Security Category Archives
заметая следы
20 August 2013 | Privacy, Security, Software | No Comments
Advertisers and government agencies attempt to build a profile of you based on your browsing history. Paranoid Browsing confuses that effort by making a background tab which browses the internet at random.
возвращаясь, иными словами, к тому, где легче всего спрятать опавший лист.
via — no surprises — Cory Doctorow.
все изменилось
17 August 2013 | Cryptography, Jurisprudence, Politics, Privacy, Security | 2 Comments
как известно, среди последствий истории Эдварда Сноудена было так же и закрытие одного из почтовых сервисов, что он использовал, Lavabit:
I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit. After significant soul searching, I have decided to suspend operations. I wish that I could legally share with you the events that led to my decision. I cannot. I feel you deserve to know what’s going on–the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise. As things currently stand, I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests.
что ж, остальные[1] добровольно решили последовать той же дорогой:
[W]e have reconsidered this position. We’ve been thinking about this for some time, whether it was a good idea at all. Today, another secure email provider, Lavabit, shut down their system lest they “be complicit in crimes against the American people.” We see the writing the wall, and we have decided that it is best for us to shut down Silent Mail now. We have not received subpoenas, warrants, security letters, or anything else by any government, and this is why we are acting now.
иными словами, любой, кто захочет предоставлять аналогичные услуги, должен будет подумать не дважды, а сто крат. и без должной юридической помощи, без соответствующего финансирования, готового противостоять безграничным возможностям государства, безопаснее и спокойнее окажется даже не начинать.
we see the writing the wall. подобный сервис больше просто не допустят.
-
президент и со-основатель Silent Circle — Фил Циммерманн. ↩
no legitimate expectation of privacy
16 August 2013 | Google, Internet, Privacy, Security | 1 Comment
тем временем в судебном ходатайстве Google нашли чудесный пассаж:
Just as a sender of a letter to a business colleague cannot be surprised that the recipient’s assistant opens the letter, people who use web-based email today cannot be surprised if their communications are processed by the recipient’s ECS [electronic communication service] provider in the course of delivery. Indeed, “a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.”
все так и есть, конечно. то есть, можно долго рассуждать о некой предполагаемой честности, надеяться и ожидать порядочности, но когда сервису достается такой объем данных, то удержаться, я верю, становится просто невозможно.
мне долгое время нравилась старая мысль о том, что упавший с дерева лист проще всего спрятать в лесу — как-то так я и подходил к своей почте в Google-неводе. да и шифрование, понятное дело, никто не отменял. но в конце концов, нам остается только задать себе один простой вопрос: сколько еще мы готовы терпеть? и не пора ли искать собственные[1] решения?
-
провайдеры которых тоже, разумеется, будут так или иначе находиться под государственным присмотром. ↩
common knowledge
8 August 2013 | Literature, Politics, Privacy, Security | No Comments
иногда пророчества действительно сбываются[1]:
The reason Americans weren’t freaking out over this NSA thing, Milgrim assumed, was that they’d already been taking it for granted, since at least the 1960s, that the CIA was tapping everybody’s phone. It was the stuff of bad episodic television. It was something little kids knew to be true.
William Gibson, “Spook Country”, 2006
американские горки
7 August 2013 | Politics, Privacy, Security | No Comments
[I]t’s Snowden’s fate that concerns me. His act exposed something that should never exist, whether in a democracy or an autocracy: a system of secret, hard to challenge laws and massive intrusions on the privacy of innocents. In a pre-Snowden world, we’d have celebrated such an act were it undertaken by a resident of any other country, and most Americans wouldn’t have thought their country capable of such injustice. Learning otherwise is the real reason Russia’s temporary grant of asylum stings so much.
willing to critically interrogate
21 July 2013 | Politics, Privacy, Security | No Comments
программная статья, между прочим:
Snowden is offering the public a template for how to whistleblow; leaking information is going to be the civil disobedience of our age.
из-за спины
8 July 2013 | Internet, Privacy, Security | No Comments
для тех, кто на личном примере хочет убедиться, что такое PRISM, и как работает сбор метаданных, пожалуйста, есть чудесный эксперимент, Immersion, — в моем случае эта демострация легко распознала семейные и любвные связи, вычислила денежные потоки, обозначила странствия или, наоборот, просто вечеринки.
и это только электронная почта.
real life is tough
6 July 2013 | Politics, Security | 2 Comments
еще о Сноудене:
For a spy novelist like me, the Edward J. Snowden story has everything. A man driven by ego and idealism — can anyone ever distinguish the two? — leaves his job and his beautiful girlfriend behind. He must tell the world the Panopticon has arrived. His masters vow to punish him, and he heads for Moscow in a desperate search for refuge. In reality he’s found the world’s most dangerous place to be a dissident, where power is a knife blade and a sprinkle of polonium. For now he’s safe. He’s of use to his new Russian friends. But if they change their minds …
I wish I’d written it.
But Mr. Snowden is real, not a character. And I am sorry to watch his true life unraveling.
я который уже день элементарно не знаю, что тут сказать. потому что Эдвард Сноуден герой, да. человек, который — вольно или невольно — отдал и оставил все, что у него было, ради того, чтобы мы знали правду. и теперь навсегда застрял среди людоедов.
что тут еще-то? выть хочется от боли, и все.
причины и способы
3 July 2013 | Politics, Privacy, Security | No Comments
о том Nineteen Eighty-Four, что происходит уже сегодня:
The NSA has to collect the metadata from all of our phone calls because terrorists, right? And the spy agency absolutely must intercept Skypes you conduct with folks out-of-state, or else terrorism. It must sift through your iCloud data and Facebook status updates too, because Al Qaeda.
Terrorists are everywhere, they are legion, they are dangerous, and, unfortunately, they don’t really do any of the stuff described above.
Even though the still-growing surveillance state that sprung up in the wake of 9/11 was enacted almost entirely to “fight terrorism,” reports show that the modes of communication that agencies like the NSA are targeting are scarcely used by terrorists at all.
все потому, что они хотят контроллировать именно нас, а не кого-нибудь еще.
идти по следу
18 June 2013 | Politics, Privacy, Security | 1 Comment
с другой стороны, там еще много подводных камней:
Dianne Feinstein, a Democrat from liberal Northern California and the chairman of the Senate Select Committee on Intelligence, assured the public earlier today that the government’s secret snooping into the phone records of Americans was perfectly fine, because the information it obtained was only “meta,” meaning it excluded the actual content of the phone conversations.
<...>
The gist of the defense was that, in contrast to what took place under the Bush Administration, this form of secret domestic surveillance was legitimate because Congress had authorized it, and the judicial branch had ratified it, and the actual words spoken by one American to another were still private. So how bad could it be?
<...>
“The public doesn’t understand,” [former Sun Microsystems engineer Susan Landau] told me, speaking about so-called metadata. “It’s much more intrusive than content.” She explained that the government can learn immense amounts of proprietary information by studying “who you call, and who they call. If you can track that, you know exactly what is happening—you don’t need the content.”