Advice



the Internet: we need to take it back
- Bruce Schneier: LINK ¤ the GUARDIAN

_________________________________________

  • "by subverting the Internet at every level"

 

 

_________________________________________

  • "to make it a vast, multi-layered and robust surveillance platform"

 

 

 

_________________________________________

  • "the NSA has undermined a fundamental social contract"

 

 

 

 

_________________________________________

  • "the companies that build and manage our Internet infrastructure"

 

 

_________________________________________

  • "the companies that create and sell us our hardware and software"

 

 

_________________________________________

  • "or the companies that host our data:"

 

 

 

_________________________________________

  • "we can no longer trust them to be ethical Internet stewards"

 

 

 

 

 

_________________________________________

  • "this is not the Internet the world needs"

 

 

 

 

_________________________________________

  • "or the Internet its creators envisioned"

 

 

 

 

_________________________________________

  • "we need to take it back"

 

 

 

 

 

______________________________________________________________________________
  • "yes, this is primarily a political problem"

 

 

 

_________________________________________

  • "a policy matter that requires political intervention"

 

 

 

 

_________________________________________

  • "but this is also an engineering problem"

 

 

 

 

 

______________________________________________________________________________

there are several things engineers can - and should - do:



_________________________________________
  • "one, we should expose"

 

 

 

_________________________________________

  • "we need to know how exactly how the NSA and other agencies"

 

 

 

_________________________________________

  • "are subverting routers, switches, the internet backbone, encryption technologies and cloud systems"

 

 

 

 

 

______________________________________________________________________________
  • "two, we can design"

 

 

 

_________________________________________

  • "we need to figure out how to re-engineer the Internet"

 

 

 

_________________________________________

  • "to prevent this kind of wholesale spying"

 

 

 

 

_________________________________________

  • "we need new techniques to prevent communications intermediaries from leaking private information"

 

 

_________________________________________

  • "we can make surveillance expensive again"

 

 

 

_________________________________________

  • "we need open protocols, open implementations, open systems"

 

 

 

 

 

______________________________________________________________________________
  • "three, we can influence governance"

 

 

 

_________________________________________

  • "I have resisted saying this up to now, and I am saddened to say it"

 

 

 

_________________________________________

  • "but the US has proved to be an unethical steward of the Internet"

 

 

 

 

_________________________________________

  • "we need to demand transparency, oversight, and accountability"

 

 

 

_________________________________________

  • "from our governments and corporations"

 

 

 

 

_________________________________________
  • "we need to create truly international governance"

 

 

 

 

_________________________________________

  • "that can't be dominated or abused by any one country"

 

 

 

 

 

 

______________________________________________________________________________

  • "generations from now, when people look back on these early decades of the Internet"

 

 

 

_________________________________________

  • "I hope they will not be disappointed in us"

 

 

 

_________________________________________

  • "we can ensure that they don't only if each of us makes this a priority"

 

 

 

 

_________________________________________

  • "and engages in the debate"

 

 

 

 

 

_________________________________________

  • "we have a moral duty to do this, and we have no time to lose"

 

 

 

 

 

 

______________________________________________________________________________

a Guide to staying Secure - Bruce Schneier :
LINK ¤ the GUARDIAN

_________________________________________

  • "the NSA has huge capabilities - and if it wants in to your computer, it's in"

 

 

 

 

_________________________________________

  • "the primary way the NSA eavesdrops on Internet communications is in the network"

 

 

 

 

_________________________________________

  • "that's where their capabilities best scale. They have invested in enormous programs to automatically collect and analyze network traffic"

 

 

 

_________________________________________

  • "anything that requires them to attack individual endpoint computers"

 

 

_________________________________________

  • "is significantly more costly and risky for them, and they will do those things carefully and sparingly"

 

 

 

 

_________________________________________

  • "the NSA gets access to the communications trunks that move Internet traffic"

 

 

 

 

_________________________________________

  • "in cases where it doesn't have that sort of friendly access, it does its best to surreptitiously monitor communications channels:"

 

 

 

_________________________________________

  • "tapping undersea cables, intercepting satellite communications, and so on"

 

 

 

_________________________________________

  • "that's an enormous amount of data, and the NSA has equivalently enormous capabilities to quickly sift through it all, looking for interesting traffic"

 

 

 

_________________________________________

  • ""interesting" can be defined in many ways: by the source, the destination, the content, the individuals involved, and so on"

 

 

 

 

_________________________________________

  • "this data is funneled into the vast NSA system for future analysis"

 

 

 

 

 

 

______________________________________________________________________________
  • "I read status report after status report about these programs, discussing capabilities, operational details, planned upgrades, and so on"

 

 

 

_________________________________________

  • "each individual problem"

 

 

_________________________________________

  • "recovering electronic signals from fiber, keeping up with the terabyte streams as they go by, filtering out the interesting stuff"

 

 

 

 

_________________________________________

  • "has its own group dedicated to solving it"

 

 

 

 

_________________________________________

  • "its reach is global"

 

 

 

 

 

 

______________________________________________________________________________

with all this in mind, I have five pieces of advice:




_________________________________________
  • "hide in the network"

 

 

 

 

_________________________________________

  • "implement hidden services. Use "Tor" to anonymize yourself"

 

 

 

_________________________________________

  • "yes, the NSA targets Tor users, but it's work for them. The less obvious you are, the safer you are"

 

 

 

 

 

______________________________________________________________________________

  • "encrypt your communications"

 

 

 

 

_________________________________________

  • "use "TLS". Use "IPsec""

 

 

_________________________________________

  • "again, while it's true that the NSA targets encrypted connections - and it may have explicit exploits against these protocols"

 

 

_________________________________________

  • "you're much better protected than if you communicate in the clear"

 

 

 

 

_________________________________________

  • "assume that while your computer can be compromised"

 

 

 

_________________________________________

  • "it would take work and risk on the part of the NSA"

 

 

 

_________________________________________

  • "so it probably isn't. If you have something really important, use an air gap"

 

 

 

 

_________________________________________

  • "since I started working with the Snowden documents, I bought a new computer that has never been connected to the Internet"

 

 

_________________________________________

  • "if I want to transfer a file, I encrypt the file on the secure computer and walk it over to my internet computer, using a USB stick"

 

 

 

 

 

______________________________________________________________________________

  • "be suspicious of commercial encryption software"

 

 

 

_________________________________________

  • "especially from large vendors"

 

 

 

 

_________________________________________

  • "my guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well"

 

 

 

 

 

______________________________________________________________________________

  • "try to use public-domain encryption that has to be compatible with other implementations"

 

 

 

_________________________________________

  • "prefer symmetric cryptography over public-key cryptography"

 

 

 

_________________________________________

  • "prefer conventional discrete-log-based systems over elliptic-curve systems; the latter have constants that the NSA influences when they can"

 

 

 

 

 

______________________________________________________________________________
  • "since I started working with Snowden's documents"

 

 

 

_________________________________________

  • "I have been using "GPG", "Silent Circle", "Tails", "OTR", "TrueCrypt", "BleachBit""

 

 

 

 

_________________________________________

  • "trust the math"

 

 

 

 

_________________________________________

  • "encryption is your friend"

 

 

 

 

 

_________________________________________

  • "use it well, and do your best to ensure that nothing can compromise it"

 

 

 

 

 

_________________________________________

  • "that's how you can remain secure even in the face of the NSA"

 

 

 

 

 

 

 

 

______________________________________________________________________________

ADVICE - Wikipedia EN: LINK ¤ ADVICE

_________________________________________

  • "advice is a form of relating personal or institutional opinions, belief systems, values, recommendations or guidance about certain situations relayed in some context to another person, group or party"

 

_________________________________________

  • "put a little more simply, an advice message is a recommendation"

 

_________________________________________

  • "about what might be thought, said, or otherwise done to address a problem, make a decision, or manage a situation"

______________________________________________________________________________

______________________________________________________________________________


Verschlüsselung - Spiegel online
: LINK ¤ SPIEGEL ONLINE

_________________________________________

  • "der Kryptografie-Experte Bruce Schneier, der für den "Guardian" an den Enthüllungen arbeitet"

 

 

_________________________________________

  • "veröffentlichte parallel ein Plädoyer für die Verschlüsselung"

 

 

 

_________________________________________

  • "er hat sich eingehend mit den Dokumenten befasst, erklärt Schneier, und er ist sich sicher:"

 

 

_________________________________________

  • "wenn die NSA in einen Computer eindringen wolle, dann werde ihr das wohl auch gelingen"

 

 

_________________________________________

  • "trotzdem rät er dazu, die eigene Kommunikation zu tarnen. Nutzer sollten über das sogenannte Tor-Netzwerk anonym surfen"

 

 

_________________________________________

  • "und ihre Kommunikation verschlüsseln, auch um die Überwachung für die NSA so aufwendig und teuer wie möglich zu machen"

 

 

 

_________________________________________

  • "vertrauen Sie der Mathematik"

 

 

_________________________________________

  • "Verschlüsselung ist Ihr Freund"

 

 

 

 

______________________________________________________________________________
  • "die NSA hat die Struktur des Internets in eine riesige Überwachungsplattform verwandelt"

 

 

 

_________________________________________

  • "aber sie können nicht zaubern"

 

 

 

_________________________________________

  • "wie bei allen anderen auch unterliegen auch die Aktivitäten eines Geheimdiensts wirtschaftlichen Grenzen"

 

 

_________________________________________

  • "und unsere beste Verteidigung ist es, unsere Überwachung so teuer wie möglich zu machen"

 

 

_________________________________________

  • "allerdings, so Schneier, sollte man kommerzieller Software mit Misstrauen begegnen"

 

 

_________________________________________

  • "gerade Produkte amerikanischer Firmen haben wahrscheinlich NSA-freundliche Hintertüren"

 

 

 

 

______________________________________________________________________________
  • Mathematiker und Kryptograf Rüdiger Weis: "man sollte immer die aufwendigste Verschlüsselungsmöglichkeit wählen"

 

 

_________________________________________

  • "den längsten Schlüssel, die stärkste Absicherung. Denn:"

 

 

 

_________________________________________

  • "gute Kryptografie hält"

 

 

 

_________________________________________

  • "ich bin ein großer Anhänger von Open-Source-Produkten"

 

 

 

_________________________________________

  • "auch das Verschlüsseln von E-Mails mit der PGP-Technik hält er für ratsam"

 

 

 

 

_________________________________________

  • "es ist davon auszugehen, dass es hinreichend sicher ist"

 

 

 

 

 

 

______________________________________________________________________________

RATSCHLAG - Wikipedia DE: LINK ¤ RATSCHLAG

_________________________________________

  • "ein Ratschlag ist üblicherweise keine direkte Lösung eines Problems, sondern zeigt den ersten Schritt in Richtung eines gewünschten Ergebnisses auf"

 

_________________________________________

  • "dazu gibt er Hinweise auf mögliche Lösungen oder fasst die Lage aus einer anderen Perspektive zusammen"
______________________________________________________________________________




advice - 14331AD
designed by Free CSS Templates | powerd by pluck | hosted by akis