Freedom vs Security

[Mistame]

What is the reason for needing secure communication if you A) Aren't doing anything illegal, and B) Don't really have anything to hide from non-criminal entities?

I think what you're missing here is that it's not just about secure communications. Privacy isn't something that some people want because they're afraid of or don't like big government. It's a basic right and for many, a very important right. The entire "if you've nothing to hide", etc. arguments are nonsense because they're irrelevant. It has nothing to do with whether or not you've done something "wrong". It's simply about maintaining privacy. For example, when I take a shower I lock the bathroom door. Unless I specifically ask her to join me, my SO knows better than to come in because she knows I'll raise ten kinds of hell. The whole "if you've done nothing wrong" thing is like asking to me to shower in public because I'm "doing nothing wrong".

[Shibito]

The federal government betrayed the british crown.
The federal government systematically killed,displaced, and subjegated millions of Indians
The federal government put millions of Africans into slavery.
The federal government then threw away half a million soldiers' lives to get them out it.
The federal government stole land from Mexico, Canada, France, England etc.
The federal government dropped 2 Nuclear bombs killing a quarter million japanese.
The federal government instituted a draft to fight a war the american people did not support.
50,000 americans died.
300,000 Vietnamese died.
The federal government invaded Iraq and Afghanistan after Saudi Arabia destroyed the WTC.
The federal government held the world hostage with the help of USSR and enough Nuclear weapons to destroy 100 earths.
The list goes on.

You expect me to trust these people?


I trust the federal government when it is convenient for me to do so, or when they have me at gunpoint. Otherwise fuckoff.

Where the hell do you get your history lessons?

[Sunseeker]

Yes, because unless the government has a real, definable reason for wanting to know what I'm communicating about, it has no need to know. So no I don't really need encryption, I need a government that will keep its nose out. Unfortunately I don't have one of those and it's a lot harder to get a non-nosy government than it is to encrypt my communications.

I don't particularly care that someone is listening to my phone calls. I care that the government is violating the limits we put on them. So, since I can't stop the juggernaut of government, I will instead use encrypted communications because again: it's easier to shield my junk, than it is to get the government to stop looking up everyone's skirts.

[Machismo]

I entirely understand the slippery slope aspect of "If they do this, then later things may change". Which is entirely a valid concern.

I think I probably should have clarified that I'm specifically talking about secure communication. Phone calls in particular. Maybe even emails and chats.

I guess I'm asking, am I wrong to not care if someone is listening in on a phone conversation (or, realistically, its recorded and nobody ever hears it). Or is able to see chats that I'm having? I just don't see the -present- issue in that. It's not that I don't want privacy. I do, trust me, I have privacy issues up the wazoo, but I just don't find it worth the time worrying if some NSA/CIA/Whatever is listening to my calls.

You are perfectly fine not caring if someone is listening in on your conversations. I would venture to guess that millions of Americans wouldn't care. However, that in no way means that such a belief should be assumed for someone else.

- - - Updated - - -

I guess the thing is (and this is awful to say) but any laws or constitutional aspects when it comes to that, is bullshit. I already have no reason to believe the government will uphold those tenets, so I guess I don't worry over it. I assume my privacy is already breached, and its just a matter of how much I worry/act over it.

That doesn't mean you cannot take steps to protect your privacy. Just because the government may have access to some of your electronic information, doesn't mean you aren't completely justified in being prudent and careful. In that aspect, it's no different than locking your doors at night.

[Seranthor]

It's long been a general idea (at least in the US) that there is a balance between freedom/liberty and safety/security. The idea that government control over aspects of our lives are in our 'best interest' even if it removes or changes what rights and freedoms we have.

This snippet recently came up, regarding 'secure' phone calls and communication, and it got me thinking.

Outside of say, business entities or government agencies, do people -really- need secured, encrypted methods of communication for day to day usage? Of course, using a computer, you don't want people stealing your bank info and the like... But do people actually need secure, private phone usage?

I often feel like, yes we do need some aspects of freedom... But at the same time people freak out over really trivial stuff, and the media blows it up into a big thing, and then people freak out more. I've never felt a need to encrypt my emails, drives, or phones. I've never bothered using tor or incognito modes to do day to day things (or anything, really). I honestly can't tell if I'm just a peasant, not worrying about my data/activities (because really, does it -actually- matter? To me, it doesn't.) or if a portion of the world is worrying about a hundred different audiences 'spying' on them for unknown (and likely pointless) reasons.

What is the reason for needing secure communication if you A) Aren't doing anything illegal, and B) Don't really have anything to hide from non-criminal entities?

Short answer, it matters to me because its none of anyone else's business
who I call,
what I say on those calls,
who I text,
what is said in those texts,
where I browse on the internet,
who I converse with on the internet,
who I visit,
what occurs during those visits,
who comes to visit me,

And guess what? I hold those same views on what you do... It's none of my business, nor is what you do the government's business.

I've been using PGP since 1992 when I started wandering the internet, and I see no reason to stop, especially in today's climate of hacked emails, NSA spying, and everything else.

[chazus]

I started thinking about this more, and the responses here. I get that wanting privacy, as its a right, is expected.

I guess the part that weirds me out is people go WAY out of their way for privacy/security when they don't even know if they do or don't have it.

For example... I'm under the impression that my calls are not monitored. Recorded by my phone company, yes, but not monitored. I'm aware that they COULD be monitored, recorded, saved and listened to by other agencies.... But.. I'm simply not interesting (on a federal level). Just because they might, doesn't mean they are. (This ignores the fact that if they are, I don't care anyway).

People are always looking for secure methods of communication now, even when there isn't any -real- reason to suspect you're being monitored (Unless, you know, you do have a reason.) Is it really worth hassling over security if, realistically, it isn't needed? Is it paranoia and 'the government is out to get me' thinking?

I just don't see why others would go to such lengths for security, rights or not, when there isnt an actual threat.

[primalmatter]

I started thinking about this more, and the responses here. I get that wanting privacy, as its a right, is expected.

I guess the part that weirds me out is people go WAY out of their way for privacy/security when they don't even know if they do or don't have it.

For example... I'm under the impression that my calls are not monitored. Recorded by my phone company, yes, but not monitored. I'm aware that they COULD be monitored, recorded, saved and listened to by other agencies.... But.. I'm simply not interesting (on a federal level). Just because they might, doesn't mean they are. (This ignores the fact that if they are, I don't care anyway).

People are always looking for secure methods of communication now, even when there isn't any -real- reason to suspect you're being monitored (Unless, you know, you do have a reason.) Is it really worth hassling over security if, realistically, it isn't needed? Is it paranoia and 'the government is out to get me' thinking?

I just don't see why others would go to such lengths for security, rights or not, when there isnt an actual threat.

Because people value privacy...

They want a phone call to only be two people. Now I have a police scanner that picks up phone calls as well so I know that isn't the case but its what they want.

[Deleted]

In the UK, any arrest or caution involves your fingerprints and DNA being taken.

Due to an EU Supreme court ruling, you can now have them removed if you are arrested but not convicted. (They used to be kept regardless of guilt)

However, If you are convicted of any crime or accept any caution, your DNA and fingerprints are kept forever. This includes things like drink driving or an illegal protest.

This might sound crazy but it is fact.

Freedom Vs Security?

I think the UK is far too heavy handed in DNA acquisition of citizens and should limit it to terrorists and those convicted of crimes with jail sentences.

However, I do feel very free in my country.

[Ghostmcghosty]

I vote freedom. Knowing full well that it has a cost of others being free to flip out and off me at any given time. That's life. We are still animals after all.

Some security is good, but I would opt for a 40/60 ratio at most. Basic security shit, but never at the expense of privacy and freedom.

[Yvaelle]

What is the reason for needing secure communication if you A) Aren't doing anything illegal, and B) Don't really have anything to hide from non-criminal entities?

Well you go first then - post all your dirty text history, browsing history, the video games, movies, and music you enjoy, and send it to your employer - and all future employers.

That's what is at stake here - the people we are in front of our parents, is not who we are with our friends. The employees we are, are not the people we are in our spare time. Yet, without privacy, all of this is easily exposed.

If liberty is valuable (if you are unwilling to do the above), then the same argument applies to government. Government consists of people, people who are just as susceptible as any of us to invoke our own biases and beliefs in our practices: whether that's deciding who to audit, or who to put on terrorist watch lists, or which ex-girlfriends to use your NSA privileges to backdoor into their webcams to see who they are fucking now (hint: all of them). Worse, the people with the least transparency and consequences are the most likely to abuse their power: the point of the parable of the Ring of Gyges.

Further, if the government has a backdoor, then everyone has a backdoor - because government backdoors have been routinely found and exploited where they have existed in the past. This means that you create a backdoor, it's found, and criminals apply a patch which eliminates it and simultaneously begin abusing it themselves: they're now protected, the masses are not. This isn't a "the only way to stop a black hat with a backdoor, is a white hat with a backdoor" argument though - because consistently since the invention of computers - the best hackers have been on the side of darkness (because it's easier to break things, then build impenetrable things).

It's simply a matter of time before reading other people's text messages is an iPhone app, and long before that - I guarentee you every major tech company will be considering your porn history during your employment evaluation: after all, it's not something the government can ever prosecute - because that would require they first admit they demanded a backdoor through every security layer. If the tech giants know the government is doing it, it's a legal grey area - not because the law isn't clear - but because the government can't uphold it.

[Deleted]

Well you go first then - post all your dirty text history, browsing history, the video games, movies, and music you enjoy, and send it to your employer - and all future employers.

That's what is at stake here - the people we are in front of our parents, is not who we are with our friends. The employees we are, are not the people we are in our spare time. Yet, without privacy, all of this is easily exposed.

If liberty is valuable (if you are unwilling to do the above), then the same argument applies to government. Government consists of people, people who are just as susceptible as any of us to invoke our own biases and beliefs in our practices: whether that's deciding who to audit, or who to put on terrorist watch lists, or which ex-girlfriends to use your NSA privileges to backdoor into their webcams to see who they are fucking now (hint: all of them). Worse, the people with the least transparency and consequences are the most likely to abuse their power: the point of the parable of the Ring of Gyges.

Further, if the government has a backdoor, then everyone has a backdoor - because government backdoors have been routinely found and exploited where they have existed in the past. This means that you create a backdoor, it's found, and criminals apply a patch which eliminates it and simultaneously begin abusing it themselves: they're now protected, the masses are not. This isn't a "the only way to stop a black hat with a backdoor, is a white hat with a backdoor" argument though - because consistently since the invention of computers - the best hackers have been on the side of darkness (because it's easier to break things, then build impenetrable things).

It's simply a matter of time before reading other people's text messages is an iPhone app, and long before that - I guarentee you every major tech company will be considering your porn history during your employment evaluation: after all, it's not something the government can ever prosecute - because that would require they first admit they demanded a backdoor through every security layer. If the tech giants know the government is doing it, it's a legal grey area - not because the law isn't clear - but because the government can't uphold it.

You seem to have a fixation on your porn habits.

[Yvaelle]

You seem to have a fixation on your porn habits.

Who doesn't? Humans are bonobos that got clever, we're all sex-obsessed monkeys at heart.

[Ghostmcghosty]

Well you go first then - post all your dirty text history, browsing history, the video games, movies, and music you enjoy, and send it to your employer - and all future employers.

(cut)

It's already started too. Employers now want to look at your Facebook account as well as check your credit. So if they ever find out about some govt database that has everyone's history of every conversation and website view, I am 100% sure they will want access.

They will pay money for it, and someone will sell it. I will be shocked if an industry dealing with such data doesn't crop up fast.

[Yvaelle]

It's already started too. Employers now want to look at your Facebook account as well as check your credit. So if they ever find out about some govt database that has everyone's history of every conversation and website view, I am 100% sure they will want access.

They will pay money for it, and someone will sell it. I will be shocked if an industry dealing with such data doesn't crop up fast.

They wouldn't even need to, as I said, if the government has a backdoor - every tech giant does too - and every cyber-crime ring.

[Endus]

It's already started too. Employers now want to look at your Facebook account as well as check your credit.

That really shouldn't be an issue. If they ask you to add them as a "friend", say "you're a potential employer, not a friend. At least, not yet." Facebook has privacy settings for exactly this reason, and them not hiring you over that is no different than an employer asking to see your bank statements, or your last tax return; it's not something they can defensibly require.

Now, if you've got stuff on your PUBLIC Facebook posts that makes you look bad, well, that IS reason to not hire you. A pretty blatant one.

[Yvaelle]

That really shouldn't be an issue. If they ask you to add them as a "friend", say "you're a potential employer, not a friend. At least, not yet." Facebook has privacy settings for exactly this reason, and them not hiring you over that is no different than an employer asking to see your bank statements, or your last tax return; it's not something they can defensibly require.

Fair point but a) what if they didn't even need to ask your permission (because they had a backdoor), and b) proving that you weren't hired for that reason rather than "we found a better candidate" or "we don't think you would fit our corporate culture" - is virtually impossible, unless they say, on record - "we didn't hire you because you didn't let us see your facebook".

[Ghostmcghosty]

Where the hell do you get your history lessons?

He's actually right...Context aside, everything he said was factual.

- - - Updated - - -

That really shouldn't be an issue. If they ask you to add them as a "friend", say "you're a potential employer, not a friend. At least, not yet." Facebook has privacy settings for exactly this reason, and them not hiring you over that is no different than an employer asking to see your bank statements, or your last tax return; it's not something they can defensibly require.

Now, if you've got stuff on your PUBLIC Facebook posts that makes you look bad, well, that IS reason to not hire you. A pretty blatant one.

I was asked several times to actually log into my account and allow them to browse my account.

I was also asked to provide the email address and password so they can log in, but this was several years ago and I am sure that is frowned upon now.

So like I said. It already happens now. And some places will not believe you if you say you do not have an account. I have since deleted mine for other reasons, but it's pretty clear that employers will snoop around your business every chance they get. And all they have to do is say they found someone better, or you didn't qualify if you refuse to allow them to snoop through your stuff.

[Endus]

Fair point but a) what if they didn't even need to ask your permission (because they had a backdoor), and b) proving that you weren't hired for that reason rather than "we found a better candidate" or "we don't think you would fit our corporate culture" - is virtually impossible, unless they say, on record - "we didn't hire you because you didn't let us see your facebook".

Yes, but I'm also of the opinion that I wouldn't want to work for a company like that, in the first place. Making the request should probably be illegal, as should backdooring into your private section.

I was asked several times to actually log into my account and allow them to browse my account.

I was also asked to provide the email address and password so they can log in, but this was several years ago and I am sure that is frowned upon now.

So like I said. It already happens now. And some places will not believe you if you say you do not have an account. I have since deleted mine for other reasons, but it's pretty clear that employers will snoop around your business every chance they get. And all they have to do is say they found someone better, or you didn't qualify if you refuse to allow them to snoop through your stuff.

Yeah, I get that it HAPPENS, but to me, it's like asking to see your phone records, or your mail. It's not something they can legally require.

And yes, they can justify it with anything (reasons I don't support right-to-work frameworks, to boot), but that's the employer being straight-up dishonest. So I repeat; why are you heartbroken that a dishonest and abusive employer turned you down?

[Ghostmcghosty]

So I repeat; why are you heartbroken that a dishonest and abusive employer turned you down?

I'm not. I don't recall indicating that I ever was.

My stance is that privacy is something that we should keep, and this mentality of "If you have nothing to hide then you shouldn't have any issues with us seeing your stuff" is not the way to go at all.

If it becomes the norm to be able to browse through people's history records, then it will surely be abused and suddenly these "dishonest" employers will be seen as the norm because such practices will be standard. Except the difference is they will just get that info from whatever hub has it stored and they wouldn't even need to ask you for permission.

[chazus]

My stance is that privacy is something that we should keep, and this mentality of "If you have nothing to hide then you shouldn't have any issues with us seeing your stuff" is not the way to go at all.

To be clear, I totally agree with this. Despite having nothing to hide, I neither WANT someone looking through my stuff, nor would be happy with it being done.

That doesn't mean I feel the need to go waaay out of my way to prevent unlikely observation.