Ask Slashdot: Jamming UK Metadata Collection? 192
AmiMoJo writes: It looks likely that the UK will try to require ISPs to collect metadata on behalf of its security services, and various other agencies will have access to this vast, privacy- and security-destroying database.
How can individuals resist? Some metadata is trivial to hide, e.g. much email is encrypted between the user and server, but a record of an access will still exist. Would there be much benefit to creating fake traffic, say by sending dummy emails to yourself? What about fake browsing, or keeping TOR running 24/7 (not as an exit node, just a client)?
The goal is to make the data less useful and harder to tie to an individual or separate from fake data, and to increase the cost of collecting and storing such data. Don't worry, I'm already on the list of known dissidents anyway.
How can individuals resist? Some metadata is trivial to hide, e.g. much email is encrypted between the user and server, but a record of an access will still exist. Would there be much benefit to creating fake traffic, say by sending dummy emails to yourself? What about fake browsing, or keeping TOR running 24/7 (not as an exit node, just a client)?
The goal is to make the data less useful and harder to tie to an individual or separate from fake data, and to increase the cost of collecting and storing such data. Don't worry, I'm already on the list of known dissidents anyway.
Re: (Score:3, Funny)
Your only option is to have your own email server at home which requires encryption on both ends.
Hillary? Is that you?
Re: (Score:2, Interesting)
This answer, like almost all the other answers in the discussion is an answer to the question
that's not the question the article asked. The question was
It's a completely different thing. The aim of reistance is to create consequences and problems for the authorities and visible protests shown to other people. It's something completely different. You do not resist by being entirely hidden. That makes no difference to other people. You resist by making things more costly
Resistance is futile. (Score:2)
Re: (Score:2)
Gmail does encrypt the connection to the user, and between mail servers if possible. They were burned by the NSA...
In fact a VPN is quite effective here. Since it is the ISP that is required to do the spying, anything that locks them out of doing packet inspection foils it. This means that either it will be pointless, VPNs will be banned and the UK economy will be wrecked, or a VPN will be taken as a sign of suspicious behaviour. That last one is terrifying.
Re: (Score:2)
a VPN will be taken as a sign of suspicious behaviour. That last one is terrifying.
When everyone uses a VPN, everyone will be suspect. When everyone is suspect, are they going to investigate & arrest everyone or shut-down the internet? What government will survive either of these?
Re: Email? (Score:2)
Re: (Score:2)
Re: (Score:2)
that's not how email works. See: retry interval https://tools.ietf.org/html/rf... [ietf.org]
Go old school... (Score:3)
Re:Go old school... (Score:5, Insightful)
In the US we should push for the Supreme Court to overturn outdated metadata laws based on the idea you "have no reasonable expectation of privacy in phone records at the phone company".
As people shift more of their lives into online services, they do indeed carry a 4th Amendment expectation of privacy in their "papers" with it.
Re:Go old school... (Score:5, Insightful)
In the US we should push for the Supreme Court to overturn...
The cornerstone of which all of these programs were built, which is the illegal authorization of wartime powers to .W.Bush that allowed the passage of all of the bills that made all this legal. This is not a political issue as it has continued via Obama, it is a structural issue of whether you have a democracy or a plutocracy. Whether you will accept responsibility to defend your several hundred year old democracy from attack from within.
Why the U.S population continues to tolerate this harrasment by government through the weakening of the fundamental citizen rights that makes a nation what it is, is confusing. You have the power to fix the issues however you don't use it. You founding father Franklin warned you about trading Security for essential Liberty and how the corruption of the people would lead to despotism. Are your domestic enemies so powerful that it is easier for you to let them turn you into slaves begging for a job and hoping you don't get sick?
You *should* do a lot of things however as we have seen net activism doesn't amount to much. Whilst your comment *is* insightful I doubt a single person reading it will write a letter to your politicians and do something whilst you are distracted by what is on TV.
I hope you can - the fate of the free world rests on what you do.
Re: (Score:2)
Why the U.S population continues to tolerate this harrasment by government through the weakening of the fundamental citizen rights that makes a nation what it is, is confusing.
It is because it does not affect them in any meaningful way, it doesnt affect their daily way of life.
Probably because the frog has been boiled so slowly, people don't notice that the duration between road repairs gets longer and longer or that essential government services are stretched and budgets decreased. People get used to paying more to get less from their government. The U.S is the only 1st world country that I know of that forces a citizen to choose between which fingers they have to loose because their insurance isn't enough to cover all of the medical costs for all of them and why other 1st worl
Re: (Score:2)
The problem with these theories is the lack of evidence to actually support them.
For a specific US example you can examine the 2005 US energy Act, Sec 600-638 for an example of ratepayer funds being siphoned of to utilities companies.
No. In fact I am not even from the US
Then perhaps you should investigate if you are subject to such laws. I am and I've read them.
The truth isnt particularly compelling so instead you attempt to create false drama because real drama does not exist.
If you had read any of the anti-terrorism acts and attempted to understand their impact on the due process of law then you would understand just how ridiculous your statement is. There is no false drama in the passage of these acts.
You seem pretty intent on not answering the question and instead pretending I said something else.
Your question What would they get
Re: (Score:2)
Probably because the frog has been boiled so slowly, people don't notice that the duration between road repairs gets longer and longer or that essential government services are stretched and budgets decreased. People get used to paying more to get less from their government.
Nothing to do with metadata collection or the mass surveillance that has been going on for years, try again.
You yourself said If that is indeed true then it should be pretty easy for you to prove. The problem with these theories is the lack of evidence to actually support them. So when I call your bluff and provide evidence you attempt to change the parameters of what the proof should be. I think you are the one who has tried again, and failed.
That doesnt make USAians my countrymen.
In other words, you don't know if you are subject to meta data retention laws or anything about their affect in your own country. Your opinion offers little value.
You claim to be knowledgeable on this subject so I really am interested.
No, you a
Re: (Score:2)
Yes it is, your inability to make a point without hyperbole is your failing. You are the one whining about nothing being done yet you do not propose what should be done and you can't even make your point to justify anything being done without creating false drama and hyperbole.
In the last 2 years I have read over 600 pages of legislation (including this act). I've written to over 50 politicians and made pages of recommendations to fix laws in respectful constructive ways. You could start there.
Where is the provision that leads USAians to be "slaves" that are "begging for jobs"?
I have provided you with the provisions - read them.
The act does not have mandatory power to force the collection systems to be encrypted, it is optional.
Irrelevant, the data they collect is being transmitted unencrypted over a public network anyway, by you no less.
Indeed, however I didn't choose to have that data stored in an unencrypted database, no less.
Whilst I appreciate your pedantry about meta data being data about data it's importance as a vector to identity crime is undeniable and valuable to those with ill intent.
Ok so you give me a practical example of the metadata they collect and how this can be a problem.
No.
Remember it is just metadata, (i.e. the encrypted message, so if you send your credit card number they do not get that).
meta data that contains an archive of your location and who you associate with. Facebook was a great tool to map out associations, this legisla
Re: (Score:2)
Thank you Captain Obvious.
Sending private information unencrypted over any 3rd party network is an insecure, we have known this for decades, if not centuries! Still not learning the lesson? Use encryption, anonymizing routing software and burner email accounts because even if you get the government to promise they won't scour public networks for information and you actually believe them do you really think other people are not doing it too?
None of which will help you against a state that has the resources to map the endpoints in your associations, which is the point of recording metadata.
Re: (Score:1)
I don't really watch television so I don't really know about the media aspect but, if you're not willing to be raped and murdered for your beliefs, do you really believe them or are they just conveniences?
Re: Go old school... (Score:1)
Re: (Score:2)
Big Government leaned on Big Media
Er, no. Big Corpo leaned on Big Government and told Big Media that Occupy was ++ungood.
Re: (Score:2)
As a practical matter I do not believe that the courts including the Supreme Court are going to be any help with this. Their previous rulings allow law enforcement to make up probable cause after an arrest, arrest for laws which do not exist, rob people of their possessions without trial, etc.
The government says metadata is not protected so fine, let's go with that. If you use IPSEC or a number of other IP encryption methods, only the metadata is left available. Opportunistically encrypt every IP connect
Re: (Score:2)
This does not follow, as it is ancient understandings. An envelop passing through the hands of the government, with deliberately viewable info, i.e. the address, is not the same as things people expect to be held in confidence.
Remember, we are just demanding a proper warrant to see it. Much of our secret, personal papers are moving online for convenience. Government doesn't get the honor of filtching through it at their whim looking for crimes.
Re: (Score:3)
Use pen and paper. Personal papers have more legal protection than digital data that cross over the ether.
Only if you're hand-delivering. If you're using U.S. Snail Mail, they've been photographing envelopes for metadata collection for years. [nytimes.com]
It's precisely analogous to internet metadata collection: who you're communicating with, at what time. But not what you're saying (by not being allowed to open the envelope and read the mail, or not being able to crack message content encryption).
In the context of OP
Re: (Score:2)
Of course, but you're sending data over a public - or government-owned, in the case of the USPS - network. This has always been the case, whether it's snail mail, landline telephones, cellphones or the internet. I can't see how anybody can claim to be surprised by this, especially when the answer these days is so simple: use encryption, don't send unencrypted communications over a network you don't control.
Yes it may be slightly less convenient having to encrypt/decrypt your mail but that is the price of pr
Re: (Score:2)
That doesn't help anything. If we're only discussing metadata ("Person X is communicating with person Y") then it really doesn't matter whether you're sending government secrets using the most secure encryption ever or sending "y0 babe wuts up" to a girl that has no interest in you -- the content of the message is being ignored in both cases anyway.
(Of course if you're good enough to have government secrets laying around I would imagine you'd know what metadata is and how it can be used and take some steps
Re: (Score:2)
That doesn't help anything. If we're only discussing metadata ("Person X is communicating with person Y") then it really doesn't matter whether you're sending government secrets using the most secure encryption ever or sending "y0 babe wuts up" to a girl that has no interest in you -- the content of the message is being ignored in both cases anyway.
We have the tools to deal with that too, with TOR and anonymous email accounts.
Re: (Score:2)
It takes a couple of seconds and a signature by a politician to make it illegal and slap you with a prison sentence only for downloading it.
Really? When has such a thing ever happened?
Re: (Score:2)
After 1918 the GC&CS (Government Code and Cypher School) still got all the UK cable companies messages in bulk. Collect it all is not new
Just as the US scans all details on postage via its Mail Isolation Control and Tracking systems https://en.wikipedia.org/wiki/... [wikipedia.org]
Telegrams, phone use, telexes, fax all got the same US and UK collect it all interest.
The only sol
Re: (Score:2)
As soon as you make a pen and paper that can be transmitted around the globe in fractions of a second, I'm sure you'll have a business case.
Email isn't popular because people love typing. Its popular because its extremely fast and we live in a world where we want everything done yesterday in order to increase productivity. We get pissed off if a mail server holds our email for 10 minutes. But nobody would be surprised of a snail mail letter took 10 days to get across the country (or hell, sometimes the c
Re: (Score:2)
As soon as you make a pen and paper that can be transmitted around the globe in fractions of a second, I'm sure you'll have a business case.
Sure! Elisha Gray had a pretty good business case for precisely that thing, back in 1888 [wikipedia.org]
Re: (Score:2)
It remains a serious offence for someone who is not duly authorised to interfere with or intercept the mail. but for people who are authorised (e.g., police, some council officials, some government officials), that's not a problem.
People forget easily (Score:2, Interesting)
Re:People forget easily (Score:4, Informative)
Yes. It is aggregated data... You don't think they are really only accessing metadata do you? How cute!
Almost. The real meaning of the term is data about data. For files, it's the file name, size, extension, timestamps, and maybe the magic numbers could be called metadata (which is why I don't like magic numbers in files). For pictures, it's camera exposure settings, focus, GPS data, etc. For emails, body text is the "data", whereas email headers are "metadata". From, To, Subject, that sort of thing. You can then aggregate that to get a different kind of metadata (metametadata?), but in its un-aggregated state it's still metadata.
I'm So Meta, Even This Acronym.
Re: (Score:2)
They might define it that way, but it's not true. The envelope addresses are metadata, but the headers, "To", "From", "Subject" and other fields are explicitly data. The server doesn't use these in order to route the email to the appropriate mailbox (apart from spam analysis, but if you use that argument, there is nothing that is not metadata, since spam analysis typically looks at all the data
Re: (Score:2)
Yes. It is aggregated data... You don't think they are really only accessing metadata do you? How cute!
Almost. The real meaning of the term is data about data.
In the context of this act, and what is legal to collect, the definition of what meta data is, is defined by the act. That said, I agree with you because that is what metadata is and that is what metadata means.
Exit node (Score:4, Interesting)
Re:Exit node (Score:5, Informative)
It's risky though. Exit nodes can be used for all sorts of illegal activity - hacking, fraud, child abuse imagery, the usual suspects. There's a small but worrying chance of being busted by the police for a crime commited via your node. You can probably use the node to demonstrate that you are not guilty of the accused crime, but that doesn't until after they've siezed every computer, phone and storage device you own, destroyed your reputation, cost you your job and crippled you financially with legal costs. Criminal investigations are damaging even if no charges are eventually pursued.
I'm wondering what will happen if some well-intentioned but morally-dubious virus writer puts together malware that installs exit nodes. That would be amusing.
Re: (Score:1)
Going in this direction, I wonder how many exit nodes are run by non government actors.
Re: (Score:2)
I'm hoping that the the governments of a number of countries are all competing to maintain exit node dominance. The good sort of arms race.
Re: (Score:2, Interesting)
I'm wondering what will happen if some well-intentioned but morally-dubious virus writer puts together malware that installs exit nodes. That would be amusing. I thought of this. It would be brilliant. Compromised Box's all over the world would be come TOR exit nodes.The TOR Network would be more powerful than they ever imagined.
Re: (Score:2)
Has that EVER happened???
Re: (Score:2)
Twenty seconds of googling found some cases:
https://www.techdirt.com/artic... [techdirt.com]
https://www.techdirt.com/artic... [techdirt.com]
Re: (Score:2)
Yeah, after Operation Ore and many similar debacles where people's lives were destroyed due to the police being too incompetent to understand simple technology like credit cards, I don't think running an exit node is a good idea.
Re: (Score:3)
Even if it's true, IMO it reads more like support for running a node than a deterrent.
The story in short:
* guy set up Tor exit node
* months later, police seized his computer because his IP showed up in logs on a pedo site
* 4 months after that, he got his computer back - they found no evidence of wrongdoing
Sucks to be inconvenienced and all that, but that's a much nicer outcome than I had expected for a story that was meant to discourage people from setting up exit nodes. For example, if the FBI takes your s
Re:Exit node (Score:4, Insightful)
Re: (Score:2)
That guy was extremely lucky, and still got data raped. The police usually hang on to your computer for much longer, especially if it is encrypted. You are then faced with having to hand over your encryption key or guy to jail.
No matter what happens they will data rape you. Go through every inch of your PC looking for dirt, related to the case or otherwise. You can't trust the police so even if you are innocent, this is a very bad thing
Re: (Score:2)
You can't trust the police so even if you are innocent, this is a very bad thing
With anti-terrorism laws (they are generally the same between UK,US,CAN,AUS,NZ - for obvious reasons), the onus to produce proof that you are innocent is on you, however the evidence is also seized by the police and you can't access it, there is also strict liability on the penalties - what it says is what it is.
It is clear that the threat of loss of control that the internet poses to government is something they are not comfortable with at all. If you read these laws you will find them a primitive reactio
Don't use a phone (Score:3, Interesting)
Simple. If you use a phone, you use someone else's network, and do things that are impossible for them to let you do without them knowing what you're doing. You can't call someone without the phone company knowing who you're calling.
And the internet is a public place, period. Don't do anything on the internet that you wouldn't do in your front yard, with the neighbors watching.
If you don't like it, tough. The rules of reality don't need your approval.
Symbolic Protest (Score:2)
Re: (Score:1)
Everybody should spam them with high warning data, once their dataset becomes garbage and >50% false positives, they will give up the fight.
100% Wrong. Their goal is not to find criminals or terrorists, etc. in the data. Their goal is to have as many people as possible in the "Suspect" category, and what you're doing plays into that nicely.
Besides, intentionally generated "noise" is quite frequently easy to filter out. Basically the only solution to what the poster is asking would be for everyone to stop using the "open" internet and everybody start running a Tor node, and doing everything via Tor (or something similar).
For private communications, hide in plain sight (Score:1)
Use the classifieds. Write an obituary. In these modern times Craigslist probably works. If you're planning something exciting, using your personal email is just plain dumb.
Re: (Score:2)
Re: (Score:2)
Your broadcasting about funny/holiday photos every day but only a few know what a color within a type of image would communicate.
The problem is the unique set of ip ranges and their origins that look at the images everyday.
Re: (Score:2)
This is why governments are spying on in game conversations nowadays.
Or so they claim. I suspect some enterprising agents found a way to get paid for playing games all day. That's what I'd do if I thought I could get away with it.
Add noise with TrackMeNot (Score:5, Informative)
TrackMeNot [nyu.edu] is a browser-extension for Firefox and Chrome that sends semi-random search requests to several search engines with the goal of disrupting this sort of tracking. Well, it's more aimed at preventing commercial entities from creating an accurate picture of your web-browsing habits, but it probably adds some noise to the intelligence gathering too. By default it pulls random keywords from newspaper headlines, but you can configure it to use (or avoid) certain keywords, as well as tweak the frequency of the requests. It runs automatically in the background whenever your browser is open.
TrackMeNot isn't really useful in hiding your behavior; it just throws in spurious data that makes legitimate data look less accurate. It's really aimed more at devaluing marketing databases with the (admittedly vain) hope that they'll give up on the whole thing ;-)
Note: it does use extra CPU cycles and bandwidth, so if you are constrained in either this tool may not be for you. Also, tweak the timing of those search requests carefully or the search engines might blacklist you as a bot. Having said that, I've been using this plug-in for several years now and it's rarely caused me any problems.
Re: (Score:2)
Thanks. I'm willing to donate some resources to this, do I'll give it a try. I'm thinking of combining it with a user agent randomiser and periodic cookie cleaning.
Re: (Score:2)
Re: (Score:2)
Their search bar sends letter by letter
What happens when copy/paste is used to populate the search?
Re: (Score:2)
A prediction (Score:1)
One of these days a nefarious group will hack into ISP meta-data and publish it to the world, and this gov't requirement will then be questioned.
Re: (Score:3)
NGO's, trusted and cleared US brands in the UK helping with all image tracking, comparing image content, file names, government workers with a task to find financial, gambling issues over all UK data sets. Even local government can request cleared staff track images, messages back to people and then log their internet use with few or no court supervision.
Your post advocates a (Score:5, Interesting)
Here is a new form, the same as the fighting spam one with minor changes. Feel free to use it as most of the measures proposed to fight surveillance fail for the same reasons.
Re: (Score:2)
I think you overestimate what I an trying to do here. It's not vigilante action, it's just creating masses of junk data as a form of protest and to make the life of anyone spying on me a little harder. Remember that many of the people with access to this data are low level and mostly clueless government employees, so won't be running complex regexs on the database.
As it happens I block metadata collection via VPN anyway, so apart from some YouTube videos watched on my TV all they will get is noise and other
Re: (Score:2)
1. They don't care about you to dig through your data
2. If they did care enough about you, they wouldn't be hindered by this at all, but would now have evidence that you are trying to hide something.
It's entirely counter-productive. You are just not that interesting to them, yet should you become, you've given them a reason to dig even deeper.
You won't like this comment (Score:5, Interesting)
Back in the nineties, I discovered the internet and its freedom as a wonderful tool that proved the freedom-based values of the Western society. Moreso, as I was (and am) living in a former communist country in Eastern Europe. Imagine my delight, coming from a closely monitored society to such a wonderful and open global community!
However, I have noticed a worrying trend, mostly in opinions posted in forums or other places by Westerners (American and European alike), that too easily dismissed any threats to the personal freedom in various topics. From trivial but excessive forum moderation (which to me resembled too much to the communist censorship) to political issues where leaders pressed and were allowed to limit liberties such as the freedom of speech, for dubious reasons (political correctness, security in matters presented by exagerating imaginary threats, etc.). I understood one thing then: your society was utterly vulnerable to becoming a closed one, even to transform into an oppresive one, for one very simple reason: you didn't see first hand how a dictatorship works, how the officials' behavior in an oppresive state behave, and how they talk. We've seen those and painfully endured their effects, over a long time. I was able to detect the signs of the emerging surveillance society in the West since those times. I tried to express my concerns in open forums, and been bashed by the all-knowing arrogance of those who thought nothing bad can happen with the civil rights.
They were wrong. And now it's too late. You are asking what you can do as an individual. You can't do anything at this point, all you'll achieve will make you look suspicious, and they will monitor you even closer. Individuals can no longer make any difference, we would need a miacle to prevent the Western world repeat all the mistakes of the dictatorships in the Eastern Europe. It would involve a huge community coherence in working to change the laws, and only voting for those who don't want to control us all (although they are becoming an extinct species). And fighting with all available *legal* means against surveillance and control, without being tempted by using non-democratic shortcuts (such as voting for populists that only tell you what you want to hear). Very, very hard.
So, yeah, you won't like my response to your topic, but hopefully you do at least understand.
Re: (Score:1)
> excess forum moderation
Did Slashdot ever analyze the use of -1 as a censorship tool by those who want to hide opinions they disagree with, as opposed to spam and truly offtopic stuff?
Do they still have metamod? It is supposed to strip mod rights from people who abuse moderation, but it is useless if karma can be repared quickly, and more specifically, faster than the person performs unjust moderations.
Easy (Score:1)
OpenWRT router with VPN to EU paid for in bitcoin with a generic Email. The only issue with this is that I am pretty sure 3 letter fags have purposefully placed back doors in to OpenWRT and other open soruce routers (based on stuff read from Snowden stuff), however I am not hiding anything I just do not believe the government should log my data.
All in all fairly cheap, the only thing the ISP will see is the connection to th
Overload with garbage (Score:3)
When you're not browsing run a script that will surf random web sites for you, go to bbc.co.uk and you'll find hundreds of links, follow them, find more links, follow them, etc. Occasionally pull a word from a web page and do a google search, then follow a bunch of the search results, and follow links on them, etc. Build in a random timer function so it looks like a human surfing. The idea is to make the haystack bigger so the needle is harder to find.
Then do all of the surfing you don't wan them to know about from a WiFi hotspot with a spoofed (random) IP address using a virtualized OS incidence that is scrubbed afterwards.
Re: (Score:1)
I once wrote a program (Windows) that would be run on a laptop before travelling which would download a preset number of PDF files on totally random subjects. White Papers, Manuals, Technical documents etc etc ALL publicly available from google .... RANDOM SUBJECT SEARCH filetype:PDF.... Completely at Random. It would then store them in a random folder structure named things like Leaked Documents, Blue Prints etc etc. You know the kinds of buzzwords that would set off alarms somewhere. Imagine looking in a
Re: (Score:2)
The idea is to make the haystack bigger so the needle is harder to find.
Why not turn the haystack into a needlestack? Make the script go to actual pages you've visited (or follow actual searches you've performed before with a few words changed) and pull words/phrases from there.
Bitmessage (Score:4, Interesting)
One example that makes metadata collection much more difficult is Bitmessage. Its main feature is uncensorability rather than anonymity, but it scores very high on the anonymity scale as well. Its metadata is encrypted, so additional actions and costs are necessary to deanonymise the users. It also has uncensorable shared communication feature called chans. There are gateways that provide connectivity to email. Disclaimer: I am one of the developers of Bitmessage and I also operate one such gateway, https://mailchuck.com.
Re: (Score:2)
If Bitmessage sends everything everywhere (At least Wikipedia says so) so that only the recipient can decode the message addressed to him, how long you expect it to operate before it overloads the network?
Re: Bitmessage (Score:1)
Was interested until I saw this at the bottom,
"In order to send anonymous emails and for enhanced features, you need to upgrade to a subscription based account. Consult our pricing page."
So having a free account doesn't really do shit does it?
Re: (Score:2)
Thanks, I'll have a look at that. You say it encrypts metadata, but I'd just like to point out that it doesn't stop traffic analysis, which if what they want ISPs to do. TOR does, it generates constant dummy data and forwards packets from other machines (randomly combining and splitting them). Something to consider perhaps.
Re: (Score:2)
I2P is more effective at this. Every user relays packets for the network, so your own packets are mixed in with network traffic.
Fake traffic..... (Score:2)
On the fake traffic thing, there is a screen saver for Linux which will do web searches for images and create a collage. It always produced a fascinating results over time. Lots of random things, a fair amount of porn, just.... the internet...in all its naked boobs and pictures of text glory.
Well one day, I was feeling a little parnoid, and more than a little mischevious, so I tracked down how it invoked wget and made sure it used a local tor proxy. Didn't really seem to change the end result on my end, but
Re: (Score:2)
I did a quick search and found this: https://www.jwz.org/webcollage... [jwz.org]
Tried to backup to the directory and see if there was more, but, I didn't find a path back to a download or code, just talk of it working as a screensaver.
Also found this just great discussion of people quite disturbed by the output it came up with and wanting to see it removed: http://www.fedoraforum.org/for... [fedoraforum.org]
Metadata like endpoints? (Score:2)
In the us the NSA considers what numbers you called and what numbers called you and how long the calls were connected metadata.
So I will assume when applied to ISPs that they are going to be logging endpoint information as in a log of every ip:port connection in and out w/duration for your connection.
This is often enough to determine what websites were visited as most websites have a dedicated ip for their domain but some have several websites hosted under the same ip address.
My first thought would be to se
No way (Score:2)
There is no way to jam the metadata collection (to overload the collection engine) simply because you overload the mail system with a spam in the process. The only way to get rid of metadata collection is some darknet where metadata cannot be collected by design.
Browser Sharing? (Score:2)
Use a VPN (Score:2)
Re: (Score:2)
Onion routing and VPN use do not seem to worry the 5 eye nations.
Re: (Score:2)
I think you should read this: https://www.torproject.org/doc... [torproject.org]
Re: (Score:1)
Easy (Score:2)
Only use Tor over an additional VPN so there is no Metadata to collect.
If you want to fuck with them, run your own email server and create arabic sounding email addresses with TOR on Gmail and make them exchange highly encrypted files (your laundry and grocery list for example) so that they'll set up a special group to try to decrypt them. ... and say goodbye to traveling per airplane for the rest of your life.
Too Late (Score:2)
Like you said, you are already on the list. The only people who are going to bother to generate fake traffic are the same people who want to hide / obfuscate their behavior with said fake traffic.
The only way to do it would be create applications that people can run, and convince enough people to run them. Sort of like SETI @Home or similar. You would want to get people to run the apps on their phones as well.
The only realistic way that I see to do this in the current environment is via some sort of malw
Re: (Score:2)
VPN use, onion routing just makes a user more interesting and adds no real technical issue to UK collection.
Re ""Yes, I did X. So what? Prosecute me. Put me in front of a jury of my peers and convict me for it.""
Thats how East Germany started with its protesters. A few seen in front of a church. Get images, follow them, plant charismatic informants, get i
back to the future (Score:2)
Whatever you do, don't email or tweet stuff (Score:1)
It would be double plus ungood if all the metadata pointed to the government GHCQ as being the primary source of terrorism, for example.
Metadata is meaningless out of context, but those who live in Fear will spend years on mole hunts.
My suggestions (Score:2)
1. Separate private contacts and public contacts
Use gmail with two-factor authentification for amazon, itunes, netflix, etc. As the government has access to everything you do there having the security compromised, do not try to hide it. At least google does a good job protecting the product (you) from being infiltrated by private crooks, use it to protect against daisy chain attacks against password recovery identity theft. They offer you a big mailbox and unusual usage invokes their automatic protection sy
Simple (Score:2)
Its OK - Darwin and Adam Smith have CYA (Score:1)
Re: (Score:2)
Re: (Score:2)
Not really, as they'll filter that out pretty fast. The systems doing those searches are a lot more intelligent than simple regex checks, and can factor other contextual clues into it. Just look at what Google does: they factor recent searches into new searches, so results related to recent searches (especially those in the last few minutes) appear higher in the list. I'm sure the government has something at least as good at contextual clues, possibly even provided by Google itself.
Re: (Score:2)
Re: (Score:2)
Out of "Old world", "New world", "Third world", Australia is most definitely "New world".
I think the Australian government is most definitely guilty, and most unlikely to be proved innocent, about anything, ever. I proclaim the present Australian government completely wrong, about almost everything, and I suspect that I am not alone.
FTFY ;-}
Re: (Score:2)
And all the phones will be associated with your SIM and THEY will know that all these phones belong to the owner of this SIM. If you really want to hide yourself you need a SIM not associated with you (you understand what I mean), a modem/phone anonymously bought for exclusive use with this SIM and a computer with some privacy-enhanced OS. And maybe even a modem/phone with SIM plugged to some router, hidden on some roof and contacted via WiFi only since the position of the modem can be easily determined.
Re: (Score:1)