Re: [liberationtech] Fwd: Now Anyone Can Create Their Own Personalized Alexa Skill in Just Minutes
While I agree there is no way to use an Alexa device without privacy concerns, or any app or device with an open recording "phone home" microphone (check your apps for permissions, folks! You may be amazed...) *privacy is a slider*. You meter out your privacy for services, just as you meter out your labor in exchange for wages. The difference is, your privacy includes information that can be replicated, so you have to decide how much you understand and trust the receptacle, and how much you value the services, and balance the risk/reward -- not only for yourself, but for society. While some people find the risk for society to be unacceptably high, others find that (as with file sharing) the risk to society of sharing information prolifically and diluting its artificial value created by scarcity is acceptable to them. So, the risk to artistic production, publishing models, etc, on the one hand, is ignored by the file sharing community, and the risk to PII/privacy is ignored by big data, for the sake of having the cookie NAOW. In file sharing, the artificial value of scarcity was created by PI laws and licensing. In privacy, by PII and personal choices and opsec. In current days, the prevailing choice is to make PII cheap, by brokering it prolifically for services, reserving very little, and engaging in very little consumer education (self- or industry/govt/public school/etc). This means the effective value of the market of PII is cheapened, so long as the market is uneducated as to the value that increasing scarcity would add to their PII, and disorganized in exercising their power as a market to demand more value for their assets. It's nearly the opposite of the prisoner's dilemma -- so long as most people will give up their genetic code for a coupon for a cheeseburger (regardless of what they overtly express about privacy concerns, their actions rarely match), reserving your individual information as .0001% of the market will remain insignificant and unthreatening in the scenario. You could give yourself a stroke stressing about privacy, sure, but unless you can educate that other 99.% to understand the true potential value of their PII beyond ad-supported email clients and cat memes sharing platforms? You're SOL. You will never see the last one out. You will die waiting. Recently, since I live with permanent disability that leaves me flat on my butt in bed sometimes for weeks, half dead with pain, fatigue and profound malaise (it is what it is), I got an Echo Dot. I'm a privacy advocate. But I believe privacy is a slider. I live alone and my life at this point is profoundly consistent and routine and boring, day to day, if you consider slogging through involuntary retirement in public subsidized senior housing with medical supports in Cambridge MA boring, though I do try to keep blogging, researching, and I'm slowly slogging through a book. I don't talk to myself, and I rarely even talk on the phone, preferring text communications. Alexa (Amazon) knows I love to sleep to Mozart, Yo-Yo Ma, or SomaFM Suburbs of Goa and to listen to the Grateful Dead/jam bands, free jazz, minimalist compositions, Kraftwerk, Nina Hagen, and Shostakovich cello concertos while I game, to do housework to the Stones, and chill to Celtic harp -- and I am ok with that. "She" also knows I shop for bananas, masa, eggs, coconut milk, and various odd things that end up on my shopping list which I call out as I'm cooking. She knows when I take my meds, and so if I fall asleep, as I often do, she is more reliable than the staff on the floor at waking me. I do suppose I talk to myself, in that I tell "her" "Please" and "Thank you," for my own soul's ease, not for "her's." Guess what? Now all of you know all of this, too. I am unconcerned about my privacy, even though this is a publicly archived list. When rms comes to visit, I unplug the power to the device before he arrives, out of courtesy, lol. (He still sniffs at me for having it.) But as a person who sometimes can't get up to change the radio station, having a voice command widget with such flexibility -- as well as a "I've fallen and I can't get up" device that doesn't charge me extra -- is a bonus worth the privacy hit, which I find minimal. I still feel shy about it because of contributing to the cheapening of PII. In my case, I believe I've made a thoughtful exchange. yrs, Shava Nerad shav...@gmail.com https://patreon.com/shava23 On Thu, Apr 19, 2018 at 3:00 PM, Thomas Delrue <tho...@epistulae.net> wrote: > (Dropping mailinglists other than LibTech...) > > On 04/19/2018 09:22 AM, Phil Shapiro wrote: > > I do not own an Alexa device and am wary of privacy issues in > > general. > > If /you're/ wary of privacy issues, then why encourage others to use it? > > > At the same time, I think there are ways of using this device t
[liberationtech] a reflection on the NFL's sudden conscience
As a somewhat recognized social engineer in the PR/social media space (and an amateur cogsci type), I can't help but see the NFL management's sudden bandwagon activity in "taking a knee" and encouraging their players as being related to the prior two weeks of seriously bad publicity they were taking regarding Chronic Encephelopathy in longitudinal studies for impacts of pre-teen children without concussion. This would be a great paper for some communications studies or related grad student out there. I'm quite sure that the change in press coverage would be found to be inverse and dramatic. The NFL is either learning from, or getting help from, the White House's methodologies of press control, IMO. Their moves will not hurt them on either side eventually, and are mitigating a long term disaster, and are helping them with a critical, existential threat. And that ain't a threat to black players -- rather the opposite -- they are leveraging a protest for racial issues to make it safe for them to cripple more black players, proportionately -- even the aspirational kids they do not recruit. Explains such a radical turn around in some of the management... Isn't it interesting when everyone's needs are met by the same gestures? yrs, -- Shava Nerad shav...@gmail.com -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing the moderator at zakwh...@stanford.edu.
Re: [liberationtech] A great move by Tor
Along side our initial board, Shari was nearly my boss my first year as founding ED at Tor, and she and her staff at EFF were so helpful as our fiscal sponsors and friends. And I was squeeingly proud to be sh...@eff.org while working under her aegis, having been carrying the EFF banner since two of the initial meetings in Cambridge at Lotus just before I left MIT for UNC in 1989, for anyone who goes back that far. (Insert requisite "if I'm this old why aint I dead?" remark here…) I literally could not have imagined or anticipated a better fit. I was surprised and delighted to hear the news! We already have a date set up for institutional memory dump and catch up over coffee, next she lands in Cambridge. Happy mama bear emerita! Shava Nerad Founding Executive Director The Tor Project -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] What should the liberation tech response be to ISIS-related recruiting online?
Are you, or have you ever been, associated with the Communist Party? When questions of speech and association become poisoned litmus tests, regardless of the apparent profile of the target in contemporary media and current events, it is a disease of the times. Rights must always be held paramount, and perspective be broad, not narrowed or special cases made. Tools are tools. We make them for better engagement and association, for organizing. If our government finds that fringe cases are more passionate in their causes than our general electorate -- perhaps they need to invest in growing the civic passion of the average adult and especially our children. yrs, Shava Nerad shav...@gmail.com (Well practiced on this one heh) On Jul 1, 2015 9:53 AM, Steven Clift cl...@e-democracy.org wrote: Any reactions to this NYTimes article? ISIS and the Lonely Young American By RUKMINI CALLIMACHIJUNE 27, 2015 http://www.nytimes.com/2015/06/28/world/americas/isis-online-recruiting-american.html?_r=0 What responsibilities emerge and how do they balance with freedoms and rights we aspire to see online being used essentially for very bad things. Steven Clift - Executive Director, E-Democracy.org cl...@e-democracy.org - +1.612.234.7072 @democracy - http://linkedin.com/in/netclift E-Democracy can help: http://e-democracy.org/services -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Minorities privacy/surveillance
Have you looked for information specifically on COINTELPRO and the civil rights movement? It might not be indexed under surveillance (a good deal of the activity was sabotage and harrasment, too) but having grown up under the FBI's eye, it's hard to imagine there isn't literature. Part of the problem with scholarship on the surveillance in that generation is the conditioning to not speak out on the part of many subjects (for many reasons), and also the combination of a lack of records laws and FOIA means that even redacted records of surveillance may not have been retained. From what I understand the richness of records retained varied literally on an agent by agent basis -- a packrat (or possibly CYA) factor. yrs, Shava Nerad shav...@gmail.com On Feb 24, 2015 11:24 AM, Yosem Companys compa...@stanford.edu wrote: From: Rebecca Slayton rs...@cornell.edu One of my students would like to do a term paper on minority attitudes towards privacy/surveillance, but we are finding very little literature on this (maybe two articles that address the issue directly). His focus is on African Americans and U.S. government surveillance, but I think information on the attitudes of any minority group, in any country, towards any type of surveillance, would be helpful in at least framing the issues. Does anybody know of good resources? Thanks in advance for any tips! Best, Rebecca Rebecca Slayton Assistant Professor, Cornell University Department of Science Technology Studies Judith Reppy Institute for Peace and Conflict Studies 334 Rockefeller Hall | Fax 607-255-6044 -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] About Confide
Anyone who is lauding the verifiability of open source security software had best show that their code has been regularly and thoroughly audited. It will be very easy for closed source alternatives -- snake oil or legit -- for some time to point to heartbleed as a fatal flaw of hubris in the argument that open sourcing is panacea to the trust issue. It shook me. Two years, undisclosed? What a waste. We really don't have a single solution that fits in one statement that a consumer or naive investor is likely to understand. So, there is going to be education required, more than before. In all kinds of communities. I am not sure we have really assessed this yet. Can we assume that people who audit our code are going to disclose -- or sell the brokerable flaws? How many eyes are there on your code, and how many are likely to share their findings with you? This is turning into an arms race. And open source is also open to exploitation, if we do not have enough eyes on our side, enough resources. This is an important issue to examine at this point for every project, wouldn't you think? Shava Nerad shav...@gmail.com On Apr 26, 2014 3:51 PM, Mustafa Al-Bassam m...@musalbas.com wrote: So yesterday a very user-friendly mobile application called Confide was released that claims to be your off-the-record messenger[1]. It has been getting a ton of press attention recently and has raised $1.9m in seed funding[2]. It claims with end-to-end encryption and disappearing messages, Confide is bringing off-the-record conversations online. What do people think of this? It is obviously a joke and a no-go to be used as something to be relied on for encrypted communications given that there is literally no information about the encryption used and it's closed sourced/can't be verified. However, the interesting thing about this is that it seems to be more focused around preventing the client itself from archiving chat messages rather than the server. For example, it boasts screenshot protection (Snapchat style?), and the FAQ states more specifically, we think common use cases will include: Job referrals, HR issues, deal discussions, and even some good-natured office gossip[3]. Nevertheless, the unverifiable claims it make about encryption are worrying, and what's more worrying is a future of multi-million dollar funded weak sauce encryption applications that give a false sense of security that feed on an actual desire by users for privacy following the NSA leaks, that are more successful at attracting users than open source alternatives that are verifiable secure, thanks to the vast amount of resources they have in marketing. Confide has raised $1.9 million in seed funding from WGI Group, Google Ventures, First Round Capital, SV Angel, Lerer Ventures, CrunchFund, Lakestar, Marker, David Tisch’s BoxGroup, Yelp CEO and co-founder Jeremy Stoppelman, Entourage creator Doug Ellin, and Access Hollywood host Billy Bush.[4] [1] https://getconfide.com/ [2] http://techcrunch.com/2014/02/04/confide-1-9m/ [3] https://getconfide.com/faq [4] http://techcrunch.com/2014/04/24/confide-android/ -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] About Confide
Security software isn't like a lot of open source projects. Generally there have to be narrowly controlled commits, well reviewed. Those people are experts who may have a lot of other demands on their time that are far far more monetarily rewarding if the project is un(der)funded. So they are rare altruists, and we often burn out our best. I am not trying to compare these projects to closed source projects. I am trying to compare them to FOSS hubris. The idea that we have, that the NGO sector has, that there is inherent virtue in poverty and inherent evil in gaining enough resources to be well resourced for the work available. We need to get over that aspect of this whole thing. Ideally, in my opinion, we need well organized well resourced groups with less politics and less fashion-driven ideals. I have no problem with free software and open source -- I have worked with a number of projects over the years in various roles. I was the original publicist for FSF. But if we always are comparing ourselves to closed source projects, then we are not able to own either our own native strengths or the vulnerabilities in our own working culture. We glorify doing more with less to an excess. It's not always appropriate, in extremis, for every project. Security projects are at a huge disadvantage in an environment of impoverished resources. Any one of you should be able to run that risk analysis. Open or closed, under-resourced projects will be at greater risk. Period. We should evaluate how the environment around a project -- funding, development, research attention, use in greater communities -- leaves it more or less prone to exploit attention being more likely than community maintenance. Because at root (pun possibly intended), some of the balance may be coming down to the size of the pool of hackers focused on the code with either intent. It's a buyer's market out there. I don't make the news. But it does make me ponder. This seems like a hard problem, to me. Tell me, what is it that I misunderstand? SN On Apr 26, 2014 7:34 PM, Jonathan Wilkes jancs...@yahoo.com wrote: On 04/26/2014 05:18 PM, Shava Nerad wrote: Anyone who is lauding the verifiability of open source security software had best show that their code has been regularly and thoroughly audited. I'm not sure what that means, so I'll start a new paragraph for what could be a non sequitur... Someone doesn't have to be an active scientist doing peer reviewed research in order to laud the verifiability of the scientific method. Similarly, I don't have to be an active security dev working on peer reviewed software in order to recognize the obvious benefits of the free software approach over proprietary development. Anyone who wants to ignore those obvious benefits best explain how they would verify a fix for the heartbleed bug if the public weren't allowed to read the code. And what if you didn't trust their description of the fix? What if you, as an expert security programmer, suspected that the proprietary team wasn't using a sane codebase or doing a good job of maintaining it? How would you leverage your skills to improve that proprietary security library? Compare the time it takes you to respond to the time it took the OpenBSD peeps to do a git clone command. -Jonathan -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/ mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] CORRECTION: European privacy regulators' excellent paper on Anonymisation Techniques
Do they have teeth to enforce that, Caspar? The political will, do you think? Or is this just PRIME-ing the pump with slick language, to stir up the waters? ;) Shava Nerad Privacy Evangelist, Blackphone/SGP Technologies On Apr 16, 2014 7:18 PM, Caspar Bowden (lists) li...@casparbowden.net wrote: Please disregard previous, main highlighted link got mangled = It's been a remarkable few days for the Committee of European privacy regulators (the Art.29 Working Party) In their first opinion on Data Protection law and national securityhttp://t.co/itKVGpDI1L, they grudgingly sort of admit it is their job to stop NSA spying, but then the next day they approve contracts for PRISM's first corporate partnerhttps://twitter.com/CasparBowden/status/456366945512599552for Cloud processing (although they aren't really a mere processor at allhttps://twitter.com/CasparBowden/status/456413628392939520 ) ..and today they issued the highest quality paper I have ever read from them - No.216, on Anonymisation Techniques Storified version *here https://storify.com/CasparBowden/art-29-wp-opinion-216-on-anonymisation-techniques*for gist, full text (37 pages) in first tweet If anyone knows of a regulatory text that comes close on this topic, would like to know... The relevance to LiberationTech is that if they enforce this, then a whole bunch of worries about commercial and state spying through BigData will go away, in Europe at least Caspar -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Replicant developers find and close Samsung Galaxy backdoor
There is some speculation being bandied about that this is a rooted phone proof OTA update mechanism for the Samsung Android system, or some such. But it's insecurity-by-obscurity in that case, and irresponsible. At which point, it seems like a good time to declare that this is my personal opinion and not that of my new employer Blackphone (Silent Circle/Geeksphone joint venture), where I am now serving as Privacy Evangelist, which has to be the most delightful non-oxymoronic job title EVAH! *gryn* On Wed, Mar 12, 2014 at 5:32 PM, Andrés Leopoldo Pacheco Sanfuentes alps6...@gmail.com wrote: Did they get PAID!! ? 'cause those devices are VERY EXPENSIVE!!! Best Regards | Cordiales Saludos | Grato, Andrés L. Pacheco Sanfuentes a...@acm.org +1 (817) 271-9619 On Wed, Mar 12, 2014 at 4:15 PM, John Sullivan jo...@fsf.org wrote: (Sharing this from https://www.fsf.org/blogs/community/replicant-developers-find-and-close-samsung-galaxy-backdoor .) # Replicant developers find and close Samsung Galaxy backdoor *This is a guest post by [Replicant](http://replicant.us) developer Paul Kocialkowski. The Free Software Foundation supports Replicant through its Working Together for Free Software fund. [Your donations]( https://crm.fsf.org/civicrm/contribute/transact?reset=1id=19) to Replicant support this important work.* Today's phones come with two separate processors: one is a general-purpose applications processor that runs e.g. Android; the other, known as the modem, baseband or radio, is in charge of communications with the mobile telephony network. This processor always runs a proprietary operating system, and these systems are known to have back-doors that make it possible to remotely convert the modem into a remote spying device. The spying can be operated using the device's microphone, but it could also use the precise GPS location of the device and access the camera, as well as the user data stored on the phone. Moreover, modems are connected most of the time to the operator's network, making the back-doors nearly always accessible. It is possible to build a device that isolates the modem from the rest of the phone, so it can't mess with the main processor or access other components such as the camera or the GPS. Very few devices offer such guarantees. In most devices, for all we know, the modem may have total control over the applications processor and the system, but that's nothing new. While working on [Replicant](http://replicant.us), a fully free/libre version of Android, we discovered that the proprietary program running on the applications processor in charge of handling the communication protocol with the modem actually implements a back-door that lets the modem perform remote file I/O operations on the file system. This program is shipped with the Samsung Galaxy devices and makes it possible for the modem to read, write and delete files on the phone's storage. On several phone models, this program runs with sufficient rights to access and modify the user's personal data. A technical description of the issue, as well as the list of known affected devices is available at the Replicant wiki: http://redmine.replicant.us/projects/replicant/wiki/SamsungGalaxyBackdoor . Provided that the modem runs proprietary software and can be remotely controlled, that back-door provides remote access to the phone's data, even in the case where the modem is isolated and cannot access the storage directly. This is yet another example of what unacceptable behavior proprietary software permits! Our free replacement for that non-free program does not implement this back-door. If the modem asks to read or write files, Replicant does not cooperate with it. Replicant does not cooperate with back-doors, but if the modem can take control of the main processor and rewrite the software in the latter, there is no way for a main processor system such as Replicant to stop it. But at least we know we have closed one back-door. -- John Sullivan | Executive Director, Free Software Foundation GPG Key: 61A0963B | http://status.fsf.org/johns | http://fsf.org/blogs/RSS Do you use free software? Donate to join the FSF and support freedom at http://www.fsf.org/register_form?referrer=8096. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Shava Nerad shav...@gmail.com
Re: [liberationtech] New EFF Lawsuit: American Sues Ethiopian Government for Spyware Infection
http://tagdef.com/popcorn for those unfamiliar with the idiom. It's not for the Ethiopian cases per se. However there are other state actors in Maryland and the UK engaging in phenomenally parallel acts on the basis of what some term secret interpretations of US law, in our case. These cases will be cited as technology precedents for privacy from surveillance from state actors who don't have freaking 100% pristine charters, wouldn't you think? State actors who contract, say, malware, backdoors, what have you. If we get a cut and dry offshore foreign intel case, then the differential diagnoses become more distinct. If the case were to become anticipated in this way, the administration could put administrative delays or pressure State to block it somehow. (They aren't dense, I imagine they've noticed and thought through this already.) Very nice. These cases deserve support. SN On Feb 18, 2014 10:51 PM, Andrés Leopoldo Pacheco Sanfuentes alps6...@gmail.com wrote: Popcorn? Really? On Feb 18, 2014 8:26 PM, Shava Nerad shav...@gmail.com wrote: Why, the parrallels to these cases, once established as precedent, could be provocative. (Grabs popcorn.) SN On Feb 18, 2014 3:09 PM, Mustafa Al-Bassam m...@musalbas.com wrote: This is great. Would also like to add that yesterday a criminal complaint was filed in the UK for a similar situation: https://www.privacyinternational.org/press-releases/privacy-international-seeking-investigation-into-computer-spying-on-refugee-in-uk Mustafa On 18/02/14 18:16, Nate Cardozo wrote: Hi LibTech, Today, we sued the Ethiopian Government for its use of the malware described in last year's Citizen Lab report. Thanks to Citizen Lab for their amazing work. Details below. Best, Nate -- Nate Cardozo Staff Attorney Electronic Frontier Foundation 815 Eddy Street San Francisco, CA 94109 n...@eff.org | 415.436.9333 x146 Help EFF defend our rights in the digital world https://www.eff.org/donate https://www.eff.org/press/releases/american-sues-ethiopian-government-spyware-infection February 18, 2014 American Sues Ethiopian Government for Spyware Infection Months of Electronic Espionage Put American Citizen and Family at Risk Washington, D.C. - An American citizen living in Maryland sued the Ethiopian government today for infecting his computer with secret spyware, wiretapping his private Skype calls, and monitoring his entire family's every use of the computer for a period of months. The Electronic Frontier Foundation (EFF) is representing the plaintiff in this case, who has asked the court to allow him to use the pseudonym Mr. Kidane - which he uses within the Ethiopian community - in order to protect the safety and wellbeing of his family both in the United States and in Ethiopia. We have clear evidence of a foreign government secretly infiltrating an American's computer in America, listening to his calls, and obtaining access to a wide swath of his private life, said EFF Staff Attorney Nate Cardozo. The current Ethiopian government has a well-documented history of human rights violations against anyone it sees as political opponents. Here, it wiretapped a United States citizen on United States soil in an apparent attempt to obtain information about members of the Ethiopian diaspora who have been critical of their former government. U.S. laws protect Americans from this type of unauthorized electronic spying, regardless of who is responsible. A forensic examination of Mr. Kidane's computer showed that the device had been infected when he opened a Microsoft Word document that contained hidden malware. The document had been an attachment to an email message sent by agents of the Ethiopian government and forwarded to Mr. Kidane. The spyware contained in the attachment was a program called FinSpy, a suite of surveillance software marketed exclusively to governments by the Gamma Group of Companies. In the several months FinSpy was on Mr. Kidane's computer, it recorded a vast array of activities conducted by users of the machine. Traces of the spyware inadvertently left on his computer show that information - including recordings of dozens of Skype phone calls - was surreptitiously sent to a secret control server located in Ethiopia and controlled by the Ethiopian government. The infection appears to be part of a systematic program by the Ethiopian government to spy on perceived political opponents in the Ethiopian diaspora around the world. Reports from human rights agencies and news outlets have detailed Ethiopia's campaign of international espionage, aimed at jailing opposition and undermining dissent. But Ethiopia is not alone. CitizenLab - a group of researchers based at the University of Toronto, Canada - has found evidence that governments around the world use FinSpy and other technologies to spy on human rights
Re: [liberationtech] New EFF Lawsuit: American Sues Ethiopian Government for Spyware Infection
Why, the parrallels to these cases, once established as precedent, could be provocative. (Grabs popcorn.) SN On Feb 18, 2014 3:09 PM, Mustafa Al-Bassam m...@musalbas.com wrote: This is great. Would also like to add that yesterday a criminal complaint was filed in the UK for a similar situation: https://www.privacyinternational.org/press-releases/privacy-international-seeking-investigation-into-computer-spying-on-refugee-in-uk Mustafa On 18/02/14 18:16, Nate Cardozo wrote: Hi LibTech, Today, we sued the Ethiopian Government for its use of the malware described in last year's Citizen Lab report. Thanks to Citizen Lab for their amazing work. Details below. Best, Nate -- Nate Cardozo Staff Attorney Electronic Frontier Foundation 815 Eddy Street San Francisco, CA 94109 n...@eff.org | 415.436.9333 x146 Help EFF defend our rights in the digital world https://www.eff.org/donate https://www.eff.org/press/releases/american-sues-ethiopian-government-spyware-infection February 18, 2014 American Sues Ethiopian Government for Spyware Infection Months of Electronic Espionage Put American Citizen and Family at Risk Washington, D.C. - An American citizen living in Maryland sued the Ethiopian government today for infecting his computer with secret spyware, wiretapping his private Skype calls, and monitoring his entire family's every use of the computer for a period of months. The Electronic Frontier Foundation (EFF) is representing the plaintiff in this case, who has asked the court to allow him to use the pseudonym Mr. Kidane - which he uses within the Ethiopian community - in order to protect the safety and wellbeing of his family both in the United States and in Ethiopia. We have clear evidence of a foreign government secretly infiltrating an American's computer in America, listening to his calls, and obtaining access to a wide swath of his private life, said EFF Staff Attorney Nate Cardozo. The current Ethiopian government has a well-documented history of human rights violations against anyone it sees as political opponents. Here, it wiretapped a United States citizen on United States soil in an apparent attempt to obtain information about members of the Ethiopian diaspora who have been critical of their former government. U.S. laws protect Americans from this type of unauthorized electronic spying, regardless of who is responsible. A forensic examination of Mr. Kidane's computer showed that the device had been infected when he opened a Microsoft Word document that contained hidden malware. The document had been an attachment to an email message sent by agents of the Ethiopian government and forwarded to Mr. Kidane. The spyware contained in the attachment was a program called FinSpy, a suite of surveillance software marketed exclusively to governments by the Gamma Group of Companies. In the several months FinSpy was on Mr. Kidane's computer, it recorded a vast array of activities conducted by users of the machine. Traces of the spyware inadvertently left on his computer show that information - including recordings of dozens of Skype phone calls - was surreptitiously sent to a secret control server located in Ethiopia and controlled by the Ethiopian government. The infection appears to be part of a systematic program by the Ethiopian government to spy on perceived political opponents in the Ethiopian diaspora around the world. Reports from human rights agencies and news outlets have detailed Ethiopia's campaign of international espionage, aimed at jailing opposition and undermining dissent. But Ethiopia is not alone. CitizenLab - a group of researchers based at the University of Toronto, Canada - has found evidence that governments around the world use FinSpy and other technologies to spy on human rights and democracy advocates across the globe. The problem of governments violating the privacy of their political opponents through digital surveillance is not isolated - it's already big and growing bigger, said EFF Legal Director Cindy Cohn. Yet despite the international intrigue and genuine danger involved in this lawsuit, at bottom it's a straightforward case. An American citizen was wiretapped at his home in Maryland, and he's asking for his day in court under longstanding American laws. In the complaint filed in U.S. District Court in Washington, D.C., today, Mr. Kidane asks for a jury trial as well as damages for violations of the U.S. Wiretap Act and state privacy law. The Ethiopian Embassy in Washington received a courtesy copy of the lawsuit, and the District Court will formally serve the Ethiopian Foreign Ministry in Addis Ababa with copies of the papers in both English and Amharic. Richard M. Martinez, Mahesha P. Subbaraman, and Samuel L. Walling of Robins, Kaplan, Miller Ciresi L.L.P. are assisting EFF as
Re: [liberationtech] Recent Der Spiegel coverage about the NSA and GCHQ
It is important that people such as Jake, who does this work unrelated to his work for Tor, are noted a bit more often with appreciation in the community and to figures outside of it in ways that non-hackers/non-geeks/(people who think this began with Snowden) will understand plainly. I am going to be that old woman who speaks frankly here (and completely unofficially -- not like I've had any significant role at Tor since 2007… ) -- in the States, Tor is taking serious heat right now and State and the NSA are spitting like two cats across the Mall at each other. Tor was a more political animal under my watch, but Andrew I think is more determined to keep the shop as entirely ideologically neutral as he can -- Tor is a toolkit. When I launched, Tor was a toolkit with specific audiences and goals, and I've never hesitated to exercise that in my personal opinions, even when they brought me in conflict with swaths of the Tor-using community (Silk Road, etc. as an example which I consider as a term of art to be at the least dumbass, venal, harmful and ultimately feeding the War on Drugs). Part of our movement is the right to articulate and separate personal and professional-role opinions. In my generation, more often accomplished through nyms, but in Jake's more often asserted a priori. Of course, this means the bureaucracy of my generation will not recognize Jake's asserted rights as proper protocol unless his community makes it clear, memetically, that this is the new normal they must accept, just as they must accept candidates having a personal life on social networking, a political life they need politely ignore (like that's really going to happen -- but the real life cognates were always available in DC), and so on. I don't have specific suggestions, and this isn't just about Jake. It's about cultural change. My father told me that the civil rights movement in the US tipped after the sad Birmingham church bombings, when several young black girls in a church basement were killed, and one horribly injured, by a white terrorist bombing. It was, he told me, the white mothers at the dinner tables all through the south, who when their menfolk started bitching about the damn ns, told them to shut your mouth, that could have been our girls in that basement. And that's how blacks became human in a significant number of households here. A tide turned. It was unanticipated, and a regrettable way to get there, to say the least. And they were organized and trying. Our work is not just about law, technology, and media, education, and direct action. We lose track and often avoid discussing details -- for fear of community conflict or seeming uncool or losing allies -- that our goals are culture change. Or sometimes, simply reacting to others' efforts to change the culture (say, the NSA's). May I suggest, reacting to those efforts without a coherent positive vision of where we are going, or an idea of what their root motivations are, are both radical mistakes we must correct in order to support people like Jake, Snowden, Greenwald, friends in the CCC, press, world governments, and so on? It's only conspiracy if it's not a goddam movement. I know a lot of folks here are arm's length observers, but this is for the rest of you. Otherwise, even neutral parties such as Tor will end up with their support sabotaged as pawns in a proxy infowar, a cyber cold war with a three decade build up, struggling over money, power, and influence -- burning billions in waste and pork on the beltway, while standing at ease over the collateral damage of civil liberties. Excellent work, Jake! What can we best do to support your team specifically, beyond distributing links? yrs, Shava Nerad shav...@gmail.com On Jan 6, 2014 12:22 AM, grarpamp grarp...@gmail.com wrote: On Thu, Jan 2, 2014 at 7:37 PM, Jacob Appelbaum ja...@appelbaum.net wrote: We worked very hard and for quite some time on these stories - I hope that you'll enjoy them. Thank you Jacob, and for all your work. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Solutions to surveillance, beyond tech legal
system. Their hypothalamus is well ordered as social mammals. Increasingly neuromarketing -- which is not only used by marketers but also by political campaigns and entertainment groups -- is working to integrate knowledge of brain science into their various campaigns. Since around the Clinton administration (and I used to be State Democratic Committeewoman for Oregon, worked on the Dean Campaign, been a lobbyist in DC, done oppo research for others, and ran a mayoral campaign for Portland OR, so I've had some privileged conversations here and there...) more and more campaigns have been run on marketing models more or less rather than issues -- issues provide plausible deniability. Transmedia would be a better model these days -- and more bluntly, one might call it a convergence of reality engineering among marketing, entertainment, and politics in terms of technology. What we are looking at, increasingly, is infowar, as a transition from cold war, on our own people, on everyone. Morlocks and ooloi. I position myself as an anti-obscurantist in this war, although I wonder if that's a welcome position to anyone involved. We don't have to be sheep! is rarely a welcome message. yrs, On Wed, Dec 18, 2013 at 10:40 AM, Nick liberationt...@njw.me.uk wrote: Quoth Joseph Lorenzo Hall: Are there other kinds of normative/cultural/meme-worthy things we can collectively try to instill in folks? I do think safety is a word we should use more often. I really like how Schneier in the last few years has been talking more about how people under surveillance tend to act more normatively, which is crap at a societal level, but I'm not sure whether that could be turned into one memorable sentence. It sucks that we have to try and 'win' with slogans, but that's how people are used to political 'debate' these days. Grumble grumble... -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Shava Nerad shav...@gmail.com -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Hammond Banned from using Cryptography
IANAL, but it seems to me that if the judge does not call the lawyers into chambers for consultation, there is no period of commentary on sentencing, or adjustment period. If the plea is innocent, then the sentence can be appealed through a trial at a higher court -- however, Hammond opted due to the rather excessively abusive CFAA law which would have put him away for 35 years for a guilty plea for ten years. This means he had to live with the judge's ruling which had this side car of court supervised idiocy tagged on -- which actually made me immediately think that the judge had read up on Kevin Mitnick's trial and was trying to sound like he knew something he didn't. Couldn't stick with the ten years, had to piss on it, pardon my crudeness. Feh. On Tue, Nov 19, 2013 at 6:17 AM, Bernard Tyers - ei8fdb ei8...@ei8fdb.orgwrote: It seems a similar stupidly idiotic requirement to the one imposed on Kevin Mitnick when he was released. From memory the requirment on him was that he wasn’t allowed to use “computers or telephony” equipment. It might have been possible in the early 2000’s but today? IANAL, but would it be worth getting some lawyers to prod this argument further? “You’re honour, what is defined as cryptography?” At least then (in the US) there’d be precedent on what is seen as crypto? Or does that already exist? Could be good for an education campaign “Crypto is not the end goal” to spead the already daily use of cryptography as opposed to the unfortunate view that “crypto is for turrists and sex fiends”. “The government see [online banking] as using cryptography. Everyone uses it.” Just a thought… On 16 Nov 2013, at 06:01, Shava Nerad shav...@gmail.com wrote: It is so common for judges to be complètement sans clue regarding technology -- I'm sure the judge has no idea how pervasive crypto is, probably doesn't understand his online banking uses it, and so on. It's tragic. bleh. On Fri, Nov 15, 2013 at 8:36 PM, Yosem Companys compa...@stanford.edu wrote: From: Privarchy Mee privar...@gmail.com Can any of you, most of whom I do not doubt are far more knowledgeable about cryptography and how it's conceptualised within the legal sphere, offer some insight regarding this? https://twitter.com/CyMadD0x/status/401443518612512769 The claim is that Judge Loretta A. Preska, who sentenced Jeremy Hammond today, said that for the three years (post-release) that he was to spend under supervision, he will not be able to use encryption for communication or storage purposes(!) which is practically a legal edict to go and build a cabin by Walden Pond. How can this be considered anything but cruel and unusual? — -- Bernard / bluboxthief / ei8fdb IO91XM / Contact me: me.ei8fdb.org -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Shava Nerad shav...@gmail.com -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Hammond Banned from using Cryptography
On Wed, Nov 20, 2013 at 7:54 PM, Bernard Tyers - ei8fdb ei8...@ei8fdb.orgwrote: On 20 Nov 2013, at 22:17, Shava Nerad shav...@gmail.com wrote: IANAL, but it seems to me that if the judge does not call the lawyers into chambers for consultation, there is no period of commentary on sentencing, or adjustment period. IAANAL, so you’ll have to explain the significance of what this means? So, as a non-lawyer, this is my understanding -- the judge can call the defense and prosecution into their office, (chambers) optionally, to discuss sentencing. I don't think this is done when there is a plea bargain though. The plea bargain is settled before the courtroom is entered, and the plea of guilty is declared before the court. Then the evidence is given and the judge is supposed to honor the plea bargain, but is not under obligation legally to do so to the exact letter? Although it seem so... http://legal-dictionary.thefreedictionary.com/Plea+Bargaining I don't know if the supervised non-crypto thing was part of the plea bargain though -- it's my impression, although I haven't looked into it, that this was tacked on by the judge as a fillip after the fact. It must have been in the plea bargain though, from what I'm reading...? So...was it left in there to make it look insane? Interesting... If the plea is innocent, then the sentence can be appealed through a trial at a higher court -- however, Hammond opted due to the rather excessively abusive CFAA law which would have put him away for 35 years for a guilty plea for ten years. This means he had to live with the judge’s ruling which had this “side car of court supervised idiocy tagged on -- which actually made me immediately think that the judge had read up on Kevin Mitnick's trial and was trying to sound like he knew something he didn't. Wait, if he read up on Mitnick’s trial and thought he understood…no let’s not go there.. Yeah, iknowright? He wanted to sound sophisticated perhaps and like he was acting on precedent, in a find judicial tradition of nearly exactly two decades of cybercriminal law. I know exactly how long ago it was because I was there when Kevin was apprehended. I was, unfortunately, the last person he tried to social engineer before the feds caught him. I had no idea who it was at the time telling me that our student email servers were painfully insecure at UNC/Chapel Hill and for a reasonable cash fee, perhaps they could be more secure, or otherwise... But Kevin had the atrocious luck to contact me when we had several federal agencies in my machine room investigating a warez ring hovering over me. Couldn’t stick with the ten years, had to piss on it, pardon my crudeness. Don’t follow. It's an American idiom, referring to the territorial mammal ethology of marking territory by peeing on boundaries. I assume the judge was handed the plea bargain of a ten year sentence, and tacked on the supervised-years-without-encrypted-access as his mark on the plea bargain. So, rather than going with what he was given, he had to be a male mammal and make it his like a tom cat. I am violating my usual nonviolent guidelines and being rude and contemptuous in my old age -- my crone years, perhaps the pain management on my infirmities wearing me down (I did manage the anti-surveillance march in DC in a wheelchair, but it was a challenge...). I am reminded of Tiamat in the old myths, who grew weary of her children's noise. As a grow older, I see young people hungry for reform, and I as an elder find myself out of sorts with my entrenched peers. I want better ways to go to the younger folks and feed them what I know through a firehose, before it's too late. Alas, it got Tiamat offed by her children, who wanted to rule her grandchildren and tax them in peace. This seems to be the story of civilization. yrs, -- Shava Nerad shav...@gmail.com -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Hammond Banned from using Cryptography
It is so common for judges to be complètement sans clue regarding technology -- I'm sure the judge has no idea how pervasive crypto is, probably doesn't understand his online banking uses it, and so on. It's tragic. bleh. On Fri, Nov 15, 2013 at 8:36 PM, Yosem Companys compa...@stanford.eduwrote: From: Privarchy Mee privar...@gmail.com Can any of you, most of whom I do not doubt are far more knowledgeable about cryptography and how it's conceptualised within the legal sphere, offer some insight regarding this? https://twitter.com/CyMadD0x/status/401443518612512769 The claim is that Judge Loretta A. Preska, who sentenced Jeremy Hammond today, said that for the three years (post-release) that he was to spend under supervision, he will not be able to use encryption for communication or storage purposes(!) which is practically a legal edict to go and build a cabin by Walden Pond. How can this be considered anything but cruel and unusual? -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Shava Nerad shav...@gmail.com -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] It's about time we publicly declared privacy was never dead.
Yosem, can I pull this back to my original call to action in this thread which was not regarding open source but the question of Is privacy dead? It's stated as assumptive language (often citing Brin) by the entities who profit directly or indirectly from oversharing, insecure, in-the-moment, click-thru, and otherwise myopic user/public behaviors. It's fashionable, cool (and sophomoric) and people are starting to wonder about it. This does relate to liberation tech policy in big ways. Technology can't be separated from the law, policy, or reality engineering/memetics/social engineering/marketing/politics around those technologies. Code is law, but law is also determined by the steady state of accepted truth in the culture as recognized by the mechanisms of democracy and markets and cultural practice -- these feedback loops are a powerful part of our ecosystem, and there are change-agents here on this list who work those systems. That was the substance before the thread got derailed, although no one seemed to leap to the call to action. I think there is a mass teachable moment to be addressed here, in a timely basis. Yrs, SN On Nov 6, 2013 10:08 AM, Yosem Companys compa...@stanford.edu wrote: These messages are personal replies that have little to do with technology, other than the references to open source. Let's steer the discussion back to how information technology can be used to defend human rights, improve governance, empower the poor, promote economic development, and pursue a variety of other social goods. Thanks, Yosem One of the List Moderators On Wed, Nov 6, 2013 at 5:31 AM, Moon Jones mjo...@pencil.allmail.net wrote: Shava Nerad: On Nov 5, 2013 8:32 PM, Moon Jones mjo...@pencil.allmail.net wrote: Shava Nerad: If these young people could dream together, on and offline, some hero's journey -- to change their world reasonably peacefully, fighting dragons, taking all that world building FSF they love and putting that modeling to work IRL? Sounds like a Stalinist/1984 goal. I find your stance puzzling. You seem to be against the current political way, yet you are pushing for a far more totalitarian society. How do you see that? I see this as a continuation of the work of movements such as the SCLC and the poor people's movement that followed. Were those totalitarian? People don't dream together. People dream in their own ways. But they can unite for a common goal. Stalin, Christianity, Islam make people dream together. To paraphrase Mr. Carlin: because you have to be asleep to believe it. Sure, they can agree and work together. But leave the dream. An atheist can be against school prayer or the exhibition of christian sex toys on walls. So does a minority Muslim. While a Christian belonging to a different sect might be against that prayer, but might be for the exhibition. Dreaming together sounds like brainwashing, although I dislike the term. Governments work to make us distrust popular movements because they can effect reforms. Public education, 40-hour work weeks, public libraries, womens sufferage, civil rights, divestiture, (cc), FOSS. Are these Stalinist? A government is a group of people guided by some rules. Same goes for the Middle Age guilds. Making an abstraction, a totem out such an entity is only making things worse for you. But, sure, you can start your own religion based on that. So you do have advantages and disadvantages, like with any other stance. A government, or more DO NOT work. People do. And people means many. Each with a personal agenda. Work with them and you can find your way. Fight the «Government» and you'd be Don Quichotte. Changing from conspiracy theory and venerating a virtual totem pole, to proven social progress is just another propagandist trick. Sorry. I'm not saying you are evil or that you are trying to trick people. As a matter of fact, most people I've met over the years are not even vaguely aware of the techniques they employ. They just know they are effective. And, like with any other job they do their best to do it better. To make things even more complicated, although the source of those social advancements you mention were not from the Soviet Union, and had no connection with Stalin or Lenin, they were brought in about a third of the World because of their actions. Russian peasants were very close to slavery. Same went for the workers. Those not killed by the regime, got things Americans (of US) can only dream of: 40–hour work week, paid sick leave, paid leave days, universal healthcare, gratis healthcare, social housing, social support for the one working, but also for the family, and so on. In a society a few centuries behind the rest of Europe, Stalinism brought reproductive rights to the women and helped a bit with raising the children. In an illiterate empire they brought reading, writing
Re: [liberationtech] It's about time we publicly declared privacy was never dead.
I should rather think It is risen, given many of the impassioned conversations I've seen -- but people don't know what to *do* and that takes a coherent movement. We seem to be convinced of the passivity of people in the US -- the inexorable grip of the ergonomic chair or the couch on the collective national ass. That risk-taking has been bred out of the ugly American and replaced with a nearly japonaise trend of helicoptering concern for safety and permanent records. Well, that is what the young people have been carefully taught but the makers and a great many more feel something missing. They are creating their own tribes and communities because no one left a copy of the social contract near the remote control, or maybe they clicked through the EULA too fast? In the absence of two generations since Watergate, DC has stopped any semblance of respecting the hoi polloi electorate here. We have this Wizard of Oz curtain around the beltway that got erected in 1960, got anchored in the 70s, and cinched shut permanently somewhere around Clinton/Gingrich. If these young people could dream together, on and offline, some hero's journey -- to change their world reasonably peacefully, fighting dragons, taking all that world building FSF they love and putting that modeling to work IRL? Why aren't more of us working on that? Helping find those young people, building them tools, being their mentors and griots and healers, winding them up and handing them this Great Hunt? We can be academic and clever and analytic. But law and software and academic papers will not get rid of the USA PATRIOT Act or tame the cycle of constitutional abuse in Congress and the IC. We need a popular movement, and today that requires social tools, funds, will within our networks, and a great deal of the Art of the Possible. Sausagemaking, my friends. Not just clever language and fine speechifying. I saw what, a couple/few thousand people in DC on the Capitol lawn a week ago and the press made us look huge compared to the body count. That's momentum going by. If privacy's dead, or undead -- shut the damn list down. Liberation's impossible in a despot's floodlight. Hand Evgeny his Nobel and shut down the Peace Prizes, or give them all to one big recipient for pacification efforts against those pesky troublemakers in their misguided efforts in Eurasia. If privacy's not dead, who will plant the wheat with me? What are our next steps? I know y'all are busy,… But the game is changing this year, don't you think? yrs, SN On Nov 5, 2013 4:51 PM, Joseph Lorenzo Hall j...@cdt.org wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 11/2/13 7:06 PM, Shava Nerad wrote: Sort of on the lines of the net neutrality or SOPA/PIPA issues and all that, at the least. But something nicely memetic and viral, showing how this is an issue that has been foisted on folks in the interest of the large corporations, to exploit a cultural change that leads to profit, disengagement, and disaffection. And general vulnerability to the surveillance state. Privacy is undead? ::) - -- Joseph Lorenzo Hall Chief Technologist Center for Democracy Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 j...@cdt.org PGP: https://josephhall.org/gpg-key fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.13 (Darwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJSeWg6AAoJEF+GaYdAqahxSUsP/03CbCG5QpLZ6ghzIhpCf78i D1bjOPCqhssVwSirCkQcFEUQuJKDA8D3U+yAxW50e9JcVjaE8GKvW1wUAgmNHIUa R8uwnjeLz3G6movJvqIjz3kNax/0VkJZjkxlaAYucCmSZ2TzsIxArwNPIGKA64sl 5wtm6a0kQBBzrbWY2FVrm25+7BYCTXJ45JpDSQ6AhN8ikazMMTrcKu7XYHZiGU3N TV6141m6KXZaM+qGOtf8RMcp1DeAT1rO7J+AqGBVL0GbXQgEfxJwXI7KsnPw7dFw +uCCR5SMy+tdV6L7McLYKyGl7QbHmuzI8zzIXkc5sMGSWohGzlsTFonHVv4aIXZy 3BagJOQiw98NZGC9SFJFDFx9i/Bs7jpkQeRjD4KHCInX9ezedT451qW6v0DjA4x4 1gdVJL1Iq0X7+Rd1+2MZTaTqqJF77/8ZxwPzhHmXqrecDxqLoxOl1o49b30T50/5 BzMkdwkcMEAQCFjcji9QDnVkduwm21aR45TBgwClaxqX2YbJ5LQi0nPjMZBuUYed Sq3cNGsf/LjVFteQipNi3IjlE92lEE0GLtdeBhan+LjPp44e+omgh3I6vWK/aNtd GmEwrcLWX6kF32OeuVV/A+VClQ1EuvAsYGvHPDBeGanfkLTTNSG87/MgYPfTCXU/ kOCxeNYyV7tS52D4Uouj =Aq03 -END PGP SIGNATURE- -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] It's about time we publicly declared privacy was never dead.
On Nov 5, 2013 8:32 PM, Moon Jones mjo...@pencil.allmail.net wrote: Shava Nerad: Well, that is what the young people have been carefully taught but the makers and a great many more feel something missing. They are creating their own tribes and communities because no one left a copy of the social contract near the remote control, or maybe they clicked through the EULA too fast? There is no social contract, no EULA. If these young people could dream together, on and offline, some hero's journey -- to change their world reasonably peacefully, fighting dragons, taking all that world building FSF they love and putting that modeling to work IRL? Sounds like a Stalinist/1984 goal. I find your stance puzzling. You seem to be against the current political way, yet you are pushing for a far more totalitarian society. I had to look up your FOSS involvement to make sure you weren't catfitz. ;) How do you see that? I see this as a continuation of the work of movements such as the SCLC and the poor people's movement that followed. Were those totalitarian? Governments work to make us distrust popular movements because they can effect reforms. Public education, 40-hour work weeks, public libraries, womens sufferage, civil rights, divestiture, (cc), FOSS. Are these Stalinist? Why aren't more of us working on that? Us? Who? Us, in LIBERATION technology. From the description of the program: Lying at the intersection of social science, computer science, and engineering, the Program on Liberation Technology seeks to understand how (and to what extent) various information technologies and their applications -including mobile phones, text messaging (SMS), the Internet, blogging, GPS, and other forms of digital technology - are enabling citizens to advance freedom, development, social justice, and the rule of law. It will examine technical, legal, political, and social obstacles to the wider and more effective use of these technologies, and how these obstacles can be overcome. And it will try to evaluate (through experiment and other empirical methods) which technologies and applications are having greatest success, how those successes can be replicated, and how less successful technologies and applications can be improved to deliver real economic, social, and political benefit. It might suggest this list comprises a list of interested parties. Why are you here? This field has been my vocational center for two decades, arguably three-ish. Seems we both care about it. I hope you don't have to protect the net from me. Heh… We can be academic and clever and analytic. But law and software and academic papers will not get rid of the USA PATRIOT Act or tame the cycle of constitutional abuse in Congress and the IC. The Patriot Act is a law. Another law can just erase it. It's quite simple. Just enough people have to care. No need of mysticisms. Were it simple, a lot of very smart people might have figured a way to do it in a decade. There is a lot of political machinery going into FUD, security theater, politics of fear -- you know these terms? To get people to care without *making* them care, but bringing them to care through a journey of understanding and discovery (which, in my hopeful moments, I see Snowden as a part of, although I waver… ) is far harder than scaring them out of their rights. Enough people have to care and stand against fear-based arguments. They need to be brave and take risks. They have to have a sense of meaning and identity with a cause, if not unity or nation (I come from generations of philosophical anarchists, myself, but that might take some hours of discussion to pin down pragmatically. Most often, I simply describe my politics as anti-obscurantist. Sometimes, a Spinoza-era liberal.). People caring doesn't happen without steward leadership and art and it never has. You can call that mysticism, poetry, zines, leafletting, soapboxes, folksongs, or propaganda according to your taste and the side you're on, in relation to the people when they begin to wake up and care. ;) Gandhi, MLK, and Mandela all got charged with mysticism. I am humbled. We need a popular movement, and today that requires social tools, funds, will within our networks, and a great deal of the Art of the Possible. Sausagemaking, my friends. Not just clever language and fine speechifying. This paragraph is precisely that: clever language and fine that thing. Yes, which is why I am asking for help. If you aren't interested, this isn't your project. Might not be as evil as you presume. We? Who? Nobody need a movement. The movement is there. Or is not. Haven't studied much political science or history? Take free software or open source as examples. (I more often use feminism.) I see, in my evil corporate view, a few dramatic and well-backed personalities and organizations, publicity engines, and catfights over art, philosophy, and meaning
Re: [liberationtech] Google Unveils Tools to Access Web From Repressive Countries | TIME.com
So, I've had this post in draft since 10/15, and I added some links and a couple paragraphs, and am just holding my breath, because the reason I wasn't publishing it before is because, well, it's in the Gez, Shava category. But with this news, it just seems too much in the call me Cassandra territory not to push out, even though I'm sure people will say I'm only speaking as a former Tor staffer. I don't think so. I took the position at Tor because I'd been engaged in this field long before that (as I mention in the post) and these issues are not new (she says, with horse club in hand). But my tin hat has been growing mercury wings and a small silk cape this year, so hey... And for any fellow travelers [#keyword logged oops wrong decade] going to DC this weekend, I will be there, btw -- just lined up my carpool van of 12! -- seeking crash space for two. http://www.shava.org/2013/10/22/a-retrospective-on-nymwars-google-as-the-identity-network-and-the-nsa/ yrs, On Mon, Oct 21, 2013 at 10:12 PM, Eric S Johnson cra...@oneotaslopes.orgwrote: Without answering Jillian’s question directly, I have to say: “the more, the merrier.” ** ** Right now, in cybercensored countries, it’s true many folks (though far from all) have heard about one or more cybercircumvention tools. But most folks’ attempts to use them are not entirely successful, either because*** * **·**their proxies are blocked too, or **·**the proxy to which they can get access is overloaded. At this point, the need for more proxies to solve these two problems is far from exhausted. ** ** I still haven’t heard of any cases where someone’s been persecuted *because they used a proxy*. I’m certainly not saying folks shouldn’t care about anonymity, just remembering that for the vast majority of cybercensored netizens, anonymity isn’t what they perceive to be the issue they face when they browse; censorship is. ** ** Best, Eric OpenPGPhttp://keyserver.pgp.com/vkd/DownloadKey.event?keyid=0xE0F58E0F1AF7E6F2: 0x1AF7E6F2 ● Skype: oneota ● XMPP/OTR: bere...@jabber.ccc.de ● Silent Circle: +1 312 614-0159 ** ** *From:* liberationtech-boun...@lists.stanford.edu [mailto: liberationtech-boun...@lists.stanford.edu] *On Behalf Of *Jillian C. York *Sent:* Tuesday, October 22, 2013 08.01 *To:* liberationtech *Subject:* Re: [liberationtech] Google Unveils Tools to Access Web From Repressive Countries | TIME.com ** ** Since I already have more skepticism of Google Ideas and Jared Cohen than I need, let me pose this question: ** ** With the understanding that uProxy provides no anonymity protections, *is it providing anything that other circumvention tools do not already?* What's unique about it? ** ** ** ** -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Shava Nerad shav...@gmail.com -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] State beats NSA
Oh what fun. Not speaking for the Tor Project, but only speaking for up to 2007, and my own opinions, but I did comment. And, what I can say is, my opinions *do not* represent the opinions of everyone in the current project, but the public face of the project at inception as a c3 was pretty much shaped, in messaging, by me -- so I can speak regarding that first year and a bit, and the artist's original intent, as it were. And regardless of what neutrality the current project takes, I am an ideologue of sorts, if not a readily cubby-hole-able one by current categorization -- my history shows it, and there's no denying it. I was raised a political animal. And there have been changes no doubt -- not like I'm in daily communication. I will let the current folks speak to that or not. yrs, On Mon, Oct 7, 2013 at 6:25 PM, Richard Brooks r...@acm.org wrote: Foreign Policy Magazine claims that US Dept of State trumps the NSA: http://thecable.foreignpolicy.com/posts/2013/10/04/not_even_the_nsa_can_crack_the_state_departments_online_anonymity_tool -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Shava Nerad shav...@gmail.com -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] the virtual revolution in Second Life -- virtual model or just more RL?
A virtual trip report with the strongest insider activist biases. Probably if anyone wants a paper out of this, I'm a subject, not an author. Perhaps a small thing in the larger world, where Tor has been in the headlines for Silk Road and amusing powerpoint presentations by the NSA this week, eh? But in the world of tiny virtual first-world-problems, I am also an art performance celebrity/Buckaroo Banzai type in virtual space. tldr links: http://quora.com/What-are-some-brain-hacks-that-neuroscientists-psychologists-know-but-most-people-dont/answer/Shava-Nerad http://www.youtube.com/watch?v=3ukKCWRJudM (getting our act slotted on NBC's America's Got Talent) http://www.businessweek.com/stories/2008-02-14/so-i-married-an-avatarbusinessweek-business-news-stock-market-and-financial-advice http://npirl.blogspot.com/2008/02/tunas-trippy-textures.html http://www.youtube.com/watch?v=IiAG06k9m7o (one of a series of stealth edu machinima produced for German TV) http:oddfellowstudios.com We have a following of some reasonable thousands on SL, even though we've been in slack mode for a couple years, since this is, needless to say, not a money maker. But it is community. The Second Life community is notable for its to-me loveable and often neurotic population of fannish, high percentage (I'm not) transhumanist digital natives who make digital native an absolute in a way unheard of in most gaming or social media contexts. As such, this community is an interesting vanguard for social, legal, and other bubbling up phenomena before they hit more sociotypical online society. With a higher percentage of ASD, disabled, homebound, socially isolated folks, as well as a higher percentage of cultural creatives, intellectuals, educators, DIY/makerspace each-one-teach-one types, medical outreach groups, activists, self-help group facilitators and coaches, human rights advocates, (para)military trainers, wisdom teachers, and other engaged intellectuals (often meshing in Venn diagrams) -- whose silos sometimes interact or not with a vast majority of consumers who are just there to party and buy cool clothes, dance, and hook up -- it's a weird weird weird weird virtual world. When it came to light recently that Linden Lab, operator of Second Life, had made some incredibly draconic changes to their TOS, the community freaked. And LL went to New World Notes (the primary metagame media) and smoothed things out with PR, for the most part. Then I saw the TOS more recently through an individual blog article in the arts community (as I said, we're a bit behind and in slack mode) and freaked, myself, and posted here a couple weeks ago. As a result, in the intervening time, there's been a turnaround in community opinion the issue. We catalyzed a great deal of that. Oddfellow Studios (that being me and Fish Fishman, aka Shava Suntzu and Tuna Oddfellow in virtual space) pulled our stuff and moved to Inworldz, an open source grid (imagine a miniature version of Second Life with a thousands rather than millions of users -- a public private server, so to speak, still with a real-money economy, and with the same asset server type so you can import your own assets -- and violating license could conceivably rip other peoples' (c) but we don't, or could import certain FOSS licensed assets which we have). We were back up and running a rough equivalent to our show within a week, including our monthly collaboration with JaNa KyOmOoN (AKA Jan Pulsford, keyboardist to Cyndi Lauper) with whom we do two monthly dates cross continent, us in New England, her in England. Because we are art performance folks and our fans tend to early adopters even for SL, I think a lot of our fans weren't hesitant to jump grids and become metaversals -- this is to say, they just registered with Inworlds, created a new avatar, loaded up the very similar client, and came to enjoy the show. The shows in SL got press coverage too, showing how easy it was to move, and how people moved with us as our fan base. Through all this, I worked the metagame press, as well as blogging and discussing the issues in and out of game, as did Tuna. Language and backgrounders we crafted began to propagate, and went unopposed by any official pushback by the Lab, New World Notes did a dramatic turnaround on their position when I pointed out that a perpetual irrevocable license (including rights to reassign/sell/resell) means that if, say, the Lab goes tits up, all assets go into receivership and anything in the SL asset server is up for auction if it isn't marked by copyright -- hunting down your assets to defend them is up to the owner in that case (IANAL but I did used to work in entertainment licensing). By the time you straighten things out tracking and defending your copyrights, as I pointed out, your legal help better be free. NWN went to the Lab for comment a couple weeks ago. Got none presumably. I think Hamlet/NWN felt somewhat played by the previous PR response he'd
[liberationtech] NSA seeks privacy/civil liberties officer
This was on the jobs list, but seems to bear comment more generally. *The NSA needs you!* _privacy and civil liberties position_ The NSA Civil Liberties Privacy Officer (CLPO) is conceived as a completely new role, combining the separate responsibilities of NSA's existing Civil Liberties and Privacy (CL/P) protection programs under a single official. … Because they were so efficient at protecting privacy and civil liberties before, they decided they could halve the management hours devoted to it. Or, let's take the cup half full, shall we? This used to be two positions. They came up with an excuse to can those two asshats and install someone new and marginally credible and competent by reformatting the role. I can dream… https://www.nsa.gov/psp/applyonline/EMPLOYEE/HRMS/c/HRS_HRAM.HRS_CE.GBL?Page=HRS_CE_HM_PREAction=ASiteId=1 Some days you really don't know whether to laugh or cry… SN -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] CFAA Extremism
I'll see that Forbes article and raise it a white paper... https://www.eff.org/wp/clicks-bind-ways-users-agree-online-terms-service :) On Sun, Sep 22, 2013 at 11:34 PM, Griffin Boyce grif...@cryptolab.netwrote: This was sort of a meme around ten (+) years ago, and I couldn't find any examples. =/ But this article on Forbes also raises some interesting questions about Terms of Service agreements: http://www.forbes.com/sites/oliverherzfeld/2013/01/22/are-website-terms-of-use-enforceable/ ~Griffin Joseph Mornin wrote: Do you have a link? On 9/22/13 11:51 AM, Griffin Boyce wrote: There are some really great unenforceable TOSs out there. The best I've seen is a clause which states that it is a violation of the Terms of Service to read the Terms of Service. (But of course, how would you know unless you read them?) ~Griffin -- Cypherpunks write code not flame wars. --Jurre van Bergen #Foucault / PGP: 0xAE792C97 / OTR: sa...@jabber.ccc.de My posts are my own, not my employer's. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Shava Nerad shav...@gmail.com -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] CFAA Extremism
People would be generally safe, since my experience is that only dweebs such as ourselves ever read them. ;) Everyone else ticks off the box and moves on. I have been tempted to write TOS that contract to promise rights to primageniture bondage and see what happens... yrs, On Sun, Sep 22, 2013 at 2:51 PM, Griffin Boyce grif...@cryptolab.netwrote: There are some really great unenforceable TOSs out there. The best I've seen is a clause which states that it is a violation of the Terms of Service to read the Terms of Service. (But of course, how would you know unless you read them?) ~Griffin -- Cypherpunks write code not flame wars. --Jurre van Bergen #Foucault / PGP: 0xAE792C97 / OTR: sa...@jabber.ccc.de My posts are my own, not my employer's. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Shava Nerad shav...@gmail.com -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Naive Question
You are awesome,clever, and full of tricks. :) Should I credit you with this? yrs, On Mon, Sep 9, 2013 at 3:40 PM, Case Black casebl...@gmail.com wrote: There's a more subtle variant to this idea... Regularly state (put up a sign) that you HAVE in fact received an NSL...with the public understanding that it must be a lie (there's no law against falsely making such a claim...yet!). When actually served with an NSL, you would now be bound by law to remove any such notification...thereby signaling the event. Regards, Case On Mon, Sep 9, 2013 at 1:24 PM, LISTS li...@robertwgehl.org wrote: I wonder if there's a false analogy here. Hypothetically, the librarian's sign could fall down (maybe the wind blew it over) whereas a notice on a site would have to be removed via coding. There would be little other explanation, even in the case where one does not affirmatively renew the dead man's notice (the countdown that Doctorow suggests in the article). Such an affirmative act might lead a court to believe that one has indeed informed the public about an NSL. - Rob Gehl On 09/09/2013 12:18 PM, Dan Staples wrote: Presumably, if this type of approach became widely adopted, it would be a useful service for an independent group to monitor the status of these notices and periodically publish a report of which companies had removed their notice. On 09/09/2013 12:52 PM, Scott Arciszewski wrote: Forgot the URL: http://www.theguardian.com/technology/2013/sep/09/nsa-sabotage-dead-mans-switch On Mon, Sep 9, 2013 at 12:29 PM, Scott Arciszewski kobrasre...@gmail.com mailto:kobrasre...@gmail.com wrote: Hello, I saw this article on The Guardian[1] and it mentioned a librarian who posted a sign that looked like this: http://www.librarian.net/pics/antipat4.gif and would remove it if visited by the FBI. So a naive question comes to mind: If I operated an internet service, and I posted a thing that says We have not received a request to spy on our users. Watch closely for the removal of this text, what legal risk would be incurred? If the answer is None or Very little, what's stopping people from doing this? Thanks, Scott -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Shava Nerad shav...@gmail.com -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Meet the 'cowboy' in charge of the NSA
I clicked, I got the article no problem, I read the article and enjoyed it with the sick fascination we tend to read these things. Odd to think of FP as sort of tabloid celebrity profile of the monsters of the field, eh? ;) I reposted it on G+ with the comment: === *Foreign Policy frames NSA's Alexander* *like a rhinocerous beetle pinned as a specimen* Not a pretty picture, but a curious and powerful one. === I don't block javascript and such, partly because I also work in marketing and social media and such (THE DARK SIDE, the hell with hacking! :) -- I need to watch things. I regularly sweep for malware when idle and pray a lot. :) will comment further when I'm not fighting health system bureaucracy, perhaps...:) Tilting at different windmills for a bit. Check my G+ for updates. yrs, On Mon, Sep 9, 2013 at 3:11 PM, Shelley shel...@misanthropia.info wrote: It may be outside the mainstream, but so is our interest in-- and understanding of-- security and privacy issues. Judging by the millions who download these tools, I am not alone in wanting to block scripts and tracking. I'll save my security researchers using social media (outside of pentesting) makes no sense rant for another time. -- On Sep 9, 2013 11:56 AM, Al Billings alb...@openbuddha.com wrote: I suggest your use of the net is well outside the mainstream, even amongst security folks. Some of us actually use social networking, for example, or don't want ugly, half broken websites simply because we fear a JavaScript zero day. Al -- Al Billings http://makehacklearn.org On Monday, September 9, 2013 at 8:37 PM, Shelley wrote: Like it or not, to fully use websites at this point, you generally need things like Javascript and CSS. I disagree. Not only do I want the protection from .js vulnerabilites and tracking when I browse, I just want the text. Not a bunch of useless social media buttons and blinking ads. I block it all and very rarely make an exception, and I don't at all mind that I'm getting a bland page with not much more than text. I prefer it. The reason that most folks, even security folks like the ones I work with, don't run with NoScript on all the time is that it breaks the net as experienced. Most of my fellow security-conscious friends and colleagues block scripts by default as well. Breaking things to make them work the way we want them to is what we do; this is no different. -Shelley On Sep 9, 2013 9:50 AM, Al Billings alb...@openbuddha.com wrote: Have fun tilting that windmill, Mr. Quixote. Like it or not, to fully use websites at this point, you generally need things like Javascript and CSS. The reason that most folks, even security folks like the ones I work with, don't run with NoScript on all the time is that it breaks the net as experienced. -- Al Billings http://www.openbuddha.com http://makehacklearn.org On Monday, September 9, 2013 at 5:43 PM, Leif Ryge wrote: Ok, well as long as we're talking about that FP javascript overlay: if you saw it, that means you run JavaScript by default, which means you're vulnerable to a larger number of the arbitrary-code-execution bugs in your web browser (of which there are undoubtedly many more which are not yet fixed, given the frequency with which new ones are discovered [1,2]). In my opinion, if you're using Firefox, you should really be using NoScript. [3] -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Shava Nerad shav...@gmail.com -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Naive Question
Oh yes, but it's funny as hell. There's something to be said for that in times like this. Mouse, meet owl. On Mon, Sep 9, 2013 at 5:07 PM, Case Black casebl...@gmail.com wrote: I absolutely agree with your point...cleverness alone doesn't go very far against ruthless adversaries. To paraphrase a prior post that's quite relevant to this discussion: ...the members of this list are uniquely qualified to influence that policy debate in terms of shaping both hard and soft policy in far more substantial ways. We can shape soft policy by expanding the selectorate willing to influence the political leadership to better circumscribe domestic surveillance capabilities. It's important to keep the focus on capabilities rather than intentions and assurances. And on the long range danger of having these surveillance databases in existence and their inevitable use to warp the political process in dark and dangerous ways. Hard policy is shaped by changing the technological landscape...by altering the very ground surveillance agencies stand on through the support of more and better privacy and encryption projects. It happened during the Crypto Wars of the 1990's and it can happen again. On Mon, Sep 9, 2013 at 3:58 PM, Matt Johnson railm...@gmail.com wrote: All of the sneaky signs, email headers and web page badges assume the FBI, or whoever the adversary is are incompetent or inept. That does not see like a safe assumption to me. The only prudent approach is to assume your adversary is intelligent and competent. My guess is that the only defense against NSL's and the like is through policy. I realize that may be blasphemy on this list, but there it is. -- Matt Johnson On Mon, Sep 9, 2013 at 1:26 PM, LISTS li...@robertwgehl.org wrote: What are the legal precedents in terms of wink, wink, nudge, nudge, djaknowhatimean? - Rob Gehl On 09/09/2013 02:24 PM, Shava Nerad wrote: You are awesome,clever, and full of tricks. :) Should I credit you with this? yrs, On Mon, Sep 9, 2013 at 3:40 PM, Case Black casebl...@gmail.com wrote: There's a more subtle variant to this idea... Regularly state (put up a sign) that you HAVE in fact received an NSL...with the public understanding that it must be a lie (there's no law against falsely making such a claim...yet!). When actually served with an NSL, you would now be bound by law to remove any such notification...thereby signaling the event. Regards, Case On Mon, Sep 9, 2013 at 1:24 PM, LISTS li...@robertwgehl.org wrote: I wonder if there's a false analogy here. Hypothetically, the librarian's sign could fall down (maybe the wind blew it over) whereas a notice on a site would have to be removed via coding. There would be little other explanation, even in the case where one does not affirmatively renew the dead man's notice (the countdown that Doctorow suggests in the article). Such an affirmative act might lead a court to believe that one has indeed informed the public about an NSL. - Rob Gehl On 09/09/2013 12:18 PM, Dan Staples wrote: Presumably, if this type of approach became widely adopted, it would be a useful service for an independent group to monitor the status of these notices and periodically publish a report of which companies had removed their notice. On 09/09/2013 12:52 PM, Scott Arciszewski wrote: Forgot the URL: http://www.theguardian.com/technology/2013/sep/09/nsa-sabotage-dead-mans-switch On Mon, Sep 9, 2013 at 12:29 PM, Scott Arciszewski kobrasre...@gmail.com mailto:kobrasre...@gmail.com wrote: Hello, I saw this article on The Guardian[1] and it mentioned a librarian who posted a sign that looked like this: http://www.librarian.net/pics/antipat4.gif and would remove it if visited by the FBI. So a naive question comes to mind: If I operated an internet service, and I posted a thing that says We have not received a request to spy on our users. Watch closely for the removal of this text, what legal risk would be incurred? If the answer is None or Very little, what's stopping people from doing this? Thanks, Scott -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Shava Nerad shav...@gmail.com
Re: [liberationtech] Meet the 'cowboy' in charge of the NSA
As far as I am concerned it is not. I might have posted the link if you had not brought it to our attention. Thank you. On Sun, Sep 8, 2013 at 9:36 PM, Noah Shachtman noah.shacht...@gmail.comwrote: All: Sorry if this is considered spamming the list - if it is, it won't happen again. At Foreign Policy, we just published what I believe is the first major profile of NSA chief Keith Alexander. It is not a particularly flattering one. One scooplet among many in Shane Harris' nearly 6,000-word story: Even his fellow spies consider Keith Alexander to be a cowboy who's barely concerned with law. Anyway, take a look. Let me know what you think. http://www.foreignpolicy.com/**articles/2013/09/08/the_** cowboy_of_the_nsa_keith_**alexanderhttp://www.foreignpolicy.com/articles/2013/09/08/the_cowboy_of_the_nsa_keith_alexander All the best, nms -- Noah Shachtman Executive Editor for News | Foreign Policy 917-690-0716 noah.shacht...@gmail.com http://www.foreignpolicy.com/author/NoahShachtman encrypted phone: 415-463-4956 -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Shava Nerad shav...@gmail.com -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] NYTimes and Guardian on NSA
I have since posted a link in another email in this same thread. I believe it was referred to and discussed in this list in May, also which is why I didn't refer to it at the time. I've been writing from bed this week. Terribly sorry for any slack at the moment, I'm on half cylinders, but I am working on being rigorous -- but I am in and out of the ER this week, and without a bit of assistance locally, I'm getting little help from the medical community, you may not hear much of me ever, not to be a drama queen about it. Sorry to be OT, but if there are people in Boston who can help me with transport for dr's and such, drop me a line. I'm on the edge of rough here, living on my own and rather catastrophically ill. A little humor since I am oversharing: I have been suffering from a number of symptoms which we have new information on now because they have gotten worse -- it may be that I had a cerebral hemorrhagic stroke in 2007 when I left Tor and my HMO covered it up because they misdiagnosed it as food poisoning, and the penalties here are no different for that sort of fraud than for the misdiagnosis to begin with. Among other things this meant they left me with no rehab services whatsoever. I told my neurologist that I was much improved in July and went to CFP2013 in DC, after they gave me steroids for a back injury -- met with some of the best internet privacy experts in the world to talk about this NSA business, started to organize a new nonprofit. Rather than believing me, he wrote me up for neuropsych testing as paranoid, I think. Maybe bipolar. Special. He didn't want me to show him anything on a computer or get too excited. I was actually scared. I couldn't object much because, as a charity case, he has the power to put me in for involuntary commitment, if he likes. But he did order a new MRI. That found old calcifications (hemorrhage scars, basically) along my falx. I've had daily migraines, epilepsy, and a raft of symptoms for six years -- nothing remotely pleasant. And it's getting worse suddenly, possibly because I overextended in DC. I'm experiencing partial paralysis in my legs, and full double vision and loss of homeostasis. But because my prior stasis was not so hot, and because my neurologist has now marked me down as asking for steroids and drugs and possible paranoid as a charity case, I'm not getting much help here from the safety net. It would be funny if it were in a novel. So it's rather less grand than saving the world, but on a micro scale -- I should like to be available to do more work in this field. And the steroids did help and there's a possibility that if I could get someone other than this asshat to listen to me, I could get some decent care. But I'm having the devil's own time getting around at all. If you know anyone in Boston with time to help, please send them my way -- I have no local family but my 92-year-old mom in a nursing home, and I'm a bit sunk at the moment. Sorry to get personal, but at this point it might literally be survival... On Sat, Sep 7, 2013 at 2:06 AM, Jonathan Wilkes jancs...@yahoo.com wrote: On 09/05/2013 08:00 PM, Shava Nerad wrote: Part of the tone is also adopted in order to wake the sleeping baby anti-intellectual giants either side of the pond. The smart magazines can publish smart crypto articles, but mass market newspapers have to bring their audiences along, even the Times and Guardian. [...] If you tell them that they should be upset because the president essentially struck down posse comitatus in May, they won't know what you are talking about, but if you say, Basically, if a local SWAT team decides they need backup in some kind of emergency situation and they can't get hold of the governor to call for National Guard? They can call a local military airbase for an airstrike if they want to. You fault the Guardian for not giving enough hard info on the crypto, but you are comfortable casually referring to such a potentially monumental attack on freedom of movement without providing a single citation? -Jonathan -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Shava Nerad shav...@gmail.com -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] NYTimes and Guardian on NSA
Part of the tone is also adopted in order to wake the sleeping baby anti-intellectual giants either side of the pond. The smart magazines can publish smart crypto articles, but mass market newspapers have to bring their audiences along, even the Times and Guardian. Very few stories even bother to explain what the NSA does or what its function in government is, which actually rather stuns me, because I find that when I ask the general public that question I find that most of them don't know what the NSA does for the government. Most of them assume it works for the executive branch, but for the DOJ as part of the whole civilian/State/FBI sort of DHS bits, because those lines are so muddied. (And yes, I am conflating Justice and State on purpose there because it's been done in conversation with The (Wo)Man on the Street.). People don't know basic civics. At all. If you tell them they should be upset because the military is conducting domestic surveillance, they look at you like what? East Germany? you say. Stasi? you say. Blank looks. No history. Those who do not learn from history, etc. If you tell them that they should be upset because the president essentially struck down posse comitatus in May, they won't know what you are talking about, but if you say, Basically, if a local SWAT team decides they need backup in some kind of emergency situation and they can't get hold of the governor to call for National Guard? They can call a local military airbase for an airstrike if they want to. Then the people will decide you are cold stoned mad and a total tin hat. Sherman? you say. And if they're from the south, they might go off in a rant, but they still won't relate it to current affairs or do anything. But that is literally what the law says in the US now. That's a bit beyond elementary civics, but it's a bit beyond what the press is reporting on here too. Because the press doesn't really have much literacy in elementary civics or history either. They seem to be drawing mostly on marcom majors these days. This is what the attention economy has done to us. Our culture is a deep, nutrient rich ocean, full of wonders and cthonic monsters that can eat us. And we all surf. Nothing below the surf-ace is important anymore. Yay. SN On Sep 5, 2013 3:31 PM, Richard Brooks r...@acm.org wrote: Latest articles: http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?emc=edit_na_20130905_r=0pagewanted=print http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security I find most of this (if not all) silly. They seem shocked that the NSA does cryptanalysis. It would be nice if the newspapers had people with some knowledge of the domain writing articles. -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] who knew US intelligence had their own DHS?
*The US Intelligence Community* I'm just behind the times. Who knew? http://www.intelligence.gov/about-the-intelligence-community/ .gov info needs no permissions so here's the copy: The U.S. Intelligence Community (IC) is a coalition of 17 agencies and organizations within the executive branch that work both independently and collaboratively to gather the intelligence necessary to conduct foreign relations and national security activities. Our primary mission is to collect and convey the essential information the President and members of the policymaking, law enforcement, and military communities require to execute their appointed duties. The 17 IC member agencies are: Air Force Intelligence Army Intelligence Central Intelligence Agency Coast Guard Intelligence Defense Intelligence Agency Department of Energy Department of Homeland Security Department of State Department of the Treasury Drug Enforcement Administration Federal Bureau of Investigation Marine Corps Intelligence National Geospatial-Intelligence Agency National Reconnaissance Office National Security Agency Navy Intelligence Office of the Director of National Intelligence Members of the IC collect and assess information regarding international terrorist and narcotic activities; other hostile activities by foreign powers, organizations, persons, and their agents; and foreign intelligence activities directed against the United States (U.S.). As needed, the President may also direct the IC to carry out special activities in order to protect U.S. security interests against foreign threats. == nom nom nom And now they have their own tumblr. http://icontherecord.tumblr.com/ How hip. And covert. I'm just out of the loop. h/t indirectly via epic.org... Enjoy, if you didn't know about this one! yrs, -- Shava Nerad shav...@gmail.com -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Snowden masks for Holloween?
http://en.m.wikipedia.org/wiki/Personality_rights IANAL, but I used to work in entertainment licensing and was a member at licensing.org/LIMA. Probably qualified as a paralegal in this area. Trademark has nearly nothing to do with it, although you can involve a likeness in a trademark -- at which point it is no longer personal (e.g. Col. Sanders' estate has no recourse to complain that the current KFC logo isn't a suitable likeness because of the reasonable expectations of commercial art of that genre, if precedent holds). And, uh, right, because we don't really care about the law or Snowden's rights, just what we can get away with internationally and in the court of public opinion. Thinking of running for president? ;) SN On Sep 3, 2013 1:52 AM, Tom O winterfi...@gmail.com wrote: Unless he's trademarked his likeness, it's doubtful he'd have any recourse. And if he did, what chance does he have to defend it in Russia? Slim to none On Tuesday, September 3, 2013, Travis McCrea wrote: I actually disagree... his ownership of his likeness is minimal. He is a public figure and as such anyone who wanted to make a mask would be pretty free to do so. I am not saying someone should go out and do it, and if you do and get sued don't come after me... but if I had the resources available and I thought this could make some money I would do it. Travis McCrea http://www.travismccrea.com USA: 1(206) 552-8728 / CAN: 1(778) 709-4859 Candidate for the Canadian Pirate Party in the Vancouver Centre riding. Any views stated in this email are my own and do not reflect the opinions of the party. On Tue, Sep 3, 2013 at 12:01 AM, Shava Nerad shav...@gmail.com wrote: No one elected him and he may have volunteered for the spotlight but not in the same way that some one does when they campaign for office. Even movie stars have a right to their visages. Where you could say that a sign We are all Snowden is political speech, citizen Snowden also has rights to privacy and dignity, and commercial rights that he does not abandon by being a well-knnown whistleblower, any more than say Rush Limbaugh would by being a well-known radio personality. Just see how fast the lawyers would be layered on top of you if you tried to make Rush masks for Halloween without licensing on the basis of him being a public figure -- and he's been part of our cultural landscape far longer. Scarier, too. ;) SN On Sep 2, 2013 7:43 PM, Paul Elliott pelli...@blackpatchpanel.com wrote: On Mon, Sep 02, 2013 at 05:44:41PM -0400, Shava Nerad wrote: Wouldn't there be a licensing issue? It's a hard argument that he has no right to the commercial exploitation of his likeness on the basis of being a fugitive whistleblower, and I doubt anyone is authorized as an agent to grant that license on his behalf. We have these privacy laws about just using people's images without permission. They are a bit like copyright, but say you can't exploit the subject matter without permission, for profit, with a few exceptions. (Face not recognizable, press reports on public figures, release form signed,… ). CSJ ethics guidelines and EFF's bloggers' guides and Berkman's guide for media creators have good outlines for US law on this stuff. Also my union has a nice guide, the National Writer's Union (AFL-CIO) which I only mention because it's behind a paywall -- and also to explain that since it's May Day… er...Labor Day here in the states, I am lazily quoting all this off the top of my head and making you verify and look up the links. I am on holiday. ;) Is not Snowden a public figure? I am sure bush and obama did not approve all the bush and obama masks? -- Paul Elliott 1(512)837-1096 pelli...@blackpatchpanel.com PMB 181, 11900 Metric Blvd Suite J http://www.free.blackpatchpanel.com/pme/ Austin TX 78758-3117 -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https
Re: [liberationtech] Snowden masks for Holloween?
No one elected him and he may have volunteered for the spotlight but not in the same way that some one does when they campaign for office. Even movie stars have a right to their visages. Where you could say that a sign We are all Snowden is political speech, citizen Snowden also has rights to privacy and dignity, and commercial rights that he does not abandon by being a well-knnown whistleblower, any more than say Rush Limbaugh would by being a well-known radio personality. Just see how fast the lawyers would be layered on top of you if you tried to make Rush masks for Halloween without licensing on the basis of him being a public figure -- and he's been part of our cultural landscape far longer. Scarier, too. ;) SN On Sep 2, 2013 7:43 PM, Paul Elliott pelli...@blackpatchpanel.com wrote: On Mon, Sep 02, 2013 at 05:44:41PM -0400, Shava Nerad wrote: Wouldn't there be a licensing issue? It's a hard argument that he has no right to the commercial exploitation of his likeness on the basis of being a fugitive whistleblower, and I doubt anyone is authorized as an agent to grant that license on his behalf. We have these privacy laws about just using people's images without permission. They are a bit like copyright, but say you can't exploit the subject matter without permission, for profit, with a few exceptions. (Face not recognizable, press reports on public figures, release form signed,… ). CSJ ethics guidelines and EFF's bloggers' guides and Berkman's guide for media creators have good outlines for US law on this stuff. Also my union has a nice guide, the National Writer's Union (AFL-CIO) which I only mention because it's behind a paywall -- and also to explain that since it's May Day… er...Labor Day here in the states, I am lazily quoting all this off the top of my head and making you verify and look up the links. I am on holiday. ;) Is not Snowden a public figure? I am sure bush and obama did not approve all the bush and obama masks? -- Paul Elliott 1(512)837-1096 pelli...@blackpatchpanel.com PMB 181, 11900 Metric Blvd Suite J http://www.free.blackpatchpanel.com/pme/ Austin TX 78758-3117 -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Sociological studies of covert mass-surveillance organisations
This isn't quite what you are looking for, but as a jumping off point for the old-school intelligence/diplomatic studies nexus of culture we are inheriting, this is not a bad historic orientation or bibliographic compass set. http://www.amazon.com/Diplomacy-Intelligence-During-Second-World/dp/0521521971 It's good to remember that these cultures predate the USA PATRIOT Act and yes, even the internet, yea, even DARPAnet, verily! (Shows off her ticket stub from Noah's ark… ;) You will likely have to go to interlibrary loan for this one. Not exactly bestseller list material, even in college libraries, I imagine. SN On Aug 30, 2013 4:54 PM, Yosem Companys compa...@stanford.edu wrote: From: Caspar Bowden li...@casparbowden.net I realize this is an improbable request (I think), but is anyone aware of any Surveillance Studies research on the organisations conducting * covert/secret* mass-surveillance (a securitocracy) many thanks any pointers Caspar Bowden -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] The great open-source balancing act
It was also made rather clear in June that Silent Circle integrates
licensed libraries into their code. This means unless they planned from
day one to be clean and modular -- which is, hey, what every one of us does
in startup mode under siege from security threats, market pressures,
community flame wars, and dev ADHD amiright? -- they have a suck process
grooming and combing through code before releasing it above and beyond is
it pretty? one might speculate. While still under pressure from {see list
above}.
Problem with mixed licensing. Seen it before. You probably have too.
SN
On Sep 1, 2013 3:06 PM, Griffin Boyce grif...@cryptolab.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Douglas Lucas wrote:
Periodic reminder that despite promises and people's positive emotional
investments in Phil Zimmerman, Silent Circle is still not open source.
We need an IsHemlisOpenSourceYet.com
I think that this is the most difficult balancing act that anyone has
as a developer. If you offer open-source software, the very act of
being more transparent directly impacts your bottom line. And not every
side-effect is a positive one.
So from a business perspective, I can respect that both Silent Circle
and Hemlis have made the decision not to offer their full source. But I
am also in a position to choose -- I choose not to support Silent Circle
-or- Hemlis and to openly caution people about the risks of using
closed-source communication software. There's too much opportunity to
fail quietly (silently, even), either through bad code or outside
pressure or various legal quandries or greed. Too many times people
have put their faith into something that is closed-source and
for-profit, only to have unforeseen security problems crop up later.
But it's a balancing act - perhaps particularly if you're a service.
If you open-source all of your code, someone could create a competing
service. If a company is transparent about receiving a subpoena for
customer data, they run the risk of users leaving. It's easy to say no
big deal when it's not your rent money. But on balance, I would much
rather support organizations who are willing to take that risk and put
faith in their users. Silent Circle is clearly not willing to give a
potential user like me the benefit of the doubt. So while I like the
idea of us all using cypherpunk walkie-talkies, I'd rather code my own
solution than give my money and my voice to Silent Circle. Again, it
has nothing to do with them as people, and everything to do with their
business practices.
I don't come at this discussion lightly. I use closed-source software
every day. I've built stuff that uses Twilio, which is a closed-source
communications API. Other people feel differently about this topic and
that is Okay.
~Griffin
- --
Cypherpunks write code not flame wars. --Jurre van Bergen
#REDACTED / PGP: 0xAE792C97 / OTR: sa...@jabber.ccc.de
My posts are my own, not my employers.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJSI5ArAAoJEOMx/SmueSyX7AcP/i4bLALt4TsUF9Z/qgPiCcMl
Ub6auMYa3wTO5aiuwD9613PtQ8iLZF/OHq/3ldAYUlKdqrwTEMPgqNoLBzl+6Xjo
17gmBtjC0aH4faZAbq62O7dxKu1kjCM9DTtUQ8tA192b10Kph5t1Q/lPvsHDT6sz
u4hRMCxxk3MdZTZdb53yWgrZVlp805ZRVZ3I20YmdakIiL4fr4lA7s3xk4gNpmmu
5FvBi41tDaIxEwtKuSN1KnrlM0PhlYVAsm4gHp+E/N5sYrVrF6K6kxKtvJNmkr6T
l8UlBgf+rTrJVK4C62enCix92BnbD8MwR9e+yvaJy0O8WPM9RJPjw/NRj+6K+mzD
/+7LpYGaGJ5IJB/tmkrBaguJMux5MF4Yq1/aZKtmtuZc/GeYjPgzQhTp2px38zin
JQfiEDIqltSo4ot67B0Kj2quCMwdRB2EpE54M8okrY7sD7MKvkAtL6s11I/an6bL
Jz/eHpp/VRx4RmA6gWZi+UvJ+QjFqgnpoDb7WWJYaBSlfeIEkqHlzuReKfQSteOQ
iN4hE1lxBxcKrU/mgnRdC/WTrdZfuKDgBhnRguVaez0SYEVJjQ/rWR7R830JKbmo
OD/kiDrO48yYJdQEr/s4VSNTtA2gBYPbx5r6+CMc8jFTr9jcWW5ZhvsPQEPB8r+R
jZ1iaJGgFXxo83IWmJ7G
=oQzE
-END PGP SIGNATURE-
--
Liberationtech is a public list whose archives are searchable on Google.
Violations of list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech.
Unsubscribe, change to digest, or change password by emailing moderator at
compa...@stanford.edu.
--
Liberationtech is a public list whose archives are searchable on Google.
Violations of list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
compa...@stanford.edu.
Re: [liberationtech] Dubious sources feed national-security reporter Eli Lake a fraudulent story for political purposes — once again
Blogged On Aug 21, 2013 5:40 AM, Eugen Leitl eu...@leitl.org wrote: How very surprising. http://harpers.org/blog/2013/08/anatomy-of-an-al-qaeda-conference-call/ Anatomy of an Al Qaeda “Conference Call” Dubious sources feed national-security reporter Eli Lake a fraudulent story for political purposes — once again By Ken Silverstein Share Single Page Cartoon by C. Clyde Squires (September 1907) Two years ago, following the raid that killed Osama bin Laden in Pakistan, a number of journalists wrote dramatic accounts of the Al Qaeda leader’s last moments. One such story, co-authored by Eli Lake in the Washington Times, cited Obama administration officials and an unnamed military source, described how bin Laden had “reached for a weapon to try to defend himself” during the intense firefight at his compound, and then “was shot by Navy SEALs after trying to use a woman reputed to be his wife as a human shield.” It was exciting stuff, but it turned out to have been fictitious propaganda concocted by U.S. authorities to destroy bin Laden’s image in the eyes of his followers. Based on what we know now, the SEALs met virtually no resistance at the compound, there was no firefight, bin Laden didn’t use a woman as a human shield, and he was unarmed. The White House blamed the misleading early reports on the “fog of war,” but as Will Saletan pointed out in Slate, “A fog of war creates confusion, not a consistent story like the one about the human shield. The reason U.S. officials bought and sold this story is that it fit their larger indictment of Bin Laden. It reinforced the shameful picture of him hiding in a mansion while sending others to fight and die. It made him look like a coward.” Many reporters uncritically rushed the government’s account into print. For Lake, though, it fit a career pattern of credulously planting dubious stories from sources with strong political agendas.[*] [*] I should disclose that Lake and I aren’t on friendly terms. We were until a few years ago, when I received a tip that led to a 2011 story showing that Lake, who regularly praised the government of the former Soviet republic of Georgia, was a close friend of one of the country’s Washington lobbyists, and that the lobbyist sometimes picked up his bar and restaurant tabs. After the story was published, Lake and his friends, some of whom had flown to Georgia on junkets paid for by the same lobbyist, took to Twitter to denounce me. Which brings us to the news story that Lake and Josh Rogin broke for the Daily Beast last week, in which they reported that the “crucial intercept that prompted the U.S. government to close embassies in 22 countries was a conference call between al Qaeda’s senior leaders and representatives of several of the group’s affiliates throughout the region.” The story said that among the “more than 20 operatives” on the call was Ayman al-Zawahiri, who the piece claimed was managing a global organization with affiliates in Africa, Asia, and the Middle East. Other Al Qaeda participants involved in the call reportedly represented affiliates operating in Iraq, the Islamic Maghreb, Nigeria, Pakistan, the Sinai Peninsula, and Uzbekistan. The sources for the story were three U.S. officials “familiar with the intelligence.” “This was like a meeting of the Legion of Doom,” one told Lake and Rogin. “All you need to do is look at that list of places we shut down to get a sense of who was on the phone call.” The piece also cited Republican senator John McCain, who drew a predictably grim conclusion from the news. “This may punch a sizable hole in the theory that Al Qaeda is on the run,” he said. “There was a gross underestimation by this administration of Al Qaeda’s overall ability to replenish itself.” The story was picked up widely, especially on the right. On his show, Rush Limbaugh charged that the Obama “regime” had leaked the story for political gain. “They leak it,” he explained, “so as to make Obama look big and competent and tough and make this administration look like nobody’s gonna get anything past them.” Then a number of respected national-security journalists began to question the motives of the leakers, and to cast doubt on the story generally. Ken Dilanian of the Los Angeles Times suggested that the piece was intended to glorify the NSA’s signals-intelligence capabilities. Barton Gellman of the Washington Post said there was something “very wrong” with the whole thing. New York magazine got in on the act by parodying the notion of an Al Qaeda conference call. Despite this tide of doubt and ridicule, the Daily Beast didn’t correct the story, though Lake and Rogin made statements that seemed designed to alter its meaning. “We used ‘conference call’ because it was generic enough,” Lake tweeted. “But it was not a telephone based communications.” In another tweet he informed Ben Wedeman of CNN, “This may be a
[liberationtech] Drones for much networking
Swords into plowshares, anyone? ;) http://www.norwich.edu/about/news/2013/080913-wifiDrone.html SN -- Liberationtech is a public list whose archives are searchable on Google. Persistent violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Drones for much networking
For those who are not aware, Norwich University is a military academy here in the United States. This is why I thought the swords into ploughshares quip was particularly apt, besides it being drones into mesh. It's students using the toys they sell in the student union. But sure. SN On Fri, Aug 9, 2013 at 7:49 PM, Julian Oliver jul...@julianoliver.comwrote: ..on Fri, Aug 09, 2013 at 03:36:19PM -0400, Shava Nerad wrote: Swords into plowshares, anyone? ;) http://www.norwich.edu/about/news/2013/080913-wifiDrone.html Several people have done this and IMO the outcome is equally ridiculous. I prefer my AP to have more than 30 minutes uptime. I also sometimes use 802.11 services when it's windy and/or raining. Google's balloons are a more practical approach, as are solar powered meshed APs in weather proof boxes: http://www.wired.com/business/2013/06/google_internet_balloons/ Cheers, -- Julian Oliver PGP B6E9FD9A http://julianoliver.com http://criticalengineering.org -- Liberationtech is a public list whose archives are searchable on Google. Persistent violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Liberationtech is a public list whose archives are searchable on Google. Persistent violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] From Snowden's email provider. NSL???
http://boingboing.net/2013/08/08/lavabit-email-service-snowden.html has the link to the correct paypal donation page. On Thu, Aug 8, 2013 at 4:31 PM, David Johnson da...@bostonreview.netwrote: https://lavabit.com/https://mail.aljazeera.net/owa/redir.aspx?C=C-JjrgIYEEuVtop4L5ekkprZkHoJaNAI1emSTsdeFmPgXa3gmIunVE-6BLYJ-qLs7Uy3YNIHo0k.URL=https%3a%2f%2flavabit.com%2f My Fellow Users, I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit. After significant soul searching, I have decided to suspend operations. I wish that I could legally share with you the events that led to my decision. I cannot. I feel you deserve to know what’s going on--the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise. As things currently stand, I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests. What’s going to happen now? We’ve already started preparing the paperwork needed to continue to fight for the Constitution in the Fourth Circuit Court of Appeals. A favorable decision would allow me resurrect Lavabit as an American company. This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States. Sincerely, Ladar Levison Owner and Operator, Lavabit LLC Defending the constitution is expensive! Help us by donating to the Lavabit Legal Defense Fund herehttps://mail.aljazeera.net/owa/redir.aspx?C=C-JjrgIYEEuVtop4L5ekkprZkHoJaNAI1emSTsdeFmPgXa3gmIunVE-6BLYJ-qLs7Uy3YNIHo0k.URL=https%3a%2f%2fwww.paypal.com%2fcgi-bin%2fwebscr%3fcmd%3d_s-xclick%26hosted_button_id%3d7BCR4A5W9PNN4 . -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] And now for some completely different flame... Chrome + password management
https://news.ycombinator.com/item?id=6166886 Chrome security guy takes it up with the Mashable article author. Chrome guy: This is what users expect! They expect to see their passwords in plain text. You are expecting us to provide them with a false sense of security. um... alrighty then... yrs, SN On Thu, Aug 8, 2013 at 12:05 PM, Kyle Maxwell ky...@xwell.org wrote: On Thu, Aug 8, 2013 at 11:01 AM, Patrick Mylund Nielsen cryptogra...@patrickmylund.com wrote: On Thu, Aug 8, 2013 at 8:56 AM, Kyle Maxwell ky...@xwell.org wrote: Must every app data store reinvent the wheel rather than use operating system functionality? Agree in theory, but do all operating systems have standard data stores that are encrypted with the user's password? They don't. Understood and point taken - but in general I'd rather point users towards better password management than the browser in any case, whether that's something like Lastpass / Keepass or something else entirely. *insert pointless rant about how passwords are a terribly broken model in the first place* -- @kylemaxwell -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] going back to Nadim's original question
Forgive me, but I'd like to ask a question here. Tor is a tool that is undeniably, directly marketed toward activists in high-risk environments. Tor's presentations at conferences centre around how Tor obtains increased usage in Arab Spring countries that matches the timeline of revolutionary action. It's incredibly direct. Tor's own spokespeople encourage people in Iran, Egypt and so on to use Tor and only Tor as the most secure tool for activist anonymity, and privacy. Now, we find out that the FBI has been sitting on an exploit since an unknown amount of time that can compromise the Tor Browser Bundle, which is currently the main way to download Tor and the only way to download Tor for the average end-user, and is deploying it en-masse to the visitors of what seems to be around half of all Tor hidden services, which have also been compromised I've gotten quite some flak from certain people at Tor for supposedly marketing Cryptocat to activists, which is not something I do, but that the media did last year. We know for a fact that Tor does in fact market to activists*. And yet, I have a feeling that the flak towards Tor, for something this incredibly huge, will be quite small, on this mailing list and on other discussion forums, especially compared to the kind of vitriol Cryptocat receives.** I would like an explanation as to why this is the case.* NK Forgive me but I would like to answer a question here. The reason, since you ask, Nadim, is that it is because you are a contentious person who attacks people relentlessly who you feel are rivals, whether they are Tor or Silent Circle, or anyone else in the landscape. You go after them to wear them down, with some attitude that you are some crusader for good, when in reality, you are just going after people to wear them out with the same points over and over again because you want to be seen as better than they are. It seems to be about ego and stamina. Vitriol is what you produce, Nadim, and so it is what you invite when something erupts in your own vicinity. That's karma. Look what you are laying in terms of land mines for when something comes up for your own stuff? Think about it. You are being relentless, and you are taking time away from emergency response from people who are strapped for time right now. It's not sane. Everyone here observes this, so it's just not an ad hominem, and you ask for an answer so I can't possibly be called on for answering the question. And I'm sure there are others here who will, *in the interest of peer counseling,* tell you that your attitude is not helping you. You will find that if you learn to mellow out and ratchet down a bit, you will get more out of the community back in return. And this is why you get no respect from the community for CryptoCat -- because you extend no respect to the people in your same space. You get back what you give. This is a basic law of the universe. Now that I have answered your original question, will you please stop talking in circles? I suspect a great many people are tired of it, and it is not serving anyone in the long term. It does not servejustice, nor the users, nor the future of your project, and I do not think it is not serving your reputation. Thank you. yrs, -- Shava Nerad shav...@gmail.com -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] going back to Nadim's original question
What I'm saying, Nadim, is that it's projection. Everything you say, you need to look in a mirror. I haven't worked for Tor since 2007. SN On Wed, Aug 7, 2013 at 8:56 AM, Nadim Kobeissi na...@nadim.cc wrote: On 2013-08-07, at 3:22 PM, Shava Nerad shav...@gmail.com wrote: Forgive me, but I'd like to ask a question here. Tor is a tool that is undeniably, directly marketed toward activists in high-risk environments. Tor's presentations at conferences centre around how Tor obtains increased usage in Arab Spring countries that matches the timeline of revolutionary action. It's incredibly direct. Tor's own spokespeople encourage people in Iran, Egypt and so on to use Tor and only Tor as the most secure tool for activist anonymity, and privacy. Now, we find out that the FBI has been sitting on an exploit since an unknown amount of time that can compromise the Tor Browser Bundle, which is currently the main way to download Tor and the only way to download Tor for the average end-user, and is deploying it en-masse to the visitors of what seems to be around half of all Tor hidden services, which have also been compromised I've gotten quite some flak from certain people at Tor for supposedly marketing Cryptocat to activists, which is not something I do, but that the media did last year. We know for a fact that Tor does in fact market to activists. And yet, I have a feeling that the flak towards Tor, for something this incredibly huge, will be quite small, on this mailing list and on other discussion forums, especially compared to the kind of vitriol Cryptocat receives. I would like an explanation as to why this is the case. NK Forgive me but I would like to answer a question here. The reason, since you ask, Nadim, is that it is because you are a contentious person who attacks people relentlessly who you feel are rivals, whether they are Tor or Silent Circle, or anyone else in the landscape. You go after them to wear them down, with some attitude that you are some crusader for good, when in reality, you are just going after people to wear them out with the same points over and over again because you want to be seen as better than they are. It seems to be about ego and stamina. Sorry, Libtech, I have no idea why this was sent to the list and not to me individually. Shava, The amount of sheer, unfiltered anger and hatred in your email is really messed up. But I'll answer it. Let me first clarify that I absolutely do not see Tor or Silent Circle as a rival. Tor is anonymity software. Silent Circle is encrypted phone call software for mobile phones. I make encrypted web chat software, which is completely unrelated to Tor and only quite distantly related to Silent Circle. It makes absolutely no sense for me to see those two as competitors. With that clarified, I'll answer your email, even though I don't think it belongs on this list, but should have been sent to me privately. Yes, I was a relentless with Jacob. The reason I did this was simply to try and show him what it feels like to be treated like this when you have a security vulnerability. This is exactly how Jacob treats every project around him when they're in a bad situation, when he's in a good mood. When he's in a bad mood, he is incredibly abusive. I did not mean to attack Tor. But I sent critical responses to Jacob's emails. I did this because the guy needs to learn a lesson about what it feels like to be treated like this. Jacob has a problem. For years, I have been abused in private and in public by Jacob regarding my work on Cryptocat, in ways that are so underhanded that if I described them on this list, you would not even believe me. He does this to *many projects*. You obviously have no idea what I'm talking about, or you wouldn't have sent this email. But many do, and they understand. I think Tor needs to very urgently stop legitimizing someone like him. Tor reacted responsibly. Jacob reacted the way he usually does, except with an additional small dash of professionalism due to the pressure. I wanted to use this opportunity to give Jacob a taste of his own medicine with the hope that he will understand what it feels like for him to treat anyone in a weak situation the way he does. Notice that I stopped sending emails when he did in fact politely concede to my concerns, and I I didn't even go a tenth as far as he has done with me and other projects. Vitriol is what you produce, Nadim, and so it is what you invite when something erupts in your own vicinity. That's karma. Look what you are laying in terms of land mines for when something comes up for your own stuff? Think about it. You are being relentless, and you are taking time away from emergency response from people who are strapped for time right now. It's not sane. You're saying that it's normal for people to expect land mines when something comes up with [their] own stuff. Well
Re: [liberationtech] going back to Nadim's original question
I will happily take it off list -- but I will point out that the whole discussion was opened with the question openly and clearly asked. If people want to be coy with these things, perhaps they need to find different ways to approach their diplomacy. I honestly do believe that you get back what you put in, and that Nadim would feel more love from his environment if he didn't go after others with daggers -- that he sees that advice as hate says more about him than about me. And that's the end of it. SN On Wed, Aug 7, 2013 at 11:45 AM, Douwe Schmidt do...@greenhost.nl wrote: +1 From: Brian Conley bri...@smallworldnews.tv +1 On Aug 7, 2013 6:25 AM, Jurre drw...@gmail.com wrote: Take this off-list. I don't want a drama libtech community anymore, i'm sick of it. Be professional and excellent to each other or fuck each other over off-list. All the best, Jurre -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Freedom Hosting, Tormail Compromised // OnionCloud
If my understanding of Mozilla's description of the vulnerability is correct: https://blog.mozilla.org/security/2013/08/04/investigating-security-vulnerability-report/ Users who are on the latest version of Firefox (version 22) or Firefox ESR (version 17.0.7) are not at risk. If a user is running an outdated of Firefox, then this vulnerability could be used by an attacker to execute malicious software on a victim’s machine. Mozilla has been alerted that this issue is being actively exploited in the wild and urges all users to make sure their Firefox is up to date. Then what happened could have happened to any ISP on hidden services or not. A browser connected to the ISP, used a browser vulnerability to infect the host server, and proceeded from there to do whatever to the hosting complex at the hidden service site. They were hacked. They got pwned. And apparently, they had no measures in place to have noticed that it was happening, in terms of image monitoring and so on -- although admittedly we are talking about a state-level opponent. They could have been rootkitted straight off, and the opponent had their way with them and so on. However, my understanding is that this vulnerability -- did I hear somewhere? -- is to windows hosting. Now maybe it's me, and I'm old fashioned, but I still think of that as more vulnerable, but I've been out of the field for a while. Regardless, This has nothing to do with Tor or Tor hidden services. It could have happened on the open internet with an apache server with the same version of Mozilla. Or am I misunderstanding something? So, essentially, Mozilla was used as the Trojan Horse to insert the payload into the servers. It wouldn't have made a difference at all if they were hidden or not, only that they were using web services and allowing any version of Mozilla to attach. yrs, -- Shava Nerad shav...@gmail.com -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Freedom Hosting, Tormail Compromised // OnionCloud
ah, ok, thanks! Got it backwards... So the server was hacked by some unknown method, by a state level opponent, and this was then used to identify user activity using the Firefox 17 vulnerability announced by Mozilla, presumably, which allowed them to monitor significant traffic and activity/content on the hidden service from there out. I think there is at least one paper out there on how to defeat a hidden service already, and Tor has an appeal out for help with hidden services in general -- it's not the primary focus of the project, as it isn't a focus of funding, just on a pragmatic basis. (reminder: I do not speak for the project. I volunteer a bit. I used to work there. I am not a programmer, but I used to be one in the previous century, but since then I have tended increasingly to herd geeks and write words and raise cash. I am also fighting a migraine but not as big a headache as Andrew has today, heh...;) It is such an arms race... I still wonder about insufficient paranoia and/or resourcing on the part of the service providers. I wonder if they had image monitoring, pentesting, all the sort of security regime going on that an enterprise ISP would have with sensitive info on it? If your freedom (either in terms of freedom-fighting or just-freedom-from-jail -- this is a bit like the liberation-vs-criminal version of freedom or beer, yes?) depended on it, what would you do to secure your hosting or your machine/mobile? It's more and more relevant. We are an interesting list in interesting times. yrs, SN On Mon, Aug 5, 2013 at 7:13 PM, Al Billings alb...@openbuddha.com wrote: No, Mozilla (I assume you mean Firefox) wasn't used to insert anything into any servers. It is the other way around. Someone had an exploit on the servers that could be used to exploit older versions of the ESR17 branch of Firefox, which the Tor Browser Bundle uses. (ESR is the Extended Support Release and ESR17 is Firefox 17 + important security updates since 17 was shipped. ESR is meant for corporate users and others who want longterm stability but security fixes as well.) -- Al Billings http://makehacklearn.org On Monday, August 5, 2013 at 4:00 PM, Shava Nerad wrote: So, essentially, Mozilla was used as the Trojan Horse to insert the payload into the servers. It wouldn't have made a difference at all if they were hidden or not, only that they were using web services and allowing any version of Mozilla to attach. -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] technical legal questions about FOIA redactions and MIT's FOIA oddness
and * *civil, as well as criminal -- ordinarily are accorded privacy protection. 126 (For a more * *detailed discussion of the privacy protection accorded such law enforcement sources, see * *Exemption 7(C), below.) * All in all a fascinating document. There are lots of interesting examples in there with some really fun stories. John Lennon. Pig farmers from hell. Journalists who won't take no for an answer even when, actually, on a privacy basis, it sounds like maybe they should. Hot stuff. It sure seems to me, that MIT would have no reason to fear. Ripping good read. I got into it. But, IANAL. So it makes me wonder, where among the three parties the weirdness lies... So let me put on my little tin hat here, and let me brainstorm, and let me ask all of y'all to tell me where I am out of line. Because, you know, it's not polite to speculate on these things in public. But this is just an academic exercise, a gedankenexperiment, and so -- it doesn't have to be polite. It just has to be logical. Please, pick my logic apart. I obviously do not understand the legalities and facts, because otherwise, this would not look so odd. Someone in this scenario is behaving badly. Let's treat it as a mystery, and speculate as to whom, logically? Is it Colonel Plum in the Study with a Wrench? - The BAD BEAVER theory (MIT bad actor, DOJ neutral, CN neutral): MIT has been a bunch of bad beavers (beavers being the school mascot) and they want to delay the reveal of their role in charging Aaron as long as possible, even though the FOIA request was expedited by the courts. Except, this is a very ham-handed way to delay -- to put the spotlight on them if that's the case. People are going to be looking twice as hard at the outcomes in regard to their role now. Bad tactics. - The HOSTAGE theory (MIT neutral, DOJ bad actor, CN neutral): Postulate that the DOJ wants to delay the FOIA request at any cost, possibly interminably -- this would not be out of step with many precedents in prior government cases. One way to delay further is to slip to MIT who has already be SWATed that if they don't cooperate in delaying tactics, the FOIA documents might include some improperly redacted references to MIT staff. This of course would be done in a way that could not be reported credibly. On a responsible basis, MIT would have to take it seriously though, and would have to file a motion. - The COLLUSION theory (MIT and DOJ bad actors, CN neutral): Neither MIT nor DOJ are enthused about their roles being revealed and are colluding on bouncing delays back and forth until the cows come home. This produces less damage control than the actual content of the FOIA requested documents, presumably, even after redaction. This might take seeing a next step to evaluate. There are variations of any of these that assume that Conde Nast has some clue as to what is going on, but is playing for ratings. To the best of my knowledge we've heard nothing from the MIT internal inquiry on Aaron. This might be a great time to find out how that's progressing. (Kevin P, have you heard anything from that quarter, since you're tracking this?) I have no special knowledge of any of this. I'm just spinning out the model as though it were a mystery, with fog of war. Risk assessment. Trust models (which would tell me, trust no one involved, heh!) I'm an avowed chauvinist (hey, I'm honest -- I don't have a rat on my finger but I do have a beaver tattooed at least metaphorically on some part of my anatomy, you can speculate where) but also a friend of the truth first and foremost. It makes me sad and wary that we've heard nothing from the investigator from the Media Lab regarding the independent internal report... The integrity of the situation comes first -- no entity is above criticism or examination -- and transparency protects the integrity of the 'Tute on a continuing basis. No Pompeias here. So, what do you think...? yrs, -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] EFF's new lawsuit against the NSA
Couldn't be prouder to see a Unitarian Universalist church heading up the plaintiffs. ;) James, I was thinking today, this is something you might know who should be thinking about it. Or anyone else DC oriented, here. There's a major potential culture jam to be wedged regarding the national security TLAs, if there were a way to change their oversight. Originally, the House and Senate committees were set as close and intimate venues because there were only a few people in the country with Top Secret clearances, and very few programs requiring it. Now, there are over four million Americans with Top Secret clearances (down to whole crews of shipping clerks in Crypto City's mailrooms -- they have their own zipcode, and the NSA is the largest employer in Maryland). Each of the scores of private contractors on the beltway -- Booz Allen, CCA, whoever -- who do business with the NSA spends more time each year on the blackline budget items individually than I suspect all the congresscritters on both committees do in aggregate. And no wonder! It's their lifeblood, and probably what, nine or so figures of lifeblood in the local economy. Not touching the CIA, FBI, and the rest of DHS. It's insane to think that the equivalent of two nonprofit boards, meeting a few times a year, without sufficient domain experience in tech, military, diplomacy, or legal issues and without access to external advisory could adequately oversee these functions on behalf of the public. With all respect, I suspect any one of us could stump Senator Feinstein on the public elements we understand of these programs just on the basis of what I see of her lag in tech and milsec. Except for perhaps a few specific programs of great confidentiality, why couldn't we have a joint commission say, between congressional and executive appointees, to oversee this work to the better satisfaction of the people of the United States (and perhaps, even by extension, the rest of the viewed world ;)? Maybe even get a few privacy mavens on there. O V E R S I G H T. Make it mean something. . Seems we haven't really reflected on why and how these oversight mechanisms were set up, and how radically the landscape has changed. If we want to ask, who will watch the watchers? why not ask it most directly? Would one have to sponsor this through the separate Rules Committees? I am thinking someone should talk to the WaPo about an op/ed, but it's likely not me, no one outside a small circle of friends really knows who I am. If we found a champion on the floor, we might want to consult their preferences on a way forward. But I can't think of a better, more efficient infusion of Brandeis' elixir into the process, and even if it didn't go through, it's an amazingly illuminating question as to why it would not. It highlights any numbers of teachable moments, don't you think? . I just like to give people the opportunity to do things that I think make sense, and then they tell me in great detail why they decline, sometimes. I learn so much through a humble attitude. ;) Yrs, Shava Nerad shav...@gmail.com On Jul 16, 2013 7:46 PM, James S. Tyre jst...@eff.org wrote: For those interested, we filed a new lawsuit against the NSA today. We have another still in litigation, but this one focuses on a specific aspect of the new revelations. Intro, FAQ and a link to the Complaint at https://www.eff.org/cases/first-unitarian-church-los-angeles-v-nsa -- James S. Tyre Law Offices of James S. Tyre 10736 Jefferson Blvd., #512 Culver City, CA 90230-4969 310-839-4114/310-839-4602(fax) jst...@jstyre.com Policy Fellow, Electronic Frontier Foundation https://www.eff.org -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] How to contact hacktivists?
Some of us are very public. But then, I don't code anymore. ;) It does get odd in definitions. http://www.sfbg.com/politics/2013/06/20/hackivist%E2%80%99s-call-culture-engagement Yrs, Shava Nerad shav...@gmail.com On Jul 17, 2013 10:42 AM, Yosem Companys compa...@stanford.edu wrote: From: Rochelle Harris rochel...@gmail.com Cc: rac...@ideastap.com Hi everyone, A favour to ask please for a friend: Anyone know any hacktivists who might be up for being interviewed for IdeasTap. If they don't want their real name published, it can be done anonymously. Message me or email rac...@ideastap.com I am also curious to know please - what is the situation with hacktivists? How do you find them? Kind regards, Rochelle -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] NSA's crypto city
For those who think it's unlikely that a staff of 5000 would be involved in something called crypto staff for the NSA? http://en.wikipedia.org/wiki/National_Security_Agency#Headquarters NSA is the largest employer in the U.S. state of Maryland, and two-thirds of its personnel work at Ft. Meade.[20]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-Barnett-20 Built on 350 acres (140 ha; 0.55 sq mi)[21]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-Gorman-21 of Ft. Meade's 5,000 acres (2,000 ha; 7.8 sq mi),[22]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-22 the site has 1,300 buildings and an estimated 18,000 parking spaces.[23]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-23 [24] http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-24 http://en.wikipedia.org/wiki/File:NSA_Employees_only.JPG http://en.wikipedia.org/wiki/File:NSA_Employees_only.JPG An exit sign for NSA employees along theBaltimore-Washington Parkwayhttp://en.wikipedia.org/wiki/Baltimore-Washington_Parkway The main NSA headquarters and operations building is what James Bamfordhttp://en.wikipedia.org/wiki/James_Bamford, author of *Body of Secrets: Anatomy of the Ultra-Secret National Security Agencyhttp://en.wikipedia.org/wiki/Body_of_Secrets:_Anatomy_of_the_Ultra-Secret_National_Security_Agency *, describes as a modern boxy structure that appears similar to any stylish office building.[25]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-BamfordBodyofSecretsp488-25 which is covered with one-way dark glass.[25]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-BamfordBodyofSecretsp488-25 The building has 3,000,000 square feet (280,000 m2), or more than 68 acres (28 ha), of floor space. Bamford said that the U.S. Capitolhttp://en.wikipedia.org/wiki/U.S._Capitol could easily fit inside it four times over.[25]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-BamfordBodyofSecretsp488-25 Under the outside glass the building uses copper shielding to trap in any signals and sounds to prevent espionage.[25]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-BamfordBodyofSecretsp488-25 The facility has over 100 watchposts,[26]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-BamfordBodyofSecretsp488489-26 one of them being the visitor control center, a two-story area that serves as the entrance.[25]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-BamfordBodyofSecretsp488-25 At the entrance, a white pentagonal structure,[27]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-BamfordBodyofSecretsp490-27 visitor badges are issued to visitors, and security clearances of employees are checked.[28]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-BamfordBodyofSecretsp489-28 The visitor center includes a painting of the NSA seal.[27]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-BamfordBodyofSecretsp490-27 The OPS2A building, the tallest building in the NSA complex and the location of much of the agency's operations directorate, is accessible from the visitor center. Bamford described it as a dark glass Rubik's Cubehttp://en.wikipedia.org/wiki/Rubik%27s_Cube .[29] http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-29 The facility's red corridor houses non-security operations such as concessions and the drug store. The name refers to the red badge which is worn by someone without a security clearance. The NSA headquarters includes a cafeteria, a credit union, ticket counters for airlines and entertainment, a barbershop, and a bank.[27]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-BamfordBodyofSecretsp490-27 NSA headquarters has its own post office, fire department, and police force.[30]http://en.wikipedia.org/wiki/National_Security_Agency#cite_note-Bamford-Alexander-30 I know our cyberwarrior said he worked in an unmarked building in Virginia. But I just wanted to post this as support for my testimony that there is a lot of NSA in the area. A *lot*. And that this place is called, Crypto City. It's a term of affection, since, what, the 80s at least when Bamford wrote about it, when I first heard the term. Certainly not all 0day archgeeks. ;) May I repeat that first sentence: *The NSA is the largest employer in the US State of Maryland.* Chew on that. yrs, -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] In his own words: Confessions of a cyber warrior
On Wed, Jul 10, 2013 at 6:46 PM, Maxim Kammerer m...@dee.su wrote: On Wed, Jul 10, 2013 at 4:43 PM, Jacob Appelbaum ja...@appelbaum.net wrote: I couldn't disagree more. This sounds consistent with the current arms race and also relates directly to the 0day markets that have been active for many many years. Remember though: buying 0day bugs or exploits for 0day is just one part of a much larger picture. The interview is either a hoax or an exaggerated “hunting story”, for two primary reasons: number of employees, and number of exploits. Militiaries have a huge problem recruiting cyber ops specialists at present, and most of the recruited are not even remotely good. At the moment, the whole of USA has just 4 colleges certified by NSA to teach offensive security (CAE-CO) [1]. USCYBERCOM has “close to 750 employees” [2]. For the level of skill described, all of US military might have, I don't know, 50 senior specialists? Why would this guy work via a staffing company, in a team of 5000, in an unmarked building? My brother works for CCA. He works for the Office of the Secretary of Defence. He has worked for something having to do with MI since the 60s, and in 1979, a friend at MITRE at the MIT Strategic Games Society who vetted people for what clearances they have told me, Tell me your brother's name/rank and where he's stationed, and I'll tell you his clearances. So, the next weekend, my friend comes back looking a little creeped out, takes me in a corner and says, I've never had this happen before, but when I checked your bro? It said, 'Please establish a need to know; this transaction has been logged.' The last business card I saw for him was when he'd mustered out and was consulting at Quantico, and his card said, in English on one side, and Korean on the other, Master Wargamer. OK, I have to confess, I had title lust. We have interesting holiday dinners not talking about our work. He works at some facility uphill from Provo CO. Maybe it's Prism? I wouldn't know. We don't talk. None of my information is from him. I wouldn't do that to him. I am very careful. However, I do know that if he is like most CCA, Booz Allen, and other such folks with clearances like his he works in very large facilities. They are unremarkable. They are full of secretaries and file clerks and accountants and all the usual sorts of people that you would expect in any big IT company. They all, I imagine, work for big beltway-style consultants, not the military. His daughter does. His wife does. They have top secret clearances, too. They are not arch geeks. I did not see in that story that it said that all 5000 of the people were cyberwarriors. FOUR MILLION PEOPLE in the USA hold top secret clearances. http://www.washingtonpost.com/blogs/worldviews/wp/2013/06/12/top-secret-clearance-holders-so-numerous-they-include-packerscraters/ This is why. You work in one of these unmarked beltway buildings, you have to have a top secret clearance to get by the two levels of gate security to get up the drive to the parking area. They are fully staffed office buildings. As the story reports, they have mailroom staff with top secret clearances to move crates. Cyberwarrior types (even peaceful ones) don't tend to want to do their own paperwork. I think I have reason to know this...:) I wonder if it's wise to pick this story apart in such great detail when the very noir-storytelling flavored piece had so little detail described by the journalist himself? Did the journalist have anything he stated? Was he able to verify anything? No. He could not fact check. He was doing a character study, don't you think, not an investigative piece. Perhaps it was meant to portray a picture of the personality of the cyberwarrior type we are hiring, and an image of how tweaky that life is. Which I believe it succeeded in very well. But as a journalist you can't exactly say, Look how egotistically tweaky this dude is! without jeopardizing further stories, amiright? So perhaps the journalist is giving you as the reader a little credit for reading between the lines, intelligently (that being the root of the word: inter for between, and legens for reading), to figure out what exactly you can draw as credible or not, but the point may be -- omg, this is what we're grabbing for our cream of the crop? Don't shoot the messenger. It's an interesting message if you don't dissect it too finely. yrs, -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] An interview with Snowden and more in Der Spiegel
I've always acted as though everything was transparent to examination, and encryption was something I did as a favor for the other people in my life. So I guess that makes me more tin hat than all of y'all in a way...;) I grew up in a world where people just walked in your house or office and took your stuff and rifled through it at leisure. That's the issue the folks we talked to in Vietnam had -- they said encryption ultimately didn't do them much good, Tor didn't either -- they didn't have physical security. I don't assume much, ultimately. I saw my dad's FBI files. My godfather worked at Beacon Press during Watergate. It's why I'm here... SN On Mon, Jul 8, 2013 at 7:55 AM, Jason Gulledge ram...@ramdac.org wrote: As an activist, this is pretty damned frightening: (excerpt from http://cryptome.org/2013/07/snowden-spiegel-13-0707-en.htm) *Question:* What happens if the NSA has a user in its sights? *Snowden:* The target person is completely monitored. An analyst will get a daily report about what has changed in the computer system of the targeted person. There will also be... packages with certain data which the automatic analysis systems have not understood, and so on. The analyst can then decide what he wants to do - the computer of the target person does not belong to them anymore, it then more or less belongs to the U.S. government. This has ominous implications. I worry about the private encryption keys on the computers of people in the sights of the NSA. On Jul 8, 2013, at 1:36 PM, Jacob Appelbaum ja...@appelbaum.net wrote: Hi, What we're seeing in Der Spiegel, The Guardian, Washington Post and other select publications is the birth of new threat models - not just for activists but for all of civil society, parliamentarians, companies and more. This is a threat model that many have known and yet at the same time, there is clearly new stuff. For one - we're seeing confirmations of things that have been denied in public - we're also learning the names of things, which now made public, may be FOIA'ed by name as well as pushing for disclosures. This is where we'll see if America will shine - when the information comes out, will we be able to use our democratic process to turn this disaster around? I'd like to think so - that is why I worked on these pieces - hope is not lost. Though hope alone is not a strategy. I think this may be of interest to people on the list: http://www.spiegel.de/spiegel/index-7028.html http://www.spiegel.de/politik/deutschland/snowden-enthuellung-verbindung-zur-nsa-bringt-bnd-in-erklaerungsnot-a-909884.html http://www.spiegel.de/politik/deutschland/us-lauschangriff-opposition-macht-druck-auf-merkel-a-909871.html For non-German speakers I suggest the following English links: http://www.spiegel.de/international/topic/whistle_blowers/ http://www.spiegel.de/international/world/whistleblower-snowden-claims-german-intelligence-in-bed-with-nsa-a-909904.html http://www.spiegel.de/international/world/edward-snowden-accuses-germany-of-aiding-nsa-in-spying-efforts-a-909847.html http://www.spiegel.de/international/world/snowden-reveals-how-gchq-in-britain-soaks-up-mass-internet-data-a-909852.htmlv My interview with Snowden is available as a leaked pdf on cryptome in German: http://cryptome.org/2013/07/snowden-spiegel-13-0707-en.htm http://cryptome.org/2013/07/snowden-spiegel-13-0707.pdf http://cryptome.org/2013/07/snowden-spiegel-13-0707-2.pdf The English original will be released this week. Last week's article is also very important: http://www.spiegel.de/international/world/secret-documents-nsa-targeted-germany-and-eu-buildings-a-908609.html This is also probably of great interest to people on the list: http://oglobo.globo.com/infograficos/volume-rastreamento-governo-americano/ http://jaraparilla.blogspot.com/2013/07/nsa-surveillance-of-australia-exposed.html http://www.theage.com.au/world/snowden-reveals-australias-links-to-us-spy-web-20130708-2plyg.html Welcome to the Grim Meathook Future, Citizens! Lets turn this ship around! All the best, Jacob -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Google: CLG News 'does not comply with Names Policy'
blogged to #nymwars on g+. On Thu, Jul 4, 2013 at 1:37 AM, Lori Price l...@legitgov.org wrote: ** *Google: CLG News 'does not comply with Names Policy'http://www.legitgov.org/Google-CLG-News-does-not-comply-Names-Policy * by Lori Price, www.legitgov.org 02 Jul 2013 *NSA buddy Googlehttp://www.wired.com/threatlevel/2012/05/google-nsa-secrecy-upheld/ * will not allow CLG News on Google+. After receiving countless promos at from Google to set up a 'Google+' account, I clicked to 'upgrade' to Google+. Google requested I select a different name, even though my Gmail address -- established years ago -- is clgnews at gmail dot com. When I declined to select another name, Google presented the option to 'click to appeal' to use CLG News as the owner for CLG News on Google+. On 28 June, I received an email from Google, which included the following comments. *After reviewing your appeal, we have determined that your name does not comply with the Google+ Names Policy. We want users to be able to find each other using the name they already use with their friends, family, and coworkers. For most people this is their legal name, or some variant of it, but we recognize that this isn't always the case, and we allow for other common names in Google+ -- specifically, those that represent an individual with an established online identity with a meaningful following.* CLG News, in fact, has a HUGE and 'established online identity with a meaningful following,' although NSA buddy Google doesn't 'see' that. Or, maybe they do, and that's the problem... See also: *NSA buddy Google wants me to change my name, declaring 'CLG News' is 'too long' for people to rememberhttp://www.legitgov.org/NSA-buddy-Google-wants-me-change-my-name-declaring-CLG-News-too-long-people-remember * by Lori Price 09 Dec 2012. http://www.legitgov.org/Google-CLG-News-does-not-comply-Names-Policy http://www.legitgov.org/NSA-buddy-Google-wants-me-change-my-name-declaring-CLG-News-too-long-people-remember -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Transcript of NSA recruiters vs. students
For those of us old enough, compare this to the kind of confrontation that ROTC recruiters experienced on college campuses late in the Vietnam war. A brief little student paper from LMU: http://100.lmu.edu/Assets/Centennial/Website/Oral+History/Articles/mcnerney2.pdf And for those with more time/interest the legal battle to return ROTC to campuses that banned it (from Parameters, the journal of the Army War College): http://strategicstudiesinstitute.army.mil/pubs/parameters/Articles/06winter/lindeman.pdf These are divisive problems. SN On Thu, Jul 4, 2013 at 12:32 AM, Douglas Lucas d...@riseup.net wrote: A freelance journalist/Ph.D. candidate in anthropology and media attended an NSA recruitment at a language program at the University of Wisconsin very recently and produced this transcript of him and students challenging the recruiters about the Snowden leaks. It gives me a slight sense of the NSA demoralization James S. Tyre just mentioned. http://mobandmultitude.com/2013/07/02/the-nsa-comes-recruiting/ -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] How many of us are at CFP?
And though CFP is over, I will be in DC for meetings for Blue Rose until maybe Saturday, now, it looks like, if anyone wants to get together! I am renewing my researcher card and camping out at LOC at the law library as coworking space when not in meetings. It will feel like the late 90s (only with free wifi and lacking a mulch of IRS EOB archive cases spread around me), heh. Yrs, Shava Nerad shav...@gmail.com On Jun 26, 2013 7:43 PM, R. Jason Cronk r...@rjcesq.com wrote: I was though didn't see the message until just now. Jason On 6/25/2013 2:28 PM, Shava Nerad wrote: I am. *purr* Shava Nerad shav...@gmail.com On Jun 25, 2013 11:58 AM, Bill Woodcock wo...@pch.net wrote: ...today? Apropos question, given that it's nearly lunchtime in D.C. -Bill -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] A Different Panel with Whistleblowers
Just as an historical footnote, at #cfp2013 today, I verified with Binney that his statement re: Snowden's transition from whistleblower to traitor was in fact a risk assessment of his positioning. (We're listening to him speak over lunch right now.) He is spending all his time evangelizing for NSA privacy accountability (for Americans) now. I personally agree with him that military intelligence has a mission to spy -- it's a tautology. Our military in the US is too big for its britches, and that's a longer problem. But it's a minimization issue, not elimination. No country will unilaterally eliminate their MI. So please, be mindful with our ex-military, they will not say we do not need a military, or spies; or that the military or MI is inherently evil. You may disagree as a pacifist, but these are our allies in this struggle (final beat on a dead horse I hope). This lunch panel is amazing is pretty amazing. A call to action to citizen action to protect citizens here *and* abroad from Thomas Drake, just amazing, saying it is all too broad and secret. Abdo, Bamford, Binney, Drake, and Andrew Clement moderating -- wish you all were here! We need sunlight! Yrs, Shava -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] How many of us are at CFP?
I am. *purr* Shava Nerad shav...@gmail.com On Jun 25, 2013 11:58 AM, Bill Woodcock wo...@pch.net wrote: ...today? Apropos question, given that it's nearly lunchtime in D.C. -Bill -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] my op/ed in the SF Bay Guardian
http://www.sfbg.com/politics/2013/06/20/hackivist%E2%80%99s-call-culture-engagement Pretty much what I've been carrying on about here. ;) yrs, -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] USA Today panel with 3 American Whistleblowers
On Wed, Jun 19, 2013 at 10:53 PM, serap...@riseup.net wrote: I think it is bad form of Binney to break the line. It is clearly of exceeding importance to the world public to know that the United States is escalating the arms race in offensive state hacking. What makes you think that the US is escalating the arms race in state hacking? I am not trying to defend it specifically, I am just saying -- hacking is ongoing. I'm amazed you have metrics! Please share them. Sadly this is in line with Binney's stated reasons for dissident speech in recent years. He had no problem with NSA's aspiration to global network omniscience, so long as it respected the privacy of Americans. So he is against constitutional violations or FISA hitches, but the rogue's gallery of US transgressions over the last century are ok with him. In the work of liberation, we must negotiate across the table with all kinds of people, not just people we agree with on all counts, and not just people we understand in all ways. And we often work as allies with people who we do not agree with or understand, but who share common goals. We need to pick our battles, or we will founder. MLK and many other people have said, Keep your eyes on the prize, move on. Binney was an officer in the US military, in which he served with distinction for thirty years. I think you don't understand what that means. It means he took oaths to defend the US (and take offensive roles against anyone he was told was her enemy as part of the MI service) and did so faithfully for the entirety of his adult life. And then, as officers are told sometimes they must do, he was given an order contrary to the Constitution which he was sworn to uphold, prior to the individual order he was given. So he made a choice out of honor. Binney is not a pacifist, and your idea of who he should be, because he believes in civil liberties, will not make him a pacifist. It will not make him a person who sees his role of 30 years in the US military as a waste or wrong or dishonorable. Are you thinking of him as a human being? It is, perhaps, bad form, considering his contribution to this struggle, for you to break the line and snipe at him -- oddly considering what you are sniping at him for... Obviously you do not identify him as part of this struggle, but as Other, non-human, enemy. That makes you the militant in this conversation, too, according to what my father taught me about formal nonviolence theory. Please try to draw Binney back into the circle of people you consider to be fully human, and perhaps we can start this conversation again? Binney sacrificed his career, his friends, and his reputation and a great deal more to bring us a message out of honor to his country and the Constitution, not because he hated the military or the US, but because he loves this country. You might not understand that, but I hope you can honor the differences in the community of people who work together with similar ends in mind. But I will still posit (perhaps generously) that Binney might be thinking that Snowden is being a complete idiot and hoisting his own petard by talking without discipline because for God sake I think Snowden may have just signed his own warrant. But we'll see what comes of it. Who knows, maybe nothing. Or maybe Ron Paul is more on top of things than I hope he is, as flamboyant as he can be. When I say that I am sad because I am worried about Edward Snowden. But when you criticize Binney, I think you are not sad, but want people to dislike or despise him. If that's not the case, maybe you need to back down your language. But if it is the case, then why is it that people who are working toward the same causes need to do this sort of thing? It's not even to pick on you particularly, but I see this so often. It's chronic. The activist community comes under stress, and we act out, we gossip, we fracture under strain. We eat our young, we alienate potential allies, and we self-destruct (as perhaps young Snowden just did) because we are often lacking in real training and discipline -- if we are disciplined in security we are not disciplined in words or vice versa, often enough, and we often fail to properly distribute that load organizationally, for example. Sometimes breaking the line is a smackdown, sometimes it's reformation, and yes, sometimes it's just a cry of frustration. But we are in this line of work each for our own reasons, and our vocations -- our callings to the work -- differ. It's healthy to respect that, and that can be very hard if the reason you are called to the work is your fury with others who are called to the same work. Activists burn out early if they don't balance these things. yrs, -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo
Re: [liberationtech] USA Today panel with 3 American Whistleblowers
, if you aren't mourning, you aren't organizing, I'm asking which side you are on. And that's a risk assessment too. I don't feel it's fair to give any particular person slack. At some point, we have to start treating this as a resistance movement, with due respect. Liberation, through evolution, I still have some hope... And just as Binney and they have respect and all,for this country, and MLK also -- I am aiming for the Beloved Community, but we are not there yet. It's a system in dynamic struggle with itself, and that's how this country was designed to be from its inception. But at some point, honestly, back maybe in the 60s, or after Watergate, intellectuals and liberals and lefties decided that all these Establishment (and especially the low paying) jobs were totally un-cool, and left them to the right, conservative, and 3-month-attention-span trogs. So after a couple generations, the military, finance, civil service, politics -- whole swaths of civil society in this country are wastelands of participation by significant liberal post-conventional leadership. The center can not hold, and it has all moved right -- have you noticed? :) And in my opinion, that's how America now has the government she deserves after 50-odd years. None of our issues will be ameliorated here unless we ameliorate this. I come from a family that didn't buy into this notion, and we have liberals in the military, for example, on the assumption that you need people of a liberal bent in military leadership -- steward leadership -- to moderate decisions in time of peace or war. To damp casus belli. To sanity check programs as they are run up the flagpole. If you leave the military to the hawks, isn't that abandoning your society to war? My son is in Army ROTC in a military academy. He enjoys explaining to his officers how it is that a philosophical anarchist is better suited to operate in fog-of-war conditions. It makes the junior officers' heads explode, and you might feel reassured -- his senior officers don't find it disturbing at all. There are a lot of things to love about this country if you can appreciate it for being quite as complicated and anomalous as it really is -- and work to make it better. We are only 200 years old, a blip on the chart of human history, and we haven't started to get things right. Technology has honestly put more pressure on us (globally) during that time than I think the species can properly bear. So we are the pressure-cooker social experiment in the pressure-cooker technological experiment of a species bent on a race between self-descruction and transcendence. If you look at human history, the perception is that race has been going on forever.. And the struggle to stay unified while working on all this has also been a difficult problem -- the perception has been, forever. But the taboo is, you shouldn't speak of it. And I'm sorry to do so, but sometimes, it's important. But I have to say, modern science has given self-destruction a real boost. And the time-compression effect has changed all the rules. So we need to work harder and with better coordination -- and that's why the Internet might be critical. If we can make the Internet about more than kittens and more kittens, without it being only Evgeny's Panopticon of Punishments. (Not that this is Evgeny's wish! But I'm sure Evgeny is feeling sad and just a bit smug this past week or so...) I go to young digital natives in this country and tell them, they have to leave the comfort of their ergonomic chairs and go to meetings in their communities because all politics is local if they want to change the world and they tell me No, everything will be online, all I'll have to do is click buttons at my friends! They literally seem unable to comprehend that the courts, the Congress, the political parties that spend decades in their parliamentary machines grooming the candidates that their two second vote referendum ratifies (and justly they feel their vote barely or doesn't count) -- all these things are in meatspace, but are influenceable just by showing up. But they would rather *watch* Game of Thrones than go out and fight dragons in the real world. I have some ideas about that, too, and for those of you who'll be at CFP in DC next week, please come talk to me about them. I've rattled on enough for now... yrs, -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Query on implications of dragnet eavesdropping
IANAL. My understanding is that the TSA archives but does not examine the data except under specific FISA searches. This is their justification that it isn't really domestic spying, because it's a fossil record of the data, like archive.org for every stream, and they just want to be able to go back into that snapshot and get what they want. If the privacy implications were not so horrifying, scholars would be expiring with envy. Because of the communications allowed among branches of the DHS, I would imagine, but I have no idea not being a criminal lawyer on that level, that if a FISA search brought up evidence of, say, a crime relevant to the FBI, it would go through channels. It might be funky if it would jeopardize an ongoing terrorism investigation. Jurisdictional issues in any area of LE get sticky. DHS was intended to lubricate the worst idiocies of the often passive-aggressive barriers individuals or the bureaucracy would throw in the way of inter-agency cooperation. What it did as a major side effect, throwing out the baby with the bathwater, was blur posse comitatus or the division between military and civilian policing in the US, to the point where as of May, it seems this is a nearly illusory boundary. However, since all this data is gathered under clearances, the family would, on a practical basis, find it nearly to completely impossible to sue the government in this case. They would, from what I have seen from the ACLU/EFF beating themselves bloody to very occasional expensive wins, have scant chance as individuals at storming those walls. Yrs, Shava Nerad shav...@gmail.com On Jun 21, 2013 12:37 AM, Louis Suárez-Potts lui...@gmail.com wrote: Hi, This may be a banal or mundane query and probably doesn't directly pertain to recent reports of NSA tapping or any other agency's. But let's say that in their apparent dragnet the NSA or any other similar agency finds probable cause to consider one or more persons as involved in a conspiracy to commit a nonpolitical and very mundane but no less horrible crime; or say that they (the agency) comes to learn or strongly suspect that the subjects of interest have already done something criminal and awful. Would the agency be required to handover that incriminating information to the relevant local or federal police authority? Would they need a special warrant for doing that? Would even breaching the way in which this information was acquired be legally possible? (And thus, out of a sotto voce transmission, unlikely.) And let's further suppose that the agency has captured what seems to be strong evidence that a crime will be committed but because of the circumstances of the data capture, the identity of the agency, and because it doesn't seem to relate to the ostensible purpose of the agency program, nothing is done (except an archive is made, presumably), and the criminal act is committed or the criminals who were recorded discussing it go on as before, unimpeded and free, at least for this particular act. And if this failure of action by the agency, to notify relevant authorities and either prevent the act or arrest its committers, is then discovered by, say, upset family members, would they be able to sue the agency for a failure to act? (Im thinking of people specifically harmed by the commission of the crime.) Put another way, supposing that a record of what seems to be all communications taking place in a given nation is being assembled by an agency whose purpose is to protect the residents of a nation, where does one draw the line of government responsibility? I'd guess that this question has actually been answered a long time ago, and I'd be delighted to learn of the references to prior discussions of the issues. It's an interesting point, at least to me, and also clarifies the logic of directed intelligence gathering predicted by a specific suspicion: namely, that the epistemological frame is tightly drawn (or ought to be), and thus the boundaries of responsibility to act are equally limited. Cheers, Louis -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] [tt] NSA Prism is motivated in part by fears that environmentally-linked disasters could spur anti-government activism
protestors were being brought more on the radar. The programme continues today, despite police acknowledgements that environmentalists have not been involved in violent acts. The Pentagon knows that environmental, economic and other crises could provoke widespread public anger toward government and corporations in coming years. The revelations on the NSA's global surveillance programmes are just the latest indication that as business as usual creates instability at home and abroad, and as disillusionment with the status quo escalates, Western publics are being increasingly viewed as potential enemies that must be policed by the state. Dr Nafeez Ahmed is executive director of the Institute for Policy Research Development and author of A User's Guide to the Crisis of Civilisation: And How to Save It among other books. Follow him on Twitter @nafeezahmed -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Bambi http://BambisMusings.WordPress.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] [tt] NSA Prism is motivated in part by fears that environmentally-linked disasters could spur anti-government activism
I think he means people herding, not people culling -- at least I hope so! ;) It's at best ambiguous in idiomatic English. SN Shava Nerad shav...@gmail.com On Jun 14, 2013 9:10 PM, Moritz Bartl mor...@torservers.net wrote: On 15.06.2013 02:18, Guido Witmond wrote: The original analysis read to me: We face severe problems that might lead to civil unrest. We need more population control, whatever the price. Now we also have civil unrest due to the population control. We need even more funds. How does population control come into this, and what do you mean by it? -- Moritz Bartl https://www.torservers.net/ -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] NSA whistleblower revealed
You have to love the reply: We've come a long way since the Pentagon Papers were sidelined by Tricia Nixon's garden wedding party ROFLMAO! SN On Sun, Jun 9, 2013 at 8:35 PM, Nadim Kobeissi na...@nadim.cc wrote: Check out this screenshot of the front page of the New York Times right now. Unbelievable: https://twitter.com/kaepora/status/343888967554457600 NK On 2013-06-09, at 8:17 PM, Matt Johnson railm...@gmail.com wrote: Snowden says he wants asylum in Iceland. Why not go there directly? Going to Hong Kong makes him vulnerable to accusations of working for the PRC. None of that makes sense to me, but what do I know. I will watch, and learn. -- Matt On Sun, Jun 9, 2013 at 3:52 PM, Raven Jiang CX j...@stanford.edu wrote: There is a strong resistance against Chinese strong-arming in Hong Kong, plus I am not sure that it is actually in the interest of the Chinese government to help the US do anything about this. I think you can make a case for why it's a better choice, though it is definitely debatable. On 9 June 2013 15:10, Sheila Parks sheilaruthpa...@comcast.net wrote: I agree with what you say about Hong Kong He does say he would like to end up in Iceland Wonder why he did not go there in the first place Such an immensely brave and honest person Sheila At 06:04 PM 6/9/2013, you wrote: On 06/09/2013 04:43 PM, Matt Johnson wrote: I have to say going to Hong Kong for free speech and safety seems like a very odd choice to me. What was he thinking? Actually, and I think this is pointed out in either the video or an article somewhere, Hong Kong doesn't generally suffer the speech restrictions mainland China does. Sure, they aren't completely free but protests and unpopular political speech happen quite frequently and are generally well tolerated by the government. Still, I have to wonder why he didn't go somewhere like Iceland. To me, that would have been a no-brainer. Anthony -- Anthony Papillion Phone: 1.918.533.9699 SIP: sip:cajuntec...@iptel.org iNum:+883510008360912 XMPP:cypherpun...@jit.si www.cajuntechie.org -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech Sheila Parks, Ed.D. Founder Center for Hand-Counted Paper Ballots Watertown, MA 02472 617 744 6020 DEMOCRACY IN OUR HANDS www.handcountedpaperballots.org she...@handcountedpaperballots.org -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] NSA whistleblower revealed
Regarding extraordinary renditions: I have to note that there has been phenomenally zip in the news media on these since Obama got smacked on the nose about them a few years ago. Most of the FBI news stories regarding domestic terrorism have been show trials regarding sting operations of Muslim men, usually seeming to have mental health issues, who were entrapped by a network of operatives into planting a fake bomb and then put on some trial with a grand jury and put away on felony charges in some form of War on Terror theater. It is hard for me to believe that, in the interim of the administration getting its nose smacked and now, that nothing but the Boston bombing has erupted (pardon the term) on the domestic terrorism front. So I have to assume DHS has quietly been continuing with renditions. Much more quietly. To God knows where, since they seem to be doing overtures to shut down Gitmo now. When that gets revealed, it will make Prism look like a sideshow -- sending US citizens to foreign prisons without trial for interminable imprisonment? Tasty. Honestly it's hard for me to imagine it hasn't been happening. The absence of news nearly proves it. I can't believe that the terrorists have just...given up. Well, except for two boys in Boston, unanticipated. This is a big country, and we have at least as many enemies as Israel and other places that are quite rife with violence. I'm sure there is gang violence being misreported and other things being spun. But I am equally sure we are disappearing people. It can't have stopped, and there are no real trials. Strategically, as risk management, historically, statistically -- it makes no sense. This is my assessment. Yet several journalists I've asked about it (one of whom is on this list) have told me, Find evidence and we'll report it. Oddly, I used to think that was the job of investigative journalists -- to find the gaps in logic and find the facts to fit them. I don't have those resources, but then, neither do the newsrooms these days. And some of them won't jeopardize sources if they did, so it's on the back of...whistleblowers, traitors, the semantics get ever more complicated. Every year as I age I get more and more compassion for the current elder generation in Germany. It makes me sad. What color rose shall the American resistance pick -- blue perhaps? We have them now. yrs, -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] New Yorker debut's Aaron Swartz's 'Strongbox.'
/snark Why, take the positive spin. Think of it as proving the New Yorker's place in this constellation. They can destroy Aaron Swartz' character in one article and use him now to promote their project without a single qualm. And, they can hire Poulsen who has publically compared Tor and Tor users to terrorists and worse in the pages of their sister publication Wired (once so egregiously that even in this day of op/ed journalism, I got a retraction) to maintain it, since who would understand the architecture and user needs better? This proves, beyond a shadow of a doubt, their journalistic integrity. /end snark Standard disclaimer: haven't spoken for Tor officially since 2007. But gz. This seems special. Of course, I imagine it doesn't make a fig of difference to the average observer, but it's stunning how bold obscurantist things like this I can see make me wonder -- what richness am I just missing in my environment daily for lack of awareness of the foxes that surround me? Yrs, Shava Nerad shav...@gmail.com On May 16, 2013 10:01 AM, Nadim Kobeissi na...@nadim.cc wrote: The technical aspects aside, I find the fact that they're using Aaron Swartz as a marketing asset to be morally problematic. :/ NK On Thu, May 16, 2013 at 6:04 AM, Jacob Appelbaum ja...@appelbaum.netwrote: Sarah Lai Stirland: http://www.newyorker.com/online/blogs/newsdesk/2013/05/strongbox-and-aaron-swartz.html http://www.newyorker.com/online/blogs/backissues/2013/05/strongbox-the-new-yorker-investigates.html Kevin Poulsen suggested I open issues on Github and I've been doing so as 'ioerror' for the last few hours: https://github.com/deaddrop/deaddrop/issues https://github.com/deaddrop/DeadDropDocs/issues Looking at the current deployment doesn't impress me much - I think there is a lot of potential though... All the best, Jacob -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] What we can do about CISPA ?
Gosh, too bad we don't have someone like, say, an ethics fellow at Harvard with organizing experience and enthusiasm and time on his hands even if he had to rudely dump something to help to coordinate this. Signing petitions, I'm afraid, will have little influence. No reason not to! It was wicked close last time, if you remember. http://www.technologyreview.com/view/426383/sopa-battle-won-but-war-continues/ There were considerably more than internet petitions involved: http://wagingnonviolence.org/feature/the-day-aaron-swartz-helped-make-the-internet-go-dark/ http://www.wikiwriters.info/cnet-news/how-aaron-swartz-helped-to-defeat-hollywood-on-sopa.html http://www.techdirt.com/articles/20130117/14532121718/internet-freedom-day-watch-aaron-swartz-explain-how-sopa-was-stopped.shtml We need calls, faxes, letters, people walking into offices in DC, recruit influencers, get people talking to media. (And sorry, I am too old and sick to take point, I have to plead excuses -- no one is sadder about this than I am... I can help write, and advise, but I can't take point...). As change instruments, internet petitions suck. They work well as mechanisms to harvest names and addresses and donations for the organizations who set them up. But they influence no one in Congress. They don't raise enough money to buy votes, only a few staffers to set up the next petitions. They may serve to educate voters a bit, but usually they are set up as obscurantist as any other fundraising marketing instrument. Don't mourn, organize! To absent friends, SN On Sat, Apr 20, 2013 at 2:01 AM, Ahitagni Mandal ahitagni.man...@gmail.comwrote: Hello,We all know about CISPA , what can we do about it? It passed the U.S. House, and will now head to the upper Senate chamber for further deliberation. CISPA will mean that all he top tech companies like say your email company , your social networking company will be able to share your private data with Government without a warrant or anything. Like if police comes to your house the need a warrant to search, but with this bill they can search thorough your digital data without warrant of any kind. You can see how the co-founder of the Reddit, Alexis Ohanian tried to call Larry Page of Google and could not get through, so with other tech giants like Facebook and Twitter in this YouTube video http://www.youtube.com/watch?v=IkuH5ZjEdBw So, my request to all of the members in the list please sign this petition. http://www.saveyourprivacypolicy.org/ Thanks -- Ahitagni Mandal www.ahitagni.com Twitter: @ahitagni http://www.twitter.com/ahitagni -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] And right on cue, the flush our civil liberties down the toilet boys rear their ugly heads
and idiocy go over the wires for the coming weeks, just as we did after 9/11, probably in miniature. Some information too. It might be worthwhile to pull in Andy Carvin (he and I and I feel badly -- I forget the gentleman in Germany who was the third moderator on sept11-i...@yahoogroups.com after 9/11) moderated an English language mostly press but also op/ed list on and after 9/11, a curated predecessor to Twitter curation as an email list. We included (often with editorial notes and disclaimers that certain aspects were factually incorrect) items regarding Jews being told not to go to work at the WTC on 9/11 and so on. The same sort of thing is going on on G+ and Twitter and FB now regarding the marathon bombings and the suspects. It's worth capturing and deconstructing the hysteria, if anyone can figure out a way to do it. It's far more distributed than it was in 2001. yrs, SN On Fri, Apr 19, 2013 at 3:55 PM, Jacob Appelbaum ja...@appelbaum.netwrote: Shava Nerad: I was fascinated today to see Mother Jones and many others reposting, entirely without reflection or comment, what seemed to me to be not crowdsourced images but second story surveillance camera shots of the FBI suspects. (Who, in addition, are being howled after as guilty until proven innocent in this digital manhunt - and thank God the NYPost exonerated their suspects before that turned into something ugly...) Well, yes, the FBI is doing their job with the tools available, and as I live in metro Boston I would most healthily STFU... But if this incident had happened in London, I can't help but think MJ et al might have engaged a moment of reflection and spine in the middle of that process, perhaps? I find it telling that the local news papers in Seattle referred to their photos as 'potential suspects' on the front page. The use of language is telling - it suggests that to be suspect is to be guilty. I wouldn't be surprised if we saw people using the word potential as a subtle replacement for suspect in the near future again and again. I also find it striking that it looks like de facto martial law has been imposed on parts of Boston: http://www.cnn.com/2013/04/19/us/gallery/boston-area-violence/index.html?hpt=hp_t1 Who are all the players in this by the way? The SWAT team in those photos looks like a full blown military unit; the vehicles look like APC/mini-tanks. The bomb robots look like iRobot produced machines. I haven't seen any of the radio equipment up close but I'd bet that they're pulling out all the stops. I wonder if they'll publish the raw logs from the Boston ShotSpotter system? I know they have it deployed but I'm not sure if it extended to MIT's campus. All the best, Jacob -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] And right on cue, the flush our civil liberties down the toilet boys rear their ugly heads
Sorry, parsing error on my part -- Skinheads wanting to disrupt a demonstration on behalf of gun control The last mile of the marathon was devoted to the victims of the Sandy Hook shootings. Long week. Tired. yrs, SN On Fri, Apr 19, 2013 at 10:10 PM, Griffin Boyce griffinbo...@gmail.comwrote: Shava Nerad shav...@gmail.com wrote: Skinheads wanting gun control are being blamed I was not aware this was a group that existed. ... It's kind of amazing just the level of rhetoric that has come out in favor of increase surveillance (monitoring) and decreased speech freedoms (CISPA) in just a few days. Boston seems like one of the most surveilled places in America, and I was just there like three weeks ago. The marathon, in particular, is taped from innumerable angles along the entire distance. It's hard to see the logic in adding layers upon layers of surveillance, when there's no evidence that it has any positive affect at all. ~Griffin -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] And right on cue, the flush our civil liberties down the toilet boys rear their ugly heads
I was fascinated today to see Mother Jones and many others reposting, entirely without reflection or comment, what seemed to me to be not crowdsourced images but second story surveillance camera shots of the FBI suspects. (Who, in addition, are being howled after as guilty until proven innocent in this digital manhunt - and thank God the NYPost exonerated their suspects before that turned into something ugly...) Well, yes, the FBI is doing their job with the tools available, and as I live in metro Boston I would most healthily STFU... But if this incident had happened in London, I can't help but think MJ et al might have engaged a moment of reflection and spine in the middle of that process, perhaps? Interesting times... Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] And right on cue, the flush our civil liberties down the toilet boys rear their ugly heads
Earlier today, btw, I predicted that this is why CISPA had a chance of passing the Senate, unless Leahy or some other eloquent champion spends considerable political and social capital smacking it down. Awful timing. The House had been planning cybersecurity week for this week for months. I am not quite enough of a paranoid hippie to suspect these events were engineered to promote the cybersecurity bills and budget lines. That would be insane. However, the events of this week will be used for that precise purpose. It's a very grim gift horse Sigh... Shava Nerad shav...@gmail.com On Apr 18, 2013 8:28 PM, Yosem Companys compa...@stanford.edu wrote: From: Lauren Weinstein lau...@vortex.com And right on cue, the flush our civil liberties down the toilet boys rear their ugly heads We Need More Cameras, and We Need Them Now http://j.mp/14A4fY1 (Slate) Cities under the threat of terrorist attack should install networks of cameras to monitor everything that happens at vulnerable urban installations. Yes, you don't like to be watched. Neither do I. But of all the measures we might consider to improve security in an age of terrorism, installing surveillance cameras everywhere may be the best choice. They're cheap, less intrusive than many physical security systems, and-as will hopefully be the case with the Boston bombing-they can be extremely effective at solving crimes. - - - This kind of misguided and factually vacuous proposal is more dangerous to freedom than all the terrorism on the planet. --Lauren-- Lauren Weinstein (lau...@vortex.com): http://www.vortex.com/lauren Co-Founder: People For Internet Responsibility: http://www.pfir.org/pfir-info Founder: - Network Neutrality Squad: http://www.nnsquad.org - PRIVACY Forum: http://www.vortex.com/privacy-info - Data Wisdom Explorers League: http://www.dwel.org - Global Coalition for Transparent Internet Performance: http://www.gctip.org Member: ACM Committee on Computers and Public Policy Lauren's Blog: http://lauren.vortex.com Google+: http://vortex.com/g+lauren / Twitter: http://vortex.com/t-lauren Tel: +1 (818) 225-2800 / Skype: vortex.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Why are we here?
Any texts that people see every day becomes invisible. Like footers. It's perceptual psych. Fixing the footer will not help, and fixing humans is arguably outside the scope of this list. Any texts that people see erupt repeatedly (over voting on mailing lists, checking Snopes first, or bike sheds) add to community fatigue. Community fatigue definitely diminishes our capacity for collaboration and information sharing, which are the purposes of the list. I suggest we refocus on the topical content rather than meta content, for the health of all involved. Please do not vote on this suggestion. Nothing to see here...;) Yrs, Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Vote results on Reply to Question
On Wed, Mar 27, 2013 at 11:37 PM, Andrés Leopoldo Pacheco Sanfuentes alps6...@gmail.com wrote: The beauty of democracy! :-) ...for some definitions of beauty but all definitions of democracy. That's my love with all the warts and blemishes! :) yrs, -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] What's wrong with the kids these days? - On the moral decay of the Dutch hacker scene
When I worked for Tor I was constantly told I did not get the hacker scene by the 20-30 something hackers. I am more or less a contemporary with rms and ESR. In fact I danced to Eric's flute in the halls of east coast US science fiction cons when we were both still teens, and Richard took me Balkan dancing in 78 (still teens) to pump me for advice on how to get in good with my best friend - later I was the first publicist for FSF and he fired me for lack of orthodoxy. ;) But the modern hacker scene at Schmoo and such often bothered me. I consider myself to have this unfashionable moral compass. Arriving at Schmoo my first year with Tor a tall Raybanned dude sidled up to me and said, You're that little lady who's positioned Tor as a human rights tool, aren't you? I smiled and turned to chat with him (I'd been briefed about introductions) but he just chuckled deep in his throat and said, *Good one.* Then he turned and walked away. Describing this moment it's hard to portray its impact. I felt slapped, dissed, and like I wanted to shower. Like I had just been sexually violated (he had that vibe) in a way that I couldn't identify but everyone in the room knew. There are some amazing personalities in this community. But we are supposed to be all so so collegial. Like it is parliament, ikr? We do a better job of staying cordial than most houses of parliament, but then - what member of parliament is likely to do pentesting on a rival if he or she gets pissed? So perhaps someone will make a heartfelt appeal at CCC for ethical hacking. But there is less criticism of the darknet and moderate means of ameliorating harm to society by net jerks without slippery slopes. We nearly avoid education because we can't divide ethics from moralizing, we don't believe we can block asshats who want to bury conversations because someone will accuse us of suppressing unpopular speech... We have no confidence in wisdom or judgement in our community. We are so bought into operating without trust that we can not have a real community of trust. And so we lost our children - no wonder - to the people who offer unit cohesion and belonging. Criminals and LE and jerks. Not anarchists who can't engage their hearts over time. Or engaging their words and reputations where it might risk them looking like fools, or putting them at risk. But in the US, very few people other than myself criticize Anonymous for endangering naifs by not informing participants on consequences (while organizers fully protect themselves) or creating a co-optable shell, or ducking the definition of civil disobedience. The lack of connection to traditional activist methods in this ultimately weakens the strategy imo and dooms the movement. This strengthens anti-civil-libertarians at DHS and sets up the April cybersecurity week in the House with more fodder than it needs. Another example of a lost generation imo. yrs, Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] US State Dept Discourages Using Technology to Promote Democracy, Human Rights, and Citizen Engagement in Ukraine?
Evgeny got to them. ;) More seriously, does anyone have digital divide info - cultural and financial - on Ukraine? Tech is not the solution for all cultures. Beer is the correct solution for some. A thousand cups of tea for others. Maybe State knows something we don't? Like: --- INTERNET Ukraine suffers digital divide - study Tuesday 22 March 2011 | 15:40 CET | News There is still a significant difference in household internet access across Ukraine, according to a study by GfK Ukraine. Internet penetration was just 12 percent in rural areas in Q4 2010, reports BizLigaNet. The figure rises to 25 percent in towns with a population below 50,000 and 38 percent of households in cities with more than 500,000 residents. http://www.telecompaper.com/news/ukraine-suffers-digital-divide-study--793094 yrs, Shava Nerad shav...@gmail.com On Mar 21, 2013 3:04 PM, Yosem Companys compa...@stanford.edu wrote: Fostering Civic Engagement in Ukraine (approximately $500,000 available): DRL’s objective is to support the role of civil society in policy formation and enhancing accountability and responsiveness of government officials in Ukraine. The program will support civil society to foster an inclusive and participatory democratic system of government and hold politicians and public officials more accountable to constituents. In order to foster more unity among civil society efforts, the program should support post-election advocacy on areas of policy formation and implementation such as ongoing efforts related to elections and election law reform; freedom of assembly legislation; and/or reversing legislation restricting the rights of vulnerable or marginalized populations. The program should also examine how well existing laws are implemented and help civil society ensure that citizens can use official institutions and mechanisms to exercise their rights. Program activities could include, but are not limited to: support for activities to encourage debate and advocacy by citizens and civil society organizations, small grants to civil society for monitoring and/or advocacy activities, creating regional civil society partnerships to increase civil society unity on advocacy efforts, or connecting Ukrainian civil society with their counterparts in one or more countries in the region through NGO-to-NGO exchanges and mentoring in order to take advantage of shared post-communist and transition experiences. Successful proposals will demonstrate a strong knowledge of civil society in Ukraine and an established ability to work with regional civil society groups. DRL strongly discourages health, technology, or science- related projects unless they have an explicit component related to the requested program objectives listed above. http://www.state.gov/j/drl/p/206488.htm -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] liberation tech and Congress
On Wed, Mar 20, 2013 at 3:04 PM, Lorelei Kelly loreleike...@gmail.comwrote: Its not a lobbying effort, but a long term policy education effort. Lobbying: most generally, the right of the individual to petition Congress to redress grievances. In your case, larnin' them what they don't know and slowly steering the ship of state in the right direction. http://www.factcheck.org/2007/12/the-right-to-lobby/ What you are doing is lobbying according to the original definition of the term. You buttonhole them in the lobby and say, Mr Senator, did you know that your constituents really care that...? and go on from there. This is where the term came from. Petitioning your concerns to those in power to whom you have delegated your voice in the American republic. Please do not cede it to the NRA and the moneybag idiots who are trying to buy their way into power. The term has been sullied in the public eye and conflated with shenanigans, corruption, and bribery to the point when Lessig launched Change Congress at Berkman, I had to point out to him that he was using the term incorrectly in his keynote. He blushed -- actually was taken aback -- and accepted the correction. Ideally, part of the power of our medium is to subvert the power of simple money in influencing the power of the lobby. Of course, mileage has varied wildly -- the verdict is at best in flux. But language is powerful, and I still believe that educating people that the lobby is the domain of all of us. Not petitioning for the Death Star might help...sigh. I am not sure about this White House popularity referendum social media thing... But yes, please, what you are doing is proper, what I did in the 90s lobbying for digital divide issues was lobbying on a very small nonprofit dime, what a retiree does going to DC to talk to his or her delegation on social security or gay marriage for his grandson on a vacation is also lobbying And taking (back) words like gay, pagan, black, hacker, nerd, queer, geek, lobbying -- can be powerful. yrs, -- Shava Nerad shav...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Allout.org requires email address in anonymous LGBT survey
As a social engineer, one wonders about the agenda of an organization that calls itself all out doing this kind of BS so...coyly. What an unfortunate mistake on their part! Imagine if someone had set such a thing up as a honeypot. Indeed. Some people believe we should be all out...it would be better for all of us as queerfolk... I can see where such a mistake might make people uneasy. SN Shava Nerad shav...@gmail.com On Mar 19, 2013 4:54 PM, Uncle Zzzen unclezz...@gmail.com wrote: The latest news at https://aopriv.jottit.com/ is that allout.org have deleted the problematic survey. The interesting thing is that Andre Banks from AllOut says: I just heard about the potential security issue you wrote about below through an advisor who is on the LibTech list So thanks to whoever it was for explaining to AllOut how serious the problem was. This is a fine example of the importance of this list. Cheers, The Dod. On Tue, Mar 19, 2013 at 12:33 AM, Uncle Zzzen unclezz...@gmail.com wrote: AllOut.org, a large LGBT org, are asking their members to join an anonymous survey that asks for sensitive information, and an email address is one of the required fields. One of the members wrote them an email about it, got an unsatisfactory reply, mailed them again, no reply since. I've advised this person to put the whole email exchange etc. on a jottit page so that it's easier to spread via social media etc. It's at https://aopriv.jottit.com/ Any idea how to proceed from here? Thanks, The Dod -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] EFF: National Security Letters Are Unconstitutional, Federal Judge Rules
This also gives morale to the DHS professionals holding on by their fingernails until civil liberties are restored and they don't have to live in an environment of compromised ethics to maintain their careers while we outsiders effect reform. Rather like the diplomatic corps professionals under the Bush administration who had to just take a siege mentality - about their own people. PATRIOT has been in place for a decade now - it's a long time to try to stay sane in an organization where the young turks think this is how it's always been and is supposed to be. Yet there are professionals in every three letter agency trying to ve moderating influences...possibly kicking themselves for feeling a little more optimistic today. Heh... yrs, Shava Nerad shav...@gmail.com On Mar 16, 2013 1:31 AM, Griffin Boyce griffinbo...@gmail.com wrote: Ali-Reza Anghaie a...@packetknife.com wrote: These wins, even if not permanent, are very meaningful. Well done. Well done indeed. -Ali They also give a window in which more positive action can happen. Despite being very busy, I'm asking Twitter for a comment on the ruling. Whether or not they respond, I'm sending them a formal request for status of my accounts, and hope that others will follow suit. Tonight I told someone whose accounts have certainly been subject to NSL requests that this had been declared unconstitutional. I will never forget the look on their face This entire case has been extremely important and necessary for us to move forward. As activists, sure. But as a people also. These ridiculous legal maneuverings have been allowed to continue for far too long. It's a good day for everyone. ~Griffin -- What do you think Indians are supposed to look like? What's the real difference between an eagle feather fan and a pink necktie? Not much. ~Sherman Alexie PGP Key etc: https://www.noisebridge.net/wiki/User:Fontaine -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] My SXSW exposé in the Washington Post!
http://www.theonion.com/articles/sxsw-as-cool-and-as-real-as-it-gets-reports-market,31617/ The Onion scooped you. I think I saw this guy at Burning Man...;) Srsly, good job, but you know, Twitter had their coming out party there in 2007 at the first Interactive and I spoke there - most of the panels were on marketing or the game industry. But my ex-fiance performed at a steampunk benefit for EFF that made them a lot of money and probably a lot of new adherents they'd never have reached. I spoke at the seventh most popular panel of Interactive that year: Blogging Where Speech isn't Free - among stellar companions. The room was full and likely over half the people in that room flew to Texas on their company's marketing budgets. Perhaps for them this was renewal? There are different ways to look at it - waste, or opportunity, or a combination of these (keeps you sane and in perspective, I suspect ). Interactive is that new though - I don't think it's been a counterculture thing at root ever. How would you fund it? Foundation grants? That's slow... In this economy Austin is probably up against the wall funding their big party though. I'm not surprised they are dropping standards to trade-show tawdry. I suspect it's a survival compromise against maintaining scale. They are braced for flak if they are smart, and ready to sit it out. Ideally they will never become just a trade show, and stop democratically selecting panel topics and doing the other cool things SXSW/I rightly prides themselves on - but this kind of behavior could transform their voting demographic, h? The dangers of democracy. That would have been a nice point in the article. Yrs, Shava Nerad shav...@gmail.com On Mar 15, 2013 4:53 AM, Hamdan Azhar hamdan.az...@gmail.com wrote: This past weekend, I attended South by Southwest Interactive in Austin. I wrote an article exposing corporate dominance of the event and the conflict between that reality and the counter-culture aspirations of the event's attendees. It was published in The Washington Post! http://www.washingtonpost.com/blogs/innovations/post/sxsw-2013-this-revolution-is-brought-to-you-by/2013/03/11/b47dfa10-8a95-11e2-8d72-dc76641cb8d4_blog.html Enjoy :) Regards, Hamdan P.S. Follow me on Facebook https://www.facebook.com/hamdan.azhar and Twitter https://twitter.com/HamdanAzhar, even Instagram! -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Wickr: Can the Snapchat for Grown-Ups Save You From Spies?
What Andrew said. And anyone who glibly says that people's lives can rely on the privacy of their software like that is lying, naive, and/or stupid, to be blunt. We had releases in the wild of Tor we knew people were using (and may still be) that are out of date and we know are security compromised - and we have no way to reach every one of those people ever (nor would she even with registered users necessarily) to make them update, and it makes me weep. So every release you sweat because, if there's a security compromise, an exploit found, a bug somewhere (and hey even my archgeeks are only human ;) -- I mean, Roger Dingledine, Nick Mathewson and Andrew are angels. How many release engineers have to worry if they miss something, people could get hauled away from their families, tortured, and/or killed? It may not be the commonest case of some person using it for pedestrian daily privacy, but it is our critical case that we must model and plan for - and understand and empathize with - and it's thousands of activists, journalists, and so on. No glib yes answers please. If you aren't losing sleep you don't get it. Write social apps for suburbia, where you can lie or be naive or be stupid and it won't stand out. In the Zynga community of practice that seems to be normative at least - not that it's good for society either, but perhaps it's habit forming, sheep and shepherd. Don't do social app marketing to activists. Do risk assessment and education. Open your source, do not register your users (either they give you real PID which you can be forced to give up, or it's encouraging them to break TOS on probably a US email provider - which in any US service makes any activist a felon under the US law Aaron Swartz was accused under - this is my current area of research). Yrs, Shava Nerad shav...@gmail.com On Mar 5, 2013 1:48 PM, liberationt...@lewman.us wrote: On Tue, 5 Mar 2013 10:16:12 -0800 Yosem Companys compa...@stanford.edu wrote: The cautionary tale that many reference is the case of Hushmail, an encrypted mail service that used to claim that not even a Hushmail employee with access to our servers can read your encrypted email, since each message is uniquely encoded before it leaves your computer — words that echo Wickr's own proclamations. Sell tells Mashable that Wickr's architecture eliminates backdoors; if someone was to come to us with a subpoena, we have nothing to give them. They can, and will, be asked for envelope data. Since wickr requires you create an account, they know who is communicating with whom, when, how often, and how much data. They may even know the file names transferred, even if they don't know the contents. They get to learn your email address and your IP addresses. This alone lets them build a nice social network map of you. As it's running on a mobile phone, wickr can learn GPS location, cell tower, altitude and lots of other data provided by the phone itself (name, contacts, etc) if they want to do so. And as a final thought, they will get preservation requests for messages from law enforcement. Since you're storing content on their servers, even if you think you control how long, they can copy off the messages (also for backups) for law enforcement. -- Andrew http://tpo.is/contact pgp 0x6B4D6475 -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] POTUS Executive Order on Cybersecurity
On Wed, Feb 13, 2013 at 9:55 AM, Gregory Foster gfos...@entersection.orgwrote: Here's the President's Executive Order, embargoed last night until delivery of the SOTU: http://www.whitehouse.gov/the-**press-office/2013/02/12/** executive-order-improving-**critical-infrastructure-**cybersecurityhttp://www.whitehouse.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity Section 5 addresses Privacy and Civil Liberties Protections for the information that will be exchanged between critical infrastructure providers and the DHS/USG. Just to save y'all a bit of time: http://www.dhs.gov/about-office-civil-rights-and-civil-liberties https://www.facebook.com/CivilRightsAndCivilLiberties Officer for Civil Rights Civil Liberties (acting), Tamara Kessler http://www.dhs.gov/tamara-kessler (wellesley and harvard...oh my) She is Tamara Jaycox Kessler, for those wishing to google about... The right seems to despise the woman with a full and utter hate for her ideology and complicity in various chicanery, such as being a former member of the civil rights division of the DOJ and being assigned to investigate the New Black Panther Party. Apparently this is a blatant conflict of interest... I was just skimming... Still, as DHS appointees go, she could be much worse, from a surface reading. yrs, -- Shava Nerad shav...@gmail.com -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] POTUS Executive Order on Cybersecurity
On Wed, Feb 13, 2013 at 10:08 AM, Joseph Lorenzo Hall j...@cdt.org wrote: On Wed Feb 13 09:55:22 2013, Gregory Foster wrote: Here's the President's Executive Order, embargoed last night until delivery of the SOTU: http://www.whitehouse.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity Section 5 addresses Privacy and Civil Liberties Protections for the information that will be exchanged between critical infrastructure providers and the DHS/USG. One quibble: the EO is mostly about flows from govt. to private sector and since there is no immunity provided like under other legislative proposals, it seems reasonable that sharing in the other direction will be circumspect. Would love to hear other thoughts on this. Glad to see a section on privacy although we'll have to wait to see if that ends up meaning much. best, Joe Well, it has a provision for full disclosure in a report with a classified sidecar. *ahem* I mean, come on. *heh* -- Shava Nerad shav...@gmail.com -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] White House Petition - Deny Visas to Censors
On Tue, Jan 29, 2013 at 11:18 AM, Tye, John N ty...@state.gov wrote: Hi everyone, ** ** A petition on whitehouse.gov calls for the U.S. to deny visas to anyone working to advance internet censorship, e.g. the builders of the Great Firewall. So far it has 8796 signatures – and needs 91,204 by February 24 before the White House will respond. ** ** https://petitions.whitehouse.gov/petition/people-who-help-internet-censorship-builders-great-firewall-china-example-should-be-denied-entry-us/5bzJkjCL ** It would be interesting to see Cisco and others sweat this out as they are heavily invested in corporate nannyware, which is tantamount to the same thing when not integrated into it here and abroad. The net really doesn't distinguish these by national border, or corporate firewall, or high school or university firewall, or parental control. It's just how much you pay and attend to the care and feeding. So hmm... We put as much into and probably have far more revenue in this industry than the Chinese in our GDP in the US...how would State respond? yrs, -- Shava Nerad shav...@gmail.com -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] White House Petition - Deny Visas to Censors
On Sat, Feb 9, 2013 at 6:07 PM, Trevor Timm tre...@eff.org wrote: Also, I can't really think of a worse way people can advocate for free expression than banning people from this country with views that are different than theirs - no how repugnant those views are. There are better ways to restrict trade than limiting visa issues -- but I think the intent was to put the power of restricting this into the hands of the State Department who might be assumed by the originator to be more sympathetic than the Department of Commerce, say, or Congress. Although I can see that this would be a way to do a fiat end-run of that variety it's not right, for the reasons you mention. It opens us up to some nasty criticism that could do more damage in the end. The right thing to do, as painful as it is, is to educate the right parties as to why these things are not pragmatic in the long run for anyone to use, including state side, as mechanisms for control. And then push them back in the market here too. We regulate the marketplace when we find harmful products -- items that produce antidemocratic things or false information are among the things we restrict. False advertising, paying off voters, all sorts of things are regulated by law that have to do with information flow or restriction. If we want to get private company censorship profits on this list we need to form strategies to get it included in those categories, and figure out how to successfully and effectively get it past the assymetrical influence we would be countering in DC. yrs, -- Shava Nerad shav...@gmail.com -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Guidelines For Emergency Revolution Technology Deployment?
On Sun, Feb 10, 2013 at 12:39 AM, Threedev zerothree...@gmail.com wrote: Greetings LibTech: I was looking online for any information on what activists and individuals can do in regards to technology deployment if there was ever a sudden flareup in protests and mass chaos that could lead to clashes with governments, or a similar situation like that. I was a bit concerned about the lack of ideas or a guide that one could follow if something were to happen. For example, if Israel were to go crazy and attack the Gaza Strip again, would there be some sort of plan in place in which groups could send encrypted communications technology to Palestine quickly and efficiently? I don't know if something like this already exists, or if this is something that should be created, but I think something like this should be made and drawn up if something like this hasn't been done yet In addition to a plus on previous comments I have to say there's a tendency in activist circles for there to be thoughts on who you can rely on and who you know in a crisis that you can pull together with, as ad hoc as that is. Part of this is that any published emergency planning if there was ever a sudden flareup..to clashes with governments means that publishing specific deployment plans means that the governments are going to -- with asymmetric force and resources -- plan specifically against those particular plans. So the less resourced side, even when they are not a guerrilla force per se, has to be agile and be sure that their plans are fresh. This was true in non-violent campaigns with Gandhi and MLK and so on (I describe formal systemic non-violence in my organizing classes as a strategy for asymmetrical civil warfare aiming for social change that minimizes casualties and time to social reintegration on the cessation of hostilities...it tends to blow peoples' minds open...:). And plans were always leaking anyway, but only in real time. This is not really all that paranoid per se, it's just the same sort of dance that political campaigns and such go through. It's just that in this sort of situation it's a bit more critical -- more is at stake and there's more real risk than in most electoral situations in much of the US (there are still situations in the US -- or were until quite recently -- where electoral politics could end up with people in ditches, including journalists/bloggers). I remember making this point when I moved to North Carolina in the late 80s from Massachusetts. I got confronted by some folks there as having moved from that place with all them co-rupt politicians. I pointed out that the difference between North Carolina and Massachusetts is that if a reporter investigates corruption in Massachusetts, the politician goes to court and conceivably even goes to jail. In NC, often as not, the journalist comes to a bad end, whether it's the politician or the mill boss or whoever who puts him down. And they stopped bugging me, because...I was right. I tend to believe it gets a little better every year. The net helps and hurts. It makes some things more revealed and transparent and it throws up a lot of chaff. But when we publish plans here so that everyone can read them? *EVERYONE* reads them. yrs, -- Shava Nerad shav...@gmail.com -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Fwd: Don't endorse #biometric govt.
I'm not up to date on these issues, but it seemed like throwing this out for discussion here might be a great way to get some quality pointers to current resources on the fine points of the issue. Any links to share? Ms. Dean became aware of me through a post here being republished in another context. She's an independent activist in the Seattle area, and has asked me to look into these issues and I'd love to give her an informed opinion - it hasn't been central to my radar... Thanks! Shava Nerad shav...@gmail.com -- Forwarded message -- From: BeatTheChip beatthec...@gmail.com Date: Feb 6, 2013 2:33 PM Subject: Don't endorse #biometric govt. To: Shava Nerad shav...@gmail.com Cc: Shava, I need the help of people like you at social media projects. The twitter count functionality on my Thunderclap are not currently registering but there is support for the messaging, so you may not see your Tweet count added to the others. I went ahead and sponsored this action so there will be accountability adjustment in the structures at NIST. Please support this with a tweet and circulation to some of your friends who will understand. https://www.thunderclap.it/projects/1206 Best, Sheila Dean -- BeatTheChip.org 511Campaign.org Twitter: BeatTheChip **I am a United States citizen. My phone and electronic communications may be monitored by the NSA, the FBI, DHS and private contractors who will be held unaccountable for crimes against privacy according to illegal and unenforceable laws, FISA The Patriot Act. Due to the invasive and unconstitutional nature of these laws, I do not recognize the authority of the surveillants and will prosecute on stalking, habitual harassment if there is no legal grounds for reasonable suspicion of wrongdoing in my private conversations. Get a warrant.* -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Is the Cyberwar beginning?
Really there are layers going on here, aren't there? And in ways the governments have no interests in differentiating the levels of activity because each level ups civilian/legislative alert levels, and therefore budgets to meet the actual threat levels. Let me start a taxonomy, and y'all can argue it up and down. Harmless exploratory hacking - what machines can I get into and lok around, not leaving traces? Personal acts that may be perceived as stealing or disrupting business operations: - Non-violent selfless civil disobedient hacktivism (Posting an academic paper) - Pecuniary hacktivism (taking from BMG) - Vindictive hactivism (LOIC) Organizational sponsored hacking - non-violent selfless civil disobedient hacktivism (Tor Project) - pecuniary (malware - botnet rentals, hacking for identity/credit ca rd sale/rent,...) - vindictive (writing LOIC payloads, STUX, Chinese hacker type brigades) There are a couple categories here that are legitimate threats to someone, and several that are conflated into cyberwar threats by different governments or agencies within those governments according to context. Also, press will freely conflate others, and business press or spokespeople yet others, according to either their understanding or their propaganda (oh, excuse me, PR) interest. In any war, truth is the first casualty. As that is certainly the case here, yes, my friends, that is the archduke's corpse I just described outlined in chalk in the text above. The drums are thumping and the money is in the pipelines. The recruitment and training of special forces is accellerating all over the globe. You are looking at incidents, and that is the wrong place to look. Look at the build-up. There is a strategic back pressure of at least three really solid years and really five in inertia behind this, building funding and recuitment in the US. It's been a big focus of several beltway companies reinventing themselves for the future, oh joy. Gotta love the US military industrial complex. When heavy industry goes overseas, we figure out other ways to compete with the Chinese, amiright? Are there no other people here with military/strategic ties? (Andrew, Jake, haven't you seen this?) Shava Nerad shav...@gmail.com -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] nettime Response to Academe Is Complicit essay
For those interested, Cushing's site is docspopuli.org (one i) -- he misspells it in his sig -- I suspect that's not an attempt to withhold his work from the public! ;) SN On Wed, Jan 23, 2013 at 7:55 AM, Eugen Leitl eu...@leitl.org wrote: - Forwarded message from Lincoln Cushing lcush...@igc.org - From: Lincoln Cushing lcush...@igc.org Date: Tue, 22 Jan 2013 21:04:03 -0800 To: nettim...@mail.kein.org Subject: nettime Response to Academe Is Complicit essay Nettime colleagues: I was forwarded Timothy Burke's provocative piece through the Progressive Librarians Guild (I've been a member for over ten years). I'm replying with an adaptation of something I wrote following another essay examining Aaron Swartz's death. While Mr. Swartz's death was tragic, his persecution by the US Attorney General's office heavyhanded, and many of the information liberation positions he espoused noble, I was struck by the criticism in Burke's essay leveled at JSTOR. JSTOR has become a veritable punching bag of the Free Culture Movement. Noted professor Larry Lessig takes a whack at them in his video lecture appropriately titled What's wrong with JSTOR: http://www.uomatters.com/2011/07/larry-lessig-on-whats-wrong-with-jst or.html In it, he bushwhacks a scholar for explaining her empty office bookshelves by saying that Everything I needed is on the Internet now. Lessig's meanspirited point was that from the academic's perspective - namely working at an institution with well-endowed electronic journal site licenses - she was both privileged and correct. Alas, for the rest of us poor slobs in the real world her statement isn't true. Evil content aggregators like JSTOR have gobbled up all the good stuff. But wait - Lessig's argument only works within the narrow definition of online access. I'm certainly no fan of JSTOR. I, like all of you, have stumbled across tasty citations to works on Google, only to be zapped with the unwelcome news that I'd have to pay to see it. But JSTOR does provide a service. Their arrangements are not exclusive. You want to go to your local university library and scan an article from 1975? Go ahead, the free JSTOR citation tells you exactly what to look for. Sure, the original research may well have been paid for by public funds, but that does not mean that somehow it should magically appear for free on the Web. There are real costs to doing this work, and unless The State is willing to do it (and I would argue they should), corporations will step in. Public domain does not mean free access, just the potential for it. I'm sure there are other aspects of JSTOR that are problematic (apparently their executives each made over $250,000 in 2009, but I'm not paying their salary). I am hopeful that examinations of the circumstances surrounding the Swartz tragedy can lead to discussing and developing a clearer analysis of the real problems facing our field. For example, I see the insidious expansion of photo aggregators like Corbis and Getty One being much more dangerous than JSTOR. Those folks are truly buying up our culture, and it scares me. Burke raises the complicity of academe in the privatization of knowledge. I ask - what have any of us actually done to make information available to the public? Much of my own work as an activist archivist involves digitization of analog content and sharing it with the world. I shoot posters, which is not easy, and I've built and paid for a custom studio for doing that. I've helped mount thousands of social justice poster images on the Web. But I don't post high-resolution images. I, and the institutions I work with, feel that those images deserve some protection from corporate appropriation without compensation. Thanks you, Creative Commons. By withholding free access to the ultimate goody, the 60 megabyte image file, am I a traitor to the Free Culture Movement? I certainly hope not. Yours for democratic knowledge, Lincoln Cushing www.docspopuii.org Documents for the Public # distributed via nettime: no commercial use without permission # nettime is a moderated mailing list for net criticism, # collaborative text filtering and cultural politics of the nets # more info: http://mx.kein.org/mailman/listinfo/nettime-l # archive: http://www.nettime.org contact: nett...@kein.org - End forwarded message - -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Tragic News: Aaron Swartz commits suicide
This is what I understand of Aaron's action. First, to be clear, JSTOR settled with Aaron last summer. Aaron was trying to raise consciousness around their model. JSTOR does not pay out a penny to the author or the author's host institution. They do not pay royalties to the research funders - often the taxpayer, so maybe you and me. In other circumstances this would make the work public domain. The only money goes to the paper journal publisher. That is the firewall consortium JSTOR represents. That is the message Aaron meant to amplify with what he likely saw as political/ethical art performance civil disobedience. Personally I think if he had not been on federal radar for organizing SOPA/PIPA nothing more would have come from it as a Harvard-connected white academic of a certain status. But as it is, he faced seven figures in damages and three decades in hard time even after he settled with JSTOR. This is the way my family has observed activists attempted to be neutralized by the immune system of the federal government since Eugene Debs. I have three generations of witness. My instinct is that when you see resources expended out of proportion, look for the proportionate end. Aaron was not being chilled for his potential in copying files, I suspect. He just handed them something for which he could be charged. We can't let it go without response just because it is classic and chronic. I am organizing a vigil at 1 Courthouse in Boston 2pm Tuesday, probably small, and we'll follow on from that at MIT. Federal Prosecutor Ortiz does not seem like a monster in general, and there is hope for some good nonviolent ends out of this. Feedback welcome. Yrs, -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Tragic News: Aaron Swartz commits suicide
I was thinking the MIT meeting would be an evening sometime later in the week, but I wanted to see who showed up Tuesday, and if I could get a small committee together so maybe a later announcement? I wanted to see if I could get an MIT person who could schedule a room. yrs, SN On Sun, Jan 13, 2013 at 11:34 AM, Sheila Parks sheilaruthpa...@comcast.netwrote: Thank you, Shava, for organizing a vigil. I work on Mon and Tues When do you think you will do the one at MIT or wiil that be right after the Courthouse one on Tuesday? And thank you to all of you for discussing this tragedy I don't often comment on this list but I am so glad to be here for this discussion I do blame MIT and the US Attorneys Sheila At 11:23 AM 1/13/2013, you wrote: This is what I understand of Aaron's action. First, to be clear, JSTOR settled with Aaron last summer. Aaron was trying to raise consciousness around their model. JSTOR does not pay out a penny to the author or the author's host institution. They do not pay royalties to the research funders - often the taxpayer, so maybe you and me. In other circumstances this would make the work public domain. The only money goes to the paper journal publisher. That is the firewall consortium JSTOR represents. That is the message Aaron meant to amplify with what he likely saw as political/ethical art performance civil disobedience. Personally I think if he had not been on federal radar for organizing SOPA/PIPA nothing more would have come from it as a Harvard-connected white academic of a certain status. But as it is, he faced seven figures in damages and three decades in hard time even after he settled with JSTOR. This is the way my family has observed activists attempted to be neutralized by the immune system of the federal government since Eugene Debs. I have three generations of witness. My instinct is that when you see resources expended out of proportion, look for the proportionate end. Aaron was not being chilled for his potential in copying files, I suspect. He just handed them something for which he could be charged. We can't let it go without response just because it is classic and chronic. I am organizing a vigil at 1 Courthouse in Boston 2pm Tuesday, probably small, and we'll follow on from that at MIT. Federal Prosecutor Ortiz does not seem like a monster in general, and there is hope for some good nonviolent ends out of this. Feedback welcome. Yrs, -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech Sheila Parks, Ed.D. Founder Center for Hand-Counted Paper Ballots Watertown, MA 02472 617 744 6020 DEMOCRACY IN OUR HANDS www.handcountedpaperballots.**org http://www.handcountedpaperballots.org sheila@**handcountedpaperballots.org she...@handcountedpaperballots.org -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Tragic News: Aaron Swartz commits suicide
in no way lessens the evil of unconstrained use of state power to silence voices of dissent... The Banality of Evil quote applies well here...as giant organizations, be they government, corporate or church, do unspeakable harm through the blandest of bureaucrats, the most pious of bishops and the most reasonable of prosecutors. We would do well when looking at the likes of Ortiz to always hold separate intent from presentation... Case On Sun, Jan 13, 2013 at 10:41 AM, Case Black casebl...@gmail.com wrote: Federal Prosecutor Ortiz does not seem like a monster in general...of course not, neither did Adolf Eichmann. This is the face of the Banality of Evil for the modern era! On Sun, Jan 13, 2013 at 10:23 AM, Shava Nerad shav...@gmail.com wrote: Federal Prosecutor Ortiz -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Tragic News: Aaron Swartz commits suicide
A lot of what I am writing on this topic is on my google+. You don't have to be a google subscriber. Just go to plus.google.com and search for my name, and you'll find my stuff. SN On Sun, Jan 13, 2013 at 2:45 PM, Sheila Parks sheilaruthpa...@comcast.netwrote: Thanks, Shava I will keep on watching for your posts I am reading this list now at any rate, so should see it easily Sheila At 02:21 PM 1/13/2013, you wrote: I was thinking the MIT meeting would be an evening sometime later in the week, but I wanted to see who showed up Tuesday, and if I could get a small committee together so maybe a later announcement? I wanted to see if I could get an MIT person who could schedule a room. yrs, SN On Sun, Jan 13, 2013 at 11:34 AM, Sheila Parks sheilaruthpa...@comcast.net wrote: Thank you, Shava, for organizing a vigil. I work on Mon and Tues When do you think you will do the one at MIT or wiil that be right after the Courthouse one on Tuesday? And thank you to all of you for discussing this tragedy I don't often comment on this list but I am so glad to be here for this discussion I do blame MIT and the US Attorneys Sheila At 11:23 AM 1/13/2013, you wrote: This is what I understand of Aaron's action. First, to be clear, JSTOR settled with Aaron last summer. Aaron was trying to raise consciousness around their model. JSTOR does not pay out a penny to the author or the author's host institution. They do not pay royalties to the research funders - often the taxpayer, so maybe you and me. In other circumstances this would make the work public domain. The only money goes to the paper journal publisher. That is the firewall consortium JSTOR represents. That is the message Aaron meant to amplify with what he likely saw as political/ethical art performance civil disobedience. Personally I think if he had not been on federal radar for organizing SOPA/PIPA nothing more would have come from it as a Harvard-connected white academic of a certain status. But as it is, he faced seven figures in damages and three decades in hard time even after he settled with JSTOR. This is the way my family has observed activists attempted to be neutralized by the immune system of the federal government since Eugene Debs. I have three generations of witness. My instinct is that when you see resources expended out of proportion, look for the proportionate end. Aaron was not being chilled for his potential in copying files, I suspect. He just handed them something for which he could be charged. We can't let it go without response just because it is classic and chronic. I am organizing a vigil at 1 Courthouse in Boston 2pm Tuesday, probably small, and we'll follow on from that at MIT. Federal Prosecutor Ortiz does not seem like a monster in general, and there is hope for some good nonviolent ends out of this. Feedback welcome. Yrs, -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech Sheila Parks, Ed.D. Founder Center for Hand-Counted Paper Ballots Watertown, MA 02472 617 744 6020 DEMOCRACY IN OUR HANDS www.handcountedpaperballots.org she...@handcountedpaperballots.org -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech ** ** Sheila Parks, Ed.D. Founder Center for Hand-Counted Paper Ballots Watertown, MA 02472 617 744 6020 DEMOCRACY IN OUR HANDS www.handcountedpaperballots.org she...@handcountedpaperballots.org -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Shava Nerad shav...@gmail.com -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Tragic News: Aaron Swartz commits suicide
Irony: http://mobile.theverge.com/2013/1/9/3857628/jstor-opens-up-limited-free-access-to-its-digital-library I can't even think about this, what a loss to our community, what a light guttered out so young! Shava On Jan 12, 2013 3:36 AM, Yosem Companys compa...@stanford.edu wrote: This is a tragic loss and a terrible blow to the liberationtech community. Yosem http://tech.mit.edu/V132/N61/swartz.html Aaron Swartz commits suicide Web Update By Anne Cai NEWS EDITOR; UPDATED AT 2:15 A.M. 1/12/13 Computer activist Aaron H. Swartz committed suicide in New York City yesterday, Jan. 11, according to his uncle, Michael Wolf, in a comment to The Tech. Swartz was 26. “The tragic and heartbreaking information you received is, regrettably, true,” confirmed Swartz’ attorney, Elliot R. Peters of Kecker and Van Nest, in an email to The Tech. Swartz was indicted in July 2011 by a federal grand jury for allegedly mass downloading documents from the JSTOR online journal archive with the intent to distribute them. He subsequently moved to Brooklyn, New York, where he then worked for Avaaz Foundation, a nonprofit “global web movement to bring people-powered politics to decision-making everywhere.” Swartz appeared in court on Sept. 24, 2012 and pleaded not guilty. The accomplished Swartz co-authored the now widely-used RSS 1.0 specification at age 14, was one of the three co-owners of the popular social news site Reddit, and completed a fellowship at Harvard’s Ethics Center Lab on Institutional Corruption. In 2010, he founded DemandProgress.org, a “campaign against the Internet censorship bills SOPA/PIPA.” -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Sharing children's lives online?
Consider also the childrens' emergency procedures. Any future conflict that might leave an ex in the position to want to social engineer around a child's trust, and the school's requirements for emergency release procedures is likely (a lot of it) in that blog. I did much the same data gathering with a G+ profile and open sources of a Google exec during the hot phase of the nymwars, proving that real name policies present real harm (particularly when company execs violate company policy and make their kids secret Google accts, but that's another story). I published none of the data I discovered except to a VP involved in G+ who was urged to get his coworker to tighten procedures. dusts her mostly white hat We generally operate in the US on a boolean oscillation with children's safety. We operate in denial assuming that it's better for them to live in paradise intact (which is a romantic lie - no school child lives in paradise if they have to share it with age-peers) until injury, sexual abuse, abduction, substance, running with scissors - or baad things on th net rears up; at which point the world is all one mass shooting, and no child is safe and all liberty is on the chopping block. Between the first and second condition, if you protesteth too much you are suspect - far more than the behavior you are trying to call into review. Tant pis... We could stand more thoughtful dialogue. SN -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] my geek manifesto for 2013
On Jan 2, 2013 5:12 AM, André Rebentisch tabe...@gmail.com wrote: Am 02.01.2013 08:54, schrieb Shava Nerad: Reasons people told you you never should try, you'd never have access to power. Reasons that power as currently exercised never seemed attractive. Mostly falsified. No arguments. Although a lot of it I find is an aversion to sausagemaking, if you know the idiom. Also, I remember a conversation with a friend in Oregon at a science fiction convention years ago. I was working on the Dean campaign and some friends were reacting as though I had plague, even though my online activity had always been very political (but non-profit/NGO). I was saying to him, Here is a collection of brilliant systems thinking socialized geeks who love nothing b better than to try to out-think world-building history simulations that can span thousands of pages over decades, but they won't take up the reins of their own democracy. Wtf? Don't they see their own potential? And my friend, a grizzled disabled Vietnam vet, averred that *that* was precisely why most of the brightest ones didn't get involved - because they were afraid they might change *everything* and then they'd be stuck like me the rest of their lives, seeing what they could do. Wise guy. Although, my experience has been, most people can always find a sufficient reason to become disenchanted and fall away. Slack seems stronger by far than engagement. Overcoming the sickness unto death - slack, despair, apathy, internal strife and miscommunication in organizing - now if we could code against *that* we would be unstoppable. I know how to catalyze systems thinking in a few hours. How to teach a teenager how to plan a social action project with a sustainable team in 15h or less (with a pretty good record of success in long-term leadership development among students). But I can't set kids up to navigate every manifestation of the inevitable entropy social change projects experience from within -- personally from burnout, from group dynamics, from the many forms of outside pressures. Drama llama - loss of comfort zone - not a hobby any more. Perseverance isn't big in an attention economy. How do we code it in? Support ourselves and each other, while maintaining reasonable effective discipline and efficiency? Organizing has traditionally been closed source tech - handed down from teacher to protege, apostolic succession. Partly it's because organizers are in perpetual motion. They rarely slow down to write. Much of technique is a living document - volatile, as old techniques become stale or develop countermeasures, or new media emerge. But a lot is simply partisanship: if I document my tips and techniques, my opposition can not only use the same but develop strategies against me. Never mind that it's likely that it's in the public interest in a democracy that all these strategies be fully transparent and available to all for use and as media crit. Perhaps a first step toward a LARP culture for civic engagement is publishing the rulebook - or a better architectural framework for the community to contribute, build, and refine the rulebook for the biggest LARP in the world? SN -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] fossjobs - first job platform exclusively for FOSS jobs
parted on is one of the F|OS differentiations. And you can easily crystallize those differentiations in rms (Richard Stallman) and esr (Eric S. Raymond). Eric S. Raymond, who wrote *The Cathedral and the Bazaar* fifteen years after rms fired me, espoused a lot of the same basic notions as I had. And Eric just kind of ran with it, partly due to being a stubborn SOB in parallel ways to rms being a stubborn SOB, and as revolutionary genius types often are. (Although a very different flavor and ilk IMO -- Eric is not as God-touched code-Dali cthonic brilliant and monastic mad monkish as rms, but he's damned good at what he does, and manages to be a completely different sort of PITA who makes himself too useful to be ignored! :) Where I truly believe that Stallman lives in the world of Platonic ideals (maybe in that cave...?), Eric is a bit more pragmatic and flinty as hell, and I think just got sick of the cult and politics around GNU/Linux development at the time, and decided to be a heat sink specifically to differentiate some of the ideas into factions because Stallman's ideas are ideological in one particular direction. Eric dug in heels, but didn't really think he was doing what he got set up as. It's just that, not many people have enough asbestos to do what he did. I mean, I walked, I own that. There wasn't a loyal opposition to rally at the time. Eric kind of became a rally point, from what I can see. What he said! Where Stallman's idea of free software is, as many ideological sets are, a philosophy that tends to not flourish until a revolution should occur to plow new ground (Come the revolution!), open source is more inclusive and co-exists side by side with proprietary software. Free software would be a perfect system in a world where IP laws were abolished and people shared freely -- it is an idealistic system (and really beautiful, sort of the Erewhon of software) if you hear Richard talk about his vision of it, revolutionary in origin, radical, like any perfect community property/communistic/commons sort of schema. It requires a pre-existing community of integrity and common values to function perfectly. Happily, as it's evolved (revolution often capitulated to evolution!) it doesn't have to function perfectly, and it's been modified and been introduced to lawyers and balkanization and elaboration that allows it to interface with the real world so we can enjoy it on a pragmatic basis...;) IMNSHO. The funny thing is... I've known Eric Raymond *too* since we were in our late teens, haunting the FSF cons on the US eastern seaboard. Both he and rms in completely separate contexts use to hang out with me and my best friend from college; they both had terrific crushes on her (geez, she was always the one they fell for hard...), but neither Eric nor Richard knew the other at the time. My friend and I would go dancing with Richard. We called Eric Eric Goat-boy or Eric the Flute, and he would play his flute for us to dance like little teenage Roma girls in the halls of cons in flounced skirts and poet shirts, our shoes and packs in a jumble. Fandom, Unix, cons. Waterfalls. Personality politics. Technology Friendships. Liberation! Thirty-five years... Heh. If I can't dance... yrs, -- Shava Nerad shav...@gmail.com -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
