My phone gives me the creeps.
- Thread starter MaddogOIF
- Start date
The #1 community for Gun Owners in Texas
Member Benefits:
Fewer Ads! Discuss all aspects of firearm ownership Discuss anti-gun legislation Buy, sell, and trade in the classified section Chat with Local gun shops, ranges, trainers & other businesses Discover free outdoor shooting areas View up to date on firearm-related events Share photos & video with other members ...and so much more!
Member Benefits:
"They" don't want you to see it.
It's just scary how little folks care about domestic government spying until they know it's THEM being spied on and includes every little intimate thing they do or send. Then, finally, it's not okay. "You mean they're spying on me and not just someone else?"
Watch the video. They specifically call out Google and how something as simple as "backing up data to a foreign data center", which happens automatically, triggers domestic spying programs that copies your data to NSA servers.
It really blurs the line on who's doing the spying (or facilitating it).
They make those.
Hide From GPS With This Signal-Blocking Phone Case | Popular Science
http://www.amazon.com/Anti-tracking-Anti-spying-Signal-Blocker-Faraday/dp/B00FN88K06
Or you can make your own.
KILLYOURPHONE.COM
The biggest problem is that you need to turn the phone off before it goes in the bag. If you don't, it constantly searches for signal and eats up the battery charge in record time.
I'm well aware. Thus, everything I copy to a foreign data center is encrypted on my machine before it goes out over the wire. That's such a basic security protocol, I'm surprised that it's not baked into every application in existence. Then again, 2 seconds of inconvenience to the consumer will kill an application in the marketplace.
Someday, people will take data security seriously. By then, it'll be too late. A very good argument can be made that we reached that point quite some time ago and that the general population still hasn't awoken to that fact. Pretty sad, if you ask me.
Honestly I'm not computer literate enough to encrypt everything that doesn't already have the option, and I've always considered my behavior around electronics responsible until I realized they literally listen to my conversations.
Unless those corporations want an audit or to have their licenses not be renewed, they will facilitate it. They are legally protected from being sued for privacy breaches if those breaches are from colluding with the government.
...or they'll make encryption of "unapproved" traffic illegal. Remember how the government freaked out when a couple dozen people started sending PGP emails?
Mexican_Hippie
TGT Addict
Or they'll just make a government version of a tool like Bluecoat on steroids.
SSL visibility will be "All Encryption Visibility" to them.
SSL visibility will be "All Encryption Visibility" to them.
That's exactly what China did.
Do we all know how to make our own certs?
I had never put any thought into it before, but actually needed to for the first time earlier this month. Linux makes some things very easy, lol...
I usually buy them from the corner store.
When encrypted traffic goes between you and the web (and it's mostly encrypted, these days), there's a certificate (or several) that ensures you're actually connected to the entity you think you're connected to. Typically, these certs are obtained through a Certificate Authority (CA) who is trusted by your browser. You've probably seen some logo for Verisign when you've made on online purchase, for example. Verisign is a CA.
However, you don't have to use some universally trusted, centralized CA. You can make and sign your own certificate. Then when someone visits your web site, their web browser will present them with a "Danger, Will Robinson!" warning that the web site they're accessing requires they accept a certificate from some unknown party. That's not a problem within a big organization or between people that already know each other in real life. So doing it yourself is often useful.
I've set up intranet sites in a large organization. I've also done limited-access sites intended to be accessible over the internet for just an hour or two. Doing it yourself is pretty normal in cases like those.
Read the first section of this page for a longer explanation: How to create a self-signed Certificate
Or, if you'd like a slightly better but longer explanation that goes a bit farther afield, using less technical language, try: SSL: Who Do You Trust? | The Data Center Overlords
However, you don't have to use some universally trusted, centralized CA. You can make and sign your own certificate. Then when someone visits your web site, their web browser will present them with a "Danger, Will Robinson!" warning that the web site they're accessing requires they accept a certificate from some unknown party. That's not a problem within a big organization or between people that already know each other in real life. So doing it yourself is often useful.
I've set up intranet sites in a large organization. I've also done limited-access sites intended to be accessible over the internet for just an hour or two. Doing it yourself is pretty normal in cases like those.
Read the first section of this page for a longer explanation: How to create a self-signed Certificate
Or, if you'd like a slightly better but longer explanation that goes a bit farther afield, using less technical language, try: SSL: Who Do You Trust? | The Data Center Overlords
Mexican_Hippie
TGT Addict
And guys that aren't familiar, just to add...
Companies do stuff like this legitimately.
Because after the data is accessed the malware will encrypt the data when sending it back to their collection servers or mother ship. If you aren't looking at encrypted data leaving your network then you will have unauthorized data exfiltration (aka your shit will be ganked without you knowing).
Companies do stuff like this legitimately.
Because after the data is accessed the malware will encrypt the data when sending it back to their collection servers or mother ship. If you aren't looking at encrypted data leaving your network then you will have unauthorized data exfiltration (aka your shit will be ganked without you knowing).
Mexican_Hippie
TGT Addict
And if you're at a decent sized company you will be regularly compromised. It's just a matter of how big and what they got to. That's why there's so much focus on shortening response times.
Members online
- OutlawStar
- Texasgordo
- smittyb
- justmax
- blueangel64
- kbaxter60
- recoveringyankee
- msharley
- Polkwright
- gasgas
- AZ Refugee
- Maverick44
- toby1
- roadkill
- 13centkiller
- jrbfishn
- alternative
- myroverleaks
- sparkyv
- Brassguy
- Coonan357
- black_ice
- Wiliamr
- Tex62
- innominate
- Big Dipper
- Wmb556
- tinplas
- buckshot4900
- Fletcherjl
- RickLovesBacon
- GaryS
- Johnny Diamond
- TexMex247
- Emow
- NakPPI
- glenbo
- Cooper
- Armybrat
- JC1
- Txhighlander
- cfish1963
- leVieux
- Pachucko
- Texas Pistolero
- Maxrobot
- Ausländer
- paknheat
- xkon
- Txdweeb
