Resident geek, Eadon here. The astonishing information that follows is not my opinion (though I’m guilty of being a conspiracy theorist) but what is reported to be in the Edward Snowden top secret documents, which were leaked to, and reported by, The Guardian newspaper. They’re lefties and wet hypocrites but they did brave work here.
You would think you could trust Microsoft’s Outlook.com, wouldn’t you, that a mega-corp like Microsoft would never betray your confidential emails and other information? And Skype calls, come to that, surely they’re safe from eves dropping without a warrant, aren’t they?
According to leaked top secret documents sprinkled yonder by Edward Snowden, that assumption is false. This is because the documents show that Microsoft collaborates with the US Government (via the (formerly secret) NSA PRISM spying programme) to provide your data to the NSA (the spying-arm of the US Government). Microsoft probably do not want to share your data because it would compromise confidence that people have in their software products and Internet (“Cloud”) services. But the Snowden docs indicate that Microsoft are legally compelled to corroborate with all the spying. It’s not just Microsoft who are compromised, so are Google, Apple and many other US and world-wide organisations (though Google and Apple apparently put up much more resistance before caving in).
Data is normally made safe from spying by a process called encryption. Scary word, but all encryption is is the art of making a message look like meaningless gibberish to anyone but the intended recipients.
How can even encrypted emails data be read as clear as plain text by the US Government, and who knows who else? (The NSA shares its data wholesale with the Israeli Government, for example, according to other recent Snowden revelations).
Geek bit
I will talk some geek stuff, but don’t worry, you can skip over it. It’s just to give an idea of the fun geekiness of it all. Fist we need to know the very basics of how most Internet cryptography works.
The idea is really simple yet really mental. It relies on a feature of prime numbers. Prime numbers are the most enigmatic numbers of them all. They are the number equivalent of atoms, all other numbers can be made from multiplying the prime numbers. Here’s the secret sauce. As far as we know, it is much easier to multiply together two prime numbers than it is to take the result and attempt to figure out what the original prime numbers are. When numbers get really huge, it becomes infeasible (or at least uneconomical in terms of super-computing needed) to crack the prime numbers.
Here is the magic trick. The two prime numbers are the private key. The number they make when multiplied is the public key.
What is bizarre is that if you have a public key you can encrypt text in such a way that you (and third parties) are unable to unencrypt it. The guy with the private key, however, can unencrypt the data, easily.
So, on the web, when you see the little Lock icon in the web browser, the site you trust has sent to you a public key (in a digital packet called a “Certificate”). You do trust a certificate provided by outlook.com or gmail.com, right? Anyway, once you go ahead and send emails via your browser or app, your emails get encrypted then sent into the Internet. At the other end, the corporation then grabs and decrypts your data with their Private key and stores it. (They often feed your data to computer programmes that will then festoon you with those creepy targeted adverts, but that’s another horror story).
But what about data coming back the other way, when you read your emails that were sent to you in encrypted form? It turns out that data encrypted by a Private key can be decrypted by the Public key. It’s clever isn’t it?
Anyway, the NSA has two approaches to spying on your emails and other data. It can use super-computers to attempt to find the prime numbers that are used to make a public key by way of “brute force“. It basically involves this job: compute shed loads of prime numbers until you hit upon the two that can turn your message from gibberish into readable text. That approach is expensive because super-computer time is expensive. So what the NSA PRISM programme likes to do is force the organisations to simply hand a copy of their private keys to the Government! That way the Government gets the Corporations to do their spying for them.
To conclude, Microsoft and others provide the NSA with private keys that can decrypt data that was encrypted using, for example, Microsoft products such as Outlook and Skype – again, according to the Snowden documents.
The upshot is that you can safely assume that ANY internet service will give even your secret data to Governments and perhaps marketing organisations too. The ridiculous and apathetic “nothing to hide nothing to fear” argument is a fallacy, the ubiquitous surveillance breaks our human right to privacy and means we’re really not free citizens. The EU is expensive, it costs us a fortune in our taxes. So what is the EU going to do to put a stop to foreign organisations and governments illegally (human rights violations) spying on our data?
The Snowden documents teach us that, no matter how paranoid you think you are, the truth is the worst case scenario. Big Brother is Crypto-Shafting YOU.
Bogpaper.com 
James, if I may offer a small criticism. There is no right to privacy.
Say that you know a chap is cheating on his wife. He would prefer you keep this private, but does he have a right to this? That is, should you be forced to keep silent about it? But why? He doesn’t own your knowledge that he is having an affair. He doesn’t own your tongue lips and brain, that you might use to communicate your knowledge.
There may not be a right to privacy, but there are property rights however, and privacy is an outgrowth of these. The chap may “buy your silence” in any number of ways, thereby ensuring his privacy is undisturbed. As for proactive privacy measures, the chap may do many things, the simplest of which is closing the curtains. Any such measure will be a function of property.
This is not to excuse spying by the State, of course. But the real reason to oppose State spying is that it is undertaken by the State, an illegitimate institution in the first place.
We should oppose what is called ‘spying’ by private organisations, or individuals, only if such behaviour invades private property. For instance, if you’d found out the chap was having an affair by way of trespassing on his private property. Say breaking in and leaving cameras around the place, or placing a bugging device on his phone, or installing spyware on his laptop, etc.
@Rocco – Firstly let me say that your view that we have no right to privacy goes against human rights. In a world where no one has privacy, then everyone will become conformist to whatever the authorities want. If you in any way do not conform, then the government may hammer you for some dubious law or other, made up or not.
Likewise, the private sector could punish anyone non-conformist character with bloated insurance charges and refuse loans etc.
OK, so then you contradict yourself a bit and say, we do have a right to privacy but only in our own houses.
But, my friend, welcome to the 21st century. We lead much of our lives online and the equivalent of private property is encrypted data. It is our data, yet the worlds governments spy on it, whether it is telephone calls tapping without a warrant, reading our emails without a warrant (encrypted or not) and so on. This is plain wrong. It means that we cannot talk to one another now in private unless we do it face-to-face. Even those that use encryption might be calling attention to themselves and, in the States, for example, find themselves on no-fly lists. (You’re suddenly a terror suspect.).
Freedom and privacy are intimately connected, you can have both or neither.
Did you read George Orwell 1984, because that is exactly where we are headed.
James, you’ve got me all wrong dude.
I didn’t mean we only have privacy in our own homes. I was using property in the fullest sense of the word. Forgive me if I didn’t make that clear. I was just using an everyday sort of example in an attempt to make it simple to understand. Instead of it being a house, say it was an office, and rather than an affair, some sort of formula or whatever. Hopefully that might make my point clearer.
Your quite right that what I said is against human rights. I couldn’t give a monkeys about human rights. Human rights, in the sense of positive rights that is. As in obligations that are imposed on people.
Negative rights, though, those I do like. Those are real. As in, you have the right not to have people rifle through your filing cabinet. You have the right not to have people break into your house and plant listening devices, etc. These rights come from the fact that your filing cabinet is your property, your house is your property etc.
So I didn’t contradict myself. There is no right to privacy. That would be the equivalent of forcing people to be silent where they had made no contract to remain silent. This would be an infringement of their property rights in their own bodies.
And I agree with you. Hacking other peoples emails etc, is wrong. All I meant was that it is wrong, not because of an infringement of a self-standing thing called ‘Privacy’, but because it is an infringement of ‘Property’. Privacy is a function of property.
I had this same discussion with someone on another blog. Essentially, the State, qua market participant, not in official capacity, has every right to everything you have ever made public about yourself which any commercial or eleemosynary entity could also find out, full stop end of. And when it looks to discover private things about you, in whatever capacity they are in whilst seeking to do it, the question becomes one of what they will use the information for.
There may be all sorts of arguments that could be mounted as to who it is that they should investigate, what information to look for, how deeply should they go, etc etc, but these are questions that relate to the practicality of doing it, not to the inherent right to do it in the first place– why person A, who is in this organisation, and not Person B, who is in some other organisation; that sort of thing.
If information which could incriminate someone is developed as a result of an unwarranted (legal as well as common-parlance sense) snooping, and thus is inadmissible against them, the question then becomes, is it prosecution the authorities seek– or can information be used (quite outside the official channels) to influence the behaviour of the person being snooped on? I.E., have the authorities become, in effect, a Big Brother Kray? We all know what THOSE brothers did, with information they had on certain people– Lord Boothby comes to mind– and one wonders, is the State doing the same, and to what end?
If it should just “happen” to “slip” that, occasionally, the authorities listen in, but say nothing, and do nothing, till the time is right to spring it on you, then, as everybody from Sun Tzu to Saul Alinsky to the Kray Brothers will tell you, sometimes the threat of something is worse than if it actually “just happened”; it’s the dread it instils that wears down its victim.
This is what is the bugbear of many people in the whole privacy debate: It’s the not-knowin’, wot’s killin’ ya…
@therealguyfaux – precisely.
@rocco I see your point, but I think guys that think like you do are too trusting, you can’t see the creeping insidious danger. You are god’s gift to totalitarian governments, applauding as the surveillance straitjacket is wrapped around you.
From an earlier post: http://bogpaper.com/2013/06/25/not-even-your-amusing-cat-photos-are-safe/
” see people half-jest that they do not care if governments spy on their cat photos and the like, but this is naïve. Even if you are nonchalantly indifferent about this abject surveillance of you and even of your family and friends, there are submarine dangers. What if a government goes rogue? Don’t laugh, it can happen. We all know how corrupt politicians have become, Gordon Brown’s desperate clinging onto power is evidence of that. Let us say a government declares itself a totalitarian dictatorship (temporarily at first, for the public’s own safety, say, against some threat) then the Dictatorship has enough information at its fingertips to accurately single out – and deal with – all would-be revolutionaries and other trouble makers. Just as in Orwell’s novel, 1984, there would be little chance of a revolution operating without being brutally crushed at the embryonic stage.”
James, as an anarchist, I must say I’m a little put out by the suggestion that I would applaud the State on any matter, or that I trust the State at all, let alone am too trusting.
😥
But look, dude, essentially we agree. We only differ in the philosophical foundations of why we are opposed to all this.
In a nutshell, I believe that what are commonly called “invasions of privacy”, are actually invasions of property.
@Rocco, “invasions of property” – there’s a word for invading property, it is called “trespassing”.
That’s entirely different from privacy. If you conflate trespassing with privacy violation, then whatever you say is simply wrong. They are not the same at all. They are different in terms of the law, in terms of the nature of the violation and in character.
This is very much like the Music Industry redefining copyright violation as “theft” (which is it isn’t) – to suit its purposes.
🙂
No, man, trespassing is exactly the right word. That’s my point. Privacy is dependent upon property.
Say, for example, two chaps are sat on a bench in the middle of town, talking loudly about something or other. Anyone who walks past can hear exactly what is being said. One chap says “you know that Hulk Hogan? I’ve always fancied him. Even though I’m straight and I’m married, I often fantasise about him.”
Now, given the situation as described, this chap could have no complaints about his privacy being invaded if, when he goes to the pub that night, everyone is wearing yellow bandanas and blowing kisses at him, can he?
On the other hand, if these two chaps had been talking to each other in say, a shared hotel room at a work conference, behind closed doors and quietly, and someone had crept in through the window, hid under the bed and heard the Hulk Hogan stuff, and told everyone down the pub – well, then things would be different.
Why? Because in the first case they were in public. Property rights don’t come into it in the first example.
But, in the second example they had paid for the room to be occupied by the two of them only, and the bloke who crept under the bed was not invited – he had committed the crime of trespass, he had invaded their property. If, when he goes down the pub, they’re all blowing kisses at him wearing yellow bandanas and fake handlebar moustaches, and asking him “What are you gonna do?” – he can justly complain that his rights have been infringed. That is, his property rights have been infringed.
I have an expectation of privacy. If I choose to communicate in plain text then I am aware that it can be intercepted and read. This is wrong as I have not authorised that interception, but I accept the reality that if I were to send a postcard to someone then anyone that handled that postcard would be able to read it.
However, if I send data in an encrypted form – the equivalent of sending a sealed envelope through the post – I expect that no-one will be able to see the contents other than the intended recipient.
Having the government intercept and decode my communication is no different to having them opening and reading the contents of an envelope.
I’ve noticed that when I have this discussion with people who aren’t au fait with the technology, some seem to believe that because the communication is electronic one’s expectations should be different in some (unspecified) way.
But when I ask them how they would feel if every letter or parcel they send was to be opened and inspected by a Civil Servant they are mortified at the idea. People seem to feel that electronic communications are somehow not “real” in the same way that physical communications are.
The reality is of course that all governments would enjoy the powers that East Germany used to have, it’s just a question of what they think they can get away with.
Regarding encryption – the NSA are reported to have made a “breakthrough” in de-encryption around 2010. Personally, I’m of the opinion that the difficulties with long integer factorisation won’t have changed in themselves – the NSA aren’t likely to have made some mathematical breakthrough that has eluded the rest of the world’s eggheads.
What I think is more likely is that they have made some breakthrough in computing technology. My money would be on advances in quantum computing. This will have been horribly expensive, but who cares when you can “lose” $2 Trillion from the defence budget (and then have all the paperwork destroyed in the 911 attacks).
Stretching this a bit further, I’m speculating that technical advances may have given practical application to ideas such as Shor’s Algorithm and that the breakthrough was the ability to factor long integers much more quickly.
The answer to this of course is to just use longer keys. A million-fold increase in computing power is easily defeated by moving to 4096 or 8192 bit keys.
Anyway – can you recommend a VPN provider that is using long keys, uses OpenVPN and is based in a jurisdiction that doesn’t have to comply with US or EU court orders?
@simon Love the physical envelope opening analogy.
Regarding the tech breakthrough, if the NSA had developed quantum computers to the point where they could factor massive primes, then that would be absolutely miraculous. If such a quantum beast existed, you can betcha that the US Govt or IBM would be selling the thing, the world wide market out there for such a quantum computer would be hundreds of billions, if not more. Also it would be a scientific and engineering miracle as currently such a machine is considered virtually impossible in the foreseeable future, due to an effect called quantum de-coherence. Also, Snowden would have known about such astonishing tech, almost for sure.
The breakthrough is probably that they are using modified commercial trojan horse silicon chips tech through difficult-to-detect doping techniques (at the factory, or intercepted thereafter). It could also refer to some smarter crytpo-cracking algorithm(s) built into custom NSA chips that are faster at decryption. Also apparently the NSA have been caught meddling with crypto-standards. There is geek talk about how they defined some crypto constants used in some crypto algorithms or some such.
@Rocco – You say ” Privacy is dependent upon property.”
No, Rocco, my friend, you are mistaken, it is not. That is the error of your thinking. Privacy is nothing to do with property. It is two things:
1) A right, a freedom.
2) It is information. How should information about us be shared?
I have already covered the first point, it’s to do with preventing the government from having too much knowledge to crush the opposition, perhaps by foul means.
The second point, information, is this: How should information about us be shared?
Let me give you a counter-example to your example.
Our phones have GPS and also signal triangulation that allows corporations to track our position when we carry our phones with us. Or we are tracked when driving by camerss with number plate recognition. Et cetera. Our names, age and gender also easily obtained from various databases. So a corporation or government could publish this information. So some asshole could use this information to stalk 18 year old girls, for example, with a view to attacking them.
Something similar to this actually happened, where an android app was able to publish information about girls based on their facebook profiles.
Equating privacy with property is a fallacy. Privacy is information, my friend, and we are in dire straits because, read the Art Of War – Information is the most important resource of the warrior – and by extension – corporations and governments. THAT is why there is so much spying going on, and it is a huge threat. By thinking privacy is a property issue is a massive mistake to make, though an understandable one.
James, privacy is surely the restriction of information, no? If I own a swimming pool, I can restrict access to it. But if a swimming pool is in the public domain, I can’t very well complain if people I don’t care for use it, can I?
Now, in your counter example, all the elements are in the public domain.
People knowing where you are: public knowledge. I’m driving about in public. “Oh look, there goes Rocco.”
People knowing our names, age and gender: public knowledge. When I nip to the shop, anyone can see that I’m a man and roughly what age I am. They might ask “who’s that?” and someone might say, “Oh, that’s Rocco”.
Information on the web: public knowledge. “Hi, guys, I’m Rocco and I love Scissorfight!” “Oh look, there’s Rocco. I read that he loves Scissorfight, you know”.
The fact that all this might be collated makes no difference. “Oh look, there’s that bloke Rocco in his car. Don’t you think its undignified for a man his age to be listening to Scissorfight?” “Not really, I too love the ‘fight.”
Rocco,
In your example for “Privacy is dependent upon property”, you describe a conversation taking place in a garden and a hotel room.
May I suggest that your analogy doesn’t quite work, because the “open” conversation scenario could just as easily apply in any public space and the closed scenario takes place in a hotel room – which is not the property or either party to the conversation.
I can sort of see where you are coming from. It’s like an extension of Walter Williams’ description of individual rights emanating from self-ownership. His description works nicely in terms of ownership of self and fruit of your labours (I particularly like his position that we are all partially slaves because the government claims first rights on our output) and one could extend that argument to say that human rights are property rights.
However, if I were to send you a letter in the post, in a sealed envelope – would I have a right to expect privacy? I think I would, but if I’m reading you correctly it seems that you would not.
Interestingly, the government thinks that I have the right to privacy under the Postal Services Act 2000, where it is an offence punishable by up to six months imprisonment to open sealed mail. One could argue of course that this is due to the fact that mail in transit is considered to be the property of the Crown.
Perhaps the solution is for the Post Office to open its own email service!
Simon, you seem to believe I’m anti-privacy. That because I don’t believe in ‘ The Right to Privacy’ , handed down by the State, that I think it’s ok for people to read your letters, emails, etc.
Dude! Seriously. 🙂
To use the letter example. I say it’s wrong for people to intercept and read your mail because it doesn’t belong to them. That is as much as I’m saying. They are wrong to read it, because its not their property, and the owners haven’t given them permission to read it. That is, it comes down to property rights.
To continue –
Someone bugging your phone is wrong because you have not given permission for your property to be used in this fashion.
Someone installing hidden cameras in your home is wrong because you have not given permission for your property to be used in such a fashion.
Etc, etc, etc, etc, etc, ad infinitum.
Perhaps I can make my position clear if I say this: you know how some people say they’re “free speech absolutists”, yeah? Well, I’m a private property absolutist.
Also, the fact that the fellows payed for the room for just the two of them, and the bloke crept in uninvited, absolutely does mean the example is sound.
“privacy is surely the restriction of information”
Now you are starting to get it. It’s not about property, it’s about information.
“I’m driving about in public. “Oh look, there goes Rocco.”
There’s a big difference between someone in the street spotting you, and the EU installing GPS trackers in every car, so that the State can track you. Than Cameras with plate recognition systems that can track you.
“The fact that all this might be collated makes no difference”
You’ve made an amateur mistake here in thinking that. Two words: BIG DATA. Why are governments gathering all this data and putting up so much surveillance? Ask yourself that. It’s not to identify “terrorists” believe me. It’s to control and manipulate the populace. George Orwell, 1984, Rocco, you really need to read it to get an idea of how it works.
There’s no difference if the man in the street does it, as his powers of information gathering are extremely limited. But here the threat is not from individuals spying, it’s governments and corporations.
The NSA has an annual budget of 52 billion dollars. It has turned The Internet, telecoms companies, Software services providers (such as email providers) and cell phone companies into one huge information gathering system.
THAT is a violation of our privacy, because our telephone calls should be private. So should our emails, even unencrypted emails.
I refer you to Simon’s response above. What we have is civil servants listening to our phone calls, reading our emails, watching our Skype calls (not that I use that) and so on. It’s an invasion of our privacy. I’ve already stated many times why this is extremely dangerous.
Dude, firstly, it was you who said “privacy is information”. It’s point 2 of your previous comment. I was correcting your formulation.
And I’m not only just now starting to get it, I’ve been saying it from the beginning. Look at the example of the affair, in my first comment. “You” knew the chap was having an affair. That was information you had, that he would have liked you not to have. He wished to restrict that information. His problem was that he didn’t own “you”, so he couldn’t restrict that information – without “buying your silence”, that is.
Now, in this last comment of yours, all the examples are of overly powerful governments. But like I mentioned, I’m am anarchist James. Of course I oppose this sort of stuff. There’s no need to invoke some mystical notion of ‘privacy’ for me to oppose it.
But to come to the key point.
You say civil servants listening in on our phone calls is an invasion of our privacy. I agree with you. Obviously, I agree with you. But, when it comes to giving a reason as to why it is, you say, effectively, ‘it just is’. It’s a “violation of our privacy, because our telephone calls should be private”. But, James, dude, that’s circular reasoning at its finest. Its an invasion of privacy, because its an invasion of privacy.
Likewise if we depend upon legislation as our guarantor. Yeah, todays EU might back privacy legislation, but maybe tomorrows EU won’t. If we depend for our conception of justice on what politicians happen to say at a certain point in time, we can’t complain if they disagree with us.
Hence, we need a secure foundation. That foundation is property rights.
James and Simon, I propose we break off at this point. I am going to write something on this for next Monday’s Bogpaper. Hopefully, I can convince you, or at least make my position perfectly clear at that time.
Then, if there’s still disagreement, we can discuss it there. And of course, anyone else reading this (it’s not private after all) with queries can join in to.
What do you reckon?
Fine with me.
Sweet.
(Oh, and that’s next Monday, not tomorrow. Tomorrow, I’ve got one on the bag tax.)
Very topical:
http://rt.com/usa/nsa-weak-cryptography-rsa-110/
@Rocco I guess we will have to disagree on pretty much everything. But I can’t let this gem go without comment. You say,
“But, when it comes to giving a reason as to why it is, you say, effectively, ‘it just is’. It’s a “violation of our privacy, because our telephone calls should be private”. But, James, dude, that’s circular reasoning at its finest. Its an invasion of privacy, because its an invasion of privacy.”
@Rocco What are you smoking dude? It’s not circular reasoning any more than saying that a fat man is fat is circular reasoning. It’s a self-evident fact.
An example of circular reasoning would be this: God exists because it says so the bible. The bible must be true because it was written by God.
This: however, is not circular reasoning.
He stole my bike, therefore he committed theft. It’s a self-evident statement.
Hope this helps. If you’re not sure of the difference, then feel free to post here and I can further explain. 🙂
No, James. You said “should be private”. “Should”. So it’s not a statement of fact at all. (A fat man isn’t fat because he *should* be fat.) It’s what’s known as a normative proposition, I believe. You want phone calls to be private, and you want your desire for phone calls to be private to be justifisation for their being private.
The full quote is “THAT [the nsa stuff] is a violation of our
privacy, because our telephone calls should be private”.
The question is: why *should* they be private? Your answer appears to be: because they should be private.
So, Rocco, are you trying to claim that the secret police or civil servants or whoever listening in on our phone calls is somehow not an OBVIOUS invasion of our privacy?
No. I’ve no idea as to why you think I would, James.
Let’s get this straight, my friend, it’s not that I don’t believe in privacy. It’s that I don’t believe in the Right to Privacy.
Think of it like this, James. Left wingers talk about a Right to Work, yes? Now, us free market types reject this right. Why? Because we don’t believe that people should have jobs? No. It’s because we reject the notion of positive rights. We reject ‘rights’ that impose obligations on people. The Right to Work is, in fact, a Duty to Employ.
The alleged Right to Privacy is a positive right. It is, in fact, the Duty to Ignore, or the Duty to Feign Ignorance.