[marcinw]

Quitting social networks and using Tor and PGP isn't going to protect you from a nation-state intelligence agency. To suggest so is laughable and naive. We're not even at amateur hour yet.

You're better off reading Grugq's post[1] on developing good OPSEC, and even then you're far and away from it.

[1] http://grugq.github.io/blog/2013/06/14/you-cant-get-there-fr...

[javajosh]

Did you read the article?! It's a straw-man pointing out that the only way to ensure privacy is with the protection of law:

>If we really want to protect our privacy on the net what we need is more than better technology, we need fundamental changes in our laws and how we enforce the privacy laws we do have. Then, and only then, will we have a fighting chance of keeping our privacy on the Internet.

[bpatrianakos]

You're right but I don't think this very likely. I think changing your online behavior is the only real way to escape surveillance. That basically means either not using the web or only using it when you don't care about who's watching.

Changing the laws and/or enforcing them would be ideal but then it seems we'd end up right where we are again. Part of the reason for the secrecy of these programs isn't only national security but a way to circumvent the laws. From what we know about the current NSA controversy, these programs are mostly legal and being enforced just fine. Courts are ruling in favor of these things. That's not to say a debate over the 4th amendment isn't unreasonable.

Sometimes I feel there's a part of me that believes we could change the laws. The problem may not be our representatives exactly but rather the power that's been given to the military industrial complex. It's like a totally separate government unto itself, creating problems to solve to justify its own existence.

[saraid216]

Yeah, but even that is wrong. It isn't fundamental changes in our laws; it's fundamental changes in the way we interact with our governments. And that's far too much to ask a privacy advocate to do.

[Zigurd]

Foreign state actors are not subject to your national laws. You need to protect your data in depth.

[greyman]

I agree. First of all, what I have read so far, we the "public" don't know the capabilities of that agency, so by definition, you can't know whether some technique will protect you.

Correct me if I am wrong, but a common sense tells me, that if they are able to monitor all Internet traffic, and also can run their own Tor nodes, and also possess software to analyze those big amounts of data that the monitoring will produce, I just can't see how you cannot be ultimately tracked even on Tor.

As I see it, many of those defenses just assume that your adversary is not able to "cache" the whole Internet traffic, and that he also don't have such a strong computer to crack PGP. But relating to nation-state agency, those are already nothing more than assumptions.

Anyway, the points in the article are quite efficient against the lesser capable hackers. It never hurts to put less amount of private data to the Internet, for example.