Re: [ExI] chilling effects
----- Forwarded message from Anders Sandberg <anders@aleph.se> ----- Date: Fri, 25 Oct 2013 22:25:47 +0200 From: Anders Sandberg <anders@aleph.se> To: extropy-chat@lists.extropy.org Subject: Re: [ExI] chilling effects Message-ID: <526AD3CB.9000807@aleph.se> User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.0.1 Reply-To: ExI chat list <extropy-chat@lists.extropy.org> On 2013-10-25 20:32, Eugen Leitl wrote:
Anders, do you remember Assange? He used to post to this list. Have you received email from him? Encrypted email? Are you one one or two hops away from people that are known targets? Have you received packages from any such? Have you had any significant exposure to Bitcoin circles? Did you travel to Bitcoin conferences as a speaker? Are you a computer security researcher? Are you a member of political group even remotely considered daring, or are you connected to people like that? Do you travel a lot, into diverse countries? &c&c
If any of these apply, consider yourself a likely target for telco surveillance.
Sure. I also get invited to speak to the US and UK government. If they *didn't* check me out, they would be rather remiss. You wouldn't want one of the Bad Guys to visit the MoD or NSC shindig, right? In fact, one intriguing issue is government self-surveillance. When the Army invites me to a meeting, no doubt the NSA has to check out the people attending - they are dealing with somebody in the network of "interesting" people! Ah, yes, obvious Swedish military and crazy libertarian connections, hey - double second-order links to Assange! ...wait, a third order link to *Saddam*?! And vice versa, by going to that meeting I am now by definition an "interesting" person and my government contacts are worth checking out a bit more... The problem is of course to rein in the spread of who to keep tabs on - and big data is providing its own apparent solution: "all of them". Plus that large scale trawling will tend to pick up lots of things just by default. Which actually means that various agencies are gathering data other agencies would rather not have gathered. Just ask David Petraeus. At least humans know better than to spy on the boss, but the software can't tell the president apart from another suspiciously well-connected person who is meeting with shady people. Add to this the normal craziness of intelligence ( http://www.antipope.org/charlie/blog-static/2013/10/spook-century.html ) and there is plenty of potential for tragicomedy. But the upshot of this is not that I should keep silent: *it doesn't matter*. I am in this mess whatever I do, even if I follow the best opsec and sigint practice. The risk of me being targeted is less affected by my actual activities and more affected by arbitrary group memberships.
Most dire warnings I hear about how the Powers are doing sinister things seem to be more about getting attention and playing human social games than actual intel. And they do damage by their chilling effects - I have met people who are afraid of being associated with cryptography or working for better intelligence oversight because They have reason to suspicition that this adds a flag that can make a difference in future, but perhaps being flagged a coward stings a bit more.
The most worrisome effect is that a certain kind of people take those putative flags very seriously, and deliberately live amazingly bland lives. You can see the young politicians who have nearly no net shadow except party activities, and plan on being electable because they have no scandals. You can see it among the admin people who aim at conforming maximally, thinking this is a clever career move. The problem is that this can lead to a feedback loop: if the officers vetting you have a perspective of what a proper life is based on their own conformist lives, they will gather people like themselves in the institutions of power. Most bureaucracies love bureaucrats, because they make sense to bureaucrats. But this is specific problem that is more narrow than the general problem of *badly founded* fear of omnipresent and omnicompetent Powers making people conform. -- Dr Anders Sandberg Future of Humanity Institute Oxford Martin School Oxford University _______________________________________________ extropy-chat mailing list extropy-chat@lists.extropy.org http://lists.extropy.org/mailman/listinfo.cgi/extropy-chat ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
A useful invention, or discovery, similar to that of public key enryption, would be to devise a means to communicate such that no communication, as we now know it, would actually occur. Consider what ineffable thought led young Whit Diffie to imagine PKC. He says it came to him at one point, not altogether believable at first, thinking there must be a fault somewhere, if valid surely it had been figured out before. As we know, it had been, by the quiet Brits, and kept top secret. What else like that is going on, has gone on, will gone on, all the while evading classification at birth, not patented, not yet institutionalized in secrecy madhouses hoarding the best and brightest, as we know those terms of entrapment. Consider that a non-communication ineffability has been invented, or discovered, or is gestating in one or more young minds not yet regimented by too much education, too much experience, too much jaded skepticism, too little imagination, too much comfort of reputation, salary, prizes and pensions, too much blind faith in technology or mathematics, too much secrecy as we know them to be crushing of novelty and waywardness. For example, if the non-communication required no physical or electromagnetic means but was based on say, conviction, or concepts, or ideas, or imagination. The message would be intuited, let us say, or grasped by deduction or induction, or simply was shared without obvious effort except perhaps an urge or yearning or desire or hunger or passion or insight, or why not go for it, love. Turns out this is not all that unusual. It is rather commonplace if not ubiquitous. Animals do it, so do vegetables, and probably minerals, though that is hard to say for sure, perhaps a volcanic eruption or earthquake or asteroid is passing along content as well as metadata. Thought, perhaps faith, exchanges content by ineffability. The arts, perhaps theoretical if not experimental science, do too. Brian Carroll has been exploring these possibilities for some two decades. If he, then others, most of them little known, not on the list of comsec wizards, not on lists at all. That could be what keeps working at the level of the successors to Diffie -- and the Brits silenced by the OSA.. At 04:35 PM 10/25/2013, you wrote:
----- Forwarded message from Anders Sandberg <anders@aleph.se> -----
Date: Fri, 25 Oct 2013 22:25:47 +0200 From: Anders Sandberg <anders@aleph.se> To: extropy-chat@lists.extropy.org Subject: Re: [ExI] chilling effects Message-ID: <526AD3CB.9000807@aleph.se> User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.0.1 Reply-To: ExI chat list <extropy-chat@lists.extropy.org>
On 2013-10-25 20:32, Eugen Leitl wrote:
Anders, do you remember Assange? He used to post to this list. Have you received email from him? Encrypted email? Are you one one or two hops away from people that are known targets? Have you received packages from any such? Have you had any significant exposure to Bitcoin circles? Did you travel to Bitcoin conferences as a speaker? Are you a computer security researcher? Are you a member of political group even remotely considered daring, or are you connected to people like that? Do you travel a lot, into diverse countries? &c&c
If any of these apply, consider yourself a likely target for telco surveillance.
Sure. I also get invited to speak to the US and UK government. If they *didn't* check me out, they would be rather remiss. You wouldn't want one of the Bad Guys to visit the MoD or NSC shindig, right?
In fact, one intriguing issue is government self-surveillance. When the Army invites me to a meeting, no doubt the NSA has to check out the people attending - they are dealing with somebody in the network of "interesting" people! Ah, yes, obvious Swedish military and crazy libertarian connections, hey - double second-order links to Assange! ...wait, a third order link to *Saddam*?! And vice versa, by going to that meeting I am now by definition an "interesting" person and my government contacts are worth checking out a bit more... The problem is of course to rein in the spread of who to keep tabs on - and big data is providing its own apparent solution: "all of them". Plus that large scale trawling will tend to pick up lots of things just by default. Which actually means that various agencies are gathering data other agencies would rather not have gathered. Just ask David Petraeus. At least humans know better than to spy on the boss, but the software can't tell the president apart from another suspiciously well-connected person who is meeting with shady people.
Add to this the normal craziness of intelligence ( http://www.antipope.org/charlie/blog-static/2013/10/spook-century.html ) and there is plenty of potential for tragicomedy.
But the upshot of this is not that I should keep silent: *it doesn't matter*. I am in this mess whatever I do, even if I follow the best opsec and sigint practice. The risk of me being targeted is less affected by my actual activities and more affected by arbitrary group memberships.
Most dire warnings I hear about how the Powers are doing sinister things seem to be more about getting attention and playing human social games than actual intel. And they do damage by their chilling effects - I have met people who are afraid of being associated with cryptography or working for better intelligence oversight because They have reason to suspicition that this adds a flag that can make a difference in future, but perhaps being flagged a coward stings a bit more.
The most worrisome effect is that a certain kind of people take those putative flags very seriously, and deliberately live amazingly bland lives. You can see the young politicians who have nearly no net shadow except party activities, and plan on being electable because they have no scandals. You can see it among the admin people who aim at conforming maximally, thinking this is a clever career move. The problem is that this can lead to a feedback loop: if the officers vetting you have a perspective of what a proper life is based on their own conformist lives, they will gather people like themselves in the institutions of power. Most bureaucracies love bureaucrats, because they make sense to bureaucrats.
But this is specific problem that is more narrow than the general problem of *badly founded* fear of omnipresent and omnicompetent Powers making people conform.
-- Dr Anders Sandberg Future of Humanity Institute Oxford Martin School Oxford University
_______________________________________________ extropy-chat mailing list extropy-chat@lists.extropy.org http://lists.extropy.org/mailman/listinfo.cgi/extropy-chat
----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
On 2013-10-26 06:35, Eugen Leitl wrote:
Just ask David Petraeus. At least humans know better than to spy on the boss, but the software can't tell the president apart from another suspiciously well-connected person who is meeting with shady people.
By default, Android, Thunderbird and Mozilla report your geographic location to Google, using gps if available, nearest wifi networks otherwise. This appears to have enabled google's supercomputer, the planet's most powerful AI, to detect that David Petraeus was overnighting where he should not. The official story being that this non standard overnighting raised a flag that his equipment might have been stolen, hence the need to report to friends of Obama. Yeah, right. I wonder if the rape charges against Julian Assange had a similar origin - did one of his numerous groupies spontaneously file false rape charges on her own initiative on discovering that other people in her circle were also having sex with Assange, or was she put up to it by people seeking to extradite Julian Assange, who proceeded to track who was sharing his bed. I would expect that Julian Assange would assiduously turn off the tracking, but his playmates probably would not.
Thunderbird sends gps to google? That seems a bit odd considering they are not connected. On Saturday, October 26, 2013, James A. Donald wrote:
On 2013-10-26 06:35, Eugen Leitl wrote:
Just ask David Petraeus. At least humans know better than to spy on the boss, but the software can't tell the president apart from another suspiciously well-connected person who is meeting with shady people.
By default, Android, Thunderbird and Mozilla report your geographic location to Google, using gps if available, nearest wifi networks otherwise.
This appears to have enabled google's supercomputer, the planet's most powerful AI, to detect that David Petraeus was overnighting where he should not.
The official story being that this non standard overnighting raised a flag that his equipment might have been stolen, hence the need to report to friends of Obama. Yeah, right.
I wonder if the rape charges against Julian Assange had a similar origin - did one of his numerous groupies spontaneously file false rape charges on her own initiative on discovering that other people in her circle were also having sex with Assange, or was she put up to it by people seeking to extradite Julian Assange, who proceeded to track who was sharing his bed.
I would expect that Julian Assange would assiduously turn off the tracking, but his playmates probably would not.
-- Kelly John Rose Toronto, ON Phone: +1 647 638-4104 Twitter: @kjrose Skype: kjrose.pr Gtalk: iam@kjro.se MSN: msn@kjro.se Document contents are confidential between original recipients and sender.
On 2013-10-27 00:53, Kelly John Rose wrote:
Thunderbird sends gps to google? That seems a bit odd considering they are not connected.�
Evil state sponsored conspiracy. The Cathedral. I thought everyone knew this. Thunderbird/tools/options/advanced/config editor/geo.enabled. Set to disabled. Who on this list has not done so? Of course people usually use Thunderbird on their main computer, which generally does not have a gps, but it usually has a wifi card. Thunderbird detects the nearest wifi networks . When google does street view for Google Earth, they also detect nearby wifi networks, so the data supplied by Thunderbird is matched against the data collected by google during street view surveys. Thus, whenever and wherever you use Thunderbird, google can supply the authorities with the closest street address to where you are using Thunderbird, and pictures taken from the street very close to that address. Thus the authorities not only have your email, which being sent in the clear has no expectation of privacy, but also a picture of building that you are sitting in when sending the email.
Same with Firefox I'm guessing? On Saturday, October 26, 2013, James A. Donald wrote:
On 2013-10-27 00:53, Kelly John Rose wrote:
Thunderbird sends gps to google? That seems a bit odd considering they are not connected.�
Evil state sponsored conspiracy. The Cathedral. I thought everyone knew this.
Thunderbird/tools/options/**advanced/config editor/geo.enabled.
Set to disabled.
Who on this list has not done so?
Of course people usually use Thunderbird on their main computer, which generally does not have a gps, but it usually has a wifi card. Thunderbird detects the nearest wifi networks .
When google does street view for Google Earth, they also detect nearby wifi networks, so the data supplied by Thunderbird is matched against the data collected by google during street view surveys.
Thus, whenever and wherever you use Thunderbird, google can supply the authorities with the closest street address to where you are using Thunderbird, and pictures taken from the street very close to that address. Thus the authorities not only have your email, which being sent in the clear has no expectation of privacy, but also a picture of building that you are sitting in when sending the email.
-- Kelly John Rose Toronto, ON Phone: +1 647 638-4104 Twitter: @kjrose Skype: kjrose.pr Gtalk: iam@kjro.se MSN: msn@kjro.se Document contents are confidential between original recipients and sender.
On 10/26/2013 16:24, James A. Donald wrote:
On 2013-10-27 00:53, Kelly John Rose wrote:
Thunderbird sends gps to google? That seems a bit odd considering they are not connected.�
Evil state sponsored conspiracy. The Cathedral. I thought everyone knew this.
Thunderbird/tools/options/advanced/config editor/geo.enabled.
Set to disabled.
Who on this list has not done so?
Of course people usually use Thunderbird on their main computer, which generally does not have a gps, but it usually has a wifi card. Thunderbird detects the nearest wifi networks .
When google does street view for Google Earth, they also detect nearby wifi networks, so the data supplied by Thunderbird is matched against the data collected by google during street view surveys.
Thus, whenever and wherever you use Thunderbird, google can supply the authorities with the closest street address to where you are using Thunderbird, and pictures taken from the street very close to that address. Thus the authorities not only have your email, which being sent in the clear has no expectation of privacy, but also a picture of building that you are sitting in when sending the email.
What? Citations please. http://www.mozilla.org/en-US/firefox/geolocation/ says everything to the contrary. -- staticsafe O< ascii ribbon campaign - stop html mail - www.asciiribbon.org Please don't top post. It is not logical. Please don't CC me! I'm subscribed to whatever list I just posted on.
Firefox asked me about sharing Geo info today. I don't often use Firefox but I had this thread in mind and noted it. I said no. On Oct 26, 2013 6:28 PM, "staticsafe" <me@staticsafe.ca> wrote:
On 10/26/2013 16:24, James A. Donald wrote:
On 2013-10-27 00:53, Kelly John Rose wrote:
Thunderbird sends gps to google? That seems a bit odd considering they are not connected.�
Evil state sponsored conspiracy. The Cathedral. I thought everyone knew this.
Thunderbird/tools/options/**advanced/config editor/geo.enabled.
Set to disabled.
Who on this list has not done so?
Of course people usually use Thunderbird on their main computer, which generally does not have a gps, but it usually has a wifi card. Thunderbird detects the nearest wifi networks .
When google does street view for Google Earth, they also detect nearby wifi networks, so the data supplied by Thunderbird is matched against the data collected by google during street view surveys.
Thus, whenever and wherever you use Thunderbird, google can supply the authorities with the closest street address to where you are using Thunderbird, and pictures taken from the street very close to that address. Thus the authorities not only have your email, which being sent in the clear has no expectation of privacy, but also a picture of building that you are sitting in when sending the email.
What?
Citations please.
http://www.mozilla.org/en-US/**firefox/geolocation/<http://www.mozilla.org/en-US/firefox/geolocation/>says everything to the contrary.
-- staticsafe O< ascii ribbon campaign - stop html mail - www.asciiribbon.org Please don't top post. It is not logical. Please don't CC me! I'm subscribed to whatever list I just posted on.
On 10/26/2013 19:57, alex wright wrote:
Firefox asked me about sharing Geo info today. I don't often use Firefox but I had this thread in mind and noted it. I said no.
The Geo info feature in Firefox is an API provided so that *websites* can ask for location info in an easy and developer friendly way. Firefox did not ask for location info, the website you were on did. -- staticsafe O< ascii ribbon campaign - stop html mail - www.asciiribbon.org Please don't top post. It is not logical. Please don't CC me! I'm subscribed to whatever list I just posted on.
Fair enough. It weirds me out a bit just the same. On Oct 26, 2013 8:09 PM, "staticsafe" <me@staticsafe.ca> wrote:
On 10/26/2013 19:57, alex wright wrote:
Firefox asked me about sharing Geo info today. I don't often use Firefox but I had this thread in mind and noted it. I said no.
The Geo info feature in Firefox is an API provided so that *websites* can ask for location info in an easy and developer friendly way.
Firefox did not ask for location info, the website you were on did.
-- staticsafe O< ascii ribbon campaign - stop html mail - www.asciiribbon.org Please don't top post. It is not logical. Please don't CC me! I'm subscribed to whatever list I just posted on.
On 2013-10-27 10:07, staticsafe wrote:
The Geo info feature in Firefox is an API provided so that *websites* can ask for location info in an easy and developer friendly way.
So what is the Geo info feature doing in Thunderbird? Further, in the default setting, websites do not ask your browser for geolocation information. They ask your browser if they can ask Google, which implies that Google already had that information without ever asking for it. In the default settings the conversation goes like this: Location aware website: Please tell us where you are. User's Browser to user: Can I tell them where you are? User: Sure: User's Browser to location aware website: Ask Google where I am. Google knows all.
On 10/27/2013 02:51, James A. Donald wrote:
So what is the Geo info feature doing in Thunderbird?
Same engine, I guess they didn't bother removing it. It does absolutely nothing in Thunderbird because nothing will ever ask for your location in Thunderbird. -- staticsafe O< ascii ribbon campaign - stop html mail - www.asciiribbon.org Please don't top post. It is not logical. Please don't CC me! I'm subscribed to whatever list I just posted on.
On 2013-10-27 14:45, staticsafe wrote:
On 10/27/2013 02:51, James A. Donald wrote:
So what is the Geo info feature doing in Thunderbird?
Same engine, I guess they didn't bother removing it. It does absolutely nothing in Thunderbird because nothing will ever ask for your location in Thunderbird.
If it's the same engine, then the display of remote content in an HTML email could do just that. Fun, Stephan
Why my thunderbird doesn't show any HTML in emails. On Sunday, October 27, 2013, Stephan Neuhaus wrote:
On 2013-10-27 14:45, staticsafe wrote:
On 10/27/2013 02:51, James A. Donald wrote:
So what is the Geo info feature doing in Thunderbird?
Same engine, I guess they didn't bother removing it. It does absolutely nothing in Thunderbird because nothing will ever ask for your location in Thunderbird.
If it's the same engine, then the display of remote content in an HTML email could do just that.
Fun,
Stephan
-- Kelly John Rose Toronto, ON Phone: +1 647 638-4104 Twitter: @kjrose Skype: kjrose.pr Gtalk: iam@kjro.se MSN: msn@kjro.se Document contents are confidential between original recipients and sender.
On 2013-10-27 08:25, staticsafe wrote:
On 10/26/2013 16:24, James A. Donald wrote:
On 2013-10-27 00:53, Kelly John Rose wrote:
Thunderbird sends gps to google? That seems a bit odd considering they are not connected.�
Evil state sponsored conspiracy. The Cathedral. I thought everyone knew this.
Thunderbird/tools/options/advanced/config editor/geo.enabled.
Set to disabled.
Who on this list has not done so?
Of course people usually use Thunderbird on their main computer, which generally does not have a gps, but it usually has a wifi card. Thunderbird detects the nearest wifi networks .
When google does street view for Google Earth, they also detect nearby wifi networks, so the data supplied by Thunderbird is matched against the data collected by google during street view surveys.
Thus, whenever and wherever you use Thunderbird, google can supply the authorities with the closest street address to where you are using Thunderbird, and pictures taken from the street very close to that address. Thus the authorities not only have your email, which being sent in the clear has no expectation of privacy, but also a picture of building that you are sitting in when sending the email.
What?
Citations please.
http://www.mozilla.org/en-US/firefox/geolocation/ says everything to the contrary.
David Petraeus would disagree - particularly as he got nailed for using email from an inappropriate location, not for web browsing from an inappropriate location. Notice while your link piously gives an innocent explanation for what Firefox is doing with a list of nearby wifi points, your link does not discuss what the hell Thunderbird is doing with a list of nearby wifi points. The document you cite says that if you OK a website knowing where you are, your browser then sends that website (not Google) your location, which can indeed happen if you fiddle with the settings. What, however, happens in the default setting, is that if you OK a website knowing where you are, your browser does not send them a list of your nearby wifi points, but instead tells them to request your location from Google. There seems to be no technological reason why they cannot request your location from Google without waiting for your browser to tell them to do so, though I suppose Google might be displeased. Which procedure implies that Google already has a list of your nearby wifi points, from which it has already deduced your location.
participants (7)
-
alex wright -
Eugen Leitl -
James A. Donald -
John Young -
Kelly John Rose -
staticsafe -
Stephan Neuhaus