I’m in favor of net neutrality for a lot of reasons; a personal reason is that I rely on fair and open transport of my bits to work overseas. If you happen to find this little screed, you can also thank net neutrality for doing so as any argument for neutrality will likely be made unavailable by the ISPs that should charge exorbitant rents for their natural monopolies and would be remiss in their fiduciary responsibility should they fail to take every possible step to maximize shareholder value, for example by permitting their customers access to arguments contrary to their financial or political interests.
I sent the following to the FCC 5. I am not, I’m sorry to say, optimistic.
Please protect Net Neutrality. It is essential to my ability to operate in Iraq, where I run a technical security business that relies on access to servers and services in the United States. If access to those services becomes subject to a maze of tiered access limitations and tariffs, rather than being treated universally as flat rate data, my business may become untenable unless I move my base of operations to a net neutrality-respecting jurisdiction. The FCC is, at the moment, the only bulwark against a balkanization of data and the collapse of the value premise of the Internet.
While I understand and am sympathetic to both a premise that less government regulation is better in principal and that less regulated markets can be more efficient; this “invisible hand” only works to the benefit in a “well regulated market.” There are significant cases where market forces cannot be beneficial, for example, where the fiduciary responsibility of a company to maximize share-holder value compels exploitation of monopoly rents to the fullest extent permitted by law and, where natural monopolies exist, only regulation prevents those rents from becoming abusive. Delivery of data services is a clear example of one such case, both due to the intrinsic monopoly of physical deployment of services through public resources and due to inherent opportunities to exert market distorting biases into those services to promote self-beneficial products and inhibit competition. That this might happen is not idle speculation: network services companies have routinely attempted to unfairly exploit their positions to their benefit and to the harm of fair and open competition and in many cases were restrained only by existing net neutrality laws that the FCC is currently considering rescinding. The consequences of rescinding net neutrality will be anti-competitive, anti-productive, and will stifle innovation and economic growth.
While it is obvious and inevitable that network companies will abuse their natural monopolies to stifle competition, as they have attempted many times restrained only by previous FCC enforcement of the principal of net neutrality, rescinding net neutrality also poses a direct risk to the validity of democracy. While one can argue that Facebook has already compromised democracy by becoming the world’s largest provider of news through an extraordinarily easily manipulated content delivery mechanism, there’s no evidence that they have yet exploited this to achieve any particular political end nor actively censored criticism of their practices. However, without net neutrality there is no legal protection to inhibit carriers from exploiting their control over content delivery to promote their corporate or political interests while censoring embarrassing or opposing information. As the vast majority of Americans now get their news from on-line resources, control over the delivery of those resources becomes an extraordinarily powerful political weapon; without net neutrality it is perfectly legal for corporations to get “their hands on those weapons” and deploy them against their economic and political adversaries.
Under an implicit doctrine of net neutrality from a naive, but then technically accurate, concept of the internet as a packet network that would survive a nuclear war and that would treat censorship as “damage” and “route around it automatically,” to 2005’s Madison River ruling, to the 2008 Comcast ruling, to 2010’s Open Internet Order the internet has flourished as an open network delivering innovative services and resources that all businesses have come to rely on fairly and equally. Overturning that historical doctrine will result in a digital communications landscape in the US that resembles AT&Ts pre-breakup telephone service: you will be permitted to buy only the services that your ISP deems most profitable to themselves. In the long run, if net neutrality is not protected, one can expect the innovation that has centered in the US since the birth of the internet, which some of us remember as the government sponsored innovation ARPAnet, to migrate to less corporatist climates, such as Europe, where net neutrality is enshrined in law.
The American people are counting on you to protect us from such a catastrophic outcome.
Do not reverse the 2015 Open Internet Order.
below is a .cmd script for uninstalling all the known telemetry updates (so far) in Windows 7. These telemetry updates are spyware Microsoft is installing on your computer to send data back to Microsoft. They have recently begun installing tools to exfiltrate your private files and log your keystrokes to their servers.
While there are people who think Windows 10 is a normal upgrade, there are nations that formally disagree. If you care about privacy; your privacy, your private files, your passwords, accounts, personal data, love letters, medical information, financial information, browsing history, private pictures, etc. not falling into either corporate or criminal hands (via soon to be exploited security holes created by these exfiltration tools) you should consider removing all known telemetry tools from windows 7 and never updating to Windows 10. And consider suing Microsoft.
If you don’t care about privacy at all, I hear Windows 10 has a pretty GUI.
This script removes all the telemetry (trojan horse) “updates” Microsoft has tried to sneak in so far.
@echo off echo Uninstalling KB3075249 (telemetry for Win7/8.1) start /w wusa.exe /uninstall /kb:3075249 /quiet /norestart echo Uninstalling KB3080149 (telemetry for Win7/8.1) start /w wusa.exe /uninstall /kb:3080149 /quiet /norestart echo Uninstalling KB3021917 (telemetry for Win7) start /w wusa.exe /uninstall /kb:3021917 /quiet /norestart echo Uninstalling KB3022345 (telemetry) start /w wusa.exe /uninstall /kb:3022345 /quiet /norestart echo Uninstalling KB3068708 (telemetry) start /w wusa.exe /uninstall /kb:3068708 /quiet /norestart echo Uninstalling KB3044374 (Get Windows 10 for Win8.1) start /w wusa.exe /uninstall /kb:3044374 /quiet /norestart echo Uninstalling KB3035583 (Get Windows 10 for Win7sp1/8.1) start /w wusa.exe /uninstall /kb:3035583 /quiet /norestart echo Uninstalling KB2990214 (Get Windows 10 for Win7) start /w wusa.exe /uninstall /kb:2990214 /quiet /norestart echo Uninstalling KB2952664 (Get Windows 10 assistant) start /w wusa.exe /uninstall /kb:2952664 /quiet /norestart echo Uninstalling KB3075853 (update for "Windows Update" on Win8.1/Server 2012R2) start /w wusa.exe /uninstall /kb:3075853 /quiet /norestart echo Uninstalling KB3065987 (update for "Windows Update" on Win7/Server 2008R2) start /w wusa.exe /uninstall /kb:3065987 /quiet /norestart echo Uninstalling KB3050265 (update for "Windows Update" on Win7) start /w wusa.exe /uninstall /kb:3050265 /quiet /norestart echo Uninstalling KB971033 (license validation) start /w wusa.exe /uninstall /kb:971033 /quiet /norestart echo Uninstalling KB2902907 (description not available) start /w wusa.exe /uninstall /kb:2902907 /quiet /norestart echo Uninstalling KB2976987 (description not available) start /w wusa.exe /uninstall /kb:2976987 /quiet /norestart echo Uninstalling KB2976978 (compactibility update for Windows 8.1) start /w wusa.exe /uninstall /kb:2976978 /quiet /norestart echo Uninstalling KB3102810 (update for "Windows Update") start /w wusa.exe /uninstall /kb:3102810 /quiet /norestart echo Uninstalling KB3112343 (Windows Update Client for Windows 7) start /w wusa.exe /uninstall /kb:3112343 /quiet /norestart echo Uninstalling KB3135445 (Windows Update Client for Windows 7) start /w wusa.exe /uninstall /kb:3135445 /quiet /norestart echo Uninstalling KB3123862 (Windows Update Client for Windows 7) start /w wusa.exe /uninstall /kb:3123862 /quiet /norestart echo Uninstalling KB3081954 (Telemetry Update for Windows 7) start /w wusa.exe /uninstall /kb:3081954 /quiet /norestart echo Uninstalling KB3139929 (Get Windows 10 update for MSIE) start /w wusa.exe /uninstall /kb:3139929 /quiet /norestart echo Uninstalling KB3138612 (Windows Update Client for Windows 7) start /w wusa.exe /uninstall /kb:3138612 /quiet /norestart echo Uninstalling KB3138615 (Windows Update Client for Windows 8.1) start /w wusa.exe /uninstall /kb:3138615 /quiet /norestart echo Uninstalling KB3150513 (Compactibility Update (another GWX) for Windows 7/8.1) start /w wusa.exe /uninstall /kb:3150513 /quiet /norestart echo Uninstalling KB3133977 (buggy update) start /w wusa.exe /uninstall /kb:3173040 /quiet /norestart echo Uninstalling KB3139923 (Another GWX for Windows 7/8.1) start /w wusa.exe /uninstall /kb:3139923 /quiet /norestart echo Uninstalling KB3173040 (Another GWX for Windows 7/8.1) start /w wusa.exe /uninstall /kb:3173040 /quiet /norestart echo Uninstalling KB3083710 (Another GWX for Windows 7/8.1) start /w wusa.exe /uninstall /kb:3083710 /quiet /norestart echo Uninstalling KB3083324 (Another GWX for Windows 7/8.1) start /w wusa.exe /uninstall /kb:3083324 /quiet /norestart echo Uninstalling KB3050267 (Another GWX for Windows 7/8.1) start /w wusa.exe /uninstall /kb:3050267 /quiet /norestart echo Uninstalling KB3035583 (Another GWX for Windows 7/8.1) start /w wusa.exe /uninstall /kb:3035583 /quiet /norestart echo Uninstalling KB3021917 (Another GWX for Windows 7/8.1) start /w wusa.exe /uninstall /kb:3021917 /quiet /norestart echo Uninstalling KB3146449 (Another GWX for Windows 7/8.1) start /w wusa.exe /uninstall /kb:3146449 /quiet /norestart echo Uninstalling KB3044374 (Another GWX for Windows 7/8.1) start /w wusa.exe /uninstall /kb:3044374 /quiet /norestart echo Uninstalling KB3075249 (Another GWX for Windows 7/8.1 start /w wusa.exe /uninstall /kb:3075249 /quiet /norestart echo Uninstalling KB3123662 (Another GWX for Windows 7/8.1 start /w wusa.exe /uninstall /kb:3123662 /quiet /norestart
If you haven’t already, turn off Windows update now. Microsoft has recently started installing Windows 10 spyware without consent. A good friend of mine had a bunch of systems at the company where he runs IT hacked by Microsoft over the weekend, which broke the certificate store for WPA-2 and thus their wifi connections.
To be clear, Windows 10 is spyware. Microsoft has changed their business model from selling a product to selling data – your data – to whoever they want. Windows 10 comes with a EULA that gives them the right to steal everything on your computer – your email, your private pictures, your home movies, your love letters, your medical records, your financial records – anything they want without telling you. “If you’re not paying for the product, you are the product.”
If this happens to you, I suggest contacting your state attorney general and filing a complaint against Microsoft. Hopefully a crushing class action suit or perhaps jail time for the executives that dreamed up this massive heist will help deter future corporate data thieves, though that’s certainly irrational optimism.
I wish I could recommend switching to Linux for everyone, but there’s a lot of software that still depends on Windows and a lot of users that will have a hard time migrating (developers: please stop developing for Microsoft). Apple seems unequivocally better in refusing to act as key player in bringing about Total Information Awareness. I’m not a huge fan of their walled garden and computers as overpriced fashion accessories approach, but it is far better than outright theft. For those that are slightly computer savvy, there’s Linux Mint, which is quite usable and genuinely free.
These instructions might help prevent that disaster of an update being visited upon you (and possibly law enforcement visits to come after Microsoft starts sifting through all your datas and forwarding on whatever they find). The latest reports suggest they aren’t enough, but it is the best I have found other than isolating your windows box from the internet completely.
The latest auto update to Enigmail, the essential plugin for Thunderbird for encrypted mail, is a fairly dynamic project that occasionally makes UI and usability decisions that not everyone agrees with.
Why? OK – PGP/MIME leaks less metainformation than inline PGP, but at the expense of compatibility. K9 should support PGP/MIME, but it doesn’t. Enigmail should have synchronized with K9 and released PGP/MIME when mobile users could use it.
But encryption people often insist that the only use case that matters is some edge case they think is critical. They like to say that nobody should read encrypted mail on a mobile device because the baseband of the device is intrinsically insecure (all cell phones are intrinsically insecure – phones should treat the data radio as a serial modem and the OS and the data modem should interact only over a very simple command set – indeed, the radio should be a replaceable module, but that gets beyond this particular issue).
For now, make sure your default encoding is Inline-PGP or you’ll break encryption. Encryption only works if it is easy to use and universally available. When people can’t read their messages, they just stop using it. This isn’t security, this is a mistake.
Signal is an easy to use chat tool that competes (effectively) with What’sApp or Viber. They’ve just released a desktop version which is being “preview released/buzz generating released.” It is developed by a guy with some cred in the open source and crypto movement, Moxie Marlinspike. I use it, but do not entirely trust it.
I’m not completely on board with Signal. It is open source, and so in theory we can verify the code. But there’s some history I find disquieting. So while I recommend it as the best, easiest to use, (probably) most secure messaging tool available, I do so with some reservations.
- It originally handled encrypted SMS messages. There is a long argument about why they broke SMS support on the mailing lists. I find all of the arguments Whisper Systems made specious and unconvincing and cannot ignore the fact that the SMS tool sent messages through the local carrier (Asiacell, Korek, or Zain here). Breaking that meant secure messages only go through Whisper Systems’ Google-managed servers where all metadata is captured and accessible to the USG. Since it was open source, that version has been forked and is still developed, I use the SMSSecure fork myself
- Signal has captured all the USG funding for messaging systems. Alternatives are not getting funds. This may make sense from a purely managerial point of view, but also creates a single point of infiltration. It is far easier to compromise a single project if there aren’t competing projects. Part of the strength of Open Source is only achieved when competing development teams are trying to one up each other and expose each other’s flaws (FreeBSD and OpenBSD for example). In a monoculture, the checks and balances are weaker.
- Signal has grown more intimate with Google over time. The desktop version sign up uses your “google ID” to get you in the queue. Google is the largest commercial spy agency in the world, collecting more data on more people than any other organization except probably the NSA. They’re currently an advertising company and make their money selling your data to advertisers, something they’re quite disingenuous about, but the data trove they’ve built is regularly mined by organizations with more nefarious aims than merely fleecing you.
What to do? Well, I use signal. I’m pretty confident the encryption is good, or at least as good as anything else available. I know my metadata is being collected and shared, but until Jake convinces Moxie to use anonymous identifiers for accounts and message through Tor hidden nodes, you have to be very tech savvy to get around that and there’s no Civil Society grants going to any other messaging services using, for example, an open standard like a Jabber server on a hidden node with OTR.
For now, take a half step up the security ladder and stop using commercial faux security (or unverifiable security, which is the same thing) and give Signal a try.
Maybe at some later date I’ll write up an easy to follow guide on setting up your own jabber server as a tor hidden service and federating it so you can message securely, anonymously, and keep your data (meta and otherwise) on your own hardware in your own house, where it still has at least a little legal protection.
Never trust your business, applications, or critical data to a cloud service because you are at the mercy of the provider both for security and availability, neither of which are terribly likely. Cloud services are the .coms of the 2nd decade of the 21st century, they come and go and with them so go your data and possibly your entire enterprise. Typically the argument is that larger brands are safer, that a company like Google would not wipe out a service leaving their customers or partners high and dry, that they would be safe.
That would be a false assumption.
It is necessary to understand the mathematics of serial risk to evaluate the risk-weighted cost of integrating a cloud-provisioned service into a business. It is important to note that this is entirely different from integrating third party code, which just as frequently becomes abandonware; while abandonware can result in substantial enterprise costs in engineering an internally developed replacement it continues to function, a cloud service simply vanishes when the provisioning company “pivots” or craters, instantly breaking all dependent applications and even entire dependent enterprises: it is a zero day catastrophe.
Serial risks create an exponential risk of failure. When one establishes a business with N critical partners, the business risk of failure is mathematically similar to RAID 0. If each business has a probability of failure of X%, the chances of the business failing is 1-(1-X/100)^N. If X is 30% and your startup is dependent on another startup providing, say, a novel authentication mechanism to validate your cloud service, then the chances of failure for your startup rise from 30% to 51%. Two such dependencies and chances of failure rise to 64% (survival is a dismal 36%).