- cypherpunks - lists.cpunks.org

Fwd: [Cryptography] Distributed Ledger Technology gets a high level review
by grarpamp 08 Jun '17

08 Jun '17

---------- Forwarded message ---------- From: Thierry Moreau <thierry.moreau(a)connotech.com> Date: Mon, Jun 5, 2017 at 11:11 AM Subject: [Cryptography] Distributed Ledger Technology gets a high level review To: Cryptography <cryptography(a)metzdowd.com> Fascinating read this morning: www.bankofcanada.ca/wp-content/uploads/2017/05/fsr-june-2017-chapman.pdf This reports the findings of a DLT trial for the financial sector. Definitely geared towards wholesale payment systems (a world with its own culture), it nonetheless presents a well-informed assessment of DLT deployment challenges. In my opinion, the main conclusion (DLT may not replace centralized wholesale payment operators) was to be expected since the reference used for comparison (i.e. Canada LVTS) is among the most advanced system. Secondary conclusions are less damaging to the Distributed Ledger Technology deployment potential. Regards, - Thierry Moreau _______________________________________________ The cryptography mailing list cryptography(a)metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography

1 0

Trust DHS with your laptops? If not you soon might not be able to fly
by CANNON 08 Jun '17

08 Jun '17

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Possible upcoming mandate by DHS to turn in your laptops to them before boarding flights (even for domestic flights) will enable government to clone your harddrives or copy files, search computers, and tamper with your laptop. Sources: https://gizmodo.com/white-house-seriously-considering-banning-laptops-on-al… http://www.computerworld.com/article/3198848/security/us-might-ban-laptops-… Mention of potential to increase to domestic also http://www.computerworld.com/article/3198848/security/us-might-ban-laptops-… - -- Cannon PGP Fingerprint: 2BB5 15CD 66E7 4E28 45DC 6494 A5A2 2879 3F06 E832 Email: cannon(a)cannon-ciota.info NOTICE: ALL EMAIL CORRESPONDENCE NOT SIGNED/ENCRYPTED WITH PGP SHOULD BE CONSIDERED POTENTIALLY FORGED, AND NOT PRIVATE. If this matters to you, use PGP. -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJZOKE9AAoJEAYDai9lH2mw+/QP/Rco79mEc8c/+4aT8GL8zKEt 9rBXpyEs2oa6cnqyq5yqe66W5bdt0w4FgMRY6eI6Bo56U3qqETfls4L6r/W/gBSD vY8ItJ3uRG0aMOHxTwEXHVufb6a43L1Q7qJtfUeEVwhnxdC9x0UhxMsR6/SuXBY+ SVTZUEN1fATIJHy1KReIAKkZd9bgbrQDW+oyECwxFmihD5YKhG+kINxnEX77gdw3 y2SWNLCjY1mfAt2rXqrqM/TDeuJVbrxtAAGQiyZXp+D7FeYQ3IerJ8BacZCYdhI8 FrwIOBdeBGPP41S0BTZQXsVX1iqnij4bxCN+fsXCYsgKzVw67yblibo3OkMDXbYN AuAwHZdv8mMvqhKC2wnw9ShR847I9mbwCpBwARBIINCVx+RBdUXrjuiGmF230pNz asI6YA+HV00/1Q7Irpc+ZegUjcV+tbqMNVJ0/J7/En+ED4lb9nP443FfTqNhITKx plx4WrPCvt7h05vhKZzkk3B07dCZ90CFFwrxUj40mV8YU11rUhyr7R/lpK4NHcUw 2ZA0QMJ0k4W9wC8W2W5W9z1B/NHh/UW0TAzbEVXAeQPZ95VtW+csz8iB8VvOSrmD YAygSDw88qS9DK0kjuI+JfO4C5zDMArqWlrO1/OQdHnassNVHDWa6YGZlgVmmgLr 7fW+H+lQfof+VrkgIp7/ =oUqX -----END PGP SIGNATURE-----

1 1

Re: TheIntercept Compromises Courageous Leaker Reality Winner
by John Young 07 Jun '17

07 Jun '17

At 11:05 PM 6/6/2017, you wrote: >https://twitter.com/glenngreenwald A parrot GG. >Wikileaks: Still protecting sources on principle since >years before most journos got in the game. Leak sites and jounalists inevitably betray sources by overpromising security and confidentiality. Privileged like lawyers and priests.

1 0

TheIntercept Compromises Courageous Leaker Reality Winner
by grarpamp 07 Jun '17

07 Jun '17

http://blog.erratasec.com/2017/06/how-intercept-outed-reality-winner.html https://theintercept.com/2017/06/05/top-secret-nsa-report-details-russian-h… Monday, June 05, 2017 How The Intercept Outed Reality Winner Today, The Intercept released documents on election tampering from an NSA leaker. Later, the arrest warrant request for an NSA contractor named "Reality Winner" was published, showing how they tracked her down because she had printed out the documents and sent them to The Intercept. The document posted by the Intercept isn't the original PDF file, but a PDF containing the pictures of the printed version that was then later scanned in. The problem is that most new printers print nearly invisibly yellow dots that track down exactly when and where documents, any document, is printed. Because the NSA logs all printing jobs on its printers, it can use this to match up precisely who printed the document. In this post, I show how. You can download the document from the original article here. You can then open it in a PDF viewer, such as the normal "Preview" app on macOS. Zoom into some whitespace on the document, and take a screenshot of this. On macOS, hit [Command-Shift-3] to take a screenshot of a window. There are yellow dots in this image...............

2 5

Re: bitcoin incorporated
by juan 07 Jun '17

07 Jun '17

> "A purely peer-to-peer version of electronic cash would allow > online payments to be sent directly from one party to another > without going through a financial institution." > > keywords, peer to peer, no financial middlemen. > > Now it gets interesting. Blockstream has a solution to > increase bitcoin's capacity, which I don't think can be > described as "purely peer-to-peer" and involving no middlemen > at all. As a matter of fact, blockstream solution is to create > middlemen that will process the vast majority of > transaction...because they can't scale bitcoin (technical > failure) or they don't want (political failure). nobody bothered to correct me, so I'll have to do it myself. When I first watched this "Lightning Network Talk"... http://www.youtube.com/watch?v=8zVzw912wPo ...I got the impression that the layer on top of bitcoin would be run by big business and would be composed of relatively few 'big' nodes. However it turns out that, at least in theory, the LN is peer to peer and anybody can route payments for other peers. So maybe there's some hope for bitcoin...

2 1

Bill Binney: Reddit AMA
by grarpamp 07 Jun '17

07 Jun '17

https://www.reddit.com/r/IAmA/comments/6fnibv/hi_reddit_bill_binney_here_to… Barrett Brown chimes in as well Hi Reddit! Bill Binney here to answer your questions – live from Amsterdam. submitted 7 hours ago * by IamBillBinney 15 years ago the NSA destroyed the best alternative to mass surveillance. I have some exciting news to reveal with you: Now there is a 2.0. About me: https://en.wikipedia.org/wiki/William_Binney_(U.S._intelligence_official) Some background on ThinThread: In the late 90s I co-created the program "ThinThread" which was the perfect alternative to mass surveillance - but it was ditched by NSA for money. ThinThread was a fully automated system that could monitor signals then filter and alert on genuine threats in near real time. It did this all whilst protecting citizens’ rights to privacy. Its efficacy was down to it being metadata focused. See more about the film of ThinThread's story and my career here: http://agoodamerican.org/ https://vimeo.com/ondemand/agoodamericanmovie Available from today June 6, 2017. Here's proof of me doing this AMA now: https://twitter.com/AGAmovie/status/871427920467820545 First AMA (archived): https://www.reddit.com/r/IAmA/comments/3sf8xx/im_bill_binney_former_nsa_tec… It was a good conversation last time, I will aim to answer more questions today. I’m here from2PM to 5PM EST, and will do my best to answer everything I can! EDIT: Please know that my friend and long-time associate and fellow whistle-blower, Kirk Wiebe, is here with me and says, "Hello, REDDIT!" EDIT: You are invited to see the following. It is the premier of a new film. "THE MAZE dissects the terror-attacks since Paris Bataclan in November 2015 and looks for common patterns. Why was intelligence failing? And why have our governments been pushing for more of the same? A journey into surveillance reforms, power, money and cover-ups. A search for a way out of this maze - with a glimpse of hope on the horizon." You can watch it here: https://vimeo.com/ondemand/themaze EDIT: 6:30PM EDT 12:30AM CET Nice AMA-ing with all of you. Thank you for your questions! 143 comments share all 143 comments sorted by: best [–]_zorch_ 19 points 7 hours ago Considering how over the past few decades, surveillance technology has been 'baked in' to our communications infrastructure - Is it even possible to turn it off? Also, what is the likelihood of US domestic surveillance being co-opted by a foreign government? permalink embed [–]IamBillBinney[S] 15 points 7 hours ago A VERY good question. It is possible, but requires a high degree of tech know-how to do it - both hardware and software. For example, need to check the luminosity down a fibre optic line in order to detect tap points and physically remove them. Also check hardware/software associated with it. Likelihood of foreign takeover of US intel would be low because of the difficulty of knowing where to hack into the intel systems. permalink embed parent [–]kajnbagoat 0 points 3 hours ago Sir , like what Edward Snowden do you commend or condone it?? Thanks for doing this AMA sir!! I have a few questions about whether they can actually turn on your laptop Web cam if it's connected to the Internet like they show it in The Snowden movie ? Do you think it can get worse like they will literally know everything about a person's life?? permalink embed parent [–]DubsNC 1 point an hour ago Not OP, but plenty of malware can take control of your laptop webcam. A physical filter is pretty standard equipment now days. It's just good op sec. Comey admitted that he puts tape over his webcam. http://www.npr.org/sections/thetwo-way/2016/04/08/473548674/why-the-fbi-dir… There are plenty of pretty girls who have been hacked just for access to that webcam. permalink embed parent [–]comesfromVT 10 points 7 hours ago Good Afternoon Bill! I'm currently reading No Place to Hide by Glenn Greenwald, and I'm enjoying it. I'm very interested in the whole intelligence process from start to finish. I'm lucky enough to be learning a brief amount of it in the Navy currently. What advice do you have for someone who is about to separate from the Navy with no debt and a G.I. bill? I would like to work in the intelligence community, however I really wouldn't enjoy being trapped between an ethical hard place and being jobless. Thanks, for this and everything else you do! permalink embed [–]IamBillBinney[S] 16 points 7 hours ago I believe in infiltration. Keep your principles once you join the intel community and maybe you can make a change on the inside. permalink embed parent [–]rainer_d 2 points 4 hours ago* They've probably ramped up the psychological screenings a lot since Edward Snowden left for Hongkong ;-) They know how to catch somebody who doesn't quite feel the same way he says. So, with only a cursory knowledge of this whole intelligence-thing (watching YT documentaries, hollywood movies and being in the military myself at some point), there are a couple of different outcomes from this: they quickly realize what you really want but don't bother and just assign you to totally boring projects where you can't do much harm somebody needs a scapegoat or fulfill this month's quota and you get handed a big bait, catch it - and are caught red-handed. End result is you getting more familiar with Ft. Leavenworth than you ever wanted it all works and you get to be the next Ed Snowden, but have to flee to Hong-Kong, too. Is you middle initial often being mis-spelled? And thanks Mr Binney for the personal risk and hardship you took on yourself. A real hero is somebody who knows he'll never be seen as a hero. permalink embed parent [–]Barrett_Brown 15 points 6 hours ago Hi, William; Barrett Brown here. First I want to thank you for your work in protecting those like myself who were investigated for bringing attention to these issues, such as by your involvement with the Courage Foundation, which has helped me, Lauri Love, and several others over the past few years. I'm scheduled to do an IAMA two hours from now and will be going into all of that then. My question is, in your opinion, does there come a point at which the weight of criminal conduct by the state is sufficient to justify resistance to its activities, regardless of whether or not the state derives its powers from the consent of the citizenry, informed or otherwise? And does a republic have greater rights to engage in oppression of domestic and foreign populations than would a dictatorship simply by virtue of deriving its powers from the citizenry? permalink embed [–]IamBillBinney[S] 15 points 6 hours ago There is such a point. It is historically true. We aren't there yet, so peaceful, democratic options are still available. We have been heading toward a totalitarian state since "Darth" Cheney said we must "go to the dark side" in 2001. This infection has now spread throughout the Free World. Corruption, greed, and desire for control by Elitists rule the day. permalink embed parent [–]trai_dep 3 points 6 hours ago Just to add a note to IAMA readers – Barrett Brown is also giving an IAMA today, at 2:00 PM PST. Scope it out! It's an IAMA Two-Fer, for whistleblowers/activists. Kudos to /r/IAMA. Really glad to have you out among us again, Barrett. Really enjoy your writing! permalink embed parent [–]peterkofod 4 points 5 hours ago Hey Barrett Great to see you here. Also: thanks for everything you've done. permalink embed parent [–]satbirkira 5 points 5 hours ago Hey dude, I had the pleasure of seeing the movie in Copenhagen 2 years ago at the cph film festival. I had a santa hat on but the didn't get a chance to ask you my question :^) What were the 10 or so the meta-data heuristics that you found were effective in thinthread? I remember you naming a few of them in the movie but I wanted to know all of them. Also I was sorry to hear they raided your house, hearing that made me sad. permalink embed [–]peterkofod 0 points 3 hours ago I'm pretty sure it wasn't 10 (Bill always talk in primes). I'm also pretty sure Bill explained in Copenhagen that he couldn't talk about the exact parameters, because that would enable govts to do even more massive surveillance :-) permalink embed parent [–]Im_not_JB 3 points 3 hours ago he couldn't talk about the exact parameters, because that would enable govts to do even more massive surveillance This is rich. He bills it at something that does exactly what we want (identify true threats with no civil liberties downsides), yet can't talk about it because it will "enable gov'ts"? How? They already know how to collect massive quantities of shit. He's supposedly selling a way for them to succeed in their job without collecting massive quantities of shit... what conceivable way could this 'enable' more surveillance? Plus, he claims to have already tried selling NSA on this magic method, so it's not like they don't already know about it. He never explains the details of why they said, "Damn! That's a perfect way of accomplishing our mission. Let's not do that." It's all just too convenient... permalink embed parent [–]FluentInTypo 0 points 45 minutes ago He explains that he built the program and NSA scrapped it for more invasive methods. permalink embed parent [–]Im_not_JB 1 point 14 minutes ago But why? Is there a single shred of evidence that NSA looked at a program that was simple and did everything they wanted to do (completing their mission and immunizing them from outside criticism) and instead said, "Nah. Let's not do that. Instead, let's give money to people who have a worse plan, and let's even go further and just forget that we learned how to do these things perfectly!" In what world does any of that make sense?! permalink embed parent [–]satbirkira 0 points 35 minutes ago Bill says NSA scrapped it so their contractors (who were friends with NSA higher ups at the time and former NSA employees) could get $$$. Did the NSA wanted something more invasive like trailblazer? I doubt they cared how it worked, since they didn't even care if it worked or not. So no, I don't think the NSA scrapped for the sake of using more invasive methods, but rather writing fat cheques for their friends. permalink embed parent [–]Im_not_JB 1 point 10 minutes ago If NSA could do it internally... in a way that is awesomely good at fulfilling the mission and which totally prevents them from eventually encountering civil liberties criticism... why wouldn't they just do that? Do they really hate their coworkers so much that they just decided, "Fuck these guys, we're going to take this money elsewhere"? I mean, they're all buddy buddy with "former NSA employees"... but they just hate current NSA employees who are giving them the moon?! And then they just forgot the really cool ideas that the current NSA employees told them, and didn't bother to pass on this awesomely good information to the contractors? h-What?! permalink embed parent [–]Liquid_Reality 6 points 6 hours ago Hi Bill! First I want to say I believe the world owes you a debt of gratitude for doing the right thing in a system that went off the rails. Without people like you, Thomas, and Edward, we still wouldn't know the true scope of the NSA's constitutional violations. We need intelligence services, but unchecked mass suspicionless surveillance is a cancer to a free society. Public servants with their hearts in the right place can safeguard the people and the constitution when all else has failed. Thank you for being one of the good guys. Question 1: Warrantless mass surveillance typically drops off the public's radar after a few news cycles, and it's very abstract for most people to consider. Do you think the USA's national consciousness will ever care enough to hold the bad actors legally accountable, and address the core institutional problems? Question 2: Some of us see commercial profit-based surveillance, such as from Facebook, Google, etc, as a threat to a free and open internet. Do you think we can build systems providing the advantages of those things, while also being robust against totalitarianism as governments increasingly pressure private industry into censorship and "sharing" data gathered during for-profit mass surveillance? Question 3: Are there lessons you see in how Germany handled the aftermath of the Stasi era for modern day USA and the NSA? permalink embed [–]IamBillBinney[S] 8 points 6 hours ago To Number 1 No. Because there are too many people involved in all upper levels of government. To Number 2 Yes. It requires a monitoring program to track everything on the network. To Number 3 Yes, there is only one reason government collects data about everyone and it isn't good. It is done to maintain control over the population. permalink embed parent [–]trai_dep 3 points 5 hours ago There is an alleged whistleblower whose arrest was recently announced. They allegedly were caught after printing a hard copy of documents while at work. They also allegedly emailed the publication while at work. Then confessed when questioned rather than waiting until a lawyer could be there. These don't seem to be ideal whistleblower practices. Have workplace whistleblowing exposure techniques gotten more sophisticated, or was this most likely a one-off case of poor judgement and practices? permalink embed [–]IamBillBinney[S] 10 points 4 hours ago* I would say a one-off, poor judgement. Due to the poor quality of the report itself, this whole matter could be a ruse. I would strongly question the authenticity of the report. permalink embed parent [–]MagicHerb 4 points 5 hours ago I know many people that buy into the delusion, that surveillance is the only way to prevent terrorist attacks from happening. Which is contratrary to the evidence: most of the identified attackers were already under surveillance. When and how did it happen, that mass surveillance became a commodity? Why do people fear a loss of surveillance more than they fear a loss of freedom? permalink embed [–]IamBillBinney[S] 7 points 4 hours ago It began with Darth Cheney and Shrub (Bush) who were motivated to obtain information about everyone to get a leg up on political enemies, just like Nixon did. They peddled the concept that data is intelligence, and therefore, the more you have, the more intelligence you have. This is absolutely false. Until you understand the data you have and what it means, you have no intelligence. Obama simply doubled down on this philosophy, so he is in effect Darth squared. permalink embed parent [–]IamBillBinney[S] 6 points 4 hours ago People fear the loss of surveillance because they are conditioned to think data is intelligence, therefore more is better. Government is treating the population as Pavlov's dogs. permalink embed parent [–]theepzaa 3 points 6 hours ago Do your instincts (or your sources within intelligence agencies) believe Russia 1) is responsible for the DNC leak/hack and/or 2) attempted to hack U.S. election systems in 2016? permalink embed [–]IamBillBinney[S] 5 points 6 hours ago No, not Russia, and if it was there would be direct evidence of it. Also, CIA using Vault 7 tools can make an attack it carries out look like it comes from another nation/party. The fact NSA does not provide a track for the packets reflecting fact of no hack attack means it was an insider job/leak. See Consortium News for related article. permalink embed parent [–]8238482348 5 points 4 hours ago No, not Russia, and if it was there would be direct evidence of it. Do you expect a developed country with at least a modicum of talented IT professionals to not be cautious of leaving any direct digital evidence? As you assuredly know, anyone can basically use a daisychain of IPs to obfuscate their origins. CIA using Vault 7 tools can make an attack it carries out look like it comes from another nation/party Yes, many agencies of many countries can possibly use falseflag options but it doesn't mean they do. The fact NSA does not provide a track for the packets reflecting fact of no hack attack means it was an insider job/leak. Anyone can fire up a TOR session and possibly hide their origins as you know. They can command a node, be it a PC or any tech device, then use it as a regular proxy or another TOR server, therefore obfuscating themselves even more, many times over. When you have the power of a nation state, this is very feasible. Also IP addresses within government domains are sometimes not public information, as you probably also know. It's a weak "security by obscurity" technique but if they published IPs of sensitive nodes, it invites any nation state to come knocking on the door. I don't see how that's enough information to conclude it was an inside job. I'm not saying it was a country or any one person but until we have the information at hand, it's hard to conclude either way, which you seem to be doing. Maybe you know more about this than I but considering your answer here and below, I suspect you're not fully aware of network security as I thought. Could your bias against the institution that fired you be influencing some bias on your part? It is difficult to know the true origin - must be able to trace the packets and look inside of them in order to know. Called Deep Packet Inspection. But even packets can be changed en route, source and destination both as well as obfuscated by a litany of routes by using proxies and something as TOR. I don't know why you put so much influence on thinking this would be the proof. permalink embed parent [–]IamBillBinney[S] 2 points 4 hours ago REF 1st Quote: That is one of the reasons we believe the CIA carried out the attack. Because no self-respecting spy agency would leave such an obvious trail. REF 2nd Quote: Yes, but it doesn't mean they don't. REF 3rd Quote: Guess what? NSA can track the TOR packets. That's why NSA has embedded trace-route programs on hundreds of switches all over the network to reconstruct the TOR network. REF 4th Quote: It is true that Service Providers can change the IP's of originators and recipients of packets, but in doing so, when the packets reach the border gate to the next Service Provider, they convert them back to the originals, otherwise the packets get lost. This means we have to work out the formula for internal changes in packets and reverse it when moving to the border gate provider. permalink embed parent [–]Poopshakalaka 2 points 3 hours ago Hahahahahahaha So, there is no "direct evidence", but somehow also an "obvious trail"? What a stupid fucking AMA permalink embed parent [–]_zorch_ -1 points 3 hours ago It's like when the cop says "I clocked you doing 97 MPH" but refuses to show you the radar. permalink embed parent [–]peterkofod -1 points 2 hours ago You've got Poop in your handle. permalink embed parent [–]Poopshakalaka 0 points 2 hours ago Well this is embarrassing permalink embed parent [–]spin81 1 point 35 minutes ago Guess what? NSA can track the TOR packets. Unless I misunderstand the TOR concept, which is quite possible but I don't think I do, what you're saying can't be true unless the NSA controls the vast majority of TOR nodes out there. Are you saying that they do? If so, how are they doing it? permalink embed parent [–]DubsNC 1 point an hour ago You understand the concept but don't know the limitations of the current system. There are theoretical and practical attacks against the TOR network. For example: http://arstechnica.com/security/2015/07/new-attack-on-tor-can-deanonymize-h… permalink embed parent [–]spin81 1 point an hour ago Thanks, I wasn't aware of that! What I'm seeing when looking at that article though, is that in some, possibly many, cases they can see when a given user uses a given hidden service, but that's not what /u/IamBillBinney said. What he said was that the NSA can track TOR packets. Also, quoting from the article: In an e-mail, Tor project leader Roger Dingledine said the requirements of the attack greatly limited its effectiveness in real-world settings. [...] attackers would have to operate a large number of Tor nodes to have a reasonable expectation of seeing traffic of a given hidden service. So even though it's certainly a very interesting and educational article, I'm not convinced it denies my point. permalink embed parent [–]8238482348 0 points 3 hours ago 1) It's what the nation state wants you to think, perhaps. You can't rule that out if being impartial. 3) That might be true but it's possibly useless if many of the nodes the client uses aren't in an accessible country and you have no practical means to control all the service providers involved. 4) No, I mean by IP masking, I can literally create an internet packet with a false source address and send that packet to a node on the internet. Or more practically, take over a machine to mask my malicious data but if we're talking nation states here, I think you underestimate the possibility of a powerful nation state influencing our network infrastructure. I don't think there's enough data to definitively say it was an inside job just because we weren't provided the packets themselves or shown IP addresses. This is still all confidential at this point. Surely you could just as well say if it was an inside job that the evidence you're also asking for to disprove nation state influence should be there, especially considering it was all done in the land of logging, where every digital device is tracked, as you say. Where's the evidence there? Yet assumptions are made either way. You also linked to consortium, which is biased. It doesn't own up to the fact that the NSA is not omnipotent. Any network links tracing back to Chinese, Russian or any other countries not in the "five eyes" is basically a black hole unless the "five eyes" just happened to run some clandestine operation to control every service provider in the world. The link also conveniently says that the source is false because they weren't provided pertinent evidence, assuming that the evidence won't reveal sensitive sources, which is also false. Also remember these few sources seem to have more traditional intel background, not network/computer security/forensics related and probably don't know as much about this field as they allude to. It's unfortunate that this is so political that it makes it harder to find truth. I don't think anyone knows except the guys on the digital frontlines but I think if anyone makes an argument either way, it's likely politically fueled instead of any real truth seeking. You have much influence, Mr. Binney, it's sad when someone with your influence uses it to shit on the "elite", people looking out for themselves and their family as you're doing who can also be used to do good for others just as bad. You shit on information when this same information can also be used against those against democracy. You shit on American leaders who were doing what every other political leader does in their country, look out for its interest. You shit on your ex-associates who, just like you, were looking out for themselves and family while realizing this information can be used for both good and bad, not as one-sided as you. You shit on the people at the top while endorsing others at the top who shit on people below also. For someone in such a position of potential influence and considering your age, I was hoping you'd have more nuanced and neutral opinion on things. But no, your replies seem like something I would've said when I was a kid at 20 years old with no knowledge of why leaders, military, intelligence and otherwise, do what they do other than they have more money and power than me so I'm mad at them. Thanks for your response and I still respect you as a person but I was hoping for more wisdom in this AMA. permalink embed parent [–]peterkofod 4 points 6 hours ago Link to the Consortium News article, mentioned in Bill's reply: https://consortiumnews.com/2016/12/12/us-intel-vets-dispute-russia-hacking-… permalink embed parent [–]Fliepke 4 points 6 hours ago Hi Bill, As a private citizen I'm well aware of my "privacy" on the internet, but I'm not using vpn, pgp, etc because it seems like a hassle. So I have two simple, practical questions: What is one thing I should stop doing today, to protect my privacy a little bit better? And of course, what should I start doing from today on? permalink embed [–]crawlingfasta 2 points 6 hours ago VPNs are a lot less of a hassle than they were 5 years ago. Most of the big ones have nice GUIs and are fast and easy to use and not that slow. As an added bonus, you can use them to circumvent some paywalls, download torrents and avoid 'dynamic pricing' on certain websites. Totally worth the $3-$10/month IMO. (mine has paid for itself!) PGP is still a hassle :( Start using Signal or another end-to-end encrypted app for your text messages and even voice messaging as well. Not just the government, but also your telco and hackers can read your SMS if you don't use Signal. permalink embed parent [–]IamBillBinney[S] 4 points 6 hours ago Use Tor if you can, change your passwords frequently, and invent your own encryption for your community of friends. permalink embed parent [–]marshal_mellow 3 points 6 hours ago I've always heard that you should never "roll your own crypto" Would you say it's more effective than using a known encryption method? permalink embed parent [–]IamBillBinney[S] -3 points 5 hours ago Yes, it IS more effective, because then there would be millions of different encryption systems not solvable by mass machine attack. It would take human interactions to solve, taking months and even years. Not practical. If you use public encryption, governments can solve one or two or very few in order to enable a machine attack on millions of users. permalink embed parent [–]Sostratus 10 points 4 hours ago For fuck's sake, Bill, this is terrible advice! There's not a cryptographer on the planet who would agree with you on this. This is the kind of crank nonsense that calls any claim you've ever made into question. Everyone: use time-tested public algorithms. The security comes from the secrecy of the key, not the secrecy of the algorithm. permalink embed parent [–]trai_dep 3 points 3 hours ago This is such a spectacularly bad answer I wonder if this is William Binney. permalink embed parent [–]_zorch_ -1 points 4 hours ago There's not a cryptographer on the planet who would agree with you on this. Because they deal in theory. In practice, the tools to decrypt your batshit crazy crypto technique don't exist. Yes, they may be theoretically "easy" to build, but they aren't built yet. permalink embed parent [–]IamBillBinney[S] 2 points 3 hours ago Please read Friedman and Callihamos for a better understanding of cryptanalysis. It is a four volume set. Google it and you will find where you can buy it. Quite expensive, but well worth the investment. I think it is a great read. permalink embed parent [–]peterkofod 2 points 5 hours ago This (roll your own) requires a rather huge skillset/budget - not something I'd recommend for the average user (although it's a reasonable point, that even, say, Public crypto, might benefit from a variety of different protocols). permalink embed parent [–]_zorch_ 0 points 5 hours ago This (roll your own) requires a rather huge skillset/budget Not really. Small but significant tweaks on top of existing tools throws in an extra level of complexity that will require more human intervention. permalink embed parent [–]peterkofod 3 points 5 hours ago yup - but even "small" tweaks require either A) skills that the general public don't have - or B) that you pay somebody to do it for you. permalink embed parent [–]_zorch_ 0 points 4 hours ago A) skills that the general public don't have Like setting your key size to 1025 bits, instead of 1024? permalink embed parent [–]Im_not_JB 2 points 3 hours ago Hi Bill! I've seen your claims in a few different forms over the years, but they've always been relatively light on the details. Can you explain exactly how your program differed from other programs? For example, in this AMA, you claim that the "efficacy was down to it being metadata focused". The NSA currently runs significant programs which are metadata focused. How, exactly, did yours differ? Additionally, you say that it was ditched "for money". What was the source of money that caused NSA to look at a product that nominally does exactly what NSA's mission is and respond, "Nah. Let's not do that"? Where did that come from? Thanks! permalink embed [–]IamBillBinney[S] 1 point 3 hours ago ThinThread has 3 differentiators: 1 - It filtered out all content not associated criminal and terrorist activities. Other content was ignored. 2 - Any person acquired but not yet known to be criminal or terror-related was protected by encryption of their identifying attributes. 3 - The ThinThread network was constantly monitored by software that tracked what users did when they connected to it and looked at data, what they did with the data, etc. So, this means that if Snowden had downloaded data from the ThinThread network, we would have seen it immediately and known exactly what he took. No guessing. The source of the money was Congress who gave the funds Director Hayden requested (3.8 billion dollars) for the first five years of his program (TRAILBLAZER), despite the fact that ThinThread had already solved the essential challenges. Basically, staff members in Congress were suggesting to NSA management (Hayden included) that ThinThread already had solved the problems and should be used accordingly. NSA ignored Congress and awarded big contracts to big companies who failed utterly to produce results. TRAILBLAZER was declared a failure by Congress in 2005. permalink embed parent [–]Im_not_JB 1 point 3 hours ago It filtered out all content not associated criminal and terrorist activities. Other content was ignored. That's basically the goal of any filtering scheme, isn't it? Any person acquired but not yet known to be criminal or terror-related was protected by encryption of their identifying attributes. The devil is in the details here. I'm confident that literally every NSA database is encrypted in its entirety (to do otherwise would be sheer neglect). The question is who has the ability to unencrypt. Just saying "it's encrypted" doesn't answer any of the relevant questions, and it doesn't distinguish your proposal from existing minimization procedures. The ThinThread network was constantly monitored by software that tracked what users did when they connected to it and looked at data, what they did with the data, etc. So, this means that if Snowden had downloaded data from the ThinThread network, we would have seen it immediately and known exactly what he took. User auditing is an extremely attractive feature, so it would be absolutely mindblowing for them to say, "Here's a way that we can reduce the insider threat (on top of executing the mission perfectly with no civil liberties problems)... nah! Let's not do that!" The source of the money was Congress And here the game is up. It is not some moneyed evil corporate entity or something. Congress just gave NSA money to do their job. You're telling us that they had the money... and they looked at a magic program that solved literally all their problems... and responded, "Nah. No thanks. We'll do things the hard way." How is this remotely plausible?!?! What caused them to ignore the silver bullet that was right in front of them? permalink embed parent [–]peterkofod 3 points 6 hours ago Hey Bill & Kirk Peter from Denmark, here. Hope all's well with you guys. Question: considering that in almost every terror-attack, it turns out that at least one of the perpetrators were known to authorities in advance, shouldn't we demand some kind of audit of what the intelligence agencies/govts knew (or should've known), but failed to act upon? permalink embed [–]IamBillBinney[S] 8 points 5 hours ago Yes, Peter - every govt intel agency should be audited to ensure integrity of operations. Reviewable by another entity. Intel cannot monitor itself. Every time there is a terror attack they fail to stop, their budget should be cut by at least 10%. We should not reward failure with increased budgets! permalink embed parent [–]peterkofod 3 points 5 hours ago Hey; yeah. I don't really know of any other business, in which failure is rewarded with tons of money. Who would you suggest (in an ideal world) should do the audits? IC is quite good at hiding stuff from oversight committees etc. permalink embed parent [–]janvanoort 3 points 5 hours ago Perhaps a magistrate or an (elected!) public oversight body would be best equipped for that task? permalink embed parent [–]peterkofod 1 point 5 hours ago sounds reasonable; it would need a pretty high level of tech-skills, I'd say. (like what Bill says about "hackers" below) permalink embed parent [–]Poopshakalaka 3 points 3 hours ago What other "business" (NSA is not a business to begin with) can you name where all failures are public and all successes are private? What other business can you name where they lose 10% of their budget per failure? permalink embed parent [–]IamBillBinney[S] 3 points 5 hours ago I recommended (with others) to Obama (he ignored it) that hackers be cleared and authorized to inspect/audit any US Intel agency at any time. It didn't fly. Until auditing is embedded in Intel, nothing will change. permalink embed parent [–]Im_not_JB 1 point 3 hours ago every govt intel agency should be audited to ensure integrity of operations What exactly do you think DoD, ODNI, HPSCI, SSCI, the President's Intelligence Oversight Board, FISC, DoJ, and NSA's OIG, OGC, and OoC do? permalink embed parent [–]kosayla 3 points 6 hours ago Hi Bill. A bit of a technical question. Since the leaks from a few years ago, more and more companies are switching to SSL/https to encrypt their web traffic. I understand that the NSA can decrypt some of this traffic via backdoors installed in certain router hardware. Besides that, how likely is it that the NSA has the secret keys for the SSL traffic of companies like Google so they can just decrypt the traffic from the raw data, without needing to hack any hardware? permalink embed [–]IamBillBinney[S] 4 points 6 hours ago >From my neck of the woods, "this don't surprise me none" What you are suggesting is very likely the case. permalink embed parent [–]WylieMontis 2 points 7 hours ago* The UK wants to start Chinese style Internet monitoring. Do you think this will a) work b) prove to be the only way to keep people safe permalink embed [–]IamBillBinney[S] 4 points 7 hours ago First, the US and UK with others collect virtually everything on Internet and Public Telephone Networks. Chinese cannot match that. The question should be, have the Chinese accomplished what we are now doing. Answer is no - not yet. permalink embed parent [–]IamBillBinney[S] 3 points 7 hours ago We believe the report may be a fake report. If not, it is poorly written. In any case, it indicates the Russians did not break into the voting system. They were exploring for information. permalink embed parent [–]IamBillBinney[S] 5 points 7 hours ago When I say "we", that means most of the Veteran Intelligence Professionals for Sanity (VIPS) and some others we know with intel backgrounds believe this. permalink embed parent [–]8238482348 1 point 3 hours ago They were exploring for information. AkA pentesting, aka attempted hacking. Why is it hard for you to assume a nation state might try something like this? My servers get pinged all the time from places like China, Russia, etc. Literally, sometimes hundreds of "knocks" a day on my servers from those countries and you can't believe a nation state would attempt something like that on a high profile and apparently insecure node in a very "delicious", lots of potential goodies to a hacker, IP range? permalink embed parent [–]WylieMontis 1 point 6 hours ago Thank you! To clarify for people who are not Bill. My original question was about today's leaked report permalink embed parent [–]lurking_digger 2 points 5 hours ago Mr Binney, big fan! Did the knobs who raided your home and yanked(?) you out of the shower ever apologize? What news outlets do you recommend? If internet is disconnected, what options then? Is shortwave radio still viable option? permalink embed [–]IamBillBinney[S] 7 points 5 hours ago They never apologized. So now, I am supporting four separate lawsuits going after NSA/CIA/FBI/DOJ unconstitutional surveillance. Check out Circa News - true investigative reporting without political bias. Shortwave radio is still viable, even desirable if it can meet your needs for distance, line of site, etc. Go analog vice digital if you can. permalink embed parent [–]lurking_digger 2 points 5 hours ago Thank you, sir Thank you for your pains permalink embed parent [–]FluentInTypo 2 points 3 hours ago I have this feeling, that ever since "Snowdon" ( Not to overshadow your own legacy of course. - I only mention him because of the media coverage), that everything has gotten worse, not better. The only real reform we saw was the U.S. Freedom Act, which for all intents and purposes, legalized domestic surveillence and iirc, actually increased the amount of data available to NSA from the phone companies. Meanwhile, at the local and state levels, we have city after city legalizing stingray use and other military technology for surveilence. The 2016 election was the first election we had since Snowden and surveilence wasn't even mentioned by any candidate except Bernie (against), Paul (against), Johnson (Against) and Christie (Terrifying Pro). I had hopes that this would be the election where surveilence would finally be dealt with..but alas, it was reduced to a bullet point. This doesnt even cover the corporate marketing survielence going on. We passed the privacy laws in 1974 which was honestly the last big protection ever made on behalf of the American people. The State has no reason to regulate the big data market as it relies on that same market to FISA warrant its own interests from it. All these things, taken together, makes for a terrifying future where we have the Corporate/State on one side and the little guy on the other. As a little guy, I see no way to fight this, unless on a mass scale of unity among the little guys and that just cant happen in a society as large and addicted to consumerism as we are. Given your knowledge and involvement in reforms, could you provide any reassurance that we actually have a chance in fighting this beast? EDIT: sent too soon. Lastly, how long were you treated as a "conspiracy theorist" by the masses? Or are you still treated that way? permalink embed [–]IamBillBinney[S] 4 points 3 hours ago You have captured well the beast before all of us. The only thing to do is to keep fighting, keep demanding truth and accountability from elected representative. Please pick up the phone and call your representatives office and voice your anger for subversion of your constitutional rights. Do not relent! permalink embed parent [–]SandDuner509 1 point 2 hours ago Hope i'm not to late here, but what would you differently if you were to go back and as the DoD IG to investigate the NSA? Do you believe there are any actions you could have taken to make them sway towards ThinThread over Trailblazer? permalink embed [–]IamBillBinney[S] 2 points 1 hour ago We (Bill Binney, Kirk Wiebe, Diane Roark) tried everything at our disposal to warn those in positions of authority about ThinThread and the imminent failure of TRAILBLAZER. This included a member of the House Permanent Select Committee on Intelligence (HPSCI), in particular current Senator Burr, Chairman of the Senate Select Committee on Intelligence. We do not know of any other actions that would have swayed minds, as the focus by those in power was on outsourcing big contracts to big companies. President Eisenhower in January 1961 warned the American people about the emergence of the Military Industrial Complex which could fundamentally alter the American way of life and governance. If he could see what now exists in Washington DC, he would most assuredly turn over in his grave. FOOTNOTE: Never underestimate the power of large numbers of stupid people. permalink embed parent [–]curiosity36 1 point 1 hour ago Mr. Binney, do you have anything to say about the thousands of Americans who claim they're being remotely tortured by EM weapons? I've assembled a lot of research on /r/psychotronics, and have spoken to people who claim to have spoken to you. permalink embed [–]yung2344 0 points 6 hours ago Hi Bill, how aware are you regarding the Covert. Brain Computer Interface technology now seemingly be used to hack into living brains of people? There has been a huge rise in the number of people claiming to be "targeted individuals". All of which share three major symptoms, all of which are Imo obviously due to BCI tech. Voices in the head, bo doubt caused by brain to brain communication The knowledge that those voices can "see through my own eyes", no doubt due to real time vision reconstruction via BCIs And "induced dreams"/ nightmares" no doubt caused by noncentual Neurogaming due to the covert BCIs. And do you have an email address I might be able to send you more information via? I have names and license plates of suspected agents involved in this type of harrassment, along with a much more detailed explaination of the assumed tech. DARPAs BioMens seem to be at the heart of it permalink embed [–]_zorch_ 2 points 5 hours ago Wow, that just hurt my brain. Are you working for Them? permalink embed parent [–]RetepWorm 2 points 5 hours ago Jesus, I feel like I've stepped into a distopian future here. Are you from the future, my friend? I feel you may have posted this in the wrong decade. permalink embed parent [–]lighthouserecipes 1 point 6 hours ago What are you up to nowadays? permalink embed [–]IamBillBinney[S] 4 points 5 hours ago Aside from suing the government, and calling them all idiots in public TV and radio, my friend Kirk Wiebe is with me here in Europe talking to the EU Parliament about mandating targeted approaches to Intel surveillance into law and protecting privacy. We must have privacy and security at the same time. Further, we are also helping companies here in Europe make that a reality. Sooooo, now that NSA, CIA, FBI, GCHQ, BND et all know we are doing this, we would be happy to help them succeed as well. Right now we do not clear them for that knowledge. Don't you just love this!!! permalink embed parent [–]kybarnet 1 point 6 hours ago Why would the powerful desire to apply justice equally, when currently there is such extensive inescapable bias that the laws of the common do not even begin to apply to the laws of the elite? In other words, why would any system voluntarily surrender power to a weaker opponent, and can we expect all opponents in the future to act likewise? permalink embed [–]IamBillBinney[S] 3 points 4 hours ago At some point, the People stand up for their rights and do what is necessary. Currently this is true and that is why I call the US Dept of Justice, the "US Dept of Just Us." Only the Elites like Hillary Clinton, Gen. Petraeus, Dick Cheney, Barack Obama, and all others who have been violating the rights of citizens of the world enjoy protected status. permalink embed parent [–]037_Engineering 1 point 6 hours ago What is the question that should be brought up more so us lay people can understand our country and world better? And what is the answer to that question? permalink embed [–]IamBillBinney[S] 8 points 5 hours ago We need to demand honest answers from our representatives. For example, Senator Wyden asked how many Americans are in intel databases. His answer from NSA in writing said, "We cannot tell you that, because it would be a violation of privacy rights of US Citizens. This is NOT an acceptable answer. permalink embed parent [–]_zorch_ 0 points 3 hours ago They're getting better. When asked a similar question by Congress in the 80s (shortly after 12333), NSA refused to answer based on "attorney-client privilege". permalink embed parent [–]Im_not_JB 0 points 3 hours ago Do you think they know how many blue-eyed individuals are in intel databases? That's approximately the same problem, even though it doesn't have the same significance. The fact of the matter is that you (and Senator Wyden) know that it is impossible to answer that question. You're just being angry for the sake of being angry. permalink embed parent [–]IamBillBinney[S] 2 points 2 hours ago Not so. A simple count of the number of people in the telephone database(s) with US phones can be done by a simple software shell. And you can get the number of times a unique entry appears in the database(s). Same is true for unique IP numbers tracing back to computers/devices. My estimate is that there are about 280 million US citizens in the NSA database. Each entered several hundreds, if not thousands of times. The same would be true for each domain (financials, etc) database. permalink embed parent [–]Im_not_JB 1 point 2 hours ago the number of people in the telephone database(s) with US phones Because no phone number is used by multiple people and no person has multiple phone numbers. Also, US citizens abroad may have foreign phone numbers. unique IP numbers We all know the various issues with IP numbers and geolocation (..and uniqueness), but how do you propose correlating IPs with phone numbers? If I have three unique phone numbers (home, work, cell) and at least as many unique IPs (home, work, Starbucks, ComicCon), how are you going to determine that they're all the same person? Furthermore, it is public knowledge that NSA is required to perform IP geolocation filtering during acquisition of Section 702 data - if it doesn't originate/terminate at a foreign IP, they're required to not collect it. We all agree that they're still collecting some US data, but you acknowledge that it must be related to a legitimate foreign target, right? And these uniqueness problems mean that any number we generate to try describing the set of Americans with data captured is surely going to be more of a reflection of our assumptions, right? permalink embed parent [–]Bardfinn 1 point 5 hours ago Hi Mr. Binney; What question do you always wish people would ask you? Thanks! permalink embed [–]IamBillBinney[S] 8 points 5 hours ago It would be, "Do you have to give up privacy to provide security?" The answer is absolutely not. Intel agencies of the free world should have adopted a targeted approach to data collection off the networks of the world. Since they did not take this approach, you can see in the tragic examples of Manchester and London, their approach is failing. permalink embed parent [–]-pm-your-boobies- 1 point 5 hours ago Have you ever seen any proof of extraterrestrial life here on Earth? permalink embed [–]IamBillBinney[S] 2 points 5 hours ago I have no direct evidence, but as a mathematician, I can - with great confidence - state that the probability of life existing somewhere else in the universe is 1, which means it's out there. permalink embed parent [–]-pm-your-boobies- 1 point 5 hours ago Thank you for your reply Bill! All the best. permalink embed parent [–]KhanneaSuntzu 1 point 3 hours ago Life means nothing. Tool using, technologically creative. intelligent problem solving life should be very very rare. Fermi's paradox. permalink embed parent [–]tehn6 1 point 3 hours ago How do you think the world will look 10 years from now regarding mass surveillance and internet privacy? What will be the greatest difference to today? Will our homes remain private? Or will we get spied on by household robots? Theresa May wants more mass surveillance in the UK! What would you recommend her to do instead to fight terrorism? permalink embed [–]IamBillBinney[S] 2 points 2 hours ago If we do not move away from mass surveillance and bulk data acquisition, the Ïnternet of Things" will provide the government and business with unprecedented access to our private lives and everything we do every minute of every day. All politicians want more money, more people, and more data so they can build an even bigger empire, despite continual failure to prevent attacks from occurring. So let's object to any process that rewards failure. STOP IT! We need smarter, more efficient ways to stop terror and criminal behavior. We also need to provide real oversight of the intel agencies and verification (auditing) to ensure rights are being protected. No data stored data collection on anyone without a warrant based on probable cause. By doing this, analysts and authorities are focused on the data most likely to prevent terrorist or criminal activity. permalink embed parent [–]tehn6 1 point 2 hours ago So do you think data is worth more than gold? Will a country's wealth be determined by the amount of data stored in the future? permalink embed parent [–]IamBillBinney[S] 1 point 2 hours ago True to an extent, but I will always prefer gold because it is real and hard to fake. permalink embed parent [–]mrkoot 1 point 2 hours ago* Although ThinThread (necessarily) relies on access to backbone communication links/cables, it does not rely on massive intake of content --- an opportunity to significantly reduce bulk collection, as A Good American explains. During a pre-screening in March 2016 you mentioned discussing ThinThread with governments including Germany, Denmark, Sweden, Norway, UK, Canada, Australia and New Zealand; and that Canada, Germany, Australia & New Zealand had 'picked it up'. Q1 (to Bill): did any government, so far, indicate a willingness to consider replacing existing methods that rely on bulk collection with ThinThread (or a ThinThread-like model) -- and to then reduce or eliminate bulk collections? Or is ThinThread rather seen as an addition, and existing sigint collection upheld? Q2 (to both Bill & Kirk): did any of the SSEUR countries, so far, consult Entity Mapping to implement ThinThread? permalink embed [–]IamBillBinney[S] 1 point 2 hours ago Q1: After leaving NSA in Oct 2001, we had no further communications with any other country's intelligence agency. We are working with the EU to improve surveillance techniques and to include privacy by design. Q2: No, none of the SSEUR countries have attempted to contact us. permalink embed parent [–]smokinbluebear 0 points 4 hours ago Thanks to you and the other Whistle-blowers!!! Any thoughts on a REAL 9/11 Commission (run by citizens, not politicians)? 9/11 is the original sin--Iraq/Afghan "wars" and CIA Torture, etc. Until we overcome the lies surrounding what happened that day the USA will be on a path of war and destruction...and war profiteering, of course. permalink embed [–]IamBillBinney[S] 2 points 3 hours ago Spot-on! permalink embed parent [–]MRB88 0 points 5 hours ago Hi Bill! Couple quick questions for you. 1) We all know that communications tools and social media are routinely monitored by national-level intelligence agencies. Do you worry about three letter agencies getting involved with private actors who collect/analyze big data on an official or unofficial level? 2) Can we talk about attribution? When a major hack happens, we hear reports about it being traced to X or Y actor but we never hear how. Considering that an attacker can obfuscate traffic or make it appear to an analyst that it is coming from a specific source, how do we actually know who is attacking us? For example, the Sony attack was "linked" to DPRK but I read the USCERT report and it looks like common American phrases were used as seeds and the attack vectors were unsophisticated. Things are looking similar with WannaCry but I haven't looked into that enough. Are we being lied to by the government to prevent a public freak out when people realize how easy it is to hit companies creating hundreds of millions in losses? permalink embed [–]IamBillBinney[S] 0 points 5 hours ago Question 1 - Yes I worry - they are already doing this and getting paid for it by the government(s). Question 2 - If the govt is telling you that country X is doing the attack, you have a 80% chance of that being a lie. It is difficult to know the true origin - must be able to trace the packets and look inside of them in order to know. Called Deep Packet Inspection. permalink embed parent [–]MRB88 0 points 6 hours ago Thanks for the reply, mind if I ask a few followups? Its more troubling to me that the government is just paying for the data as opposed to getting it from a covert method. How can we, as average citizens, protect ourselves from this collection without becoming straight up luddites? Things like Alexa/Siri and the smart grid bother me - Is not playing the only way to win? Do you have any thoughts on Reality Winner who was just arrested for leaking NSA reports? https://www.nytimes.com/2017/06/05/us/politics/reality-winner-contractor-le… permalink embed parent [–]IamBillBinney[S] 1 point 6 hours ago If the government wants you, they will get you - too many resources to fight. Whatever you do might protect you from local governments but not the "big boys." The main reason we are here in Europe is to urge rewriting of law to mandate targeted vice bulk collection of data and to help protect privacy rights. permalink embed parent [–]MRB88 1 point 5 hours ago Fair enough. Thanks for the responses. I'm going to go make a donation to the EFF - Best of luck in your efforts! permalink embed parent [–]peterkofod 0 points 6 hours ago Maybe some of this stuff is a bit hard to follow for "normal people"m especially those who haven't seen the film. Can you guys perhaps recap: 1) WHAT do the USA/5EYES spying machine collect? 2) What do they do with all the data they collect? permalink embed [–]IamBillBinney[S] 2 points 4 hours ago They collect all data making up communications between limited numbers of people. Here is a representative list: Videoconferencing Location information about people, Phone calls Emails Chatter on the net SMS (texting) Financial transactions, including credit cards, etc Passive transponders (E-Z Pass etc) Travel manifests Web browsing VOIP/Skype... Social media They also insert capture devices inside personal computers, routers, servers, etc. Former Gen. Alexander, Director NSA said, "COLLECT IT ALL!" permalink embed parent [–]Tangurena 0 points 6 hours ago* Did Thin Thread use what we now call "sentiment analysis"? I've been interested in natural language processing and post-911, probably 1/2 of the NLP research I've read is some version of "sentiment analysis" (it is also possible I've just been too narrow in my research). Also: the Bush administration hated all-things-Clinton and ended lots of anti-terrorism stuff (including NK getting nukes) just because it had a whiff of Clinton on it. Do you think this might have been the reason for Thin Thread getting canceled? permalink embed [–]IamBillBinney[S] 2 points 6 hours ago We did not use sentiment analysis or anything involving natural language processing, other than having an interest in content directly attributable to people of interest, like criminals, terrorists et al. No, Thin Thread was cancelled because of money and big company interest to feed off the public teat. permalink embed parent [–][deleted] 5 hours ago [deleted] [–]IamBillBinney[S] 2 points 5 hours ago I do not get around much, so I don't have enough information to give you a good answer. permalink embed [–]janvanoort 2 points 4 hours ago Dutch citizen here. Coffee shops are heavily regulated, and can only sell so much to non-Dutch citizens (in at least one other city in the Netherlands, they can't even sell anything to persons without the Dutch nationality). Alcohol and escorts (you prolly mean prostitution) are totally unregulated, apart from you having to pay VAT on alcohol and the girls having their own trade union. Decor: you can't build or change building facades in old Amsterdam as you want, buildings must stay "in atmosphere" with the extant 17th-century decor. permalink embed [–]Ho_Phat 0 points 5 hours ago Where in the world is Carmen Sandiego!? permalink embed [–]IamBillBinney[S] 2 points 5 hours ago In Los Angeles. permalink embed parent [–]Ho_Phat 2 points 5 hours ago Huh, I thought she was in San Diego. permalink embed parent [–]IamBillBinney[S] 2 points 4 hours ago :) permalink embed parent [–]ideapreneur 0 points 5 hours ago Hi Bill, Why Amsterdam? Are you enjoying our weather today? How seriously do you take your own privacy while browsing the internet? EDIT: Spelling. permalink embed [–]IamBillBinney[S] 1 point 4 hours ago Why Amsterdam? Good food, good friends, bad weather today. I do not worry about privacy myself, because I have evidence of all the criminal activity by the US Government, and they know that. permalink embed parent [–]patasaurusrex 0 points 5 hours ago Bill, What are your thoughts on other whistle blowers such as Edward Snowden, Chelsea (or Bradley) Manning, and recently Reality Leigh Winner being arrested over the weekend for leaking information on alleged Russian Election hacks. Do you think any of these people's actions were justified? Were they right in ho they went about distributing the information? Thanks in advance for the answers. permalink embed [–]IamBillBinney[S] 2 points 4 hours ago Snowden and Manning were motivated by moral standards, whereas the Reality Winner may have been motivated by pure politics, because the report did not show a clear connection to Russia. permalink embed parent [–]8238482348 2 points 2 hours ago You can't be moral when being vigilant of external influence in your election process? That's one thing that I'd like to be pure because when you mess with a man's vote, you mess with his livelihood and possibly life. I'm evidently pretty passionate about voting (democracy) being corrupted as I was when the DNC seemed to place less weight on Bernie's vote. I don't know if I can condone any of the leakers but you could just as well call it a moral decision. And in case you didn't know, morality tends to be political. permalink embed parent [–]_BindersFullOfWomen_ 0 points 5 hours ago Based on the information available today, do you believe Russia played a role in Donald Trump being elected? permalink embed [–]IamBillBinney[S] 2 points 4 hours ago* Absolutely not. Accusations against Trump are a red herring. permalink embed parent [–]Official-b0wie_ 2 points 5 hours ago What makes you think that? permalink embed parent [–]IamBillBinney[S] 1 point 4 hours ago It is so because all we have seen are accusations based on suspicions. Not one iota of proof has been provided. The Dir. of National Intelligence - James Clapper - himself has said there is no evidence of collusion with Russia. So has Senator Feinstein. See article here: http://www.nybooks.com/daily/2017/03/06/trump-russia-conspiracy-trap/ permalink embed parent [–]Official-b0wie_ 1 point 3 hours ago Interesting article - thanks for your reply. permalink embed parent [–]_BindersFullOfWomen_ 1 point 5 hours ago Thank you for the reply. permalink embed parent [–]lurking_digger 0 points 5 hours ago* Hello, Kirk! What are some practical steps you advise everyone to do? Edit: just read your answer elsewhere permalink embed [–]indirectlysubtle 0 points 5 hours ago Hi Bill, Opinion on extraterrestrials? What do you know or have you indirectly heard? Anything you would consider plausible permalink embed [–]iwas99x 0 points 5 hours ago Mr. Binney, are you familiar with the radio program coast to coast am? Have you ever given an interview on the radio program? If yes, would you do another one in the near future? If not, would you you consider going on the show? permalink embed [–]IamBillBinney[S] 0 points 4 hours ago I have been on this program and discussed all the spy programs the agencies are using to commit mass surveillance, map locations, etc. permalink embed parent [–]iwas99x 1 point 4 hours ago I hope you can go on again in the not too far future it is my favorite radio show. permalink embed parent [–]iwas99x 0 points 5 hours ago Mr. Binney, what are your thoughts about WikiLeaks and Julian Assange? permalink embed [–]IamBillBinney[S] 1 point 3 hours ago Julian Assange is a reporter and deserves the protections afforded reporters of news by the Constitution of the United States. Otherwise, the government must charge the New York Times, Washington Post and others with the same charges they would charge Julian. permalink embed parent [–]David_Voigts 0 points 3 hours ago Hi Bill, Thank you for all your efforts in bringing this mass surveillance program to light. My question is how did you weather the criticism, threats, and intimidation? And what did you and the ThinThread team have to do to get the program brought to the public’s attention? How long did that process take? I’m in a similar situation. My name is Dave. I’m a former naval officer and graduate of the United States Naval Academy. While I was in the service I came across an illegal domestic discrediting operation. The program uses organized intimidation stalking, in-community slander, and a class of weapons called “perception warfare” or “spiritual warfare” to discredit a target. The program is wholly unconstitutional and illegal, and I’ve been doing public outreach on behalf of the victims for a couple of years now. Fortunately, some of the information is coming to light. For example, actress Leah Remini recently aired a new series that discusses a brutal form of organized intimidation stalking used on critics of the Church of Scientology. Episodes 2 (Fair Game) and 9 (Merchants of Fear) discuss this program. Both perpetrators and victims discuss how crimes unfolded years earlier. While this is a step in the right direction, it still does not prove the existence of these “perception warfare” weapons. I’ve been working on this for a very long time, and hope that this horror will become public knowledge so that the victims can be freed. Thanks, Dave permalink embed [–]jensfriisnielsen 0 points 3 hours ago If you could recommend a book or two as mandatory public education, what would it be? Thank you sir for your continued fighting! permalink embed [–]IamBillBinney[S] 1 point 3 hours ago The Shadow Factory, by James Bamford Spies for Hire, by Tim Shorrock I have also heard from friends that these are good books to read: Data and Goliath, by Bruce Schneier No Place to Hide, by Glenn Greenwald American Spies, by Jennifer Granick https://archive.org/details/41748389078762 https://groups.google.com/forum/#!topic/sci.crypt/-ut-0iIsAMg https://www.amazon.com/Military-Cryptanalytics-Cryptographic-William-Friedm… https://en.wikipedia.org/wiki/Voynich_manuscript https://en.wikipedia.org/wiki/Elizebeth_Friedman https://en.wikipedia.org/wiki/William_F._Friedman http://www.campx.ca/secret.html

1 0

Barrett Brown: Reddit AMA Live Now
by grarpamp 07 Jun '17

07 Jun '17

https://www.reddit.com/r/IAmA/comments/6foom3/iama_barrett_brown_journalist… https://www.reddit.com/user/Barrett_Brown

1 0

Israel Since 1967: 50 Years of Self Admitted Liars
by grarpamp 06 Jun '17

06 Jun '17

https://theintercept.com/2017/06/05/a-50-year-occupation-israels-six-day-wa… A 50-Year Occupation: Israel’s Six-Day War Started With a Lie Mehdi Hasan 2017-06-05T13:07:19+00:00 Fifty years ago, between June 5 and June 10, 1967, Israel invaded and occupied East Jerusalem, the West Bank, the Gaza Strip, and the Golan Heights. The Six-Day War, as it would later be dubbed, saw the Jewish David inflict a humiliating defeat on the Arab Goliath, personified perhaps by Gamal Abdel Nasser’s Egypt. “The existence of the Israeli state hung by a thread,” the country’s prime minister, Levi Eshkol, claimed two days after the war was over, “but the hopes of the Arab leaders to annihilate Israel were dashed.” Genocide, went the argument, had been prevented; another Holocaust of the Jews averted. There is, however, a problem with this argument: It is complete fiction, a self-serving fantasy constructed after the event to justify a war of aggression and conquest. Don’t take my word for it: “The thesis according to which the danger of genocide hung over us in June 1967, and according to which Israel was fighting for her very physical survival, was nothing but a bluff which was born and bred after the war,” declared Gen. Matituahu Peled, chief of logistical command during the war and one of 12 members of Israel’s General Staff, in March 1972. A year earlier, Mordechai Bentov, a member of the wartime government and one of 37 people to sign Israel’s Declaration of Independence, had made a similar admission. “This whole story about the threat of extermination was totally contrived, and then elaborated upon, a posteriori, to justify the annexation of new Arab territories,” he said in April 1971. Even Israeli Prime Minister Menachem Begin, former terrorist and darling of the Israeli far right, conceded in a speech in August 1982 that “in June 1967 we had a choice. The Egyptian army concentrations in the Sinai approaches did not prove that Nasser was really about to attack us. We must be honest with ourselves. We decided to attack him.” The reverberations of that attack are still being felt in the Middle East today. Few...

1 0

General Opsec Guide for Transferring Information Anonymously
by Ryan Carboni 05 Jun '17

05 Jun '17

https://wikispooks.com/wiki/Wikispooks:Anonymous_Submissions As of January 2017, WikiSpooks has withdrawn provision of an Anonymous file upload upload facility. Anonymous submissions are still welcome but, in view of low historical usage of the secure upload-form facility, pgp-encrypted email (with or without file attachments) is the only practical method available for the site. Use of pgp-encryption with a single-use email address over a public WiFi facility is probably as 'anonymous' as was the discontinued form. Note: Unless anonymity is of fundamental importance, the best way to publish a document file on Wikispooks is through the 'Regular file upload' page, available to all registered users. Files uploaded using this option are immediately available to both view and edit on the WikiSpooks site. https://twitter.com/ericgeller/status/871842516458496001 Obviously if a news outlet is to publish a document, it should minimize any information conveyed beyond the message. Actually US Gov FOI practices typically involve printing out a redacted document before re-scanning it. Ideally the best thing for the Intercept to have done is to use a low resolution black-white copy machine, and mail the document again since there is no urgency in this matter. Naturally I am interested in when news organizations will publish unredacted documents. After five years, information loses a lot of value. Lot of software end of lifed five years ago, which doesn't include Windows XP, which was EOL'd more recently than five years ago. Regardless, I think journalists should be more carefully vetted, maybe some of them met the Russian ambassador. ...... https://wikileaks.org/clinton-emails/emailid/19174#efmAMfANh

1 0

[vaccinfo@bigpond.com: Brave California Police Save Town From Man Selling Veggies] - human rights at their most basic
by 'Zenaan Harkness' 05 Jun '17

05 Jun '17

Take your safety over freedom, and our rights, freedom and safety disappears. Thugs with guns proclaim to protect you from yourself, since you failed to buy a license from the state, to exercise your freedom, and "protect" you. From yourself. And others. Since you did not pay for your freedom. Kneel, slave!! Germans: deny your holohoax. Californians and New Zealanders: sell some veggies. Everyone: drive on a public road. Better yet, Gandhi the masses into denying, selling, driving with you. Good luck fellow humans, ----- Forwarded message from Bronwyn Hancock <vaccinfo(a)bigpond.com> ----- From: Bronwyn Hancock <vaccinfo(a)bigpond.com> Date: Mon, 5 Jun 2017 21:47:58 +1000 Subject: Brave California Police Save Town From Man Selling Veggies http://www.zerohedge.com/news/2017-06-04/brave-police-save-town-man-selling- veggies Brave Police Save Town From Man Selling Veggies <http://www.zerohedge.com/users/tdb> TDB's picture by TDB <http://www.zerohedge.com/users/tdb> Jun 4, 2017 8:26 AM It is the simplest, most basic aspect of life: you need food, so you grow some vegetables. If you have extra you sell them on a street corner to your neighbors, and if you live in California you get arrested for it. Licensing is when the government takes a right from you, and sells it back. This California man failed to purchase his rights back from the state. But the poor police had pictures taken of them while arresting the man, and now they are hearing from the public about their unjust actions. The Sheriff's Department of Alameda County Florida <http://www.naturalnews.com/2017-06-03-man-arrested-for-selling-vegetables-w ithout-a-permit-in-police-state-usa.html> responded on Facebook to the public outrage, including thousands of criticisms posted to their Facebook page. Selling food on street corners violates county ordinances and public health codes. Persistent street vending harms local businesses, especially small, start-up food vendors. There you have it, from the horse's mouth in plain black and white: the point of licenses is protection. You pay to play, if you don't pay off the city and county, they will send their hired thugs to rough you up and demand the protection money. It harms local businesses: apparently it is the government's job to make sure there is no competition for certain businesses. God forbid the consumer has a choice. And why isn't this guy's produce selling operation considered a small, start-up street vendor? Simple because he didn't pay for his rights. Yet the Ninth Amendment in the Bill of Rights says, "The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people." And the 24th Amendment outlawed the poll tax, saying the right to vote had been abridged by charging citizens money in order to exercise that right. Both of these amendments suggest that licensing-charging money for doing a normal activity, having to pay just to live your life-is one method of denying a person's rights. <https://www.progress.org/articles/rights-and-privileges> And two Supreme Court cases affirm this: In Murdock v. Pennsylvania, 319 U.S. 105 (1943), the Supreme Court stated that a law requiring solicitors to purchase a license was an unconstitutional tax on the Jehovah's Witnesses' right to freely exercise their religion. The Court ruled that "The state cannot and does not have the power to license, nor tax, a Right guaranteed to the people," and "No state shall convert a liberty into a license, and charge a fee therefore." In another case, the Court ruled similarly, that "If the State converts a right (liberty) into a privilege, the citizen can ignore the license and fee and engage in the right (liberty) with impunity." (Shuttlesworth v. City of Birmingham, Alabama, 373 U.S. 262). Earning money, engaging in basic trade, selling the excess of your labor all falls under the category of natural rights, the pursuit of happiness, liberty or whatever you want to call it. The government has no business arresting someone for selling vegetables. So the county has their pieces of paper that say he cannot sell without a license, and he has different pieces of paper that say he can. No one bothers to think about what is right, especially the police "just doing their jobs." The police don't make the rules, they just enforce them. So at what point will a law become too unjust to enforce? At what point does a cop quit his job, because he is the agent of injustice? That is such a stupid attempt to absolve oneself of responsibility. A police officer is an individual who can choose to do evil or not. Doing injustice to fellow human beings for a salary doesn't make it any better. Following the orders of politicians doesn't make a cop's actions peaceful. Throwing people in cages for selling vegetables is a terrible thing to do as one individual to another, and one should not hide behind a badge, uniform, department, or politician while being a bad person. Let's look at the rest of the excuse given by the Sheriff's Department. Selling food on street corners. poses certain health risks such as E. coli and other food borne illnesses. Okay, getting a license doesn't stop E. coli. There have been plenty of outbreaks in licensed food, as well as government-owned water supplies. This is simply a justification given for extortion. The government isn't testing every veggie, and they aren't watching every restaurant employee to make sure they wash their hands before returning to work-even if they make the restaurant hang the sign. The Sheriff's office continued: In addition, illegal vending causes traffic safety issues and vendors are sometimes the target of street robberies. Ah, there you go! The police arrested the man to help him and protect him. They defacto robbed him (the costs of going through the legal system, as well as lost veggies, and lost revenue) in order to protect him from being robbed. And they will just throw in a "traffic safety issue" for good measure. That farmstand is much more distracting than blinding blue lights flashed all over the city whenever someone is going 5 mph over the speed limit. (On a side note, have you ever thought about how much more dangerous it is to be parked on the side of a highway after being pulled over, versus going 80 or even 90 miles per hour with the traffic?) The whole situation is just absurd. We don't need police running around arresting vegetable vendors-we don't even need them arresting drug dealers! If the police would focus on solving the millions of rapes which they never investigate, or perhaps the 39% of murders that never get cleared, maybe their Facebook pages wouldn't be bombarded by angry citizens as often. The clear answer is to continue to resist and engage in your highly illegal selling of vegetables, and anything else, regardless of what the law says. Support the illegal farmstand on the roadside, and engage in gray and black markets with your community. Support the illegal farmstand on the roadside, and engage in gray and black markets with your community. In fact, a fun activity of resistance is to actively seek out opportunities to engage in unlicensed vending and trade. This strengthens the undocumented market. The raw milk in my cereal was sold to me illegally, which makes it that much more delicious. ----- End forwarded message -----

2 1