Government in Chatting

Qion

Qion

Uber Nothing
I had a quite scary thought the other day. That thought was the government tracing or not tracing every single AIM conversation that goes on. Either way it's scary: If the government doesn't track the convo's, think of how easy it would be for terrorists to plan something without our countries' knowledge. If they do track the convo's, then think about how much personal information they see every day. Basicly what I'm asking is an opion.

Do you think the government plays in on all the chatting?
 
I wouldn't put it past them to at least make the attempt. If you recall a few years ago their project Carnivore and the attempt to scan all emails for 'suspect' words (which I promptly added to my signature line on all emails). They are prone to try anything in the name of "Homeland Security" (for those of us in the US. Other countries have their own programs, no doubt).

The rule seems to be that they'll try anything they can think of. No matter how far out there. For the citizens, paranoia is just good policy and privacy should not be an option.

History has proven that most great civilizations are destroyed by corruption from within. We never seem to learn from it.
 
Why care about the Internet? In every single city and at all times of the day, even as you read this, government agents are trolling the streets. They have a hawk-like gaze and simply watch you. They wait and watch. Then, for the unlucky, usually when they are unaware, these stormtroopers swoop down and snatch them up. Every day, thousands of people (!) are 'disappeared' to their extremely numerous centers. There, people are often locked in cages, like zoo animals. It's unbelievable they operate in plain sight and call themselves cops. Cops, I tells you.

You can read up on the FBI's Carnivore system (which was abandoned this year in favour of existing commercial products that do the same thing. There is, of course, also the NSA's ECHELON system, which operates under far less oversight. I'm not too concerned about ECHELON, though. You'd have to be up to some pretty scary stuff to attract their attention and they'd be just as likely to drop a bomb on you than arrest you. One must presume that other agencies have working systems right now and that other governments either have such systems or are investigating them, too.

You should note that in order to start capturing your emails, the FBI (or other police agency) would have to seek a court order before they could begin sniffing your traffic. Furthermore, if you were to go to court, the method in which this court order was sought would be open to challenge; if they said you were a terrorist, but busted you for p2p file sharing, the warrant probably wouldn't hold water.

The threat to privacy has never been greater than today. Computers have made it easier to sort through data and flag people for greater scrutiny. Abuses are becoming a major problem. I resent that I have no confidence in my online privacy and I personally don't think it's made things safer or better. But I don't lose any sleep over my IM transcripts.

I'm way more concerned about the eleventy-kajillion cameras they have now. A guy can't scratch his arse now without someone watching.
 
Well .. if you want to encrypt your AIMs, OTR proxy is your friend. In 10.4 it'll work just in Adium, but still .. .you can make it require encrypted messaging. Works fine as long as you both encrypt AIM.
 
In the US, they do need a court order. Other countries? I am not sure. The internet is international, so I use encryption to be on the safe side.
 
NB: otr is built into adium from the 0.8 release that came out the other day, thus no need to fiddle with adding a proxy.
 
It would surprise me if they haven't been checking on everything that goes on the web anyway,didn't the U.S. military build it in the first place.(plutonium) But alas I'm not the paranoid type so if they ever find my chatter interesting no one would be more amazed than me.(uranium) Really the ones who should worry are the nefarious riff raff that think violence is the only solution.
 
Encryption isn't a solution. In fact, encrypted IM may actually send some flags flying since most normal people don't encrypt their IM messages. Only terrorists, criminals, and pedophiles do such things.

Unless you have something to hide, even if you have something to hide, don't ever use encrypted IM. It just attracts loads of attention.

If you want to circumvent eavesdropping, have a look at steganography. It is basically hiding information in plain sight. Definitely much more secure than merely encrypting your IM messages, IMHO. Encrypt a message in some image (JPEGs do nicely), and send them to your friends. Unless they know to look, the message is very unlikely to be found.

Of course, this works well for emails. For IM perhaps something similar could be done if people were paranoid enough... :)
 
Viro, I apologize for taking some liberties...
Using an envelope isn't a solution. In fact, sending letters in envelopes may actually send some flags flying since most normal people use post cards for their mail. Only terrorists, criminals, and pedophiles do such things.

Unless you have something to hide, even if you have something to hide, don't ever use envelopes. It just attracts loads of attention.
Click to expand...
While everything that Viro says is 100% true, there are plenty of legitimate reasons to use encryption for normal people. The problem is that as long as only a tiny proportion of encrypted messages are legitimate and the rest are drug barrons, bomb plotters and child molesters, we have a problem.

Remember that SSL is used legitimately every day by huge proportion of Internet users (https) and uses the same technique to protect your communication. Why it should be okay and IM encryption shouldn't is beyond me.
 
Want to know what is scarier than having the government watching you?

The AIM Terms of Service:

Content You Post
You may only post Content that you created or which the owner of the Content has given you. You may not post or distribute Content that is illegal or that violates these Terms of Service. By posting or submitting Content on any AIM Product, you represent and warrant that (i) you own all the rights to this Content or are authorized to use and distribute this Content on the AIM Product and (ii) this Content does not and will not infringe any copyright or any other third-party right nor violate any applicable law or regulation.

Although you or the owner of the Content retain ownership of all right, title and interest in Content that you post to any AIM Product, AOL owns all right, title and interest in any compilation, collective work or other derivative work created by AOL using or incorporating this Content. In addition, by posting Content on an AIM Product, you grant AOL, its parent, affiliates, subsidiaries, assigns, agents and licensees the irrevocable, perpetual, worldwide right to reproduce, display, perform, distribute, adapt and promote this Content in any medium. You waive any right to privacy. You waive any right to inspect or approve uses of the Content or to be compensated for any such uses.
Click to expand...
 
Andrew Adamson said:
Viro, I apologize for taking some liberties...While everything that Viro says is 100% true, there are plenty of legitimate reasons to use encryption for normal people. The problem is that as long as only a tiny proportion of encrypted messages are legitimate and the rest are drug barrons, bomb plotters and child molesters, we have a problem.

Remember that SSL is used legitimately every day by huge proportion of Internet users (https) and uses the same technique to protect your communication. Why it should be okay and IM encryption shouldn't is beyond me.
Click to expand...

Err.... I think you misunderstand me. I wasn't railing at encryption per se. It was encrypted IM. Big difference there. HTTPS traffic is fine since practically all online business transactions use it. No one is going to sit down and monitor it to try and decipher the contents of such packets. There are just to many flying around and usually contains just credit card information. Something of interest to crackers, but of no real use to government agencies.

Encrypting IM and emails on the other hand will cause some warning lights to flash if every detected. That was the point of my post. I don't think it's quite the same as an envelope :). The envelope is more like the TCP/IP packet headers. The contents still aren't secure, just wrapped up in something. Just like the envelop it doesn't secure the contained message.

If someone were monitoring mail (hello... Chinese government), sending an encrypted letter in an envelop is a sure fire way to raise flags and have that letter thoroughly analyzed.
 
Viro said:
HTTPS traffic is fine since practically all online business transactions use it. No one is going to sit down and monitor it to try and decipher the contents of such packets. There are just to many flying around and usually contains just credit card information.
Click to expand...
And that's my point right there. If encryption of any kind were employed in AIM (which I don't use) or MS IM (which I do) by a LOT of people, it wouldn't be an issue for anyone. Safety in numbers. One of the herd. Etc. But now, no one does. So now it's a high-risk activity? You're right. But it is something that should be changed.
Viro said:
Something of interest to crackers, but of no real use to government agencies.
Click to expand...
That's a presumption on your part. Who's to say that criminals/terrorists aren't using SSL to post to their own servers now?

Viro said:
Encrypting IM and emails on the other hand will cause some warning lights to flash if every detected. That was the point of my post.
Click to expand...
I understood your post. And you are right. If a diamond thief in Chicago, a terrorist in Jiddah or (unfortunately) a dissident in Shanghai is using encrypted IM, and it passes through a police filter, it would probably add to his problems. But I'm a regular Joe. I live in Japan. I have family and financial interests in Canada. I have a right to protect my communications insofar as no government (Japan and Canada included) wants to see my life ruined by a cracker.

What all this boils down to for me is this: 'having nothing to hide' shouldn't mean 'being required to let everything hang out'. Legally speaking, there is no difference between the expectation of privacy in giving your credit card information to an Internet vendor via a web site or talking about a medical condition with a family member via IM. But what you are saying is that while the credit card transaction is safe to encrypt, you'd be better off chatting about your explosive diarrhea in plain text. Naw. That don't sound right. That don't sound right at all.

For the moment, at least, encryption technology can legally be used by anybody in the US, Canada, Britain and Japan (these are the countries where I have friends). In fact, aside from a few places in the world, I'd be surprised if there was a single country (that wasn't a bone fide police state) that has criminalized the use of encryption technologies by it citizens. I can see a time soon when encryption such as PGP is criminalized. But if everyone were using it (like they use https), it would be impossible. That's why I wish everyone would use it. That's why I wish it was built in to every IM client and email program on Earth.

I hear what you are saying. I just don't think that we have passed the point where using encryption will be interpretted as a sign of criminal intent. I don't think we're even close.
 
Using encryption only garners attention because no one uses encryption. If you want to be able to keep your private conversations halfway private, without certain agencies possibly thinking you're fishy - encrypt everything, and encourage others to encrypt everything. Hopefully, before long unencrypted traffic will be the exception, not the rule...

The one thing you probably don't want to do, is encrypt only sensitive data.
 
You must log in or register to reply here.
Back
Top