The Eternal Value of Privacy, an essay by Bruce Schneier

This is a couple of years old, but bears repeating here in-full. With the recent news that travelers’ laptops and effects may be indefinitely detained at the border, the issue of our basic human right to privacy rears its head again.

” Federal agents may take a traveler’s laptop or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed.

Also, officials may share copies of the laptop’s contents with other agencies and private entities for language translation, data decryption or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, U.S. Customs and Border Protection and U.S. Immigration and Customs Enforcement.”

Original essay from Bruce follows:

The Eternal Value of Privacy
Bruce Schneier Email 05.18.06

The most common retort against privacy advocates — by those in favor of ID checks, cameras, databases, data mining and other wholesale surveillance measures — is this line: “If you aren’t doing anything wrong, what do you have to hide?”

Some clever answers: “If I’m not doing anything wrong, then you have no cause to watch me.” “Because the government gets to define what’s wrong, and they keep changing the definition.” “Because you might do something wrong with my information.” My problem with quips like these — as right as they are — is that they accept the premise that privacy is about hiding a wrong. It’s not. Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.

Two proverbs say it best: Quis custodiet custodes ipsos? (”Who watches the watchers?”) and “Absolute power corrupts absolutely.”

Cardinal Richelieu understood the value of surveillance when he famously said, “If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged.” Watch someone long enough, and you’ll find something to arrest — or just blackmail — with. Privacy is important because without it, surveillance information will be abused: to peep, to sell to marketers and to spy on political enemies — whoever they happen to be at the time.

Privacy protects us from abuses by those in power, even if we’re doing nothing wrong at the time of surveillance.

We do nothing wrong when we make love or go to the bathroom. We are not deliberately hiding anything when we seek out private places for reflection or conversation. We keep private journals, sing in the privacy of the shower, and write letters to secret lovers and then burn them. Privacy is a basic human need.

A future in which privacy would face constant assault was so alien to the framers of the Constitution that it never occurred to them to call out privacy as an explicit right. Privacy was inherent to the nobility of their being and their cause. Of course being watched in your own home was unreasonable. Watching at all was an act so unseemly as to be inconceivable among gentlemen in their day. You watched convicted criminals, not free citizens. You ruled your own home. It’s intrinsic to the concept of liberty.

For if we are observed in all matters, we are constantly under threat of correction, judgment, criticism, even plagiarism of our own uniqueness. We become children, fettered under watchful eyes, constantly fearful that — either now or in the uncertain future — patterns we leave behind will be brought back to implicate us, by whatever authority has now become focused upon our once-private and innocent acts. We lose our individuality, because everything we do is observable and recordable.

How many of us have paused during conversation in the past four-and-a-half years, suddenly aware that we might be eavesdropped on? Probably it was a phone conversation, although maybe it was an e-mail or instant-message exchange or a conversation in a public place. Maybe the topic was terrorism, or politics, or Islam. We stop suddenly, momentarily afraid that our words might be taken out of context, then we laugh at our paranoia and go on. But our demeanor has changed, and our words are subtly altered.

This is the loss of freedom we face when our privacy is taken from us. This is life in former East Germany, or life in Saddam Hussein’s Iraq. And it’s our future as we allow an ever-intrusive eye into our personal, private lives.

Too many wrongly characterize the debate as “security versus privacy.” The real choice is liberty versus control. Tyranny, whether it arises under threat of foreign physical attack or under constant domestic authoritative scrutiny, is still tyranny. Liberty requires security without intrusion, security plus privacy. Widespread police surveillance is the very definition of a police state. And that’s why we should champion privacy even when we have nothing to hide.

Syndicated 2008-08-02 14:52:42 from random neuron misfires

Meebo; A good idea, poorly-implemented

A friend of mine suggested I try migrating away from Pidgin on Windows, gaim and Skype on Linux, to “Meebo“, a web-based IM aggregation service. Basically you create a Meebo account, then add all of your AOL AIM, ICQ, Yahoo! Messenger, Jabber, Google Chat accounts, and you get them in one single interface.

Sounds simple, right? Wrong.

The interface is VERY buggy on Firefox, and they force these repeated, annoying blog postings at you. You can’t disable them, you can’t turn them off, and you’re shown the same blog post hundreds of times, until they make another post, and then you’re shown that one hundreds of times too. You can’t avoid them, and that is my biggest pet-peeve with the service.

I’ve already reported that particular annoyance, but of course nothing is done about it. The Meebo blogs are write-only. Nobody there actually reads the comments or responds to them, let alone do anything about things posted in the comments. Not a very useful way to use a blog, that’s for sure.

Yes, Meebo is “free” (questionably), but it isn’t providing anything more than what I get with the other clients, and in fact, it provides me a lot LESS features.

It is, as my friend says in another context: “…a good idea, poorly implemented.“. The opposite of that corollary of course would be “…a bad idea, well-implemented“. Meebo is a great concept, riddled with ads, forced blog postings in popups, and too many bugs to recount here.

So let’s enumerate the bugs I’ve found so far with Meebo:

1. Unnecessary use of (broken and poorly-written) Javascript everywhere in the application and the UI. Why do simple hrefs require javascript to function? Please stop doing that. The web has used hrefs and links for over a decade without needing to resort to Javascript to make them work. If you must, provide a proper fallback to allow them to continue to function without making insecure javascript a requirement.
2. Annoying spam popups every time you log in, shown hundreds of times until the next blog spammer adds a new entry, and then you get that popup a few hundred times. This problem is easily solved with simple user-side or server-side cookies (preferably both). I don’t think the Meebo developers have mastered basic web development yet though, because they seem to have skipped the class on these 10+ year old technologies.
   
3. Very confusing UI elements. For example, when I log on, I have two buttons at the bottom of the “buddy list” window: One labeled “Sign on” (I’m already signed on), and one labeled “Sign off”. Why not have one button there labeled “Sign off”. Since the buddy list is not shown when you’re logged off, having a “Sign on” button there is flat-out silly. These buttons (and their associated actions), belong at the TOP of the screen, where the other actions are (”accounts”, “preferences”, “help” and so on).
   
4. There’s some sort of useless slidey window thing at the bottom of the screen, which by default is empty, and expanded. It has a chevron that lets me minimize it, but the next time I log out and back in, it is expanded (”open”?) again, and I’m shown the same popup blog post that I’ve already seen for the last 40 times I logged in. What this little slidey window is for, I simply do not know. It isn’t labeled, and there is never anything at all inside of it.
   
5. Can’t sort buddy names by alphabetical, last-seen, most-recently used, etc.
6. Can’t block/kick/ban buddy names (to stop the incoming flood of ICQ spammers)
7. Can’t set any specific sounds for specific users or groups. This is HIGHLY useful if you’re working in another tab, and want to only be notified by sound, or a specific sound, when a particular user contacts you.
8. Likewise, you can’t disable sounds on a per-protocol or per-buddy basis.
9. No search of chatlogs
10. Inconsistent chat log history
11. No way to purge chat logs older than ‘n’ hours/days/weeks/
12. And last but not least… no SSL support! EVERYTHING IS SENT IN THE CLEAR! This means I can sit at Panera bread in the parking lot and log every single chat conversation everyone is having over Meebo. This is just an enormous oversight on their part. If you’re going to aggregate multiple usernames/passwords into a web interface, the VERY FIRST thing you should do, is lock it down behind https (SSL).

In short, Meebo is completely useless, unless you’re a one-to-one chatter using MySpace or Facebook, don’t care about security or privacy and only want a simple “text messaging” interface similar to what you have on your mobile phone.

I refuse to go back to Pidgin/gaim, because of the children running that project now. Those kids can’t make up their minds anymore, and have alienated a lot of potential supporters and developers with their bad choices, ignorance and broken egos.

So I’m still on the prowl for a proper, multi-protocol IM client that doesn’t get in my way or force-feed me things I didn’t ask for. Simple, lean and functional.. that’s all I want or need.

Syndicated 2008-07-04 20:00:34 from random neuron misfires

Organizing a LARGE amount of TrueType fonts on Linux

Over the last decade or more, I’ve been doing graphic design for friends, family, clients and other people personally and professionally. In that time, I’ve been asked to match this font face or that font in a photograph. In that time, I’ve amassed a HUGE collection of fonts that allows me to do that; 19,980 fonts to be exact in my current collection.

There’s a great tool on the web called “What the Font?” that I often use for exactly this purpose. What you do is upload a piece of your graphic that includes the font you want to identify and their application asks you some basic questions (“Is this an ‘r’? Does your ‘a’ look like this? or this?”), and then it tells you which font is most-likely being used in that image/graphic. It’s an absolutely invaluable tool when you’re trying to match existing fonts for a piece of work you didn’t create.

When I make graphics with my tools (gimp, Adobe Creative Suite 3 (CS3), ufraw, etc.), I embed the name of the font I used in the comment meta data of the graphic file itself, so if I go back 6 months or a year later, I can figure out exactly what font I used when I created it.

But 19,980 fonts is LOT of fonts to go through and keep organized. I generally keep these stashed away in $HOME/.fonts/ so I can use them in my normal applications on my Linux machine and so they’re backed up with $HOME during the normal backup intervals. They are all sitting in one big directory so fontconfig and Xorg can use them.

But to use these with any sort of graphic editor (such as the gimp) takes forever to process them at load time. I needed to make that more manageable and speed things up.

Enter a quick bash hack:

cd ~/.fonts/
shopt -s nocaseglob
for font in {a..z}; do rsync -avP ${font}*ttf ${font}; done;

What this does is go through all of my fonts in $HOME/.fonts/ and put them into a directory beginning with the first letter of the font name. All fonts that begin with ‘A’ or ‘a’ are now in ~/.fonts/a/ and so on. Much cleaner and easier to organize. it also makes it easier to pack up these files into a .zip or .7z archive for later use.

Syndicated 2008-06-23 01:54:22 from random neuron misfires

John McCain Robs More of Our Freedom With His Indecisiveness

We thought Bush was a major flip-flopper, but John McCain is proving to be even worse!

At hand (and close to my personal privacy heart) is the Hoyer Fisa bill which would grant retroactive immunity to the telecommunications companies who are guilty of unlawfully wiretapping millions of innocent United States citizens for the last several years.

The bill cleared the House by 293 to 129, with near-unanimous support from Republicans and substantial backing from Democrats. It now goes to the Senate, which is expected to pass it next week by a wide margin. Here’s the state-by-state breakdown of that voting:

At least my state representatives saw fit to vote against this measure, though they were in the minority overall. Only only vote in CT for the measure was from Republican Christopher Shays. The other votes were all against the measure, and all from Democrats.

Against: CT-1 - John Larson [D], CT-2 - Joe Courtney [D], CT-3 - Rosa DeLauro [D], CT-5 - Christopher Murphy [D]</code>

For: CT-4 - Christopher Shays [R]

Representative John Boehner of Ohio, the Republican minority leader had this to say on the matter.

“Our intelligence officials must have the ability to monitor terrorists suspected of plotting to kill Americans and to safeguard our national security…” [...] “This bill gives it to them.”

But apparently the candidate for the Republican nomination for President, John McCain has said:

“…we shouldn’t grant immunity to the telecommunications industry”

No, wait, I mean..

“we should grant immunity to the telecommunications companies”..

But..

“…the wiretapping was legal anyway”.

No, wait… on second thought,

“…maybe it wasn’t”.

He flips. He flops. He flips. He flops. It’s like a Fisher Price children’s toy. He can’t make up his mind at all or stick to his position. What an invertebrate. There’s an even scarier example of his flip-flopping that might open your eyes even wider.

Do you really want this person at the helm, guiding this country through the next 4 years, with all of the complicated and blended political, moral, social and economic issues facing the world?

Here is a brief video of Dennis Kucinich arguing against changes to FISA…

<object width="425" height="344"><param name="movie" value="http://www.youtube.com/v/lM2HLbcUafA&hl=en"></param><embed src="http://www.youtube.com/v/lM2HLbcUafA&hl=en" type="application/x-shockwave-flash" width="425" height="344"></embed></object>

This is proving to be a very interesting debate indeed.

At least the Democratic nominee Barack Obama has publically stated there is “little doubt” that the Bush Administration, with the cooperation of major telecommunications companies…

“has abused [its] authority and undermined the Constitution by intercepting the communications of innocent Americans without their knowledge or the required court orders.”

“Given the legitimate threats we face, providing effective intelligence collection tools with appropriate safeguards is too important to delay. So I support the compromise, but do so with a firm pledge that as president, I will carefully monitor the program.”

“[The bill] does, however, grant retroactive immunity, and I will work in the Senate to remove this provision so that we can seek full accountability for past offenses.”

“Freedom is a muscle. It only gets stronger the more you use it.”

Let’s start using it!

Syndicated 2008-06-22 16:37:25 from random neuron misfires

The Decline of Democracy in 2008 and Beyond

Cyanide & Happiness @ Explosm.net

Don’t stand by and do nothing this year. Do something to change the future for ourselves and for our children.

Syndicated 2008-06-21 23:12:54 from random neuron misfires