I'm mystified how any of this helps.

Even in a fully encrypted world, the destination ip and where it came from is not encrypted. Like with phone numbers, if you make a peer-to-peer connection and they can correlate it with any other information (geotagging, etc) they don't need to decrypt or even know what the two people are talking about.

I strongly suspect that the decoding of content, while it may be of use, is not sufficiently advanced. There's no agreed protocol for semantic network evaluation. "The crow flies at midnight" still is (and will likely be, forever) a completely secure form of communication because it requires a realm of shared meaning. It means just as much to a NLP computer as "darmok and jelad at tanagra"

But connections are already neatly encoded. Lumeta has nailed this, and I saw early prototypes of their Internet networking mapping before this was spun off from Lucent in the mid 1990's, and you can see the results of this work  at http://www.cheswick.com/ches/map/

Think about it. Do you think, just from types of cars (no license plates, no text or color info, just (sedan, hatchback, pickup, SUV) moving between addresses, you couldn't figure out who worked for a particular corporation? While big business is still stumbling around in the dark, the creation of accurate, time-dependent maps of all electronic networks tells more about people than any other piece of information, because it is not subject to translation error during the process of encoding and analyzing semantic content. And the precious content which is protected by these tools doesn't even need to be decoded. They can do that later, after the arrest, to retconn a story about how they knew.

Putting together lists like this of "what you can do" just makes n00bs that much easier to track by their metadata. If Ford and GM put tracking chips in all their cars and you reacted by driving around only Yugos, DeLoreans, or a DIY car, doesn't that make your metadata easier to track?

So, for my vote, following recommendations like this is a terrible idea.

Matt.

On Wednesday, June 12, 2013, Andrew wrote:
this is an awesome list of great software. I also think it's important that people understand that privacy, anonymity, and securing require more than just switching to Ubuntu, using Firefox, etc... It requires real changes in behavior, as well as technical solutions. For example, you can use encrypted email all you want, but if the person you are communicating with doesn't also have good security practices they can be compromised and all your communications can be made available to anyone with access to their computer.

Also keep in mind that these technical solutions will never be enough. For example,  keyloggers are easy to trick someone in to installing or can even be placed in to "legitimate" via automatic updates without the user knowing. At any moment Apple, Microsoft, and Google could switch on a network of spying computers unprecedented in American history, (are you sure you and everyone you are communicating with are using 0% software from these companies?).

The point is that this is not a technical problem. And, so far it's still very difficult for the NSA to gain human intelligence, so if you want to share secrets, the best way to do it is over drinks at your friends house surrounded by people you trust.

--Andrew


On Wed, Jun 12, 2013 at 10:46 AM, Eddan Katz <eddan@clear.net> wrote:
"Opt out of PRISM, the NSA’s global data surveillance program. Stop reporting your online activities to the American government with these free alternatives to proprietary software."

http://prism-break.org/

_______________________________________________
sudo-discuss mailing list
sudo-discuss@lists.sudoroom.org
http://lists.sudoroom.org/listinfo/sudo-discuss




--
-------
Andrew Lowe
Cell: 831-332-2507
http://roshambomedia.com