PRISM, privacy, and what you make yourself

If you’ve been reading the Digest for a while, you’ve seen me talk about the value of hosting or running your own services.  It’s not too much of a surprise in my case; if you are working on an open-source operating system, you want to run it.  It’s good to get the experience, and you can run programs the way you want, instead of picking from whatever vendors happen to sell you.

The PRISM disclosure, which I am going to assume everyone is familiar with at this point, is another facet.  Every time you use another company for your email, your entertainment, your software, and so on, their information on you can be accessed.    This isn’t a problem that can be fixed by going from one webmail provider to another.  You can shop around, but notice that the author in that link effectively throws his or her hands in the air and says, “there’s no way out” by the end of the article.  This is because corporations work as collecting agents for the government, even if they don’t plan to do so.

That sounds drastic, but there’s legal frameworks in every country for governments to require companies to give up data on any person, on request.  It happens.  I’ve seen it myself; I worked for Time Warner for several years, tracking down cable modem user information and handing it over as compelled by law.  I know the lawyers at TW Corporate didn’t like doing it, but they didn’t have a choice.  (I have some horrifying stories about what people would do to themselves and each other.)

Companies are increasingly working to create services to sell, not products to buy.  A service never stops being consumed, so it forms an ongoing revenue stream.  I’m not saying this is bad; I firmly believe that a financial incentive to be paid improves services.  However, as only a consumer, you can end up not owning what you use.  Other people have pointed this out, and I don’t want to sound like a frothing crazy person… but it is relevant, though not necessarily as catastrophic as some people pronounce.

What I’m working towards here is a reminder that you should run your own software, and running it on DragonFly is the best way.  (Or some other operating system, I guess.  If you have to.)  Instead of trying to figure out what the least-bad commercial option can be, run it yourself.  Good for privacy, good for learning.  I know that’s not an option for everyone; fighting with Sendmail (for instance) is not an activity that many people pick voluntarily.  But, if you’ve been thinking of setting up a replacement for Google Reader, or hosting your own mail, or own blog, etc… there’s never a better time than now.

(Follow all those links for some good information; consider it an early Lazy Reading post)

 

3 Replies to “PRISM, privacy, and what you make yourself”

  1. The current state of surveillance is the topic of the latest episode of the Security Now podcast. There, it is suggested that PRISM is an optical fiber tap of certain companies. Thus, running own software won’t help against such technology if your hosting provider is affected. If what your software sends is plain text, running your own mail server won’t help you against that kind of surveillance. A transcript of the episode can be found at https://www.grc.com/sn/sn-408.htm.

  2. Where does DragonflyBSD stand on SELinux/TrustedBSD?

    The NSA ‘s reputation is well known.

    Would you take the chance and include software from these people?

  3. “Offclouding” a new buzzword in 3, 2, 1…

Comments are closed.