FBI Hacks Tor Service

Started by Callie Del Noire, September 24, 2013, 01:56:31 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Light Ice

Quote from: ValthazarElite on December 10, 2013, 05:37:15 PM
This is an excellent point, but none of us agreed to a contract letting us know the government would have access to this data. 

If you read those TOS, you'll see explanations for when information can be disseminated to third parties (such as in criminal investigations, certain marketing purposes, etc).  As it stands, Google and many of these other companies claim they were not aware that government had access to their servers, but if they did, many clauses in their TOS have been violated - unless they protected themselves in the contract through broad/vague wording.

The latter is true.  Google, and others, are very well aware that their data is mined by many different organizations.  Governments, really, being the least of which.  Now, granted, your data is safer on Google than it is on your employer's servers (where you log into facebook and other things throughout the day) because Google has a vested interest in keeping your information safe.

There's a few giant, smoking loopholes present in the law (what little there currently is) when it comes to accessing data.  It's really a place where we are terribly behind the curve and consumer/congressional education is so poor in the subject that there simply isn't a solid enough understanding of the digital world to intelligently inform policy makers.

And other questions abound.  One that nobody seems to have brought up is the great halo of "probably cause" when it comes to law enforcement in the US.  Under that little caveat; law enforcement would have a right to that data if they have reason to believe a crime is being committed.  I think they have reason enough when it comes to DeepNet and pornography.  We can at least agree on that little thought, right?

The trouble is that as an IT Professional - I don't understand or even believe people that claim outrage here.  Almost everyone I know is so willy-nilly about what TOS they are signing and what website they're logging into (with same account names and passwords and emails and locations) that I can't take it seriously when people start complaining that Big Brother is watching us.

Hell, it's been legal for the government to watch us for the better part of ten years.  Back then, though, everyone agreed it was in our best interests.  Now that the law got pushed on through and we're starting to learn just what exactly we agreed to - everyone is upset.

Nobody, ever, reads the fine print.

I guess, to be clear, my point is that you shouldn't care because you've already been scouted so intensely that you couldn't imagine what people know about you.  There's a pretty famous case of a woman getting an email from Amazon congratulating her on her new baby (before she knew she was pregnant) because the data from her purchases put her in an expectant mom's ad bracket.

The point is - you've given up all of your privacy already to so many different organizations why is it the government getting in on the fun suddenly concerns you?
An excellent man; he has no enemies; and none of his friends like him.
-Oscar Wilde

Valthazar

Quote from: Light Ice on December 10, 2013, 05:46:58 PMI guess, to be clear, my point is that you shouldn't care because you've already been scouted so intensely that you couldn't imagine what people know about you.  There's a pretty famous case of a woman getting an email from Amazon congratulating her on her new baby (before she knew she was pregnant) because the data from her purchases put her in an expectant mom's ad bracket.

The point is - you've given up all of your privacy already to so many different organizations why is it the government getting in on the fun suddenly concerns you?

I fully agree with this, and I have no issues with search warrants being issued after probable cause is determined.

However, I am concerned about violations of the 4th amendment - which is unique to the role of government.  The fact that the DOJ is able to access our electronic transmissions without a search warrant shows how far behind the times Congress is, as you said, in addition to their total negligence of our Constitutional rights.

http://news.cnet.com/8301-13578_3-57583395-38/doj-we-dont-need-warrants-for-e-mail-facebook-chats/

You're right in comparing the personal implications of the information Google has, to the information the government potentially has.  But you cannot compare the two as being one and the same from a Constitutional or even legal perspective.

Light Ice

Quote from: ValthazarElite on December 10, 2013, 06:17:36 PM

You're right in comparing the personal implications of the information Google has, to the information the government potentially has.  But you cannot compare the two as being one and the same from a Constitutional or even legal perspective.

That's a fair statement and one that I can agree with.  Still, and maybe as an IT Professional I'm jaded.  I've read hundreds of personal emails from employees in the last several years.  I've entered their private accounts.  Outrageous, some say, but when you take employment at many companies some of the fine print on your agreement with them allows them to enter into whatever you do on their time.  If you log into your Facebook on company time, on a company network, chances are their IT Department has hijacked a session you didn't log-out from and browsed around.

We are encouraged, sometimes told, to do this.

So, knowing that Google knows your work schedule, purchasing habits, credit history, bank of choice, meal of choice, TV show of choice, movie of choice, and your work knows all of these things as well - Is there a practical way to keep the government from taking the same liberties?

I guess.  But you'd have to read the fine print on a lot of bills and laws, do a lot of hard work both via voting and activism, and change mechanisms that have been in-place for the better part of the last decade.

I -do- see the principle and agree with it.  But, being a realist in the profession, I cannot see it changing and think energies could be better spent elsewhere.
An excellent man; he has no enemies; and none of his friends like him.
-Oscar Wilde

Callie Del Noire

My issue is this..

If I put a document in a folder and put it in safe/filing cabinet/desk drawer, they need a warrant to get to it. If I had the same document on dropbox, an email, voice mail or on my frigging locked cell phone.. it's the same material and is still as privileged. If I was to take documents with the same impunity the feds assert they can do without due process.. and acted on those things.. they could LOCK ME up.

If it's illegal for me.. it should be illegal for the cops. No double standard.

Electronic data is the same content .. you can't open a persons snail mail without due process.. why should an email be any less private?

Light Ice

Quote from: Callie Del Noire on December 10, 2013, 10:22:01 PM
My issue is this..

If I put a document in a folder and put it in safe/filing cabinet/desk drawer, they need a warrant to get to it. If I had the same document on dropbox, an email, voice mail or on my frigging locked cell phone.. it's the same material and is still as privileged. If I was to take documents with the same impunity the feds assert they can do without due process.. and acted on those things.. they could LOCK ME up.

If it's illegal for me.. it should be illegal for the cops. No double standard.

Electronic data is the same content .. you can't open a persons snail mail without due process.. why should an email be any less private?

Sure, again, I agree with the principle.  There's a lot of issues at play, like I said, regarding probable cause and what you've agreed to via laws signed into place and the TOS you've agreed to.  Many companies even state they openly share all information with the authorities on request (not just subpoena), so there's a lot of that as well.  It's more convoluted then "Hey, it's mine so it's mine."

Because when it comes to data it almost never is -yours-. 
An excellent man; he has no enemies; and none of his friends like him.
-Oscar Wilde

Valthazar

Quote from: Light Ice on December 10, 2013, 10:30:30 PM
Sure, again, I agree with the principle.  There's a lot of issues at play, like I said, regarding probable cause and what you've agreed to via laws signed into place and the TOS you've agreed to.  Many companies even state they openly share all information with the authorities on request (not just subpoena), so there's a lot of that as well.  It's more convoluted then "Hey, it's mine so it's mine."

Because when it comes to data it almost never is -yours-.

You make a good point about negligence on the part of individuals.

Many people see no issue in the fact that instant messaging programs save chatlogs - even if only locally on the person's computer.  I remember when GChat or AIM first came about, it gave a notification to the other person in the chat, that the chat was being logged.  I think once companies realized no one cares, they stopped even putting these warnings.

This is no different from telephone conversations being recorded.  There are 12 states in the US that require both parties in a phone call to be informed that a recording is taking place.  Understandably, most of us would get a little reluctant if we knew a call was being recorded, but perhaps we don't feel the same way for an IM conversation being logged.

Light Ice

Quote from: ValthazarElite on December 10, 2013, 11:10:30 PM
You make a good point about negligence on the part of individuals.

Many people see no issue in the fact that instant messaging programs save chatlogs - even if only locally on the person's computer.  I remember when GChat or AIM first came about, it gave a notification to the other person in the chat, that the chat was being logged.  I think once companies realized no one cares, they stopped even putting these warnings.

This is no different from telephone conversations being recorded.  There are 12 states in the US that require both parties in a phone call to be informed that a recording is taking place.  Understandably, most of us would get a little reluctant if we knew a call was being recorded, but perhaps we don't feel the same way for an IM conversation being logged.

Yeah, this is all extremely well said.  There is a terrible complacency on the part of consumers here when it comes to digital information.  I think, perception wise, people believe some things about their chats, emails, and personal information that isn't actually true in the digital world.  I think people believe that all of those things are as private online as they are in real life.  They say, it has to do with me so obviously it's mine.

But the truth couldn't be further from that scenario. 

Anything you divulge or volunteer on web services typically ends up in the ownership of the provider.  Most providers sell that information to other companies for the purpose of advertising.  Others simply categorize it themselves.  But, regardless, the information itself belongs to them.  They have a legal ownership of it that you signed away when you agreed to use the service.

That makes legislation very difficult.  Consumers are going to have to change their behaviors and complacency if any law protecting their information is going to be pushed forward.
An excellent man; he has no enemies; and none of his friends like him.
-Oscar Wilde

Neysha

Quote from: ValthazarElite on December 10, 2013, 05:37:15 PM
This is an excellent point, but none of us agreed to a contract letting us know the government would have access to this data. 

If you read those TOS, you'll see explanations for when information can be disseminated to third parties (such as in criminal investigations, certain marketing purposes, etc).  As it stands, Google and many of these other companies claim they were not aware that government had access to their servers, but if they did, many clauses in their TOS have been violated - unless they protected themselves in the contract through broad/vague wording.

I've always wondered about the excessive verbiage of TOS and similiar cover your ass type of documentation. I've heard... solely through word of mouth, that some TOS or other legal agreements of that nature aren't nearly as enforceable as believed. I'm sure it depends on the service or program or whatever, but... at the risk of further derailing this thread, I'm wondering just how legally binding these TOS agreements are ultimately. Is it really as simple as if you sign it, you must follow everything they state, because if so, it seems like an easy way to engage in abuse since I'm sure 99% of people barely scan such agreements ultimately before agreeing to them. Or is it simply another mechanism to provide some legal cover to the issuer of the TOS, but still far from some sort of legal immunity granting document.

Wow that was a writhing mess of a response.

Quote from: Light Ice on December 11, 2013, 10:18:15 AM
Yeah, this is all extremely well said.  There is a terrible complacency on the part of consumers here when it comes to digital information.  I think, perception wise, people believe some things about their chats, emails, and personal information that isn't actually true in the digital world.  I think people believe that all of those things are as private online as they are in real life.  They say, it has to do with me so obviously it's mine.

That's an excellent point. I'm definitely one of those complacent types. One can only imagine what would happen to my reputation when they crack open my Elliquiy posting history for example. ;)

Though I am wondering if that Consumer Privacy Bill of Rights concept is going to be applicable to internet usage and privacy and digital rights. I admit I haven't looked into it much.

Quote from: mia h on September 25, 2013, 11:10:32 AMBut could point to exactly where in any of my posts I wrote that you supported the FBI?
If you can't support the allegation that I'm deciding what your opinion is you should apologise.

And I don't care how "polite" it is, where do you get the nerve to tell people what they can and can't respond to?

First off, I will not apologize considering the tone of your response in Post #6 by implying I'm parroting some "Won't you think of the children?" argument when I'm politely asking a fair question. If you wish to intellectually gratify your sensitivity to being disagreed with, go seek some other foil. Nothing you stated in your replies to my questions had anything to do with my question and yet I do not seek succor from you apologizing to me for your intentional ignorance of the very post you were responding to. Furthermore I never told you what you could and couldn't respond too. I merely wished for an answer to my question, which you repeatedly failed to address with your responses directed towards my questions. If you feel it is offensive that I politely ask for my question to be answered by people responding to it, then I will tell you now, I apologize if I offend you, but I will not radically change my behavior so much so as to leave myself open to abuse and misinterpretation without challenge.
My Request Thread
Ons & Offs/Role-Plays Current and Past
FemDex: Index of Fictional Women
F-List Profiles: Constance Carrington, Damashi, SCP6969
Prepare For The Next Eight Years
Find me on Discord at: mnblend6567
Credit for Avatar goes to "LoveandSqualor" on Deviant Art. (and Hayley Williams)

Valthazar

Quote from: Neysha on December 11, 2013, 07:07:35 PM
I've always wondered about the excessive verbiage of TOS and similiar cover your ass type of documentation. I've heard... solely through word of mouth, that some TOS or other legal agreements of that nature aren't nearly as enforceable as believed. I'm sure it depends on the service or program or whatever, but... at the risk of further derailing this thread, I'm wondering just how legally binding these TOS agreements are ultimately. Is it really as simple as if you sign it, you must follow everything they state, because if so, it seems like an easy way to engage in abuse since I'm sure 99% of people barely scan such agreements ultimately before agreeing to them. Or is it simply another mechanism to provide some legal cover to the issuer of the TOS, but still far from some sort of legal immunity granting document.

From what I understand, the enforceability of TOS is based on how reasonably accessible they are to the user, as well as how abundantly clear the terms were made when they first joined.

There was a landmark case called Schnabel v. Trilegiant Corp. where these two people signed up for some paid membership program online, and then when they tried to cancel, they did not receive a full refund as they had assumed.  They took it to court, and Trilegiant (defendant) claimed that they had simply emailed the TOS after the registration, and that the user's continued membership demonstrated their agreement to the TOS.  In the past, this defense would have stood up, but the judge in this case intelligently stated that "shrinkwrap-style" contracts (the kind you see shoved in packages) that are not explicitly provided, may not always stand up in court.

http://www.bna.com/shrinking-relevance-shrinkwrap-b17179869529/

That's why more and more companies now are explicitly showing their TOS right at the beginning of registration, and we need to actually scroll down before the "I agree" button even shows up.  I know a lot of people (including myself at times) just quickly scroll down and click agree, but from what I understand, this particular style of explicit agreement is very much legally binding - unless there is something I am not aware of.

This is also why whenever you update your PS3 or whatever, you have to click 'I agree' each time, to show that you are aware of changes to the TOS.  Same thing with updating your phone apps, and permissions change.

gaggedLouise

#59
A wonderfully goofy quote from a senior judge set to handle requests and appeals relating to military intelligence in Sweden (these issues are as vigorously discussed here as in the U.S., and we're actually providing you with substantial data/listening-in on Russian internet traffic - it's always an exchange of services deal). This snippet of a vrief phone interview sounds like something out of Austin Powers:

"I am unable, of course, to comment on what kind of methods the FRA /military intel snoopers/ make use of in order to bring in their information. That's qualified secret stuff, you see, and if I were to talk around it could be a breach of national security. - Ah, one of our secret phones is buzzing right here, so I will have to end this pleasant conversation. Goodbye."

The "secret phone" cue totally does it. :D

Good girl but bad  -- Proud sister of the amazing, blackberry-sweet Violet Girl

Sometimes bound and cuntrolled, sometimes free and easy 

"I'm a pretty good cook, I'm sitting on my groceries.
Come up to my kitchen, I'll show you my best recipes"