Hello folks,
I've written an open letter to Internet Citizens about the importance of privacy in the Internet Age.

Document is attached to this message. Have a nice reading.
Thanks in advance for attention.

Giovanni

Link to the letter: http://twocentssecurity.wordpress.co...about-privacy/

Hi Giavanni,

maybe talking about TrueCrypt is not a good idea anymore

You're right.
I've written this letter like a week before what happened to TC. By the way, at moment I really haven't understood how situation has evolved neither the motivations of the TC shutdown (considering 200chars sms like banner not properly a "motivation").
So, for now, I've strikethrought the text... waiting for more news.
The updated document is published on my blog here:
http://twocentssecurity.wordpress.co...about-privacy/

Thanks for the reply
Have a nice week end!

I think the truecrypt issue highlights the importance of privacy and how it can quickly and stealthily be taken away.

Unfortunately, there is also no guarantee that your data cannot be decrypted using some backdoor or supercomputer designed for such a thing.

I wish you'd just publish the text of it on your blog.

This is a good point but encryption is everything we have. We have only to hope that it is properly implemented.

As even Snowden highlighted: encryption works but is end-to-end security that is poor and systems are hijackable to make encryption useless.

We hope that Linux encryption implementation (like LUKS and eCryptFS) will be better than TC one.

---------- Post added 31st May 2014 at 18:37 ----------

Done right now! Thanks for the advice.

http://twocentssecurity.wordpress.co...about-privacy/

It's good but it concerns only cryptography. "RichGuy" not only eavesdrops on your conversations, but also knows the full content of your address book and has a 24/7/365 record of every place you physically have been, within 7 feet or so.

The true vulnerability is not simply whether a particular message can or can't be intercepted as it passes through a public network. The problem is that you literally are bugged, and vast amounts of information are being collected about you without your knowledge or consent, and that this information is "promiscuously disseminated" by persons unknown and is virtually unprotected. It is treated as merely "marketing information."

Facebook and their kind are confidently anticipating that billions of people throughout the planet will soon accede to this level of corporate eavesdropping. They give little thought – as, apparently, do many nations – to the disastrous ways in which such a trove of information can be and therefore one day will be used. You, a lowly "marketing data-mining analyst," find that you have access to petabytes of the most-intimate details about the daily lives and interconnections of billions of otherwise-strangers. Or, in the case of an ordinary mom-n-pop company like a grocery store, at least hundreds-of-thousands of people in a particular city. (The reason given for collecting GPS data about a shopper is, say, to figure out where they're standing in your store while they're in your store ... but the data is being collected around the clock, and stored forever, and someone has access to it all.

The consequences of this "will take everyone completely by surprise," of course. Except that it shouldn't. Anyone can see it plain. It's the dark side of the shiny new coin that we are all admiring, and it's inseparable from that coin.

Hi sundialsvcs,
I totally agree with your analysis!
The data harvested from our devices is really exceptional and is directly provided by us, paying it with features or latest jeweled device that we must buy to exhibit on the next party.
I have a smartphone but his invasive behavior has convinced me to use it like a tablet and use a 10$ small brick cellphone to perform calling and messaging.

As in this way, I’ve not installed on it facebook and twitter apps because of their privilege requests and disabled all of feedback and position tracking (even the music player asked me to access to my GPS position... Why the hell????). In fact I’ve a camera with a browser (that analyze remotely the url I intend to visit), that’s really limiting for the device but it’s really some kind of spyware at service of Big Data.

Where encryption doesn’t work or isn’t enough we need common sense but, I think, this is really hard to achieve because it’s not an app to install. Tracking features, remote data backups are presented like features and from one side of the medal they really are! So people are not aware (as you’ve said... they should be aware, because nothing is hidden) of the other part of the medal and will no more renounce to all the beautiful features of the phone. Yet once aware of the profiling behaviors of these features, they prefere to continue to use them.

This way I always talk about “Soft Brother”, because that’s not a central eye that places control devices everywhere but the controlled ones carry the bugs with them and they are happy to do so: happy to upload on the Internet more particulars about their life than they need. People share everything on social networks and they seems really happy. Someone is sharing addicted: Big Data rises.

But exiting from Big Data is not easy even for people aware of this problematic. Cutting of latest Internet Based technology, credit card and internet services that use them or the user address etc... even the supermarket card or the digital camera’s that leaves metadata for every our sight. That’s impossible if we want to participate to society how is built now, so we need to rise our rights to be considered as persons and not data for algorithms to be processed.

Obvuiously encryption works for data that we own and we want to keep private... useless for data we spontaneously/unconsciously share.

I think that we've simply failed to recognize that "vast amounts of highly-sensitive information," such as a running record of every place your body has been in the last year, sampled once a minute (or more) within 7-foot accuracy, no longer qualifies as "marketing data." It is no longer adequate for that data to be available to a "big-data analyst" who's located god-knows-where to do with as he likes.

Such an accumulation of data should be "over-the-Top Secret," and we'd better be about figuring that out before someone does the dastardly (and very creative) thing that, we can unfortunately be absolutely-certain, will be done with it.

This is nobody's "first rodeo," so we should all just stop pretending that "nobody has any idea" what else can – and therefore, will – happen. You can think of lots of very-nasty ways to creatively use this capability, which has never existed before, against its bearer. It's human nature ... not the human nature we like to think about, but human nature nonetheless ... for awful crimes to be committed where opportunity exists and preparedness and vigilance does not. Therefore, it is a foregone conclusion that such a use merely hasn't happened yet, and, as I've said, "I've got zero tolerance" for the idea that it ever will. We are neither blind, nor naïve, nor stupid. We do have the capability and know-how to legally restrict the collection and dissemination of mass-data, and to make those restrictions stick. The danger is "clear and present."