Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Submission + - A dinner with NSA General Alexander

Noryungi writes: Jennifer Granick, former Civil Liberties Director of the Electronic Frontier Foundation, now Director of Civil Liberties at the Stanford Center for Internet and Society, recently had dinner with NSA Director, General Keith Alexander. Her story is well worth reading... Especially for the cognitive dissonance between the NSA objectives and Civil Liberties activists.

Comment Re:Notice (Score 1) 986

Nope. But they can shut down abruptly, like Groklaw and Lavabit did.

No, they are part of a much larger conglomerate. Said conglomerate may choose to cooperate with NSA/TLA agency, and choose not to divulge the fact to their users. (This being said, Slashdot has had problems of that nature before, although much less dire). The only solution would then be for the Slashdot crew to take the high road and resign "en masse", while publicly stating why as the Lavabit founder did.

I bet a LOT of people would be freaked and outraged by such an event.

I am not so sure of that, unfortunately. (sigh)

Hell, imagine the fallout if something like Wikipedia were to suddenly shut down with no explanation beyond a message like the one currently sitting on Groklaw.

Been there, done that. Maybe that is what is needed: worldwide protest against the NSA? Black pages everywhere? Again, I am not sure that this would change anything, but one can dream.

Comment Re:Where will this end? (Score 5, Insightful) 986

Educate yourself: Lavabit founder has specifically stated that he did not wat to compromise the privacy of his users.

Source: https://lavabit.com/

My Fellow Users,

I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit. After significant soul searching, I have decided to suspend operations. I wish that I could legally share with you the events that led to my decision. I cannot. I feel you deserve to know what’s going on--the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise. As things currently stand, I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests.

What’s going to happen now? We’ve already started preparing the paperwork needed to continue to fight for the Constitution in the Fourth Circuit Court of Appeals. A favorable decision would allow me resurrect Lavabit as an American company.

This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States.

Sincerely,
Ladar Levison
Owner and Operator, Lavabit LLC

He has also stated that he could be arrested for shutting down his site:

Source: http://investigations.nbcnews.com/_news/2013/08/13/20008036-lavabitcom-owner-i-could-be-arrested-for-resisting-surveillance-order?lite

I may be ''rather fucking stupid'' as you say, but, at this stage, I trust Lavabit more than I trust the NSA.

And please learn the difference between "convent" and "convenient". I am not a religious person and I have no intention of ever becoming a monk.

Comment Re:Where will this end? (Score 0) 986

You don't have to be a dick about the "her site, her rules" stuff. We, as her readers, are entitled to express our opinions about the closure just as she is entitled to do as she sees fit.

True, but a reminder about who owns the site is always a good thing. Besides, what are you doing here, except expressing an opinion ? (I'll grant you it's not on Groklaw itself, but still...)

Furthermore, she may well intend to serve our interests anyway, so our input as her readerbase would be welcome, presumably.

She is taking pre-emptive action, in the interests of her readers and contributors. I respect that.

Comment Re:Where will this end? (Score 5, Insightful) 986

Pj, you gutless coward! Come back!

Two points:

1) It's HER site. If she does not want to continue, for whatever reason, it's HER choice. Disagree with her? Create your own Groklaw.
2) Especially given the Lavabit precedent, I can understand her decision.

Remember: you may be secretly ordered to spy on your own users, and secretly prevented to even mention this to anyone - including your own lawyers - and threatened with criminal prosecution if you decide to do right thing and shut everything down. Big Brother wants to be able to watch you. All the time.

As for being a ''gutless coward'' (your words, not mine), try running a high-traffic, high-visibility web site for a while, with all the attendant legal problems and shenanigans (see above), and we will talk about it for while, mmmmmkay?

Comment Re:Yep (Score 5, Informative) 407

Let me add a few datapoints here, as a reminder...

1) The AES competition was launched in part because DES and 3DES were cracked by EFF using FPGA-based brute-force decryption machine. Source :
https://en.wikipedia.org/wiki/EFF_DES_cracker
https://w2.eff.org/Privacy/Crypto/Crypto_misc/DESCracker/HTML/19980716_eff_des_faq.html

As a reminder, DES was THE standard crypto algorithm, vetted and approved by NSA. It could be cracked by EFF only because of Moore's Law and some serious budget and effort.

2) Public-key cryptography was invented separately at GCHQ (UK NSA) and NSA itself, several years *before* Diffie-Hellmann. Source:
https://en.wikipedia.org/wiki/Public-key_cryptography#History

So, yes, these people (NSA/GCHQ) are very good at what they do. They have had at least 10 years of head-start, since cryptography was considered for many years just a branch of mathematics in academic circles. These guys work on nothing but crypto and digital/analog communications, year in, year out. Do not underestimate them.

3) One of the first electronic computers, was delivered to the NSA in the 1950s. NSA later suggested improvements to the company that built it. The first Cray supercomputers were delivered straight to NSA. Again, that was in the 1950s, when most computer companies (IBM comes to mind) were still struggling to define what a computer was good for. Source:

http://www.nsa.gov/public_info/_files/cryptologic_quarterly/digitalcomputer_industry.pdf
http://www.physics.csbsju.edu/370/mathematica/m1_eniac.pdf

4) The NSA and GCHQ have a long history of backdoors. They love these things, as they make their life so much easier. Read on Venona, Enigma, Ivy Bells: all of these were made possible by intercepting/copying one-time pads, selling "unbreakable" German encryption machines and tapping undersea Russian cables. And I am willing to bet these are just a small fraction of what these people have done over the years. Source:

https://en.wikipedia.org/wiki/Venona_project
https://en.wikipedia.org/wiki/Enigma_machine
https://en.wikipedia.org/wiki/Operation_Ivy_Bells

Again, this is just a small fraction of what NSA and GCHQ have done over the years. So, yes, suspecting backdoors in open-source software is... shall we say... only natural.

If I was paid to be a professional paranoid, I would be taking a very long hard look at my computers and telecom equipment right now.

User Journal

Journal Journal: Some more utilities for the toolbox...

From the excellent Daemon Keeper blog:

IPSET (Quickly add numerous IP addresses to NetFilter/Iptables) : http://ipset.netfilter.org/
http://daemonkeeper.net/781/mass-blocking-ip-addresses-with-ipset/

Comment Imagine this for a 5th scenario (Score 1, Informative) 768

This is sometime in the future, in a country strikingly similar to the USA.

You are a young woman.

You are pregnant, due to a rape - maybe your scumbag boyfriend did it, maybe a stranger, maybe even a relative - does not matter.

You decide to terminate the pregnancy.

Since your state does not allow abortion (or puts so many ridiculous rules it's almost impossible to get one), you contact - through a secure email address - a clinic in another state and request an appointment, how much it is going to cost, what's the procedure, etc. and get answers from a doctor. All that information is stored on your laptop, either with full disk encryption (best solution), or in an encrypted file (not-so-good).

Finally, you manage to borrow/beg/steal enough money to go to the clinic, where a doctor performs the abortion. You go home and try very hard to forget about the whole thing.

One day, due to some mistake on your part -- let's say you talked to the wrong person -- state police knocks on your door, arrests you for terminating the pregnancy, seizes your laptop and discovers the incriminating evidence is encrypted.

Since they can charge you with terminating the pregnancy and/or not respecting the state rules on abortion and/or not communicating properly your intention to terminate the pregnancy, but ONLY if they have some solid evidence, they put pressure on you to give them your secret key.

What do you do? Plead the 5th. And then it becomes a case of "he said/she said"... And you get off scot-free, since there is no incriminating evidence, except for some testimony.

So, yeah, given the conservative and regressive nature of the abortion policies in many states, this may, unfortunately, become a possible scenario in the near future.

Now, change a few words in the above story - make abortion ''sexual experimentation that your local laws frown upon'' for instance - and you have another very plausible scenarion EVEN TODAY.

What you do with your own body should be nobodies business but your own.

User Journal

Journal Journal: It is to laugh

I love this comment:

vi is a kitchen knife.
vim is a really nice, sharp, balanced chef's knife.
Emacs is a light saber.
Most of the time, my job requires me to chop vegetables. Occasionally, I have to take on an entire army of robots.

(Source: http://stackoverflow.com/questions/48006/is-it-worth-investing-time-in-learning-to-use-emacs)

Slashdot Top Deals

Surprise your boss. Get to work on time.

Working...