Bruce Schneier: NSA Surveillance and What To Do About It

docrice

http://bigdata.csail.mit.edu/node/154

This is a pretty good food-for-thought about the ubiquitous surveillance culture of today's age (about 40 minutes + Q & A time).

Asif Dasl

Thanks for sharing, I found it a very interesting lecture. I can't see the Internet being secured like he describes but like you say it's good food-for-thought.

MacGuffin

A handful of things I took away from that video.
- Meta data is surveillance data, the government will claim otherwise but they lie
- You can justify just about anything with "the terrorists will kill your children"
- Encryption works, not even the NSA can break commonly used encryption
- Watch very carefully the words politicians use, "we are not listening to your phone calls" does not mean they are not recording them, logging them, or tracing them

I love Mr. Schneier's work and I wish more people would listen to him. He does his research and presents it very clearly in ways most anyone can understand.

sasnimrod

For those that want to keep up-to-date with what Schneier has to say about the NSA leaks and information security in general, I suggest that you subscribe to his monthly newsletter: https://www.schneier.com/crypto-gram-sub.html

His newsletters tend to be quite lengthy, but I always found them to be a good read

veritas_libertas

Out of curiosity, how many of us are EFF members?

sasnimrod

veritas_libertas: you've got one here

j23evan

sasnimrod wrote: »

veritas_libertas: you've got one here

I am an EFF member.

Trashman

Mikko Hypponen: How the NSA betrayed the world's trust -- time to act

Might be of interest as well.

Cert Poor

Joined EFF a few months ago. Love following their work, as well as Schneier's.

I can see those of us in IT making a more concerted effort to -- as Bruce says -- make things more "expensive" by using secure protocols as the rule rather than the exception. If we can harden our web servers (both external and internal) with a good HTTPS implementation (with HSTS and Forward Secrecy and the rest), use LDAPS instead of LDAP, forbid FTP and Telnet, make sure our e-mail servers use STARTTLS, harden our corporate VPNs, and encrypt ALL datacenter links and as much internal traffic as possible, I think it would greatly make bulk data collection more expensive.

I don't know about you, but to this day I still see way too much FTP and Telnet out there and general laziness towards system and network hardening. And patch management that may be postponed for months. And way, way too much unpatched Java plug-in and old versions of Adobe Flash. And ancient versions of Internet Explorer used in the enterprise.