[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Sat, Jun 15, 2013 at 6:55 PM, Paul Sutton wrote: > The current news is about propitiatory systems I don't think it is really. It is about organinsations (that happen to be companies) that collect a lot of data from a lot of people and store that data in a country (the US) where agencies like the NSA and the FBI have a lot of powers obtaining such data when they want to and probably even build backdoors (or have then built) in these systems. If you used an open source mail server based in the US, you'd be just as vulnerable to the NSA snooping your data. (Though in practise, if it's a small server and you weren't suspected of doing something bad, they may not bother.) I don't think there is any proof that the big companies (Microsoft, Google, Yahoo etc.) have voluntarily handed over this data, or installed backdoors. In fact, many of them (Twitter in particular) have a surprisingly good reputation when it comes to not handing over all your information to governments: they tend to avoid doing so, wherever they can, and many have gone to court hoping to achieve this. They do, of course, have a commercial motive for doing so: it would ruin their business model if people stopped using them for fear of US government snooping. It seems more likely to me that they either were forced to hand over data, or even build backdoors, or have been compromised by the NSA and have secret backdoors built into them. (Some exceptions aside, I think the latter isn't very plausible.) There is still an important a role to play for free (or at least open source) software here: if they are open source, it means you can in principle verify if the clients you're using, whether they're mail clients, web browsers, or IM clients, don't have backdoors built into them. Like I said, I don't believe the _NSAKEY in earlier Windows versions to be a cryptographic backdoor in Windows for the NSA, but I can't prove it. (Even with the source code available one can never be sure. Cryptography is rather complicated and a 'backdoor' could be something as mundane as certain properties of an elliptic curve used for the encryption.) Note that, as many others have pointed out before me, PRISM isn't exactly news, it just gave us a tiny bit more clarity on what's happening. And it may happen on a larger scale than many suspected. But I regularly speak to companies offering hosted email solutions (for businesses usually) and most of them clearly state where their servers are based (for instance, 'only in Canada') or let customers choose servers from which countries they want to use. I guess many of their customers are worried about this. > By using facebook you can connect with 100's of people, however a lot > of people may just keep in touch with family / friends, so perhaps if > they are worried about privacy they could use GNU social Most of my friends aren't worried enough. And if they would be, then their friends aren't, so they'd have to continue using Facebook to keep in contact with them. That's the thing with Facebook, either we all leave it or we all don't. There's no in between option. It looks like for the foreseeable future we won't leave it. I would help if people would assume everything posted on Facebook is public, like it is on Twitter. Martijn. PS I don't want to go into the whole Microsoft debate, but Phil, who feels strongly on a subject on which I don't always agree with him, is not a bigot. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq