[go: up one dir, main page]
|
|
Log in / Subscribe / Register

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

[Posted October 4, 2013 by n8willis]

Writing at The Guardian, Bruce Schneier explains in his latest Edward Snowden–related piece that the US National Security Agency (NSA) had tried unsuccessfully to mount an attack against the Tor network, in hopes of bypassing the service's anonymity protections. Nevertheless, the NSA is still able to identify Tor traffic and track individual Tor users (despite not knowing their identities), which can lead to further surveillance. "After identifying an individual Tor user on the internet, the NSA uses its network of secret internet servers to redirect those users to another set of secret internet servers, with the codename FoxAcid, to infect the user's computer. FoxAcid is an NSA system designed to act as a matchmaker between potential targets and attacks developed by the NSA, giving the agency opportunity to launch prepared attacks against their systems." By targeting a Tor user, the agency could then leverage attacks like browser exploits to get into the user's system; nevertheless, so far the design of Tor itself seems to be functioning as planned.

to post comments

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 5, 2013 5:43 UTC (Sat) by renox (guest, #23785) [Link] (7 responses)

That's funny: I remember arguing that using Tor against governments which can monitor networks is shouting "look at me, I have something to hide".
Against such kind of opponent, ,thereare only two real way to be safe: steganography or everybody using encryption(even weak one:it makes monitoring encrypted traffic very difficult).
The first is a pain to use, the second is a dream..

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 5, 2013 10:18 UTC (Sat) by robert_s (subscriber, #42402) [Link] (5 responses)

If you want to conclude that, don't conclude it from this article because it mostly shows the NSA having to attack the browser being unable (at least at this point) to effectively attack Tor itself.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 6, 2013 17:11 UTC (Sun) by rgmoore (✭ supporter ✭, #75) [Link] (1 responses)

I'm not sure that's a correct interpretation. The goal of Tor is to make browsing anonymous so it's impossible to figure out who's doing what. What appears to have happened is that they can now analyze the traffic enough to connect a set of browsing behavior to a particular online persona. That's critical, because it's quite possible to target a specific persona even if you can't yet connect it to a real world person. That they can't do it through Tor is not especially relevant; that they can do it at all is enough to substantially diminish Tor's value.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 7, 2013 16:08 UTC (Mon) by gerv (guest, #3376) [Link]

"What appears to have happened is that they can now analyze the traffic enough to connect a set of browsing behavior to a particular online persona."

As I read the article, the stuff from the NSA is actually lamenting their inability to do this consistently. Where did you get the above from?

Gerv

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 7, 2013 8:29 UTC (Mon) by renox (guest, #23785) [Link] (2 responses)

Have you read the article??
It says that the NSA is able to distinguish Tor's users from other.
So as I said, using Tor is the equivalent of shouting "look at me, I have something to hide" (*), given that there are very few Tor users, I think that it is a really, really bad idea..

*:to be fair: this is only true if the 'opponent' has the ability to monitor Internet traffic.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 7, 2013 8:40 UTC (Mon) by robert_s (subscriber, #42402) [Link]

"It says that the NSA is able to distinguish Tor's users from other."

Interestingly the article didn't touch on obfuscation proxies, whose goal is to make the connections look as much like e.g. https as possible.

I _don't_ think you can necessarily say that it will always be fundamentally impossible to hide ones use of systems like Tor from authorities.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 7, 2013 16:52 UTC (Mon) by mathstuf (subscriber, #69389) [Link]

> given that there are very few Tor users, I think that it is a really, really bad idea.

What is the critical mass of Tor traffic that must be sustained such that the scale would tip over to the other way? I fear it's much higher than 50%, but I'd much prefer this path than dropping Tor (or an equivalent).

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 6, 2013 4:03 UTC (Sun) by drag (guest, #31333) [Link]

> That's funny: I remember arguing that using Tor against governments which can monitor networks is shouting "look at me, I have something to hide".

This isn't a unreasonable sentiment considering that the majority of Tor Project's funding comes from the U.S. Department of Defense (which NSA's parent organization) and the U.S. State Department.

https://www.torproject.org/about/findoc/2012-TorProject-F...

Of course the DoD funds a great many huge number of things, much of it completely innocent. Just something to keep in mind, I guess.

It's good that it's open source so it's feasible to dismiss suspicions.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 5, 2013 6:42 UTC (Sat) by ncm (guest, #165) [Link] (43 responses)

I find it hard to believe that the NSA really experiences this much difficulty monitoring Tor. Last I heard, the CIA and its sock puppets were said to operate a large fraction, maybe even a majority, of the Tor nodes.

As with all pervasive surveillance, the real danger is not prosecution or divulged secrets, but extortion: who knows what you meant to keep secret is your master. This process is developed into a high art both in law enforcement, usually to coerce testimony, or threats of it, against bigger targets, or to suppress inconvenient testimony; and in espionage, compelling action in violation of duties. The methods are equally useful to criminals and to corrupt officials.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 5, 2013 8:43 UTC (Sat) by geertj (guest, #4116) [Link] (37 responses)

> As with all pervasive surveillance, the real danger is not prosecution or divulged secrets, but extortion: who knows what you meant to keep secret is your master.

The Soviets proactively kept databases with compromising materials on on possible opponents, to be used as and when needed. They even have a name for this kind of information: "Kompromat"

https://en.wikipedia.org/wiki/Kompromat

A society where those in power have Kompromat on pretty much everybody (due to the petty crimes we unknowingly commit every day), combined with a law-enforcement system that no concept of "proportionality", is incompatible with Democracy. That is indeed the real issue with the "Total surveillance" world we live in now. And it is not just the US... There's many countries in Europe too where the politicians would *love* to have a similar system.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 5, 2013 9:04 UTC (Sat) by dakas (guest, #88146) [Link] (3 responses)

You paint it as a problem that politicians would love to have a surveillance state. But that's not a problem.

A problem is when they can get it. That requires technical means, and the criminal energy for diverting significant amounts of a country's resources against the people's good: there is a reason the U.S.A. is on the brink of bankruptcy, not because they would bother providing basic second-world life standards to its citizens but because they are focused on mongering empire-level war, terror and surveillance on their own and foreign populations.

Sure, this kind of stuff is the wet dream of other politicians as well, but the point is that there are barriers against them getting it. For example a proper division of powers.

Take a look at Germany: with nice regularity the leading parties pass surveillance laws, and with nice regularity the Supreme Court throws them out again.

Now the U.S.A. has declared itself to be in a continuous state of emergency since sometime in the sixties or seventies or so, so they have unaccountable courts (basically justified like martial law) and unaccountable procedures, using unaccountable funds granted by secret commissions that don't have the technical means to verify the bullshit that the secret service et al sell them.

How about asking your representatives to goddamn put the U.S.A. out of the ridiculous state of national emergency that has been used as a cheap excuse for bypassing constitutional processes for generations already?

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 5, 2013 13:37 UTC (Sat) by raven667 (subscriber, #5198) [Link] (2 responses)

I agree, one problem though is that knowledge of how society used to operate before the cold war is passing out of living memory, its hard to convince people to end "the emergency" when they have known nothing else in their life.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 6, 2013 18:59 UTC (Sun) by ewan (guest, #5533) [Link] (1 responses)

It should be fairly clear to those who have known nothing else that this isn't an emergency, it's normality.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 6, 2013 20:18 UTC (Sun) by raven667 (subscriber, #5198) [Link]

That is my point, since this is now "normal", to propose any changes to it is new uncharted territory, therefore harder to convince people to change, and not a return to "normalcy". It is a radical new world, and most people are not radical.

Kompromat

Posted Oct 5, 2013 22:32 UTC (Sat) by tialaramex (subscriber, #21167) [Link] (17 responses)

Society is complicit in Kompromat too. You can't get any leverage from "the petty crimes we unknowingly commit every day" unless everybody is a hypocrite. And I think we've been getting gradually better at unwinding these hypocrisies since the Victorians.

A transition to a world in which your secrets are merely /embarrassing/ has rendered such Kompromat increasingly worthless. Remember when you could destroy a politician with the mere suggestion that they were homosexual? Not today. And it's not just about legalisation. Cannabis possession remains illegal in the US and UK, but it won't do a new politician much harm to admit to having smoked a spliff if they suspect old friends might say as much anyway.

Facebook means that in 5-10 years new politicians and others entering the public spotlight will almost _all_ have their younger days made available in minute detail without a single spook being involved. But just as we've become inured to death and injury from car crashes by the sheer number of such accidents which happen, we'll be inured to petty tales of infidelity, drug abuse, weird fetishes and minor law-breaking from the back histories of new public figures by the sheer volume of such things.

Reforming laws so that we aren't all committing "petty crimes" every day is a worthwhile goal independent of whether shadowy forces intend to use those crimes against us, but meanwhile I think we've (as much by accident as on purpose) concocted an effective antidote to this poison.

Kompromat

Posted Oct 6, 2013 0:16 UTC (Sun) by khim (subscriber, #9252) [Link] (3 responses)

Remember when you could destroy a politician with the mere suggestion that they were homosexual? Not today.

Sure. Today it's more dangerous to be straight. Then either prostitute or maid can be used.

Reforming laws so that we aren't all committing "petty crimes" every day is a worthwhile goal independent of whether shadowy forces intend to use those crimes against us, but meanwhile I think we've (as much by accident as on purpose) concocted an effective antidote to this poison.

Nope. Different societies have different triggers, but if politician need to go there are enough ways to make him go. US uses maids and prostitutes, other countries may use something else. Even many years old incident can be used.

Frankly I find that amusing: Kompromat was used by politicians yesterday, it's still used by politicians today and it'll be used by politicians tomorrow. In USSR, former and future USA or any other place in the world. The exact transgressions which can be used to destroy someone vary but principle remains unchanged: everyone has some kind of kompromat on them and if you have enough friends in press then anyone can be ruined (unless they have equally well connections, that is). It's not matter of size of transgressions, it's matter of perceptions.

Kompromat

Posted Oct 6, 2013 5:09 UTC (Sun) by tialaramex (subscriber, #21167) [Link] (1 responses)

It might be a bit premature to think Eliot Spitzer finished on the basis of his having resigned from one political office.

Perhaps it will be more illustrative to consider a real example. Take the Chris Huhne situation. Huhne drove a car too quickly about a decade ago. If the secret police had taken note of this fact and kept it on file to use against him that would be laughable, quite worthless as blackmail material. But instead Huhne received a notice through the normal action of the not-at-all-secret police instructing him to identify the driver at the time of the offence. Huhne decided to ask his wife to sign to say she'd driven the car, thereby avoiding the penalty for speeding himself. Some years later Huhne began cheating on the same wife with a colleague. Perhaps our hypothetical secret police if they had discovered _this_ fact could have attempted to blackmail Huhne, but in the end it became public knowledge anyway, without any appreciable impact on Huhne's political career. The resulting divorce did however give the ex-wife a motive to tell the story about the speeding ticket, and in the process implicate both of them in a serious crime - perverting the course of justice. And _that_ forced him to resign, shortly before they were both sent to jail.

Thom Yorke sings "You do it to yourself, just you, and that's what really hurts". Indeed.

Kompromat

Posted Oct 6, 2013 12:02 UTC (Sun) by khim (subscriber, #9252) [Link]

It might be a bit premature to think Eliot Spitzer finished on the basis of his having resigned from one political office.

That was not the goal. The goal was to remove him from position where he can “rock the boat” prematurely (remember that it happened in the first half of 2008 when he tried to start investigation of Wall Street machinations). It worked beautifully. There was never a need to completely destroy him. In fact politicians prefer to work with people they can control with some form of hidden story thus of course Eliot Spitzer is not finished. If he'll do things which work for the other politicians—he'll be respectable politician again, if he'll try to go against the establishment one more time—he can be made to resign easily. What's not to like?

Perhaps it will be more illustrative to consider a real example. Take the Chris Huhne situation.

Well, let's.

blah-blah-blah
And _that_ forced him to resign, shortly before they were both sent to jail.

…right when he tried to attack media mogul Rupert Murdoch.

Thom Yorke sings "You do it to yourself, just you, and that's what really hurts". Indeed.

Well, sure, people are doing stupid things. All the time. Both small, insignificant people and politicians, too. But what makes these acts important years later? It's your choice what to believe in, but I'm yet to see anyone who's free from any minor transgressions and from observations most of them surface “in the most inappropriate time” for politicians. Often many years after the actual transgression happened. Funny, no? Some people believe that there's god, but me… I think it's more like the “hand of God”.

Kompromat

Posted Oct 7, 2013 1:00 UTC (Mon) by tzafrir (subscriber, #11501) [Link]

The issue of Jacob Frenkel wasn't really that he stole a certain item. This would have been forgiven. The issue was that he did not disclose it (which may have been reasonable), and when the issue was raised, he lied about it.

Kompromat

Posted Oct 6, 2013 12:53 UTC (Sun) by rich0 (guest, #55509) [Link] (9 responses)

Couldn't agree more.

I think that the ultimate solution to Kompromat will be the utter destruction of privacy. Kompromat only can exist when there is information asymmetry. If EVERYBODY knows EVERYTHING about EVERYBODY then it simply can't exist at all.

We should all be mounting cameras on our homes and cars, archiving all footage and publishing it on the internet, and mining the video for facial recognition and number identification and uploading that data to distributed public databases. Then everybody can look up the activities of anybody and we'll all have to come to grips with the fact that everybody does stuff that nobody talks about in public today.

Kompromat

Posted Oct 6, 2013 13:56 UTC (Sun) by khim (subscriber, #9252) [Link]

If EVERYBODY knows EVERYTHING about EVERYBODY then it simply can't exist at all.

But everybody can't know everything! You can only know and remember so much. Which means that even if all information is in the open you still can affect who's transgressions will be discussed in press at what times.

Kompromat

Posted Oct 7, 2013 9:59 UTC (Mon) by etienne (guest, #25256) [Link]

> If EVERYBODY knows EVERYTHING about EVERYBODY then it simply can't exist at all.

The problem is "to know", it implies being able to verify the information - googling is not enough, checking only by reading stuff on the net is not enough.
It is too easy to delete or fabricate stuff on the net, it is even not too difficult to identify you and give you only what you "need to read".

Kompromat

Posted Oct 7, 2013 11:15 UTC (Mon) by micka (subscriber, #38720) [Link]

It's not enough, because there are still times when you can do something that's can be hidden and revealed later.
Please also install webcams in your bedroom, toilets and bathroom.

Kompromat

Posted Oct 7, 2013 21:01 UTC (Mon) by nix (subscriber, #2304) [Link] (5 responses)

That works great! I'm sure you won't mind everyone, including all your exes and enemies, knowing your passwords, bank account details and PIN, home address...

Jeremy Clarkson thought just as you did once. He published enough in a national newspaper that someone was able to forge transactions in his name. He recanted.

Kompromat

Posted Oct 8, 2013 15:42 UTC (Tue) by nye (subscriber, #51576) [Link] (4 responses)

>Jeremy Clarkson thought just as you did once. He published enough in a national newspaper that someone was able to forge transactions in his name. He recanted.

This isn't strictly accurate.

He published his bank account number and sort code - two things which are required if you want to receive a BACS transfer, and which are therefore largely public knowledge for a great number of people and organisations.

At the same time, it happens that the Direct Debit system is designed *intentionally* without any technical security. This is a deliberate decision made in consideration of the trade-offs involved: rather than make every DD transaction difficult to perform, a DD mandate can be made without any ID checks - all that's required is a way to identify the source account. That is to say, the information required to set up a Direct Debit *from* an account is exactly the same as the information required if you want to receive bank transfers *to* an account.

The regulations require all DD transactions to be reversed on demand without argument - ie. rather than trying to *prevent* fraud, the system focusses on being able to *undo* it. In principle, this gives an incentive to companies setting up DD mandates to identify that the person setting it up has the authority to do so, since they are on the hook for any fraudulent activity. This contrasts with attempts to make the security a technical part of the transfer system - in essence, the DD system specifies mechanism, not policy.

Now it is true that many organisations perform little or no verification, and there is therefore a reasonably high rate of low-value DD fraud, however the impact is minimised because the victim can readily reclaim the money lost. In Clarkson's case, the recipient organisation was at fault for not adequately checking that the DD mandate was legally authorised, however Clarkson chose not to make the chargeback since it was a charity that cares for fluffy animals or something, and it would make him look bad.

In practice, I'm in agreement with those who think the economic cost of DD fraud is less than the economic stimulation that comes from making transfers so easy. And the very fact that so many companies are lax at verification bears this out - if the cost of dealing with DD fraud were all that high in comparison, they'd quickly start to implement extra checks.

To me this seams like a neat illustration of some security principles - if the cost of implementing perfect security is higher than the loss from imperfect security, then it's not worth it: worse is better.

(PS. I could be wrong, but the post you're replying to seemed to me to be satire.)

Clarkson

Posted Oct 11, 2013 9:14 UTC (Fri) by tialaramex (subscriber, #21167) [Link] (3 responses)

The choice of giving Clarkson's money to a charity was not accident either. There was no way to benefit from this without giving away who you were. Even the charity donation was technically fraud, if the person who wrote out the paperwork could be identified they could do time for it.

Real world criminal fraud using account numbers was mostly cheque fraud, which is now on its last legs as are cheques. You take the victim's account number and print it on convincing-looking cheques, then you use those cheques to buy stuff that can be efficiently disposed of and convert them into cash.

If the victim is smart and the criminals careless there's a good chance the victim can get their money back in that scenario too by disputing the cheques, which will prove not to contain their signature. In this case though the retailer eats the costs, not a millionaire TV presenter or a vast uncaring bank. That sort of problem is why cheques are obsolete.

Clarkson

Posted Oct 11, 2013 14:39 UTC (Fri) by Cyberax (✭ supporter ✭, #52523) [Link] (2 responses)

But we are getting resurgence of this with the credit card fraud. And retailers also have to bear its costs.

Clarkson

Posted Oct 11, 2013 16:18 UTC (Fri) by mathstuf (subscriber, #69389) [Link]

The fact that very few retailers check your ID even when the card says "Check ID" where the signature goes doesn't help this. Nevermind larger stores where you don't even *show* the card to anyone else: just slide it on the console, press a button or two, and scribble something down.

Clarkson

Posted Oct 12, 2013 18:09 UTC (Sat) by tialaramex (subscriber, #21167) [Link]

A person's bank account number and sort code don't meaningfully help to perform credit card fraud.

In a country stuck with 1970s credit cards you need the card number (which is distinct from the account number so that multiple cards can be issued).

In a country with EMV deployment most fraud moves to card-not-present, which is based on a card number and a 3-4 digit code from the signature side of the card. So again not the account number and sort code.

Kompromat

Posted Oct 7, 2013 13:11 UTC (Mon) by pboddie (guest, #50784) [Link] (2 responses)

You can't get any leverage from "the petty crimes we unknowingly commit every day" unless everybody is a hypocrite.

This is a good point, but it isn't the complete picture.

A transition to a world in which your secrets are merely /embarrassing/ has rendered such Kompromat increasingly worthless. Remember when you could destroy a politician with the mere suggestion that they were homosexual? Not today.

Maybe not in the UK, but in plenty of places in the world you still can.

One thing that has become more widely known in recent years is how some things that perhaps only surface years or decades after they occurred were effectively "public secrets": potentially large numbers of people know about the private details, activities or behaviour of individuals, with people in particular certain circles (media, politics) being especially well informed. Such information isn't immediately published despite its potential for newspaper sales because of the libel risk, but it may very well be the case that the leverage it buys the media is worth more.

And as I'm sure you know very well, political careers in the UK are less likely to be ended by significant political transgressions (lying to parliament about starting wars, for instance) than news that someone has broken a much less significant rule or promise, chosen almost arbitrarily by a bunch of people who have decided that they don't want to play with that person any more.

Facebook extends the "who knew that X was doing Y" audience, but nothing will come of it until people decide that it serves their purpose to use it as leverage. Even if Y is legal and widely seen as acceptable behaviour, it might still be sensitive enough in certain contexts to be considered leverage material some day. As you say, hypocrisy plays a big role, and transparency doesn't always protect even the innocent from its effects.

Kompromat

Posted Oct 7, 2013 20:12 UTC (Mon) by dlang (guest, #313) [Link] (1 responses)

don't forget the situation where changing definitions of what's "socially acceptable" mean that something that was no big deal 50 years ago is now grounds for political lynching.

Kompromat

Posted Oct 7, 2013 23:50 UTC (Mon) by pboddie (guest, #50784) [Link]

Yes, tolerance cuts both ways. Also, societies can progress and regress. One cannot assume that something at one point in time might be considered acceptable in the future. Consider how even well-regarded historical figures can have aspects of their lives that justifiably offend sensibilities today.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 6, 2013 4:23 UTC (Sun) by drag (guest, #31333) [Link] (1 responses)

The model practiced by East Germany was probably the most effective one when controlling populations.

The idea is that you hire or otherwise coerce a significant portion of the population to spy on another part of the population, but you do not tell them who any of the spies are.

The person you could be told to watch could be another government spy. It could be a government spy from a different government. It could be a real threat, or it could be a test of your loyalty. People can also be made to spy on you. Maybe the guy you are suppose to monitor is suppose to monitor you right back. You are made to have no idea. This provides a very effective means to paralyze any sort of opposition movement.

...

However, at a certain point it becomes nearly impossible to tell the difference between incompetency and maliciousness in government when it all reaches a big enough scale. I think we are at that point now.

Historically, a significant number of the conspiracies committed by the USA government against the public in the past were done to simply cover up bad decision making and the damage this idiocy has caused to the USA.

I mean, seriously, when you are a director of the NSA and you think that making your office look like this is a good idea...:

http://www.pbs.org/newshour/rundown/2013/09/nsa-director-...

You are not playing with a full deck here. The apparent fact that he regularly used it to show off to other government officials and their typical reaction was to get excited and want to sit in the captain's chair (rather then recoiling in the horror at the insanity) just means that most people that high up are as confused, deluded, and as stupid as he is.

Scary actually that anybody takes these people seriously, much less give them a budget of billions and put them in charge of one of the most powerful organizations of all of human history.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 7, 2013 15:13 UTC (Mon) by k8to (guest, #15413) [Link]

I'm not sure why you think he's insane when "self absorbed jerk" would explain the choice of decor just as well.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 6, 2013 9:33 UTC (Sun) by danielpf (guest, #4723) [Link] (12 responses)

> There's many countries in Europe too where the politicians would *love* to
> have a similar system.

The problem is that the power of Kompromat is actually in the hands of the secret services, which may decide to use it to control the politicians, or any other entities with power (justice, finance, etc.). Vladimir Putin was a KGB high officer, with just the kind of background to succeed in politics because he knows also how to control the secret services.

The USA now face the same problem than USSR, their secret services are in position to take control of the whole country.

Hang 'em

Posted Oct 6, 2013 18:52 UTC (Sun) by rogblake (guest, #18258) [Link] (7 responses)

I believe that what needs to happen is to try the NSA heads for treason and (upon being found guilty) put them to death.

I know this sounds radical, but through its actions the NSA has essentially declared war against the American people and has become the enemy within. Utterly treasonous actions. Putting Keith Alexander and his henchmen to death would send the strongest possible signal to those who would work towards erecting this type of police-state infrastructure in the U.S.

This is the type of heinous crime that the death penalty is quite appropriate for. Not that I think there is much chance of actually implementing this happy plan.

Hang 'em

Posted Oct 7, 2013 5:31 UTC (Mon) by gmaxwell (guest, #30048) [Link] (5 responses)

Treason is too much for someone who can really honestly claim to have been acting in the interest of "the people", even if his actions were confused and unlawful.

But... a simple charge for lying to congress sure would be nice. Perjury or contempt of congress.

Hang 'em

Posted Oct 8, 2013 0:22 UTC (Tue) by filteredperception (guest, #5692) [Link] (4 responses)

"
Treason is too much for someone who can really honestly claim to have been acting in the interest of "the people", even if his actions were confused and unlawful.
"

No, it's really not. The purpose of having the trial, that thing called due process, is to allow the case for the prosecution and the case for the defence to collide, and see which is left standing under the cold light of due process. Maybe the defendant can persuade the judge/jury/public that they made an honest mistake that should be forgiven. Or maybe the judge/jury/public decides that the "just following orders I didn't understand" is not enough of a defence given the gravity of the crime.

The crimes going on are extremely grave. I'm ready to start filling some fresh graves over this.

Hang 'em

Posted Oct 8, 2013 12:08 UTC (Tue) by mpr22 (subscriber, #60784) [Link]

Treason's quite a narrow charge (and has specialized rules of evidence) in the USA. Article III, Section 3 of the United States Constitution:

Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort. No Person shall be convicted of Treason unless on the Testimony of two Witnesses to the same overt Act, or on Confession in open Court.

Unless you can get them to confess (and why would they confess to a capital crime?), it's probably easier to look elsewhere in the law for something suitably serious to charge them with.

Hang 'em

Posted Oct 8, 2013 16:32 UTC (Tue) by hummassa (guest, #307) [Link] (2 responses)

Let me try to understand you, and try not to be offended, but...

You are proposing to hang/kill (remove the right to live) from a person because that person wants to remove your right to privacy, because you and that person believe that said rights are important for the maintaining of a ficctional entity called "king and country"?

Can you, after being mad at me, and counting to ten thousand to calm down, see how stupid this sounds? And how inneffective? Because after you hang them, you are certainly infringing the rights that people think are more important than the ones you are defending, and you are the next logical candidate to the noose?

The effective measure is to nullify the damage they incur: to dismantle every single instance of the vigilance apparatus. For that, you would have to forbid all kinds of log-keeping after a sort time, and penalize electronic communication violations.

Take away their toys, and keep them alive. Just like that.

Hang 'em

Posted Oct 18, 2013 17:18 UTC (Fri) by filteredperception (guest, #5692) [Link] (1 responses)

"Can you ... see how stupid this sounds? And how inneffective? Because after you hang them, you are certainly infringing the rights that people think are more important than the ones you are defending, and you are the next logical candidate to the noose?"

disclaimer: I happen to be a "spiritual person". But for some reason, after 38 years living in the U.S., the "spirit" I have found, is that terroristic insanity is how one gets results. Hyperbole works. Threats of physical violence, credible or not work. I've come to this point, after debatably delusional beliefs that my particular position in society (related closely to a powerful person), and particular interests (see past LWN articles on a zealous history of pursuing the ability to reproducably and automatedly be able to rebuild RHEL/CentOS from source as a user, such that trust in 3rd party binaries (with alleged matching source available) is not required.

After I made comments on a linux mailinglist about setting myself on fire to protest GoogleFiber's server ban, the next day an anonymous coward on slashdot leaked comments from a Google all hands meeting where the CEO "repeatedly needled" the CFO about the server ban. A day after I made assassination threats against Hillary Clinton pseudo-anonymously on slashdot (and another random low-uid misogynist asshole on slashdot), I discover that Google finally partially reversed their server ban. I still believe that the 'rightness' of my arguments (voltairre quote comes to my minds background), will make me win the day. But I believe that very powerful moneyed interests have committed at least hundreds of crimes against me over the past 10 years to discredit me. I wrote a self published book about it.

A person can only be pushed so far, before the animal decides that insane violence, or at least the threat of it, is the only realistic response left to them. I believe my position in society and personality have allowed me to glimpse the dark days ahead, if the folks like Keith Alexander, and Obama (though I wouldn't kill him, just cuz he's black, even though I'm white) get the punishment they deserve and need to prevent the kind of psychotic damage I have had to endure.

https://lwn.net/Articles/569511/#Comments
http://cloudsession.com/dawg/downloads/misc/kag-draft-2k1...

$0.02...

Hang 'em

Posted Oct 18, 2013 17:20 UTC (Fri) by filteredperception (guest, #5692) [Link]

oops, cut and paste error, I meant to paste this link, which shows that I am not the complete lone wolf I was this time last year-

https://news.ycombinator.com/threads?id=rsingel

Hang 'em

Posted Oct 8, 2013 10:51 UTC (Tue) by rmayr (subscriber, #16880) [Link]

While I don't believe in death sentences, I would like to add that the NSA has not only declared war on US citizens, but even more so on the rest of the world. As a non-US-citizen, I find it completely unacceptable that US institutions actively attack computer systems (Tor user attacks e.g.) in other countries and think it is OK because they are not explicitly targeting their own citizens with it.

How about putting the NSA heads in front of the International Court of Justice? Ah yes, the US no longer accepts its jurisdiction... Or just revoke the decision maker's US citizenship and see which other country would grant them a new one.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 6, 2013 19:11 UTC (Sun) by ncm (guest, #165) [Link] (3 responses)

I would be interested in evidence that this has not already occurred. Keith Alexander's continued freedom suggests that it has. Or does it only count as a takeover when they stop trying to hide it?

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 6, 2013 23:27 UTC (Sun) by dakas (guest, #88146) [Link] (2 responses)

Keith Alexander's main recognized felony would seem to be just perjury rather than conspiring against the constitution.

For perjury in high-level positions, the designated prosecutor would be the Attorney General. Attorney General Eric Holder has lied a lot under oath to congress himself. He is not interested in having perjury dealt with as law and propriety would demand.

When the trial against Ellsberg for the release of the Pentagon papers was thrown out of court, the judge stated: "The totality of the circumstances of this case which I have only briefly sketched offend a sense of justice. The bizarre events have incurably infected the prosecution of this case."

Unfortunately, the bizarre events surrounding its head Eric Holder nowadays have incurably infected the ability of the Department of Justice to prosecute felonies committed by government officials.

Why would Holder want to anger his fellow cronies?

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 7, 2013 4:27 UTC (Mon) by drag (guest, #31333) [Link] (1 responses)

Everybody that is in a position to do anything about the NSA are their main supporters.

The president loves them, the people that are put in charge of the oversight committee over the NSA and DoD operations are the people that publicly denounce the media for 'misrepresenting' the NSA.

They all love and support the NSA.

I only hope this will help our European friends understand why Americans can hate and distrust their own government so much.

Hate and Distrust

Posted Oct 8, 2013 11:52 UTC (Tue) by man_ls (guest, #15091) [Link]

We already understand this. But as you can see, hate and distrust doesn't help much to put reins in a government. Nor did it help our Eastern European friends.

I really hope that our US friends can learn something about belling the cat before even worse things come to happen.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 7, 2013 7:31 UTC (Mon) by dannyobrien (subscriber, #25583) [Link] (4 responses)

Do you have a cite for the idea that the CIA run a large fraction or majority of Tor's nodes?

As somebody who helps run one of the larger ones (and given that the Snowden documents explicitly reject this as a strategy), I'd be interested in knowing your evidence.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 7, 2013 10:02 UTC (Mon) by njwhite (guest, #51848) [Link]

I haven't heard any real evidence on this either, and as you say the leaked documents state otherwise.

They also stated that the agencies investigated the possibility of using many nodes to do the sort of attacks that have long been theoretically known about, but they didn't prove fruitful. Which I was very pleased to discover.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 8, 2013 20:48 UTC (Tue) by ncm (guest, #165) [Link] (2 responses)

I haven't looked into it in detail, but over past years have periodically encountered reports such as

http://boingboing.net/2012/07/26/tor-project-considers-co...
http://www.networkworld.com/community/blog/no-conspiracy-...

Are there are more exit nodes than once were? Or does increased https traffic make exit nodes less greppable?

Maybe we can rest easy knowing the NSA, CIA, and FBI all despise one anothers' respective guts, and would rather gouge out their own eyes than share data without something in return? And that none of them has entirely taken over because, like crabs in a bucket, the others would yank it down? That feels a little better, but I'm not feeling entirely reassured.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 9, 2013 5:51 UTC (Wed) by dannyobrien (subscriber, #25583) [Link] (1 responses)

Neither of those articles support the assertion "Last I heard, the CIA and its sock puppets were said to operate a large fraction, maybe even a majority, of the Tor nodes.".

One is talking about the Tor Project paying for nodes, the other is saying that Tor's original design brief was as an anonymity providing service for for DoD/US intelligence agents.

Attacking Tor: how the NSA targets users' online anonymity (The Guardian)

Posted Oct 9, 2013 11:06 UTC (Wed) by hummassa (guest, #307) [Link]

The subtext conspiracy theory being that "we will pay for exit nodes so that we can expunge the old, sock puppet ones."


Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds