Page 1 of 1

Say so long to privacy through encryption.

Posted: Mon Sep 27, 2010 8:16 am
by Heretic
A new bill floating around congress seeks to be able to decrypt you messages if served a wiretap order. We all know they don't need wire taping orders any more with the patriot act.

http://www.nytimes.com/2010/09/27/us/27 ... .html?_r=1

Posted: Mon Sep 27, 2010 9:30 am
by Isaac
Go-go gadget ssh 2048 bit!

Posted: Mon Sep 27, 2010 11:32 am
by Kilarin
I can't get to the NY Times article, BUT:

Truecrypt. It's free, and its open source. No back doors!

Posted: Mon Sep 27, 2010 11:56 am
by Heretic
NY Times wrote:Essentially, officials want Congress to require all services that enable communications — including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct “peer to peer” messaging like Skype — to be technically capable of complying if served with a wiretap order. The mandate would include being able to intercept and unscramble encrypted messages.

Posted: Mon Sep 27, 2010 12:25 pm
by Xamindar
This will just encourage more opensource encryption \"plugins\" to these services. There are already addons to many IM clients and email clients that allow encrypting the communications.

Of course, they can make it illegal just like watching DVDs on my PC is illegal. Pretty soon everybody will be criminals whether they want to or not.

Re:

Posted: Mon Sep 27, 2010 12:39 pm
by null0010
Xamindar wrote:Of course, they can make it illegal just like watching DVDs on my PC is illegal. Pretty soon everybody will be criminals whether they want to or not.
This, and at the same time, this:

Image

Posted: Mon Sep 27, 2010 1:01 pm
by Kilarin
A VERY true point from XKCD.

If anyone REALLY wants your data, there are usually much easier ways to get it than cracking your encryption.

That DOESNT mean encryption is a bad idea. Encryption is like locking your front door. It keeps out a whole LOT of people. But it wont stop a really determined criminal.

(actually encryption is much BETTER than locking your door because its less vulnerable to being picked, but still vulnerable to anyone who holds a gun to your head and says \"open the door!\")

Posted: Mon Sep 27, 2010 1:17 pm
by Grendel
Nothing new really. Probably Biden behind it.

\"This is not Orwell's 1984, it's Gilliam's Brazil.\" Right on the mark.

Re:

Posted: Mon Sep 27, 2010 1:25 pm
by Foil
Grendel wrote:"This is not Orwell's 1984, it's Gilliam's Brazil."
:lol: Yep.

Posted: Mon Sep 27, 2010 1:26 pm
by AlphaDoG
Code a better mouse trap and people will just code better mice.

Sorry for the paraphrase.

Re:

Posted: Mon Sep 27, 2010 1:36 pm
by null0010
Kilarin wrote:That DOESNT mean encryption is a bad idea. Encryption is like locking your front door. It keeps out a whole LOT of people. But it wont stop a really determined criminal.
The way I figure it, I don't have any data worth encrypting. That is not to say that I think this proposed bill is good, I just don't understand the use of crypto on a personal level.

Posted: Mon Sep 27, 2010 5:32 pm
by Kilarin
null0010 wrote:The way I figure it, I don't have any data worth encrypting.
Think of encryption on your home computer as the equivalent of sealing the envelope when you send a letter. It's not perfect, but it's easy enough to do that it's worth the effort.

Posted: Mon Sep 27, 2010 6:21 pm
by AlphaDoG
Who do you think is targeted? Here's the cluster map for the dbb.

Image

Re:

Posted: Mon Sep 27, 2010 6:49 pm
by null0010
Kilarin wrote:
null0010 wrote:The way I figure it, I don't have any data worth encrypting.
Think of encryption on your home computer as the equivalent of sealing the envelope when you send a letter. It's not perfect, but it's easy enough to do that it's worth the effort.
What will they get if they crack open my computer? My music files? Descent levels? The files on my computer only have "sentimental" value to me.

Posted: Mon Sep 27, 2010 7:36 pm
by Isaac
不是..I think everyone here is confusing 'hacking into your system files' with 'hacking into data, sent and received by your system', which I believe is the subject. And why would the Government want access to your SSL/TLS related activity? That's where all the good stuff is... And they're not going to hack it; they don't have to. They'll just make a law that mandates a \"carbon copy\" of all your activities from the website's firm. How does this protect us...? It doesn't, because it increases the risk of human error.

Posted: Mon Sep 27, 2010 8:19 pm
by Spidey
Well, we will all just have to speak in plain English, nobody in the government can understand that.

Re:

Posted: Mon Sep 27, 2010 8:58 pm
by Krom
Spidey wrote:Well, we will all just have to speak in plain English, nobody in the government can understand that.
HEH! :lol:

**************************************

Really how much surveillance is enough? I think we are already well beyond reasonable levels. The government wanting a backdoor into all these encrypted communications is just stupid and lazy and I can guarantee that the terrorists will NOT be so lazy. If they pass this it will have absolutely zero impact on fighting terrorism because terrorists are not obligated to follow the rules but it WILL further invade and erode the privacy of Americans.

At what point do we have to collectively say "While we don't have anything to hide, we still think its none of your damn business!" to all this ridiculous surveillance. This whole "war on terror", and the "war on drugs" and every other "war on macguffins" that we keep on going through are all retarded. It is obvious the government has no intention of winning because it is actively refusing to utilize its single greatest resource: The American People. In fact the government is practically aiding and abetting the terrorists by going out of its way to impede and prevent citizens from protecting themselves! Someone needs to stand up to Washington and say "This situation is unacceptable. We do not need you to protect us from ourselves. Get out of our lives!".

Posted: Mon Sep 27, 2010 10:04 pm
by Kilarin
Krom wrote:"While we don't have anything to hide, we still think its none of your damn business!" to all this ridiculous surveillance.
Exactly.
null0010 wrote:What will they get if they crack open my computer? My music files? Descent levels? The files on my computer only have "sentimental" value to me.
Even if you wouldn't mind others seeing whats on your computer, the principle still stands that they have no business messing with it without your permission. Just like even if you didn't have anything in your house that you didn't want others to know about, you STILL don't want strangers wandering through without permission. It's a matter of principle.

And I DO have stuff on my computer that I really would prefer others not get ahold of. Tax information, my wifes business files, my list of family and friends addresses, etc.
None of that is going to get me put in jail, none of it is particularly embarrassing, and none of it is even likely to attract a criminals attention. But I'd still just as soon it stayed under lock and key.

At church once, a teenage girl came along and grabbed my study journal. It was just a spiral notebook where I kept my Bible study notes. If she had ASKED, I probably would have just handed it to her and said, "Read away." But she didn't ask, she grabbed. And so Immediately made her give it back. Encryption helps protect information that you would rather keep private, but it's also just a good principle in general. People shouldn't be going through your stuff unless they have permission to do so.
Isaac wrote:.I think everyone here is confusing 'hacking into your system files' with 'hacking into data, sent and received by your system'
You bring up a good point, but I think the two different issues are related. Losing the rights to protect transmitted data is closely related to losing the rights to protect data stored on your own system. With people moving towards "cloud computing", its even becoming difficult to distinguish between the two.

Of course, you can use truecrypt containers to send encrypted data through email, but truecrypt isn't design to integrate directly with email (that I am aware of). There are other programs that do. (Like PGP).

Email encryption has not been made easy yet. It's generally burdensome and annoying because both parties have to be involved. That's why most people don't bother. Protecting data on your own machine though has become VERY easy. To easy to neglect.

Posted: Tue Sep 28, 2010 6:08 am
by woodchip
If you do not want others to see what is on your computor, don't hook it up to the internet. Have a second older comp. with nothing on it as your internet connection.

Posted: Tue Sep 28, 2010 8:19 am
by Spooky

Posted: Tue Sep 28, 2010 6:52 pm
by Ferno
Oh! And what if the user needs to download stuff to use on the other machine? . . .
Copy it onto a CD or DVD. Then clean it off the internet machine.
Nothing stays on the internet machine but the operating system!!! Then CD/DVD
software, elected browser, Anti Virus program if needed, Firewall if needed and
plugins like Flash if needed!!!


easier solution is to have a 32gb usb stick plugged in, download directly to that, and then pull the stick.

Posted: Tue Sep 28, 2010 7:59 pm
by Spooky

Posted: Wed Sep 29, 2010 12:53 am
by [RIP]Machete_Bug
So seriously... why would anyone pay money for an encryption software with a back door for Johnny Law?

To do so, not only would you have to assume that the government would never abuse this power, but also believe that the knowledge of how to exploit it will forever and all time remain in the hands of law enforcement. Heh.

If this passes, open source will be the only serious option.