Folks, may I also remind you to send all confidential information by email, phone etc, during the government shutdown to avoid detection by the NSA!
posted by Riton at 10:58 AM on October 3, 2013 [4 favorites]

Man, we're really stepping up the slacktivism game here.

Even if we assume the NSA's algorithms will flag each and every request made with these keywords, I think that maybe, just maybe, they're smart enough to filter out the ones appearing after ?lulz= in the request string.
posted by ReadEvalPost at 11:04 AM on October 3, 2013 [18 favorites]

I initially misread that as "Occupy NASA" and now...now it's too late.
posted by greenland at 11:06 AM on October 3, 2013 [10 favorites]

So what’s your take? Does Flagger take free speech too far, or is it finally justice for the NSA? Share your thoughts in the comments section below.

This author is trolling a little bit.
posted by Going To Maine at 11:07 AM on October 3, 2013 [1 favorite]

Yeah, this is so utterly pointless I can't believe he wasted the time.

The NSA has a detailed social map of hundreds of millions of people and all of their connections being analyzed by the most powerful and intelligent systems in the world. The whole "using 'bomb' in an email will get you a visit" bullshit is insane.
posted by lattiboy at 11:07 AM on October 3, 2013 [1 favorite]

Bayesian poisoning.
posted by GallonOfAlan at 11:10 AM on October 3, 2013 [3 favorites]

I find it hard to believe that the NSA system is so junky as to be fooled by this, it's a fun gimmick.

They are storing all the data, it's playing the Kevin Bacon game but instead of your friend, you're playing it against someone who's hard-wired into the IMDB database, it knows all the connections! They type in your email address, or any personal identifier that they have of yours, and they can get every email, communication, website visit, download, conversation, credit card purchase-- everything you've visited or interacted with that doesn't involve an air-gap, and hell, even with air-gaps, I bet the have pretty stunning geoip location resolving tools and satellites to sort that element out too, if they so desired.

So having keywords embedded in a way that can likely be reverse engineered to entirely cancel itself out doesn't achieve much, because I doubt that's how they're filtering the data at the moment, and they can just reprocess it, because it's not this little water filter that gets one chance at it, it's a (as much as funding allows) permanent store. You're essentially raising the background noise in the most lazy way possible.

If you actually want to have any chance of achieving anything, tell your friends about why it should bother them, and spare half an hour to write and send a communication to your political representatives because (sadly) they're the only people who have the power to even think about changing the system, because only law can hope to withhold the power of the technology they get to play with. Is your privacy worth half an hour of your time?
posted by Static Vagabond at 11:14 AM on October 3, 2013 [1 favorite]

This is a bad idea in principle. The analysis that the NSA is doing is far beyond simple keyword search. In order for this project to be effective you would have to embody a pretty sophisticated behavioral envelope. In other words you would have to be doing things.

In the future, when the NSA tightens that "behavorial envelope" to include political activism etc, we're all fucked.
posted by kuatto at 11:15 AM on October 3, 2013 [3 favorites]

Maybe we can throw them off by using words like "whose's" in our emails, automatically rerouting everything into their Spam folder where it gets ignored/deleted.
posted by Greg_Ace at 11:17 AM on October 3, 2013 [2 favorites]

Or maybe someone can develop something along the lines of the 'Treehouse' from that Otherworld book series.
posted by Slackermagee at 11:18 AM on October 3, 2013 [1 favorite]

I grow old . . . I grow old. . . I shall wear the first line of my Usenet postings rolled.
posted by The Bellman at 11:20 AM on October 3, 2013 [4 favorites]

This reads like something that'd be found in an ANARCHIST COOKBOOK text file circa 1996 next to 100 WAYS TO FUCK WITH WAL-MART.txt.

PICK UP THE PHONE AND PRETEND TO BE THE MANAGER ON THE OVERHEAD WHOA ANARCHY EVERYWHERE.
posted by Ghostride The Whip at 11:23 AM on October 3, 2013 [6 favorites]

Maybe we should all make friends with EVERYONE and all have dinners and parties and hobby nights together, all around the world, so that the social network map becomes "everyone is linked to everyone!"

Also, we get world peace as a side effect.
posted by anonymisc at 11:23 AM on October 3, 2013 [16 favorites]

In the future, when the NSA tightens that "behavorial envelope" to include political activism etc, we're all fucked.

They already have. (previously)
posted by AElfwine Evenstar at 11:28 AM on October 3, 2013 [4 favorites]

In the future, when the NSA tightens that "behavorial envelope" to include political activism etc, we're all fucked.

In the future?
posted by MartinWisse at 11:28 AM on October 3, 2013 [5 favorites]

join with thousands of other online protesters in taking a digital stand against the NSA’s actions

Ironically, I bet most of them didn't even bother to "stand" when they did this... I'm guessing they were still on their butts on that ratty old couch in their parent's basement, taking a break between WoW battles (where the REAL men stand and fight!).
posted by HuronBob at 11:31 AM on October 3, 2013

This is the most effective thing that citizens can do to stop the NSA. Feel free to engage in this activity.
posted by NSA at 11:32 AM on October 3, 2013 [11 favorites]

What if just a thousand internet libertarians/anarchists decided to show up at Fort Meade (easy access to the employee entrance just off the Baltimore-Washington Parkway)? But that would be actually risking something...

Occupy federal prison.
posted by ennui.bz at 11:34 AM on October 3, 2013 [1 favorite]

To protect my privacy, I merely put 'ViAgRa' in the subject line of all my emails. That way my email is filtered by NSA's (pirated) copy of McAfee before it gets to their machines.
posted by nightwood at 11:35 AM on October 3, 2013 [4 favorites]

Even if the theory that "all you have to do to get flagged is to use the word 'bomb' in an email or whatever" is true, in order for this to work as a form of protest, you need a whole lot of people to agree to do it at the same time.

But that's where game theory comes into play - because the outcome of a whole lot of people not doing it turns out to be very very bad for you if you do do it. So - the key isn't "do you believe the NSA is going to flag you for using this app", the key is "do you trust a sufficiently large enough group of people also use it so you don't get hauled off as a suspected terrorist".
posted by EmpressCallipygos at 11:40 AM on October 3, 2013 [1 favorite]

Wouldn't it be more effective to just have everyone encrypt everything as a matter of course?
posted by pracowity at 11:41 AM on October 3, 2013 [1 favorite]

Lavabit legal update posted to Ladar Levison's facebook (wired article)
posted by jeffburdges at 11:46 AM on October 3, 2013 [3 favorites]

Even if this did affect their systems, etc. they'd just add more computing power and staff. There's always money for this sort of thing and always people who are willing to do the work.
posted by lesbiassparrow at 11:47 AM on October 3, 2013 [2 favorites]

I initially misread that as "Occupy NASA"

I'm in favor of setting up some tents inside the international space station. Who's with me?
posted by justsomebodythatyouusedtoknow at 12:07 PM on October 3, 2013 [1 favorite]

I'm in favor of setting up some tents inside the international space station. Who's with me?

Count me in! But I'll need to bum a ride. Anyone heading that way with a spare seat?
posted by anonymisc at 12:10 PM on October 3, 2013 [1 favorite]

ok but seriously, could the NSA's spying program be messed with via a Number's Station type cover? Fake social networks, fake facebooks and amazon accounts, fake credit cards, all managed by robots to increase the number of mundane red flags?
posted by rebent at 12:12 PM on October 3, 2013 [1 favorite]

This whole NSA thing has been surreal for me. My dad's entire career was as a ------------ for the NSA. He was a Cold War guy (died in 1987) so there were no ethical questions about his work, whatever it was. Everyone still wore either a black or white hat in those days.

I have *no idea* what he would have thought of all this. But of course I also have *no idea* whether he actually did this! The rug hasn't been pulled out from under my feet - after all he's been dead for more of my life than he was alive - but it's been tugged a bit.
posted by headnsouth at 12:16 PM on October 3, 2013 [2 favorites]

OH HAI PROTEST TO FBI'S CARNIVORE PROGRAM 2.0!!!
posted by symbioid at 12:28 PM on October 3, 2013

headnsouth: Everyone Some people still believed that they wore either a black or a white hat in those days. "

FTFY
posted by symbioid at 12:33 PM on October 3, 2013 [1 favorite]

Whose's afraid of the NSA
I can see why Mr Whose is afraid of the New Spellcheck Algorithm.
posted by w0mbat at 12:42 PM on October 3, 2013 [1 favorite]

It's all fun and games until you find yourself in the hot seat at your local FBI office.
posted by double block and bleed at 12:46 PM on October 3, 2013 [1 favorite]

In the future, everyone will be world-famous spied on by the NSA for 15 minutes. LMEFY!*

*Lowered My Expectations For You!
posted by not_on_display at 12:49 PM on October 3, 2013 [1 favorite]

Now really we have skype, so do a prank call to a shop in rural Afghanistan. If enough folks did that it'd make both the NSA and the Taliban crazy!


مرحبا. مرحبا. هل لديك الأمير ألبرت في علبة؟

يا إلهي، السماح له بالخروج.



Hello. Hello. Do you have Prince Albert in a can?

Oh my god, let him out.


I mean if we're going to be all internet-childish, go all the way. Fill the fiber trunks with silliness.
posted by sammyo at 12:57 PM on October 3, 2013 [12 favorites]

I'd wager 2 hemispheres each consisting of 8.51 kilograms of plutonium dioxide that this kind of stuff is already filtered out.

To them it's about as dangerous as 1 liter container of DiHydrogen MonOxide (DHMO) falling into the wrong hands.
posted by MikeWarot at 1:06 PM on October 3, 2013 [2 favorites]

In the future, when the NSA tightens that "behavorial envelope" to include political activism etc, we're all fucked.

I wonder if i'm the only one who remembers McCarthyism, and that being the real reason to nip this shit in the bud. It's not about them reading the day to day live details of us. What if you once talked to someone you just have a passing knowledge of (stood next to at a convention, went to the same concert, etc), but now whatever they are into is considered "bad". Your life now gets ruined, blacklisted, etc. or even worse since now it's all about national security.
posted by usagizero at 1:19 PM on October 3, 2013 [3 favorites]

This is that Low Orbit Ion Cannon thing again: a nice idea, poorly implemented. Let's hope enough people join it and the author gets a clue as to what really would raise the noise level and decides to release a new version that actually does something useful.
posted by yulik at 1:21 PM on October 3, 2013

ok but seriously, could the NSA's spying program be messed with via a Number's Station type cover? Fake social networks, fake facebooks and amazon accounts, fake credit cards, all managed by robots to increase the number of mundane red flags?

Even if this was possible, it wouldn't protect you against the actual threat.

Spamming the NSA with fake data might work if we were worried that they're trawling the Internet to look for people who are statistically likely to be troublemakers. But the real problem isn't that they might take an interest in you just because you visited the wrong website. The real problem is what they can find out once they're interested in you. Most of your day-to-day activities leave a trail of data on the Internet; if the NSA wants to, they can access that data trail, analyze it, and find out everything about you -- including who you know and everything you said to them online, what websites you visited and what you did when you were there, your phone logs, your credit card purchases, your movements and travels, etc. And they can apparently do this without any meaningful checks, oversight, or review.
posted by twirlip at 1:22 PM on October 3, 2013 [3 favorites]

"Well here is your chance to Occupy NSA"

Because making it harder to track down terrorists is cool.

(Oh, and did I mention that it's ridiculous, stupid, and highly unlikely to work?! But hey, at least you'll be able to shut down government... and I hear being a part of the general dysfunction is pretty popular right now. It's so edgy to be an under-informed, overly-opinionated neophyte.)
posted by markkraft at 1:24 PM on October 3, 2013

Because making it harder to track down terrorists is cool.

If they're tracking down terrorists at the expense of everyone else's privacy, then yes.
posted by pracowity at 1:27 PM on October 3, 2013 [6 favorites]

"If they're tracking down terrorists at the expense of everyone else's privacy, then yes."

Can you name an American who has had their privacy violated by the NSA without cause this year, pracowity?
posted by markkraft at 1:29 PM on October 3, 2013

My terrorized jihadist sister is the bomb. Her daily manifesto consists of studying works by extremists like Karl Marx, etc. while she is studying for to be a biological radiation specialist. She recently moved to Waco and is seeking employment at the new fertilizer plant or U-Haul center.

There...I'm waiting for the black SUV's to roll up into my office.
posted by Benway at 1:36 PM on October 3, 2013 [4 favorites]

Can you name an American who has had their privacy violated by the NSA without cause this year, pracowity?

Oh, did they start publishing that information now?

I know "this has been fixed" but earlier:

"Despite repeated public assurances of NSA competence, the agency told the Fisa court in 2009 that "from a technical standpoint, there was no single person who had a complete understanding" of its phone records "architecture".

All that led to "daily violations" for more than two years of call records from Americans "not the subject of any FBI investigation and whose call detail information could not otherwise have been legally captured in bulk," Walton wrote.

That being said, I don't think that making it more difficult to identify suspected terrorists by suspect words (assuming it even worked effectively) is going to do much to curb the behavior of the agency. I'm personally less bothered that they would try to identify terror suspects by finding people posting questionable material to the internet and actually investigating whether it appears dangerous or harmless than I am about the widespread collection and retention of data on individuals who are not suspect. I'm not surprised or upset that they try to identify terrorists on the internet. I am surprised and upset that they are collecting vast amounts of information on innocent people which we can only hope will always be used in good faith and with respect to the law.
posted by nTeleKy at 1:39 PM on October 3, 2013 [1 favorite]

"and spare half an hour to write and send a communication to your political representatives"

Pssht, that's the fastest way to end up on a watch list.
posted by klangklangston at 1:48 PM on October 3, 2013

ok but seriously, could the NSA's spying program be messed with via a Number's Station type cover? Fake social networks, fake facebooks and amazon accounts, fake credit cards, all managed by robots to increase the number of mundane red flags?

Feasibly? I have no doubt it's feasible. However, most of this stuff is going to come down to someone, somewhere getting sloppy, like Dread Pirate Roberts using his real name for about half-a-second. People are dumb and maintaining a cover is hard. So you'd maintain all these fake accounts for years then forget to log into your VPN one day or just go "Fuck it, I'm sick of all this bullshit when I just want to order a book" and go without your PGP or whatever and then, welp, they got you.

Like the Reddit thread on Silk Road was full of guys freaking out because they didn't actually USE PGP for transactions or they were having illegal drugs shipped to their actual home rather than a dead drop or they were making any number of rookie mistakes ("I took a bunch of money from drug dealers and then Silk Road got shut down! How can this be?!") where naturally you go "Heh, well, I'd never do something so stupid", but of course you would, because eventually you'll fuck up and get caught.

The other problem with that is if you're all following the same set of public instructions, they have access to the instructions, too, so I imagine it'd be easy to build their detection algorithms to detect your fuckery and ignore it.

And my impression is a lot of the spying stuff relies on widespread info-gathering, so if they see your email full of trigger words but the rest of their data says all you do every night is post on Slashdot and pirate some porn before bed, I'd expect you'd go in the non-threat folder.
posted by Ghostride The Whip at 1:49 PM on October 3, 2013

Can you name an American who has had their privacy violated by the NSA without cause this year, pracowity?

Markkraft, you lack the necessary security clearances and the need-to-know to be granted access to that information.

Also, even granting the NSA's shocking interpretation of what is "legal", consider that the NSA itself doesn't even have that information - in cases like LoveInt abuses, analysts are likely to conceal their unauthorized activities from the system, and Snowden walking out with the crown jewels demonstrates just how thoroughly the system is unable to detect non-work-related usage.
posted by anonymisc at 1:53 PM on October 3, 2013 [2 favorites]

Can you name an American who has had their privacy violated by the NSA without cause this year

Any American with a Lavabit account, other than Snowden.
posted by Blazecock Pileon at 2:09 PM on October 3, 2013 [7 favorites]

I think that maybe, just maybe, they're smart enough to filter out the ones appearing after ?lulz= in the request string.

Not likely. What if the terrorists figured that out?
posted by ChurchHatesTucker at 2:19 PM on October 3, 2013 [1 favorite]

Can you name an American who has had their privacy violated by the NSA without cause this year, pracowity?

Dammit markkraft, are you some kind of performance artist pretending to be a NSA supporter?! Of COURSE he wouldn't be able to, because that's CLASSIFIED. When one side is purposely withholding evidence from the discussion, you have to assume the worst. If that's not a law of argument it should be. In any case absence of evidence is not evidence of absence.
posted by JHarris at 2:22 PM on October 3, 2013 [7 favorites]

Can you name an American who has had their privacy violated by the NSA without cause this year

Probably anyone who uses the internet...so um, mathowie, jessamyn, cortex, you, me, everyone...or have you not been watching the news over the last several months? Oh wait I see you're gonna play this stupid game where you don't believe something unless the government tells you its true...ok go ahead, but you look like a fool.
posted by AElfwine Evenstar at 2:22 PM on October 3, 2013 [8 favorites]

Yeah, the NSA doesn't rely on simple keyword searches.
posted by beerbajay at 2:27 PM on October 3, 2013

Yeah, the NSA doesn't rely on simple keyword searches.

They just store everything to your Permanent Record. What other people do with it in an hour, day, year, or decade ain't their responsibility of course.
posted by mikelieman at 2:39 PM on October 3, 2013

Can you name an American who has had their privacy violated by the NSA without cause this year, pracowity?

How many people can you think of? How many named Americans can you think of?
posted by J0 at 2:48 PM on October 3, 2013

"I know "this has been fixed" but earlier..."

...describes all the NSA privacy abuses we are aware of.

That's one of my fundamental issues when it comes to the whole NSA debacle.

Most people don't realize just how goddamn flawed their programs were during the Bush administration. A lot of that seems to have carried on to around 2010, when the hammer started coming down, due to a combination of greater congressional and presidential oversight, combined with FISA court rulings strictly forbidding certain things.

The NSA's policies were changed after the 9/11 commission report made it clear that they could've tracked down some of the terrorists, if only they could track communications between overseas operatives, terrorists in the US, and their communications to other foreign nationals in the US. It was purpose-driven... but still very hard to design correctly, certainly in one go, with a changing internet environment.

That said, I am more concerned about people at my local phone company or bank violating my privacy than I am about the NSA, largely because the safeguards there are actually far weaker, the info gathered, more private, and that the info is potentially available to all sorts of people, from employers to con artists.
posted by markkraft at 2:55 PM on October 3, 2013

It's a trick question. There are no Americans without cause to have their privacy violated by the NSA.
posted by It's Raining Florence Henderson at 2:55 PM on October 3, 2013 [6 favorites]

Oh wait I see you're gonna play this stupid game where you don't believe something unless the government tells you its true...ok go ahead, but you look like a fool.

That's a glib remark. We can't reflexively just dismiss everything the government announces either like some crackpot conspiracy theorist. In reality, the government is large entity stretching into a lot of the stuff we do. We believe what the USGS reports for earthquakes and we believe NASA when they talk about Curiosity or Voyager. The fact is, each citizen is going to have individual criteria for assessing the truth and falsehood of each piece of datum and statement coming from the government, so you're going to end up with citizens that fall on a long spectrum that will choose to believe and dismiss different things coming from the same "government". And, y'know what, that's OKAY, because that's the way it's supposed to work. So, let's stop calling people fools and implying their government lapdogs JUST because they choose to disagree with you on one thing the government does.
posted by FJT at 3:01 PM on October 3, 2013 [1 favorite]

Seems like someone has been watching old episodes of The Prisoner. Namely, the episode called It's Your Funeral, where people who call themselves 'jammers' make up various fictional threats in order to have those in charge of the village waste their time in pursuing false information as a form of resistance. Not that it makes any difference in the long run, just like this 'occupy' thing will not succeed.

Be seeing you...
posted by chambers at 3:03 PM on October 3, 2013 [1 favorite]

Wasn't there an anonymous mixmaster remailer in the early 90s that appended a random MAD BOMBER WHAT BOMBS AT MIDNIGHT .sig to your email?
posted by benzenedream at 3:38 PM on October 3, 2013

For anyone who has read Anathem by Neal Stephenson, what we need is some highly sophisticated crap.
posted by fremen at 3:39 PM on October 3, 2013 [2 favorites]

So, let's stop calling people fools and implying their government lapdogs JUST because they choose to disagree with you on one thing the government does.

Anyone who implies that what the NSA has been doing is ok, and/or downplays the very democracy breaking implications is a fool. I don't care what their angle is. Not only that but contradicting several independent reports that the NSA has been spying on EVERYBODY. So when we have folks asking if we can name an American who has had their privacy violated they are either severely misinformed or trying to play rhetorical games. They are not engaging in good faith so people can draw their own conclusions as to what is going on here.
posted by AElfwine Evenstar at 3:57 PM on October 3, 2013 [3 favorites]

We can't reflexively just dismiss everything the government announces either like some crackpot conspiracy theorist.

I don't know what you are on about. I never argued such a thing.
posted by AElfwine Evenstar at 4:00 PM on October 3, 2013

markkraft:
1. The article you link to describes information harvested and sold in the UK, so there's issues of relevance. (If you're not in the US, but think the NSA cares more about information taken from other countries, well, they don't. Except maybe in the sense of looking at it even harder.)

2. "Protections?" Oh sure, there's all kinds of "protections." Most of them are meaningless for the NSA, because there is no effective oversight. People point to FISA as a court that oversees it all, but is mostly kool-aid drinkers. Seriously. Check the Wikipedia page on FISA. All its members are appointed by one person, the Chief Justice of the Supreme Court, and thus are all Republicans, and with no oversight and most of their deliberations and rulings secret they have no pressure to moderate their decisions.

Oh wait, by "protection" you mean keeping it secret. Except it's not being kept secret from the NSA and other official surveillance. Which is what we would like.

And most of us I'd say are aware of how bad things were under Bush, and that Obama kept that stuff going, and we are not fond of it at all. At least, judging how many people I've heard in these halls complaining about Obama further expanding executive privilege.
posted by JHarris at 4:08 PM on October 3, 2013 [1 favorite]

Using real crypto in your day-to-day communications with friends and loved ones is a much more meaningful way to protest.

GPG4Win (Win32) or GnuPG (Mac/Linux) / Enigmail for email

TorChat for instant messaging

Tor Browser for general browsing

RedPhone to encrypt your phone calls end-to-end

ORBot for your smartphone's Net connection.
posted by anemone of the state at 5:08 PM on October 3, 2013 [8 favorites]

A lot of that seems to have carried on to around 2010, when the hammer started coming down, due to a combination of greater congressional and presidential oversight, combined with FISA court rulings strictly forbidding certain things.

cite?
posted by AElfwine Evenstar at 5:34 PM on October 3, 2013 [1 favorite]

Can you name an American who has had their privacy violated by the NSA without cause this year

Do South Americans count? I can name one Dilma Rousseff who was reportedly "furious over the reported snooping into her personal communications"
posted by Tom-B at 6:35 PM on October 3, 2013 [1 favorite]

Tor Browser for general browsing

Hasn't it been established that the NSA is specifically targeting Tor users?
posted by Token Meme at 7:15 PM on October 3, 2013

Related, an app from a friend of mine: scaremail, an extension to generate "scary" content in the browser.
posted by idiopath at 7:18 PM on October 3, 2013

Hasn't it been established that the NSA is specifically targeting Tor users?

The NSA owned Freedom Hosting via a court order and used their servers to push malicious Javascript to any users connecting to hidden services served from Freedom Hosting- not all Tor users.

The NSA also took down the Silk Road, because the guy running it had terrible opsec.

The NSA also very likely runs its own exit nodes and snoops on what passes through. But you are still better off going through TOR than going straight through the Internet backbone unprotected, where they sniff absolutely everything.
posted by anemone of the state at 9:15 PM on October 3, 2013 [3 favorites]

Using real crypto in your day-to-day communications with friends and loved ones is a much more meaningful way to protest.

Except that your friends and loved ones need to be able to decrypt your mail.

Is there an add-on that would add easy (transparent?) encryption to gmail? So you just check a box to encrypt a message before you send a message in gmail and you just read (automatically decrypt) incoming mail as usual? Something like that?

Because otherwise it's going to be pretty hard to get friends and loved ones to buy in to this plan.
posted by pracowity at 2:09 AM on October 4, 2013 [1 favorite]

Hasn't it been established that the NSA is specifically targeting Tor users?

NSA Trying Hard to Compromise TOR, But It's Still Mostly Safe
posted by ChurchHatesTucker at 11:14 AM on October 4, 2013 [2 favorites]

If you have a flashing onion on your toolbar, you need to update your Tor bundle immediately.
posted by anemone of the state at 11:24 AM on October 4, 2013

NSA Trying Hard to Compromise TOR, But It's Still Mostly Safe

The slides in that link are fun — "TOR Stinks!"
posted by Blazecock Pileon at 11:48 AM on October 4, 2013 [1 favorite]

Egotistical Giraffe is my new band name
posted by ChurchHatesTucker at 11:50 AM on October 4, 2013 [1 favorite]

I'd agree that encrypting you're mundane concersations ranks amongst the best protests. So what if Tor, OtR, and GnuPG attract their attention? If you're uninteresting rhen you're wasting their resources and confusing them, a very good thing. After all, they might dedicate more resources to spying on protest organizers if you don't distract them.
posted by jeffburdges at 2:17 PM on October 4, 2013 [1 favorite]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'd agree that encrypting you're mundane concersations ranks amongst the best protests

Yeah, but it's a real pain in the ass.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQEcBAEBAgAGBQJSTzTMAAoJEFSoGY3y6gQxLfsH/i8PxiU1PW+LAnvUVrRRowJN
69+F1zGPxKVtQgFTxKggF7+LRUelXhXE0h044CrFSQ9WoXhh7Kmyb2PXezSijveI
Cc+jQKBj6SI35uMg+vSTu2UXNZBt2lxdKXcpvsFXvbn2fug4ra73eOhRncztPO4J
/xDfrl3Zs37LH1PCN34oAsO/mjdypXb++iQxDgDmyFml2kmeN3nkxmsiIhn3/A6Z
yh2NCBeF/oWxG0j1B+U0Y/qDGek7tlA1ohZ5Pj00aL/iEfDxMcaPdP0K9zn+k4/G
MR8co4/vaba2Z33LPvvctE+UXIHXut6DHUOTyirU4YEFVDiLp2WeQfolwtOTXsY=
=VQ6Q
-----END PGP SIGNATURE-----
posted by mikelieman at 2:36 PM on October 4, 2013 [4 favorites]

And that's putting aside the whole "SHA1 is a piece of crap" issue...
posted by mikelieman at 2:37 PM on October 4, 2013

Actually Off-the-Record Messaging works pretty painlessly, just switch to an IM client that natively supports it.

Issues : Not enough clients support OTR auto-detection, aka opportunistic encryption. Ain't too easy sharing your key between clients, and most clients lack support for multiple keys, so you usually hamstring yourself to one secure device.

Tor is slow both to launch and use but its completely painless. It's too bad nobody employs the key servers for opportunistic encryption with GnuPG though.
posted by jeffburdges at 1:19 AM on October 5, 2013

"When one side is purposely withholding evidence from the discussion, you have to assume the worst."

Really? So, the government lays out a lot of details on what they have regarding domestic surveillance and why... and we have clear evidence of FISA courts shutting down info gathering of more than metadata on US citizens, but obviously the NSA does, in fact, "withhold evidence", in order to effectively gather intelligence, especially for overseas intel gathering, which is their main focus.

You may argue that they shouldn't, but the fact is, the US has been spying on the world's diplomats and the like for about 100 years, and has had some important successes as a result of doing so, that have saved tens of thousands of American lives. And, indeed, other nations spy and gather intel on other nations too, presumably to their general benefit as well.

There's a very real argument to be made that all this espionage -- of which the NSA is a small part of, compared to the CIA -- actually reduces global conflict levels, because it helps nations to counter the kind of paranoia that comes with not knowing what someone you perceive as an enemy is up to. Arguably, the intense level of espionage during the Cold War helped both the US and the Russian governments counter some pretty irrational fears. Over the past decade or so, intense espionage of Iran led to a series of CIA National Intelligence Estimates which said that they believed Iran had no nuclear weapons program. GWB was repeatedly pushed on his claims of an Iranian "nuclear weapons program" being in opposition to the NIE, which is presumably why he started backing off of those claims in early 2008 or so.

Presumably, Stuxnet -- despite its questionable nature -- also helped to verify that Iran was less of a threat than feared. In a very real sense, it enforced through code, what couldn't be enforced through negotiations with the IAEA -- restricting uranium enrichment. It also reportedly "phoned home", which would've helped the US determine the extent and location of Iranian activities.

This now allows the POTUS to say this:
"If (the Iranian President) . . . is able to present a credible plan that says Iran is pursuing peaceful nuclear energy but we're not pursuing nuclear weapons, and we are willing to be part of a internationally verified structure so that all other countries in the world know they are not pursuing nuclear weapons, then, in fact, they can improve relations, improve their economy. And we should test that."

Basically, the POTUS seems willing to reestablish ties with Iran, with apparently few provisos, other than some general inspections and fear allaying. He doesn't even seem to be insisting upon Iran giving up all refining of uranium, which is what the previous sticking point was.

In that sense, intelligence gathering, though intrusive for some people, serves a public good.

So, how does that play out in cases where someone is being watched in the US? The government gave us a pretty good example lately, in the case of four Somali immigrants in San Diego, who were recently convicted of helping fund a Somali-based cell of Al Qaeda.


One of them was investigated by the FBI back in 2003, based on "a tip"... possibly an overseas NSA intercept. The FBI weren't able to show a link to terrorism at the time, until the NSA's PRISM program allowed them to link an overseas call with a suspected terrorist associate to one of the immigrants in question. The NSA then passed this info to the FBI, who subpoenad the number, only to find out it belonged to the guy they were tipped off about previously. The FBI then obtained a wiretap order, which led to proof of the transfer of several thousand dollars to the terrorist org.

This, to me, seems like a pretty good example of what the NSA does, in practical terms, within the United States. They have tools at their disposal that, although focused on US communications, are geared towards the capability, as described in a%20lot%20of%20details">the Black Hat presentation, of solving the problem they identified in the 9/11 report... how do you identify those in the US who have links to terrorists overseas?

Yes, the NSA is purposely withholding classified intelligence from you. That said, we *do* know based on Snowden's leaks that PRISM accounts for over 90% of US traffic that the NSA datamines, and is considered their flagship program. The rest must be comparatively small potatoes, especially since we already know a few of these programs.

"You have to assume the worst" is a *really* problematic argument. It's how we invaded Iraq. It's how conspiracy theories get started. I'm not saying we have to assume the best, either. But shouldn't we at least deal with what we know, and what we can show to be true?

To me, that means an NSA that appears to be gradually improving its main domestic program, but that still has quite a way to go as far as optimally designing it so that the potential for misuse is basically not there.

"All its members are appointed by one person, the Chief Justice of the Supreme Court, and thus are all Republicans"

You mean Justice Roberts, the guy who Republicans curse for supporting Obamacare, right?! Here's one of his FISA court appointments... the guy who sent Scooter Libby to prison for thirty months, and denied him bail. He's currently the presiding judge for the FISA court. Another such judge was also the guy who forced GWB's chief of staff Josh Bolten and former legal counsel Harriet Miers to testify before congress about the firing of nine U.S. attorneys by the Bush Administration.

Admittedly, they are both Republicans, and that kind of situation can be problematic. What we haven't seen, though, is any real sign that it has been so.
posted by markkraft at 12:39 PM on October 8, 2013 [1 favorite]

"You have to assume the worst" is a *really* problematic argument. It's how we invaded Iraq.

A better way of looking at it: The burden lies on the powerful to justify why they should be allowed to keep power. When the powerful refuse to offer justification, you have to assume the worst.

Iraq is a terrible analogy.
posted by anemone of the state at 1:58 PM on October 8, 2013 [2 favorites]

Exactly.
posted by JHarris at 2:53 PM on October 8, 2013

Further, Saddam Hussein was an adversary, not a member of our own damn government! Ludicrous.

The NSA is a group that supposedly is on our side. For them to withhold information from us is unforgivable -- it might be forgivable if it was for a good reason, but everything we've learned, time after time, points to them not being good reasons.

It's how conspiracy theories get started. I'm not saying we have to assume the best, either. But shouldn't we at least deal with what we know, and what we can show to be true?

1. Things like the NSA justify conspiracy theories. That's one of the reasons they cannot be allowed to stand! If you think people touting that the CIA assassinated Kennedy are annoying now, you aren't going to like being around in 20 years, when the conspiracy theories around this have taken hold and spread their roots in the American psyche. And who the hell is to say if they're right or not?!

2. You are pointing to lack of evidence as a point in their favor:

Can you name an American who has had their privacy violated by the NSA without cause this year, pracowity?

That is perverse argument, for the reason I gave.
posted by JHarris at 3:05 PM on October 8, 2013

If Iraq isn't a comparison you like of what can happen when you assume the worst, then at least the cancellation of the Cipher Bureau should suffice. It directly led to leaks from the predecessor to the NSA, which led to both the Germans and Japanese greatly strengthening their codes. It also led to the US being unprepared at Pearl Harbor, and against the German U-boats, which killed many US merchant marines.

"The burden lies on the powerful to justify why they should be allowed to keep power. When the powerful refuse to offer justification, you have to assume the worst."

The NSA did put out a list of 54 terrorist threats that they have played a part in breaking up, though only thirteen of those are domestic-related.

Presumably, not all of those were ones where PRISM was absolutely essential, but what it does do is help to provide the depth of knowledge needed to not just identify a threat, but also to try to determine the scope and nature of the threat itself. Likewise, it also helps to rule out suspected threats as having terrorist connections.

Like it or not, these are justifications. They may not be ones that justify the risks, but those risks can be technically ameliorated, as Larry Lessig suggests. Given that, do you really have to assume the worst? Or are known facts good enough?
posted by markkraft at 6:03 PM on October 8, 2013

Initially the NSA lied about the 54 involving domestic surveillance. Next they lied about their information playing an important role in the 12 out of those 13 domestic cases. And apparently their role remains dubious in the Zazi case too. Apparently the Section 215 of the PATRIOT Act that Amash wanted removed has never helped any actual investigation. Afaik, we've minimal evidence that they actually do anything useful abroad either.
See : How Many Lies Can A Politician Stuff Into A Single Sentence About NSA Surveillance?

Also : Former NSA Director Jokes About Putting Snowden On A 'Kill List,' Says He 'Hopes' NSA Is Involved In Targeted Killings
posted by jeffburdges at 7:07 PM on October 8, 2013 [2 favorites]

Iraq was caused by Americans and Brits not assuming their own leaders were corrupt, stupid, etc. We were never "assuming the worst" by assuming that Cheney sought to enrich Halliburton through the Iraq war, that's just common sense.

We should assume NSA analysts carry out industrial espionage against both foreign and domestic companies on behalf of both foreign and domestic companies, both officially as well as illegally under the table.

We should assume NSA analysts knowingly allow foreign governments to carry out industrial espionage against American companies using exploits the NSA wishes to remain unpatched.

We should assume NSA analysts spy upon progressive movements both foreign and domestic and help derail them, ala the FBIs obstruction of the Keystone XL protests.

We should assume NSA contractors sell unclassified versions of software developed for the NSA to dictatorships that suppress speech through torture.

We should assume NSA analysts undermine the American electoral process by feeding information to favored candidates.

We should assume NSA leadership either ordered or tolerated all the above abuses, well punishing anyone might tarnish the agency's image.

We should assume they've produced virtually no valuable intelligence through their dragnet approach because otherwise they'd probably give us more than a few Islamists donating a few thousand dollars or 54 irrelevant plots.

All the above represent assuming human nature plays out like in other cowboy organizations from local law enforcement to the military to the catholic church.
posted by jeffburdges at 7:43 PM on October 8, 2013 [4 favorites]

We should assume that tinfoil makes a good hat.
posted by nightwood at 8:04 PM on October 8, 2013

. That said, we *do* know based on Snowden's leaks that PRISM accounts for over 90% of US traffic that the NSA datamines

PRISM is just a disposable name, and they've already started a bunch of other projects. We whine about PRISM and business continues as usual.
posted by mikelieman at 1:52 AM on October 9, 2013 [1 favorite]

The DHS Has Been Using A Fake Mexican Constitution Article To Deport US Citizens For 35 Years

Our friends at TechDirt have uncovered another very scary thing about our Big Brother Government: The public thinks that the DHS was created in response to the attacks of 9/11, but it really existed secretly for at least 25 years before that. I wonder why DHS decided to come out in the open then, was it because of 9/11 or was 9/11 staged so they could come out in the open?
posted by nightwood at 10:01 AM on October 9, 2013 [3 favorites]

NSA collects millions of e-mail address books globally, but still can't get them to sync between their macbook and iphone.
posted by nightwood at 5:30 PM on October 16, 2013 [2 favorites]