Snoopers Charter
Discussion
robinessex said:
It doesn't take much though to buy and use a computer in a manner that is anonymous.
Thing Isis though, how many are savvy in the doings?Ha! Going to leave the Isis in as an example, auto correct did that instead of is. Who is going to get water boarded because of auto correct........
Of course encryption doesn't always work.. http://www.bbc.co.uk/news/uk-38183819
b
hstewie said:
hstewie said: Of course encryption doesn't always work.. http://www.bbc.co.uk/news/uk-38183819
If you're stupid enough to be using the phone containing all the evidence to put you away for a long time in broad daylight in the middle of the street then you're not very bright and deserve all you get.All that jazz said:
If you're stupid enough to be using the phone containing all the evidence to put you away for a long time in broad daylight in the middle of the street then you're not very bright and deserve all you get.
I agree, just saying that all the tech in the world won't help you if they just hit you over the head whilst you're using it, same with Ulbricht.well presumably opera or firefox or some extension will be developed that auto refreshes & changes your browser every time you open it to get rid of the digital fingerprint aspect. Weren't Opera installing a permanent (selectable) vpn into their browser anyway? It might even be out now.
glazbagun said:
Just like the government aide who "accidentally" revealed her Brexit notes, I fully expect to see some police comissioner or troublesome journalist brought down with "embarrasing" revelations of what they once followed online. If someone is a bit of a nimby for example and wishes to campaign against wind turbines, I can see this being abused to smear them. Basically anyone going against the govt or council and their money men may find themselves "researched" for smear purposes.
Anyhow, nothing to hide, nothing to fear. So what are our MPs hiding..........
robinessex said:
Ok. In 5 years, when the ISP’s have all our internet access stuff logged, what the hell is it going to mean and do? Considering all the websites available are perfectly legal and legit, I’m completely bemused as to what the government expect to see/find/obtain. And one last thought. How many times has a terrorist or related event happened, and the perpetrators WERE ALREADY ON MI5/MI6 suspect/watch list! It seems possible terrorist and others are already on the ‘radar’, but nothing less than incompedence allows them to commit atrocities. And now they want to add on the internet activities of 60,000,000 of our citizens. MP’s, paranoid incompetent idiots.
They want it so that if you are "in trouble" they can then look back through 12 months of logs without having to ask permission via the courts. Some teenager from a LA can then pick through all your data if they feel you are abusing your "green bin" privileges etc.Edited by robinessex on Saturday 3rd December 09:10
TX.
robinessex said:
All that jazz said:
CoolHands said:
whats the point in a vpn if all most of us are doing is browsing sites like pistonheads? Nothing I (and probably 99.999% of us) do is exciting.
You seem to be forgetting about the Govt's history in private/secure data management. As mentioned earlier in the thread by someone else, hackers will see this as the Holy Grail if they can crack it. It will happen at some point. Do you really want everything you do online and much of your personal and private information sold to some undesirables and distributed around the world for nefarious purposes? I've no doubt you'll reply with the usual "if you've nothing to hide" line but that's your prerogative. Many of us can see the bigger picture.All that jazz said:
Interesting reading, thanks. I think that's bordering on paranoia though. I suppose you could be at some marginal risk to browser fingerprinting if you happen to use the same machine all the time and never change any settings or extensions. By their own admission in the article, it's pretty easy to circumvent by simply altering the colour depth of your screen, local time zone and jumbling up your extensions a bit 
as those alone would create a completely different fingerprint. Also, like it says, stuff like NoScript goes a long way in preventing the end site knowing much about your system and "fingerprint". It basically amounts to putting 2 and 2 together and crossing your fingers that you get 4 but there are so many other variables at play that it could be literally any other number. As they say, the best way to avoid browser fingerprinting is to use the msot common browser in vanilla form with the most commonly used OS, not change any settings and not install any extensions and add-ons and then you pretty much hide in the noise with the hundreds of thousands of other folks with the same set-up.
Of course the worry is completely negated if you happen to use different devices to do your internet stuff. That'll fox them!
I appreciate you posting the link - I do enjoy educating myself on these kind of matters.
Oh I agree its very easy to prevent being fingerprinted, just that most people won't, ever, even if they use multiple devices so they can and will be tracked. Much of the tracking of TOR users by the NSA and FBI was done via browser fingerprinting via compromised TOR nodes so it is a known risk. as those alone would create a completely different fingerprint. Also, like it says, stuff like NoScript goes a long way in preventing the end site knowing much about your system and "fingerprint". It basically amounts to putting 2 and 2 together and crossing your fingers that you get 4 but there are so many other variables at play that it could be literally any other number. As they say, the best way to avoid browser fingerprinting is to use the msot common browser in vanilla form with the most commonly used OS, not change any settings and not install any extensions and add-ons and then you pretty much hide in the noise with the hundreds of thousands of other folks with the same set-up.Of course the worry is completely negated if you happen to use different devices to do your internet stuff. That'll fox them!
I appreciate you posting the link - I do enjoy educating myself on these kind of matters.
roachcoach said:
robinessex said:
All that jazz said:
CoolHands said:
whats the point in a vpn if all most of us are doing is browsing sites like pistonheads? Nothing I (and probably 99.999% of us) do is exciting.
You seem to be forgetting about the Govt's history in private/secure data management. As mentioned earlier in the thread by someone else, hackers will see this as the Holy Grail if they can crack it. It will happen at some point. Do you really want everything you do online and much of your personal and private information sold to some undesirables and distributed around the world for nefarious purposes? I've no doubt you'll reply with the usual "if you've nothing to hide" line but that's your prerogative. Many of us can see the bigger picture.I believe that 'official' access is the weakness here, not necessarily a breach from an external actor; that is, the number of people that have 'legitimate' access to these records will essentially make any security controls moot.
Breaches tend to happen along path of least resistance - if this means via a bribe, or potentially more likely, by a friend of someone on the legitimate access list asking for some details for personal gain (whatever that may be) then that's the way it will happen.
It's just a bad fking idea. The agencies that are most likely to need the data (read sec agencies) could get it anyway through monitoring, so why widen the drag net? It's a joke.
Breaches tend to happen along path of least resistance - if this means via a bribe, or potentially more likely, by a friend of someone on the legitimate access list asking for some details for personal gain (whatever that may be) then that's the way it will happen.
It's just a bad f
king idea. The agencies that are most likely to need the data (read sec agencies) could get it anyway through monitoring, so why widen the drag net? It's a joke.robinessex said:
roachcoach said:
robinessex said:
All that jazz said:
CoolHands said:
whats the point in a vpn if all most of us are doing is browsing sites like pistonheads? Nothing I (and probably 99.999% of us) do is exciting.
You seem to be forgetting about the Govt's history in private/secure data management. As mentioned earlier in the thread by someone else, hackers will see this as the Holy Grail if they can crack it. It will happen at some point. Do you really want everything you do online and much of your personal and private information sold to some undesirables and distributed around the world for nefarious purposes? I've no doubt you'll reply with the usual "if you've nothing to hide" line but that's your prerogative. Many of us can see the bigger picture.What you'll have is a big database, that's probably inside the corporate LAN and is accessible to every sysadmin and DBA in the place. There's not a f
king chance in hell this data will see greater protection than PCI data.The notion that no-one in IT can access it without going through hoops is a complete nonsense. One bad apple sysadmin and it's all over. One lost backup. One good sized dump of a raw datafile.
This data leaking is not an "if", it is a "when". Sure I'm sure you have nothing to hide but as I've already posted, there are a lot of people who would be at serious risk were things exposed. I'd wager a battered wife has a fair bit to hide from the guy, for example. Likewise the notion that "no-one will care about me so no-one will hack it" is woefully naive. People will try to blackmail the ISPs, not individuals and the people hurt in the crossfire? Well that's just collateral damage isn't it?
Just take Snowden for example, a classic case of "no-one would leak the NSAs dirty laundry! That's treason and that data will never get out, there is paperwork protecting it for goodness sakes!". That held up well in reality, eh?
Edited by roachcoach on Monday 5th December 15:32
roachcoach said:
This data leaking is not an "if", it is a "when". Sure I'm sure you have nothing to hide but as I've already posted, there are a lot of people who would be at serious risk were things exposed. I'd wager a battered wife has a fair bit to hide from the guy, for example.
Everyone has 'something to hide' but may not necessarily couch in those terms. I think it's been raised earlier in this thread, but the correct term is 'everyone has a reasonable expectation of privacy' and simply putting it like that destroys the 'nothing to hide, nothing to fear argument'.Not aimed at you by the way, I'm just hanging it off your post. I think you know this
Tonsko said:
roachcoach said:
This data leaking is not an "if", it is a "when". Sure I'm sure you have nothing to hide but as I've already posted, there are a lot of people who would be at serious risk were things exposed. I'd wager a battered wife has a fair bit to hide from the guy, for example.
Everyone has 'something to hide' but may not necessarily couch in those terms. I think it's been raised earlier in this thread, but the correct term is 'everyone has a reasonable expectation of privacy' and simply putting it like that destroys the 'nothing to hide, nothing to fear argument'.Not aimed at you by the way, I'm just hanging it off your post. I think you know this
But yeah, I sometimes wonder what would be the reaction if the ISPs said "ok, sure. We'll just make it a public API, enjoy. Nothing to hide, right guys? guys?"
robinessex said:
Nope. Just worked in places subjected to the Official Secrets Act. Data deemed such is completely isolated from the network. Only IT can access it upon written ( 2 signatures) request(s). There are other security aspects to the whole system which I won't divulge.
Not all data under the OSA is completely isolated from the network and hidden behind 2 signatures available only to IT. That sounds unusual to me and pretty impossible to work with!roachcoach said:
Firstly this isn't official secrets level, secondly you think it practical to log data in these volumes in an air gap method? Not a snowballs chance in hell there.
What you'll have is a big database, that's probably inside the corporate LAN and is accessible to every sysadmin and DBA in the place. There's not a fking chance in hell this data will see greater protection than PCI data.
The notion that no-one in IT can access it without going through hoops is a complete nonsense. One bad apple sysadmin and it's all over. One lost backup. One good sized dump of a raw datafile.
This data leaking is not an "if", it is a "when". Sure I'm sure you have nothing to hide but as I've already posted, there are a lot of people who would be at serious risk were things exposed. I'd wager a battered wife has a fair bit to hide from the guy, for example.
There are middle grounds between air gaps and open networks, some very secure and many capable of working at these data volumes. But I'm pretty sure you're not wrong, sadly.What you'll have is a big database, that's probably inside the corporate LAN and is accessible to every sysadmin and DBA in the place. There's not a f
king chance in hell this data will see greater protection than PCI data.The notion that no-one in IT can access it without going through hoops is a complete nonsense. One bad apple sysadmin and it's all over. One lost backup. One good sized dump of a raw datafile.
This data leaking is not an "if", it is a "when". Sure I'm sure you have nothing to hide but as I've already posted, there are a lot of people who would be at serious risk were things exposed. I'd wager a battered wife has a fair bit to hide from the guy, for example.
768 said:
There are middle grounds between air gaps and open networks, some very secure and many capable of working at these data volumes. But I'm pretty sure you're not wrong, sadly.
Absolutely, ours is decent, actually. But would still be vulnerable to someone internal prepared to cross the line, most systems I know are like that. I would wager systems they are balanced between convenience and a level of staff trust whilst well hardened against "the outside".The trouble is, I'd rate this stuff more sensitive than credit card data but I would absolutely guarantee that it will not fall under even that level of scrutiny/security. More like this will fall under bog standard "private"/"secret" (I can't remember the official term) data via the data protection act and be filed along with DOBs/addresses etc.
Guys, is this just about looking at people's web browsing searches and history and thus their activity on sites visited? If so no big deal for me - I don't think I posted 'will do it for £50 cash if you can help me evade tax' on PH anywhere
. The rest is mostly wasting time on Amazon or Facebook!
But do tell me that 'they' cant access my Dropbox folders content or read my actual Gmail message body content?
. The rest is mostly wasting time on Amazon or Facebook!But do tell me that 'they' cant access my Dropbox folders content or read my actual Gmail message body content?
Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff