http://techcrunch.com/2014/10/11/edward-snowden-new-yorker-festival/?cps=gravity


According to Edward Snowden, people who care about their privacy should stay away from popular consumer Internet services like Dropbox, Facebook, and Google.

Snowden conducted a remote interview today as part of the New Yorker Festival, where he was asked a couple of variants on the question of what we can do to protect our privacy.

His first answer called for a reform of government policies. Some people take the position that they “don’t have anything to hide,” but he argued that when you say that, “You’re inverting the model of responsibility for how rights work”:

When you say, ‘I have nothing to hide,’ you’re saying, ‘I don’t care about this right.’ You’re saying, ‘I don’t have this right, because I’ve got to the point where I have to justify it.’ The way rights work is, the government has to justify its intrusion into your rights.

He added that on an individual level, people should seek out encrypted tools and stop using services that are “hostile to privacy.” For one thing, he said you should “get rid of Dropbox,” because it doesn’t support encryption, and you should consider alternatives like SpiderOak. (Snowden made similar comments over the summer, with Dropbox responding that protecting users’ information is “a top priority.”)
Geez, SpiderOak is probably paying for his Russian Apartment....

Well he got this correct.... I wonder who will heed this warning?


When you say, ‘I have nothing to hide,’ you’re saying, ‘I don’t care about this right.’ You’re saying, ‘I don’t have this right, because I’ve got to the point where I have to justify it.’ The way rights work is, the government has to justify its intrusion into your rights.

When you say, ‘I have nothing to hide,’ you’re saying, ‘I don’t care about this right.’ You’re saying, ‘I don’t have this right, because I’ve got to the point where I have to justify it.’ The way rights work is, the government has to justify its intrusion into your rights.



Well he got this correct.... I wonder who will heed this warning?

I agree. It's the .gov that should be having to justify the intrusion-any intrusion into anyone's privacy and not people justifying the intrusion with the tired old adage.
Sadly, I think if you point that out to most people, all you'd get in return is the proverbial "deer in headlight" stare.

I agree. It's the .gov that should be having to justify the intrusion-any intrusion into anyone's privacy and not people justifying the intrusion with the tired old adage.
Sadly, I think if you point that out to most people, all you'd get in return is the proverbial "deer in headlight" stare.
Rights? What are those?

Blasphemy you speak.

Sadly, I think if you point that out to most people, all you'd get in return is the proverbial "deer in headlight" stare.

I know that if you point this out to people you get one of the following:

"Whatever"
"You're wasting my time, Dancing with the Stars is on soon."
"It still doesn't matter to me because I have nothing to hide"
"Okay psycho."

I was told by a tech savvy friend that the search engine IXQUICK is much better with respect to privacy rights than Google

Wait, I missed Google.

What's wrong with Google's search engine?

Can someone bring up my search history based on my ISP/IP address alone? (I.e. if my computer was destroyed?)

They're gonna be really curious why a guy in the finance industry is always googling about transmissions...

What's wrong with Google's search engine?
Can someone bring up my search history based on my ISP/IP address alone? (I.e. if my computer was destroyed?)

Yes, and Google, along with anyone who Google chooses to sell the information to, can track and research everything you've searched for, ever, if either A or B applies:
A) you did the search on a device that is logged into any Google account of yours, or
B) you did the search from an IP address or device identifier that is associated with you personally, which might include your personal computer, work computer, smart phone, any laptop you routinely use (like a work loaner), etc.

This can be mitigated a little bit with software plugins, but unless you go to many steps, assume that any search engine that's associated with a company that you have an account with (Google, MSN Bing/Hotmail, Yahoo, etc.) can associate your searches with your name.


They're gonna be really curious why a guy in the finance industry is always googling about transmissions...

Protip: when searching for information on automotive transmissions that are overheating, always spell out "transmission" rather than searching for "hot trannys".

Yes, and Google, along with anyone who Google chooses to sell the information to, can track and research everything you've searched for, ever, if either A or B applies:
A) you did the search on a device that is logged into any Google account of yours, or
B) you did the search from an IP address or device identifier that is associated with you personally, which might include your personal computer, work computer, smart phone, any laptop you routinely use (like a work loaner), etc.

This can be mitigated a little bit with software plugins, but unless you go to many steps, assume that any search engine that's associated with a company that you have an account with (Google, MSN Bing/Hotmail, Yahoo, etc.) can associate your searches with your name.



Protip: when searching for information on automotive transmissions that are overheating, always spell out "transmission" rather than searching for "hot trannys".



Don't forget the website widgets like the FB, Google +, and Twitter buttons. Those track people around the web, too, and are actually a bit better than tracking cookies.

I use ad block, and Ghostery.

DuckDuckGo is a pretty cool search engine, too. Macs and iPhones can now set it as the default search engine.

this is like the thread I started about apple and modern encryption the gov is pissed about and thinks is wrong they can't get in !!!!!

and they use the what do you have to hide ? my answer why do you think you have the right to look at my private life ?

Protip: when searching for information on automotive transmissions that are overheating, always spell out "transmission" rather than searching for "hot trannys".

It's like you don't even know who this Eurodriver guy is! ;)

I know that if you point this out to people you get one of the following:

"Whatever"
"You're wasting my time, Dancing with the Stars is on soon."
"It still doesn't matter to me because I have nothing to hide"
"Okay psycho."
Nope,

FOOTBALL.

It's like you don't even know who this Eurodriver guy is! ;)

I read many threads and comment on only a few. :)

If you're not paying for it, you're not the customer.

Look at the way airline tickets are sold...particularly on the "discount sites." Check airline ticket prices over the course of a few months for a flight six months out or so. Do not clear your cache/cookies or anything like that. Watch the price go up. Clear everything...check again(or check on a different computer. Watch the price go back down. Purchase one ticket and look at the available seats on that flight. Look again in a month after your buddies have purchased theres...interesting that new seats will be available isn't it? Better yet is when you see how many seats are available on that flight, and then you get on it and it's <50% full when you were told there were only 5-10 seats available.

Anyone know of a free encrypted email service?

Anyone know of a free encrypted email service?

https://www.kickstarter.com/projects/ladar/lavabits-dark-mail-initiative/posts

I saw their talk live, very convincing.

Didn't realize it was a kickstarter though lol.

It pays to have no accounts with google, msn/bing, yahoo, facebook, or anyone else other than my local isp provider.

It pays to have no accounts with google, msn/bing, yahoo, facebook, or anyone else other than my local isp provider.



Your browser still has a unique thumbprint that gets tracked...Google's ad's don't need a name to work.

Most aren't end to end encryption.

This however is. The only thing it has in common with dropbox is the way they raise revenue. Researchers at CERN and MIT created it. About as good as it's going to get at the moment. And they don't refuse to share the key with the NSA...they don't have it in the first place. It's not perfect...like everything else it has vulnerabilities. But they can't see your stuff in the massive dragnet...they'd have to target you with something like a keystroke logger. Good for most of us, bad for Edward Snowden. But that's the nature of email.

So basically if you're not using a compromised system, they're left trying to trick you into sending your key to them as opposed to proton mail, or invading Switzerland and installing backdoors that don't exist on their servers. Remember that brute force attacks are a joke. They use PGP, AES, and RSA.
Q: Can't you break PGP by trying all of the possible keys?

A: This is one of the first questions that people ask when they are first introduced to cryptography. They do not understand the size of the problem. For the IDEA encryption scheme, a 128 bit key is required. Any one of the 2128 possible combinations would be legal as a key, and only that one key would successfully decrypt the message. Let's say that you had developed a special purpose chip that could try a billion keys per second. This is far beyond anything that could really be developed today. Let's also say that you could afford to throw a billion such chips at the problem at the same time. It would still require over 10,000,000,000,000 years to try all of the possible 128 bit keys. That is something like a thousand times the age of the known universe! While the speed of computers continues to increase and their cost decrease at a very rapid pace, it will probably never get to the point that IDEA could be broken by the brute force attack.

Keep in mind that AES is capable of bigger keys than PGP.

https://protonmail.ch

7 million Dropbox username/password pairs apparently leaked http://t.co/J7392IRyDK

I knew Facebook was going to be a privacy problem when I was first asked to join it. I still don't have an account.

All my relatives...the ones posting photos and stories of their whole lives online...looked at me like i was nuts for being concerned and not joining in.

I just put the IXQUICK app on my phone. It is free. Allows me search the net privately and use their proxy to go to the web sites. No more google for me

Protip: when searching for information on automotive transmissions that are overheating, always spell out "transmission" rather than searching for "hot trannys".

I once grenaded a transmission, and I learned very quickly to choose my search terms carefully. "Blowing my tranny" got me a lot of unexpected results.

I once grenaded a transmission, and I learned very quickly to choose my search terms carefully. "Blowing my tranny" got me a lot of unexpected results.

Just to clarify, Dick's Sporting Goods website is definitely NOT dicks.com.

Oh you guys! You're giving the NSA fits with all this double entendre. Bet they think you're talking some kinda code....

Quote Originally Posted by Eurodriver View Post

They're gonna be really curious why a guy in the finance industry is always googling about transmissions...
Protip: when searching for information on automotive transmissions that are overheating, always spell out "transmission" rather than searching for "hot trannys".

http://i10.photobucket.com/albums/a144/AKS-74/comicbookguy_zps2cc370cf.jpg (http://s10.photobucket.com/user/AKS-74/media/comicbookguy_zps2cc370cf.jpg.html)

:lol:

This is spot on!


His first answer called for a reform of government policies. Some people take the position that they “don’t have anything to hide,” but he argued that when you say that, “You’re inverting the model of responsibility for how rights work”:

When you say, ‘I have nothing to hide,’ you’re saying, ‘I don’t care about this right.’ You’re saying, ‘I don’t have this right, because I’ve got to the point where I have to justify it.’ The way rights work is, the government has to justify its intrusion into your rights.

He added that on an individual level, people should seek out encrypted tools and stop using services that are “hostile to privacy.” For one thing, he said you should “get rid of Dropbox,” because it doesn’t support encryption, and you should consider alternatives like SpiderOak. (Snowden made similar comments over the summer, with Dropbox responding that protecting users’ information is “a top priority.”)

Sadly all you get is bunch of baaing sheep that blurt out tinfoil hat, conspiracy, black helicopters, et al.

Just to clarify, Dick's Sporting Goods website is definitely NOT dicks.com.

I'm going to take your word on that one.

FYI a recent interview by Neil deGrasse Tyson.

http://theweek.com/speedreads/578318/edward-snowden-said-aliens-could-trying-communicate-right-now

Also cell phones, duh.

Spideroak gets the privacy/security thing right. And i like the way their ap works as well. Dropbox and others do not come anywhere close on security.

I'm more concerned about hackers than big gov... I assume the NSA would find other ways to crack stuff if needed.

I've used DuckDuckGo as a search engine for the past five years, never used Facebook and dumped Dropbox for the same privacy reasons.

Spideroak gets the privacy/security thing right. And i like the way their ap works as well. Dropbox and others do not come anywhere close on security.

I'm more concerned about hackers than big gov... I assume the NSA would find other ways to crack stuff if needed.

I think the best bet now is to just spam the NSA.

No matter what we do - or what Congress or the President says or tells the NSA and other spying agencies to do - they're going to keep on spying on us. There is enough money in the classified part of the government's budget and enough people in the government who believe that they should be able to spy on us that short of completely defunding and disbanding America's intelligence agencies (and the FBI), we will never be free from being spied on by the government. And everything that they're already doing that would be made illegal is already inadmissible in court, so....

The best bet (IMO) is going to be to try to overload them with too much information.

That and what's more suspicious? A right-winger who enjoys posting photos of guns and stories about how Donald Trump will be the next POTUS or a right-winger who posted photos of guns and stories about how Obama is the worst President in the history of the US and then suddenly stops using Facebook, Google, &c.?

The best option to protect your security might be to create an online persona who Googles things you have no interest in, who posts things on Facebook that you don't especially care for. It won't completely protect your privacy, but it may provide a smokescreen sufficient to mislead certain unsavory characters from deducing the real you. And you can't just suddenly develop this new persona, you have to gradually ease into it, unless you happen to get into a car accident or something that might make for a believable sudden change in personality.