[163432] in North American Network Operators' Group
Re: PRISM: NSA/FBI Internet data mining project
daemon@ATHENA.MIT.EDU (Owen DeLong)
Fri Jun 7 21:25:24 2013
From: Owen DeLong <owen@delong.com>
In-Reply-To: <20130607154207.GF8319@dan.olp.net>
Date: Fri, 7 Jun 2013 18:20:28 -0700
To: Dan White <dwhite@olp.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Dan,
While the government has no responsibility to protect my data, they do =
have a responsibility to respect my privacy. While you are correct in =
that proper personal security procedures to protect my data from random =
crackers would, in fact, also protect it from the government, that's a =
far cry from what is at issue here.
The question here is whether or not it should be considered legitimate =
for the US Government to completely ignore the fourth and fifth =
amendments to the constitution and build out unprecedented surveillance =
capabilities capturing vast amounts of data without direct probable =
cause for that snooping.
I'm not so much concerned about them gaining access to data I don't want =
them to access. I am far more disturbed by the trend which reflects a =
government which increasingly considers itself unrestrained by the laws =
it is in place to support and implement.
Owen
On Jun 7, 2013, at 8:42 AM, Dan White <dwhite@olp.net> wrote:
> On 06/07/13 11:11 -0400, Rob McEwen wrote:
>> On 6/7/2013 9:50 AM, Dan White wrote:
>>> OpenPGP and other end-to-end protocols protect against all nefarious
>>> actors, including state entities. I'll admit my first reaction =
yesterday
>>> after hearing this news was - so what? Network security by its =
nature
>>> presumes that an insecure channel is going to be attacked and
>>> compromised. The 4th Amendment is a layer-8 solution to a problem =
that
>>> is better solved lower in the stack.
>>=20
>> That is JUST like saying...
>>=20
>> || now that the police can freely bust your door down and raid your
>> house in a "fishing expedition", without a search warrant, without =
court
>> order, and without "probable cause"... the solution is for you to =
get a
>> stronger metal door and hide all your stuff better.||
>=20
> Hiding stuff better is generally good security practice, particularly =
in
> the absence of a search warrant. How effective those practices are is
> really what's important.
>=20
> =46rom a data standpoint, those security procedures can be highly
> effective, even against law enforcement. But it's not law enforcement =
that
> I worry about the most (understandably, you may have a differing =
opinion);
> It's the random anonymous cracker who isn't beholden to any =
international
> laws or courts. I design my personal security procedures for him.
>=20
> That's why I don't, say, send passwords in emails. I don't trust state
> entities to protect the transmission of that data. I don't wish to =
place
> that burden on them.
>=20
>> You're basically saying that it is OK for governments to defy their
>> constitutions and trample over EVERYONE's rights, and that is OK =
since a
>> TINY PERCENTAGE of experts will have exotic means to evade such
>> trampling. But to hell with everyone else. They'll just have to =
become
>> good little subjects to the State. If grandma can't do PGP, then she
>> deserves it, right?
>=20
> I believe it's your responsibility to protect your own data, not the
> government's, and certainly not Facebook's.
>=20
>> Yet... many people DIED to initiate/preserve/codify such human =
rights...
>> but I guess others just give them away freely. What a shame. =
Ironically,
>> many who think this is no big deal have themselves benefited =
immensely
>> from centuries of freedom and prosperity that resulted from "rule of
>> law" and the U.S. Constitution/Bill of Rights.
>=20
> Freedom is very important to me, as well as the laws that are in place =
to
> protect them.
>=20
> --=20
> Dan White
