Collarspace Discussion Forums


Home  Login  Search 

Technopolitical question


View related threads: (in this forum | in all forums)

Logged in as: Guest
 
All Forums >> [Casual Banter] >> Off the Grid >> Technopolitical question Page: [1]
Login
Message << Older Topic   Newer Topic >>
Technopolitical question - 9/6/2013 9:13:34 AM   
FelineRanger


Posts: 658
Joined: 9/4/2012
Status: offline 		There have been rumors and accusations for years that governments have built back doors into major software packages. But seeing it confirmed in this article really worries me. I served the U.S. Air Force and I, like the vast majority of 300 million Americans, and not the enemy. So what can the average person do to protect their privacy?

_____________________________

Bill
Profile   Post #: 1
RE: Technopolitical question - 9/6/2013 10:56:40 AM   
JeffBC


Posts: 5799
Joined: 2/12/2012
From: Canada
Status: offline
quote:

ORIGINAL: FelineRanger
There have been rumors and accusations for years that governments have built back doors into major software packages. But seeing it confirmed in this article really worries me. I served the U.S. Air Force and I, like the vast majority of 300 million Americans, and not the enemy. So what can the average person do to protect their privacy?

Heh... the simple answer? Write your congressman or vote green.

I could give you a longer answer and yes, I use secured communication channels (secured against even and particularly the NSA). But do you honestly think that's going to stop them if they want to know something about me? There's always stuff like disappearances and sodium pentathol. There's always good ol' boots on the ground detective work.

So at the technology level it IS possible to do it. It's just mostly a pain in the ass and you need to know what you're doing to configure it correctly. For text chat, you can look up pidgeon and OTR. For encryption of documents and email, look into GnuPG. The trick is to get stuff that is not commercially written and the source code is available for inspection by cryptoexperts... none of which is really helpful to "the average user" and wouldn't stop the NSA in any event if they were serious.

You might also consider getting off of windows and onto an opensource OS.

By the way, none of this has ever been "rumors" for those into data security. It's only rumors and news for the rest of the world.

_____________________________

I'm a lover of "what is", not because I'm a spiritual person, but because it hurts when I argue with reality. -- Bryon Katie
"You're humbly arrogant" -- sunshinemiss
officially a member of the K Crowd

(in reply to FelineRanger)
Profile   Post #: 2
RE: Technopolitical question - 9/6/2013 11:22:41 AM   
freedomdwarf1


Posts: 6845
Joined: 10/23/2012
Status: offline
quote:

ORIGINAL: JeffBC
quote:

ORIGINAL: FelineRanger
There have been rumors and accusations for years that governments have built back doors into major software packages. But seeing it confirmed in this article really worries me. I served the U.S. Air Force and I, like the vast majority of 300 million Americans, and not the enemy. So what can the average person do to protect their privacy?

...
By the way, none of this has ever been "rumors" for those into data security. It's only rumors and news for the rest of the world.

I have been a programmer or been involved somewhere in that field for many many years - even for the military and the banking industry.
You might like to know that every single piece of software I have ever written or seen has always had a 'back door'.
Why??
Because in the event that the software was ever compromised by an undesirable, there is always a way in to wrestle it back and recover/restore normal operations.

You might feel comfortable in knowing that every single credit/debit card transaction and financial
movement can be very easily monitored in plain text without having to unscramble or decrypt anything - if you know the back door.
The same can be said for every piece of guidance software that navigates anything (ships, boats, planes, rockets, missiles etc) and can be changed ad-hoc in mid-flight if need be - if you know the back door.
All these super-safe need-many-keys-in-different-places-simultaneously type safeguards for nuclear stuff - not needed at all if you know the back door.

Admittedly, these 'back doors' are only known to a very few individuals so one assumes that they are relatively "safe".
But don't kid yourself.

(in reply to JeffBC)
Profile   Post #: 3
RE: Technopolitical question - 9/6/2013 11:27:23 AM   
DomKen


Posts: 19457
Joined: 7/4/2004
From: Chicago, IL
Status: offline
quote:

ORIGINAL: FelineRanger

There have been rumors and accusations for years that governments have built back doors into major software packages. But seeing it confirmed in this article really worries me. I served the U.S. Air Force and I, like the vast majority of 300 million Americans, and not the enemy. So what can the average person do to protect their privacy?

It depends on what you're protecting.

Unless you have the funds to have a private banker in the Caymans there is little you can do to secure your financial info from the government.

For communications you could encrypt all your email with an older version of PGP, something released between 2002 and 2010. Create your private key on a new computer not connected to the net and which you format the hard drive clean afterwards and keep the key on a flash drive kept on your person at all times. If you were careful to never decrypt an email on a machine that had ever been connected to the net you'd be reasonably secure.

Or you could stop using the internet or pretty much any modern telecommunications systems.

(in reply to FelineRanger)
Profile   Post #: 4
RE: Technopolitical question - 9/6/2013 11:29:44 AM   
DomKen


Posts: 19457
Joined: 7/4/2004
From: Chicago, IL
Status: offline
quote:

ORIGINAL: freedomdwarf1
I have been a programmer or been involved somewhere in that field for many many years - even for the military and the banking industry.
You might like to know that every single piece of software I have ever written or seen has always had a 'back door'.
Why??
Because in the event that the software was ever compromised by an undesirable, there is always a way in to wrestle it back and recover/restore normal operations.

My company always inserted back doors so as to be able to shut down the software in case we were not paid in a timely fashion which still happened a lot even when we were dealing with financial industry types.

(in reply to freedomdwarf1)
Profile   Post #: 5
RE: Technopolitical question - 9/6/2013 11:52:06 AM   
JeffBC


Posts: 5799
Joined: 2/12/2012
From: Canada
Status: offline
quote:

ORIGINAL: freedomdwarf1
I have been a programmer or been involved somewhere in that field for many many years - even for the military and the banking industry.
You might like to know that every single piece of software I have ever written or seen has always had a 'back door'.
Why??
Because in the event that the software was ever compromised by an undesirable, there is always a way in to wrestle it back and recover/restore normal operations.

Fair enough. But I can tell you that I've participated in projects (as the project manager) that were building custom hardware from the ground up. I can guarantee you there was no "back door" in it because we controlled it from the silicon on up.

I invite you to find the "back door" in GnuPG. Can you please highlight the lines of code you are referring to because I think a lot of cryptographers are going to be really surprised by that but I'm certainly open to the idea that such a thing exists and has somehow been missed by the scads of cryptogeeks who HAVE looked at the software.

Now... for the sake of completeness. Hardware is not secure either. If you have a force microscope, and a handful of other tools along with the appropriate trained staff (think big chip fabs and I'm sure the NSA) then you can dissect the hardware and read the damned bits out of it by directly measuring voltage. At some point, the ultimate truth of all security is, "Nothing is perfect, it just has to be better than the other alternatives".

Where this stuff goes astray is in commercially available software or certificate based technology. No certificate is ever secure or ever can be. No commercial software is or can be secure. In other words, the stuff commonly available and easy to use is riddled with holes.


_____________________________

I'm a lover of "what is", not because I'm a spiritual person, but because it hurts when I argue with reality. -- Bryon Katie
"You're humbly arrogant" -- sunshinemiss
officially a member of the K Crowd

(in reply to freedomdwarf1)
Profile   Post #: 6
Page:   [1]
All Forums >> [Casual Banter] >> Off the Grid >> Technopolitical question Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts




Collarchat.com © 2025
Terms of Service Privacy Policy Spam Policy

0.061