[Dorian-Marie]

The solution should be technical: You don't want to NSA to read your communications: encrypt them (eg: HTTPS everywhere, encryption built-in everywhere). And that's us, builders of technologies, that need to make that happen.

Basically securing against the NSA is the same as securing against hackers, it should be treated as a security threat like any other.

[a3n]

It's not one or the other, and the NSA has demonstrated that it will use all the resources at its disposal to circumvent any technical protection.

The NSA also holds a trump card: the law and the US government. I assume at some point that Congress will pass laws, or the secret court will authorize, compelling every American company to essentially open itself to unfettered access and surveillance. US companies already are subject to NSLs, and the Law of Boiling Frogs suggests that it's only a matter of time until surveillance is openly and explicitly compulsory.

The only long term effective way to cut this off is to cut off the NSA's budget and scale back their efforts. But I also believe that will not happen until the first ski resort opens in hell.

We're burning our own village to save it.

[arca_vorago]

This is why I am increasingly convinced that GPL(v3) is going to become a bastion of hope for privacy. The major problem is that companies want to make money off the software, close it up and proprietize it, and then the gov comes along with a NSL or blackbox or other comprimise and backdoors/weakens the system, and all of a sudden all the customers of the company are vulnerable. FOSS and in particular GPL, is the way around this. Software companies should be selling support, not the software (IMHO).

[nly]

Software can always be disassembled. I'm much more concerned about proprietary firmware and hardware backdoors. You should be too. Another thing also, is that the NSA have been shown to be weakening crypto standards like RNGs and, possibly, ECC. The problem with this is other standards like TLS and such ultimately use this infrastructure and that affects all software, FOSS included.

[arca_vorago]

I agree with you about firmware, but you will notice a very important overlap between the firmware and the software sectors here, in that it tends to be true that you end up with closed software to match the closed hardware (cellphone radio modems having DMA to the same address space as the CPU all under proprietary firmware and software blobs is a good example). I very much agree that we need open hardware, but it doesn't seem to be much of a priority for any of the big players that I am aware of.

Regarding the weakening of crypto standards, this is why I think everyone is wrong when they tell you not to roll your own. Even William Binney (NSA whistleblower) has been saying so recently.

[sitic]

The technical solution can not solve all problems, wikimedia plans to activate HTTPS per default for all users: http://blog.wikimedia.org/2013/08/01/future-https-wikimedia-...

One of the problems is that certain countries block HTTPS (e.g. China), should wikimedia effectively block all chinese users from free knowledge that wikimedia aims to provide? https://en.wikipedia.org/wiki/Censorship_of_Wikipedia

[Dorian-Marie]

Thanks for the link, very interesting that it's a technical limitation for them to not enable HTTPS.

About china, maybe only the IPs from china can use HTTP, maybe only zh.wikipedia.org can use HTTP, ...

I think legal solutions are just temporary fixes, technical ones fix the root of the problem in a more generic way.

[copsarebastards]

I agree that the technical solution is the most important one, but it is a) not a solution we have ready right now, and b) one that will never be 100% effective.

HTTPS everywhere is a good start, but it it does a poor job of defending against the NSA. Certificate authorities are fundamentally broken and users don't have the background knowledge to understand certs or why they are necessary.

Even technical people don't understand this. The last time I saw a post about certificate authorities on hacker news, the top comment was about how most people don't want authentication, they just want encryption. You can't have encryption without authentication: unauthenticated encryption is fundamentally broken. But the user who posted the comment was ignorant of this, and enough other people were ignorant of this that they upvoted his comment to the top.

The solutions proposed also don't address the problem that popular centralized services are bound to be compromised. Even if you're sure you're connecting to Google or Facebook services over a secure connection, Google and Facebook are such high-value targets that they will be compromised by an entity with as much money as the NSA. The defense against this is also technical, but it requires a fundamental shift from centralized to decentralized technologies, and I don't think that's easy or at all ready.

> Basically securing against the NSA is the same as securing against hackers, it should be treated as a security threat like any other.

This drastically understates the attacking power of the NSA.

[zanny]

The problem is how to have fundamental security. We already know or highly suspect the US Fed has backdoors at the hardware level. We cannot see the designs of our hardware because they are proprietary, so we cannot trust them. We start at a disadvantage.

Even discounting that, you cannot trust your firmware, because very few people are running libreboot or equivalently free firmware. Again, backdoors galore for state agencies.

But you solve those and then you need to trust your operating system. Firstly, the vast majority of people use proprietary operating systems. Secondly, even if you use a free operating system (and I mean pathologically free like Trisquel or Parabola) you get a set of security keys included you are meant to be able to trust.

The problem is that the international governmental muscle and influence of the US Fed means it is unlikely you can protect any of these private keys. They are all held by sufficiently large organizations that the US can strongarm them into giving them up, without even resorting to immediate violence.

But I'd feel more comfortable trusting the Arch master keys or the Debian councils keys, because both organizations are multinational collaborations of individuals where the majority can blacklist a compromised member. It sure beats key management by one vulnerable company. So that might work.

It is like how people talk about all this security mumbo-jumbo but all it takes is five minutes with some brass knuckles to get you to spill every password you have ever made. With the knowledge we have and the technology at our disposal the best I can at least do is pray that my OTR conversations over XMPP are secure, given that I have tried to minimize my attack surface on all these fronts, but there is no one solution that I can say "this machine guarantees me my security" because how can I know that the proprietary firmware on my hard drive is not somehow circumventing my dm-crypt layer (it would need some kind of collaboration with the chipset, though, since the keys never touch the disk raw)? I certainly know I cannot trust any hardware encryption at the least, but I don't see anything stopping proprietary motherboards from caching the keys used during hardware SIMD encryption routines (most Intel cpus support hardware accelerated AES 128, for example) in some unseen ROM the user never touches so the NSA can crack the hard drive.

[sheensleeves]

Offense and defense are asymmetric in computer security just as they are in physical security. Offense has the advantage since defense is a thin skin around complex entropy waiting to pop.

I think that the relevant essay is George Orwell, "You and the Atomic Bomb." Just as the 2nd amendment is obsolete due to modern military hardware, privacy is dead if an APT wants in.

Not that I know.

[EthanHeilman]

That is because you have framed offense and defense in that way. If a resourceful attacker's only goal in life is to get access to a particular file on your network connected laptop, the attacker will win. Generally this is not the case, the attacker often wants to:

1. remain undetected over a long period of time, 2. in the face of detection they wish to preserve their anonymity, 3. not be fooled by misinformation, 4. not reveal anything of greater value to them than the value of the file, 5. not open themselves up to reprisals.

This is much harder. While the defender doesn't win short term, a resourceful defender can make the costs to the attacker high enough that future attacks are deterred, the attacker loses, or even that the defender gains more from the attack than they lose. For instance Google in responding to Chinese penetrations via technical, economic, governmental and diplomatic avenues has increased Google's credible deterrence, punished some of the people responsible and increased Google's reputation in the realm of security.

[ignostic]

Do you not remember the Prism program that really got the anti-NSA sentiment running? In that case, they weren't listening for communication. They were compelling private companies to hand it over.

If we go all HTTPS, the NSA will just step up its pressure. Because the warrants can come with gag orders, we'll never know who's giving our data up. Hardware makers, SSL providers, data carriers, and destination servers can all be compelled by the U.S. as long as we allow it to operate as a legitimate authority over our personal data.

[cryoshon]

Technological solutions can't fix the political problem of fascism. I agree that we need to make their life as hard as possible by protecting ourselves, but it isn't enough.

They're always going to have more resources until we rip up the roots they use-- government funding provided by a heavily-surveilled and terrified of blackmail political body.

[jfindley]

There are two issues with this statement.

Firstly - you compare securing against the NSA to securing against "hackers". This massively underestimates the reach and resources of the NSA (or any nation-state actor). You can, to a point, keep out all but the most determined and skilled individuals. You almost certainly cannot keep out the NSA if they really want to target you. Even a physical airgap may not be enough (see: stuxnet).

Your example mentioned HTTPS specifically - how does this help if they can force/compromise the host to give up their TLS keys and MiTM your connection?

Secondly - all this does is encrypt the contents of your communication - it doesn't hide who you are, it doesn't hide who you're talking to, and other metadata besides this (yes, I know metadata is at this point a painfully overused term - sadly I can't think of a good synonym right now). You significantly undervalue how important it is to hide this information from an adversary.

Right now, if a major nation state targets you specifically, you have almost no chance. You'd need perfect operational security to anonymise yourself, encryption that can't be broken by forcing a local entity to surrender the key, and to implement this every time without making a mistake. Some people have managed this, but not very many.

If you're just looking to avoid dragnet surveillance, you're in a bad place too. The information we have suggests that it's the metadata, not the content of the communications, that is stored - and very little of that is hidden by using HTTPS rather than HTTP.

None of that should suggest that HTTPS isn't worthwhile - it very much is. And there's little reason not use use HTTPS everywhere these days. But it won't on it's own protect you very much from the NSA - that's why court cases like this are being raised (though I doubt it'll achieve anything in practice).

[higherpurpose]

Ok, so the solution is technical. Let's say we already have super-strong, super-easy to use and implement crypto-systems.

All we have to do is convince people to use them, keeping in mind 95 percent of users use IMs such as Skype, Hangouts, iMessage, Whatsapp and Facebook Chat. Now all we have to do is get those companies to implement that encryption right? Oh wait, doing that for those companies would be illegal because the law wouldn't be on our side. Now what? Do we go back to convincing people to use obscure "darknet/used by criminals" tools that the government will do its best to denigrate? How much of a chance do you think we have to make those tools used by 80 percent of the population within 5-10 years?

[davidgerard]

There is no reason not to take the legal approach as well. Technologies take effect inside a society.

[belorn]

HTTP/2 could have mandated that it would only be used under a encrypted connection. It could have added opportunistic encryption.

The builders of technologies decided not to go that route. I wish they did, but we can't put all our eggs on the assumption that they will fix the situation for us.

[jimktrains2]

TLS does nothing if the site owners hand over data.

Also, HTTP/2 is a horrible mess already. Encrypted channels should not be part of it. They are something separate and should be specified separately.

[acjohnson55]

That's naive, because at some point, you have to trust the OS you're running and better yet, the hardware you're running on.

[happyscrappy]

There are only two security levels, Mossad and non-Mossad. You cannot win against Mossad. Period. It may be exciting to talk about but you have no chance. Zero. HTTPS everywhere and encryption are only a tiny part of the threat surface.

[7952]

I agree that we need encyption everywhere, although I think the current apporoach of implementing it in client software is not fit for purpose. You constantly see apps making mistakes in how they implement encryption that leave the user vulnerable. Because the data is encypted it is very difficult to validate and moniter.