amuck-landowner

How do you feel about the NSA spying?

MannDude

Just a dude
vpsBoard Founder
Moderator
This topic is making the rounds everywhere else, figured it'd be a good topic for discussion here. I've included a handful of random links from different sources below incase you're unaware of whats going on.

http://theweek.com/article/index/245311/sources-nsa-sucks-in-data-from-50-companies

http://gizmodo.com/what-is-prism-511875267

http://finance.yahoo.com/news/u-collects-vast-data-trove-063600648.html

http://online.wsj.com/article/SB10001424127887324299104578529112289298922

http://www.guardian.co.uk/world/2013/jun/08/nsa-prism-server-collection-facebook-google

AYr5tl8.jpg

But seriously, this shit has been happening for a long time. Don't forget about that NSA Utah Datacenter. No, they don't offer collocation but they may have a backup of your data there already ;)
 

Chronic

Member
Not much we can do about it, to be fair. I'd like to think the people would get a say and be able to stop this kind of espionage, but ultimately we're fairly powerless apart from abandoning all forms of communication. Like you said, they've been doing this for a while now anyway.

Edit: The only way to beat them is to join them. :)
 
Last edited by a moderator:

MannDude

Just a dude
vpsBoard Founder
Moderator
Not much we can do about it, to be fair. I'd like to think the people would get a say and be able to stop this kind of espionage, but ultimately we're fairly powerless apart from abandoning all forms of communication. Like you said, they've been doing this for a while now anyway.
Sadly the vast majority of the public can't be bothered anyway, as they possess the, "I've got nothing to hide" mentality and don't mind this sort of stuff because it has no perceived impact on their lives. Then again, you've got people who have no privacy anyways because they post every minor detail about their life online.
 

TheLinuxBug

New Member
The sad part is everyone is acting like this is a new thing.  It has been going on for a long time now, just it wasn't brought to light (Think: just like the LEB/LET Scandal) So, does it suck? Yep.  Do I see it changing anytime soon? Nope.  Do I think its right what they are doing? Nope, they are trashing out rights as Americans (but that isn't a new thing either).   

Why do you think NSA is building a huge new DC in the Maryland/Washington area? Could it be that they plan to backhaul all the data from NY and Ashburn, VA before it heads over seas so they can sniff through it? Mmmm more "meta data". 

Cheers!
 

KuJoe

Well-Known Member
Verified Provider
I'm more upset that Google has more information about us than the NSA does. Seriously NSA, get your crap together or you'll be outsourced.

The government agency designed to keep tabs on us is less equipped than an internet marketing company and a cell phone provider. That's scary.
 
Last edited by a moderator:

Aldryic C'boas

The Pony
I'm more upset that Google has more information about us than the NSA does. Seriously NSA, get your crap together or you'll be outsourced.

The government agency designed to keep tabs on us is less equipped than an internet marketing company and a cell phone provider. That's scary.
Not really, when you think about it.  When has government EVER done something more efficiently than a privatized competitor?  The DMV and Post Office are two examples of that.
 

drmike

100% Tier-1 Gogent
I'm more upset that Google has more information about us than the NSA does. Seriously NSA, get your crap together or you'll be outsourced.
 

If you look at most of these Silly-con Valley companies enough you'll discover the federal government funded them.

Facebook was certainly funded directly by intelligence money.

Google hired the top person at DARPA (black ops development wing) and recently someone else senior from DARPA jumped to them also.  It has plenty of government investment along the way.

Face it, these companies exist to get around limits on government to track and monitor.   We pounded the feds over spying and secret floors in telecom centers quite a number of years back.  Echelon was that?  

So they just funded these pawns who collect absolutely everything you could ever want from the zombie mASSES.

Government doesn't do the spying, so it's all legitimate.  They get their backdoors, APIs, data sets, data on demand access.

Me, I am highly pissed about the spooks and their spying.   We ought to go looking for heads to hang over it.   A few dead idiots would send the right message to Washington, DC, legal death penalty of course.
 

A Jump From Let

New Member
Haha the poor people. Hahaha, so finally ya knew tht hidden Google somewhere tht has accezz to client side, but, bwhaha with also bwahahaha server side bwahahhaa data included at bwahaha results bwhahahah

Wasn't Internet an internal project for army? obviously they've brought people a demo outside of their walls in past years, FOR A REASON, right? Maybe it's time to take it back. OK, shut it down plz. Now users can go sleep, or die.
 

rsk

Active Member
Verified Provider
If you don't have anything to hide, I do not see the problem.

However, what if the something you are hiding is not illegal? What if what you are hiding is just seen as "wrong" by your culture or environment? (Although it being fine - I guess..)

Then that is a different story all together.
 
Last edited by a moderator:

Chronic

Member
If you don't have anything to hide, I do not see the problem.
That's assuming the guy on the other end of the data stream is playing fair as well. Even if the NSA as a whole is using the information appropriately, an individual employee with access might not.
 

acd

New Member
Not much we can do about it, to be fair. I'd like to think the people would get a say and be able to stop this kind of espionage, but ultimately we're fairly powerless apart from abandoning all forms of communication. Like you said, they've been doing this for a while now anyway.

Edit: The only way to beat them is to join them. :)
This attitude is wrong. There's plenty you can do to make it significantly more difficult for the NSA or any outside observer to capture your packets and communication. Here are a few options in order of ease of use:
  • Use SSL. For both your personal outgoing and on your websites; If an incoming connection is not SSL, redirect to SSL. With the proliferation of AESNI, this is getting extremely cheap for longer connections and only marginally more expensive for single ones. Cheap enough now with free ssl cert providers (e.g. startssl) that you can do it on pretty much any site.
  • Contact your government reps and express your concern. It may not get a lot done, but this is how the process works.
  • Use VPN. Find an anonymizing provider you like and start using them frequently. @wlanboy, posted an abbreviated quickstart guide (full guide) for getting started with openvpn on your dd-wrt router and get it to the point where you forget its even on. Any kind of *nix router that allows you to install binaries should be able to make it nearly transparent with some DHCP + openvpn/l2tp+ipsec/softether. with VPN endpoints in the 10-15$ per year range, you can with reasonable safety push your personally identifiable web traffic off your ISP to someone who is making their living off maintaining trust with their clients by providing anonymizing.
  • Secure your email. As a user, enable encryption for those recipients who support it and sign everything. Granted signatures don't prevent people from reading your mail, but it does provide assurance that you are who you say you are and a recipient might send a pubkey back for you to encrypt future emails. If running your own mailer daemon, configure it to try ssl first and verify certificates. Only provide IMAPS/993 (or POP3S if you're still using that) to off-server access.
  • Compartmentalize web browsing and network access. On your desktop, set up some lightweight VMs that boot from a shared, read-only disk image w/ distinct home directory mounts per VM. Spin one up when you need it and suspend when you're done. google apps in one. financials in another, social networks in a third, shopping in a fourth. If you really want to go nuts, you can have these go out different VPN endpoints pretty easily. There are probably web browsing sandboxes that do this easier, but most of those let flash out of the sandbox. Granted, this alone won't help against monitoring by IAs, but it'll limit your XSS & CSRF damages and mess with advertising people a fair bit.
  • Host your own services or find a provider who cares about security. Use services that are modeled like email; multiple hosts can group if they want (e.g. jabber) or can be completely separate.
  • Use darknets. Get your friends together and start carving up some fd00::/8 (IPv6 ULA) and link your VPNs together. You can set up routing manually with some GRE-in-IPSEC links or use something like cjdns. Maybe get a little crazy with some BGP.
  • Configure opportunistic encryption. Get some DNSSEC and IPSECKEY records for your in-addr.arpa delegations. Set up your IPSEC stack to attempt opportunistic encryption.
In the end, intelligence agencies will win the security game if they want to. These options only make it harder for them to opportunistically monitor that which they should not be monitoring without a court order.

Not really, when you think about it. When has government EVER done something more efficiently than a privatized competitor? The DMV and Post Office are two examples of that.
The administrative overhead of Medicare is quoted at 1% when executed in-house and 6% through privatized outsourcing by independent (scholarly journal) study. Private medical insurance agencies have an administrative overhead typically greater than 10%, usually in the high teens range. This suggests a significant cost advantage to federalized medical insurance.

The Post Office delivers last mile service to rural america where many privatized services (e.g. FedEx, UPS) do not because it doesn't make them money. In fact, they often hire the post office to do last mile delivery for those areas. IIRC, their budget deficit is due to a government mandate that they forward fund their retirement plans for all employees (even those not yet hired) through 2019 to the tune of 3-4B/annual. They're also much cheaper than fedex/ups at any distance delivered for first class, media mail, and flat rate, and approximately on par for costs for overnight, etc. The addons for delivery confirmation, package tracking, etc, bring them up to cost with their private competitors. I think they do pretty well for themselves.
 
Last edited by a moderator:

blergh

New Member
Verified Provider



Might be interesting for you guys and girls.
 
Last edited by a moderator:

mitgib

New Member
Verified Provider
The administrative overhead of Medicare is quoted at 1% when executed in-house and 6% through privatized outsourcing by independent (scholarly journal) study. Private medical insurance agencies have an administrative overhead typically greater than 10%, usually in the high teens range. This suggests a significant cost advantage to federalized medical insurance.
From my understanding, Medicare dictates rates and many do not accept it as payment, so other private plan while more costly may provide better care.  This whole Obamacare is a can of worms I am very interested in seeing how it plays out, I have high hopes, but the Government's record on being successful is stacked against it. 

Then there is Social Security, while it was never intended to be a sole source of income in retirement, has turned into just that for a great many.  I was speaking with Joel (Chief) last week and he was describing how it works in Australia that you still had a Government mandated contribution, but it was self managed, much more similar to a 401k, and I felt it sounded like a much better solution, and how could the US transition to something similar. 
 

jhadley

New Member
Verified Provider
This video explains why you should care, even if you have nothing to hide:


And to those who are outraged, will you be doing more than writing angry messages on forums?
 

Chronic

Member
This attitude is wrong. There's plenty you can do to make it significantly more difficult for the NSA or any outside observer to capture your packets and communication. Here are a few options in order of ease of use:
All nice and dandy, but try getting the vast majority who struggle with day to day computer tasks to use that. They simply can not and will not. Unless a solution applies to everyone, not just the most technical savvy and paranoid, I don't consider it a solution at all. I'm sure there are plenty of ways to secure oneself from prying eyes and you've neatly listed several of them, but you also have to consider the value of such practice in comparison to the practicality. Personally I have nothing to hide so I'm not going to sacrifice a major portion of usability for the sake of keeping my trivial activities secret. Once you reach the stage where you go full-out tech hermit, you realise that you sacrificed most of what you were trying to protect in the first place.
 
Last edited by a moderator:

KuJoe

Well-Known Member
Verified Provider
While I dislike the "if you have nothing to hide..." mindset, I equally dislike the "evil government needs to stop..." mindset. I find it foolish to think the government will take my phone calls or e-mails and use them to make my life hell. At the same time I find it just as foolish that people complaining about privacy carry smartphones with GPS chips and cameras, both which can be activated remotely by people that don't report to anybody.

I'm comfortably in the middle of it all, I find it easier to put all my info out there publicly than to try and hide it and at the same time I keep the curtains closed and my webcam unplugged when I'm not using it. I do use VPNs 99% of the time, but that's because it's always on and I'm too lazy to turn it off when I don't need it.
 
Top
amuck-landowner