NSA has direct access to tech giants' systems for user data, secret files reveal

That's not an issue, because I use end-to-end encryption for anything that matters. I also use it for casual conversation, just to be confusing

 

It might be that very few Microsoft employees know the full extent of data sharing with NSA. Top management might not know, perhaps intentionally. It's common to compartmentalize information on a need-to-know basis, independent from routine management structure aka chain of command. That can improve security, and provide plausible deniability. But sometimes the wheels fall off, and there's chaos

 

Lawsuit Challenges NSA’s Bulk Phone Data Grab.

-- Tom

 

http://www.guardian.co.uk/commentisfree/2013/jul/16/gordon-humphrey-email-edward-snowden

 

http://www.spiegel.de/international...knew-about-prism-and-nsa-spying-a-911583.html

 

MILLIONS OF INNOCENT DRIVERS TRACKED -AP
http://www.huffingtonpost.com/2013/07/17/vehicle-records-_n_3610770.html

Spy-spotting stroll sparks security alert in Germany
A german citizen hikng on German soil around a U.S. Intelligence facility alerted the police and U.S.security through his facebook posting.
http://worldnews.nbcnews.com/_news/...-stroll-sparks-security-alert-in-germany?lite

Travellers' mobile phone data seized by police at border
Thousands of innocent holidaymakers and travellers are having their phones seized and personal data downloaded and stored by the police, The Telegraph can disclose
http://www.telegraph.co.uk/technolo...le-phone-data-seized-by-police-at-border.html

 

The Creepy, Long-Standing Practice of Undersea Cable Tapping

http://www.theatlantic.com/international/archive/2013/07/the-creepy-long-standing-practice-of-undersea-cable-tapping/277855/

 

The NSA Admits It Analyzes More People's Data Than Previously Revealed.
http://www.theatlanticwire.com/poli...-more-peoples-data-previously-revealed/67287/

https://twitter.com/ggreenwald/status/357597650293489664

 

http://www.guardian.co.uk/world/2013/jul/17/nsa-surveillance-house-hearing

Similar coverage on this, but much much more in recent weeks than Main Stream Media.

 

Former U.S. President Jimmy Carter has heavily criticized the American political system in the aftermath of the NSA spying scandals. "America currently has no functioning democracy" said Carter on Tuesday at an "Atlantic Bridge" function in Atlanta.

Even before, the Democrat has been very critical of the practices of the U.S. intelligence services. "I think the invasion into the private sphere has gone too far," said Carter to CNN. "And I think the confidential activities have been excessive." In regards to the NSA whistleblower Edward Snowden, Carter said his revelations are, in the long term, "probably useful, because they inform the public."

http://www.spiegel.de/politik/ausland/nsa-affaere-jimmy-carter-kritisiert-usa-a-911589.html

 

Interestingly:

Which confirms my statement I made last year about Microsoft's statements about encryption being a complete red herring (as MS also own the
decryption keys) https://www.wilderssecurity.com/showpost.php?p=2047417&postcount=22

Cheers, Nick.

 

From CNet; 'Google tests encryption to protect users' Drive files against government demands' link

I wonder how far Google will/can go in defying the legal compliance demands, mentioned in the above Microsoft quote.

 

It'd be cool if they implemented secure client-side encryption.

However:

 

The only safe solution is if you encrypt prior to the transmit transaction to those servers... Any remote servers!

Anything else is insecure. If you allow the client server transaction process to perform the encryption there are open points that can be manipulated.

Even if your transaction encryption is secure and unbroken, your data is open and accessible to anyone at the server location. You have no control over that regardless of any of these businesses claims.

However If you create an encrypted container locally, input your data for safe keeping into the encrypted container, then upload the encrypted container to Google drive or MS Skydrive or Dropbox then you are secure.

In the unlikely event that someone wants to pry into your business, your container encryption needs to be broken as it's transmitted without a key and it's security encryption was not negotiated during the transmit process. This is the only truly secure way to store data on such type of system.

If you store open data on any server it's vulnerable to employee prying or anyone else with law enforcement credentials it's that simple. The point to point transaction is not the only security gap to such technologies. Protect your data, protect you intellectual property don't delegate that job to some big corporate outfit who stand to profit from seeing your data...

In short securing your stuff is your responsibility. If you are stupid enough to store sensitive data unprotected on these types of system, my guess is you deserve to have it stolen or copied.

 

A better question is this:

Does the NSA have direct access to the servers of Wilderssecurity or any other website on the Internet? I'm 100% certain every click is sent to the Utah Data Center, if Google Analytics is evolved. If you use noScripts to block Google Analytics, then I don't think Google can build a profile of all of your Internet activities. Even with Tor, Google can track your activities--they just can't build a profile on your ip because Google would be tracking the IPs of the Tor exit nodes.

In order to stay anonymous online, you must

1) Buying an old laptop that doesn't have Windows 8 installed. 8 is hardwired into laptops so you cannot remove it. So, you're stuck with 8's extremely privacy invasive features.

2) Remove the Windows 7 OS that comes with the laptop. Install a Linux Host OS from scratch that doesn't have any stupid NSA backdoors. Avoid Windows!!

3) Virtualize the entire Host OS.

4) Have a dozen Linux virtual machine images inside Virtual Box (or VWare). Each dedicated to a separate online identity/purpose. For example, you have one VM dedicated SOLELY for browsing Wilderssecurity. Another dedicated SOLELY for Twitter. Etc. Etc. Etc.

i) Make sure you use a completely randomly generated and unique username that cannot be linked together. For example, Jim145, Alien145 and Han145 all end with 145 so an adversely can link usernames with that pattern together. And thus figure out all of those usernames belong to ONE person. And that ONE person is YOU.

ii) Also make sure each of your online identities remain as separate as possible, and cannot be easily linked together by a determined adversary.

5) Run Tor, VPN chaining, JonDo , Webproxies and an assortment of other proxy technologies inside each virtual machine.

Make sure your laptop doesn't have a shred of personal info (personal emails, work related material, etc). All Internet connections are routed through proxies. And I mean by ALL. No connections can be through your home ISP.

I think this anonymouzes your Internet activities.

Oh, don't forgot to encrypt your HDD with Truecrypt's AES-256 algorithm and a 64 character password!

And as for offline activities, I can't even begin to fathom what measures must be taken to stay anonymous! Can anyone give provide suggestions?

 

That seems about right

Don't bother. It attracts attention. Just be normal.

Alternatively, you could become a homeless person with hidden assets. But that seems rather unpleasant.

 

Pay with cash or money orders. If you're stuck with direct deposit, pull all the money off as cash as soon as it's deposited. It used to be considered risky to carry cash. Anymore, it's just as likely or more so that you'll be a victim of credit or debit card fraud. No matter how careful you are, you have no control over the security of the places you'd use it. Plastic is easily tracked.

Avoid store cards, gas cards, etc, anything with your name or info on it. Unless you actually need to, don't carry a cell phone. Better yet, don't have one. That eliminates most GPS data on your location and travel routine.

 

http://www.themoscowtimes.com/opinion/article/why-putin-despises-snowden/483368.html

 

NSA Phone Snooping Cannot Be Challenged in Court, Feds Say.

-- Tom

 

Cough... sounds like dictatorships.... cough...

 

I have serious doubts that at this point Snowden has too many options left, so I think this is his last concern at the moment.

 

Right, saying "Thank you, President Putin " is his best option.

He can go back to leaking once he's "safe" in South America.

 

People can do pretty strange things when put under pressure.

 

The people have the right to challenge anything and everything the government does.

Interesting bias in that article. What can be "exponentially larger" than surveillance of the entire globe and almost all communications on it? Surveillance on this scale hasn't been done before.

edit, censored emotional outburst

 

You just killed the thread, I think

But see -https://en.wikipedia.org/wiki/Sovereign_immunity_in_the_United_States

There's nothing new about that.