• Announcements

    • Zapata

      Abbreviated rules   07/28/2017

      Underdawg did an excellent job of explaining the rules.  Here's the simplified version: Don't insinuate Pedo.  Warning and or timeout for a first offense.  PermaFlick for any subsequent offenses Don't out members.  See above for penalties.  Caveat:  if you have ever used your own real name or personal information here on the forums since, like, ever - it doesn't count and you are fair game. If you see spam posts, report it to the mods.  We do not hang out in every thread 24/7 If you see any of the above, report it to the mods by hitting the Report button in the offending post.   We do not take action for foul language, off-subject content, or abusive behavior unless it escalates to persistent stalking.  There may be times that we might warn someone or flick someone for something particularly egregious.  There is no standard, we will know it when we see it.  If you continually report things that do not fall into rules #1 or 2 above, you may very well get a timeout yourself for annoying the Mods with repeated whining.  Use your best judgement. Warnings, timeouts, suspensions and flicks are arbitrary and capricious.  Deal with it.  Welcome to anarchy.   If you are a newbie, there are unwritten rules to adhere to.  They will be explained to you soon enough.  
Sign in to follow this  
badlatitude

If You Liked The Patriot Act, You Will Love The Cloud Act

Recommended Posts

The CLOUD Act was just signed into law: Here's what you need to know

The CLOUD Act was just signed into law: Here’s what you need to know 

https://www.expressvpn.com/blog/cloud-act-what-you-should-know/ 

Tucked discreetly amid the 2,232-page government spending bill is a small provision that promises catastrophic consequences. Known as the CLOUD Act (Clarifying Lawful Overseas Use of Data), this legislature reverses any incremental progress governments have taken toward global privacy over the last few years. 

Passed without any votes, public hearings, or even a single discussion, this act single-handedly reshapes the world’s privacy regulations—and not for the better. 

Under the CLOUD Act, the U.S. government (as well as governments abroad) are given more freedom to collect, store, and use your private information against you. 

The bill changes data collection in two ways: First, it gives authorities (law enforcement, immigration, local police, etc.) more freedom to access a person’s private data regardless of where they’re from or where they live. Second, it grants the U.S. President the ability to set up ‘‘Executive Agreements’ with over governmental bodies, giving both parties the opportunity to access the other’s data without having to adhere to said country’s privacy laws.

Share this post


Link to post
Share on other sites

The CLOUD Act: A Dangerous Expansion of Police Snooping on Cross-Border Data

FEBRUARY 8, 2018

"This week, Senators Hatch, Graham, Coons, and Whitehouse introduced a bill that diminishes the data privacy of people around the world.

The Clarifying Overseas Use of Data (CLOUD) Act expands American and foreign law enforcement’s ability to target and access people’s data across international borders in two ways. First, the bill creates an explicit provision for U.S. law enforcement (from a local police department to federal agents in Immigration and Customs Enforcement) to access “the contents of a wire or electronic communication and any record or other information” about a person regardless of where they live or where that information is located on the globe. In other words, U.S. police could compel a service provider—like Google, Facebook, or Snapchat—to hand over a user’s content and metadata, even if it is stored in a foreign country, without following that foreign country’s privacy laws.[1]

Second, the bill would allow the President to enter into “executive agreements” with foreign governments that would allow each government to acquire users’ data stored in the other country, without following each other’s privacy laws.

For example, because U.S.-based companies host and carry much of the world’s Internet traffic, a foreign country that enters one of these executive agreements with the U.S. to could potentially wiretap people located anywhere on the globe (so long as the target of the wiretap is not a U.S. person or located in the United States) without the procedural safeguards of U.S. law typically given to data stored in the United States, such as a warrant, or even notice to the U.S. government. This is an enormous erosion of current data privacy laws.

This bill would also moot legal proceedings now before the U.S. Supreme Court. In the spring, the Court will decide whether or not current U.S. data privacy laws allow U.S. law enforcement to serve warrants for information stored outside the United States. The case, United States v. Microsoft (often called “Microsoft Ireland”), also calls into question principles of international law, such as respect for other countries territorial boundaries and their rule of law.

Notably, this bill would expand law enforcement access to private email and other online content, yet the Email Privacy Act, which would create a warrant-for-content requirement, has still not passed the Senate, even though it has enjoyed unanimous support in the House for the past two years."

https://www.eff.org/deeplinks/2018/02/cloud-act-dangerous-expansion-police-snooping-cross-border-data

Share this post


Link to post
Share on other sites
14 minutes ago, Righty_tighty_lefty_dumbas said:

Heck yeah! We need this, someone bad might be trying to hurt us.

Be careful what you wish for, I heard they would place Hillary Clinton in charge of this after November.

Share this post


Link to post
Share on other sites

More of that Republican small government philosophy.

What contemptible fraudulent assholes they are. You'd have to be an incredible fool to be taken in by their "ideology" bullshit.

  • Like 1

Share this post


Link to post
Share on other sites

How is this worse then Facebook and Google?

Share this post


Link to post
Share on other sites

Kind of ironic since the very people who signed the bill are currently grilling Zuckerberg on his collection and data sharing.

Share this post


Link to post
Share on other sites
49 minutes ago, Lark said:

How is this worse then Facebook and Google?

Facebook and Google only keep the data you give them. This law allows for the US to go anywhere around the world to grab the data from anyone as long as they have some kind of leverage over their US offices. My guess, this is a knee-jerk reaction to a case before the courts where Microsoft is trying to get out of providing a US sent email stored on an Irish server. 

 

Share this post


Link to post
Share on other sites
6 minutes ago, Bent Sailor said:

Facebook and Google only keep the data you give them. This law allows for the US to go anywhere around the world to grab the data from anyone as long as they have some kind of leverage over their US offices. My guess, this is a knee-jerk reaction to a case before the courts where Microsoft is trying to get out of providing a US sent email stored on an Irish server. 

 

I still want to know what they're going to do about people who use heavy encryption. OK the cloud service providor gives them all your files. What now, brown cow? They still can't read them.

Now metadata that has to be in clear like email addresses et al, sure, they can grab all that. But unless there's been some secret breakthroughs in cracking encrypted data.....?

Many years ago when a few of us worked for various APS arms we were told we weren't allowed to use encrypted email. A bunch of us considered encrypting the odd core dump & emailing it about to see what happened. Since we didn't really *want* to get fired, it remained a thought exercise.

FKT

Share this post


Link to post
Share on other sites
3 minutes ago, Fah Kiew Tu said:

I still want to know what they're going to do about people who use heavy encryption. OK the cloud service providor gives them all your files. What now, brown cow? They still can't read them.

Depends on how it was encrypted and who has the keys.

If there is a "hole" in the encryption (you know, encryption software with a backdoor) - the government will likely just get the back door opened for them without the owners involvement. My guess is that the US will try that first in most circumstances unless they think they can scare you into giving up the key willingly. 

The Fifth Amendment makes it a little unclear on whether the courts can compel production of a key in the US. Case law for both ways atm and SCOTUS hasn't ruled on it yet to my knowledge (though Tom will be along promptly to correct me if they have). So it's quite possible they'll just subpoena the key from you. Over here, there is no grey at all, they can compel you to hand over keys or face 6mths-2yrs jail for failing to comply with a legal order. 

Share this post


Link to post
Share on other sites
6 minutes ago, Bent Sailor said:

The Fifth Amendment makes it a little unclear on whether the courts can compel production of a key in the US. Case law for both ways atm and SCOTUS hasn't ruled on it yet to my knowledge (though Tom will be along promptly to correct me if they have). So it's quite possible they'll just subpoena the key from you. Over here, there is no grey at all, they can compel you to hand over keys or face 6mths-2yrs jail for failing to comply with a legal order. 

Yeah I knew that which makes for an interesting thought exercise or two.

If I had files I needed to hide, I can think of various places to do it that would be quite hard to track down before they could even get to the point of demanding the decryption keys. As I don't - shrug. Searching my files would be like putting me through a tax audit. It'd be time consuming & annoying but at the end, nothing of note would result.

FKT

Share this post


Link to post
Share on other sites
1 hour ago, Fah Kiew Tu said:
1 hour ago, Bent Sailor said:

The Fifth Amendment makes it a little unclear on whether the courts can compel production of a key in the US. Case law for both ways atm and SCOTUS hasn't ruled on it yet to my knowledge (though Tom will be along promptly to correct me if they have). So it's quite possible they'll just subpoena the key from you. Over here, there is no grey at all, they can compel you to hand over keys or face 6mths-2yrs jail for failing to comply with a legal order. 

Yeah I knew that which makes for an interesting thought exercise or two.

If I had files I needed to hide, I can think of various places to do it that would be quite hard to track down before they could even get to the point of demanding the decryption keys. As I don't - shrug. Searching my files would be like putting me through a tax audit. It'd be time consuming & annoying but at the end, nothing of note would result.

Isn't it amazing how being honest can simplify life and reduce stress?

Searching my computer would be really really boring for anybody who didn't like sailboat pictures.

-DSK

Share this post


Link to post
Share on other sites
5 hours ago, badlatitude said:

The CLOUD Act: A Dangerous Expansion of Police Snooping on Cross-Border Data

But just think of all the children this will save around the globe. It sounds like you value your privacy rights over the lives of children.  Why is the right to your “precious” more important than their right to grow up and not be murdered?

it sounds like you think our rights are important..... sometimes. 

Share this post


Link to post
Share on other sites
6 minutes ago, Shootist Jeff said:

But just think of all the children this will save around the globe. It sounds like you value your privacy rights over the lives of children.  Why is the right to your “precious” more important than their right to grow up and not be murdered?

it sounds like you think our rights are important..... sometimes. 

So, you think it is okay for even local police departments to go after your IP information without a warrant? and that even foreign governments can wiretap within the borders of the United States without having to comply with U.S. wiretap restrictions? 

Apple, Microsoft, Facebook, Google, are all supporting this Act so that they don't have to be bothered with giving out your private info, it's now free for the asking.

Why is it whenever righties are in charge our Constitutional rights are eroded? I'll tell you why it's because righties are fucking scaredy cats who will give up anything to stay warm and cozy in their safe place.

Share this post


Link to post
Share on other sites
3 hours ago, Steam Flyer said:

Isn't it amazing how being honest can simplify life and reduce stress?

Searching my computer would be really really boring for anybody who didn't like sailboat pictures.

-DSK

How about a complete series on how (not) to build a steel sailboat?

I owe you some pix now the thing is finished. Haven't splashed it yet, the place is getting cold & dark so I'm thinking it's near time to be somewhere else for the winter. Maybe September/October if the ground is hard enough to get the truck & crane in.

FKT

Share this post


Link to post
Share on other sites
6 hours ago, bhyde said:

Kind of ironic since the very people who signed the bill are currently grilling Zuckerberg on his collection and data sharing.

I'm deeply disappointed in Whitehouse for this. He should know better.

Share this post


Link to post
Share on other sites

here's some more 'data' for all these paranoid fascist shitbags; go eat a bowl of rancid dicks and wash it down with battery acid.

godbless'murica

Share this post


Link to post
Share on other sites
7 hours ago, Fah Kiew Tu said:

I still want to know what they're going to do about people who use heavy encryption. OK the cloud service providor gives them all your files. What now, brown cow? They still can't read them.

I would think the moment you start using heavy  encryption, Tor/anon networks and temp emails you would attract attention. 

Even if they can't read your files, after combing through your digital life they can get a pretty good idea of what you are up to and if you require some personal attention.

Share this post


Link to post
Share on other sites
36 minutes ago, VhmSays said:
8 hours ago, Fah Kiew Tu said:

I still want to know what they're going to do about people who use heavy encryption. OK the cloud service providor gives them all your files. What now, brown cow? They still can't read them.

I would think the moment you start using heavy  encryption, Tor/anon networks and temp emails you would attract attention. 

Even if they can't read your files, after combing through your digital life they can get a pretty good idea of what you are up to and if you require some personal attention.

The whole point of that stuff is you don't attract attention.

I use a VPN almost exclusively, for a lot of reasons. That doesn't necessarily mean I'm doing anything illicit. On the other hand, when I tried to access one of my banks from the Tor net the web site freaked right the fuck out and locked me out. The banks did NOT like that I was coming to the retail site from a Tor node.

Share this post


Link to post
Share on other sites
10 hours ago, Bent Sailor said:

The Fifth Amendment makes it a little unclear on whether the courts can compel production of a key in the US. Case law for both ways atm and SCOTUS hasn't ruled on it yet to my knowledge (though Tom will be along promptly to correct me if they have). So it's quite possible they'll just subpoena the key from you. Over here, there is no grey at all, they can compel you to hand over keys or face 6mths-2yrs jail for failing to comply with a legal order. 

I don't know of any such court ruling.

The latest development is in the generally-ignored thread on the topic:

On 3/31/2018 at 7:06 AM, Uncooperative Tom said:

A new Inspector General's report says that the Feds deliberately delayed cracking the topic iPhone in an effort to force Apple to comply.
 

Quote

 

The chief apparently became frustrated when the third-party solution undercut the legal challenge, reportedly asking another official: "Why did you do that for?"

Apple was put under enormous political pressure to comply with the FBI. Donald Trump, then still a presidential candidate, called for a boycott on Apple. Other GOP candidates demanded that Apple cooperate with the feds. Sens. Dianne Feinstein (D-Calif.) and Richard Burr (R–N.C.) crafted terrible legislation that would require tech companies to follow the feds' demands that they weaken their cybersecurity. The bill failed, fortunately.

During that whole public fight, some FBI officials were deliberately trying to fail. All to sell a narrative that they had no choice but to make Apple weaken its own security—and yours as well.

 

From my perspective, authoritarians like Trump and DiFi seem to always oppose strong encryption for anyone but governments.

The willingness (or lack thereof) to allow citizens to have some secrets from the State is a kind of authoritarianism marker that almost never fails.

 

Share this post


Link to post
Share on other sites
3 hours ago, B.J. Porter said:

The whole point of that stuff is you don't attract attention.

I use a VPN almost exclusively, for a lot of reasons. That doesn't necessarily mean I'm doing anything illicit. On the other hand, when I tried to access one of my banks from the Tor net the web site freaked right the fuck out and locked me out. The banks did NOT like that I was coming to the retail site from a Tor node.

If you use anonymizing tools you can be pretty sure some agency has you on a list somewhere and you have been checked out. If you have tor or such on your computer you can legally be hacked and put under scrutiny thanks to "Rule 41". Compared to the whole open internet the percentage using these services and visiting the dark web are minuscule and a large percentage are involved in "illegal" activities. If you take the effort to remain anonymous there will be people wanting to know why. IPs are passé just your browsing habits can id you, we have exchanged privacy for the security big brother provides.

https://www.cnet.com/news/nsa-likely-targets-anybody-whos-tor-curious/

https://www.propublica.org/article/heres-one-way-to-land-on-the-nsas-watch-list

 

A concise explanation of Rule 41, https://www.bostonlawyerblog.com/2017/04/18/big-changes-little-known-rule-rule-41b-unlawful-search-paved-way/  NSA and others have different mandates and imperatives

 "As long as the computer’s user has used technology to hide the computer’s location, a federal magistrate judge located anywhere in the United States can issue a warrant that allows law enforcement to remotely access that computer—usually by using spyware or malware to invade the computer—and to pull information from the computer. This includes IP address information that provides law enforcement with information about the computer’s physical location."

 

Edited by VhmSays
41

Share this post


Link to post
Share on other sites
9 hours ago, Shootist Jeff said:

But just think of all the children this will save around the globe. It sounds like you value your privacy rights over the lives of children.  Why is the right to your “precious” more important than their right to grow up and not be murdered?

it sounds like you think our rights are important..... sometimes. 

Ahhhhhh....I see what you did there.  

 

Despite the possibility of a false equivalence, though maybe not-you could definitely argue that in some (many) cases information not being available to the public has caused death.

At any rate, I will give you this....your line of thinking isn't entirely wrong.

In both instances, wrt to privacy and guns, the question then becomes what do we do?  How do we maintain the rights of the citizenship while still enacting policies that also preserve the safety of that citizenship?

 

Of course if we can come up with some sound answers there, we probably get the Nobel prize.  But hey, lofty goals right?

Share this post


Link to post
Share on other sites
9 hours ago, VhmSays said:

If you use anonymizing tools you can be pretty sure some agency has you on a list somewhere and you have been checked out. If you have tor or such on your computer you can legally be hacked and put under scrutiny thanks to "Rule 41". Compared to the whole open internet the percentage using these services and visiting the dark web are minuscule and a large percentage are involved in "illegal" activities. If you take the effort to remain anonymous there will be people wanting to know why. IPs are passé just your browsing habits can id you, we have exchanged privacy for the security big brother provides.

https://www.cnet.com/news/nsa-likely-targets-anybody-whos-tor-curious/

https://www.propublica.org/article/heres-one-way-to-land-on-the-nsas-watch-list

 

A concise explanation of Rule 41, https://www.bostonlawyerblog.com/2017/04/18/big-changes-little-known-rule-rule-41b-unlawful-search-paved-way/  NSA and others have different mandates and imperatives

 "As long as the computer’s user has used technology to hide the computer’s location, a federal magistrate judge located anywhere in the United States can issue a warrant that allows law enforcement to remotely access that computer—usually by using spyware or malware to invade the computer—and to pull information from the computer. This includes IP address information that provides law enforcement with information about the computer’s physical location."

 

Interesting. I'm curious how that applies to a US citizen that has been out of the country for over two years and never actually done anything like that from inside the US.

Share this post


Link to post
Share on other sites
8 minutes ago, B.J. Porter said:

Interesting. I'm curious how that applies to a US citizen that has been out of the country for over two years and never actually done anything like that from inside the US.

You are out of the country travelling to interesting places with the means to smuggle and trying to hide your activities using encryption and tor which LEOs associate with criminal activity, why would any agency be interested. If you send a package by post and then track the package using tor it will be flagged and checked. 

Share this post


Link to post
Share on other sites
Just now, VhmSays said:
20 minutes ago, B.J. Porter said:

Interesting. I'm curious how that applies to a US citizen that has been out of the country for over two years and never actually done anything like that from inside the US.

You are out of the country travelling to interesting places with the means to smuggle and trying to hide your activities using encryption and tor which LEOs associate with criminal activity, why would any agency be interested. If you send a package by post and then track the package using tor it will be flagged and checked. 

Given I'm not doing anything illegal and never will be, any law enforcement people sniffing out my Christmas presents and boat parts is kind of amusing.

Truthfully, I've not found Tor to be terribly useful. As mentioned, legit sits like banks freak out when you try and use them. Hell, the idiots at BoA freak out when I try to login with a commercial VPN. Of course, they only check their login page - once you're past that you can turn it back on and re-encrypt your data. But Tor is slower, and since I'm not doing anything interesting it's not worth using the lobotomized browser anyway.

The best use I found for Tor so far was to chat with some hackers on the dark web for research for a novel.

 

Share this post


Link to post
Share on other sites
44 minutes ago, B.J. Porter said:

Given I'm not doing anything illegal and never will be, any law enforcement people sniffing out my Christmas presents and boat parts is kind of amusing.

Truthfully, I've not found Tor to be terribly useful. As mentioned, legit sits like banks freak out when you try and use them. Hell, the idiots at BoA freak out when I try to login with a commercial VPN. Of course, they only check their login page - once you're past that you can turn it back on and re-encrypt your data. But Tor is slower, and since I'm not doing anything interesting it's not worth using the lobotomized browser anyway.

The best use I found for Tor so far was to chat with some hackers on the dark web for research for a novel.

 

While doing research on the dark net did you happen to visit the market, make a little purchase maybe....for research?

Here is some serious detail on how to do it correctly, browse through the controlled/monitored delivery, love letters and how to get a lawyer, types of scams lots of usable material.

 

DNM_Bible__3-22-2018_.pdf

Share this post


Link to post
Share on other sites
12 minutes ago, VhmSays said:

While doing research on the dark net did you happen to visit the market, make a little purchase maybe....for research?

Here is some serious detail on how to do it correctly, browse through the controlled/monitored delivery, love letters and how to get a lawyer, types of scams lots of usable material.

 

DNM_Bible__3-22-2018_.pdf

No, I just posted some questions on some forums and exchanged some secure e-mails.

There's a lot of dubious shit out there.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this