Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

NSA Email Surveillance Pervasive and Ongoing

Soulskill posted more than 5 years ago | from the i'll-happily-inflict-my-inbox-upon-them dept.

Government 243

dkleinsc writes "The NY Times has a piece about work being done by Congressman Rush Holt (D-NJ) and others to curb NSA efforts to read email and Internet traffic. Here's an excerpt: 'Since April, when it was disclosed that the intercepts of some private communications of Americans went beyond legal limits in late 2008 and early 2009, several Congressional committees have been investigating. Those inquiries have led to concerns in Congress about the agency's ability to collect and read domestic e-mail messages of Americans on a widespread basis, officials said. Supporting that conclusion is the account of a former NSA analyst who, in a series of interviews, described being trained in 2005 for a program in which the agency routinely examined large volumes of Americans' e-mail messages without court warrants. Two intelligence officials confirmed that the program was still in operation.'"

cancel ×

243 comments

Sorry! There are no comments related to the filter you selected.

NSA line eater (5, Insightful)

davidwr (791652) | more than 5 years ago | (#28361173)

Time to bring back the NSA line eater?

--
bomb assassinate washington north korea iraq spy poison

afraid to reply because... (4, Funny)

Minion of Eris (1574569) | more than 5 years ago | (#28361217)

the NSA might read my comments.

What about spam? (2, Funny)

houstonbofh (602064) | more than 5 years ago | (#28361263)

Just start your e-mails with "I found your address on that site..." and the NSA spam filters will drop it.

Seriously... I can't even read ALL my mail. And if I tried, I would probably be infected with 10 Trojans.

Re:What about spam? (4, Insightful)

Locklin (1074657) | more than 5 years ago | (#28361369)

That's precisely the problem. Low signal-to-noise ratio implies a high false-positive rate. They are not likely to find any terrorists, but are probably invasively "profiling" plenty of innocent civilians.

Re:What about spam? (5, Interesting)

sshir (623215) | more than 5 years ago | (#28361869)

And not just "profiling".

What happens is that they (NSA) DoS-ing investigative resources. FBI and such have only so many men in the field to check the facts. As a result, the ability (probability) to identify true threats goes way down.

The same goes for other after 9/11 security "improvements" like, for example, indiscriminate "deep background investigation" of immigrants - the queue became so long, that it takes years now (not shitting) to get men from "interesting" countries checked! And I'm not talking about nutcases holed up somewhere in Pakistan mountains - I'm talking about people who already walk the streets of the US!

Too bad we don't know how to imitate free market's ability to optimally allocate resources in rigid government setups...

Re:afraid to reply because... (0)

Anonymous Coward | more than 5 years ago | (#28362087)

I realize you're probably joking, but imagine if you were an Arab-American or Muslim. You really would have to be careful about what you write, or you might find that you're banned from flying.

Oh, quit whining (5, Insightful)

rbrander (73222) | more than 5 years ago | (#28361225)

You got the government you deserve, just like your founders promised. The Executive won't stop this, you know that now - the most "transformational" figure you could have possibly elected got in, and he's down with all of the new executive powers. The Congress won't stop this, because you NEGLECTED TO FIRE MOST OF THEM for ignoring such things for years.

Start firing congressmen and senators in significant numbers, and things will change. Otherwise, quit the damn whining.

Re:Oh, quit whining (3, Insightful)

oneirophrenos (1500619) | more than 5 years ago | (#28361315)

Why don't share your insight with us - how is an average citizen to "start firing congressmen and senators"? The ability of a common person to influence governmental matters is, as it always has been, very limited.

Re:Oh, quit whining (3, Insightful)

Shooter28 (1564631) | more than 5 years ago | (#28361361)

Stop voting for them.

Re:Oh, quit whining (5, Insightful)

kenp2002 (545495) | more than 5 years ago | (#28361501)

Stop voting for them.

That is no more effective then trying to stop drug crime by say "Stop Buying Drugs" or stopping poor education by saying "Stop Failing Tests".

Even if 1/2 the people stopped voting for democrats or republicans those same democrats and republicans would still win, by a larger magin in fact due to fragmentation between Libitarians, Consitutional, Socialist, Communists, Green, and Independent canidates.

The way to stop it is to PARTICIPATE in the political system rather then just voting or not voting which is the last, and minor step in a long political process.

Voting is just crossing the finish line in the marathon of politics. You wouldn't say that someone who drove to the finish line, got out, and crossed the finish line "participated" in the marathon, no more then someone voting participates in an election.

Get into a party, be active in it, and:

"Be the change you demand rather then hoping for change in others."

Re:Oh, quit whining (4, Insightful)

daem0n1x (748565) | more than 5 years ago | (#28361609)

Maybe if your political system was proportional instead of based in electoral circles, there wouldn't be the duopoly of two parties that alternate in power with no significant difference between them.

By giving no chance to the smaller parties you're automatically excluding any innovation that could shake the political system a bit.

Re:Oh, quit whining (2, Interesting)

houstonbofh (602064) | more than 5 years ago | (#28361653)

Maybe if your political system was proportional instead of based in electoral circles, there wouldn't be the duopoly of two parties that alternate in power with no significant difference between them.

That is only for one position in government. A powerful one, yes, but one that would be limited by a Libertarian congress, for example.

Re:Oh, quit whining (2, Informative)

kenp2002 (545495) | more than 5 years ago | (#28361851)

Bills originate in the House of Represenatives which doesn't involve an electoral college. The US President cannot do a whole lot in actually drafting laws, more so the power of veto is part of the checks and balances in that interplay.

Since the seats in the House are by district there is substantially more control over who is elected due to the local level. Money can't hide the fact your an asshole in politics at that ground level where as in the senate you can pretty much BS your way into office with enough money.

Re:Oh, quit whining (2, Interesting)

CarpetShark (865376) | more than 5 years ago | (#28361765)

The way to stop it is to PARTICIPATE in the political system

Hardly. The reason people put up with the current system is that they believe most people are in favour of it, and they, being reasonable people, have no right to go against the majority. When most people reject the system, giving voter turnout of around 20%, then any government elected by it will clearly be illegitimate, and therefore citizens will feel justified in sitting down to discuss a new system.

You can rarely replace a system by participating in the system you want to replace. It's like trying to upgrade windows to unix by running windows programs.

Re:Oh, quit whining (1)

kenp2002 (545495) | more than 5 years ago | (#28362085)

Never in a presidental election in my lifetime has turnout gone below 35% of the population and as far as 1960 goes has averaged around 44%. Over the whole history of the nation I would wager it has only averaged 50% at best.

year, voters, registerations, voter turnout, %
2008* 231,229,580 NA 132,618,580* 56.8%
2006 220,600,000 135,889,600 80,588,000 37.1%
2004 221,256,931 174,800,000 122,294,978 55.3
2002 215,473,000 150,990,598 79,830,119 37.0
2000 205,815,000 156,421,311 105,586,274 51.3
1998 200,929,000 141,850,558 73,117,022 36.4
1996 196,511,000 146,211,960 96,456,345 49.1
1994 193,650,000 130,292,822 75,105,860 38.8
1992 189,529,000 133,821,178 104,405,155 55.1
1990 185,812,000 121,105,630 67,859,189 36.5
1988 182,778,000 126,379,628 91,594,693 50.1
1986 178,566,000 118,399,984 64,991,128 36.4
1984 174,466,000 124,150,614 92,652,680 53.1
1982 169,938,000 110,671,225 67,615,576 39.8
1980 164,597,000 113,043,734 86,515,221 52.6
1978 158,373,000 103,291,265 58,917,938 37.2
1976 152,309,190 105,037,986 81,555,789 53.6
1974 146,336,000 96,199,0201 55,943,834 38.2
1972 140,776,000 97,328,541 77,718,554 55.2
1970 124,498,000 82,496,7472 58,014,338 46.6
1968 120,328,186 81,658,180 73,211,875 60.8
1966 116,132,000 76,288,2833 56,188,046 48.4
1964 114,090,000 73,715,818 70,644,592 61.9
1962 112,423,000 65,393,7514 53,141,227 47.3
1960 109,159,000 64,833,0965 68,838,204 63.1

A goverment is hardly illegitimate if people don't vote, that is their right not to vote. As long as someone gains a majority of either popular votes, or electoral votes (in the case of the Office of President) in contrast to the other canidates, they win.

What you could debate is what is a majority.

Canidate A: 40%
Canidate B: 30%
Canidate C: 20%
Canidate D: 10%

Who got the majority? A Got 40%, but that also means that 60% didn't vote for A. Legitimate Win?

Same scenario:

Canidate A: 43%
Canidate B: 20%
Canidate C: 17% ...

Is canidate A more legitimate then B now?

Defining a majority is a problem in politics and elections in general. LEGITIMACY is subjective at best.

You could say that only a canidate that gets 50+% of the popular vote wins but you might never have an effective election. This is problematic for single office elections like the Office of President.

While represenative elections for things like parlament may work for some countries, we just don't have that big of a problem at the House level here in the USA.

The senate can't function that way due to the 2 seats per state but the House could be reworked as you suggest but I doubt you would see a change, we already get a decent mix of conservatives, liberals, and moderates in the house based on the state.

I live in Minnesota a rather Left\Democrat leaning state and we still field Conservative\Republican and Moderate\Independents in the House.

Re:Oh, quit whining (3, Insightful)

Gizzmonic (412910) | more than 5 years ago | (#28362077)

Even if 1/2 the people stopped voting for democrats or republicans those same democrats and republicans would still win, by a larger magin in fact due to fragmentation between Libertarians, Consitutional, Socialist, Communists, Green, and Independent candidates.

Actually, what happens is that every time the 3rd parties start to gain traction, one of the major parties adopts some of their platform. This has happened throughout the history of the United States and it's a good thing. So those 3rd parties aren't as useless as you'd think.

Re:Oh, quit whining (5, Insightful)

L4t3r4lu5 (1216702) | more than 5 years ago | (#28361377)

You make a lot of people aware of the issues with that particular congressman, then they all contact their government representative regarding the issues with that congressman, and they in turn bring up the issues in congress. One congressman says "Hey, I heard that Billy Blogs has been doing some nasty stuff with this interception malarky! I don't know exactly what it is, but it sounds like he's been listening in on domestic American citizens' communications!" Another congressman says "Awww hell yeah, I hurd that too!" and pretty soon the guy is out on his ass.

Unless he has Haliburton as a sponsor.

Re:Oh, quit whining (4, Informative)

mpapet (761907) | more than 5 years ago | (#28361473)

The ability of a common person to influence governmental matters is, as it always has been, very limited.

This is a false statement that people who aren't actually interested in doing the work required to make changes in the organization of their Republic.

American history is full of examples of real changes made by determined groups.

Temperance. (Americans still have a bunch of crazy laws thanks to these folks.)
Suffrage. (A constitutional amendment too! )
Civil rights.
Abortion rights (This battle is still on. The ones that fought for them, and the ones dedicated to taking them away)

So, get off your ass and get to work. Oh wait, I forget where I'm posting this.

Re:Oh, quit whining (1)

StopKoolaidPoliticsT (1010439) | more than 5 years ago | (#28362079)

Temperance. (Americans still have a bunch of crazy laws thanks to these folks.)
Suffrage. (A constitutional amendment too! )
Civil rights.


These were fought for by the people and written into law by legislation... as was the repeal of temperance. In fact, all 3 involved Constitutional Amendments (13, 14, 15, 18, 19, 21, 24, and 26)

Abortion rights (This battle is still on. The ones that fought for them, and the ones dedicated to taking them away)

This one wasn't decided by the people, but by a court of unelected, lifetime tenured justices, which is why it continues to be fought... it's also why it is the number one litmus test that both parties want to know about a new SCOTUS justice before they're approved by the Senate. Because law was created by judicial fiat rather than legislation, it existence is tenuous at best and only continues to exist because the SCOTUS hasn't reversed itself.

It'll remain like this pretty much forever (unless it gets reversed by a future court, which will move the question back to where it belongs: the legislatures/Congress)... both sides like using it as a wedge issue, which is why there are two "pro" movements involving it.

Re:Oh, quit whining (0)

Anonymous Coward | more than 5 years ago | (#28361701)

Why don't share your insight with us - how is an average citizen to "start firing congressmen and senators"?

Howabout ... ""The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants."

America is spiraling into the a really bad form of police state, and the institutional paranoia is gradually stripping away rights and basic freedoms.

Discuss.

Re:Oh, quit whining (1)

MobyDisk (75490) | more than 5 years ago | (#28361771)

Run for office, on a platform of stopping big brother. You don't need to win, you just need to be noticed. The problem is that it is one thing for a concerned citizen to write their congressman and vote; but it takes someone who is really one in a million to run for office -- and it usually falls to the ambitious ones, not the righteous ones.

Re:Oh, quit whining (1)

jrjarrett (949308) | more than 5 years ago | (#28362033)

The problem is that it is one thing for a concerned citizen to write their congressman and vote; but it takes someone who is really one in a million to run for office -- and it usually falls to the rich ones, not the righteous ones.

There. Fixed it for you.

But on a more serious note, it takes a large sum of cash to run for office these days. To garner enough to run for office, one either needs to be independently wealthy, or spend all of one's time raising donations rather than campaigning.

Re:Oh, quit whining (0)

Anonymous Coward | more than 5 years ago | (#28361787)

...how is an average citizen to "start firing congressmen and senators"?

First you need a bunch of blindfolds and a really good wall to put them up against.

Stop engaging in anti-politics. (4, Insightful)

copponex (13876) | more than 5 years ago | (#28361913)

Any American who complains that they can't change things ought to be totally ashamed of themselves. Despite all of my criticisms of this country, I do keep in mind that it is one of the freest and most open societies that has ever existed. The biggest problem is overcoming propaganda that tells you that you can't do anything.

And no, voting for someone doesn't count. It's just the least you can do. A real democracy is when a bunch of people from a community get together, decide what they would like done, and then elect someone from their group to go do it.

To all the centers of power, this is known as the "crisis of democracy" - when people actually start running their own country. It's their nightmare scenario, and a goal we should all be dedicated to achieving.

Re:Oh, quit whining (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#28362019)

Maybe he meant the average citizen should start "firing on congressmen and senators". That makes a little more sense, and is in fact something that the common person could do -- anonymously, of course. ;-)

Re:Oh, quit whining (0, Flamebait)

citizenr (871508) | more than 5 years ago | (#28362139)

Why don't share your insight with us - how is an average citizen to "start firing congressmen and senators"?

between the eyes with .50

Re:Oh, quit whining (2, Informative)

sumdumass (711423) | more than 5 years ago | (#28361381)

This situation isn't anything new. The US government has had a program like this since the mid 90's and if you remember right, they abandoned their own software for doing so in favor of commercial software (produced by the hack club cult of the dead cow I think). It was project magic lantern or echelon or something of the sorts.

I'm not sure if this "recent" awareness of the program brings about anything new or any new applications but I believe that it was already settled in the courts where a judge said that because a computer and not a human was monitoring, it wasn't in conflict with the constitution.

Anyways, the people won't fire the people in congress. There are two reasons, one is in how the dems successfully played the role of the helpless idiots who didn't have enough power to do anything even though they had larger majorities then the republicans did in the last 8 years. The second is that they blamed everything on the republicans because they had a majority (even though they didn't in both houses buy one year of bush's term). So in short, you have the people who are basically too ignorant, lazy, or somehow otherwise preoccupied and couldn't check something as simple as the strength of either party in either house so they just believed what was said and voted for them anyways.

You also have the problem of not having anyone better to replace them with. A non of the above vote still allows them to be elected, if not just for the candidate and their family voting for them.

Re:Oh, quit whining (1)

japhering (564929) | more than 5 years ago | (#28361475)

I'm not sure if this "recent" awareness of the program brings about anything new or any new applications but I believe that it was already settled in the courts where a judge said that because a computer and not a human was monitoring, it wasn't in conflict with the constitution.

Sending email has long be held to be the equivalent of sending a post card through the mail. You have no expectation of privacy and the law recognizes this fact. Similarly, if you do NOT encrypt your email, you have no expectation of privacy. FULL STOP.

Now where things get interesting is when you do encrypt your email, will the courts hold this to be analogous to a letter in an envelope? Somehow, under the current regime, I suspect the rule will be if the NSA can crack it.. the NSA can look at it.

Re:Oh, quit whining (1)

houstonbofh (602064) | more than 5 years ago | (#28361705)

Passably depending on the type of encryption, it could be compared to holding it up to the light. But if you have strong encryption, that is reasonable suspicion, right? So just read your e-mail on offshore servers via ssh. That should not draw attention.

Re:Oh, quit whining (1)

japhering (564929) | more than 5 years ago | (#28361389)

Start firing congressmen and senators in significant numbers, and things will change. Otherwise, quit the damn whining.

Sorry, I can whine all I want.. I didn't vote for anyone in charge for just those reasons.

Re:Oh, quit whining (0, Flamebait)

TubeSteak (669689) | more than 5 years ago | (#28361447)

You got the government you deserve, just like your founders promised.

Uhhh.. Most of the illegal stuff was setup by Bush appointed neo-cons who were in government before Nixon got caught being a crook.
I mean, it's the same group of guys who've been trying to create pervasive monitoring their entire lives.
9/11 was an excuse for all the spying, not the cause of it.

The Executive won't stop this, you know that now - the most "transformational" figure you could have possibly elected got in, and he's down with all of the new executive powers.

Which is rather frustrating.
In the USA, National Security > systematic Constitutional violations

Not All Bad (0)

Anonymous Coward | more than 5 years ago | (#28361565)

We've actually done a pretty good job of firing the bad congressmen. There's still work to be done, but a lot of the corrupt folks who were elected in the years following 9/11 are out.

The President is apparently not completely "down with" executive powers, since he has voluntarily given up a lot of power already. That's quite an accomplishment; don't understate it. Some people would rather see him force enormous changes immediately, but isn't that the sort of thinking that got us into trouble in the first place? Maybe a calm, thoughtful process is for the best.

Re:Not All Bad (0)

Anonymous Coward | more than 5 years ago | (#28361837)

Except that he voted for FISA after saying he'd vote against it *cough*

Re:Oh, quit whining (4, Interesting)

bcrowell (177657) | more than 5 years ago | (#28361773)

Start firing congressmen and senators in significant numbers, and things will change. Otherwise, quit the damn whining.

I live in Orange County, California, which is famous as a bastion of Reagan-style conservatism. In the last general election, my congressman, Ed Royce, outdid his Democratic opponent in fundraising by more than 10 to 1, and won with 67% of the vote. Your prescription is not going to work here in my district. Vote the bum out? If you tell my neighbors that the NSA is reading people's email, they'll probably say that's great, because it's a good way to fight terrorism. My district isn't unusual, either. The reason incumbents in the US almost always get reelected is that we have a two-party system with geographically defined election districts, and party loyalty is highly correlated with geography.

It's a majoritarian fallacy to say that if the minority's rights are violated, the minority should just vote to have them not be violated anymore. The reason we have a constitution is to protect the rights of the minority, even when violating them is a very popular, majority position.

Re:Oh, quit whining (1)

Hurricane78 (562437) | more than 5 years ago | (#28361899)

Allright then! *hopes they have not seen the educational movie "how not to be seen"*

HAI
  I HAZ A GVRNMNT
  IM IN YR LOOP
    VISIBLE "FIRE!"! AUDBL "*BANG*""
    NERFZ GVRNMNT!!
    IZ GVRNMNT LIEK 0?
      YARLY
        KTHXBYE!
      NOWAI
        VISIBLE "MOAR!"
    KTHX
  KTHX
KTHXBYE

lolrus@icanhascheezburger.com ~ $ ./sjlol.py gvrnmnt.lol
FAIL: INFINITZ LOOPXORZ!

Re:Oh, quit whining (3, Insightful)

PeeAitchPee (712652) | more than 5 years ago | (#28361959)

the most "transformational" figure you could have possibly elected got in

That's the root of the problem -- people think that BHO is "transformational" because he's a great used car salesman and he happens to be black, but in reality, that's all he is -- a slick used car salesmen who's big on charismatic speeches but woefully short on concrete details, who's selling universal healthcare, an end to the war in Iraq, and all of the other things the Democrats have over-promised during the election and under-delivered -- while every day sinking our country deeper in tremendous debt of levels never before conceived. The Republicans have already proven that they're no better, BTW.

The glaringly obvious answer is to vote for third-party candidates. I don't even care who at this point -- practically any new blood would be welcome. Throw these sons-of-bitches the fuck out of DC and our state and local governments -- both Democrats and Republicans -- and lets see some candidates from other parties in power. Quite frankly, short of a brutal dictatorship, it's pretty hard to imagine fucking things up worse than DC is now doing, on both sides of the aisle.

Surprise! (1)

Anonymous Coward | more than 5 years ago | (#28361231)

Anyone else remember Carnivore? What makes you think that with the general consensus being "Warrants are for pussies" in the federal community that the NSA would act differently?

SMIME (3, Interesting)

iluvcapra (782887) | more than 5 years ago | (#28361241)

You don't have to wait for government action to keep the NSA from reading you personal email. Get your friends and family a Freemail x.509 cert from Thawte (no cost, a Verisign cert costs $30/yr) and use S/MIME.

Re:SMIME (4, Insightful)

oldspewey (1303305) | more than 5 years ago | (#28361297)

I will give you $100 if you can provide instructions on implementing this that can be understood by all my friends and family ... and that includes my elderly relatives and my "but this is how it come when I bought the computer" friends.

Re:SMIME (4, Funny)

MyLongNickName (822545) | more than 5 years ago | (#28361399)

Easy

Step 1. Call your friend, oldspewey and have him install and configure it for you. He LOVES helping his friends out for free.
Step 2. Just give him a piece of pizza when he is done. It is the only thanks he needs.
Step 3. If anything goes wrong with your PC just call him up and bitch. It is obviously something he did to break your computer.

Now where is my $100?

Re:SMIME (4, Insightful)

oldspewey (1303305) | more than 5 years ago | (#28361909)

Ahhh, a page from the book of "it's funny because it's true."

I used to be "that guy" ... giving advice, offering to help people configure things, recommending hardware and software, etc. Then I slowly came to realize a few things:

- People don't value the time you spend helping them
- The more dire the warning being delivered, the more people resent hearing your advice
- Nothing ever sinks in. By constantly offering to help people, all that happens is they develop a mindset of dependence. They sort of slide into the belief that computers are so hopelessly complex they will never be able to figure anything out.

I now just quietly accept the notion that most of my friends and family are riddled with trojans, and I assume that anything I send to them is also being sent to a criminal syndicate in Bulgaria.

Re:SMIME (1)

iluvcapra (782887) | more than 5 years ago | (#28361459)

The mechanics of the process can be mastered in an hour. Understanding the principles involved takes a few hours of reading. The only thing keeping people from learning the tech is apathy- if they cared about sending private, authenticated emails they would meet you halfway. But they don't. If it's very important to you, just refuse to send them emails until they get a cert, or they use PGP. You don't get security on the Internet "for free."

Re:SMIME (1)

JimMcc (31079) | more than 5 years ago | (#28361693)

I disagree. You have obviously never dealt with the elderly. My mother (mid-70's) gets completely derailed when Comodo pops up asking here to confirm access to the net by Firefox after a new version install.

Different people have different abilities. Some otherwise intelligent people get completely flummoxed trying to follow instructions related to computers. Until S/MIME or other encryption methods can be installed and configured as easy as most anti-virus programs (click to start, click to accept defaults, click to confirm eula gobbledygook, click to finish) it will not be accepted by the masses.

In reality, until encryption is included, and activated by default, by the major email clients, it won't be in common use.

Re:SMIME (1)

Locklin (1074657) | more than 5 years ago | (#28361471)

Funny thing is, you would have to educate them, but not how to use S/MIME or PGP, but how to use a mail client. Once they are on a client, and it's configured for them, it's as simple as a "green message means it's a secure channel" (or what ever their client does). Unfortunately, people have come to fear installing software on a computer and believe it's much safer and simpler to just do everything through the big e.

Re:SMIME (1)

bcrowell (177657) | more than 5 years ago | (#28361641)

I will give you $100 if you can provide instructions on implementing this that can be understood by all my friends and family ... and that includes my elderly relatives and my "but this is how it come when I bought the computer" friends.

There are two problems. One is the one you refer to, that mail clients make encryption way harder than it needs to be. The other is that there's a network effect. I could figure out how to get encryption working with my own mail client, but that would do me absolutely no good, because the people I send mail to don't know how to read my encrypted mail, and don't want to be bothered. The ease of use problem is much easier to solve than the network effect problem.

Re:SMIME (2, Insightful)

wiz31337 (154231) | more than 5 years ago | (#28361391)

You're kidding right?
A x.509 certificate will only slow the NSA down a few seconds (if that).

Re:SMIME (1)

nizo (81281) | more than 5 years ago | (#28361873)

Yeah, but think of how many more of their resources they will spend monitoring this guy and his family and friends that would otherwise be spent rummaging through our email. So yeah, everyone please start using encrypted email!

And while you are at it, make sure to install lead curtains on your windows and scrambling hardware on all your phones too.

Re:SMIME (1)

Jah-Wren Ryel (80510) | more than 5 years ago | (#28361941)

You're kidding right?
A x.509 certificate will only slow the NSA down a few seconds (if that).

That's all it takes to essentially opt out of these trolling expeditions.
If they decide to focus on you specifically, then you've got other problems.

Re:SMIME (0)

Anonymous Coward | more than 5 years ago | (#28362121)

You're kidding right?
A x.509 certificate will only slow the NSA down a few seconds (if that).

AES with 256-bit keys is rated for TOP SECRET. Use the NIST-recommended standards for encryption, because that's what the government itself uses.

If they really want to monitor you they will (e.g. TEMPEST), but there's no sense have data in-flight (and at-rest on your mail server) be accessible.

Re:SMIME (1, Interesting)

sshir (623215) | more than 5 years ago | (#28361401)

The problem is - almost nobody uses this. So you can be singled out on that fact alone.

As a poor man's solution, one can use Gmail over https (they have that option now): in my case all my friends have gmail accounts. It's not easily accessible to the government (assuming google's internal traffic is not tapped). This of course exposes you to Google, but at least there is a good chance, that it's not subject to warrantless wiretaps.

On top of that you can encrypt so google is off too.

Re:SMIME (2, Informative)

Abcd1234 (188840) | more than 5 years ago | (#28361481)

in my case all my friends have gmail accounts. It's not easily accessible to the government (assuming google's internal traffic is not tapped)

God, please don't tell me you're that naive. "It's not easily accessible to the government"?? It's one simple subpoena away, ffs! Assuming, of course, they don't just "convince" Google to give them real-time access to Google's systems.

Seriously, Google is one massive SPOF. That's the *last* thing you want if your goal is to circumvent government surveillance.

Re:SMIME (1)

geekoid (135745) | more than 5 years ago | (#28361809)

Wow, just wow.

Ok, here is the point, ready?
It doesn't matter where your email is becasue ti must move through the internet, so its all available when ever you send it...by design.
Oh, and if they want to they will just see who licks it up and get a court order for that person computer? what's that? it's encrypted? well then the will be stymied...unles that put a program to read the email after it's been decrypted.
So, ot a lot you can do and you might as well use Google for convience.
Pretty much all your email is one subpoena away.

Re:SMIME (1)

Abcd1234 (188840) | more than 5 years ago | (#28361933)

It doesn't matter where your email is becasue ti must move through the internet, so its all available when ever you send it...by design

That's what encryption is for. In additional, decentralized transmission and storage (particularly if the links are SSL encrypted) makes the job of organizations like the NSA that much harder.

And note, I said harder, not impossible. My objection is that the GP seems to think that Google is some kind of secure mail solution. It's not. In fact, it's inherently less secure than using a standard MUA and running your own MTA, as it is, once again, a single point of contact for any organization interested in reading your emails.

Oh, and if they want to they will just see who licks it up and get a court order for that person computer?

Yes, but that's not what we're talking about, here. The concern is large-scale dragnets. Using a centralized system like Google makes that far *far* easier.

So, ot a lot you can do and you might as well use Google for convience.

Sure. Use gmail for convenience. I know I do. That said, *don't* use gmail if you believe it's more secure. It's not. At best, it's no better... but my contention is that it is, in fact, much worse.

Re:SMIME (1)

dkleinsc (563838) | more than 5 years ago | (#28361883)

One subpoena away is much better than the zero subpoenas away it currently is (which is the whole point of the article).

Re:SMIME (1)

sshir (623215) | more than 5 years ago | (#28362103)

God, please don't tell me you're that naive. "It's not easily accessible to the government"?? It's one simple subpoena away, ffs!

You misunderstood me. I was talking about warrantless wiretaps.

That's the *last* thing you want if your goal is to circumvent government surveillance.

Again, I was not talking about "circumventing government surveillance" - to do that you need encryption, steganography, some covert channel - that kind of shit. But I was talking about a simple way to avoid wholesale monitoring by government. Fishing expeditions if you will.

The point is to be reasonable, not paranoid. I don't want the government to read my emails when I tell my buddies that they must go watch "Hangover" this weekend, but I will not jump through security hoops to deliver that message.

Re:SMIME (1)

clang_jangle (975789) | more than 5 years ago | (#28361485)

Surely that'll just get you extra special attention.

Re:SMIME (4, Interesting)

secondhand_Buddah (906643) | more than 5 years ago | (#28361643)

I hate to burst your bubble. But the NSA have full access to the keys. Why do you think Mark Shuttleworth (Now of Ubuntu fame) was paid US$ 575 Million for Thawte? Becuase he controlled a sizable portion of the market, even though physically it was a very small operation.
There is a whole history here but in short, Verisign was started by several ex CIA directors shortly after the Clipper chip program failed. The Clipper chip was an encryption chip designed to handle all encryption. In short the CIA would legally be able to access your keys on the chip. there was a public outcry and the program was shelved. No one expected Mark Shuttleworth to gain such a large portion of the market so rapidly, so they paid him a small fortune to get full control of the market. So basically if you want to rely on personal encryption, use PGP, because certs from Thawte and Verisign are not secure from the prying eyes of government agencies.

Re:SMIME (1)

wkk2 (808881) | more than 5 years ago | (#28362037)

Just how can a CA get my private key that is stored and generated on a smart card? I could imagine that a certificate-signing key could be taken from a provider via a National Security Letter or other means but this wouldn't give access to a users private key. It might allow a man-in-the-middle attack on https via a forged certificate. Browsers probably should cache public keys and warn if they change before expiration. An attack on SMIME might allow for forged email but it would be difficult to access existing correspondence (ignoring the obvious problems with the entire PC platform starting with the OS and extending to every application and virus protection provider).

Re:SMIME (0)

Anonymous Coward | more than 5 years ago | (#28361733)

Because there's absolutely no way whatsoever Thawte would ever
  1) get infiltrated by an agency who has a history of doing exactly that since the cold war
  2) turn over a private key to a secret court order accompanied by a national security letter threatening arrest
  3) turn over the relevant keys for free just like every telco in the country did
  4) possibly just have their scheme outright cracked. How do they generate their keys--has anyone tested they didn't regenerate any relevant root certificate with Debian's POS crypto ciphers two years ago? Would you know if they did?
  5) ever have an individual in a position of trust in the company do exactly the same.

This is crypto--and you're trusting your privacy to a third party for no good reason.

Captcha: crockery

Re:SMIME (1)

just fiddling around (636818) | more than 5 years ago | (#28361767)

Ok, let's say I'm down with this.

Now, tell me how I can get my hands on the private keys for these certificates WITHOUT the NSA getting them in transit?

Try the approach Cory Doctorow demonstrated in Little Brother X: do a keygen-countersigning party.

Re:SMIME (1)

brkello (642429) | more than 5 years ago | (#28362141)

Sounds like a great idea from someone divorced from reality. This might work for people with 3 tech friends. The rest of us have normal friends that don't care about this sort of thing so we would prefer that the government would obey the laws instead of making us jump through hoops.

Congreeman Holt is racist... (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28361271)

to claim that this still goes on.

SMASH IMPERIALISM WITH WORKERS REVOLUTION! (0, Insightful)

Anonymous Coward | more than 5 years ago | (#28361285)

Reforge the Fourth International! Workers to power!

More From The Atlantic (3, Informative)

wiredog (43288) | more than 5 years ago | (#28361295)

Here [theatlantic.com] .

Four NSA domestic surveillance programs.

  • Terrorist Surveillance Program, which involves the monitoring of telephone calls.
  • "Stellar Wind," e-mail meta-data mining.
  • a program that keeps tabs on all the information that flows through telecom hubs under the control of U.S. companies and within the U.S.
  • Pinwale e-mail exploitation.

Why is this a surprise? (1)

Maximum Prophet (716608) | more than 5 years ago | (#28361333)

"Never Say Anything" can do anything they like, because there's no effective oversight. They, and the CIA, are secret organizations, you don't even know who works for them. You can't have oversight of a secret organization.

Congress can bluster all the want, but all that really going to happen in the end is the TLA in question will say. "We promise not to get caught again"

Re:Why is this a surprise? (1)

geekoid (135745) | more than 5 years ago | (#28361825)

"You can't have oversight of a secret organization. "
They do have oversight. What they do not have is transparency.
There is a difference.

Twss (0)

Anonymous Coward | more than 5 years ago | (#28361365)

That's what she said.

Government investigating Government? (0)

Anonymous Coward | more than 5 years ago | (#28361375)

Yeah, whenever the Government is investigating the Government nothing will happen.

Oh wait, someone is knocking at the door...

Re:Government investigating Government? (3, Funny)

Sponge Bath (413667) | more than 5 years ago | (#28361455)

"Oh wait, someone is knocking at the door...

MiB: Pizza man!
AC: [peers out peephole] Where is the pizza?
MiB: In our awesome van! Come on out and get it...
AC: Well, I do like pizza and vans.

My Dearest NSA, (4, Interesting)

Bob9113 (14996) | more than 5 years ago | (#28361425)

My Dearest NSA,

Allow me to use, for the first time in my life, a turn of a phrase that I generally find to be rather repugnant:

If you fear freedom so much, why don't you move to Iran?

This country is for people who love freedom. Who are willing to risk their lives for it. You scared, little, cowards -- shivering in your pajamas at night wetting your bed because you don't know everything I am thinking, all the time -- have no right place in this, the Founding Fathers' most extraordinary experiment.

You think you are more trustworthy than The Constitution? I do not trust you as much as the average crazy screaming panhandler on the corner, let alone as much as the average free American Citizen. You are too scared to be trusted. Scared people act unpredictably. And certainly I do not trust you as much as what is perhaps the most inspired legal document in history.

You are the threat to the American way of life. Not us. Your cowardice eats away at us, and our great society, like a disease. If you can't handle freedom, move to a master planned community with big gates, or even one of the many authoritarian regimes around the world. But don't shit all over what makes this country great just because you can't handle freedom.

Re:My Dearest NSA, (4, Insightful)

dkleinsc (563838) | more than 5 years ago | (#28361613)

If you fear freedom so much, why don't you move to Iran?

Because in Iran they'd be facing street protests.

Re:My Dearest NSA, (1)

xonial (1207678) | more than 5 years ago | (#28361659)

If you fear freedom so much, why don't you move to Iran?

Not to be too nit-picky, but recent (and ongoing) events have shown that the Iranians love/want freedom just as much (if not more; they're fighting for theirs) as we Americans do.

Re:My Dearest NSA, (0)

Anonymous Coward | more than 5 years ago | (#28361723)

+1 Righteous Oprah-show Applause

Re:My Dearest NSA, (1, Funny)

Anonymous Coward | more than 5 years ago | (#28361785)

Seriously - get over yourself. And don't forget to pick up the eggs and milk your wife e-mailed you about this morning. Signed, The NSA

Re:My Dearest NSA, (1)

CarpetShark (865376) | more than 5 years ago | (#28361861)

If you fear freedom so much, why don't you move to Iran?

This country is for people who love freedom.

No, the USA used to be a place of freedom, back when persecuted Quakers etc. were fleeing there from Europe. Over the years, it's become less and less interested in freedom, and more and more one of the places that no longer understand freedom.

Similarly, Linux used to be a place of FREEdom, back when a few geeks used it as an alternative to Windows. Now, as it becomes more and more mainstream, less people get the FREE software part, and more think it's just another alternative way to run software.

Essentially, it's a tragedy of the commons... whenever things become mainstream, they lose the qualities that made them non-mainstream. The only solution is to then step outside of that stream (i.e., out of normal USA society) by moving elsewhere, or getting "off the grid" somehow.

Re:My Dearest NSA, (4, Insightful)

Black Sabbath (118110) | more than 5 years ago | (#28362155)

Wow! One of the most eloquent Slashdot posts in defense of the Republic that I've read in a while.

However one of your assumptions is fading fast. When you state:
> This country is for people who love freedom. Who are willing to risk their lives for it.
This assumes that:
(a) people understand "freedom" as the founding fathers understood it and not merely freedom to consume whatever the talking heads tell us.
(b) people are actually willing to risk their lives for it.

Unfortunately, I think that the transformation of the enlightened Republic to the Idiocracy portrayed in film is well underway. In addition I believe that even those that still value true freedom are increasingly less willing to risk their lives for it. Hell, most aren't even willing to risk their comfort for it. A society that is too comfortable with itself is perfectly setup for golden handcuffs.

Ironically, in Iran right now, people actually ARE putting themselves in harms way to protest apparent fraud on the part of the executive.

I sympathise 100% with what you've written but sadly I'm convinced that its almost too late for the republic to be saved without "refreshing the tree of liberty". The sad part is that a lot of people would read your post and wonder why you're over-reacting. They think of "Democracy" and "Freedom" as mere trademarks associated with the US of A. Meanwhile, every pillar of the constitution is under attack and while some are noticing, very few are standing up.

Wake up people! Look at what's happening in Iran - the lesson is this: no matter how powerless you think you are, governments of all persuasions fear nothing more than a populace aroused to anger. To quote Jefferson: "What country can preserve its liberties if its rulers are not warned from time to time that their people preserve the spirit of resistance?"

how to respond in new code (1)

observer7 (753034) | more than 5 years ago | (#28361429)

With the passing of someone you know Caring house calls once cushioned the blow; Now Gen Y just expects Breaking news via text: "omg wtf...g2g!"

Solution: PGP (5, Insightful)

headhot (137860) | more than 5 years ago | (#28361469)

sure the NSA can probably crack PGP, but if every one used it, the NSA would not have the capacity to crack every message, forcing them to target communication, which is what they should be doing in the first place.

Re:Solution: PGP (2, Insightful)

Locklin (1074657) | more than 5 years ago | (#28361555)

I'd put money on the notion that they simply ignore encrypted email, and if you have been flagged for some other reason (or perhaps by metadata like destination), would rather knock down your door and take your computer than try to crack strong encryption.

Re:Solution: PGP (1)

The Moof (859402) | more than 5 years ago | (#28362159)

They probably ignore the mail, but flag you as a well. The government seems to be a fan of the "if you have nothing to hide, then why can't I see everything" mindset.

Re:Solution: PGP (1)

geekoid (135745) | more than 5 years ago | (#28361901)

They are targeting communication. Do you mean 'individuals"?

Re:Solution: PGP (1)

Spatial (1235392) | more than 5 years ago | (#28361953)

The problem is that it has to be integrated, automatic and completely transparent. I haven't used it myself but I assume it's something that needs to be present at both ends.

The people that comprise the majority of email users are completely ignorant of such things. If they're required to understand anything, they'll take the easy way and it'll fail to take off. Which is where we are now.

Encryption has to be the easier way to go. It needs to be the default in popular email clients, Gmail, MSN, etc. Hell if I know how to make that happen though. It's not like privacy advocates have the money to create a marketing campaign to make it 'cool' or anything... And corporations don't rock the boat unless it really helps them a lot, which this wouldn't.

Random Junk (1, Funny)

Anonymous Coward | more than 5 years ago | (#28361523)

  1. Set up multiple throw-away email addresses.
  2. Set up a bot to cat some /dev/urandom into messages, make it look like encrypted messages (extra points for using Tor to hide your IP).
  3. Send "encrypted" messages back and forth between the throw-away addresses.
  4. Let the NSA grind some resources trying to decode the "encrypted" messages.
  5. ????
  6. Profit!

Who cares? (1)

SuperKendall (25149) | more than 5 years ago | (#28361647)

I think it's pretty absurd that people are complaining about the U.S. government scanning emails.

emails are sent in the clear. If you really cared, you'd encrypt it all. Lots more people than the government have been and will be looking at your email, it's inherent in the nature of the system.

The truth is that almost nothing anyone sends via email is worthy of this furor. Again, anything that you don't want others to see you should have encrypted or sent by other means (we still have a postal system you know).

I wasn't going to throw a post into the sea of frothing anger, but after reading the other responses I realized someone has to be the voice of sanity at Slashdot, no matter how they are flamed or hated for it.

So why should you not be upset about this? What is the harm?

The harm comes from noise about things that don't matter, drowning out things that do. Complaining about government intrusion into an inherently public protocol makes it harder to notice instances of true abuse of privacy. By crying at every shadow you doom real issues to remain in obscurity.

Re:Who cares? (0, Offtopic)

Spatial (1235392) | more than 5 years ago | (#28361839)

If you really cared, you'd encrypt it all.

Nice false dichotomy! If you ever get shot, remind me not to give a shit. After all, if you really cared you'd have worn body armour.

Talk about missing the point.

Re:Who cares? (1)

Shooter28 (1564631) | more than 5 years ago | (#28361907)

While I disagree with most of your statements what I want to know is why don't people get up in arms about Googles automatic scanning of emails to determine add content.

If you ever use gmail, or send mail to someone who uses gmail, the chances are that your email is already being scanned for key words.

Re:Who cares? (1)

geekoid (135745) | more than 5 years ago | (#28361943)

We shouldn't ahve to encrypt our emails to keep the government out.
In a nation of laws there needs to be laws and regulation about only allowing the government to read our correspondence in very specific and defined manners. When they aren't followed, the people not following the laws nede to be dealt with in an appropriate manner.

Re:Who cares? (1)

gstoddart (321705) | more than 5 years ago | (#28362073)

emails are sent in the clear. If you really cared, you'd encrypt it all. Lots more people than the government have been and will be looking at your email, it's inherent in the nature of the system.

Telephone messages are sent in the clear too, but it requires a warrant to listen in on them.

The truth is that almost nothing anyone sends via email is worthy of this furor. Again, anything that you don't want others to see you should have encrypted or sent by other means

That doesn't give the government blanket privilege to listen in on them. That's going back to saying only those who are guilty have something to hide.

If one only encrypted the stuff one wanted secret, it would be telegraphing when you're sending something secret.

The harm comes from noise about things that don't matter, drowning out things that do. Complaining about government intrusion into an inherently public protocol makes it harder to notice instances of true abuse of privacy.

With all due respect .... horseshit.

There are constitutional and legal issues which circumscribe what the government can and can't listen in on. Mass reading of e-mail is one of them.

The harm is the government overstepping their legal authority to monitor the conversations of its citizenry when it knows damned well it can get away with it. By saying "well, gee, why should we care", you're just quietly accepting it.

And what, do tell, happens when they expand this program to go slightly beyond purely "national security" issues? How about, tracking your political affiliations? Monitoring if you're having an affair? Secretly gay?

Allowing widespread government intrusion with no rules is just asinine -- especially in a country which still thinks of itself as the "land of the free".

Cheers

Why doesn't every email client have PGP built-in? (1, Interesting)

Anonymous Coward | more than 5 years ago | (#28361687)

I do not understand why major OS vendors don't make an effort to seamlessly integrate PGP into their email clients.

Re:Why doesn't every email client have PGP built-i (1)

Spatial (1235392) | more than 5 years ago | (#28361859)

They're in it for money, not the greater good. Most people don't even know you can, there's a lack of demand.

Not a real big surprise (2, Insightful)

OrangeMonkey11 (1553753) | more than 5 years ago | (#28361769)

Big brother will always be watching what you do; the only thing you can do is vote for someone you hoped would monitor and blow the whistle on activity such as these to keep it down to a somewhat manageable discomfort.

It's a postcard! (2, Insightful)

Kiliani (816330) | more than 5 years ago | (#28361799)

Since the beginning of (internet) time sending an email has been like sending a postcard. Everybody along the way handling your message can read it if they so choose. You know it, they know it. If you expect privacy, then you cannot be helped. The Electronic Communications Privacy Act is not much worth here ...

I'd rather have people make sure that the NSA is not listening to my phone calls - and you know that this is happening too, at least when you have communications going beyond the borders of the US.

Which of our former classmates and colleagues ...? (2, Insightful)

your_mother_sews_soc (528221) | more than 5 years ago | (#28361823)

Which of our former classmates and colleagues (and/or professors) work on these kinds of systems? Thirty-something years ago I never would have imagined my peers working to undermine our freedoms by writing such code. I just don't get it. We were taught in classes such as "Computers in Society" things like ethics. This was before the year 1984, and most of us had read (or were aware of the premise of) Orwell's "1984." This would never happen, we thought.

Unfortunately this, and other data mining crap has been created and 1984 is alive and well and it can't be undone. All because some people - some programmers - thought that getting paid was better than doing what is moral and ethical in a free state. We are no longer free, ladies and gentlemen.

Re:Which of our former classmates and colleagues . (0)

Anonymous Coward | more than 5 years ago | (#28361993)

Work for 30 years. Have your wife leave you and take the kids because you work too much as a programmer. You'll suddenly stop caring so much about ethics, and the steady work/pay is enough to make you ignore it, anyway.

new email sig (4, Funny)

spidercoz (947220) | more than 5 years ago | (#28361835)

dirty suitcase nuke anthrax bomb jihad the great satan yellowcake plutonium ricin nerve gas flesh eating plague bring on the virgins fuck you NSA

I they want to read... (0)

Anonymous Coward | more than 5 years ago | (#28361849)

...my furry yiffing, I say let them!

Email was never secure to begin with... (3, Informative)

Logical Zebra (1423045) | more than 5 years ago | (#28361975)

Remember, email is sent in cleartext, unless it's encrypted, which most of us don't actually do.

Bugmenot (0)

Anonymous Coward | more than 5 years ago | (#28362147)

For those of us who don't have NYTimes accounts, remember bugmenot [bugmenot.com]
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>