| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon Dec 26 23:44:38 2005 From: coderman at gmail.com (coderman) Subject: Spy Agency Mined Vast Data Trove On 12/26/05, GroundZero Security <fd@....org> wrote: > the usa still controls the internet and they dont give a fuck if we > feel that our privacy is invaded ... > they want total control and noone can do anything against their actions. strong encryption makes it difficult to invade your privacy. if you need to communicate with insecure/untrusted endpoints you need to be anonymous. ipsec, ssl, ssh, openvpn, lots of methods for data privacy. (i am looking forward to tun/tap device support in new openssh. openvpn is a bit tedious) regarding anonymity, tor is no longer funded by the eff and is accepting donations. if you found this project useful now is a good time to donate: http://tor.eff.org/donate.html.en stronger anonymity might entail type III mixers and/or meatspace obfuscation. a trade off depending on your needs. > with google earth you can even find a nsa echelon base in germany. i wonder what its doing there. > i bet they use it to sniff our country aswell and our neighboors, since its not there for the fun of it. > what if my country would start to spy on usa isp's ? that could cause serious political problems, > but of course for usa everything is ok, as we have seen in the past. there are echelon stations all over the world. cryptome.org has a lot of details and photos if you are curious. (the dvd archive is well worth the cost) the nuclear sub(s) with fiber tapping bays for deep sea splicing are one of my favorite examples. feeding off the coastal landing points is easier but not always possible. recent events have shown just how willing corporations are to give the government a blank check with only minimal assurances of propriety and legality. i would bet good money the number of core providers who balked at DCS1000 deployments could be counted on a single hand, if there were even any at all... > oh and for your law question, usa doesnt care about international laws. if you have problems you > will have to ask a us. court and i doubt that will help you much complaining about some agency > especially when you are from some foreign country. i'll save you the trouble: it's not illegal (according to current interpretation of US law) for US to spy outside our borders. the current NSA debacle concerns monitoring / surveillance of US citizens without any judicial oversight (FISA, et al). while that is clearly illegal according to US law, they are splitting hairs over whether a large and non specific 'dragnet' style operation is really equivalent to targeted surveillance, which is what FISA was designed to oversee. if you value your privacy, put your money/time/efforts where your mouth is and start using, supporting and advocating strong encryption, anonymous services, and other privacy enhancing technologies. secure and intuitive (read: dead simple) user interfaces are sorely needed for these things although HCI tends to get less attention as it is not as sexy as crypto or infosec in general. these are issues which affect all nations, although the US is currently in the spotlight given the breadth and depth of its monitoring / surveillance capability in a nation which loves to boast of freedom and liberty. (oh the irony, :)
Powered by blists - more mailing lists