Coffeehouse Thread

19 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

Big Brother

Back to Forum: Coffeehouse
  • User profile image
    GoddersUK

    I is in u're fone reading u're txts.

    Worrying.  Very Worrying.

  • User profile image
    blowdart

    You should be more worried that you can now be jailed for not handing over encryption keys in your procession.

    So my mail server, which uses TLS and generates keys every time could put me in jail as I have no way of handing over keys. Same for SSL. Or CardSpace.


  • User profile image
    Cornelius Ellsonpeter

    Pfft.

    This is all for your own good.

    After all the state knows what is best for you.

    Besides, it's all for your safety.

    Why don't you want to be safe?

  • User profile image
    GoddersUK

    blowdart wrote:
    You should be more worried that you can now be jailed for not handing over encryption keys in your procession.

    So my mail server, which uses TLS and generates keys every time could put me in jail as I have no way of handing over keys. Same for SSL. Or CardSpace.


    I was thinking - could you get around that by encrypting the encryption key before you gave it to them (and then when they requested you decrypt that giving them another encrypted encryption key and so on in an endless line of encrypted encryption keys)?

  • User profile image
    W3bbo

    GoddersUK wrote:
    
    blowdart wrote:
    You should be more worried that you can now be jailed for not handing over encryption keys in your procession.

    So my mail server, which uses TLS and generates keys every time could put me in jail as I have no way of handing over keys. Same for SSL. Or CardSpace.


    I was thinking - could you get around that by encrypting the encryption key before you gave it to them (and then when they requested you decrypt that giving them another encrypted encryption key and so on in an endless line of encrypted encryption keys)?


    No.

    You should look into "Hidden volume" encryption which provides plausible deniability.

    There are easy workarounds though:
    • Store the data outside UK soil (e.g. some server in Russia)
    • Use encryption systems which provide plausible deniability (like Truecrypt)
    • Deny having the key (e.g. lost or forgotten, which is plausible)
    The main problem with the act is how the penalty for not handing over your key is 2 years (and of course, the "5 years" if it's terrorism-related, waaaay to ride the Scare-the-public wave), consider the penalty for possessingo illegal pornography is like 20 years (a stupid law in itself). Would you rather be in prison for 2 years and not reveal your illegal stash, or serve 20 years and be branded a sex-offender?

    Give them a few months and they'll make the penalty for not handing over your keys the same prison-term as the worst offense out there (since your guilt is implicit), then loads of innocent people get thrown in jail for losing their keys.

    Today's lesson: don't lose your keys, citizen!

  • User profile image
    ScanIAm

    I think you misread what was in the article:

    article wrote:

    The Home Office said the content of calls and texts would not be read and insisted the move was vital to tackle serious crime and terrorism.



    The only info being kept (that we know of) is metadata about the location of the phone, who called, etc. 
    Even with the expectation of complete privacy (in the bedroom, for example) you can't expect that your location will be kept private as well. 

    We know you're in your house, we just don't know what kind of farm animals you are molesting Smiley

    I'm all about privacy, but I just don't see this as a privacy issue, since the information has been available for as long as the ability to keep records has existed. 


    Now, if you want to shine up that tinfoil hat and get all scared about big brother:

          AT&T is still directly monitoring calls made in the USofA for the gov'mint.

    Yet another reason why I'd never own an iPhone.

  • User profile image
    phreaks

    ScanIAm wrote:
    I think you misread what was in the article:

    article wrote:

    The Home Office said the content of calls and texts would not be read and insisted the move was vital to tackle serious crime and terrorism.



    The only info being kept (that we know of) is metadata about the location of the phone, who called, etc. 
    Even with the expectation of complete privacy (in the bedroom, for example) you can't expect that your location will be kept private as well. 

    We know you're in your house, we just don't know what kind of farm animals you are molesting

    I'm all about privacy, but I just don't see this as a privacy issue, since the information has been available for as long as the ability to keep records has existed. 


    Now, if you want to shine up that tinfoil hat and get all scared about big brother:



    Right, because who I am calling and all the information surrounding such an act can not reasonably be considered 'private'.


    article wrote:

    "The second level of data is not simply the subscriber, but also the calls made by that phone.

    "And the third level which is purely for the security forces, police, etc, is not just the subscriber information and the calls made, but also the calls coming in and location data - where the calls are made from."




  • User profile image
    ScanIAm

    phreaks wrote:
    
    ScanIAm wrote:
    I think you misread what was in the article:

    article wrote:

    The Home Office said the content of calls and texts would not be read and insisted the move was vital to tackle serious crime and terrorism.



    The only info being kept (that we know of) is metadata about the location of the phone, who called, etc. 
    Even with the expectation of complete privacy (in the bedroom, for example) you can't expect that your location will be kept private as well. 

    We know you're in your house, we just don't know what kind of farm animals you are molesting

    I'm all about privacy, but I just don't see this as a privacy issue, since the information has been available for as long as the ability to keep records has existed. 


    Now, if you want to shine up that tinfoil hat and get all scared about big brother:



    Right, because who I am calling and all the information surrounding such an act can not reasonably be considered 'private'.


    It can be, once you build your own private phone network.  Until then, the data travels over a phone network, and the source and destination is required for the communication to work.  The content of the message is not, so you can argue that that is not 'public', but the source and destination are fair game.

    It's the same reason that you can't keep IP traffic private...it travels over too many public networks. 

    phreaks wrote:




    article wrote:

    "The second level of data is not simply the subscriber, but also the calls made by that phone.

    "And the third level which is purely for the security forces, police, etc, is not just the subscriber information and the calls made, but also the calls coming in and location data - where the calls are made from."





    Exactly.  None of the call 'content' is recorded, just the source and destination.  The GPS data is required as well in order for emergency services to work.

    I agree that this data can be used to imply things, but it is no different than what would happen if you drove your car down a public road.  As long as I can see your car, I know

    1) where you are coming from
    2) where you are going to
    3) where you are right now

    In fact, if I can see through the windshield that is required for you to be able to see where you are going, I also know some of what you are doing.

    But if I can't see what you are doing, you aren't forced to tell me.

    You cannot have privacy in public.  You can only have privacy in private.

  • User profile image
    phreaks

    ScanIAm wrote:
    
    phreaks wrote:
    


    Right, because who I am calling and all the information surrounding such an act can not reasonably be considered 'private'.


    It can be, once you build your own private phone network.  Until then, the data travels over a phone network, and the source and destination is required for the communication to work.  The content of the message is not, so you can argue that that is not 'public', but the source and destination are fair game.

    It's the same reason that you can't keep IP traffic private...it travels over too many public networks. 

    phreaks wrote:




    article wrote:

    "The second level of data is not simply the subscriber, but also the calls made by that phone.

    "And the third level which is purely for the security forces, police, etc, is not just the subscriber information and the calls made, but also the calls coming in and location data - where the calls are made from."





    Exactly.  None of the call 'content' is recorded, just the source and destination.  The GPS data is required as well in order for emergency services to work.

    I agree that this data can be used to imply things, but it is no different than what would happen if you drove your car down a public road.  As long as I can see your car, I know

    1) where you are coming from
    2) where you are going to
    3) where you are right now

    In fact, if I can see through the windshield that is required for you to be able to see where you are going, I also know some of what you are doing.

    But if I can't see what you are doing, you aren't forced to tell me.

    You cannot have privacy in public.  You can only have privacy in private.




    How is using a phone considered public domain?

    Whom I call from the comfort of my home is private. It is not the government or any other entities business.

    The networks I use to place calls are commercial not government networks, aren't they?

    You're comparisons don't make sense.
    I'm not driving a car down a public road, I am using a phone from inside my home.

    The government doesn't own the phone infrastructures, do they?

  • User profile image
    BlackTiger

    Remember, remember the fifth of November,
    the Gunpowder, treason, and plot,
    I know of no reason why gunpowder treason
    Should ever be forgot.
    Guy Fawkes, Guy Fawkes, 't was his intent
    To blow up the King and parliment.
    Three score barrels of powder below,
    Poor old England to overthrow;
    By God's providence he was catch'd
    With a dark lantern and burning match.
    Holloa boys, holloa boys, make the bells ring.
    Holloa boys, holloa boys, God save the King!
    Hip hip hoorah!
    "V for Vendetta" isn't just a fiction... Any fiction contains bits of truth...

    If you stumbled and fell down, it doesn't mean yet, that you're going in the wrong direction.
    Last modified
  • User profile image
    ScanIAm

    phreaks wrote:
    
    ScanIAm wrote:
    
    Exactly.  None of the call 'content' is recorded, just the source and destination.  The GPS data is required as well in order for emergency services to work.

    I agree that this data can be used to imply things, but it is no different than what would happen if you drove your car down a public road.  As long as I can see your car, I know

    1) where you are coming from
    2) where you are going to
    3) where you are right now

    In fact, if I can see through the windshield that is required for you to be able to see where you are going, I also know some of what you are doing.

    But if I can't see what you are doing, you aren't forced to tell me.

    You cannot have privacy in public.  You can only have privacy in private.




    How is using a phone considered public domain?

    For a couple of reasons.  One, it uses the open air to transmit and receive.  It isn't expressly hidden.  Second, even if your call stays within the Sprint network, for example, it still goes through at least 2 parties before it reaches you.  Most of the phone network backbone is owned by completely different companies than who you pay for your phone charge.  Third, your conversation is not important to the connection, but the source and destination are.  You can obscure the content of the conversation (i.e. hide it), but you cannot hide the source and destination. 

    You expect privacy in what you do inside of your home because you have the obscurity of walls.  You cannot expect privacy in your front yard if you make no effort to hide what you do.  You can't run around naked in the streets and claim a right to privacy.
    phreaks wrote:


    Whom I call from the comfort of my home is private. It is not the government or any other entities business.

    If you expect that phone call to reach anyone, it certainly IS someone's business.  Sprint, AT&T, Verizon, etc.  Plus, any other network you happen to travel on.
    phreaks wrote:


    The networks I use to place calls are commercial not government networks, aren't they?

    You're comparisons don't make sense.
    I'm not driving a car down a public road, I am using a phone from inside my home.

    If you and another person are in your home and you have a conversation, then the conversation is private.

    If that person stood out on your porch, and you spoke to that person through the window, then the conversation is in public.

    If you pick up the phone and dial that person, it's public as well.

    The requirement is for you to make an effort to keep the information private.
    phreaks wrote:


    The government doesn't own the phone infrastructures, do they?

    The government (i.e. the people) own the radio frequencies, the right of way for phone lines, and most of the laws that keep the phones working well with each other are federal.

    Ultimately, though, if you are concerned about it, the alternative is to buy a prepaid cell phone, use it once, and throw it away.  In that way, your conversation is hidden (as always) and even though the source and destination are known, they don't reference you in any way so your privacy is complete. 

    It's not illegal, but it sure is expensive and wasteful.

  • User profile image
    Minh

    ScanIAm wrote:
    
    You expect privacy in what you do inside of your home because you have the obscurity of walls.  You cannot expect privacy in your front yard if you make no effort to hide what you do.  You can't run around naked in the streets and claim a right to privacy.

    Even privacy has to have context. Let's say your telephone carrier is AT&T. A non-governmental organization. They can pretty much do what they want with your information. And they say as much with their updated EULA.

    The governemnt, however, has no right to ask AT&T to start recording your voice & internet data.

    Free market forces is left to decide whether it's good that AT&T is recording your data.

    But when the governement is doing it, it's illegal. Hello, warrant-less wiretapping, anyone?

    The UK is in this mess because they have no parallel to the US Constitutions saying there's such a thing as a right to privacy -- yeah it's in there.

  • User profile image
    phreaks

    Minh wrote:
    
    ScanIAm wrote:
    
    You expect privacy in what you do inside of your home because you have the obscurity of walls.  You cannot expect privacy in your front yard if you make no effort to hide what you do.  You can't run around naked in the streets and claim a right to privacy.

    Even privacy has to have context. Let's say your telephone carrier is AT&T. A non-governmental organization. They can pretty much do what they want with your information. And they say as much with their updated EULA.

    The governemnt, however, has no right to ask AT&T to start recording your voice & internet data.

    Free market forces is left to decide whether it's good that AT&T is recording your data.

    But when the governement is doing it, it's illegal. Hello, warrant-less wiretapping, anyone?

    The UK is in this mess because they have no parallel to the US Constitutions saying there's such a thing as a right to privacy -- yeah it's in there.


    Those are good points and are in line with my thinking.

    What is privacy? According to Scan, there really is no such thing is this day and age; so why do we have the right to it, if it is a fallacy to begin with?

    Secondly, another great point by Minh, what is wiretapping?
    Wikipedia wrote:

    Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party, often by covert means.

    ...

    Telephone tapping is officially strictly controlled in many countries to safeguard an individual's privacy; this is the case in all developed democracies. In theory, telephone tapping often needs to be authorised by a court, and is, again in theory, normally only approved when evidence shows it is not possible to detect criminal or subversive activity in less intrusive ways; often the law and regulations require that the crime investigated must be at least of a certain severity.


    I would think that even if they do not store the actual conversation, eavsdropping on private commercial lines by the government to obtain location and time data is still inherintly wrong and uncosntitutional.

    I have the right to be secure in my person, places and effects against unreasonable searches and seizures.
    Arbitrarily seizing any of my data for any purpose without a warrant is wrong in my eyes.

    Am I really missing something Scan? You are really advocating the notion of a non-existant sense of privacy?

  • User profile image
    ScanIAm

    no, No, NO!  I'm totally pro-privacy.  And in fact, if AT&T wanted to sell the content of my conversation (i.e. what I'm talking about), then I would be just as upset.  But they aren't and neither is the UK.  (Again: assuming you believe the gov't).

    Look: Another analogy is a letter sent through the mail.  If you want to keep your mail correspondence private, you need to make sure that you don't write anything incriminating on the outside of the envelope.  You can expect that the stuff INSIDE the envelope is private, but since the destination address must be visible in order to deliver the letter, you cannot expect that the destination address will be private.  In fact, you can avoid the source address if you wish because it is a one-way conversation.

    In order for a phone connection to work, you need the source and destination because you actually set up 2 connections, not 1.  One connection goes from source to dest and the other goes from dest to source.  Because the source and destation (i.e. the phone numbers) are thrown all over the network, you have no reasonable expectation of privacy for that information.

    The expectation of privacy (which isn't a right, btw, the constitution says illegal search and siezure, not privacy, but whatever) extends to purposefully private areas.  It does not preclude what people can plainly see nor does it preclude what you make no attempt to hide.

    When you call someone on the phone, you start off by having a conversation between you and the phone company wherein you tell them what number you are and what number you want to dial.  Once they complete the connection, your conversation with the phone company ends and now you are talking to the person at the other end. 

    Does that make more sense?

  • User profile image
    Minh

    ScanIAm wrote:
    And in fact, if AT&T wanted to sell the content of my conversation (i.e. what I'm talking about), then I would be just as upset.  But they aren't and neither is the UK.  (Again: assuming you believe the gov't).

    ScanIAm,

    When you go to your Wednesday night Liberal meeting... After you sacrifice a goat and drink its blood, don't they tell you about:

    EFF's Class-Action Lawsuit Against AT&T for Collaboration with Illegal Domestic Spying Program

    Which is a class-action suite against AT&T. The main witness is Mark Klein, who was a AT&T technician. YouTube his name for various extremely convincing programs about the AT&T NSA case.

    You put that together with:

    * AT&T new EULA
    * Proposed legislation to seal records of businesses who cooperated w/ the NSA.
    * Executive orders that allow former presidents (geez, who could that be for) to keep records sealed (the balls on that guy)

    ...and you get a stinking fish.

    I just hope they don't revoke your "Liberal" badge, ScanIAm.

  • User profile image
    GoddersUK

    ScanIAm wrote:
    
     It isn't expressly hidden.


    Well mobile calls are encypted, so it kind of is (sort of)...

    ScanIAm wrote:
    (Again: assuming you believe the gov't).


    Pretty big assumption.


  • User profile image
    ScanIAm

    Minh wrote:
    
    ScanIAm wrote:
    And in fact, if AT&T wanted to sell the content of my conversation (i.e. what I'm talking about), then I would be just as upset.  But they aren't and neither is the UK.  (Again: assuming you believe the gov't).

    ScanIAm,

    When you go to your Wednesday night Liberal meeting... After you sacrifice a goat and drink its blood, don't they tell you about:

    EFF's Class-Action Lawsuit Against AT&T for Collaboration with Illegal Domestic Spying Program

    Which is a class-action suite against AT&T. The main witness is Mark Klein, who was a AT&T technician. YouTube his name for various extremely convincing programs about the AT&T NSA case.

    You put that together with:

    * AT&T new EULA
    * Proposed legislation to seal records of businesses who cooperated w/ the NSA.
    * Executive orders that allow former presidents (geez, who could that be for) to keep records sealed (the balls on that guy)

    ...and you get a stinking fish.

    I just hope they don't revoke your "Liberal" badge, ScanIAm.



    Yep, bad choice of company name, but then if AT&T was 'asked' to do this, you can be pretty sure that the rest of them are doing it as well.  So, yes, I'm mad and I'm not going to stand for it...

    Just not about the the stuff in the original article Sad

    Can I have my badge back?


    Oh, and GoddersUK:  The phone numbers you dial aren't encrypted once they reach the network.  It's like IP traffic...you can encrypt the 'body' of the packet, but if you encrypt the header, you're packet isn't going to arrive Smiley

    What may not be obvious, either, is that the phone network works very much like the intarwebs, anyway.  All voice data is sent in addressable packets so the source and destination are required to be sent thousands of times a second over the network.

    Unencrypted. 

  • User profile image
    Dreamture

    haha so funny Big Smile I hate Big Brother...

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.