info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Snowden ARD/DasErste interview in English
34 views
Skip to first unread message
Ben Bucksch
Jan 27, 2014, 12:50:48 PM1/27/14
to mozilla-de...@lists.mozilla.org
* Video webpage
http://mediathek.daserste.de/sendungen_a-z/3304234_ard-sondersendung/19295624_edward-snowden-interview-in-english
* Direct download
http://media.ndr.de/progressive_geo/2014/0127/TV-20140127-1338-2142.hq.mp4
* Transscript
http://www.ndr.de/ratgeber/netzwelt/snowden277.html
Most interesting I found:
> You could read anyone’s email in the world. Anybody you’ve got email
> address for, any website you can watch traffic to and from it, any
> computer that an individual sits at you can watch it, any laptop that
> you’re tracking you can follow it as it moves from place to place
> throughout the world. It’s a one stop shop for access to the NSA’s
> information. And what’s more you can tag individuals using
> "XKeyscore". Let’s say I saw you once and I thought what you were
> doing was interesting or you just have access that’s interesting to
> me, let’s say you work at a major German corporation and I want access
> to that network, I can track your username on a website on a form
> somewhere, I can track your real name, I can track associations with
> your friends and I can build what’s called a fingerprint which is
> network activity unique to you which means anywhere you go in the
> world anywhere you try to sort of hide your online presence hide your
> identity, the NSA can find you and anyone who’s allowed to use this or
> who the NSA shares their software with can do the same thing. Germany
> is one of the countries that have access to "XKeyscore".
Esp. "I can build what’s called a fingerprint which is network activity
unique to you which means anywhere you go in the world"
He didn't elaborate on what this "fingerprint" is based on, but it could be:
* Obviously, log in to email, fetch emails
* Set of websites I regularly visit, e.g. regular visits to the set of
heise.de, nytimes.com and mozilla.org is probably fairly unique in
the world.
* EFF's panopticlick
* Unique IDs in "phone home", e.g "Firefox Health Services". This is
precisely why I opposed Metrics, I wrote in bug 718066 comment 2:
"Having a UUID would allow, for example, to track all my dynamic IP
addresses over time, and allow to build a profile, when combined
with access logs. If I have a notebook or mobile browser, it would
even allow to track the places where I go based on IP geolocation /
whois data."
and I was thinking of the NSA, and now Snowden confirms that they
are doing precisely that.
I think we have to draw conclusions from this - remove anything that can
identify a single user, unless he explicitly chooses to identify himself.
Ben
http://mediathek.daserste.de/sendungen_a-z/3304234_ard-sondersendung/19295624_edward-snowden-interview-in-english
* Direct download
http://media.ndr.de/progressive_geo/2014/0127/TV-20140127-1338-2142.hq.mp4
* Transscript
http://www.ndr.de/ratgeber/netzwelt/snowden277.html
Most interesting I found:
> You could read anyone’s email in the world. Anybody you’ve got email
> address for, any website you can watch traffic to and from it, any
> computer that an individual sits at you can watch it, any laptop that
> you’re tracking you can follow it as it moves from place to place
> throughout the world. It’s a one stop shop for access to the NSA’s
> information. And what’s more you can tag individuals using
> "XKeyscore". Let’s say I saw you once and I thought what you were
> doing was interesting or you just have access that’s interesting to
> me, let’s say you work at a major German corporation and I want access
> to that network, I can track your username on a website on a form
> somewhere, I can track your real name, I can track associations with
> your friends and I can build what’s called a fingerprint which is
> network activity unique to you which means anywhere you go in the
> world anywhere you try to sort of hide your online presence hide your
> identity, the NSA can find you and anyone who’s allowed to use this or
> who the NSA shares their software with can do the same thing. Germany
> is one of the countries that have access to "XKeyscore".
Esp. "I can build what’s called a fingerprint which is network activity
unique to you which means anywhere you go in the world"
He didn't elaborate on what this "fingerprint" is based on, but it could be:
* Obviously, log in to email, fetch emails
* Set of websites I regularly visit, e.g. regular visits to the set of
heise.de, nytimes.com and mozilla.org is probably fairly unique in
the world.
* EFF's panopticlick
* Unique IDs in "phone home", e.g "Firefox Health Services". This is
precisely why I opposed Metrics, I wrote in bug 718066 comment 2:
"Having a UUID would allow, for example, to track all my dynamic IP
addresses over time, and allow to build a profile, when combined
with access logs. If I have a notebook or mobile browser, it would
even allow to track the places where I go based on IP geolocation /
whois data."
and I was thinking of the NSA, and now Snowden confirms that they
are doing precisely that.
I think we have to draw conclusions from this - remove anything that can
identify a single user, unless he explicitly chooses to identify himself.
Ben
Ben Bucksch
Jan 27, 2014, 1:01:26 PM1/27/14
to mozilla-de...@lists.mozilla.org
Ben Bucksch wrote, On 27.01.2014 18:50:
> Having a UUID would allow ... to track the places where I go based on
> IP geolocation
have this capability now or are building it. That includes totalitarian
states that kill people that think in ways the state doesn't happen to
like, being political or even religious reasons. Many of them are not
tech savvy nor aware of the danger they are in or where it lies exactly.
> Having a UUID would allow ... to track the places where I go based on
> IP geolocation
> and I was thinking of the NSA, and now Snowden confirms that they are
> doing precisely that
Correction: I was thinking not just of the NSA. Many states in the world
> doing precisely that
have this capability now or are building it. That includes totalitarian
states that kill people that think in ways the state doesn't happen to
like, being political or even religious reasons. Many of them are not
tech savvy nor aware of the danger they are in or where it lies exactly.
0 new messages