Follow Slashdot stories on Twitter


Forgot your password?
Privacy Electronic Frontier Foundation Government The Internet United States Your Rights Online Politics

3 Reasons To Hate Mass Surveillance; 3 Ways To Fight It 120

This site's "Your Rights Online" section, sadly, has never suffered for material. The revelations we've seen over the last year-and-change, though, of widespread spying on U.S. citizens, government spying in the E.U. on international conferences, the UK's use of malware against citizens, and the use of modern technology to oppress government protesters in the middle east and elsewhere shows how persistent it is. It's been a banner year on that front, and the banner says "You are being spied on, online and off." A broad coalition of organizations is calling today "The Day We Fight Back" against the growing culture of heads-they-win, tails-you-lose surveillance, but all involved know this is not a one-day struggle. (Read more, below.)

1) Because the Internet is nearly everywhere, it means the spying it makes possible has spread to match its footprint. 30 years ago, "on the internet" really was novel, because the public Internet simply wasn't. There were a few big military and academic sites around the world, and the concepts that make today's internet work were already embodied in running systems, but there was little reason for individuals to care about privacy invasion, or having their systems crippled by government malware, because their systems and their privacy weren't at issue. There wasn't a World Wide Web as a portal to nearly every resource online, no "Cloud," and no Blue Coat. Now, not only can individuals get on the internet, but the meaning of that phrase has moved, fast, over the last decade: now, getting on the internet is just a fact of modern life, a banal, automated background fact of the way we stay in touch with friends, deal with bills, find entertainment, get directions, and work. Online surveillance of all the signals we emit and receive (over home internet links, over cellular networks, on landline telephones, even on postcards) might be minimized and waved away as the collection of "mere" metadata, but in reality, if you're reading these words online, and even if you're doing your best to read them anonymously, it means you've almost certainly got a collection of data about you online already.

2) Because "online surveillance" is a slippery slope, and it will only get slipperier. Remember the Clipper chip's hardware-based encryption escrow scheme? Who and how often you email, chat with online, or call on the phone is the tip of the iceberg. Robert Bork didn't like having his video watching habits spied on, and that was before Netflix and competitors made the sorting and stacking of movie-watching habits not only possible but an never-ending exercise in deep data analysis. Maybe you don't care in particular about what the NSA, FBI, or anyone else thinks of your taste in entertainment, but you might prefer them to stay out not only of the information revealed by your current online activity, but also out of whatever things are revealed by future developments. Right now, a relatively small part of the online population uses crypto-currency like Bitcoin; a decade from now, it seems likely to be even more widespread than Netflix is today. Do you want your transactions to be public record, or even public-servant record? Beyond that, the era of ubiquitous, automated surveillance doesn't need you to mail an angry letter, or declare allegiance to an unpopular cause online: Just walking around means sooner rather than later you're likely to be captured on camera.

Access to your medical records almost certainly will be online, too, even more than it already is. Online and offline lives will only get blurrier: Your GPS (and increasingly, that means your phone, too) knows where you've been, and your should-be-private Google Maps page knows where you might have considered going. (Couple that with the cavalier attitude that dominates rules about data that you carry in your phone, laptop or USB data sticks, if you cross, or even come near, the U.S. border.) Think about the meta-data (or what the government might characterize that way) that your reading and viewing habits, your prescription medicine needs, your airline tickets, and your Amazon wishlist could reveal, and whether you'd want everyone's digital dossier to be up for ad-hoc scrutiny in 10 years any more than it already is. You don't want the equivalent of the TSA viewing rooms (for your own good, of course) attached to every stream of online communication.

3) Because you're paying for it. How much you're paying is hard to say, because of black budgets, overlapping programs, and the sheer number of systems that are or could be used to make widespread surveillance the new normal, but the mystery price tag starts out high. If you're an American, or an EU citizen, at least you can be grateful that you're likely only being spied on, rather than actively harmed in other ways; in other countries, the outcome can be far grimmer. How much do you want to pay to build an infrastructure for constantly surveilling yourself, your friends, and your family? Especially one that fails so miserably at even its stated aims?


The good news is, while you can't stop the entire octopus, you're not required to be a full-time victim of online surveillance or the offline surveillance that it seems to normalize. Instead, you can take some simple steps that at least fog the glass a bit. Readers will no doubt suggest better technologies and practices, but here's a short list to start with:

1) Encryption, more often and in more contexts. Encrypted hard drives are now easy to buy off the shelf, or to implement with software per-user. Use encryption when it makes sense, for documents, emails, file systems, or browsing; the more you do, the more normal this becomes — if it's perfectly normal to carry data encrypted, no matter how innocuous, it's hard for merely possessing encrypted data to be vilified. TrueCrypt might not be impregnable, but neither are the opaque envelopes you might put in a physical mailbox: making it harder to spy on you even in small ways beats indifference. Good news: not every layer of security takes much effort for you to take advantage of: Mozilla's move to HTTPS Everywhere is an example, as is the option that many OSes are embracing to offer the user full-disk or per-directory encryption.

2) Avoid standing in front of the biggest targets. If you don't yet, use an operating system like Linux or one of the modern BSDs, at least part of the time. The SCADA vulnerabilities exploited to cripple a key part of Iran's nuclear program exploited a well-known hole in a widespread operating system, and the same can be said of many attacks blandly characterized as "Advanced Persistent Threats." Even a cheap, adjunct laptop running an up-to-date Linux or OpenBSD could make you safer for some tasks online; cheaper yet, you can run an entire Linux system from a USB drive, and yank it when you're through. That doesn't stop a mid-stream listener (which is a very hard problem), but a compartmentalized system like that means you can do your online banking or anything else and be less vulnerable to common malware. (Besides, it's fun!)

3) Tell companies, politicians (for instance, by voting for or against), and the people around you, that you object to being spied on. You can't prevent malicious individuals, governments, (or Google, or Yelp, or your Facebook friends) from looking at some of the data that you emit; you might feel perfectly satisfied with lots of the transactions you take part in freely. But you can minimize the worst consequences by being mindful of what you do or don't mind putting out there, and spreading the word when you find abuses of trust that compromise your privacy.

Online spying didn't pop into existence with Edward Snowden's revelations about mass data gathering by the NSA on U.S. citizens. For Americans, having our communications tapped by government agents (even if by a government that has remained far more benign than have many others) extends as long as the history of the country; likewise for Europeans and others all over the world. It's much easier, now, though, for those agents to put an ear to your wall or an eye on your correspondence than it's ever been before. For those in many countries, taking practical steps to reduce your exposure is a sensible move for more than just aesthetic or philosophical reasons, though, and luckily the range of options for preserving privacy and private communications have advanced right along with the growth of the technologies that threaten them.
This discussion has been archived. No new comments can be posted.

3 Reasons To Hate Mass Surveillance; 3 Ways To Fight It

Comments Filter:
  • TMN (Score:5, Interesting)

    by Anonymous Coward on Tuesday February 11, 2014 @09:19AM (#46216775)

    I'm running the firefox plugin TrackMeNot which periodically runs random google queries with keywords like: "building bombs", "terrorist attacks", "nitroglycerine" ...

    • by tom229 ( 1640685 )
      Wouldn't that be more likely to get you tracked? Right now most people's data is probably just available, not reviewed. You start trending with search terms like that and you might end up on a list.
    • Could rename that the Michael Hastings plugin, some words can get you killed. []

    • It worked in the 1960's, but it is unlikely to work now.

      They can detect the "random" activity, and isolate it. You are not making the right fog, and they have ways to see through it.

      A better way would be some protocol that works like bitcoins to share someone elses anonymized queries, and makes you look exactly like them for a little while, then switches it up. They might "poison the well" but if even a medium sample of people is using the method, it will make a fog that makes automated clustering and cla

      • Re:TMN (Score:4, Interesting)

        by psithurism ( 1642461 ) on Tuesday February 11, 2014 @05:51PM (#46222581)

        They can detect the "random" activity, and isolate it

        Theoretically, but in reality, anything that looks too suspicious has to be investigated. Otherwise, if someone who actually wanted to build a bomb knew that fake data was discarded, they just run 10,000 random queries in the exact same manor as the few real ones they need and easily hide their intent. Or consider after a terrorism indecent, the report on why some beyond-obvious activity wasn't caught, "Well, they looked too much like terrorists, like they were some caricature perpetrated by someone trying to troll us so we ignored it."

        Also, I know for a fact that once you check so many boxes, They have to come do an investigation. My random e-mailer pissed off the secret service right after 9-11*. Though in that case, my service provider passed on the unusual activity when they noticed I got their domain blacklisted by Yahoo for spam email; I wasn't caught by NSA spying.

        The question you would be asking anywhere but slashdot would be: "why did you do that?" And the answer would be: in a course I was taking at college, internet monitoring came up, and I single handedly argued against the whole class and teacher that They would not show up for a few emails with the word bomb. So I went home to prove the class wrong and maybe the class was kinda right.

        Your idea sounds really cool, kinda like what TOR does but more-so. I just wanted to point out that random activity does get noticed. Your welcome to try your own experiments though!

        • Nothing is random. Humans are crap at random. Makes me wonder why we think we are intelligent. We are good clocks - that makes our thought mechanistic.

          We are consistent. So the "get someone elses version of normal and play it yourself" is really a good way to hide. When tested against computers which make okay random, or some advanced/expensive stuff that makes actual random this approach makes us look nearly exactly like a real human.

          Instead of looking like a needle in a haystack - and needles look no

  • certain groups which are used to be under constant surveillance are going to become the future's subject matter experts on the subject.

    • Minorities and poor people?

      • organized crime groups

        • Based on some evidence the big dogs of old school organized crime
          decided instead of fighting the government they could puppeteer the
          government and that has been going on for decades in multiple nations
          that "falsely believe that they are free".

          Watch the film "Hacking Democracy"

          None are so hopelessly enslaved, as those who falsely believe they are free. The truth has been kept from the depth of their minds by masters who rule them with lies. They feed them on falsehoods till wrong looks like right in their ey

    • by gmuslera ( 3436 )
      Don't worry. The confirmation bias [] will make sure that you will become an expert too.
  • HTTPS Everywhere (Score:5, Interesting)

    by DrXym ( 126579 ) on Tuesday February 11, 2014 @09:35AM (#46216843)
    I think this is one add-on that Mozilla should incorporate, or at least heavily promote to encourage people to use it.

    And develop a long term strategy to put crypto in all comms - e.g. use response headers from servers to push requests over to https where they are supported. Better yet produce an https+ which allows sites to use unsigned keys, CA signed keys, or even web of trust signed keys and present that info to the user in a meaningful way. Get rid of the CA tax and there would be far less reason for sites to use plain http any more.

    • Re:HTTPS Everywhere (Score:4, Interesting)

      by WaywardGeek ( 1480513 ) on Tuesday February 11, 2014 @10:32AM (#46217271) Journal

      The crypto weenies over on seem to think HTTPS is currently a badly broken security layer that gives users a false sense of security. There are a number of suggested fixes, however.

      My own pet peeve is that we don't even protect our passwords properly. My ssh id_rsa password protection is a joke: literally a single round of MD5 by default. My TrueCrypt password is protected a bit better, but with custom ASICs, a thousand rounds or so of SHA-256 runs so fast it's not even a significant part of the password guessing latency. I got so POed over this issue ,that I've submitted my own password hashing entry in the Password Hashing Competition []. Fortunately, there are guys way smarter than me working on this specific problem, and in a couple of years we should have a far better password protection solution. In the meantime, someone should do friendly forks of TrueCrypt and OpenSSL and incorporate Scrypt as the default password hash for user-land encryption (as opposed to servers that may have to run thousands of hashes per second).

      The advice to use more encryption seems sounds, but most of us geeks here on slashdot don't even know how weak our own password security really is.

  • by rmdingler ( 1955220 ) on Tuesday February 11, 2014 @09:43AM (#46216885) Journal
    These are all great ideas. This advice will and should be met with interest, applause, and even implementation.

    This just isn't news for the folks who read here regularly.

    Reaching Joe Six Pack is what this comes down to, and the cynic in me says that ship has already sailed.

    • by CanHasDIY ( 1672858 ) on Tuesday February 11, 2014 @11:09AM (#46217627) Homepage Journal

      Reaching Joe Six Pack is what this comes down to, and the cynic in me says that ship has already sailed.

      The trick is to word your platform in such a way that Joe Six Pack has an immediate and extreme emotional reaction, which will cause him to demand knee-jerk legislation to address the issue.

      At least, that's how politicians manipulate people into supporting causes; high time we fight fire with fire.

      • You mean "The government follows your every step, it is getting worse than the commies ever were" doesn't work anymore? Because that's pretty much the message of today.

        • You mean "The government follows your every step, it is getting worse than the commies ever were" doesn't work anymore? Because that's pretty much the message of today.

          Considering the average American thinks commies just get free hand outs from the government, I don't think that works anymore.

      • Well problem with trying to solve it via the government is they are the problem.

        Its a bit like asking the fox to fix the hen house.

    • by Anonymous Coward on Tuesday February 11, 2014 @11:28AM (#46217783)

      Joe Six Pack, who is most of the nation, doesn't care. He doesn't care if the government is listening to his phone calls or spying on his email because it doesn't affect his ability to put food on the table or a roof over his head or provide for his kids or pay for his car to get to work or pay his bills in retirement. Joe Six Pack thinks government collection of "metadata" is over his head and doesn't give two shits about it.

      Joe Six Pack believes in having his gun. Let the government listen to his phone calls, but if he tries to take away his ability to defend himself, they should plan for return fire. Joe Six Pack believes in low taxes and less government intrusion, because the government sucks at just about everything.

      Joe Six Pack believes in tangible threats to his person, his family, and his ability to make something for himself. Government surveillance of his phone call to check up on his mom is not tangible. This is an issue for the minority of tech people trying to do things under the government radar; it doesn't concern Joe Six Pack.

      At some point Slashdot readers need to realize that in the standard distribution of American citizens and their values, Slashdot readers are not the median. They are the left tail end. The median folks don't care much about the values that you all think are universal, and as proponents of those values most Slashdot readers do a pretty poor job of communicating to the median of folks and convincing them of the importance of these issues.

      • by Anonymous Coward

        Joe Six Pack believes in having his gun.

        Yeah, isn't it funny how some people pretend to care about the constitution and rights, but actually only care about the 2nd amendment? Isn't it funny how people can be so profoundly ignorant as to believe that mass government surveillance is unimportant or even acceptable?

        "The government is 100% incompetent and often malicious, but hey, why not let them spy on my communications? What could go wrong!?"

        • Re: (Score:2, Interesting)

          by Anonymous Coward

          Joe Six Pack believes in having his gun.

          Yeah, isn't it funny how some people pretend to care about the constitution and rights, but actually only care about the 2nd amendment? Isn't it funny how people can be so profoundly ignorant as to believe that mass government surveillance is unimportant or even acceptable?

          "The government is 100% incompetent and often malicious, but hey, why not let them spy on my communications? What could go wrong!?"

          I find it funny people think the other way. Gun rights are a Constitutional right; clearly defined. Collection of meta-data on the internet which is semi-public is not so clear. And yet those opposed to government surveillance seem to be very ant-gun rights, anti-NRA etc.

          But I find your post pointless because you divert from the point, ask a question and then fail to answer it. Why is mass government surveillance important or unacceptable? Why should it be important to, say, a 65 year old retiree who u

          • Why is mass government surveillance important or unacceptable? Why should it be important to, say, a 65 year old retiree who uses the internet to see pictures of their grandkids on Facebook, occasional internet research about knitting or woodcrafting, and emailing their other retired friends to meet up?

            Why is it so important to the government that they collect all available online and phone information about this 65 year old retiree in the first place?

            We disagree about the constitutionality of mass government surveillance. There is no point to collecting the massive amount of data the government is collecting unless they are planning to use it. Right? Otherwise, it's just a big waste of time and money. The only practical way to use such a large amount of data is to perform a search against it, looking fo

        • Most of the people I know that are pro-2nd amendment, are pro all-the-amendments and find this online collection thing horrible as well. There is a difference between not liking something and not supporting it, and being able to stop it. I wouldn't make such blatant assumptions of some groups of people, as you could possibly be attributing helplessness with apathy.

          If you are going to make blanket statements about people on this topic, I would suggest you point over to the actual "apathy" crowd as not c
        • Well said, because when the 1st amendment is hijacked and circumvented as somethings might indicate
          then you start running out of amendments rather quickly.


        • Why not have favorite parts of the Constitution to care about? Personally, I'm not all that fond of the 2nd Amendment, but I'm even less fond of seeing Constitutional rights eroded, so I'm not a fan of gun control. Were there no Constitutional guarantee of the right to bear arms, I might well be a gun control supporter.

    • by Opportunist ( 166417 ) on Tuesday February 11, 2014 @11:29AM (#46217799)

      Well, use Joe Sixpack as your shield. As long as they get data from him, they are complacent and satisfied that they get enough data. Educate Joe Sixpack and the stream of data will dwindle to a trickle and they'll start using more invasive means to gather data.

      Sorry to say it, but the days when I try to educate the masses are over. I use them as a shield for my privacy nowadays.

  • by Chrisq ( 894406 ) on Tuesday February 11, 2014 @09:44AM (#46216887)
    The problem with blanket surveillance is it encourages a wide range of people to look for ways round it - which later can be used by "the usual suspects" to cover up their drug trafficking, terrorism, and pedophile rape gangs. We would be much better off just monitoring the undesirables
  • The best you can hope for is more secretive mass surveillance and more limited internal access. If every country is also aiming to mass surveillance, any country that doesn't will be left behind.
    • Yes, how horrible it would be if some country was left behind and didn't violate the rights of its citizens in the same way as the other countries! Get with the times, guys!

      • I can't even successfully troll non-anonymously on slashdot now. Where did everybody go???
      • If capitalism worked, we'd see a country spring up and declare that it will NOT spy on its citizens and people with some brain would flock there.

        • If (x)-ism worked we'd see....etc etc....

          The fact is the plutocrats, oligarches, kleptocrats, and other parasites and looters
          always worm their way into any government and subvert it and compromise
          the people and the process.

          This has been a generational thing where the families pass on these tricks
          to their offspring, and they are societal leeches that bleed the workign class dry
          over and over for centuries.

          Google the term "Robber Baron", and you get an idea of whom I am speaking.

          In the realm of political pirac

      • Sometimes I think these round table groups get together and break open Orwell, Huxley,
        and others and use them like a operating manual on how to puppeteer the governments.

  • by Dr Caleb ( 121505 ) on Tuesday February 11, 2014 @09:50AM (#46216905) Homepage Journal

    So, clicking on that 'learn more' link at the top of the page puts Trend Micro into an uproar that "" is:

    Details: Verified fraud page or threat source
    Suspected fraud page or threat source
    Associated with spam or possibly compromised
    Rating in progress. Trend Micro Web Reputation is currently set to block pages that have not been checked for safety.

    Irony, or on purpose?

    • by c0lo ( 1497653 )

      So, clicking on that 'learn more' link at the top of the page puts Trend Micro into an uproar that "" is:

      What'ss trend micro, preciousss?

  • Yeah the U.S. is relatively benign right now, butt, let the economy go south and see if they are so friendly and honorable. it's clear to all but the blind, deaf, and comatose that the State is hardening their facilities and forces...WITH OUR MONEY!!! Gird Nerds, the ride is just beginning.
    • by c0lo ( 1497653 )

      Yeah the U.S. is relatively benign right now, butt, let the economy go south...

      Well, let it indeed.... Australia and NZ economies could do with a bit of boost.

    • Yeah at times it looks like they follow Orwell and Huxley like a playbook.

      One of their best old tricks is Divide and Rule, where you get half of the
      population mad at the other half and whip them into a frenzy with
      broadsheets in the old days, and the "Project Mockingbird" media
      in the modern day. []

      The best way to keep the public from being mad at the plutocrats
      is give them a different bone to chew on and that is the fake political
      process that is totally rigged, just like the con

  • It will get me on the naughty list, but that's a price I'll pay gladly. That's all for now.

  • It would be nice is Slashdot were doing more than just posting a story. It's not like it would be hard to add for a day... TDWFB Banner []
  • Information overload actually makes it easy for the clever people to slip through the cracks unobserved.

    • Actually they merely keep a file on you, and they are glad that you break there rules
      because if you ever become a problem for one of their pet projects then out comes
      your file and you get a visit from them.

      I don't agree with everything Ms. Rand said, but this one fits...

      “There's no way to rule innocent men. The only power any government has is the power to crack down on criminals.
      Well, when there aren't enough criminals, one makes them. One declares so many things to be a crime that it

  • February 11th, 2014 is The Day We Fight Back against Mass Surveillance [] Over 100k signatures now!
    • The plutocrats, oligarchs, and kleptocrats are shaking in their boots because you
      gave them a list of names that are their enemies, roflmao.

  • by Glock27 ( 446276 )

    I'm very surprised to see that the article and all posts fail to mention TOR.

    TOR may not be perfect, but it's a lot better than any readily available alternative. I'd suggest using it for any browsing you think might be the least bit controversial. The more people that use TOR, the better it works. It's a bit slow, but it's livable. []

    • by tom229 ( 1640685 )
      Unfortunately, you're not necessarily safe [] by using tor.
      • by Glock27 ( 446276 )

        You're not "safe" under any circumstances, offline or online.

        TOR is a hard target, and unless there's some reason to go after you individually already, you'll almost certainly be secure using it. The TOR developers are constantly working to make it better as well.

      • This is correct, also almost all hardware is hacking you from the inside out. []

        And again, don't blame the chinese, they were paid to put it in there.

        Now when they used the fake chips in the cisco routers for the DoD,
        that is a very different can of worms.

  • by Jim Sadler ( 3430529 ) on Tuesday February 11, 2014 @12:50PM (#46218671)
    As far as security goes I would not be shocked if more intense spying is not applied to individuals who take precautions against being spied upon. Look at it from a law enforcement view or national security point of view. We can name one fellow Joe and another fellow Sam for purposes of demonstration. Suppose Joe is seen to use strong encryption, avoids using smart phones or cell phones, pays cash always and quietly rents a room from a private home owner. That alone may send out signals that Joe needs a hard look. Sam on the other hand is welded to his smart phone, never even uses a password and is wide open to scrutiny in every area of his life. Guess which one will attract interest. Sam's flaws are known. Sam's negatives match the negatives of almost all people in the area. Joe, conversely, seems to have no flaws and no real data points in the system. Any smart agent or cop will want to find ways to define Joe and frankly it won't take much effort at all. In the past very unlikely people were employed as agents. A man might make progress with a very pretty, very pretty, young girl who he would never suspect is employed by the police department as a professional spy. But these days tiny cams and recording devices are rather easy to insert into a suspicious person's environment. I have seen this stuff in action and knew a young girl who worked in a spy like capacity for the cops. She was inserted in a community and under the age of twenty and played the role of a hippie like youth in rebellion which in fact she sort of was. But her pay check was through her spying efforts.
    • As far as security goes I would not be shocked if more intense spying is not applied to individuals who take precautions against being spied upon.

      The solution for that is strong encryption for everyone, transparently, and by default.

      The things I most want kept private the governemt already knows about - my identifying information, drivers' license info, social security number, tax records, bank account numbers, etc. The things you can use to steal my identity and/or money. When I use encryption it is to keep that information from criminals, and it is entirely rational to do so.

      The day the government decides the use of security tools is only to hide b

    • by modi123 ( 750470 )

      Sounds like chunks of themes ripped from the Fourth Realm series by John Twelve Hawks. Being off the grid is one thing, but also randomizing your choices helps another. Working with maps of CCTV to find alternative routes, and providing the double work of having 'usable' profiles to hide behind. [] [] []

  • Figure out what can alert the watchers without getting into trouble, and compare notes and discuss in forums on Tinternet.
    Make sport out of the watchers by seeing what you can figure out about them simply by provoking unnecessary reactions.
    Read The Art of War and study Tai Chi (properly, not just as a spaced-out eastern arm-waving exercise, but as the study of super-efficient movement and coordination -- though that can take a decade or so just to get the basics half-right).

  • The thing you civilians don't get is we backdoored the basic encryption protocols a long long time ago.

    And, as you're now finding out, we have been watching.

    There are five NSA sites in North America, btw. Not two.

  • I feel that these three reasons are rather weak.

    I'm not sure how #1 is a reason. The pervasiveness of the internet is not in itself a problem, any more than air being everywhere is a problem. Show me how the pervasiveness is an issue.

    # 2 is weak; it talks about what could happen, rather than what is likely to happen. I understand that when arguing against something, if the outcome of letting that thing happen is catastrophic, that will determine how convincing the argument is, but I prefer to look at
  • Just tripped over this -- scroll down past the initial paperwork. You may recognise the site. []

Keep up the good work! But please don't ask me to help.