I find it very naive that people think that they can solve the NSA/PRISM spying problems just by getting some laws changed.
The NSA's activities are already probably both illegal and unconstitutional. The problem isn't that the laws aren't protecting the people: The problem is the laws are being ignored.
Politicians and co. have made it very clear that they can't be trusted, regardless of the law: Big Brother is determined to watch you.
We need both: Our privacy needs to be enshrined in law; and we need to make it as hard as possible for it to be violated, by use of strong encryption.
Just like it's illegal for people to come into our home uninvited, but we still fit locks to our doors.
Coincidentally I read "Crack my Software"[0] just prior to reading this. So it strikes me this is not unlike the "arms race" with copy-protection and DRM. Where we are the publisher and the NSA is the cracker.
Ultimately DRM alone can't do the job. There needs to be a legal environment. Also there needs to be a culture of owning not stealing (which implies an economy of sufficient prosperity). Or the opposite, a culture of never owning[1].
Likewise, encryption is an arms race. Long-term, of course we should seek and use better encryption. But also, we need a legal and cultural shift in favor of privacy.
[1]: Not to push the analogy, but another path is a (very rough, approximate) analog of "free software": As you abandon proprietary software, abandon privacy. Don't fight to protect privacy. Accept "life in a small town". I'm not advocating this, I'm just pointing out it's another way to defuse the encryption arms race, by stepping out of it.
The analogy is beyond flawed. Only houses that are indeed fortresses aren't routinely broken into if they are located anywhere near "a bad area". And even though the law is configured to punish those who break into houses, it rarely actually achieves it in practise.
Online, the fact that your presence must already be surrounded by a cryptographic fortress is well established, because the bad guys are lining up to wander straight in if you let down your guard. Law or no laws.
In your house, even if you have all the best protections, the government will enter your house if it feels it needs to. There are plenty of thoroughly unjust laws on the books (Civil forfeiture is particularly onerous: http://reason.com/archives/2010/01/26/the-forfeiture-racket).
The problem isn't the NSA, that's just another symptom in a long row where civil forfeiture is another. The root is that government has grown from being a servant of the people to considering itself the rightful ruler of the people (and plenty of people happily cheering along, even those who should know a lot better - see here for an example: https://news.ycombinator.com/item?id=6339434).
The author is correct that it shouldn't be necessary to protect ourselves against the government to this extend - but the important distinction in the surveillance case over the 'house' case is that we actually have a fighting chance, for once.
I find you choosing the roaming charge example to be bizarre: A lot of people here are pretty free-market, and the telecoms industry is not one of those free markets. It's dominated by few large corporations who piggy-backed off of large public investment (ultimately from the taxpayer).
This is one of the most legitimate uses of government : when the market fails, at least make sure that people are protected from being exploited.
It's relevant because you can't have your cake and eat it too. An organisation powerful enough to dictate prices for a service on the european market, is an organisation powerful enough to dictate, say, total data retention: http://en.wikipedia.org/wiki/Data_Retention_Directive
The price dictation is more of something similar to the WTO: roaming is pretty isomorphic to tariffs, in one sense. Technically speaking it isn't (tariffs do not represent anything other than some line, roaming is because you're actually on some other guy's network) but de facto larger carriers end up with plans to mutualise this anyways. Getting rid of tariffs is nice.
Also I don't see the link between price control and data retention. You're conflating everything under government. I'm pretty sure these two things underwent completely different processes.
You seem to be under the impression that there is a separate "evil" arm of governments that can be cut away somehow, letting you retain the good (or, rather, convenient) bits while getting rid of the bad ones.
That kind of fantasy is why we won't get rid of PRISM or the data logging directive. Government will only ever work for its own benefit, it's just that every once in a while, it's in its benefit to throw you a bone.
That would be a wholly more convincing argument had checks and balances actually prevented the data retention directive and the NSA excesses. They didn't. Now what?
Many people who download illegally would never dream of stealing from a store.
Many people who may steal data would never dream of breaking in and physically doing it.
It is much easier to steal 1s and 0s than it is to physically do it. Humans seem to take the path of least resistance. If they can do it, they will do it. And if they won't do it on their own network then a bad guy from Latvia or somewhere who knows how to send phishing emails will.
Due to the mystery about who is truly on your network combined with the ease of breaking bad security, you have to protect yourself fully. Banks don't have lax security just because people 'shouldn't' rob banks.
Sorry blogger guy....your argument just doesn't hold water
edit: I want to add the reason your house is insecure is because we can't protect it with math. If you wanted a perfectly secure house....you would end up sinking billions into it and end up with a military base. Locks are flawed, Windows are flawed, but they are good enough so that when there is a security breach you will be aware of it and can hopefully remedy the situation or fight back.
the reason your house is insecure is because we can't protect it with math
Exactly! If physical security were like crypto, we could all afford to have the security of a head of state. People who want high security rely on effective specific countermeasures, not just law enforcement generally. Law enforcement helps your security but it is not the whole answer.
Strong crypto is an amazing thing, allowing anyone to achieve privacy that cannot be broken by eavesdropping. That is true today the same as it was before the latest NSA news broke. With such a tool available, it is crazy not to use it. The cost and difficulty are small and the protection is robust against any eavesdropper, not just the US gov't.
So is breaking into someones house to steal papers and passive eavesdropping. But the results are the same. You still end up with data you didn't have before
It's very clear that there is one law for the public and another, secret law for the NSA. Furthermore, if it turns out that the secret law is inconvenient, they'll just do an end-run around that and ignore it.
The laws are already mostly there. One major problem is that there is little to no public consequence for breaking those laws. Public officials are given trust and the tools to do things that are far beyond the abilities of ordinary citizens. Should not the punishment for breaking those laws be accordingly greater?
> "We cannot and should not be living in digital fortresses any more than we are living in physical fortresses at home. Our homes are safe from thieves and from government not because they couldn’t get in if they wanted to but because the law and its enforcement prevents them from doing so. All we have to do is minimal physical security (lock the doors when you are out)."
If the police really want to enter your house, they will. This is government we're talking about, not some random small time thief. Laws have been weakened over the past few decades to the point that they barely provide much protection at all, and where they do, the government will find any excuse (however absurd) to ignore them. And even when it becomes apparent that government surveillance is blatantly illegal, they will still defend it by saying that it's necessary or else the terrorists and child pornographers will win.
Better (and better enforced) laws are a big part of the solution. When someone breaks into your house they should be held accountable, whether they are a small time thief, a police officer without a warrant, or the NSA. But until we live in a perfect world with perfect officials who perfectly follow the law, it helps to have a weapon to act as a deterrent against people who are not deterred by the law.
No, I think Schneier is right. Law enforcement and culture may play a role in keeping your home safe, but so does the lock on the door. Certainly when government goes off the rails it's bad for security, but you should still lock the door.
"Our homes are safe from thieves and from government not because they couldn’t get in if they wanted to but because the law and its enforcement prevents them from doing so."
A very parochial attitude from someone who lives in either Westchester County, NY, or I think NYC in the last year and a half or so.
Where I live we believe in defense in depth, not the crust defense of perimeter security backed up essentially nothing, "when seconds count, the police are minutes away".
If he lives in the suburb, as I gather he used to, the use of effective self-defense, i.e. "lethal force" in the form of guns, is strongly discouraged and there are a variety of traps for those wishing to abide by the law. If he's moved to NYC, it's almost certainly not even an option unless he's a lot more connected than he appears to be (a bit more than 50K each licensed hangun and long gun owners in a city of 8 million).
BTW, we have statistics strongly suggesting this has a deterrent effect.
So this further distances this analogy from the Internet.
Mostly. If I see a hacker's process running on one of my systems, I'd "kill" it. But that's not really the same thing....
On the other hand, defense in depth is very valid for all these issues. E.g. you hopefully don't entirely depend on the crust defense of a firewall. Others are suggesting that if you're careful about side channel attacks, there might be utility to doubling up on encryption algorithms. Although if your adversary has access to your or your counterparty's keys, which is what this latest revelation is about, it's game over. Not sure how to address that, other than don't entirely depend on easily targeted 3rd parties.
I agree that those who are outraged/concerned need to bring this out into the public sphere...however, I think the OP is ignoring the effect of technology here. Even with government surveillance curtailed, they will still have room, with the advent of more powerful computers and infrastructure, to make mistakes...and so individuals should get used to the practice of security, because, unlike a home invasion or breaking the seal of a physical letter, it's much harder to detect when your online privacy has been (inadvertently or maliciously) broken.
While I agree with the author's ideals, I think the comparison between the personal computer with a personal home is not a very good one: computers are not local anymore, they are (very) connected to a global network most of the time; houses are not.
Even in an ideal world where there are no secret government agencies looking through all of my data, I would still seal the envelope of letters I send, and I think cryptography should be treated as at least that. Increased public awareness is a good thing, and if we can trust it that's even better.
This is completely the wrong direction for us to take. We cannot and should not be living in digital fortresses any more than we are living in physical fortresses at home. Our homes are safe from thieves and from government not because they couldn’t get in if they wanted to but because the law and its enforcement prevents them from doing so. All we have to do is minimal physical security (lock the doors when you are out).
Perhaps as a result of growing up in places where locking doors is usually unnecessary, I've never quite understood this argument. If the basis for security is societal norm and legal enforcement, what's the significance of the locked versus unlocked door?
I feel like this attitude is usually an excuse to blame the victim, and disguises the fact that most people are more reliant on the lock than they wish to admit. When your locked car is broken into or stolen, the argument often quickly changes to point out your additional responsibility to use an alarm, a physical theft deterrent device, keep anything that might look valuable out of sight, carry appropriate insurance, and if possible avoid parking on the street.
I worry that the analogy between locked doors and encryption doesn't yield the conclusion the author draws. While in theory privacy can be maintained through change of law, in practice it may need to be guarded with measures appropriate to the level of security desired.
Except that before we reached some kind of protection coming from governments, we lived through thousands of years where governments, kings and lords of any kinds were the masters of life and death of ordinary citizens. Would we have such kind of freedoms and security as we have today if past generations didn't take a stand? I doubt so. If they decided that weapons and violence is the governments thing and resistance is futile, nothing would change.
Rights and freedoms are never granted, they have to be taken. We shouldn't opt-out from our right to privacy and if you stop trying to circumvent governments' spying efforts, you basically opt-out. Even if a single isolated action seems futile, you shouldn't stop doing it, because if you stop, then they'll know that they can do their thing and they can escalate even more.
The only thing that can stop them from escalating, and create enough political or legal climate to change things to grant us privacy, are the actions from ordinary citizens who try to defy, regardless of how futile that seems. If there will be only criminals and enemies who will actively fight and try to avoid total surveillance, then it will be clear that it's a tool specifically against criminals and enemies and it will conclude as the end of the story.
The law doesn't prevent any one, breaking into your home, ask any one (including myself, but came of pretty lightly) who has ever been burgled. The law may or may not protect you after the fact.
The consequences of survalliance and data collection is also in no way comparable to home security. Currently the law in most (if not all western countries), the state has provisions for searching your home too, but requires oversight from a (hopefully) neutral judge.
Short of completely changing the nature of goverments and their agencies operate, nothing will change. As it stands it is up to the individual to protect themselves, which given the general publics understanding of digital security and crypto, is a really bad place to be.
More crypto is not a solution. Is a mitigation, And is something that most of us can do.
There are more things that we all can do. Switching to open source and/or non-US based alternatives will improve also security, and whats more, will hit big companies, that have a louder voice than normal consumers.
And the rise of alternate economies (or even switch to cash when possible) could improve privacy, and if becomes commonplace enough, hit banks, that have the loudest voice of all.
That don't take out that US citizens must do something in the legal level, even if next election is pretty far and anyway odds that the same idiocy shown in previous one (there had been plenty of hints of how bad both of the main candidates would be) is likely to be there again in next one.
Regarding manifestations the occupy movement was an example of what could go wrong there, is easy to infiltrate someone to make the movement look as extremist, terrorist, or whatever, they even had the idea of killing some of the leaders (or what they did with Aaron Swartz). Raising awareness online, in the other hand, is something that could be done, and Schneier is doing exactly that.
Regarding the rest of the world, they must spot their dirty apples (i.e. those workers on telcos than open up things for NSA), and enable people to become less dependant on US network and based services (i.e. providing alternatives, letting (or even encouraging) people install their own servers at their home connection.
Disagreeing with the disagreement. You need both firefighting equipment and insurance, not just one or the other.
So we need laws and checks in place to make sure that there is no unauthorized snooping. And then for those that try to snoop unauthorized (which is as good as undetectable until some acts on the data snooped) we need to make the defense as good as we can.
The analogy with houses and breaking in is faulty because there we can detect something is wrong (in most cases, at least).
Are you USAian? This inability to understand that internet traffic travels over multiple geopolitical jurisdictions seems very particular to a certain sort of American. Unless you're arguing that the UN should set up some sort of world-wide legal framework for spying and/or internet privacy, governmental interference is not going to help.
That being said, everyone should be making it very clear to their respective governmental representative that this problem is unacceptable not just from a personal privacy point of view but because it is inherently destabilising to an phenomenon that is intrinsic to the very nature of modern business and our lives.
We have to all become outraged and start a big and public online and offline campaign to take back the law into the hands of the people and their representatives and away from secret organizations “overseen” by secret courts in a system that goes beyond Kafka’s worst nightmares.
This is not politics. This is wishful thinking. Only a headline from the Onion would read "Politicians change laws to conform with the wishes of a small protest group"
The actual political solution is in bucking the system that's betrayed us.
The approaches are complementary, not contradictory. The more expensive the surveillance is, and the less useful the results, the easier it will be convince the government to let go of it.
And the better we are at drumming up grassroots opposition in the political realm, the more people are likely to use good encryption too.
I hope that the NSA revelations will be the biggest spur ever for use of effective crypto. It's the only effective response we have. The Administration and the Congress aren't going to restore privacy. We don't have a national anti-totalitarian party in the USA. Just the two pro-totalitarian parties.
The NSA's activities are already probably both illegal and unconstitutional. The problem isn't that the laws aren't protecting the people: The problem is the laws are being ignored.
Politicians and co. have made it very clear that they can't be trusted, regardless of the law: Big Brother is determined to watch you.
We need both: Our privacy needs to be enshrined in law; and we need to make it as hard as possible for it to be violated, by use of strong encryption.
Just like it's illegal for people to come into our home uninvited, but we still fit locks to our doors.
It's not one or the other. We have to have both.