Re: [perpass] perens-perpass-appropriate-response-01

Jacob Appelbaum <jacob@appelbaum.net> Wed, 04 December 2013 21:36 UTC

Return-Path: <jacob@appelbaum.net>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C6E41AD8F5 for <perpass@ietfa.amsl.com>; Wed, 4 Dec 2013 13:36:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.6
X-Spam-Level:
X-Spam-Status: No, score=-0.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FSL_HELO_BARE_IP_2=2, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Swt-aXOhmuvU for <perpass@ietfa.amsl.com>; Wed, 4 Dec 2013 13:36:23 -0800 (PST)
Received: from mail-pb0-f51.google.com (mail-pb0-f51.google.com [209.85.160.51]) by ietfa.amsl.com (Postfix) with ESMTP id 2B3671ACC81 for <perpass@ietf.org>; Wed, 4 Dec 2013 13:36:23 -0800 (PST)
Received: by mail-pb0-f51.google.com with SMTP id up15so24365319pbc.38 for <perpass@ietf.org>; Wed, 04 Dec 2013 13:36:20 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:mime-version:to:cc:subject :references:in-reply-to:openpgp:content-type :content-transfer-encoding; bh=LwL+gjCWkHSAxLxGnAmQGNYvfpRyuOyqBqAlmawF61A=; b=TpCuECd6mQkcRvIOpRjRyaBzJx1fXiUUUTSr69Vjy9nWO26zSutZsiGfBp08i3WyrE /tr/7JkqGsGA5/sXQIXDBbQtV0lviPVclab7M90thIVk7jtZc+CvjUxCOL8XfmakCcum twwIV82k3sJHto+SYzqFESzgiKaw+JN1w7bxFCM36eRankCriyBrC10lkn8pm98351mQ /R0aXsIpc0Tiu2xXG7Ett5IlNQYyxpFe592CVdaN+8EEx8aiWSIUQ+LUtY6Al+z4yqdj HPYLb886ZotBsMRVX+e5Mlyy61sbMAb+5ZHg3SWX3+Kv41ln2/GSVWb4ra5dS7AkY8cf xNUA==
X-Gm-Message-State: ALoCoQmWs/xKy0y9nBbfXz08gDKhfW2Aw8S0stO3Zg/ynwKr5zH7M/VEqLc56WRgee/z4N7urg4D
X-Received: by 10.68.0.35 with SMTP id 3mr47798785pbb.52.1386192980200; Wed, 04 Dec 2013 13:36:20 -0800 (PST)
Received: from 127.0.0.1 (manning2.torservers.net. [96.44.189.101]) by mx.google.com with ESMTPSA id vh3sm106443563pbc.8.2013.12.04.13.36.15 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 04 Dec 2013 13:36:19 -0800 (PST)
Message-ID: <529F9F14.8050805@appelbaum.net>
Date: Wed, 04 Dec 2013 21:31:00 +0000
From: Jacob Appelbaum <jacob@appelbaum.net>
MIME-Version: 1.0
To: Bruce Perens <bruce@perens.com>
References: <E2DA1477-C86E-441E-A33D-D47A0D67AFF3@iab.org> <EF9BD1E4-6EF3-4035-AC4E-1A2D3CADE615@mnot.net> <529E8494.7000806@perens.com> <20131204111309.GB11727@nic.fr> <529F61D8.6030105@perens.com> <20131204171207.GC19914@thunk.org> <529F63C0.3040804@perens.com> <529F88AC.3090904@appelbaum.net> <529F90A0.8000706@perens.com> <529F9205.30906@appelbaum.net> <529F98C0.9090808@perens.com>
In-Reply-To: <529F98C0.9090808@perens.com>
OpenPGP: id=4193A197
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Cc: Stephane Bortzmeyer <bortzmeyer@nic.fr>, perpass@ietf.org, Theodore Ts'o <tytso@mit.edu>
Subject: Re: [perpass] perens-perpass-appropriate-response-01
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Dec 2013 21:36:24 -0000

Bruce Perens:
> On 12/04/2013 12:35 PM, Jacob Appelbaum wrote:
>> What about the illegal spying is in your interest?
> I am not 100% confident that it is illegal, although I am unhappy about FISA and 
> a lot of other things done since 9/11. I testify for a living. I could make a 
> good case that it is illegal, and maybe convince a court.
> 

I'd encourage you to read some of the well written legal opinions by
folks like Jennifer Granick or heck, even the NYT:


http://justsecurity.org/2013/11/21/fisc-pen-register-opinion-its-matter-time-hurt/

http://www.nytimes.com/2013/08/09/opinion/breaking-through-limits-on-spying.html

> The part that is in my interest is that sometimes they do actually catch people 
> who are out to hurt others.
> 

Could you please cite a single case where the illegal NSA spying
programs have done that? I believe there is exactly one and it could
have been done legally. There are countless exmaples

> I happen to have walked through LAX terminal 3 two days before the violence 
> there, and I stayed in 7 World Trade Center a month before 9/11, traveling 
> through the subway station and the main building basements that were buried. I 
> could just as likely have intersected with the bad guys.
> 


Note that those examples happened with various levels of spying - in
some cases the full monty - so we not only have lost our civil
liberties, we've lost them without losing the danger, the risks or the
tragedy. Surely you see this plain reality, right?

I walked into Iraq in 2005 (as a journalist) and talked to people who
had their entire family murdered by our war machine. The NSA spying was
used in full during in our illegal war in Iraq. Surely, we should
consider this as part of the balance, right?

> I am all for finding those guys before they can do harm. I am not for giving 
> espionage and law enforcement a blank check, though. And I think there are 
> obvious problems today that I'd like to fix through the political process.
> 

Policy alone cannot fix the technical problems in a vacuum. We require
both policy and technology solutions. We should reflect on our ideas of
liberty and enshrine them in our technology.

I'd like to find the 'bad guys' too - have you looked at the NSA lately?
They're not the good guys when they commit crimes against the American
people or the rest of the world. Especially when they lie to the US
Congress, I might add.

There are real attackers and the NSA is merely one of them. We need to
secure the DNS against tampering (DNSSEC), against observation (to
resist specific targeting, censorship, etc) and we'll need to do similar
things to other protocols. If you look ahead a few years, I encourage
you to consider that your political fixes will not impact the Chinese,
Russian, British or even *my* capabilities without concrete technical
backing. That is one of the goals of perpass - to solve the technical
problems and with that, a policy person may be able to present a
political solution.

Currently, we lack both political and technical solutions to mass
surveillance.

Sincerely,
Jacob