Bruce Schneier: NSA Surveillance and What To Do About It

docricedocrice Member Posts: 1,706 ■■■■■■■■■■
http://bigdata.csail.mit.edu/node/154

This is a pretty good food-for-thought about the ubiquitous surveillance culture of today's age (about 40 minutes + Q & A time).
Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/

Comments

  • MacGuffinMacGuffin Member Posts: 241 ■■■□□□□□□□
    A handful of things I took away from that video.
    - Meta data is surveillance data, the government will claim otherwise but they lie
    - You can justify just about anything with "the terrorists will kill your children"
    - Encryption works, not even the NSA can break commonly used encryption
    - Watch very carefully the words politicians use, "we are not listening to your phone calls" does not mean they are not recording them, logging them, or tracing them

    I love Mr. Schneier's work and I wish more people would listen to him. He does his research and presents it very clearly in ways most anyone can understand.
    MacGuffin - A plot device, an item or person that exists only to produce conflict among the characters within the story.
  • sasnimrodsasnimrod Member Member Posts: 99 ■■■□□□□□□□
    For those that want to keep up-to-date with what Schneier has to say about the NSA leaks and information security in general, I suggest that you subscribe to his monthly newsletter: https://www.schneier.com/crypto-gram-sub.html

    His newsletters tend to be quite lengthy, but I always found them to be a good read :)
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    Out of curiosity, how many of us are EFF members?
    Currently working on: Linux and Python
  • sasnimrodsasnimrod Member Member Posts: 99 ■■■□□□□□□□
  • j23evanj23evan Member Posts: 135 ■■■■□□□□□□
    sasnimrod wrote: »
    veritas_libertas: you've got one here :)


    I am an EFF member.
    https://vWrong.com - Microsoft Certified Trainer 2013-2018 - VMware vExpert 2014-2018 - Cisco Champion 2018 - http://linkedin.com/in/j23evan/
  • TrashmanTrashman Member Posts: 140
    Bachelor of Science in Information Systems
    2015 COLOR=#008000]X[/COLOR | 2016 COLOR=#ff8c00]In progress[/COLOR | 2017 | 2018
  • Cert PoorCert Poor Member Posts: 240 ■■■□□□□□□□
    Joined EFF a few months ago. Love following their work, as well as Schneier's.

    I can see those of us in IT making a more concerted effort to -- as Bruce says -- make things more "expensive" by using secure protocols as the rule rather than the exception. If we can harden our web servers (both external and internal) with a good HTTPS implementation (with HSTS and Forward Secrecy and the rest), use LDAPS instead of LDAP, forbid FTP and Telnet, make sure our e-mail servers use STARTTLS, harden our corporate VPNs, and encrypt ALL datacenter links and as much internal traffic as possible, I think it would greatly make bulk data collection more expensive.

    I don't know about you, but to this day I still see way too much FTP and Telnet out there and general laziness towards system and network hardening. And patch management that may be postponed for months. And way, way too much unpatched Java plug-in and old versions of Adobe Flash. And ancient versions of Internet Explorer used in the enterprise.
    In progress: MTA: Database Fundamentals (98-364)
    Next up: CompTIA Cloud Essentials+ (CLO-002) or LPI Linux Essentials (010-160)
    Earned: CompTIA A+, Net+, Sec+, Server+, Proj+
    ITIL-F v3 2011 | ServiceNow CSA, CAD, CIS | CWNP CWTS
Sign In or Register to comment.