Is there any interest in privacy & free software friendly services?
I'm curious if people would pay for a set of services that had:
1. clearly defined privacy policies
2. based on free software
3. developed and maintained by a trusted party (and possibly endorsed by respectable individuals and/or projects like the EFF, FSF, RMS, etc)
There are some companies out there that I have wanted to like although found out that they were using proprietary systems and/or didn't have clear privacy policies defined, etc.
The types of services I'm envisioning would include:
you could spin up 100% free software friendly trisquel / parabola VPSs
email services /w secure web, imap, pop/smtp (managed by the entity for ease of use, although possibly with the ability to connect domains to it)
calendaring (integration with evolution/thunderbird/android/etc)
personal wiki (save your notes- no need to setup your own wiki)
file sharing (upload files for sharing with others)
android/replicant notes application (sync your notes with a server and access notes through web interface too)
storage space for backup and other uses (possibly with syncing options, etc. and maybe similar to drop box, making public folders, etc)
secure xmpp (https ; would need )
easy to use and free software friendly remote desktop solutions (a solution as easy to use as teamviewer w free software replacement)
remote desktop environments for testing (possibly with some sort of Network Booting (PXE) )
virtual private servers
voip (purchase voip phones or voip ata adapters for connecting traditional phones)
Network News Transfer Protocol (NNTP) server (including binary)
.onion services like email server (possibly with no-cost option to ensure anonymity)
many these services available through .onion
vpn services
accept anonymous bitcoin payments
search engine services (privacy / anonymity / maybe working with others already doing it)
possibly entertainment & news facilities (to facilitate ease of locating drm-free content; search engine that avoided sites that were DRM'ing content; probably based on user crowd-sourced data)
and other similar services... for a monthly fee of maybe $20-$30 USD / month.
Obviously there would have to be limitations on things like disk space, bandwidth caps, etc although these would be in a clearly defined. Possibly done in an upgradable way. So $10 might get you a cap of 10gb bandwidth for instance that could be used with any of these services. $20 might get you 100gb bandwidth, etc.
I'm sure this type of thing would have to be rolled out slowly. The idea though behind it is both privacy, freedom, and the rolling of services into one in such a way that ensured prices could be made reasonable.
Think of it as being the first "internet" ISP. Think AOL for the technical user except with services that matter.
I for one would be interested in such a service. I try to run some of those services on a home server but I lack time and knowledge to have a fully functional setup. Knowing that there is a clear commitment to privacy and using Free software would be a big selling point for me!
Count me in as someone very much interested in such a service. Even if I didn't take advantage of all of the features, it'd be wonderful to have a libre alternative to a Google or Yahoo.
One additional idea, would be to provide MediaGoblin servers as well perhaps.
I'd love to be kept posted. Good luck!
Michael Mehrazar
name at domain wrote:
>I'm curious if people would pay for a set of services that had:
>
>1. clearly defined privacy policies
>2. based on free software
>3. developed and maintained by a trusted party (and possibly endorsed
>by
>respectable individuals and/or projects like the EFF, FSF, RMS, etc)
>
>There are some companies out there that I have wanted to like although
>found
>out that they were using proprietary systems and/or didn't have clear
>privacy
>policies defined, etc.
>
>The types of services I'm envisioning would include:
>
>you could spin up 100% free software friendly trisquel / parabola VPSs
>email services /w secure web, imap, pop/smtp (managed by the entity for
>ease
>of use, although possibly with the ability to connect domains to it)
>calendaring (integration with evolution/thunderbird/android/etc)
>personal wiki (save your notes- no need to setup your own wiki)
>file sharing (upload files for sharing with others)
>android/replicant notes application (sync your notes with a server and
>access
>notes through web interface too)
>storage space for backup and other uses (possibly with syncing options,
>etc.
>and maybe similar to drop box, making public folders, etc)
>secure xmpp (https ; would need )
>easy to use and free software friendly remote desktop solutions (a
>solution
>as easy to use as teamviewer w free software replacement)
>remote desktop environments for testing (possibly with some sort of
>Network
>Booting (PXE) )
>virtual private servers
>voip (purchase voip phones or voip ata adapters for connecting
>traditional
>phones)
>Network News Transfer Protocol (NNTP) server (including binary)
>.onion services like email server (possibly with no-cost option to
>ensure
>anonymity)
>many these services available through .onion
>vpn services
>accept anonymous bitcoin payments
>search engine services (privacy / anonymity / maybe working with others
>
>already doing it)
>possibly entertainment & news facilities (to facilitate ease of
>locating
>drm-free content; search engine that avoided sites that were DRM'ing
>content;
>probably based on user crowd-sourced data)
>
>and other similar services... for a monthly fee of maybe $20-$30 USD /
>month.
>
>Obviously there would have to be limitations on things like disk space,
>
>bandwidth caps, etc although these would be in a clearly defined.
>Possibly
>done in an upgradable way. So $10 might get you a cap of 10gb bandwidth
>for
>instance that could be used with any of these services. $20 might get
>you
>100gb bandwidth, etc.
>
>I'm sure this type of thing would have to be rolled out slowly. The
>idea
>though behind it is both privacy, freedom, and the rolling of services
>into
>one in such a way that ensured prices could be made reasonable.
>
>Think of it as being the first "internet" ISP. Think AOL for the
>technical
>user except with services that matter.
I'll pay for these services for sure... and if you throw in Mediagoblin I'll name my firstborn after you.
The Trisquel project didn't managed to get 100 members paying the minimum amount (5€) in 2 years or so and you believe you will find people willing to pay "$20-$30 USD/month" for a bunch of services that you can't possibly be good at all ?
I think your intentions are good and I would like to see and maybe use at least some of those services but that price tag just doesn't seem too realistic to me.
I've recently set up my own KVM-based vServer that runs Trisquel.
It hosts email, statusnet and GNU MediaGoblin.
MediaGoblin is reachable via http://www.isengaara.de/.
I installed MediaGoblin because other mediahubs such as http://vocano.de/ use the nonfree flashplayer for video playback. The also recommend other nonfree softwares. If you know the youtube url than you can watch the videos without nonfree software.
For email services I quote from Richard Stallman:
"The two ethical issues for an email service are (1) whether you can use it without running any nonfree software (including nonfree Javascript code from the site), and (2) whether it respects your privacy.
Last I heard, Gmail was satisfactory on issue 1, and probably so are many others. On issue 2, I have no way to verify that any email service is satisfactory. Therefore, I have no recommendation to offer.
However, I can suggest that it may be wise to use an email service that is not connected with your search engine. That way you can be almost sure that your email contents don't influence your search results. You shouldn't identify yourself to your search engine in any case."
Recently I heard about https://fripost.org/index.en.html which is maintained by fellows of the FSFE.
I pay about EUR 5 a month for this KVM based vServer.
For fripost you have to pay 200 SEK (about EUR 20) once. A small price for freedom
I would certainly pay for such a service. I could do my own, but time is an issue for me so it would be worth paying for a service that was convenient and respected freedom and privacy.
On 06/06/13 12:36, chris wrote:
> you could spin up 100% free software friendly trisquel / parabola
> VPSs email services /w secure web, imap, pop/smtp (managed by the
> entity for ease of use, although possibly with the ability to connect
> domains to it)
I'm already in the early stages of planning a pseudonymous BTC-payable
email service on a VPS.
Andrew.
Yes, I would be interessed. On technical side it seems to require a lot of know-how, and on legal side.. well, I am not aware of the issues there but I can guess there is something like data retension laws or log keeping. Have you checked if there is a demand for such a server in the Tor network? Also I hope you take low bandwidth and high latency of TOR in great consideration. It has been said (in clearnet), that an average user won't wait your site for minutes. if it ain't doing anything the first 5sec they'll wander away (Could longer for TOR).
I've been looking for affortable shell account so I didn't have to keep a machine running 24/7.
If you'd accept bitcoins as your mounthly fee, well .. it'd bring non-$ people to your potential customers too. Bear in mind you'd propably have to accept making a loss for at least a start. Start small, calculate and justify your fees well.. both to yourself and your customers.
I would love to see web service providers like that. For users that want to use advanced web services but don't want to use non-free saas or companies that have corporate interest in their data, I think it could be in high demand. Since it would provide useful web-only services like cloud storage and communication servers, I hope the impetous would be enough that many free-minded folk would be willing to pay a monthly fee.
Sure there's people interested. Just take a look at name at domain archives (I bet they exist): the availability of Freedom+Privacy respecting "cloud" services are one of the most asked questions there.
Chris, I would almost certainly sign up.
Although ...
I'd want a way to pay for the services I use, and not just plunk down c.$300 a year for a bundle.
What you're probably looking at is tiered service levels, like most places have. Micro/Small/Med/Large, or something like that.
For the most part, the only items relevant to your list that I shell out for are:
--Domain names (with registration privacy enabled of course)
--SFTP-accessible raw web space, sometimes with modules available for things like blogs/wikis/CMSs
--Webmail and associated services, esp. aliasing
Generally speaking a modest package for the latter two runs around $100/yr. and I have two or three of those running at any given time.
My favorite vendors over the years have been NearlyFreeSpeech and the Church of the Swimming Elephant (cotse).
Great feedback from everybody-
Keep it coming.
I'll be sure to post here if I get involved with helping setup anything or there is a subsidiary of ThinkPenguin, Inc. setup to work on pursuing a solution to these issues.
Chris
Another idea:
I've seen startups fund themselves by offering, for a very limited window and a fairly hefty price, a "Founding Member" option. Your early adopters get, for that fee, a small Lifetime version of your basic services for as long as your company runs. You get an influx of capital to keep the ship afloat while you build an extended customer base.
I really would love the opportunity to invest heavily up front, and not have a monthly/yearly bill.
Chris do you know how privacy laws may guide how Think Penguin will manage requests for user data?
Lets say a corporation, individual, or state wants access to John's data.
I would be comfortable if a court reviewed the request, openly, before Think Penguin turned over John's data. I would like it even more if Think Penguin could tell John about the request for his info, and whether Think Penguin complied.
I don't know about how this works in practice, or which laws apply. Would it play out like the scenario above? Or are there other/different steps?
Could you tell us how Think Penguin might handle requests for user info, and what steps the laws require? Do you plan to publish a policy on this kind of thing, if you launch the service?
On 07/06/13 11:06, adel.afzal wrote:
> Are privacy laws very different from country to country? Well, I
> guess so, depending on the country ... but I don't really know what
> those differences are.
I don't know much about other countries, but Australia has the
Information Privacy Principles (IPP) which are for the government, and
the National Privacy Principles (NPP) which are for companies. They both
differ slightly. And then Australian states can create their own privacy
laws, for state government, companies and/or individuals to follow.
Andrew.
It would require further research although I am confident that there are no data retention laws in the United States. The closest thing would be a warrant for a specific user to retain data already preserved and possibly in theory to record future data. What this means in practice is we could disable all logging for all services. We would have to take action in regards to abuse of services. So if a user paid $20 for an account and setup a VPS with infringing material on it the account may have to be temporarily disabled should a DMCA takedown request be issued. The user would then be notified at whatever address specified when they signed up or through some other means and have an opportunity to object. If a user objects we would then be able to re-enable the VPS/service for that account. Our legal liability is eliminated by having such a policy and following it. There is no law requiring us to record the identity of users, connecting IP addresses, etc.
There are smaller ISPs in the United states which have a very low retention period for there IP logs compared to industry norms. The authorities are not terribly happy with this although there is nothing they can do about it other than attempt to change the law. And unfortunately they are constantly trying to do just that. However the issue has been swept under the bridge because all ISPs of significant size have significant data retention policies for IP addresses. This may or may not include email.
It would not be feasible to setup operations in Europe because of stringent data retention laws.
US laws are already irrelevant...
Since, the "laws" that are being passed violate the US supreme set of laws, called the Constitution. (And, since that - like everyone who has repeatedly been the target of the powers-that-be knows - not all laws are truly obeyed, when they are not convenient to follow.)
What the US government can't do legally, it will do illegaly.
http://cnsnews.com/news/article/13753-gov-t-requests-google-e-mail-data-2012-most-without-warrant
http://www.prisonplanet.com/barack-obamas-black-widow-the-super-spy-computer.html
http://www.prisonplanet.com/spy-state-shock-gmail-yahoo-mail-facebook-skype-aol-apple-all-secretly-sharing-private-user-communications-with-nsa.html
And, to finish this point I was making...
For those of you who don't know what I'm talking about, when I say that the US government is doing things illegally... The "4th Amendment" to the United States Constitution forbids the government from doing this type of surveillance, without a thing called "warrants", for which there has to be a "probable cause" of wrongdoing for each person being the target of such surveillance.
http://en.wikipedia.org/wiki/Fourth_Amendment_to_the_United_States_Constitution
Which means that, all this NSA surveillance, that the US government is doing on its own citizens, is *illegal*. And, that you have an *out-of-control* government, who doesn't obey its own laws.
And, (speaking generally) if you're not (very) worried about this, you, most definitely, should. And, should also, therefore, seriously think about doing something about it, besides trying to also build secure telecommunications networks.
Yep.
And the major difference between this administration and the last is that the first guys just didn't care about the law ... and the new guys are putting all their effort into doing the same unconstitutional bullshit and trying to make the law bless it, when they do it. Instead of reversing the horrors, they're trying to make them the new normal and wrap them in the mantle of justice.
I share your worry, and your fury.
I'm not sure I'm quite as pessimistic (as in the 'evidence' discussion below), but we're on the same page 95% of the way down.
>Lets say a corporation, individual, or state wants access to John's data.
Especially since the passing of the Patriot Act there is zero privacy from the state. And you will not be notified and a gag order is placed to prevent anybody from telling you.
https://en.wikipedia.org/wiki/E-mail_privacy
https://en.wikipedia.org/wiki/Patriot_act
https://en.wikipedia.org/wiki/National_Security_Letter
https://en.wikipedia.org/wiki/PRISM_(surveillance_program)
Well said.
That's one of the things that the so-called "USA PATRIOT Act" allows the US authorities to so, ever since late 2001.
(And about which, even I, that don't live in the US, know about, almost since then...)
Everyone read, and listen to, (on the Internet) what the "civil libertarians", in the US, have been, for years, warning about.
"The FBI demanded under the Patriot Act that Internet service providers (ISPs) install recording devices to spy on their customers at will, using a barrage of NSLs to demand the data. Nick Merrill of Calyx Internet Access, an ISP start-up, was one of those telecommunications providers. He sued in court to stop the attack on his customers’ privacy. But he had to sue anonymously in order to avoid being charged under the Patriot Act with a felony that could earn him five years in prison. NSLs come with a gag order. Merrill endured six years of silence before winning (in part) a court case that allowed him to inform the world that he had to install wiretapping devices on his servers, though he remains gagged about the contents of the NSL he was served back in 2004."
--- http://www.thenewamerican.com/usnews/congress/item/2335-anti-fourth-amendment-patriot-act
In French, but interesting - about "self-hosted":
[1] http://www.auto-hebergement.fr/
[2] http://planet.auto-hebergement.fr/
[3] https://wiki.auto-hebergement.fr/
[4] http://fr.wikipedia.org/wiki/Auto-h%C3%A9bergement_%28Internet%29
Unfortunately, I can't afford this amount of money, though I'm interested.
I think privacy should be available to poor people, too. Perhaps a more flexible solution will be found.
It could probably be setup with different tiers although ultimately it would probably be difficult to provide a significant number of services at a low dollar amount. The problem being the costs of bandwidth, equipment, facilities, etc. I could envision a free tier where users might have access to email, shell, and a handful of others. However VPS, PXE, VPN, and similar services would probably need to have some amount charged for or otherwise be extremely minimal as far as offerings go in a free tier. The other problem with a free tier is it'll get abuse easily. A solution might be a small charge to a credit card or similar. However that would be less desirable. Users shouldn't have to identify themselves ideally. If one does not identify themselves and makes payment for said services it is to ones disincentive to risk having there account suspended.
The fact it is easy to abuse the services might not be a legal problem although it could be a problem as far as connections go. If upstream providers start blocking your no longer able to provide the services or those services are no longer useful because nobody can access them.
Yes, I really understand all the economical issues.
I'm thinking of the very basic stuff:
mail, search engine, very restricted syncing storage;
advertising is nothing bad as long as it's not "improved" with my personal data, so maybe this would be a solution.
I'm ok with a free (as in cost) version that offers an email address and
limited file sync/storage. Support this no-cost option with
non-intrusive, non-data-mining advertisements. Sell ad space for a
monthly fee, maybe?
(Independently of all the security measures such an organization would take...)
Unless it would be endorsed by a (good) secret service that I know is not controlled by the same interests that control the Western secret services (and one that would make an extensive background check on everyone that would join such a project, and a thorough job in constantly checking for subversions, of any kind) and that would certify its security, it would not be something I knew I could really trust in...
Since, I know, from experience, that activist organizations (due to its open nature) are easily infiltrated and subverted - independently of which persons have initially endorsed them.
Learn about the kind of things the "enemies of privacy" do, in order to know what you're up against...
(Here goes a small introduction: http://forum.prisonplanet.com/index.php?topic=101456.msg603918#msg603918 + https://trisquel.info/en/forum/ixquickstartpage-launching-new-privacy-aware-email-service#comment-36315)
And, as I've repeatedly said, in here, before...
This is not the best way to go. We should not try to hide from Big Brother. We should, instead, be more worried about fighting it and taking it out of the equation.
Since, while we are all worried about setting up such networks, Big Brother will only grow in size, and scope. (Like it has, already - and very much.) And, by the time such networks are set up, we will all be (already) enslaved...
Anyway...
Soon, laws are going to be passed that will forbid the implementation of privacy on the Internet. And, unless, you are all willing to fight such laws - and, that is, politically - all that effort you'll make will be irrelevant.
But, in the meantime...
This is an "open source" software for "PGP-like asymmetric" encrypted communications, that I've repeatedly seen recommended by former Russian intelligence officers:
http://www.nuclear-demolition.com/files/cipherwall-description.txt
You only need to be better than the rest to make it worthwhile. The goal is not to subvert the law. The goal is to ensure users retain as much privacy/anonymity/freedom within what the law will allow even or despite the fact no one else is. There are other people working on projects which are more subversive. There are places which one can setup that are less restrictive. Europe for instance has some very heavy handed laws on data retention. The US less so. There may be other countries which have laws to the opposite effect.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2013-06-08 00:02, name at domain wrote:
> You only need to be better than the rest to make it worthwhile.
I believe you already are better on several levels, or already there, at
ThinkPenguin.
If I were you I'd create such a service with server applications which
are well supported in Gnome. It's not easy ot enter the
hosting/cloud/server business, and it requires quite some engineering
and customer service manpower.
OwnCloud is already integrated in Gnome 3.8, and packaged in Debian, so
that's one. XMPP/Jabber services is another. Also look at Filelink
(https://support.mozillamessaging.com/en-US/kb/filelink-large-attachments),
I'd try to position my service among the available choices or encourage
Debian to include them (so all derivatives would), or at least make it
compatible with existing choices. All services that use some sort of
cloud/hosting could converge to your service if you bundle it or make it
very easy to use on your systems - and you could also offer it separately.
Google pervasiveness is not only based or depending on their
well-designed, tightly integrated services. Its success is mostly based
on the one-time-login/registration experience on their phones and chrome
devices. You create your account once, login, and all your pictures,
contacts, calendar, messaging, etc. are on, available and working on any
of your devices. Doing that today *with free software only* is possible
but not as tightly integrated, so I'd work towards that goal.
F.
- --
Fabián Rodríguez
http://fsf.magicfab.ca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: PGP/Mime available upon request
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iEYEARECAAYFAlGzI4gACgkQfUcTXFrypNUFkwCcC8NaYm4RHMW75zoE7wI0aoBo
ZMYAn3fUjzojc4H7P4GN9Z2aM0UBEhlq
=egIJ
-----END PGP SIGNATURE-----
Regarding the free vs. evil freeloaders problem: If you want to keep it screened yet anonymous, there are ways. Money orders in a very small amount, for example, might be sufficient to rid yourself of the drive-by spammer types, at least. Or you could use the riseup model of "write me an essay and tell me why I should trust you". It's all a lot of overhead, though. And since (I'm assuming) this is ultimately modeled as a business, it might not be cost-effective to be charitable.
As far as Hiding vs. Activism: There's no reason not to do both, and seeing it as either/or is limiting yourself. Most movements of resistance NEED both to move forward. And your assertion about what laws might or might not be passed "soon" is completely unsupported by evidence. Even if it turns out you're right someday, running your life based on what your antagonists MIGHT do is no way to live.
(Assuming that was for me...)
By "hiding" I mean, "taking refuge in some place, where you think Big Brother can't see you, and won't get you".
(Since that, if we just try to "hide" from him, and not fight him, he will dominate society in such a way that he will, definitely, end up being capable of actually knowing everything - and be impossible to fight, any more.)
I didn't mean "not trying to protect, within possible, our communications, and preventing Big Brother from reading (/listening to) them".
Also...
I've, in the meantime, posted a reference to one of the most secure alternative forms of communications that I know of, which has been recommended by (political) authors who have build a (very) credible reputation, over the years - and, whose work every so-called political activist has an obligation to know about.
D'accord.
Yes, limiting yourself to hiding is ultimately pointless and self-defeating.
And complete transparency in one's struggle is generally only possible for true saints.
Most of us occupy some point in between, and this is where I'm hoping that Chris's efforts will be useful.
And, as for "evidence" that soon laws will be passed, that will end the Internet as we know it, (and not mentioning credible sources that I know of, but of which I doubt everyone else, in here, has ever heard of, knows who they are, and what their reputation is) you just have to "connect the dots" between, for example, this two pieces of news:
1) http://www.youtube.com/watch?v=-yp8o2TTee0
2) http://news.cnet.com/8301-1009_3-57565763-83/cyber-9-11-may-be-on-horizon-homeland-security-chief-warns/
There is more to this issue than just the US government's invasion of our privacy. The issue extends to companies such as Google, Microsoft, Apple, Facebook, and others.
They have an incentive to collect, track, and use the information for targeting advertisements, and potentially other purposes. For instance selling this data to governments.
I'm pretty confident that banks and other financial industries are already selling this private data to governments. I don't believe the government needs a warrant to buy this data from private entities. A company can legally give up information they have to an agent of the law without the law getting a subpoena or warrant (with warrants it would be in situations such as another you live with giving permission for a search). If the company refuses then a subpoena is needed.
So protecting yourself from Google, Microsoft, Facebook, and other financial entities is worthwhile. It may not help where a subpoena is issued or illegal collection of data is performed although that data is unlikely to be used in the court of law anyway. While there is still a threat here of that data eventually being used against the people (for instance going after serial murders, 'hackers', smaller financial fraudsters, etc) it is probably not currently being used that way as evidence or we would have heard about it. At least the evidence is not used directly. It may be getting used indirectly (ie leads to crime, though the evidence is not used against the person, the computer obtained thereafter is the evidence used in court).
There have been many creeps though from the beginning. Sections of laws passed after 9/11 did not just include 'terrorists'. It specified in at least some portions at least one other group of people. I'm not talking espionage either. It was something like hackers or serial murders. The point is it was totally and utterly illegal under the constitution.
However this little bit will set precedents for eliminating freedoms for other groups. We have already seen other laws passed which give the government the authority to prosecute people for crimes that travel abroad and commit acts which are only criminal here. This is not in theory legal although exceptions have been introduced to make it so and people are being prosecuted for breaking local laws overseas. People should be outraged over this. A person who visits Amsterdam as an example could be prosecuted for smoking pot after returning to the United States. It may seem reasonable to do for more outrageous or emotional crimes. However this leads to creep and will eventually include copyright infringers, etc. We are actually already seeing that in numerous cases. Right now it is still illegal in theory although that in practice has proven irreverent in other cases (people extradited for selling to countries which are on US trade embargo lists, but the people don't live/work/or even visit here, and so extradition should never happen, but it does, and people get sent to the US to face charges for crimes that didn't exist in the countries they operated from or sold to). If however there are some cases won by defendants in the USA the USA will probably expand the laws which say it is legal to prosecute people for local crimes that don't exist where the 'crime' was committed (think copyright infringement).
Should the United States be extraditing people from countries which are not part of the conventions on copyrights, have no copyright, and broke no laws in the United States? Those countries couldn't prosecute these individuals because these individuals broke no laws. Yet the US can extradite them and then prosecute for laws they weren't suppose to be confined to.
I heard someone say the other night that Americans tend to fear government, while the rest of the developed world fears corporate power. I think that's generally right.
In many ways the federal government is the only protection left to people without power. That's why business is all over Washington with lobbyists and elected shills, trying to mangle and break it.
The current news story unfortunately plays right in to the narrative of government as the bad guy. It's the military-industrial complex part of the government that's playing these games, just like Eisenhower warned us about 50 years ago. I totally agree that there's plenty of reason to try and keep your data and demographics away from anybody that can afford to buy and sell you.
A corporation is the most dangerous with a government; the pair create laws like the DMCA.
I am surprised, nobody has referenced the two recent articles from The Guardian and the Washington Post.
The article in the Guardian starts with:
The National Security Agency has obtained direct access to the systems of Google, Facebook, Apple and other US internet giants, according to a top secret document obtained by the Guardian.
The NSA access is part of a previously undisclosed program called Prism, which allows officials to collect material including search history, the content of emails, file transfers and live chats, the document says.
The Guardian has verified the authenticity of the document, a 41-slide PowerPoint presentation – classified as top secret with no distribution to foreign allies – which was apparently used to train intelligence operatives on the capabilities of the program.
It later describes Prism in these terms:
The Prism program allows the NSA, the world's largest surveillance organisation, to obtain targeted communications without having to request them from the service providers and without having to obtain individual court orders.
With this program, the NSA is able to reach directly into the servers of the participating companies and obtain both stored communications as well as perform real-time collection on targeted users.
Here are some short quotations from the Washington Post:
The National Security Agency and the FBI are tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio and video chats, photographs, e-mails, documents, and connection logs that enable analysts to track foreign targets
the way the NSA extracts what it wants, according to the document: “Collection directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.”
PalTalk, although much smaller, has hosted traffic of substantial intelligence interest during the Arab Spring and in the ongoing Syrian civil war. Dropbox, the cloud storage and synchronization service, is described as “coming soon.”
In four new orders, which remain classified, the court defined massive data sets as “facilities”
According to the slides and other supporting materials obtained by The Post, “NSA reporting increasingly relies on PRISM” as its leading source of raw material
In exchange for immunity from lawsuits, companies such as Yahoo and AOL are obliged to accept a “directive” from the attorney general and the director of national intelligence to open their servers to the FBI’s Data Intercept Technology Unit, which handles liaison to U.S. companies from the NSA. In 2008, Congress gave the Justice Department authority for a secret order from the Foreign Surveillance Intelligence Court to compel a reluctant company “to comply.”
There has been “continued exponential growth in tasking to Facebook and Skype,” according to the PRISM slides.
The Guardian is, here, more precise:
In the document, the NSA hails the Prism program as "one of the most valuable, unique and productive accesses for NSA".
It boasts of what it calls "strong growth" in its use of the Prism program to obtain communications. The document highlights the number of obtained communications increased in 2012 by 248% for Skype – leading the notes to remark there was "exponential growth in Skype reporting; looks like the word is getting out about our capability against Skype". There was also a 131% increase in requests for Facebook data, and 63% for Google.
Back to the Washington Post:
According to a separate “User’s Guide for PRISM Skype Collection,” that service can be monitored for audio when one end of the call is a conventional telephone and for any combination of “audio, video, chat, and file transfers” when Skype users connect by computer alone. Google’s offerings include Gmail, voice and video chat, Google Drive files, photo libraries, and live surveillance of search terms.
“They quite literally can watch your ideas form as you type,” the officer said.
Just like quantumgravity said, I can't afford this amount of money, specially because I don't have a monthly income, and speaking of numbers, 1 USD equals to 2,20 BRL, which means I'll need to donate more than 40 BRL in order to donate 20 USD, this would be easy if I had a monthly income, and if such income would have a personal balance of 200 BRL, so I could pay for such service, donate for some other projects which I like (alternating donations through each of them for each month), and keep 100 BRL for my savings.
Don't worry, I'm not saying that it is expensive, I'm just saying that, since I don't have a monthly income, I can't afford this amount of money.
Best regards, ADFENO.
Have a nice day.
The issue about governments requesting data about the user; there is a very easy solution: Have 500 or whatever cheap usb sticks, one for each user, then if you get a request for the data, the user can choose if you destroy the usb stick. Then, even if they go into the building where the server is located, they cant do anything, even forensicially go through the hard drive
Couldn't Thinkpenguin get in trouble for destroying evidence?
The US government is legally unable to access one's documents without probable cause, or a warrant. The federal government has gotten so out of hand that they have and will try to get the data without either of those.
The Fourth Amendment:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
==============================
>The issue about governments requesting data about the user...
Thinkpenguin could refuse to turn over data without a warrant. That is the responsible thing to do.
==============================
Maybe this could be solved by locating the data-center overseas.
Perhaps the south pole would be a good place; there are no local governments there. ;)