Discussion:
[linux-elitists] Political solutions to mass surveillance?
Don Marti
2014-07-25 12:56:55 UTC
Permalink
Here's something I don't get. Maybe somebody
else on the list gets it. What's the point of a
ban/restriction/de-funding of mass surveillance in
the USA? Why do people strain their precious carpal
tunnels discussing political action in this area?

I'm sure that there must be some reason, but I'm
having trouble understanding what it would be.

It seems like a political solution in this area would
do for privacy what cutting back on software testing
does for system stability.

* No effect on foreign surveillance.

* No effect on private sector surveillance. User
data is still in company databases, where it can
be compromised (as it regularly is) or acquired.

* Affects "public secret surveillance" but not true
"black programs." You could put Bruce Schneier
in charge of NSA, and reduce its function to just
going to standards meetings and running the museum.
But all the stuff that was secret pre-Snowden would
just move to another budget, and the taxpayers
would buy a new agency another office complex.

It's a positive step to say that "Pervasive Monitoring
is an Attack"...
https://www.tbray.org/ongoing/When/201x/2014/05/13/Pervasive-Monitoring-is-an-Attack
...but jumping from there to "there ought to be a
law" seems counterproductive. "Reform" that's just
enough to say, "see, we did something, now we can keep
selling the same surveillance-friendly services and
Builds of Questionable Provenance" might be worse than
no action at all.

(No, this isn't an "open source is the answer"
situation. Open source, reviewed and/or signed off by
people in multiple juristictions, with deterministic
builds, maybe then you're starting to get somewhere.)
--
Don Marti
http://zgp.org/~dmarti/
***@zgp.org
Ruben Safir
2014-07-25 15:14:17 UTC
Permalink
Post by Don Marti
Here's something I don't get. Maybe somebody
else on the list gets it. What's the point of a
ban/restriction/de-funding of mass surveillance in
the USA? Why do people strain their precious carpal
tunnels discussing political action in this area?
Clockwork Orange
Post by Don Marti
I'm sure that there must be some reason, but I'm
having trouble understanding what it would be.
It seems like a political solution in this area would
do for privacy what cutting back on software testing
does for system stability.
* No effect on foreign surveillance.
* No effect on private sector surveillance. User
data is still in company databases, where it can
be compromised (as it regularly is) or acquired.
* Affects "public secret surveillance" but not true
"black programs." You could put Bruce Schneier
in charge of NSA, and reduce its function to just
going to standards meetings and running the museum.
But all the stuff that was secret pre-Snowden would
just move to another budget, and the taxpayers
would buy a new agency another office complex.
It's a positive step to say that "Pervasive Monitoring
is an Attack"...
https://www.tbray.org/ongoing/When/201x/2014/05/13/Pervasive-Monitoring-is-an-Attack
...but jumping from there to "there ought to be a
law" seems counterproductive. "Reform" that's just
enough to say, "see, we did something, now we can keep
selling the same surveillance-friendly services and
Builds of Questionable Provenance" might be worse than
no action at all.
(No, this isn't an "open source is the answer"
situation. Open source, reviewed and/or signed off by
people in multiple juristictions, with deterministic
builds, maybe then you're starting to get somewhere.)
--
Don Marti
http://zgp.org/~dmarti/
_______________________________________________
Do not Cc: anyone else on mail sent to this list. The list server is set for maximum one recipient.
linux-elitists mailing list
http://zgp.org/cgi-bin/mailman/listinfo/linux-elitists
--
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013
Tilghman Lesher
2014-07-25 18:25:27 UTC
Permalink
Post by Don Marti
Here's something I don't get. Maybe somebody
else on the list gets it. What's the point of a
ban/restriction/de-funding of mass surveillance in
the USA? Why do people strain their precious carpal
tunnels discussing political action in this area?
I think it's mainly referring to the Fourth Amendment of the
Constitution. If the courts won't rein in the NSA, perhaps ensuring
that they're not allowed to spend any money doing that will.
Post by Don Marti
* No effect on foreign surveillance.
Foreigners outside the US don't enjoy the same level of Constitutional
protections.
Post by Don Marti
* No effect on private sector surveillance. User
data is still in company databases, where it can
be compromised (as it regularly is) or acquired.
Private corporations are not restricted by the Constitution in what
they're permitted to do.
Post by Don Marti
* Affects "public secret surveillance" but not true
"black programs." You could put Bruce Schneier
in charge of NSA, and reduce its function to just
going to standards meetings and running the museum.
But all the stuff that was secret pre-Snowden would
just move to another budget, and the taxpayers
would buy a new agency another office complex.
A blanket law prohibiting the NSA from conducting surveillance within
the United States and/or preventing them from spending money on it
would, in fact, even stop legal black ops. Those who conduct such
operations in defiance of the law? I'm sure they're out there, but
it's a career-limiting move, as one corporation likes to say.

Tilghman
Ruben Safir
2014-08-04 23:59:08 UTC
Permalink
Post by Tilghman Lesher
Post by Don Marti
Here's something I don't get. Maybe somebody
else on the list gets it. What's the point of a
ban/restriction/de-funding of mass surveillance in
the USA? Why do people strain their precious carpal
tunnels discussing political action in this area?
I think it's mainly referring to the Fourth Amendment of the
Constitution. If the courts won't rein in the NSA, perhaps ensuring
that they're not allowed to spend any money doing that will.
This is the Ronald Reagan solution to bad government. Just defund all
of it.
Post by Tilghman Lesher
Post by Don Marti
* No effect on foreign surveillance.
Foreigners outside the US don't enjoy the same level of Constitutional
protections.
No should they. Foriegners are not invested citinzens of the country
and are frankly dangerous to our national interests.
Post by Tilghman Lesher
Post by Don Marti
* No effect on private sector surveillance. User
data is still in company databases, where it can
be compromised (as it regularly is) or acquired.
Private corporations are not restricted by the Constitution in what
they're permitted to do.
Actually, I'm not certain of that. The principle for the most part is
true, but it is not a blanket truth, especially if they are contracted
with the government or act in behalf of the government.
Post by Tilghman Lesher
Post by Don Marti
* Affects "public secret surveillance" but not true
"black programs." You could put Bruce Schneier
in charge of NSA, and reduce its function to just
going to standards meetings and running the museum.
But all the stuff that was secret pre-Snowden would
just move to another budget, and the taxpayers
would buy a new agency another office complex.
A blanket law prohibiting the NSA from conducting surveillance within
the United States and/or preventing them from spending money on it
would, in fact, even stop legal black ops. Those who conduct such
operations in defiance of the law? I'm sure they're out there, but
it's a career-limiting move, as one corporation likes to say.
Tilghman
_______________________________________________
Do not Cc: anyone else on mail sent to this list. The list server is set for maximum one recipient.
linux-elitists mailing list
http://zgp.org/cgi-bin/mailman/listinfo/linux-elitists
--
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013
Jeremy Hankins
2014-07-25 18:53:43 UTC
Permalink
Post by Don Marti
It seems like a political solution in this area would
do for privacy what cutting back on software testing
does for system stability.
* No effect on foreign surveillance.
* No effect on private sector surveillance. User
data is still in company databases, where it can
be compromised (as it regularly is) or acquired.
* Affects "public secret surveillance" but not true
"black programs." You could put Bruce Schneier
in charge of NSA, and reduce its function to just
going to standards meetings and running the museum.
But all the stuff that was secret pre-Snowden would
just move to another budget, and the taxpayers
would buy a new agency another office complex.
If this is true (and I'm not saying it isn't) doesn't that suggest that
any kind of effort to limit government prerogative is doomed? So we
should just throw up our hands in despair and bow to our
"democratically" "elected" overlords?

As for the first two points, there's the whole soft-power angle of
trying to use moral suasion to influence the behavior of foreign
countries. That works much better if we don't seem totally
hypocritical.

And even in a worst-case scenario where any kind of government action is
doomed to failure and/or toothlessness, a symbolic stand still counts
for something. Hypocrisy is the respect vice pays virtue, etc., and
cynical as it may seem I suspect we're better off at least pretending to
do something rather than just accepting it -- we may be hypocrites, but
at least we haven't lost sight of what we *ought* to be doing. Maybe
our grandchildren will be made of sterner stuff.

Frankly, I don't see purely technical solutions as being any more likely
to solve the problem. It's great to use encryption and good security
practices, but those aren't going to end surveillance. Ask yourself,
who wins in an arms race?

(Nor are technical measures going to do much for improving trust and
transparency in government, which in my personal view are more important
issues than the surveillance itself.)
--
Jeremy Hankins <***@nowan.org>
Don Marti
2014-07-26 12:57:36 UTC
Permalink
Post by Jeremy Hankins
If this is true (and I'm not saying it isn't) doesn't that suggest that
any kind of effort to limit government prerogative is doomed? So we
should just throw up our hands in despair and bow to our
"democratically" "elected" overlords?
No, there are plenty of other places that need _more_
political action. One example is secretly negotiated
"trade" deals that are likely to come before Congress
for a vote. Few people have enough time or political
power to deal with all the issues they would like to.

On one hand, there are some people who would do
"ban the NSA" activism or nothing, so better that
they do something.
Post by Jeremy Hankins
As for the first two points, there's the whole soft-power angle of
trying to use moral suasion to influence the behavior of foreign
countries. That works much better if we don't seem totally
hypocritical.
More likely that they'll believe we're hypocrites who
went through the motions of passing a toothless law.

I can't see how there's a way to say both (1) we have
a secret intelligence program and (2) we have public
policy that meaningfully restricts that program.
Post by Jeremy Hankins
And even in a worst-case scenario where any kind of government action is
doomed to failure and/or toothlessness, a symbolic stand still counts
for something. Hypocrisy is the respect vice pays virtue, etc., and
cynical as it may seem I suspect we're better off at least pretending to
do something rather than just accepting it -- we may be hypocrites, but
at least we haven't lost sight of what we *ought* to be doing. Maybe
our grandchildren will be made of sterner stuff.
There are symbolic stands that carry more weight,
though. The State Department's support for
freedom-enabling technologies is a good one.

Maybe what we need is action that can be taken in
public and verified in public.

Example: a law against government stockpiling
of zero-day vulnerabilities would be pretty
meaningless. A "black program" can always redirect
money to some contractor that maintains the actual
archive. But a law that appropriates money for
buying and disclosing zero-day vunlerabilities can
have observable effects.
Post by Jeremy Hankins
Frankly, I don't see purely technical solutions as being any more likely
to solve the problem. It's great to use encryption and good security
practices, but those aren't going to end surveillance. Ask yourself,
who wins in an arms race?
Arms dealers, of course. But this one could have
positive externalities in the form of increased
software quality and maintainability. If Alice finds
a bug in her company's product, it's worth little to
just fix it, but potentially a lot if she can secretly
tell Bob and he can sell it. A lot of software
development today is set up to facilitate "insider
bug trading" and all the solutions I can think of
involve more programmer respect, compensation, and
emphasis on quality.
Post by Jeremy Hankins
(Nor are technical measures going to do much for improving trust and
transparency in government, which in my personal view are more important
issues than the surveillance itself.)
I have to agree with you on that. But I'm having
trouble seeing how much transparency there is in
public law whose consequences are invisible to
the public.
--
Don Marti
http://zgp.org/~dmarti/
***@zgp.org
Jeremy Hankins
2014-07-26 17:04:01 UTC
Permalink
Post by Don Marti
I can't see how there's a way to say both (1) we have
a secret intelligence program and (2) we have public
policy that meaningfully restricts that program.
This is a hard problem. Theoretically this is why we have a FISA court
that is cleared to see secret documents, and why members of congress
have some degree of oversight as well. It's that whole separation of
powers/checks and balances thing. While neither of these are very
satisfying solutions, they could be better than they are.

How much of this can be traced back to dysfunction in congress? One
could imagine a congress that raked public officials over the coals,
destroyed political careers, and so on. But so far as I can tell very
little of any real significance has happened. Part of this is may be a
partisan accident (how would things have been different with a
republican administration and a democratic house?), but even so I'd
expect more opportunistic challenges from politicians hoping to make a
name for themselves. Why hasn't this happened?
Post by Don Marti
There are symbolic stands that carry more weight,
though. The State Department's support for
freedom-enabling technologies is a good one.
Maybe what we need is action that can be taken in
public and verified in public.
Yes, I agree.
Post by Don Marti
Post by Jeremy Hankins
Frankly, I don't see purely technical solutions as being any more
likely to solve the problem. It's great to use encryption and good
security practices, but those aren't going to end surveillance. Ask
yourself, who wins in an arms race?
Arms dealers, of course. But this one could have
positive externalities in the form of increased
software quality and maintainability. If Alice finds
a bug in her company's product, it's worth little to
just fix it, but potentially a lot if she can secretly
tell Bob and he can sell it. A lot of software
development today is set up to facilitate "insider
bug trading" and all the solutions I can think of
involve more programmer respect, compensation, and
emphasis on quality.
But this assumes that more money -> more cultural awareness and ethics,
which is not at all obvious. This brings to mind the recent thread on
"brogrammer" culture.
--
Jeremy Hankins <***@nowan.org>
Ruben Safir
2014-08-05 00:01:40 UTC
Permalink
Post by Jeremy Hankins
Post by Don Marti
I can't see how there's a way to say both (1) we have
a secret intelligence program and (2) we have public
policy that meaningfully restricts that program.
This is a hard problem. Theoretically this is why we have a FISA court
that is cleared to see secret documents, and why members of congress
have some degree of oversight as well. It's that whole separation of
powers/checks and balances thing. While neither of these are very
satisfying solutions, they could be better than they are.
No

there is no 50/50 on this stuff. The FISA court is unconstituional and
Congress has the RIGHT to supena anything it damn well wants...

PERIOD
Post by Jeremy Hankins
How much of this can be traced back to dysfunction in congress? One
could imagine a congress that raked public officials over the coals,
destroyed political careers, and so on. But so far as I can tell very
little of any real significance has happened. Part of this is may be a
partisan accident (how would things have been different with a
republican administration and a democratic house?), but even so I'd
expect more opportunistic challenges from politicians hoping to make a
name for themselves. Why hasn't this happened?
Post by Don Marti
There are symbolic stands that carry more weight,
though. The State Department's support for
freedom-enabling technologies is a good one.
Maybe what we need is action that can be taken in
public and verified in public.
Yes, I agree.
Post by Don Marti
Post by Jeremy Hankins
Frankly, I don't see purely technical solutions as being any more
likely to solve the problem. It's great to use encryption and good
security practices, but those aren't going to end surveillance. Ask
yourself, who wins in an arms race?
Arms dealers, of course. But this one could have
positive externalities in the form of increased
software quality and maintainability. If Alice finds
a bug in her company's product, it's worth little to
just fix it, but potentially a lot if she can secretly
tell Bob and he can sell it. A lot of software
development today is set up to facilitate "insider
bug trading" and all the solutions I can think of
involve more programmer respect, compensation, and
emphasis on quality.
But this assumes that more money -> more cultural awareness and ethics,
which is not at all obvious. This brings to mind the recent thread on
"brogrammer" culture.
--
_______________________________________________
Do not Cc: anyone else on mail sent to this list. The list server is set for maximum one recipient.
linux-elitists mailing list
http://zgp.org/cgi-bin/mailman/listinfo/linux-elitists
--
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013
Continue reading on narkive:
Loading...