<div dir="ltr"><div><div>I would advocate for thinking about security / privacy as a human problem, not a technical one. You can do all that stuff and cultivate good security / privacy habits.. but you can also cultivate good privacy / security habits and still have a facebook account and a cellphone. <br>
<br></div>You are more likely to be targeted by the FBI because of your associations, publications, or finances than through a snoop app on your cellphone recording all your conversations by default. That can also happen, but the former is more likely than the later.<br>
<br></div>CRZHQ EBKPX<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Jun 12, 2013 at 6:23 PM, GtwoG PublicOhOne <span dir="ltr"><<a href="mailto:g2g-public01@att.net" target="_blank">g2g-public01@att.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<br>
<br>
PRISM is only the tiny tip of a huge iceberg, and below the water
level is the huge corporate data-mining complex that has the goal of
knowing more about you than you do. Fortunately most of it is easy
to beat. <br>
<br>
Install every tracking-blocker and cookie-blocker utility you can
find, on your browser, turn up the security settings as high as they
go, and quit your browser often (some of those anti-snooping
utilities require quitting the browser to flush out the bugs).
Don't use gmail, google voice, google docs, or facebook. Don't keep
your data in a corporate "cloud." Turn off your mobile device
whenever you want to have a private conversation face-to-face.
Encrypt your email, obviously; and for this to become ubiquitous is
going to require crypto tools that are far more user-friendly.
Sprinkling keywords in your email doesn't help and may only attract
unwelcome attention. <br>
<br>
Many of these steps are incredibly easy to take. <br>
<br>
The goal here isn't to have 100% perfect results, it's to keep the
dossiers on you below the level of critical mass needed to assign
you to categories and predict your behavior. It may or may not be
possible to stop them knowing "anything" at all about you, but you
can certainly prevent them knowing "everything" about you.<br>
<br>
Another goal here is to make the data-mining _uneconomical_. The
more people who opt out of being tracked, snooped, and sniffed, the
less profitable it is. If the cost of collecting data on everyone
is more than the marginal profit from doing so, it will stop. By
analogy, if it costs even a tiny fraction of a penny to send an
email, that destroys the business model of spam, so spammers go out
of business. <br>
<br>
-G.<br>
<br>
<br>
=====<br>
<br>
<br>
<div>On 13-06-12-Wed 5:48 PM, Matthew
Harbowy wrote:<br>
</div>
<blockquote type="cite">Yes!
<div><br>
</div>
<div>Don't ignore the tools, use them. Understand them. Expose
weaknesses, just as I did. Don't think the solution to tools is
a better tool. Better is meaningless. Better is very often
worse.</div>
<div><br>
</div>
<div>Your solution, which you look like you're trying to shame me
with, is TERRIBLE. Imaging everyone spamming the networks
constantly with random messages. Oh wait- they already do that,
it's called spam. Lets fill the bandwidth limited fat pipes with
random, so that signal is obscured. Good luck trying to do
anything useful.</div>
<div><br>
</div>
<div>Furthermore, a little Shannon style filtering and you can
easily defeat that. You know, if only a few people all use one
technique, they stand out like a sore thumb. Hide in crowds:
Facebook has its uses.</div>
<div><br>
</div>
<div>More advice: Don't provide recipes for anything. People are
easier to track when they follow directions, do the same thing
over and over. Best advice I got out of 9/11 era Bernie Kerik
was to be random: don't always take the same route. Don't
develop habits. Thieves and other bad guys rely on you following
patterns so that they can find the right moment to strike. And
meta: don't always be random. Don't accept pre packaged anything
all the time, that's garbage. Bake your own.<span></span></div>
<div><br>
</div>
<div>As soon as someone says "solved", tell them to GTFO. Three
hackers have already cracked it. But there are things you can
do.</div>
<div><br>
</div>
<div>The while benefit of the realm of shared experience is that
it plays to the strength of one time pads for encryption. Learn
about the history of crypto and one time pads, and arm yourself.
They can take your freedom, but they can't take your
intelligence, ingenuity, or creativity; and an intelligent or
creative person is forever free.</div>
<div><br>
</div>
<div>Matt</div>
<div><br>
</div>
<div><br>
<br>
On Wednesday, June 12, 2013, Paul Ivanov wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Matt,<br>
<br>
Matthew Harbowy, on 2013-06-12 16:17, wrote:<br>
> I'm mystified how any of this helps.<br>
<br>
There is no silver bullet, so those recommendations won't be
some<br>
magical privacy pixie dust you can just sprinkle and feel warm<br>
and fuzzy about, but at least encryption helps you secure the<br>
content of your communication (not the fact that communication<br>
occurred).<br>
<br>
One can imagine even the latter being obscured. I could
automate<br>
the sending of randomly generated encrypted messages at a<br>
particular time of day (say at 16:17), but have that process
be<br>
pre-empted by a real message, should I choose to send one (so
not<br>
my randomly generated message gets sent out, but the one I
want<br>
to actually send). One drawback, of course, is that if I
queued<br>
up a message at half past four, it would be almost 24 hours<br>
before it got sent. (Though the upshot of a protocol like this<br>
would be that the intended recipient would know they'd only
have<br>
to check their email once a day, if they're interested in<br>
receiving messages from me)<br>
<br>
Should more frequent communication be desired, you could
switch<br>
to sending gobbledygook messages at a certain minute of every<br>
hour. Of course, the recipient has to "wade" through
potentially<br>
more random messages with that, but that's the price you pay.<br>
<br>
> So, for my vote, following recommendations like this is a<br>
> terrible idea.<br>
<br>
Are you proposing an alternative, or should be just throw our<br>
hands up in resignation?<br>
<br>
best,<br>
--<br>
_<br>
/ \<br>
A* \^ -<br>
,./ _.`\\ / \<br>
/ ,--.S \/ \<br>
/ `"~,_ \ \<br>
__o ?<br>
_ \<,_ /:\<br>
--(_)/-(_)----.../ | \<br>
--------------.......J<br>
Paul Ivanov<br>
<a href="http://pirsquared.org" target="_blank">http://pirsquared.org</a><br>
_______________________________________________<br>
sudo-discuss mailing list<br>
<a>sudo-discuss@lists.sudoroom.org</a><br>
<a href="http://lists.sudoroom.org/listinfo/sudo-discuss" target="_blank">http://lists.sudoroom.org/listinfo/sudo-discuss</a><br>
</blockquote>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
sudo-discuss mailing list
<a href="mailto:sudo-discuss@lists.sudoroom.org" target="_blank">sudo-discuss@lists.sudoroom.org</a>
<a href="http://lists.sudoroom.org/listinfo/sudo-discuss" target="_blank">http://lists.sudoroom.org/listinfo/sudo-discuss</a>
</pre>
</blockquote>
<br>
</div>
<br>_______________________________________________<br>
sudo-discuss mailing list<br>
<a href="mailto:sudo-discuss@lists.sudoroom.org">sudo-discuss@lists.sudoroom.org</a><br>
<a href="http://lists.sudoroom.org/listinfo/sudo-discuss" target="_blank">http://lists.sudoroom.org/listinfo/sudo-discuss</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br>-------<div>Andrew Lowe</div><div>Cell: 831-332-2507</div><div><a href="http://roshambomedia.com" target="_blank">http://roshambomedia.com</a></div><div><br></div>
</div>