Get PJ Media on your Apple

VodkaPundit

What the Government Does With Your Data

October 18th, 2013 - 7:26 am

Cringely:

Fortunately, someone has built a life raft for those of us drowning in the tsunami of data about NSA spying. Last week the Brennan Center for Justice, a nonpartisan think tank and advocacy group, published a remarkably clear breakdown called “What the Government Does with Americans’ Data.” It should be required reading for anyone who cares about what’s left of our Constitution, once the buffoons in our nation’s capital have stopped using it as confetti. There’s an 88-page report, a summary of the conclusions, chilling numbers to consider, and a handful of amazingly concise infographics. Start with the latter to get the gist, then go to the intro.

The tl;dr version: The NSA gathers a massive amount of information on people who are not in any way connected with any terrorist activity, then holds onto it for at least five years and often much longer. It also shares this information with 10 different federal agencies, including the Department of Justice, Homeland Security, and the FDA.

The article itself is a link-o-rama. You owe it to yourself to read the whole thing.

My takeaway from it is this. Anyone using web-based email has opened up their entire lives to anyone in Washington wanting to do a little poking around. I don’t know how much more secure regular email is, but it seems like the NSA has, or has the ability to scan, anybody’s address book and buddy lists they want.

That’s not far from the midnight-knock-on-the-door territory.

Comments are closed.

All Comments   (5)
All Comments   (5)
Sort: Newest Oldest Top Rated
I sorta freaked out a couple years ago when I signed up for a google account. It asked me if I wanted them to automatically make connection recommendations, and I figured, sure why not.

I heard some hard drives scrubbing and such, and a couple minutes later a couple hundred names came up. I noticed immediately that one group was from an old AOL data base that I had closed (I thought) at least 5 years earlier.

I still have no idea where they found that! I had actually tried to find it myself several times before that, and couldn’t.

I figured if google can do that, anyone can. The same thing happened when I signed up for facebook, and again for linked in. I don’t think I was prompted with an option to opt out for either of those two.
49 weeks ago
49 weeks ago Link To Comment
It depends entirely on how you store and use your data. If you're using Gmail or some other web mail service, and you're storing contacts and messages there, assume it can be read by persons other than you, be it the government or employees of the company in question. This has been documented extensively.

If, however, you're using a conventional ISP, or better still running your own email services, it becomes much more difficult if not impossible to collect that data. Someone wishing to do so either has to compromise the mail server, either via a warrant or nefarious intrusion, or figure out some way of sniffing stuff over the wire in an unencrypted format.

That can be done, of course, but generally to attract that kind of attention you need to be considerably more than a "person of interest" to the three-letters.

If you wish to keep that sort of thing private, here's an easy primer:

1) Buy a Mac.
2) Turn on file vault on said mac.
3) Use local contact information only, do not store in the cloud.
4) Use SIMAP or SPOP to transfer email from a mail server via SSL. If your host does not support SSL, find one that doesn't suck.
5) For any remote communications that are sensitive, encrypt the message with a strong key. A very easy way of doing this is to make an encrypted disk image, toss a text file or whatever else in it, attach it to an email, and convey the key to the other party via a secure means.

Alternatively, use something like Silent Circle or another service that has very strong end to end encryption.

Contrary to the tin-foil hat crowd thinks, it is impossible to compromise AES256 with a strong key. Not mostly impossible, not nearly impossible-- impossible. The only weak point is you.
49 weeks ago
49 weeks ago Link To Comment
Anything is vulnerable to a dictionary attack, the question is the level of resources required to do the job in a reasonable amount of time.

For AES256, it currently requires far fewer resources to simply send in a SEAL team to drug you to get the key. The questions are how long will that remain the case, and how much data is the NSA capable of storing for later evaluation?
49 weeks ago
49 weeks ago Link To Comment
Simply assume everything electronic is harvested by the NSA. Do you think Vodkapundit isn't on a "to be watched" list? Post office photographs every envelope. Time for carrier pigeons.
49 weeks ago
49 weeks ago Link To Comment
i don't know how much more secure snail mail is. the feds admit to copying the front and back of each piece. if they admit that, they almost certainly do more.

email, snail mail or carrier pigeon, we are seriously screwed.
49 weeks ago
49 weeks ago Link To Comment
View All