Ideally your VPN vendor would provide you the direct services that made sense, allow you to ramp up the stream cipher to the level which suits your paranoia, and the vendor's peering arrangements would allow your gateways to pop onto the public internet at interconnects around the world. This kind of vendor should be a completely generic system-as-service which might exist with no employees at all, just a collection of leases for racks of computers and bandwidth guarantees, and a database of account information. Such companies could organize themselves into an endless shuffling of accounts between shell companies such that the identity of the entity which provided service to a particular client would never be the same from one http request to the next. It's the basic scheme of frequency hopping spread spectrum communication applied to avoiding any "fixed abode" on the internet itself.
So that's how you could get privacy without bending yourself out of shape. Someone needs to build a business which embodies a pattern of computation without creating any associated persistent material structure that could be seized to enforce compliance. -- rec -- On Sun, Aug 18, 2013 at 1:19 PM, Steve Smith <sasm...@swcp.com> wrote: > So... here's a paradox... or is it a conundrum: > > I choose to live in a world with as little fear or paranoia as possible > (some may not see that from my postings here, but I claim it to be true). > > So, to secure my wireless network, to encrypt my e-mail, to encrypt my > hard drive, to use obfuscating proxies in my network/computer life would be > to invite a much more dangerous and scary world in than I want to live > in. Just as adding deadbolts to my doors at home or putting a lo-jack in > my vehicle, or keeping a loaded gun in my bedstand would feel like inviting > in the bad things they are supposed to keep out. I've lived decades > without any of those and I can't say I have any significant reason to feel > like a chump about it, while I know folks (there may be some here) who are > pretty sure that if they didn't shoot their triple-deadbolt and set their > "armed response" security system every time they go through their door, > that they would be victim of home invasion, etc. > > On the other hand, I understand the logic of wanting erstwhile criminals > to assume that "everyone owns a gun and knows how to use it", and the logic > of sending private communication by sealed envelope, or using SSL/TLS for > e-mail (and other) communication over an otherwise open network. > > So is there a "best of both worlds"? I try to strike this by leaving my > wireless network open to use by "anyone", but setting up my e-mail client > with SSL/TLS and only sending sensitive information over the web via https > . I can imagine using the disk-level encryption provided on my system as > a matter of course, but I *can't* imagine setting up an obfuscating web > proxy and insisting that all my co-mmunicants decrypt my e-mails with PGP, > etc. > > This all smacks so strongly of immune systems and complex > population/prey/symbiote/parasite communities that I feel like I need to go > back and review Stephanie Forrest's work again. > > > On Haystacks: There are two types of cracking that can occur to an > individual > 1 - Targeted: The bad guy (NSA, a malicious cracker...) is after you > specifically. > 2 - Non-Targeted: The bad guy casts a broad net, or inspects a big > haystack, for exposed individuals > > If 1), your chances are really low of avoiding being hacked unless the > bad guy is novice. > > 2) is a double edged sword. Being concerned about encryption email > routing and storage has merit if the trolling is simply putting up a wall, > saying "move along, nothing here". But it also puts up a sign saying "I > have a reason to hide" > > My guess is that all of us using any sort of extra measures, such as > encryption, are definitely on the NSA books. > > -- Owen > > > On Sat, Aug 17, 2013 at 5:35 PM, Steve Smith <sasm...@swcp.com> wrote: > >> Marcus >> >> Public advocacy for having ubiquitous secure transfers is a stronger >>> signal for them to contemplate. >>> >> Agreed. >> >> yes, these are the fruits of a paranoid mind, but just because you are >>>> paranoid, *doesn't* mean they aren't out to get you. >>>> >>> Speaking of paranoia, here's a little Thunderbird add-in that aims to >>> check that all of the e-mail hops were secure. It's a little buggy, but a >>> nice idea (double check its work if it gives you a happy face). >>> >> I get happy faces over the strangest things... and in fact, I like >> highwire work without checking the net before I go up... it just feels like >> bad juju. It is merely important (to me) to know that I *can* check the >> net if I choose to... that it is checkable and I am competent to do so and >> nobody gets too wIerded out if I do. >> >>> >>> https://addons.mozilla.org/en-US/thunderbird/addon/paranoia/ >>> >> - Steve >> >> >> ============================================================ >> FRIAM Applied Complexity Group listserv >> Meets Fridays 9a-11:30 at cafe at St. John's College >> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com >> > > > > ============================================================ > FRIAM Applied Complexity Group listserv > Meets Fridays 9a-11:30 at cafe at St. John's College > to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com > > > > ============================================================ > FRIAM Applied Complexity Group listserv > Meets Fridays 9a-11:30 at cafe at St. John's College > to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com >
============================================================ FRIAM Applied Complexity Group listserv Meets Fridays 9a-11:30 at cafe at St. John's College to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
