There are plenty of ideas for addressing the surveillance problem but perhaps it is time to take a step back and look at the "big picture". In any conflict, no matter how big or small, there is considerable advantage in having advance knowledge of your opponent's intentions. In military conflicts the invention of telegraph, radio, aircraft and satellites has more or less solved the problem with blindly marching into an area and getting annihilated. Nobody ever suggested that these technologies should be banned in order to create a level playing field.<p>It is going to be the same patttern with all forms of electronic communication. The spectre of weapons of mass destruction (anything that can kill more than one person at a time) is the justification/motivation for government and law enforcement to monitor everything online. Whether it has merit is kind of besides the point. It is an advantage, perceived or otherwise, that is not going to be given up, under any circumstances.<p>Another part to this is whether conspiring online actually constitutes a crime. People can chat all day about terrorist plots but until someone actually goes out and starts building a bomb or procuring weapons has a crime really taken place? Only when a society can decide on the answer to this question will it be possible to address online surveillance.
I think the best approach is P2P decentralized and mesh-networked apps running locally, licensed under the Affero GPL. That way there is no profit (or gov't) center which can collect data. And any user with the app can get the source code (per the Affero GPL). Developers can monetize their apps either with paid support/development services or by accepting cash (in lieu of a 'proof of work' by solving hashes) to be let on the mesh networks for their apps.
While is support premise of the article, I have difficulty in accepting the fact that our democratically elected and funded government will continue to spy on us and is beyond our control.
FYI, you can start helping right away! There's the Aaron Swartz Memorial Hackathon starting tonight that has topics focusing on privacy and anonymous publications.<p><a href="https://www.noisebridge.net/wiki/Worldwide_Aaron_Swartz_Memorial_Hackathon_Series" rel="nofollow">https://www.noisebridge.net/wiki/Worldwide_Aaron_Swartz_Memo...</a>
I want to reiterate one line of thought that's been seen here before but bears repeating: you should not give your data to Google, Facebook, or any other commercial entity just as much as you don't want NSA to have it. While NSA may have political motives and thus may use illegally obtained information for political ends, Facebook et al. could use it for reasons that serve their economic gain. That's a conclusion that's just as undesirable (if not moreso) than NSA using it.<p>I don't see a very good future of fighting the 'surveillance internet' if we don't face the notion that once data is out there -- of lots of people, in one place -- NSA will always be interested in it and will probably get it. Pragmatically speaking, pulling out of Facebook, Google, etc. is the only surefire way to fight the surveillance internet.
While we are playing cat-and-mouse with our own government, why don't we also make the NSA's activities illegal and/or enforce existing laws which already state as much?<p>Articles like these presume that it is OK for the government to access whatever it can technically get its hands on, in spite of Constitutional constraints and laws that do or should state otherwise.
I understand that these guys are different from a random group of guys part of Anonymous or something like that, but still, is this comment relevant at all to the situation? As in, is the end result inevitable?<p><a href="https://news.ycombinator.com/item?id=4100100" rel="nofollow">https://news.ycombinator.com/item?id=4100100</a>
<i>“Fundamentally, surveillance is a business model of the Internet. The NSA didn’t wake up and say: ‘Let’s just spy on everybody, it said: ‘Wow, corporations are spying on everybody, let’s get ourselves a copy,’ ”</i>
There are ways to make the Internet much more secure than it is today, and implement them <i>tomorrow</i>, with existing protocols and encryption methods. It's just a matter of browser vendors, hosting companies and websites agreeing to do it.<p>That being said, I hope IETF starts working on a new highly secure Transport layer protocol to replace TCP, within the next 5 years, and I hope they use Dan Bernstein's CurveCP [1] for inspiration.<p>We need the Internet encrypted and secure <i>by default</i>, and I don't care what Google or other advertising companies have to say about it. Adapt or die. Security of the web and the protection of the human right to privacy is way, way more important in my book. If they choose to fight such a move, instead of adapting and actually supporting it, then they will have become the <i>enemy</i>, and they'll end up on the wrong side of history.<p>So IETF's goal should be to get everyone to switch to these more secure, already existing protocols, and implement them within a year, or two at most.<p>In the meantime work on replacing TCP within the next 5 years, and also think about ways to create a new secure-by-default and easy to implement, IP-level protocol, to be used within 10-15 years.<p>If we are to "take the Internet back", then it needs to stop being such an easy tool for mass surveillance, so in a way, we need to replace all of its insecure parts.<p>[1] - <a href="http://curvecp.org/" rel="nofollow">http://curvecp.org/</a>