SoylentNews is people
SoylentNews
Congress has sent legislation to the president reviving and remaking a disputed post-9/11 surveillance program two days after letting it temporarily expire.
The vote in the Senate Tuesday was 67-32. The House already has passed the bill, and President Barack Obama plans to sign it quickly.
The legislation will phase out, over six months, the once-secret National Security Agency bulk phone records collection program made public two years ago by agency contractor Edward Snowden.
It will be replaced by a program that keeps the records with phone companies but allows the government to search them with a warrant.
Senate Republican leaders opposed the House bill but were forced to accept it unchanged after senators rejected last-ditch attempts to amend it.
The story is being covered live by The Guardian.
Senator Dianne Feinstein, one of the most voluble defenders of the NSA in the past two years, has offered a more measured endorsement of Tuesday’s vote. She says she voted for the bill because it was “the best opportunity to quickly get [surveillance] programs back up and running.”
She emphasizes that the bill will allow “this and two other important counterterrorism programs to continue,” an allusion to Section 215 and the “lone-wolf” and “roving wiretap” provisions of the Patriot Act.
“I believe these programs are necessary to protect American lives and prevent terrorist attacks in our country,” she said in a statement.
Deputy legal director Jameel Jaffer of the ACLU, which did not back the USA Freedom Act, has nonetheless described the bill as “a milestone”.
“This is the most important surveillance reform bill since 1978, and its passage is an indication that Americans are no longer willing to give the intelligence agencies a blank check,” Jaffer said in a statement.
(Score: 4, Informative) by edIII on Tuesday June 02 2015, @09:46PM
From Phoenix666's [soylentnews.org] story submission, the answer is:
This has just made me more determined than ever to break them. I'm going with distortion, and I have a few ideas on how to accomplish that. If the records are kept for 18 months, then perhaps the answer is to make those records worthless for the purposes of topological data analysis? I won't pay Verizon over $100 a month anymore because I know they assist the government with this, but also in a most disagreeable fashion, have started recording location data along with those phone records and are making that available to other corporations for marketing purposes. The USA Freedom Act, or Patriot Act #2, doesn't seem to reference the fact that Verizon has a metric fukton more information in those records than a simple *dst and *src.
Unfortunately, wildly corrupt and anti-American bills such as this also constrain other carriers that may be trying to act like nice human beings and good Americans. Even Credo Mobile would be affected by this, so you can't trust them either, even if you did just because they are an activism NGO.
We need to treat the entire phone system as an untrusted and dangerously poisoned collection of routes, and layer technology on top of it. My particular idea is to somehow shift the hardware (or at least the IDs) around such that one week it might Citizen A generating records for Phone Number X, on Hardware Y, and then something different the next week. By load balancing truly unrelated traffic across the untrusted routes I posit that it may be possible to severely disrupt the quality of the obtained data thereby frustrating analysis by the attackers (NSA/FBI/LEO/ORGANIZED-CRIME). Google's project Ara [wikipedia.org] may help quite profoundly with this by making it trivial to exchange the hardware that provides access to the poisoned routes. The easier it is to shift IDs around, the better.
I'm currently working with the idea that most people you meet anonymously and randomly are decent enough Americans, and don't possess the skill sets, to exploit you, let alone be motivated to do so. For myself, I've come to the conclusion that it would be possible to trust this random John or Jane Doe with their connection hardware to exchange it with mine. In doing so, we both obfuscate our true identities and communications. If were to both do so again anonymously in a few days with other citizens, even further obfuscation is possible. A group of a few thousand citizens over time would ostensibly result in "shuffled" records requiring greatly increased resources to properly analyze for the truth.
Our only answer moving forward is to innovate around these truly worthless pieces of shit.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by frojack on Tuesday June 02 2015, @10:59PM
CREDO mobile? Are you serious?
You do understand what a n mobile virtual network operator is don't you? You do know that NOBODY is going to talk to CREDO, they are going to go direct to Sprint. Credo hasn't got any actual network.
All they do is funnel some money to Dianne Feinstein, who fought tooth and nail for this bill.
No, you are mistaken. I've always had this sig.
(Score: 2) by edIII on Wednesday June 03 2015, @01:14AM
I was serious in that they are the only apparent NGO offering cellular service, not serious in that they are an option. If they were, I would have their phone right? :)
My point was that even organizations ostensibly acting for our best interests are simply to constrained by government regulations to work with them directly.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by TLA on Wednesday June 03 2015, @01:47AM
would that be the same Senator who was photographed with her finger on the trigger of a loaded AR15 in a room full of journalists?
Excuse me, I think I need to reboot my horse. - NCommander
(Score: 2) by TLA on Wednesday June 03 2015, @01:51AM
oh my bad, it was an AK47 with a drum magazine. My point stands. She's a fucking psychopath.
Excuse me, I think I need to reboot my horse. - NCommander
(Score: 2) by urza9814 on Wednesday June 03 2015, @03:43PM
Mostly they're funneling money to groups like the ACLU -- the people who have been campaigning against the USA PATRIOT act for over a decade and the ones who originally filed the lawsuit which recently got section 215 ruled unconstitutional.
(Score: 0) by Anonymous Coward on Thursday June 04 2015, @09:25AM
The courts didn't get to rule on its constitutionality because they established that 215 didn't authorize mass spying, thus making the programs illegal if and only if done under that section; after establishing that, the court case ended and no ruling on its constitutionality was given.
(Score: 2) by frojack on Tuesday June 02 2015, @11:03PM
trust this random John or Jane Doe with their connection hardware to exchange it with mine. In doing so, we both obfuscate our true identities and communications. If were to both do so again anonymously in a few days with other citizens, even further obfuscation is possible. A group of a few thousand citizens over time would ostensibly result in "shuffled" records requiring greatly increased resources to properly analyze for the truth.
Good luck with that. Who you goona call? Ghost Busters?
"Hi Mom, can you please answer this email and tell me what your phone number is this week?"
No, you are mistaken. I've always had this sig.
(Score: 2) by edIII on Wednesday June 03 2015, @01:30AM
You know instead of being a dick, you could *read* what my idea was :)
The idea is to treat them as routes . Who said we couldn't layer our own technology on top of it? Is that impossible for you to conceive of a system, whereby a server could keep records of people against hardware addresses? Think DNS and SRV records on top of the routes. So yes, I could email my mother, or I could just use her domain name to retrieve encrypted SRV records for the direct route to the hardware she is currently on, or plain-text records to speak to the proxy that can.........
Of course the system won't work unless the addresses used for the participants are consistent and universal like it is now. With Project Ara, it's not that unreasonable of an idea. As everything is moving towards data, the only thing we care about the route that might change would be IP addresses. That's not an insurmountable problem either, as we handle that the dynamic DNS, etc. So if it isn't a problem now that our hardware routinely changes IP addresses, Host addresses, etc., why is it such a problem that a phone number changes?
More than a couple different ways off the top of my head to coordinate all of that, and securely, and decentralized to boot. I'm serious about this too. So instead of arguing the technical merits about it, which are trivial in some ways, I'm more interested in the idea of trusting somebody anonymously that you run into, more than somebody you know works for government.
If we met on the street, and the technical nature of it was already worked out, would you exchange your communications module with mine? I really do think I could trust you to not care enough to have your communications module tampered with, which would be a heck of lot less concerning if we were pushing encrypted traffic anyways right? We would only need to worry about unvetted or proprietary hardware, and really, just keeping it to long.
Remember, I'm just putting it out there about how we can distort the collected data, and this adds a considerable amount of records and external systems that need to be captured too. What's your idea to accomplish it?
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by urza9814 on Wednesday June 03 2015, @03:50PM
Soo, basically Tor?
Almost everything on my phone already routes through Tor. Not calls, but I never call anyone anyway. (You could try it with some VOIP service but that probably wouldn't work out too well) Texts, apps, and system services all do. Might need to do some additional work to prevent it from still routing your location data back to the provider through Tor, but I've usually got location services disabled because it sucks too much power. Probably wanna replace texting with an app that does OTR as well. Can still be located through the tower, but that just locates the phone; doesn't give any information about what it's actually doing. And even that could be limited by using wifi instead of cell data.
(Score: 2) by frojack on Wednesday June 03 2015, @07:56PM
Remember, I'm just putting it out there about how we can distort the collected data, and this adds a considerable amount of records and external systems that need to be captured too. What's your idea to accomplish it?
Really? Because it sounds like you think this i a solution, and that there exists a world where this could actually work.
You seem totally oblivious to the fact that you have to create MORE tracking data just to avoid what tracking data already exists, and you will require MORE infrastructure to do so.
Even when the world comes down to ONLY DATA handsets, the data is going to be mine-able. You are trying to solve a social evil with a technical solution, but in doing so you simply make it EASIER to for the evil.
There is no technical solution. Its a social problem. People have to get control of their governments.
No, you are mistaken. I've always had this sig.