NSA director Mike Rogers testified in front of a Senate committee this week, lamenting that the poor ol’ NSA just doesn’t have the “cyber-offensive” capabilities (read: the ability to hack people) it needs to adequately defend the US. How cyber-attacking countries will help cyber-defense is anybody’s guess, but the idea that the NSA is somehow hamstrung is absurd.
Thanks man. Now, what really bothering me is what's happening at the other side of the pond. That the user adopts good practices when configuring software is a must. Been there, done that.
And then there's this little tiny thing, where at the other side, a 3rd party is actively disabling that way of communication. Whether an encrypted communication is possible or not, that's not an issue, the fact is that they are, arbitrarily and without user intervention, making it impossible to use a secure method.
If that's not a dead giveaway of the intentions behind it, I frankly don't know what is...
Taking into account the fact (well known to ISPs and the like), that 99.9 % of internet users do not have the first clue as to how to properly configure an email client.)
I don't know man... I hope it's all just a perfect blend of my level of paranoia and my lack of understanding of the subject matter.
Thanks a lot. On the token of "stupidity trumps malice", call me a tin foil, but it's undeniable at this point, when every day the entire world is waking up on what has been and is happening behind the curtains, that malice is winning by a landslide (as far as government and corporate overreach goes).
Of course, that does not take anything away from stupidity, which is rampant. But if even with all the facts and evidence that are a click away, we still attribute to stupidity things like this, we are really making it exponentially easier for this things to keep on going.
In any case, ultimately it does not matter the nature of the beast, what matters is how to avoid it. And always be vigilant of things like this.
Could anyone explain, in laymen terms, the following aspect of this issue? (Maybe it's already explained but I'm unable to see it, so I apologize in advance, I don't have the technical background to understand most of this)
The fact that packets are being modified in transit to purposely disable encryption, that happens with no warning or error message to the end user, unless of course the user knows what he/she's doing, and the connection takes place nonetheless, IN THE CLEAR, even tough the user wanted to use encryption technology?
So, the message (or wahtever) is sent, and the whole time the user thought was using an encrypted means of communication and never noticed that that wasn't the case?!
Am I missing something? Please someone tell me that the user gets an error message and the connection is NOT established, or something, that the user does not send anything.
(Even if that's the case, what about machine to machine communications? Big data sent back and forth automatically, without user intervention?)
If I'm correct, (and I hope I'm not), this should be a crime, it's encryption disabling technology without the user's consent and knowledge that it's happening in the background, in real time. What about corporate secrets, R&D, scientific/academic research, medical records, financial records, etc, etc.
This is flat out malicious interference, wtf...
I really thank anyone and everyone who can comment on this and put my suspicion (or my worst fears) to rest.
I've just deleted my Dropbox account. (Yes, I know my stuff remains in their servers, I don't care) However, I'm in the painful process of detaching myself from all US companies I've trusted with my data.
I'm taking my time tough, since it's of no use reacting in anger. I just thought appropriate to share with you my feedback to Dropbox when they asked for it, right before you press that button:
(Mind you, of all those conveniently formatted reason as to why "you are leaving", 'Privacy related issues' was nowhere to be seen. So, Reason: Other.
Not that this comes as a shocking surprise nowadays but still... I value my privacy more than anything because it's the foundation of liberty as a citizen under any democracy. It's a fundamental human right.
National Security Process received 0-249 Accounts affected 0-249
We all know that you are not allowed to disclose how many NSL's you have been served, much less disclose how much information you produced, but what you are saying here, the way I see it, is that you have received 249 NSL's and of course you complied with every single one of them. That is particularly damaging, first and foremost to your company, because many of us lost the only thing that keeps this relationship going: Trust.
I was planning on upgrading my account maybe next year, for professional and academic reasons I will need the space to store a lot of data. I'm forced to look elsewhere, spideroak seems to be a promising alternative, we'll see...
Needless to say I am NO criminal, nor I intend to become one in the foreseeable future, I'm just a regular guy who wants to mind his own business and enjoy my well earned liberty as a free citizen. I'm a productive member of society, and I contribute in several ways to the betterment of my community.
I will neither tolerate nor sit idle when my personal data is shared willingly or otherwise with a dark branch of your government that is violating your own Constitution and your Bill of Rights, and let's not forget, the Universal Declaration of Human Rights.
We, in the rest of the world, are well aware that in the eyes of your government, foreigners do not have any rights, by your laws we are sub-humans. So much for having "the moral high ground"...
It's a shame really, because I really liked your service, and I'm the first to acknowledge that you provide it for free. I guess I should thank you for that...
This service is really useful, the UI is neat and clean, but the blatant privacy violations you have been complicit/facilitators/compelled to forward to your government, who by the way is not mine, far outweighs the practical benefits.
Don't get me wrong, I understand that you, as a private company may be the last to deserve the blame, I'm not accusing you of this whole ordeal, however you are deceiving people with a really lame PR + Damage control campaign with what you say in your policies.
Much better than displaying "empty numbers" that lead to believe or assume the worst possible scenario, adopt a warrant canary.
That may not be much better, but it's still something, of course, if you really care about your customers and users. "Put your money where your mouth is", as you guys say up there...
To end on a positive note, thank you for all these years providing a great service, and I hope my files on Object Oriented Programming 101 have been of use to the NSA. (Don't think so, but hey... we never know) In my modest opinion, they are of little intelligence value. I'd advice looking for more renown authors. :P
Note: sorry for poor formatting, couldn't get to display hyperlinks correctly
Indeed. I've assumed long ago that the sociopaths running the Military/Intelligence[sic]/Surveillance Industry hold that as a core principle to exploit to their advantage. It's a rookie's attack vector: to undermine any reputation and trust an organization may have built over time (in this case Reddit.com) via infiltration, disinformation, obfuscation and other methods older than the sun.
That's why it's paramount to defend against such a critical and vulnerable aspect of any social entity.
On that token, there's good news and bad news: On the bright side, many strategies can be put in place and should be enforced 24/7, and you pointed out some of them. If I may I'd like to expand where you left off; I would argue that having a "small" group of people as the "Accountability & Transparency Police" is not a bad thing per se. Actually, if implemented correctly it could be very efficient. (Of course the mere total would have to come up from a ratio of the total users and some other meaningful metrics so as to be able to keep up with the data flow, but this whole point is a matter of a long debate).
As far as the community's role, I think it's essential that it complains, not once or every now and then, but every single time. And that property of a community, the ability to pin-point and address wrongdoing is not something to be taken lightly. On top of that, I posit that if anything, a group of commons has three powers that are both rights and obligations: to complain, to be vigilant that best practices are observed at all times, and to denounce/report wrongdoing WITH evidence (such as time-lapses, screen-caps, logs, etc).
All that falls under the responsibility of the entire community, and it should be. Of course, if that community perceives no upper structure of accountability, no system that will look into these things, it all falls apart. So every layer has duties to fulfill.
Admins, Mods and Managers can not do the "job" of the community and vice-versa.
On the Dark Side, It's just another canonical example of an arms-race, a never-ending battle between measures and countermeasures, because as you can imagine, even IF (huge if) a strong-organic-dynamic system is put in place and it actually works, it's just another big target to conquer in the eyes of these pseudo-soldiers without a war or a real enemy to fight. And they have endless money and time to hack at the problem. Of course, that should never be a deterrent for trying.
The Ultimate Facepalm is that in the Information Age, with one foot in the 21st century, Sysadmins, Mods, as well as Regular Systems/Networks Users, we all have to get proficient in the Sun Tsu's Art of War, and very fast.
So far that's been a must only for Management and Military, but as information has always been and always will be the ultimate power, we all have to catch up. That is, of course, if we innocent and free people of the World would want to stand a chance.
It could be another powerful tool for social gathering (at a massive level) and where you are welcome to engage in elevated discussions. That's what powers that be fear the most.
Yes, we know it, internet is 99% porn & trolls. Still, that 1% is huge and the impact those virtual oasis can have in real life is proven time and time again.
A smarter(?) move would be to NEVER trash a site that is deemed untrustworthy, otherwise common folks would be doing exactly what those in power want, hopping on the mouse wheel, stuck on an infinite loop of social sites that take a lot of time to develop, spread and establish. (That often takes a lot of time rather than little, and that is LOST time, which they also capitalize).
No, no, a common "base case" would be to get the people in charge of the site to put a system in place that guarantees transparency, at the very least in terms of Moderators and Management. (Yes, I know, guaranteed transparency belongs to the Realm of Utopia... but you get the idea. If I were running the site, or if I were a mod, I would have to answer to somebody for my actions. I would stand by my decision if I ban a subreddit and would have to give all the details as to why I made that call. My actions would then have to be audited by a group of peers or superiors.
Anyway... just some thoughts thrown into the ocean. It can't hurt to brainstorm a little...
Disclaimer: I've never used Reddit, I find that format particularly confusing. I do acknowledge however the potential it has to gather people and minds from all walks of life. And that's a huge power. And those corrupt in power know that far better than us. Sites like that should never be given up easily. To pin point the rotten apples and expose them should be a must. But never to burn the entire box.
I'm more worried about "the other" slip. If it's true that E.S. is in some Russian airport,they will do everything in their illegal (abuse of) power to prevent him from reaching any destination. Of course he (or someone down the chain) is going to scramble jets.
They know that IF he gets to any country that's going to grant him asylum, it's going to be a very long halt. Of course, if that doesn't play out, the second option always apply in their sick-twisted-criminal minds: they most certainly will attempt to snatch him in the dark, special force's style. They don't give a single fuck about other Nation's Sovereignty.
For this matters alone, I really hoped he could have stayed in China or Russia, the only two countries that could have granted him some decent protection.
I really hope I'm dead wrong, but hey, it's the U.S.A. "Land of the Free, Home of the Brave"
Techdirt has not posted any stories submitted by Kenpachi.