Monthly Archives: September 2013

Morning Roundup

So, I’m again listening to David Sedaris’ book, Let’s Explore Diabetes with Owls, and just got to the bit where he’s talking about going on book tours. The passage where he describes his restrictions and arbitrary rules (smokers got priority on one tour, as they are going to die sooner so their minutes of life are more precious, etc.) is funny to me and at first I thought it was an instance of something being funny because it is mean. Now, maybe there’s an element of that, but I think I like it because it’s not just being mean; here’s a guy who’s an entertainer, setting up some rules that are not the conventional rules of entertainment. He’s asserting that, sure, he’s there to interact with people, but he’s asserting some boundaries. I choose to see it as a declaration, “I am not television, I am live and in-person, and you had best pay attention to that.” It makes me want to come up with some equally unusual rules for when my genius wife starts going on book tours.

Also, I just took the Beeb’s news quiz and apparently my head was nowhere in the game this week. Random chance would do better than my score. I hope that means I’m better at piping.

Security Is Not a Compiler Flag

With the ongoing brouhaha surrounding the NSA’s surveillance of everyone, everywhere, I’ve got a few friends who are getting excited about figuring out how to secure their email. I kind of want to tell them that their questions, which boil down to, “How can I send secure email,” are, in the words of Mr. Norrell, “Wrong questions.” Sure, you can use a program like GPG to encrypt your messages. But you couldn’t be bothered to use it before now; why will you use it now?

Anything that goes over the public Internet could be intercepted and looked at by Bad Guys. That’s always been true. The trust that meant we didn’t use HTTPS for most things was founded on this idea that “the government” wasn’t going to sniff everything unless someone went to a judge and convinced the judge that you were doing something nefarious. Or at least that there was some compelling reason to violate your right to privacy and security in your person and property. What the NSA has demonstrated is that the U.S. government, at least, doesn’t give a shit about that civil liberty. Going for a technical fix – making your email communications really secure and private – isn’t doing anything to address that breach of trust. You may have secure email (but I bet you won’t, or not for long) but the government is still cast in the role of “Bad Guy.”

The right question is, “How can we trust the government, any government, not to be a Bad Guy?” GPG isn’t going to fix that, and neither is Javascript encryption of your webmail. Yes, if you actually care about the secrecy of your messages, you should encrypt them. But beyond that, you should be telling your government to get back to doing the right thing, which is protecting your civil liberties, not violating them. For me, the real question, the one beyond email privacy, is, “What other rights do you think you have but which the government doesn’t agree?” Like, for instance, your right to free speech, a speedy trial, right to counsel, trial by jury, freedom from quartering soldiers, or right to due process. You aren’t going to get the answer to that question from Javascript. You’re going to get that answer by pinning your representative down and insisting that your government do what it’s supposed to do and stop doing what it’s not supposed to do.

Talk to your representatives. Support organizations that advocate for your rights. Like, for instance, the EFF and the ACLU.