Forgot your password?
typodupeerror
Encryption Privacy Security Software

Ask Slashdot: Will the NSA Controversy Drive People To Use Privacy Software? 393

Posted by Soulskill
from the not-until-they-can-use-it-to-hurl-belligerent-anthropomorphic-avians dept.
Nerval's Lobster writes "As the U.S. government continues to pursue former NSA contractor Edward Snowden for leaking some of the country's most sensitive intelligence secrets, the debate over federal surveillance seems to have abated somewhat — despite Snowden's stated wish for his revelations to spark transformative and wide-ranging debate, it doesn't seem as if anyone's taking to the streets to protest the NSA's reported monitoring of Americans' emails and phone-call metadata. Even so, will the recent revelations about the NSA cause a spike in demand for sophisticated privacy software, leading to a glut of new apps that vaporize or encrypt data? While there are quite a number of tools already on the market (SpiderOak, Silent Circle, and many more), is their presence enough to get people interested enough to install them? Or do you think the majority of people simply don't care? Despite some polling data that suggests people are concerned about their privacy, software for securing it is just not an exciting topic for most folks, who will rush to download the latest iteration of Instagram or Plants vs. Zombies, but who often throw up their hands and profess ignorance when asked about how they lock down their data."
This discussion has been archived. No new comments can be posted.

Ask Slashdot: Will the NSA Controversy Drive People To Use Privacy Software?

Comments Filter:
  • easy, (Score:5, Informative)

    by etash (1907284) on Saturday July 06, 2013 @03:00PM (#44204323)
    no. People don't practically care plus they have the memory of a fish.
    • Re:easy, (Score:5, Informative)

      by auric_dude (610172) on Saturday July 06, 2013 @03:06PM (#44204375)
      Encrypted e-mail: How much annoyance will you tolerate to keep the NSA away http://arstechnica.com/security/2013/06/encrypted-e-mail-how-much-annoyance-will-you-tolerate-to-keep-the-nsa-away/ [arstechnica.com]
      • Re:easy, (Score:5, Interesting)

        by hairyfeet (841228) <bassbeast1968@NOspaM.gmail.com> on Saturday July 06, 2013 @03:31PM (#44204565) Journal

        The correct answer is zero, zero annoyance. as somebody who works with the normal folks 6 days a week i can tell you a shitload of them already just blast their entire existence onto their FB page anyway, and if having everything encrypted wasn't "clicky clicky" simple or actually cost a cent compared to your Gmails and Yahoo mails? Not gonna happen, they just won't use it.

        And of course the bigger bitch is that for most of this software to work you have to get both parties on it so you are stuck with a network effect to where YOU can be encrypted but it won't matter because nobody you know will go to the trouble to use the software so you won't be talking to anyone anyway.

        • Re: (Score:3, Insightful)

          by Gr8Apes (679165)
          Having used PGP for email long ago, it really was "clicky clicky" simple, if your system supported it. The only reason it's "hard" is because apparently those making software either don't have the expertise or have been encouraged not to.
        • Re:easy, (Score:4, Interesting)

          by AmiMoJo (196126) * <mojo@NOspaM.world3.net> on Sunday July 07, 2013 @06:33AM (#44208237) Homepage

          There is a debate programme on the BBC where they were talking about this and one outraged member of the public exclaimed "I made my Facebook profile private!"

          Unfortunately this is the level of understanding people have about these things.

        • by NotBorg (829820)

          i can tell you a shitload of them already just blast their entire existence onto their FB page anyway

          No. They. Don't.

          It's a common man fallacy intended to lull the general population into not thinking about the problem.

          The truth is people do not put "everything on FB." They tell LIES on FB and scream to FB about privacy when they're caught in their tangled web. Your phone records, bank statements, medical records, on and so on are not on FB for the world to see either. When you choose to put something

      • Re:easy, (Score:5, Insightful)

        by hedwards (940851) on Saturday July 06, 2013 @03:47PM (#44204661)

        The problem with encrypted email is that you can only send it to people who agree that security is important.

        And the people causing the loss of my privacy are numb nuts that post pictures of me to FB and various other places without my permission.

        • by AK Marc (707885)
          In a practical sense, all it takes is changing a few defaults in a few email clients for all email to be encrypted (when you realize that 99% of email is encrypted and you are in the 1%, you'll just switch to an encrypted client). Encrypting email is easy. I know people that set up their Outlook to encrypt and sign 100% of the time. When sending to other people on Outlook, you don't even notice, aside from the "this email was encrypted and signed" message, that if it were 99% or more, you'd lose that mes
          • Re:easy, (Score:4, Insightful)

            by 7-Vodka (195504) on Saturday July 06, 2013 @05:43PM (#44205459) Journal
            Did you say Outlook?

            M$ was the FIRST company on the PRISM slide timeline you know?

          • Re:easy, (Score:4, Insightful)

            by luigi6699 (695295) on Saturday July 06, 2013 @05:54PM (#44205529)
            Really? It's been driving me crazy that I can't find a mail client which makes encryption "clicky clicky" easy. All I want is a mail client/plugin which automatically searches an authenticated keyserver for public keys that match my recipients, and offers to import them. Doesn't seem to exist as far as I can see. What's your setup that allows normies to encrypt/sign 100% of their email?
        • by DRJlaw (946416)

          And the people causing the loss of my privacy are numb nuts that post pictures of me to FB and various other places without my permission.

          They've never needed your permission, and you've never had that privacy, so its rather counternormative to claim that they are numb nuts causing a loss of your privacy. People have always discussed who attended the social event happened the night, week, or months before. Photographs of those events have only become more common with the rise, ever increasing ubiquity, an

          • Re: (Score:3, Insightful)

            by hedwards (940851)

            Bullshit, until relatively recently everybody had that kind of privacy that wasn't a celebrity or other famous individual.

            What's more, even for the famous, if something happened a year ago, chances are good that you'd have to go digging for it in the news paper archives if you wanted information about it. Now, you can do a web search and find information from the last decade easily, and usually within minutes.

            What's more, prior to the last couple years, you wouldn't have pictures being tagged automatically

            • by DRJlaw (946416)

              Bullshit, until relatively recently everybody had that kind of privacy that wasn't a celebrity or other famous individual.

              "That kind of privacy" = thoroughly 'modern' redefinition of privacy by the self-entitled.

              Privacy [merriam-webster.com]
              1 a : the quality or state of being apart from company or observation : seclusion
              b : freedom from unauthorized intrusion
              2 archaic : a place of seclusion
              3 a : secrecy
              b : a private matter : secret

              What's more, even for the famous, if something happened a year ago, chances are good that you'd ha

        • by rtb61 (674572)

          The flip side of that is to not worry about privacy at all and to push the other way.

          Meaningless junk and blather to flood the airways. Plots to murder the choom gang cowardly president who is all mouth with no truth. Empty discussion of bomb manufacture, mass poisoning chemical creation. Plans to disrupt infrastructure upon a mass basis. All in full detail and in excruciating depth. New role playing games playing upon the perversion of the NSA and the CIA by flooding them with empty data.

          Want somethin

      • Re: (Score:3, Interesting)

        Encrypted e-mail:

        Since the NSA is logging (supposedly) metadata, and NOT the content of the messages, encrypting your email would have no effect at all.

        • by AK Marc (707885)
          It will if we start encrypting all messages and posting them all publicly. Only the intended recipient can read it. They'll need to know to check, so just send them an email to go look. Oh wait. (seriously, the email clients could go to the NNTP server or whatever, attempt a decrypt all with their private key, and buzz the user on a hit)
          • I would really like to know why all those who have been hyperventilating over this thinks the government or anyone else for that matter gives a shit who you call or e-mail. Looking at the amount of complaints about the government intelligence programs you would think everyone was planning a revolution and their nefarious plans have just been compromised. The phone companies have always been collecting call data to bill you and companies like Verizon have been selling call and location data to 3rd parties. G

            • by AK Marc (707885)
              There are a few issues with it. For one, they can (even if you note, that at the present time they don't). The one I don't like is that they have it all, so once you are a person of interest, they have 20+ years of your history a click away. Sure, if they were any good, they'd have predicted whatever it is you are accused of, rather than waiting until after, but after, they can prove you guilty in the media, no matter what you actually did. The AI to parse the data in real-time doesn't exist, but don't
            • Re:easy, (Score:5, Insightful)

              by 0111 1110 (518466) on Saturday July 06, 2013 @11:28PM (#44207099)

              I would really like to know why all those who have been hyperventilating over this thinks the government or anyone else for that matter gives a shit who you call or e-mail.

              Because we are all potential terrorists and criminals. I suspect it's just a matter of keywords. If you mention the word NSA or terrorist or the name of any middle eastern country or allah or whatever the automated system kicks the conversation over to some poor SOB right out of college who gets to listen to or read all of our boring conversations. Since we don't really know the keywords we cannot really be sure when a human is monitoring us or just a computer. At this point it seems pretty obvious that at least a computer monitors EVERYTHING. Something I would have considered paranoid before Snowden let us know what is really going on.

              What I wonder about is whether keywords that affect law enforcement are also included. Does mention of the word "weed" or "marijuana" send a transcript of the conversation over to the DEA? If that doesn't happen already you can be damn sure that it is only a matter of time before the government figures out the utility of that. Especially now that the cat is out of the bag anyway.

        • Re:easy, (Score:5, Insightful)

          by lister king of smeg (2481612) on Saturday July 06, 2013 @04:48PM (#44205039)

          yes because the nsa would never lie before Congress oh wait they have already been caught lying before Congress twice. I trust encryption far more than I trust the nsa.

        • Re: (Score:3, Informative)

          by flyingfsck (986395)
          I got news for you. The NSA is storing EVERYTING - metadata, data, voice, fax, encrypted comms, everything.
      • Re:easy, (Score:5, Interesting)

        by Znork (31774) on Saturday July 06, 2013 @04:52PM (#44205065)

        To keep the NSA away? None. I have nothing to hide.

        To ruin these assholes day? Lots. I have massive amounts of meaningless data I constantly send encrypted via foreign countries. It contains absolutely nothing of interest to them, but it will make it harder for them to find whatever they're interested in, and it will force them to either store massive amounts of meaningless data or discard it all, meaning they won't catch anything interesting in the future, should I ever need to send anything I don't want them snooping.

        Either way I'm screwing with them. Not much but easily enough to cover the time and money spent doing my patriotic duty to humanity.

    • no. People don't practically care plus they have the memory of a fish.

      And a fine fish it was!

    • Re:easy, (Score:5, Insightful)

      by Seumas (6865) on Saturday July 06, 2013 @03:17PM (#44204463)

      Only a few people even give the slightest fuck about the current revelations, anyway. The distortion field of Slashdot and Reddit (ugh) give the impression that it's the biggest thing in the world and the entire population is angry, but that could not be further from the case. People didn't give a fuck about Echelon. People didn't give a fuck about the DMCA or The USA Patriot Act. They didn't give a fuck about all the signing statements that George Bush put down (basically, when a president goes through a passed bill and writes down little notes essentially saying how he will or won't abide by each part of the bill -- signing statements are how we wound up with authorized torture and claiming the Geneva Convention doesn't apply to Americans -- only to "bad guys"). People don't give a fuck about all the ones Obama has done. People didn't give a fuck about Kevin Mitnick spending many years behind bars without a trial or access to the evidence against him. People don't give a fuck about Gitmo. Whatever fuck people *do* give a damn about right now will be mitigated by the next big distraction coming down the pipe.

      Slippery slope doesn't apply to civil liberties and surveillance in America -- but the thing about a slowly warming frying pan sure does.

      • by amiga3D (567632)

        They care about what's happening on Big Brother though. Gotta keep the important things in mind!

      • by erroneus (253617)

        They didn't care because they didn't think it would happen to them. Now it is out that it hasn't just happened to them, the state, the nation, but the whole damned world and that the government has gotten into all of their electronics and software too. More than that, the constitution free zone issue is about to start hitting people squarely in the face.

        The word is out. All of their stuff has been compromised and people are caring. They are indeed caring.

    • I won't. I don't care at all. My electronic activity is mostly gaming-related. Apart from work-related stuff, I sent exactly 6 e-mails last month, I had a few phone calls with my wife and mother-in-law, plus a conversation on Skype with my sister.
      The NSA can keep those records; it's a waste of space IMO. But it's their space, paid for by the Average Joe (not me, I don't live in the USA).

      • by amiga3D (567632)

        I encrypted my Granma's secret cookie recipe. Let 'em figure that one out.

      • Re:easy, (Score:4, Interesting)

        by Seumas (6865) on Saturday July 06, 2013 @03:30PM (#44204559)

        I don't understand this attitude. It basically comes down to "this doesn't directly impact me, so I don't give a fuck". So I guess you have an opinion on very few things, then?

        I'm not a billionaire, but I don't think rich people should be capped at a certain level of income. I don't have a uterus, but I support a person's choice to do what they want with their body. I'm not gay, but I fervently support that they be treated like every other citizen as per the Constitution. I'll never be under age again, but I still think rights and liberties should apply to those who are under age.

        In fact, it is kind of a sick and disgusting attitude. Less so, maybe, that you're not in the states -- but plenty in the states have exactly that opinion...

      • by nospam007 (722110) *

        "I won't. I don't care at all."

        Hi, nice to find you here. I sent you the truecrypt container with the bomb plans you requested and also the location of those 27 tons of fertilizer to your secret email address. It's the usual password.

        Omar

        • by Dcnjoe60 (682885)

          "I won't. I don't care at all."

          Hi, nice to find you here. I sent you the truecrypt container with the bomb plans you requested and also the location of those 27 tons of fertilizer to your secret email address. It's the usual password.

          Omar

          While you post in jest (at least I hope), the scary part is that with six degrees of separation, all of us are not too far removed from somebody who actually did do something like that. In the US it used to be innocent until proven guilty. Now it is guilt by association, particularly where terrorism is involved and the definition of terrorism changes daily to justify all sorts of actions.

    • Re:easy, (Score:5, Insightful)

      by _xeno_ (155264) on Saturday July 06, 2013 @03:23PM (#44204503) Homepage Journal

      Yep. If you've been following the news, you'll notice that it's all about catching Snowden, and not about the massive NSA surveillance program. Most people just don't care about it, and the media sure isn't helping by focusing on Snowden to the exclusion of everything else.

      I'm sure that ultimately, we'll get some law to "increase oversight on the NSA" that will have no teeth, the NSA will go back to spying on all communications it possibly can, and Snowden will get to discover the true meaning of "extraordinary rendition."

      • by Dcnjoe60 (682885)

        Yep. If you've been following the news, you'll notice that it's all about catching Snowden, and not about the massive NSA surveillance program. Most people just don't care about it, and the media sure isn't helping by focusing on Snowden to the exclusion of everything else.

        I'm sure that ultimately, we'll get some law to "increase oversight on the NSA" that will have no teeth, the NSA will go back to spying on all communications it possibly can, and Snowden will get to discover the true meaning of "extraordinary rendition."

        The irony is that most of the information into what the NSA was doing didn't come from Snowden. All Snowden basically said was that the NSA intercepted calls and emails and gave specific examples. The talking heads on the networks like Faux News and MissingNBC then went on to explain the details of how the NSA actually did it and even tried to justify it by comparing what they data-mined compared to Google.

        Snowden just blew the whistle. The talking heads explained the playbook and yet Snowden is the one in

  • by khasim (1285)

    If you send an email "through the cloud" (and how else are you going to send it today) then the NSA collects the "meta-data" (at least).

    If your message is encrypted then the NSA also holds onto the message. Even if they do not decrypt it.

    If you store your data "in the cloud" then the NSA can copy that as well.

    Being able to erase stuff on your personal machine does not matter in these instances. Even if the average person could understand the issues.

    • And also, how is any Privacy software going to help if the OS itself has the back-door or whatever?. It doesn't make any sense unless you use an OS that's Open Sourced. And like you say, even then you might as well just unplug your Internet. Even if the OS is secured, you still need to worry about services like the Cloud.

      This is going to take more than Software to resolve.

    • by BACbKA (534028) on Saturday July 06, 2013 @03:47PM (#44204665) Homepage Journal
      Yep. And, regarding your "even if they do not decrypt it", I can't help quoting one of my favourite books on security: "The main problem facing the worldâ(TM)s signals intelligence agencies is traffic selection â" how to filter out interesting nuggets from the mass of international phone, fax, email and other traffic. A terrorist who helpfully encrypts his important traffic does this part of the policeâ(TM)s job for them. If the encryption algorithm used is breakable, or if the end systems can be hacked, then the net result is worse than if the traffic had been sent in clear." (See http://www.cl.cam.ac.uk/~rja14/Papers/SEv2-c09.pdf [cam.ac.uk] p31)
      • by Znork (31774)

        And us non-terrorists who encrypt every little piece of shit information ruins that work for the goons. So I'm pleased to see my random junk archived, hope it made them miss something they wanted. Then maybe they'll learn that dragnets will get them such a bad signal to noise ratio it's better to actually target suspects than everyone.

  • by K. S. Kyosuke (729550) on Saturday July 06, 2013 @03:01PM (#44204335)
    That's an easy answer, Mr. Betteridge: no, it won't. (People are way too much comfortable with not being careful about their privacy, otherwise the whole Facebook thingy would never have gotten off the ground. Now you're asking them to become techno-savvy just because of privacy reasons?)
  • We already know that the NSA flags encrypted traffic as suspicious and keeps it forever. If we assume they have enough computing power to target on a particularly interesting set of data (based on headers and routing info which can't be encrypted or it doesn't work), then how is it much better than having them store your data in the clear?
    • It stops trawling. Even if they have or will have enough computing power to break encryption, it's not going to be cheap - even the NSA doesn't have an infinite money cheat. Encrypting everything means they'd be forced by simple practicality to only snoop on people they have some grounds to suspect, rather than just collecting anything and everything they can get hold of for analysis in the hope they'll stumble upon something they can use.

    • by hedwards (940851) on Saturday July 06, 2013 @03:50PM (#44204683)

      The more people that encrypted trivial bullshit, the more they need to store and the longer it'll take them to crack it at any point in the future. And the less likely it is that they'll be able to pay attention to everybody.

      Remember, the time it takes them to crack thousands of LOL cat videos is time they don't have to crack things we actually care about.

  • by kthreadd (1558445)

    Some techies will, but most people won't. They don't care.

    • by Seumas (6865)

      Almost no techies will, either.

      I would fucking LOVE to make regular use of, for example, PGP/GPG. Unfortunately, there is no way my family, friends, acquaintances, or colleagues would do this -- rendering it fucking useless.

      Also, what does it matter? It might make retroactively gathering data on me (the new thing where a wire tap warrent doesn't just cover newly monitored communications but everything you've done -- ever), but if they really want to target you, they'll just find a way to infect your system

  • by PapayaSF (721268) on Saturday July 06, 2013 @03:06PM (#44204387) Journal

    The NSA gets a great deal of information through metadata and traffic analysis, so how much does encryption really matter? It might even call more attention to yourself: If you are just somebody surfing an Islamist website or emailing your school friend in Pakistan, the NSA will note it but possibly ignore it, if there's nothing else suspicious to connect you to. But if you are sending streams of encrypted data to those same locations, wouldn't that raise red flags?

    • by b4upoo (166390)

      The catch is that they may not bother with red flags. You might suddenly discover that you are very, very ill with a limited time left. You'll never know the how or why of the illness. Or maybe you'll discover that you committed a crime that you have no memory of and that you suddenly get free housing for life. Those secret prisons we have in remote nations sometimes get new inmates. If a government gets nasty it can be severely nasty.

  • by Wonko the Sane (25252) * on Saturday July 06, 2013 @03:07PM (#44204391) Journal

    I made a tutorial [youtube.com] designed to help non tech-savvy people set up usable email encryption and even with the best narrator and script it's still terrible.

    There are way too many steps involved, and in spite of how radically the usability has improved over the last decade or so it's still not at all user friendly. Default values are set poorly; things that should be completely automated and happen transparently in the background, like keyserver operations, require manual intervention.

    It's almost enough to make me suspect a consipracy to keep these tools out of the reach of the average user, but realistically I suspect (unproductive) laziness combine with a lack of empathy for non-experts is the real culprit.

    • "but realistically I suspect (unproductive) laziness combine with a lack of empathy for non-experts is the real culprit."

      Reality is no one predicted the internet and that the human mind never evolved defense mechanisms for electronic and invasive spying. If you follow someone around with a camera, they get upset and/or call the police. Do even worse electronically and the human mind for many doesn't give a fuck.

      It just comes down to the fact the human brain did not evolve mechanisms to safeguard oneself i

  • Most people CAN'T (Score:5, Insightful)

    by Kazoo the Clown (644526) on Saturday July 06, 2013 @03:10PM (#44204419)
    I'm in IT and I can't figure out the gibberish that passes for documentation on open source security products. Without exception, they presume you already undrstand the issues, or they explain them badly...
    • by epyT-R (613989)

      While I agree, I don't think proprietary documentation is any better.. Crypto is a complex subject and complex subjects are hard to simplify without compromising core functionality. Unfortunately, today's trends show that developers are doing it anyway and the result has been software that is compromised into uselessness.

  • by sjwest (948274) on Saturday July 06, 2013 @03:11PM (#44204427)

    On twitter recently #drm was trending over the ms new console. People might not think it issue 1 but somehow the eff have pushed in to people brains.

    End to end encryption does not exist, a design flaw.

    Ssl is tied to domain names, I had the recent experience of purchasing ssl on a site with no ssl. The irony of that statement i will let sink in

  • What's different? (Score:4, Interesting)

    by jtownatpunk.net (245670) on Saturday July 06, 2013 @03:11PM (#44204433)

    If all of the past disclosures and leaks haven't prompted them to do so, why would this one be any different? Did people really think the NSA put their toys away and went home after the Room 641A exposure? It's not like that was ancient history. It's the core of Congress' retroactive grant of immunity for warrantless wiretapping which was all over the news less than two years ago. And domestic spying was old news even before 641A.

  • by Jane Q. Public (1010737) on Saturday July 06, 2013 @03:12PM (#44204443)
    Most of the comments I have seen here have been depressingly (and unjustifiably, IMO) negative.

    I think it is obvious that people are becoming more concerned about privacy, now that they see how much of it they have inadvertently allowed to be taken from them.

    I only hope that when they start using "privacy protection measures", they don't forget to fight against the reason they need to: abusive assholes (at least half of whom seem to be in government).
    • by houghi (78078)

      I think it is obvious that people are becoming more concerned about privacy,

      If by "concerned" you mean people saying "Like this if you hate the NSA." on their Facebook account, then yes, people are becoming more concerned.

      So what other actions have all these concerned citizens taken? Is there some sort of investigation going on? Is there a public outcry? Are people taking the streets? Or are they still sitting in their couch and are more annoyed that their pizza is 5 minutes late then the fact that the NSA

    • They're just realists. Any population that would accept the Patriot Act, getting groped at airports, free speech zones, and other such freedom-violating nonsense without truly doing anything about it (even voting for third parties or writing en masse to representatives) should be treated as nothing more than mentally retarded preschoolers, for that is what they may as well be.

    • by b4upoo (166390)

      It is a complex problem. As we now have very large populations, some of which have technology in the hands of citizens, and are more sophisticated, the need to know becomes more vital. It is like living in a high rise apartment. You need to know a bit about people in the building for everyone's sake. So governments as well as companies and individuals find more and more innocent reasons to study us and much of it is to our benefit. That leaves people with bad intentions a way to do harm. So far t

  • by Black Parrot (19622) on Saturday July 06, 2013 @03:15PM (#44204457)

    It may speed up adoption of FOSS (or homegrown) by other countries.

    Though OTOH, I can't imagine any of them would have been blind enough not to see this coming.

    As for terrorists, didn't aQ switch from cell phones to couriers about a decade ago? Anyone who gets found out on the basis of the activities we now know about is either careless or stupid.

  • Arguably, people are entirely correct when they throw up their hands and profess ignorance. The fishing-expedition style attacks that have been revealed so far appear to concentrate on a combination of sniffing out activity between nodes on the network(which are also the data required to route traffic between those nodes, which makes hiding it difficult) and getting wholesale dumps from collaborating companies(which you pretty much have to assume is all of them unless specifically proven otherwise on jurisd

  • yes (Score:5, Interesting)

    by periol (767926) on Saturday July 06, 2013 @03:20PM (#44204485) Homepage
    several non-tech folks have stopped communicating with me except for face-to-face, simply because they don't want the government to read our conversations. my text and emails have gotten very matter-of-fact ever since the snowden revelations leaked.

    as a result, i've been researching the available encryption resources out there so we can actually have private conversations without worry. there aren't many that are really simple to use and actually effective. i'm talking with a friend about setting up a home server we can VPN into for chat sessions until there's a workable solution for non-tech types.

    i've wanted to do this for a while, but no one else around me cared. now they care.
    • Try Retroshare. I've set up a little network for myself and a few friends. Aside from its concerningly weak default key size, it seems good. I've had it working reliably doing file-sharing, chat and email. Not tested the forums much yet.

      I expect the NSA could break it, but it'd take enough effort that they aren't going to bother without a specific reason.

      • by periol (767926)
        looks interesting. we were thinking about using VPN connections to perform messaging on our own server, so they would have to break the VPN, or actually get into the server to get the communications. but retroshare does look interesting, although i worry about those keys too. i suspect breaking simple encryption is beyond easy for the NSA, as in it's already automated.
  • Of course not (Score:5, Insightful)

    by Le Marteau (206396) on Saturday July 06, 2013 @03:22PM (#44204497) Journal

    Why would the average person give a fuck about their privacy? Most people have nothing to hide, and unless they are a fanatic or a hobbyist, they could not care less who reads their stuff.

    This security stuff is NOT about the average guy, though. It's about movers and shakers... politicians, lawyers, businessmen, members of the media... people who have power in some ways to affect change, and who communicate in ways which REQUIRE privacy.

    Likewise, the NSA monitoring the average person does not matter in the least. It is about them monitoring movers and shakers. It's about people who could potentially upset the powers that be.

    So cut me a break with the ruminations about whether Joe Six Pack or Susy Soccer Mom is going to encrypt their email. The real question will be, will the next candidate for high office, who aims to shake things up, and who thinks the current Republicratic overlords need to GTFO... the question is... will he us it, and will he continue to be monitored.

    • Re:Of course not (Score:4, Insightful)

      by stephanruby (542433) on Saturday July 06, 2013 @05:05PM (#44205177)

      Why would the average person give a fuck about their privacy? Most people have nothing to hide, and unless they are a fanatic or a hobbyist, they could not care less who reads their stuff.

      I agree with you. The average person probably doesn't care, but that doesn't mean he/she shouldn't care. Privacy is important to everyone, even if you're one of those persons who mistakenly believes that you have nothing to hide.

      Divorces, custody disputes, false accusations, lovers' quarrels, medical sexual history, medical history, dating, underage alcohol consumption/sexting/sex, stalkers, job interviews, job-related credit checks and/or background checks (depending on the type of job and your local laws), salary negotiations, career promotions, college/school applications, car accidents, car insurance penalties, red-lining, profiling, red light cameras, speed cameras, identity thefts, arbitrary tax laws, IRS audits/penalties (if you don't live in the US, replace IRS with the relevant tax/customs authorities), collection agencies, filesharing, porn, sexual orientation, tethering, rooting your own device, netflix/hulu-specific throttling, recycling fines, arbitrary electricity/water consumption fines/penalties, housing association violations, neighborhood/city zoning/building violations, cigarette smoking violations, dog leash/breed violations, contrived political redistricting, poll tampering, etc.

      And it is true, that as individuals, we may not care that much about each particular privacy-related issue, but as a whole and as an aggregate, we should care, because every single one of us is impacted by at least some of these issues and consequences.

  • by dcavens (178673) on Saturday July 06, 2013 @03:23PM (#44204507)

    I think the whole fiasco is going to convince a lot more companies located outside of the U.S. to stay away from U.S. based cloud-providers and SaS. As a Canadian, I'm looking for a Canadian cloud provider that guarantees data is located in Canadian data centres, is Canadian-owned (U.S. law treats subsidiaries of U.S. companies as U.S. companies), and is only subject to Canadian laws.

    I suspect many non-U.S. companies are going to do the same- I'd rather be subject to laws I have some influence over.

  • The problem is it's really a pain to use encryption on your email and the end result is no one will send you email, which defeats the purpose of having email.

    It would be really great if SMTP had a way to query for a public key so it could be encrypted before sending automatically. That's the only way I could ever see encrypted email becoming common, and even then there are a lot of difficulties.
    • Can't trust the SMTP servers - they are run by ISPs or mail services, the NSA could change the key on those with a polite email. It has to be handled by the client.

      • Yeap, that is true, but you can send your public key to ISPs or mail services without any problem. Then your client can do the decryption.

        So it has to be a multi-step process.
        1) Design an extension to the SMTP protocol to handle public/private keys automatically. Make it a dead simple protocol.
        2) Get large mail services (Google would be a good one, but others can be sufficient to get things started) to implement it.
        3) At that point you're not safe, but if you can upload your own private key, or run you
        • Dang it, I should have said:

          3) ...if you can upload your own public key....

          Although uploading your private key might accomplish......something.......
          • There's no way 2) will happen at goggle. The problem isn't the NSA: It's that Google's business model is based around their ability to process your information for marketing purposes. If google can't read it, they don't get paid, they can't run the service.

            One idea would be to have the client include the public key in all emails sent, as a header. That way only the first email each way between two users would be sent unencrypted. It's entirely transparent... until something goes wrong.

            Which brings us to ano

  • you get the idea.

    Answer so far is no.

    https? no way, i'm too lazy living off my fat slashdot editor salary.

  • ... that I still do not know what to think of it.

    I thought that the "Skype" had a strong encryption. I did not know that my conversations with my spouse were supervised and recorded. Gosh ...
    • Skype does have some good encryption in it. But it has two deep flaws:
      1. Metadata is still easily intercepted. That alone can be used or abused quite well.
      2. It has backdoors which allow the operator (Microsoft, now) to intercept communications on behalf of the NSA - and quite likely a backdoor for the NSA to use any time they want, too.

      There's a common conspiracy theory claiming that Ebay's purchase of Skype was at the request of the US government in order to gain intercept and metadata-recording capabilit

      • by Max_W (812974)
        Skype was used by some people for "Skype sleeping" http://www.urbandictionary.com/define.php?term=skype%20sleeping [urbandictionary.com] .

        Some people do have to travel to get a work done. Sometimes for weeks or months.

        It will never be the same anymore after there is a suspicion that a third party is watching or recording.

        I am not sure about a personal encryption software but there will be definitively a behavioral tectonic shift now as people know for sure that it is watched and recorded. Or at least can be watched and
  • Doesn't matter if you are on the "up and up". Things can be taken out of context. Might as well not give them ANY ammo to use. They say to always exercise your right to be silent. This is a preemptive way to do that.

    I think you would be stupid not to try and keep your personal information away from strangers. Also make sure to kill your RFID chips in your credit cards. But for the rest of you, ignorance is bliss. Enjoy.

  • Worth the trouble? You should weight how much it costs you privacy vs what could cost you don't worry about it, but unfortunately, english is a bad language to realize how important the future is [ted.com].

    How it could affect you? You can check what have the FBI/NSA about you [dailykos.com]. You can see precedents of what NSA did with private information [go.com] (if that the respect that soldiers in the battlefield deserve, good luck about you). You can see the starting [cnn.com] trend [theblaze.com] of misusing information and how it could impact you in the futu

  • Our corporate overlords are already dealing with those pesky users daring to hide their online activity [slashdot.org] from prying eyes of NSA. Expect more measures to dismantle last remains of privacy - including choking off privacy tool vendors, labeling users of such tools as 'terrorist suspects', somewhat skewed patent lawsuits, outright banning certain classes of tools etc.
  • by houbou (1097327)
    Privacy software will be a red flag, they will see this coming a mile away, hell, I wouldn't be surprised if the NSA wasn't indirectly funding a few of these apps themselves just to give you some false sense of security.

    In the end, if you want your privacy, well, keep it private! :)

    But beware social media and most of all, be smart. You don't want people to know, then don't use electronics for your very sensitive stuff, or at the very least, keep it hush, sneaker net, or word of mouth.

    Sure you could be
  • by SeaFox (739806) on Saturday July 06, 2013 @04:01PM (#44204759)

    ...despite Snowden's stated wish for his revelations to spark transformative and wide-ranging debate, it doesn't seem as if anyone's taking to the streets to protest the NSA's reported monitoring of Americans' emails and phone-call metadata.

    Really? Maybe the submitter needs to learn to use the Internet better.
    http://www.buzzfeed.com/ellievhall/40-best-signs-from-the-restore-the-fourth-rallies [buzzfeed.com]

  • Perhaps more importantly, it will lead to use developing new protocols that employ decent security. This is needed. For example, all email should be sent encrypted, not clear text. In addition, email should be re-developed so that it pushes a distributed architecture while removing the spam.
  • My classes in Internet Security at http://www.freegeek.org/about/classes/ [freegeek.org] were pretty well packed yesterday.
  • by fireteller2 (712795) * on Saturday July 06, 2013 @05:12PM (#44205243) Homepage

    What is this article on about? Who the fuck is SpiderOak, Silent Circle? GPG, pgp, gnuPG are standards of encryption, not some un evaluated service, or new software.
    And there are *literally* people taking to the street:
    http://news.cnet.com/8301-1009_3-57592368-83/san-francisco-protests-the-nsa-spying-program-in-july-4th-march/ [cnet.com]
    http://rt.com/usa/nsa-protests-july-4-700/ [rt.com]
    http://mashable.com/2013/07/02/restore-the-fourth/ [mashable.com]

    And these are just the top 3 google news articles. I agree that the software solutions are terrible, and hard to use. And I agree that the news media are doing a good job of shifting the focus to: "Edward Snowden for leaking some of the country's most sensitive intelligence secrets". Which is agonizing to watch, but not half as agonizing as stupid articles like this couched in the voice of the people, but in actually spinning the story away from the truth.

    People are angry, there are secure solutions, it has to be open source and on your own computer under your direct control to be secure. Open source software development is notorious for flubbing the user experience, but that is the bad news. We do care about privacy and personal security, we can fix the software to be easier to use, and we are actually fighting for our rights. So STFU with your crap message about our doomed future, and stupid populace. Of course it's not easy, but people like Snowden keep coming along and reminding us to be more vigilant.

  • by WaffleMonster (969671) on Saturday July 06, 2013 @05:32PM (#44205367)

    We are the problem not the end user.

    We have failed to provide basic communication infrastructure that protects the end user.

    Expecting people to use optional add-on technology requiring x additional software and y additional knowledge is obviously not going to happen regardless of how small x and y can be made.

    The only way to fix the problem is wholesale replacement of existing bullshit (e.g. SMTP) with a solution that is secure by default. Users simply must not have the choice of skipping rational and meaningful key exchange steps before communication. It can be made easy or hard to give users control of the security tradeoff but it must not be optional.

1 Dog Pound = 16 oz. of Alpo

Working...