[devconsole]

The notion that the government ought to not be allowed into your computer, ever, doesn't seem grounded in either reality or historical precedent.

I didn't intend to argue that. I'm saying that strong anonymity OS's like Tails will force governments to do dragnet surveillance using compromised hardware in order to track suspects down. There is no way to tailor surveillance to an individual using Tails, because it's set up to hide your IP address at the OS level (assuming Tails is implemented correctly).

Assume child molestors begin using Tails or whatever environment that prevents FBI browser exploits from working. What then? There's one recourse: the government can set up your network card to monitor when you're using Tails for unlawful activity. And since it's very difficult to come up with a "footprint" of an individual Tails user, i.e. some way to monitor or attack one specific individual, this is likely to force the government into monitoring all activity. This can be done via compromised hardware, like a network card, which can be remotely configured to monitor memory for specific trigger conditions like "user is running Tails, and main memory contains specific terms for underage children."

Sure, it sounds unlikely right now. But this is the general direction that technology has been headed in. How much ground should we concede in this debate? Is it ethical for a government to be able to subvert someone using strong anonymity tools if it forces them to broadly target everyone using such a tool?

More broadly, what mechanism should we approve of the government using to inject your computer with code? If the government has DMA access to everyone's computer, then that hardware could be configured to monitor which operating system you're using, and only triggered into actively targetting you specifically when certain conditions arise, such as using a strong anonymity tool, or a certain specialized browser that child pornographers also happen to use. Should the government be allowed to be proactive in its hunt for offenders? Are we comfortable with a hardware device watching which OS we're running? There are a lot of issues that seem worth thinking carefully about.

[sliverstorm]

Yeah, it is a damn tough question. Criminals have more tools than ever for operating under the radar, so restricting agents to traditional rules for investigation & surveillance seems like a mistake. But on the other hand, how do you grant increased surveillance capabilities to counter increased covert capabilities, without ruining privacy? Basically, it's like privacy is caught in the crossfire.

[pdkl95]

Criminals have always had lots of tools available to them; by definition, they aren't restricted by law, which opens up many possibilities not available to the rest of society. Nobody ever said police work is (or should be) easy.

Despite that, the answer to how you grant increased surveillance capabilities is easy: you get a warrant.

It isn't a terribly difficult bar to reach - judges will hand out warrants quite easily. We - the citizens - just ask that those asking for such capabilities ask for them (each time...), and at least show they have some minimal sort of reason to want such easily-abused capabilities.

Requiring the warrant therefor shouldn't slow down legitimate investigations more than a trivial amount. If enforced, on the other hand, it does act as a "limiter" to sweeping abuses.