message passing.

I had the following idea - please tell me if this would work:

You have a distributed truecrypt file system with a client that the users run on their device, and intermediate cloud storage.

Each user device is a "folder" on the file system - messages are effectively truecrypt encrypted files that gave saved out to the remote folder that == the recipient.

The system would notify you that you have a new file that has been pushed to your folder - you can then decrypt and read it.

However - I feel that the weakness would be in the required key/passwd to open the files -- this might not be securable.

It may require that folders between two users have a known password on each eand - and that for every contact/recipient you would have to have a separate key (they could be the same value, but still separate) thus a communication looks like this

[typed mesage] --> [truecrypt'ed file] --> [to: folder] --> [routing engine/store and forward] --> [from: folder] --> [truecrypt decrypt by user] --> [user reads message]

But in a mobile environment...

Anyway - half baked stream-of-thought idea... Why would this not work?


I think you're trying too hard. There are existing protocols (S/MIME, PGP, Jabber, etc.) for transferring messages in a secure manner. I'd pick the one that fits your scenario and wrap it up in a shiny app.

AFAIK, there are several IM apps that could support encryption, but I don't think they are actually doing so (and if they are, they aren't advertising it). As it is, end-end secure communications is not (I think) on anyone's feature bullet-list.


eh, there exist plenty of things that are nice and shiny.

I can take pidgin and OTR and with about three minutes worth of "You should click here", have it set up easily enough that even a complete non techy can use it.

The problem is 1) It requires installation and 2) People don't know it exists. (Strangely enough, once it's installed i've never had anybody move back, mostly as pidgin is a fair amount nicer to use then MSN)


You may be right, however one advantage of this method is that any messages and files are seen as exactly the same: a secure truecrypt encrypted file transfer.

No differentiation between a txt or file...


Truecrypt is a container for storing a collection of files. Unless you're interested in the deniability aspects of Truecrypt where an alternate passphrase yields decoy data, off-the-shelf SSL with sufficiently large keys is more than adequate to secure the transport layer. I suspect your biggest challenge there would revolve around key authentication to prevent MITM attacks.


In the context of this discussion, you are talking about creating a crypto solution that prevents the NSA from sniffing your customers. Not a casual packet sniffer, the NSA. This is not the time to be running off and implementing your own crypto!


Freenet, Phantom or Tor. Pick one and make it easier for people to use. Designing a whole new system isn't what we need, a "just works" system is.


How do you know that the NSA isn't listening to those? It would seem more appropriate to make public-key encryption easier to use. There are already well-defined ways to use it with email, and there's OTR for IM that could be applied to multiple protocols. Granted, only the contents of the communications are hidden in these cases, but that's a big step forwards.


I'm sure the NSA is listening to Freenet, but it doesn't matter. That's the advantage of Freenet.

Among the disadvantages of Freenet are that it's incredibly slow, difficult to find content on, and cannot access content on the regular internet.


Everyone is listening to TOR, always ensure that encryption is in use. Always ensure encryption is in use anyways with anything important.


Furthermore, always ensure authentication is in use with anything encrypted.


I know of Freenet and Tor, but haven't heard of Phantom. Because the word 'phantom' returns a huge number of irrelevant Google results, I haven't been able to find the project. Care to throw us a pointer?



You will have a "car accident."

Well, actually you won't, but only because you will "listen to reason" when some well-dressed uninvited guests come over for an evening chat.

Call me mad, but do you ever wonder why there is no consumer hardware PGP telephone?


This phone doesn't exist because there's not a market for it. I definitely wouldn't buy that. I, like a lot of others, don't have anything to hide from the government so even though I oppose the wire-tapping i'm not going to inconvenience myself to keep arbitrary data and idle chat secure.


We'll meet in the labor camps one day and have a good laugh at each other's expense.


As if they'd let you live.


> do you ever wonder why there is no consumer hardware PGP telephone?

Not on the analogue phone. But you can easily get a TLS-enabled or ZRTP-enabled hardware or software VoIP phone. Many vpbx providers will also provide you with a vpn tunnel endpoint if you ask about it often enough.

Also, since the analogue phone PSTN interface is pretty trivial to handle, there are multitude of analogue encryption boxes which work as an adapter to the line. Plug & play. You could even use a pc to compress the voice on one side, encrypt, send over an established modem connection and decrypt on the other side.

You don't need the analogue phone itself to do that at all.


> Not on the analogue phone.

And not on a consumer cell phone, either.

> But you can easily get a TLS-enabled or ZRTP-enabled hardware or software VoIP phone.

In theory, arbitrarily strong/usable encryption products can be marketed within the USA.

In practice, from this list:

A) Usable by non-experts (requires no software fiddling, hardware mix-and-match, or other wastes of time)

B) Based on uncrackable/de-facto uncrackable cryptosystem (One-time pad, Public Key - respectively)

C) Affordable by / marketed to ordinary people

We are permitted to choose only TWO.

>...the analogue phone PSTN interface is pretty trivial to handle, there are multitude of analogue encryption boxes which work as an adapter to the line.

Analog "scramblers" are a joke. Any seriously-interested party can crack any and all of them without breaking a sweat.

>...use a pc to compress the voice on one side, encrypt, send over an established modem connection...

Sure, you can use a PC. But if you package this up as a pure-hardware solution usable by anyone who already knows how to use a telephone, certain people will take steps to ensure that your product does not stay on the market.

I do not know what the penalty is for violating the "gentleman's agreement" between the NSA and the electronics industry. But I would not care to find out.


Example of a system doing A+B+C -> Skype. You can claim that they have some way to clone the traffic for NSA use - maybe they do, but from the technical point of view - they satisfy the requirements. It also relies on Skype doing proper authentication / identity presentation.

Hardware-only plug & play box will never work here. You actually have to know something about the connection - information provided out of band. And I don't think most people would accept pressing ~150 digits on the pad as an easy solution.

Analog encryption does not end on scramblers and they don't have to be a joke. As mentioned before, put 2 modems together, apply gsm encoding and any digital encryption you want.

There's a lot of FUD here. If you come up with a proper system, black vans will take you away; NSA has gentelman's agreement; your product will disappear from the market; etc. etc. I don't think you can prove any of it and I can't disprove it either, so I'd rather stay with things we can be sure about.


> Skype

If it doesn't have backdoors now, it will soon. The remote-intercept capability mandate for land line phones is in the process of being extended to all commercial VOIP.

> Hardware-only plug & play box will never work here.

This looks like an example:

http://en.wikipedia.org/wiki/Secure_Terminal_Equipment

Or, for that matter, this:

http://www.gdc4s.com/content/detail.cfm?item=32640fd9-0213-4...

> I don't think you can prove any of it

Naturally.

But the absence of any easy-to-use/uncrackable/provably non-backdoored secure voice phone on the market is proof enough for me.


> But the absence of any easy-to-use/uncrackable/provably non-backdoored secure voice phone on the market is proof enough for me.

If you have to worry about being monitored by government, a super secret phone will not help you anyways. If it's worth doing, your room / furniture / clothes / windows are already bugged and all you say will be recorded before it hits the phone. I really think a provably secure phone is a non-issue.


If it's worth doing, you will be caught and tortured. "Extraordinary Rendition."

The worth of the phone is to prevent you from turning into someone who ought to worry in the first place.

Bugging room / furniture / clothes / windows is expensive.

The NSA is known to use voice recognition and keyword search. It is no longer necessary to already be a target in order to be extensively and intelligently eavesdropped on.


How would a phone use an OTP? Would you send the key by carrier pidgeon to the guy every time you wanted to make a phone call?

There's absolutely no way to get security without some sort of verification by the user. At the very least, you need someone to verify that the keys are correct "can you read me your phone's security serial?". It shouldn't be too hard to create affordable, usable phones based on PKC. The problem is that nobody cares who listens to their conversations, because it's all "where are we meeting tonight/that movie was shit/i can't believe X did Y".


Public key cryptography seems like the wrong choice for phones, because it's relatively computationally intensive, and you'd want a phone to use the cheapest hardware imaginable. However, there is an alternative that would work.

You can use a symmetric cipher (AES is the current standard), and exchange keys via Diffie-Hellman key exchange, which is a method of securely generating a shared private cipher key over a public channel.

As I understand it, the primary advantage of public key cryptography is that it makes encryption and decryption asymmetric processes - i.e. everyone can encrypt something using your public key, but only you can decrypt it, because only you know your private key. In the phone case, the asymmetry would actually be annoying, because both parties want to send encrypted messages to each other, so you'd have to deal with two key pairs for each phone conversation.

See http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exch... and http://en.wikipedia.org/wiki/Advanced_Encryption_Standard .


That's how most encryption protocols work now, by exchanging symmetric encryption keys at the start. There are protocols to do this, PGPfone was written in the 90s.


> How would a phone use an OTP?

A year of 9600 baud is ~36.1 GB.

Hand-deliver a flash stick once a year.

Obviously this is not a solution for everyday telephony between strangers. But RSA could be.

> nobody cares who listens to their conversations

This is true mostly because seriously caring is at present impractical.


the issue is that the client runtime environment is poisoned as well


Suspecting as much



Not sure what your point is, here. I listened to it, and it was very interesting, but the speaker has actually implemented encrypted communications on Android, so he clearly isn't too worried about it being poisoned.


I'm not sure there is one perfect 100% answer for that question, but I might suggest "that was then, this is now?"

https://twitter.com/#!/moxie__/status/48185775111684096

It is probably worth noting that the speaker (and tweeter) has had some significant delays in the last year while clearing customs.


Oh, I've no doubt that the authorities dislike him. The SSL certificate story made that clear. :-)


Vote, for one thing.

Geez. How, difficult is that? Oh wait, you guys only have one option laid down as only two parties... tough.

Before you start to disagree, name one candidate that had "end patriotic act" on their government plan.


As I recall, Kucinich, Gravel, and Paul all did.


I confess i wasn't living in the US during the last elections, so i only followed the elections from international news sources.

and i have no idea what those names means (paul i may have heard about while reading slash dot)

That also reminds me of that simpsons episode where the aliens take place of the democrat and republican candidates, and when they discover they are aliens trying to take over earth, someone shouts that he will vote for somebody else. the alien just says "go ahead, waste your vote" and the guy agrees and feels defeated.


VOTE KANG


The support of wingnuts like Kucinich and Paul guarantees that an issue will be ignored by 99.8% of the country.


Actually, if Kucinich and Paul agree on something, it's probably worth listening to.


I'd take government by a diverse group of wingnuts who enact the laws they all agree on, over government by a homogeneous group of centrists any day.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: