From http://www.theregister.co.uk/2016/06/10/bernerslee_warns_of_spying
Speaking at the Decentralized Web Summit conference in San Francisco run by the Internet Archive, the engineer [Inventor of the World Wide Web, Sir Tim Berners-Lee] joined other internet notables including "father of the internet" Vint Cerf and Mozilla head Mitchell Baker in discussing how to strengthen the open internet as well as ensure its contents are retained over time.
"The web is already decentralized," Berners-Lee told attendees. "The problem is the dominance of one search engine, one social network, one Twitter for micro-blogging. We don't have a technology problem; we have a social problem."
[...] founder of the Internet Archive, Brewster Kahle: "Edward Snowden showed we've inadvertently built the world's largest surveillance network with the web. We have the ability to change all that."
The conference featured the developers of many tools that aim to retain the internet's decentralized nature, such as Blockstack, Ethereum, Interledger, IPFS and others.
It's not just the World Wide Web, it's the entire internet: your phone reports on your location at all times, apps on it flush contents of your phone to the owners of the app, almost all websites do some sort of tracking (most of them using Google Analytics), e-mail providers happily hand over anything to anyone asking, and the rest is vacuumed up automatically by the NSA.
So with that in mind: how are Soylentils protecting themselves online aside from the usual (i.e. not running javascript or 'use a VPN')?
Related Stories
Sir Tim Berners-Lee gave an interview with radio station WBUR about the state of the Web and its future:
Berners-Lee initially imagined the web as a beautiful platform that could help us overcome national and cultural boundaries. He envisioned it would break down silos, but many people today believe the web has created silos.
And he still largely sees the potential of the web, but the web has not turned out to be the complete cyber Utopian dream he had hoped. He's particularly worried about the dark side of social media — places where he says anonymity is being used by "misogynist bullies, by nasty people who just get a kick out of being nasty."
He also identified personal data privacy, the spread of misinformation, and a lack of transparency in online political advertising as major problems with the current Web in a letter marking the World Wide Web's 28th birthday last month.
Previously: World Wide Web Turns 25 years Old
Tim Berners-Lee Proposes an Online Magna Carta
Berners-Lee on HTML 5: If It's Not on the Web, It Doesn't Exist
The First Website Went Online 25 Years Ago
Berners-Lee: World Wide Web is Spy Net
Tim Berners-Lee Just Gave us an Opening to Stop DRM in Web Standards
Exclusive: Tim Berners-Lee tells us his radical new plan to upend the World Wide Web
This week, Berners-Lee will launch Inrupt, a startup that he has been building, in stealth mode, for the past nine months. Backed by Glasswing Ventures, its mission is to turbocharge a broader movement afoot, among developers around the world, to decentralize the web and take back power from the forces that have profited from centralizing it. In other words, it's game on for Facebook, Google, Amazon. For years now, Berners-Lee and other internet activists have been dreaming of a digital utopia where individuals control their own data and the internet remains free and open. But for Berners-Lee, the time for dreaming is over.
"We have to do it now," he says, displaying an intensity and urgency that is uncharacteristic for this soft-spoken academic. "It's a historical moment." Ever since revelations emerged that Facebook had allowed people's data to be misused by political operatives, Berners-Lee has felt an imperative to get this digital idyll into the real world. In a post published this weekend, Berners-Lee explains that he is taking a sabbatical from MIT to work full time on Inrupt. The company will be the first major commercial venture built off of Solid, a decentralized web platform he and others at MIT have spent years building.
If all goes as planned, Inrupt will be to Solid what Netscape once was for many first-time users of the web: an easy way in. And like with Netscape, Berners-Lee hopes Inrupt will be just the first of many companies to emerge from Solid.
[...] [On] Solid, all the information is under his control. Every bit of data he creates or adds on Solid exists within a Solid pod–which is an acronym for personal online data store. These pods are what give Solid users control over their applications and information on the web. Anyone using the platform will get a Solid identity and Solid pod. This is how people, Berners-Lee says, will take back the power of the web from corporations.
How does Solid compare to Tor, I2P, Freenet, IPFS, Diaspora, etc.?
Related: Tim Berners-Lee Proposes an Online Magna Carta
Berners-Lee: World Wide Web is Spy Net
Tim Berners-Lee Just Gave us an Opening to Stop DRM in Web Standards
Sir Tim Berners-Lee Talks about the Web Again
Tim Berners-Lee Approved Web DRM, but W3C Member Organizations Have Two Weeks to Appeal
70+ Internet Luminaries Ring the Alarm on EU Copyright Filtering Proposal
One Year Since the W3C Sold Out the Web with EME
(Score: 3, Interesting) by Nerdfest on Monday June 13 2016, @11:22AM
Blocking javascript is always good of course (uMatrix!), and I'm a fan of Privacy Badger [eff.org]. Donating a few bucks to the EFF is also probably a great long term investment. I think we'd be a lot better off if peope thought farther ahead than the next few days.
(Score: 3, Informative) by WizardFusion on Monday June 13 2016, @11:34AM
On my phone I have a firewall/application control app that limits what apps can do.
Even with this, I don't download and install apps that ask for everything - why should a game want access to my contacts, etc.?!
On my laptop, I have the same thing. F-Secure Client Security (an old version) has an out-bound firewall, so any applications wanting internet access, F-Secure pops up and asks me.
When at home, my DNS server has a block list from http://pgl.yoyo.org/as/, [yoyo.org] updated about once a week.
As well as the usual ScriptBlock, uBlock Origin, etc browser plugins.
(Score: 2, Informative) by anubi on Monday June 13 2016, @11:48AM
Informative. Thanks. Incidentally, your link had an extra comma at the end... reposted, sans comma...
http://pgl.yoyo.org/as/ [yoyo.org]
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 4, Insightful) by ledow on Monday June 13 2016, @11:49AM
So you're only dependent on the upstream DNS servers, an insecure out-of-date F-Secure (and that is probably querying a remote server to check the "safety" of the program in question against their database), and the browser for your privacy.
This is the point. Not that you can't browse the web. But that you can't do it without the control of third-parties in the loop - everyone from ICANN to F-Secure.
(Score: 2) by frojack on Monday June 13 2016, @05:29PM
Those may help. But your phone can't help reporting your location due to the simple need to connect to towers and tell those towers which phone calls it will accept. And then each app that you DO allow to accept connections re-establishes its connection with those motherships so you get your emails, text messages, game score updates, weather reports etc. etc.
The net itself is even worse, because just finding the connections that exist is extremely hard. If you can't explain every single listening or establoshed connection shown at the top of a simple "netstat -anp" display you are probably at risk from things you never knew were running.
Then after wading through those, you realize the next piece of hardware up stream is as big a tattle-tale as your phone
I've been thinking about what Berners-Lee and friends were saying since the article first appeared. I was thinking of submitting it, but someone beat me to it.
I've concluded that it couldn't have happened any other way. Even if encryption was built into every single connection and every single app, the net still would have ended up as a great spying machine. Its the very nature of humans to remember who they talked to, and about what, and generally when that happened. Few are so anal as to write all of that stuff down. But computers make that easy, and some of our laws make that mandatory.
So I ask, How could it have turned out any different?
No, you are mistaken. I've always had this sig.
(Score: 2) by dmc on Monday June 13 2016, @09:36PM
That's a stupid question. That's like saying that because each of a hundred different forms of government would all fail to prevent every last murder, that being selective about your form of government is a waste of energy.
If instead of FCC-10-201 net neutrality spinning some lovely fairly tale about empowerment on the internet, including 'Sir Tim's wonderous invention, they had actually made that fairy tale a reality- Then we could have all been running our own federated home email servers, and when the NSA PRISM architects realized they would have to slurp shit straight out of all of our homes instead of just the Googleplex... Well, it would have been different. Would it have prevented every last murder? No, but it would have been quite different.
(Score: 5, Informative) by Runaway1956 on Monday June 13 2016, @11:45AM
Well now - no-script is probably the single biggest thing you can do. Just stop your own computer from reporting on you. Don't allow those scripts to snoop through your brower, it's settings, plugins, fonts, etc. The importance of stopping scripts really can't be over emphasized, now can it?
Cookies. Don't accept them unless they are necessary - that is, the site won't run without cookies. But, few sites are really that necessary. Right here on Soylent, the cookie is a convenience, but it's not a necessity.
Block advertising. Pretty much all advertisements today come from a relatively small number of servers. Block those servers, and they can't track you. Block Google analytics, and Google loses much of their leverage.
Blocking Windows telemetry is becoming a big thing. Windows is phoning home, and you don't want Microsoft to know anything about you.
Don't be a part of the big social network - Facebook. I know, you just almost have to have an account. Pretty much everyone has a Facebook account, and sometimes you need to check on someone. An invalid parent maybe, the kids at home, whatever. But, FFS, don't be the damned fool who posts every minute of your day to Facebook! And, trash all those Facebook apps. Each and every app is a camera and microphone into your life, with a "developer" trying to capitalize on it.
All by itself, a VPN isn't worth much. If you're accepting cookies, allowing scripts to run, and advertisers are installing super cookies to your computer, the VPN is totally worhtless. The browser is identifying itself despite the VPN. But, if you're blocking most or all of the crap, then a VPN does have value. Use a cookie manager to clear those cookies - you can whitelist the half dozen that you deem necessary, and have the browser discard all the rest every several minutes, or at the end of a session.
Don't sign in to Google, or Yahoo, or any of those other "services" providers. Or, if you must sign in to make use of Gmail or whatever, use another browser to take care of all your other business. Once you're signed in with a browser, Google or whoever has a lot of access to your other tabs and windows. Use a different browser that shares no data with your signed-in browser.
Avoid those damned toolbars like the plague. Few of them have any redeeming value whatsoever - all of them "phone home" to someone.
Firewall settings. If you run Windows, especially if you run an aging version of Windows, you don't want ANYTHING coming in from the web, uninvited. Firewalls are not a bad idea for other OS's, but they are essential for Windows. Shut down EVERYTHING that you don't actually use. No vector, no spying, no exploit. If you never use FTP, just close port 21, you don't need it. If you don't close it, then the bad guys might use it against you.
Shut down any services you don't need. I've used Blackviper's tweaking advice since I found his site years ago. If you don't need that remote assistance service, then disable it. Don't be afraid to disable half of Windows services. If you're not real sure, disable that service, and run your computer for awhile - if you can do everything you want to do, then that service is unnecessary for YOU.
Best practices say that you never open an email attachment, unless you were expecting it and you know what it is. Don't click links in your email. You have little idea where you'll end up, and chances are there is a "drive-by" waiting to download itself.
Stay away from the porn sites - they have a long history of being exploited, then, in turn, exploiting people watching the videos.
Uninstall Flash. Better yet, uninstall all Adobe products. It's not that long ago that Adobe had more unpatched exploits running in the wild than even Microsoft had. You don't need any Adobe stuff - there are satisfactory substitutes for everything that Adobe publishes.
I guess that's nearly it. I'll think of something more after I click "submit" - but this is a good starter at least.
(Score: 2) by Nerdfest on Monday June 13 2016, @11:50AM
Last I heard, gossip and entertainment sites were a bigger malware vector than porn sites. It may have changed of course.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @11:54AM
Wait, there are people frequenting porn sites for other reasons than (a very special form of) entertainment? Or what makes you think porn sites are not entertainment sites?
(Score: 4, Funny) by LoRdTAW on Monday June 13 2016, @12:53PM
I watch porn for the dialogue.
(Score: 1, Funny) by Anonymous Coward on Monday June 13 2016, @06:12PM
For me it's the fabulous sets and the special effects that keep me riveted.
(Score: 3, Interesting) by opinionated_science on Monday June 13 2016, @12:40PM
A nice list. I would add that Browsers (Firefox, Chrome) and have different profiles - so use them!!
I have many profiles from the ultra paranoid, to the somewhat lax, and use the browsers for specific purposes.
I find it greatly improves the user experience, for some sites that don't work properly....you can fine tune a profile.
Oh, and I ONLY use chrome to access google crap. I use chromium for other "chrome" friendly sites...
I'm a Penguinista ;-)
(Score: 2) by tangomargarine on Monday June 13 2016, @04:27PM
Well now - no-script is probably the single biggest thing you can do.
Block advertising.
Stay away from the porn sites
One of these things is not like the others...
(going to various free porn sites with NoScript and AdBlock is perfectly safe in my experience)
"Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
(Score: 2) by Phoenix666 on Monday June 13 2016, @04:39PM
It's a good list, and thank you for providing it.
I would say, run Linux and you eliminate a good chunk of what you're talking about. Second, run NoScript and UMatrix and you eliminate a good chunk of the browser-based stuff you're talking about.
The real crux of the matter is the physical network stuff you're talking about. Software is easy, download it and you're done. Hardware is harder. How do you get a server in Boston to communicate with a client in Roanoke unless your info travels through a corporate- or government-controlled line?
That's a piece of the puzzle for us citizens to solve. If we can solve it, it eliminates one of the most pernicious groups of companies who oppose our freedom, the telecoms.
Washington DC delenda est.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @06:19PM
But it misses the point.
All of these steps are the digital equivalent of preppers, and ultimate force the hand of escalation until you are spiking directly into a line with a food bucket and 56k modem.
There lots of different ways to do anonymity, but reducing the usefulness of a tool is assbackwards IMHO. Might as well go back to sneakernet.
Making the data worthless seems more effective long term, like if you could design a program to do random searches and visit random pages, so it becomes impossible to detect signal from noise.
Eventually tech will progress to where reliance on telecos will be less pronounced, but for this particular epoch, you might as play along with an ace up your sleeve.
(Score: 2) by number11 on Monday June 13 2016, @08:05PM
Making the data worthless seems more effective long term, like if you could design a program to do random searches and visit random pages, so it becomes impossible to detect signal from noise.
TrackMeNot [nyu.edu] works for Firefox, Chrome, and at least some derivative programs like Pale Moon.
(Score: 2) by number11 on Monday June 13 2016, @08:20PM
Note that random searches are a 2-edged sword. They increase the noise level, which is good. OTOH, they may sooner or later search for "anthrax kiddie porn jihad bomb", which could conceivably attract unwanted attention. Though it's more likely to be something like "our apr nov consensus divided" (the last thing my browser seems to have searched for). Random searches have the most desired effect if lots and lots of people are doing them.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @08:36PM
Actually, that works in your favor.
For any search, if you can prove the extension was installed, you have plausible deniability.
Same works for encryption, privacy settings, etc. (a lot of people have to use them otherwise they stand out against the traffic).
Anyhoo, best practice is assume you are being tracked regardless, and work from there.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @08:23PM
Perfect. Thank you.
(Score: 2) by Tork on Monday June 13 2016, @08:43PM
🏳️🌈 Proud Ally 🏳️🌈
(Score: 2) by everdred on Monday June 13 2016, @09:56PM
I tried this for a while, and it was a hassle. Instead, you probably want something like Tab Cookies [google.com] for Chrome, or Self-Destructing Cookies [mozilla.org] for Firefox. These extensions will accept all cookies from sites you visit, and then delete the cookies set by a given site once you no longer have that domain open in any tab. (You can whitelist certain domains so its cookies are kept, for logins you'd like to have persist.) You get all the functionality of accepting cookies on any site, and are subject to none of the long-term (cookie-based) tracking.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @11:49AM
It has done so since the invention of the cell phone. It may now also do it via the internet (and thanks to GPS, with greater accuracy), but it always did through the phone network protocol (GSM, CDMA). If it didn't, nobody could call you on the mobile phone.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @12:55PM
While it did do that,
the location was limited to the cell tower where it could find you, for technical reasons.
Currently it's the exact bar/restaurant, highway, ... where you are, and I can't think of any other reasons than to invade your privacy. Added to that, this is reported to all those app's and pretty much any company that has something installed on your phone, while previously that was just the telecom provider and maybe the gov with some subpoenas.
(Score: 2) by choose another one on Monday June 13 2016, @03:19PM
> the location was limited to the cell tower where it could find you, for technical reasons.
Er, no. For technical reasons it was a lot less limited than that:
a) the towers always have multiple antennas, therefore the tower and the direction are known - it may only be a 120deg arc, but that is still three times better than which tower
b) range from the tower can be estimated from transmission time (my educated guess is this is less accurate in built-up areas due to buildings causing multi-path interference)
c) you will often be in range of more than one cell tower (esp. in built-up areas), and as the networks have built out this has become more and more often, this allows for triangulation
My last phone had no GPS, it could still get usually my location down to half km or better, typically dropping to 2km in rural areas.
Also worth noting that they can easily tell from cell signal if you are moving and in which direction.
GPS is a better locator, sure, with GPS they know which road you are driving on and if you are breaking the speed limit, but just from the cell system they already knew which area of the city you were in and when and which direction you were going when you left.
If this bothers you (or if you think it is not worth the benefits of the cell phone system) then use burner phones, turn them on only intermittently, and burn them, often.
Or just stay the f*** on the far side of the moon, which should be good for avoiding surveillance for another few years...
(Score: 2) by cockroach on Monday June 13 2016, @12:25PM
Just run your own mail server, you might even learn a thing or two.
(Score: 1, Funny) by Anonymous Coward on Monday June 13 2016, @01:18PM
Thanks, Hillary! How's that working out for you?
(Score: 0) by Anonymous Coward on Monday June 13 2016, @02:09PM
he said mail server not POS MS exchange!
(Score: 4, Insightful) by Phoenix666 on Monday June 13 2016, @04:27PM
One thing you will learn is that it's a ridiculous pain in the ass. As one of the oldest services on the Internet you'd think it would have become exceptionally easy, but it's the opposite. It's absurd how hard it is to set up your own email server and keep it secure.
Washington DC delenda est.
(Score: 3, Informative) by cockroach on Monday June 13 2016, @04:35PM
I recently did some experiments with OpenSMTP and so far it seems to be to Postfix what Postfix was to Sendmail, i.e. a whole lot less insane.
Might be worth a try if you think Postfix is a hard to setup / maintain.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @06:14PM
Another thing you will learn, aside from the ones mention here, is that your email exists in two places: the originator and the recipient. So guess what, unless you never email anyone from yahoo/google/msn et all your email will still be read by them.
(Score: 2) by maxwell demon on Monday June 13 2016, @08:18PM
Wait, sending a single email to such an address allows them to read all my email? Doesn't sound right …
Anyway, the correct solution against others reading your email is to encrypt it. But that has the problem that you can only do it if the person you exchange mails with also can encrypt/decrypt mail.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 4, Interesting) by LVDOVICVS on Monday June 13 2016, @12:25PM
I have a typewriter and I'm not afraid to use it.
(Score: 2) by Runaway1956 on Monday June 13 2016, @12:35PM
Not sure whether to moderate "funny" or "informative". Funny because a typewriter can't do much of what a computer does - but informative because modern tech cannot exploit what isn't there to exploit.
Hell - I'll go with funny.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @12:36PM
it is terrible!
if i tell how i do it then other people do it and after
enough people do, "they" will find a workaround to undo and then i have to start again.
i think one example is the shitty cloud flare stuff.
after enough people used (and abused) tor, the websites sought shelter. dubious at most. there might come a time of reconing were your website has a ddos survivable time comparable to a windows xp maschine that is connected to the internet.
not that "secretly", maybe cloud flare has out sourced the ddos to some hackers using tor ... to the end of driving more customers to their "service"?
i think three very obvious things one can do are:
-enable cookies only for websites which are open in a window or tab. nuke the cookies when closing browser, a window or tab.
-dont stay logged in to big google, facebook etc in one tab and then surf around other sites. do your google/facebook business then logout.
-disable "referer" in browser. if clicking on a hyperlink on one site the refered-tosite could query where you came from.
(Score: 2) by datapharmer on Monday June 13 2016, @01:35PM
Hey moderators this story makes some good points, but just scratches the surface. How about some follow up stories explaining tools such as Blockstack, Ethereum, Interledger and IPFS in more details. How do they work, why do we need them, and what are their strengths and weaknesses?
(Score: 2) by Runaway1956 on Monday June 13 2016, @02:25PM
That's a great idea, datapharmer. Are you up to submitting any of those? If so, please do.
(Score: 2) by Phoenix666 on Monday June 13 2016, @04:29PM
Yeah I would second this. It's a clear need. If you have links/stories to help the rest of the community out, submit them. Truly.
Washington DC delenda est.
(Score: 1, Interesting) by Anonymous Coward on Monday June 13 2016, @02:05PM
It's not just server logs, purchasing histories, geolocation data, cookies and NSA intercepts. Technology can now recognize an individual in a crowd photo, and in an anonymous forum post like this one by writing style. We're on the grid at all times and even if we went hiking w/o a phone we could still be recognized and tracked.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @03:23PM
Half my days I think about the above and work to protect myself, and think about how I can protect myself better.
The other half, I act like 99% of internet users and really don't give a damn who knows my browsing habits and why. I am not a terrorist or spy, and I have very very little in my life that I really care about if it became known.
And 1% of the time, I put major updates on Facebook *** because that is the only location where I know 95% of my friends and family will come to know I've been hospitalized. *** I'm almost Facebook-free, but when everybody else I know is there, then that's where I need to be.
I think part of that other half comes from my not really knowing what's at stake for me, personally. I'm serious. Imagine for a second I'm no sort of techie, I just likes hearing from my family, sharing things with them, and watching cute kitten pictures on Facebook. What's at stake to me personally / what skin is it off my nose to be the product of FB?
(Score: 0) by Anonymous Coward on Tuesday June 14 2016, @12:36AM
Alternatively, there's a different reality to behold. One example: bike across the country. You'll quickly realize how unnecessary all of this is, and how small we all are.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @04:20PM
Benjamin Franklin started a Post Office so he could spy on mail to get the scoop for his news paper.
Warrantless wiretaps have been happening since the telegraph was invented. ECHELON / Five Eyes, Omnivore / Carnivore and etc spying programs have always existed for every kind of communication system that exists.
The Internet didn't cause the Spy Net. It became a part of the Spy Net at its inception as a defense project for DARPA when it was called the ARPANET.
So, let's think about this. It was the desire to spy which created the postal service. And the Internet was created by governments who spy. Well, correlation isn't causation. So, if you want to think that the warrantless wiretaps are caused by spy agencies we have to disprove the null hypothesis: Technologies were invented by spies for the purpose of spying, and all other use cases are tangential to this cause.
Your move, "scientists".
(Score: 0) by Anonymous Coward on Monday June 13 2016, @05:22PM
Sorry but technologies get invented first, then spies co-opt and/or create their own tech to snoop on the people using it. The decentralized web is a good solution which will protect users against a lot of the broad surveillance.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @05:58PM
So, you're saying that the government didn't invent the ARPANET?
(Score: 0) by Anonymous Coward on Monday June 13 2016, @06:12PM
Riiiiiight, so Ben Franklin started his post office in order to spy for his news paper, but it was only AFTER it was constructed that it was used for spying. Gotcha.
You haven't disproved the null hypothesis at all, and I don't think you even know what the term means. You must disprove the null hypothesis in order to prove your correlation is causation. You say that non-spies create the coms tech first THEN it's used by spies. However, AT&T and other information conveyance services have been in with the state surveillance apparatus since before AT&T existed, and thus tapped telegraph lines as soon as they were installed. So, disprove the null hypothesis. Prove your statement by providing contrary evidence that innovative tech companies are not rife with spies.
Take Intel for example. Israeli chip fabrication which has ties to Mossad.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @06:17PM
Take Intel for example.
No use talking to idiots, you'll never convince them. The fucking company is named INTEL for fuck's sake and the morons still scoff like the idiots they are. They spies are flaunting it in their faces and laughing at Joe Six Pack's resolve not to see what's right in front of him.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @06:20PM
Just because Intel put cellular radios on their chips allegedly for "anti-theft" protection doesn't mean it was actually meant to facilitate spying... Yeah, it probably was.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @11:55PM
Hey, did you know electronic computers were designed for the spy task of breaking the encoding of messages encoded with mechanical machines?
Derp!
(Score: 0) by Anonymous Coward on Wednesday June 15 2016, @08:44PM
Sorry but technologies get invented first, then spies co-opt and/or create their own tech to snoop on the people using it.
It's dangerous to go stupid, here take this:
A report on BoingBoing, authored by Damien Zammit, claims that recent Intel x86 processors have a secret and powerful control mechanism implemented into them that runs on a separate chip that nobody is allowed to audit or examine. [boingboing.net]
The decentralized web is a good solution which will protect users against a lot of the broad surveillance.
Riiight, on processors that have been compromised by spies since their inception? I seriously fucking doubt it, mate.
(Score: 0) by Anonymous Coward on Monday June 13 2016, @04:29PM
What I do is use Skullcode [skullcode.com] It's a bitch to get in unless you're a sufficiently skilled hacker, some say by design. And unless you can write code you probably won't be able to do much. However, for a certain sort of individual it can so useful that I'm not sure how I got on without it.
There's been some talk about lowering the barrier to entry, but if eternal September creeps in it'll kill the appeal for me and many others.
(Score: 0) by Anonymous Coward on Tuesday June 14 2016, @12:33AM
Spent 10 minutes. Gave up. ¯\_(ツ)_/¯
(Score: 0) by Anonymous Coward on Wednesday June 15 2016, @08:41PM
6666h
(Score: 2) by Celestial on Monday June 13 2016, @08:52PM
One of my biggest hobbies is PC gaming, so I'm stuck using Windows 8.1 Pro as, unfortunately, Linux just doesn't cut it there. I have most of Microsoft's servers blocked at the router level as a result. Windows 10 updates are blocked, as are the various telemetry updates. I also have ESET Smart Security and Malwarebytes Anti-Malware Pro loaded on the desktop. I alternate between Cyberfox (Firefox variant) and Chrome as browsers, and use the Disconnect and uBlock Origin extensions on both, with third-party cookies blocked. I use DuckDuckGo as my primary search engine, and StartPage as my secondary search engine. On my iPhone, I use the Purify adblocker and a VPN. I realize I could do more, like use the NoScript extension on Cyberfox, but I honestly don't see the point. 99% of the web sites I visit require JavaScript to run.
(Score: 2) by Gravis on Monday June 13 2016, @10:08PM
the problem we have is that it's socially acceptable to have horrid security practices. the reason for this is obvious: it easy to do and doesn't have an immediate negative effect on people. if we want to fix society, we need to A) make security easy and B) make bad security obvious to other people. doing this of course means building ecosystems with security in mind (which is no easy task) and possibly poisoning existing ecosystems (which is unethical).
the road forward is fraught with danger.
(Score: 0) by Anonymous Coward on Tuesday June 14 2016, @12:11AM
http://pcast.ideascale.com/a/dtd/-The-need-for-FOSS-intelligence-tools-for-sensemaking-etc.-/76207-8319 [ideascale.com]
"Now, there are many people out there (including computer scientists) who may raise legitimate concerns about privacy or other important issues in regards to any system that can support the intelligence community (as well as civilian needs). As I see it, there is a race going on. The race is between two trends. On the one hand, the internet can be used to profile and round up dissenters to the scarcity-based economic status quo (thus legitimate worries about privacy and something like TIA). On the other hand, the internet can be used to change the status quo in various ways (better designs, better science, stronger social networks advocating for some healthy mix of a basic income, a gift economy, democratic resource-based planning, improved local subsistence, etc., all supported by better structured arguments like with the Genoa II approach) to the point where there is abundance for all and rounding up dissenters to mainstream economics is a non-issue because material abundance is everywhere. So, as Bucky Fuller said, whether is will be Utopia or Oblivion will be a touch-and-go relay race to the very end. While I can't guarantee success at the second option of using the internet for abundance for all, I can guarantee that if we do nothing, the first option of using the internet to round up dissenters (or really, anybody who is different, like was done using IBM computers in WWII Germany) will probably prevail. So, I feel the global public really needs access to these sorts of sensemaking tools in an open source way, and the way to use them is not so much to "fight back" as to "transform and/or transcend the system". As Bucky Fuller said, you never change thing by fighting the old paradigm directly; you change things by inventing a new way that makes the old paradigm obsolete."