Bonum Certa Men Certa

TechBytes Episode 82: Richard Stallman on Data Protection, Collective Responsibility as Tyrannical Tool, and Encryption of Data

Techbytes 2013
Direct download as Ogg (00:09:58, 7.4 MB)



Summary: Stallman speaks about security, privacy, networks, and the NSA

TODAY'S part (fifth in this series of interviews) deals with several different topics that Stallman rarely speaks about publicly. The full transcript follows.




Dr. Roy S. Schestowitz: The next bunch of things I'd like to speak about is the data, showing whole data security, I mean, security from the point of view of the user, not security from the point of view of, you know, "national security", which could mean just about anything.

Richard StallmanDr. Richard M. Stallman: I understand.

RSS: The repositioning of the datacentres and the location of datacentres that companies are selecting -- what role do you think that plays in privacy?

RMS: Well, if you're going to deal with a company and it's going to get some personal information about you and that company's servers are hosted by a US company -- whether in the US or not -- then that means that the US government can get all your information.

If a country wants to provide data protection to its citizens, part of their data protection must include not permitting that data to be searched in any way as part of the company's operations, to have [...] fully reliable and cooperating data protection. So for instance, a European company should not be allowed to host its data on an Amazon server.

“...the encryption of a network hub is not something that you can depend on for your own privacy because, you know, if other people are getting on the network hub, they can listen to your packets too, so if you want to maintain your privacy, you do that with something else like communicating with SSH.”
      --Richard Stallman
RSS: There was one case way back in 2008 or so, several of us European people and people in the FFII were trying to encourage the European Commission not to put Google Analytics in its Web site. That was a public service Web site which was providing, using JavaScript, a helluva lot of details about the European citizens accessing the site to a US company. I don't think that's being addressed sufficiently, even now a lot of the servers...

RMS: Well, you're certainly right and I would suggest that if a Web page is set up so that it will provide information [to] these companies, that should be treated as legally equivalent to the case where the operator of that Web page explicitly sent the same data to [these companies] and of course in Europe that would bring the European data protection rules into play and that would say, "no, you can't send this data to Google Analytics or to some advertising network or anyone."

RSS: I want to also ask you about encryption. I'm not sure to what degree you're into, into all these -- I suppose this is an area that enthusiasts in the field of security are very much into -- but several of us people are trying to find reliable encryption, ubiquitous encryption method...

RMS: Well, I can help you find that. I know how to use the GNU Privacy Guard. However, in order to use that you've got to have somebody's public key. So that's why I was wondering if when I go to the UK we might meet and then can I could get your public key.

RSS: We'll probably come to it later, but in the UK we have this big scandal right now about spying on diplomats in the G8 summit and that's probably something that Russia -- I read about it today -- Russia is apparently going to take some legal action over it as well as the NSA leaks. There was spying on people using, basically honeypots as access points, as a way in which it would connect to a wireless access point and of course even if people are using E-mail with SSL/TLS, I'm not sure to what degree this is safe. We know WPA -- WPA2 even -- is crackble. And...

RMS: Well, okay, the point is, the encryption of a network hub is not something that you can depend on for your own privacy because, you know, if other people are getting on the network hub, they can listen to your packets too, so if you want to maintain your privacy, you do that with something else like communicating with SSH.

Now, the relevance of encryption on the network hub -- that's not just a way of controlling who can use it. It's very important for people to maintain Wi-Fi networks without any kind of password, because if you don't, then you're becoming an enforcer in the war on sharing. One way to resist the application of unjust laws such as the Digital Economy Act is by not having a key on your Wi-Fi network.

RSS: That increases the pressure through liability claims, so...

“Collective responsibility is the policy that says, if you don't help keep everyone else subjected, we'll punish you.”
      --Richard Stallman
RMS: Of course, collective responsibility is the tool of tyrants. Collective responsibility is the policy that says, if you don't help keep everyone else subjected, we'll punish you. Right now the UK government is using the system of collective responsibility to divide people and turn everybody into an enforcer against everybody else, and that's why it's people's duty to refuse to do it.

RSS: And I suppose the same...

RMS: ...Wi-Fi that works without passwords, so that they refuse to enforce the system of unjust control on everyone else.

RSS: I totally agree with you and the same was said about the solidarity when it comes to encrypting E-mail. We should make it a standard thing to encrypt our E-mails although, to tell you the truth, I mean, all the encryption methods are based upon industry standards that are accepted at the other end of the line, so when you send somebody an E-mail you have to make sure they have the same decryption methods upon which...

RMS: Right. That's why it's difficult, in practice, to encrypt all our E-mails. We can encrypt E-mail with people that we know and have arranged to exchange keys with. But the other thing to point out is that encrypting E-mail doesn't disguise any of the metadata, so the NSA can still track who sends E_mail to whom, even if the contents are encrypted.

RSS: And I suppose with all the mathematicians at the NSA -- they seem to be hiring quite a few very skilled people who can do analysis on the encryption methods and...

RMS: They've been doing that since 19...

RSS: Fifty?

RMS: 1949 or so.

RSS: I think the NSA was only founded in 19...

RMS: Well, it wasn't then called the NSA, but it doesn't matter. You know, details like where it's put don't matter.




Later today I'll be meeting Stallman in Oxford to get some video interviews done with him. This time the audio quality will be vastly better.

We hope you will join us for future shows and consider subscribing to the show via the RSS feed. You can also visit our archives for past shows. If you have an Identi.ca account, consider subscribing to TechBytes in order to keep up to date.

As embedded (HTML5):





Keywords: gnu fsf richardstallman

Download:

Ogg Theora

Recent Techrights' Posts

"Security Advantages" Explained by a Scammy "Security" Site That Uses LLMs to Spew Out Garbage
destroying the Web by saturating it with "bullshit".
Over at Tux Machines...
GNU/Linux news for the past day
 
Certificate Authority Let's Encrypt Falls to 0.7% in Geminispace (It Was Around 12% Just 2 Years Ago and 7.5% This Past February)
Let's Encrypt is down again
Gemini Links 13/10/2024: Self-hosting Snac2 and Invasion of e-ink
Links for the day
SDxCentral, which the Linux Foundation Paid to Produce Marketing SPAM, Has Now Become Slop (LLM Spew) Disguised as 'Articles'
Google should delist it
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, October 12, 2024
IRC logs for Saturday, October 12, 2024
Links 12/10/2024: More Site Blocking, China's Hostility, and Evan Gershkovich's Upcoming Book
Links for the day
Links 12/10/2024: Boeing to Cut 17,000 Jobs, Medieval Sleeping Habits, Warning About Liquidweb
Links for the day
Links 12/10/2024: Health, Safety and Climate Concerns
Links for the day
Gemini Links 12/10/2024: Ensemble and Assembler
Links for the day
Links 12/10/2024: TikTok Layoffs and Risk of More Wars
Links for the day
IRC Proceedings: Friday, October 11, 2024
IRC logs for Friday, October 11, 2024
Gemini Links 11/10/2024: Against Cynicism, on Atheism, and Dropping Off The Internet
Links for the day
IBM Employees Smell Another Wave of Mass Layoffs (and Explain the Signs)
IBM currently has the policy of hiding the layoffs from shareholders and from the press using NDAs
Links 11/10/2024: Lots More Censorship and Growing Concerns About Health Impact of Social Control Media
Links for the day
Going Almost 4.5 Decades Back to Find 'Dirt' on a Person
That incident was 42.5 years ago. Is that how far some people would go in an effort to discredit a person?
XBox is Dead. This is Just the Beginning.
the main reason Microsoft bought Activision/Blizzard was to hide the growing losses and failure of XBox
The Risk to the "Linux" Brand
Brands that are not guarded from misuse/abuse will inevitably lose their original meaning and their value
Gemini Links 11/10/2024: Deploying Common Lisp Programs and Examining FreeBSD
Links for the day
Links 11/10/2024: Discord Still Blocked in Turkey, Google Might be Split
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 10, 2024
IRC logs for Thursday, October 10, 2024