apexalpha a day ago

I can't speak for the US but this man has shifted so much of the political debate in my country and I think also in the EU in general. If you talked about the massive surveillance from governments people tossed you aside as a paranoid lunatic. After Snowden no one could ignore you anymore and privacy is an aspect in any public debate.

  • GordonS a day ago

    Can I ask what country this is in?

    Here in the UK, nothing had changed, and any debate that wasn't centred around condemning Snowden and justifying the actions of the security services, was very short lived.

    • tomatocracy 20 hours ago

      I'd disagree that nothing has changed. Consciousness of the fact that mass surveillance is happening is much more widespread, and gets brought up in passing from time to time. People have changed their behaviour somewhat - eg many now try to use encrypted communications quite consciously and even Signal has become quite popular for example. It's influence thinking over e.g. use of facial recognition cameras in public places which is unpopular.

      And whilst what eg GCHQ actually do hasn't really changed much as far as I can tell, it's been brought onto an "open" legal footing which is progress. The next step will be for the legal safeguards which are currently rather toothless to evolve to have real teeth. I think that will happen eventually but it'll be a slow journey to get there.

      • yuduhhrhr 17 hours ago

        It's amazing how people still believe government laws will protect them from spy agencies.

        The CIA spied on the Senate and nothing happened.

        Naive in the extreme. So naive its hard to believe the opinion is genuine and not Astro turf.

        • bori5 16 hours ago

          If voting made a difference, they would have outlawed it years ago.

    • rmc 4 hours ago

      Much much more websites are HTTPS now. LetsEncrypt was set up, and browsers are better at HTTPS. That benefits people in the UK. "Encrypt everything" was a result of knowing the NSA were hooving everything up.

    • rmc 4 hours ago

      In the EU, the revelations from Snowdon were successfully used in the data protection cases which overturned the Safe Harbour exemption.

  • jonahbenton a day ago

    Is that the case for both govt and private corporate surveillance? How widespread is the use of Alexa in your area?

    • ptero a day ago

      The key difference is that you can decide not to buy corporate products you do not want, but have to comply with the laws. I am a lot less concerned about stupid things done by a majority for convenience (and I can choose whether to do participate or not) than about the law that forces the same stupidity down my throat. My 2c.

      • dredmorbius 20 hours ago

        you can decide not to buy corporate products

        That's a fallacy by both choice and externality.

        There are cases in which there is no choice but to use specific corporate products, or in which choices are made without an individual's consent or involvement.

        Karen Sandler, co-host (with former FSF directory Bradley Kuhn) of the "Free as in Freedom" podcast has an implanted, closed-source proprietary medical device. She can literally chose between non-free software (which includes surveillance), or death.

        https://sfconservancy.org/news/2018/mar/26/sandler-fsf-free-...

        Emergency medical services, government contracts, third-party contracts by various firms and organisations, third-party use of Gmail either directly or as a hosted email service (see Benjamin Mako Hill's "Google has most of my email because it has all of yours": https://mako.cc/copyrighteous/google-has-most-of-my-email-be...), and the issues of spillover externalities (Amazon Ring doorbell surveillance, third-party tracking of mobile phone SIMs, MACs, and Bluetooth signatures, facial surveillance) mean that, no, actually, you cannot decide not to participate in corporate surveillance.

        And, as a final point, both government and corporate surveillance and oppression very often speak to the same underlying dynamic: that of power to defend both itself and its wealth and/or golden geese. Examples are numerous, though the Johnson County War would be a good case history: https://en.wikipedia.org/wiki/Johnson_County_War

        Let's please put this canard in its well-deserved grave and bury it.

        • ekianjo 18 hours ago

          You cannot escape it completely but you can certainly reduce your exposure. I don't think the parent was talking in binary terms.

          • mjparrott 14 hours ago

            Each year you can do less and less to limit your exposure. That argument will not old up over time. When IOT and 5G puts more devices online all of these things can be used for surveillance. This argument is not fair or realistic when looking forward a year or two.

          • wwweston 16 hours ago

            This is essentially true of government surveillance as well. Not really a surprise, since most modern state surveillance issues are essentially about ways in which private and public/state power cooperate.

            The overarching point is that it's naive to consider issues of privacy particularly distinct in the public or private sphere. Neither market nor political power are trivial to escape (and they have other things in common). Individual opt-outs will only get you so far from either a Google scale or state scale operation.

        • CamperBob2 18 hours ago

          There are cases in which there is no choice but to use specific corporate products

          "No choice" in the sense that you lose business, lose touch with your high school classmates, or are forced to go out and pick up your own food from the restaurant down the street?

          Or "no choice" in the sense that people show up at your door with guns?

          What a privilege it is to be able to casually use the same language to describe such disparate outcomes.

          • dredmorbius 18 hours ago

            I've already given a literal life-or-death example above, which didn't involve guns.

            Strategems in which individuals are denied the very fundamentals of life, food, shelter, work, engagement in civic, social, commercial, or cultural practices, access to courts, institutions, and the like, without overt threats of violence, are far more effective than guns.

            to fight and conquer in all your battles is not supreme excellence; supreme excellence consists in breaking the enemy's resistance without fighting

            https://suntzusaid.com/book/3

            • halr9000 18 hours ago

              Your life or death scenario is an edge case with its own special complexities which should not be lumped in with discussions of the vastly voluntary choices we can make. Healthcare is heavily regulated as we all know. This raises the barrier to entry to new competitors, and leads to a less dynamic market where the status quo can last a long long time. So you end up with only 1 or a very small number of medical devices (with the associated software) for a given situation.

              I would expect that the greater debate on privacy will, over time, hopefully lead to some changes in how we are able to control the data generated by our bodies. Until that happens, I’m going to take the thing that saves my wife’s life with the potential for some shadiness or simple distaste at what may happen to her data, or, I might look at it as her voluntary consent which was fully given with her and my knowledge well ahead of time — helps to save others lives, and some loss of control of that data is actually quite noble.

              As you might guess, I started at the abstract, but ended up at the concrete, and my wife really does have such a device, similar to your example. And I also work in big data analytics industry, and get involved in these sorts of discussions pretty often.

              • loup-vaillant 17 hours ago

                Okay, let's try a concrete example: Gmail. Let us agree that the point of Gmail is to read people's email so it can send targeted adds. That automating the process (since human employees don't directly read that email) makes the thing more efficient, and thus worse, as well as easier to misuse.

                Let us agree that I can indeed avoid having a Gmail account. Can I realistically avoid sending email to a Gmail user?

                Nope.

                There are just too many users. Maybe I can avoid sending mail to <anything>@gmail.com (though not responding to one will invariably be perceived as incredibly rude), but I cannot avoid having Gmail users send email to me. I cannot realistically notice ahead of time that [email protected] is actually using a Gmail server under the hood, and not send the email. I cannot prevent Gmail users from talking about me.

                I can reduce my exposure, but there are limits to what I can reasonably do. Your usage of Gmail is hurting my privacy. Okay, not yours, but definitely half of my friend's. I can't realistically ask them to either stop using Gmail, or stop interacting with me, now can I?

                Let us agree that individual choices and individual actions don't work.

                • emmelaich 13 hours ago

                  > more efficient, and thus worse,

                  You'll have to detail this particular implication.

                  I for one would think the opposite.

                  * also FWIW, IIRC, they don't read email for ads any more.

                • CamperBob2 17 hours ago

                  That automating the process (since human employees don't directly read that email) makes the thing more efficient, and thus worse, as well as easier to misuse.

                  While I agree with your larger point, I don't agree with this subjective value judgement and am not sure why it's necessary to lump it in with the rest of your (valid) points. Why do I want to see ads for things I'm not interested in? How is that in any way "better?"

                  What I definitely don't want is unauthorized humans reading my email. (Even so, I have to assume that is exactly what will happen whenever I type or dictate anything into a computer. I've operated on that basis since before GMail, Google, or even the civilian Internet existed.)

                  • loup-vaillant 14 hours ago

                    I live in the EU, and as such am pretty much nameless for any Google employee. It's not like they would disrupt my personal life. Automated reading however, scales. The damage to any individual is lowered, but it is also multiplied by the number of users. Reliably so.

                    And now they have a mighty powerful pattern matching machine, they can easily ask more than where I could possibly spend money. They could ask for my political affiliations, or my sexual orientation, my social network (who knows, I may be related to the second or third degree to some nefarious terrorist?).

                    That last one is very worrying. Especially since recently, my country (France) is being eerily harsh with political opponents. I've just read a story about a journalist (whose income happens to come from YouTube & donations), who is being judged for… gang theft (the pun also works in French), risking up to 75.000€ in fines and 5 years of imprisonment, just because he covered the unhooking of a 8€ portrait of our current president in a Town Office (which usually have president's portraits, but this is not mandatory). Unhooking, they reportedly did not even take the portrait.

                    So yeah, I'm more and more worried about giving our governments the means to apply their increasing insanity. Sure, having an individual reading my private email is unacceptable, but that risk is getting smaller and smaller, in comparison, to the mass surveillance that automation enables.

              • bkuhn 16 hours ago

                Your life or death scenario is an edge case with its own special complexities which should not be lumped in with discussions of the vastly voluntary choices we can make.

                Karen's and my 2019 FOSDEM keynote (and accompanying podcasts) discuss her struggles with the medical device industry and how those struggles relate to the larger set of choices related to technology that we make. This isn't an issue that lends itself well to short-form discussion. The issues are quite complex:

                https://archive.fosdem.org/2019/schedule/event/full_software...

                https://archive.fosdem.org/2019/interviews/bradley-m-kuhn-ka...

                http://faif.us/cast/2019/jan/13/0x60/

                http://faif.us/cast/2019/feb/19/0x61/

                http://faif.us/cast/2019/mar/12/0x62/

                http://faif.us/cast/2019/mar/20/0x63/

            • CamperBob2 17 hours ago

              I've already given a literal life-or-death example above, which didn't involve guns.

              But it was far too specific (and frankly too obscure) to serve as a general basis for argument. Pacemakers used to run on plutonium. Should that influence the larger debate over nuclear power versus fossil fuels?

              If someone has to use a pacemaker or insulin pump that runs proprietary software, that's unfortunate as far as it goes, but the patient himself/herself is fundamentally fortunate to have that option. It would perhaps be better to focus on developing open-source alternatives than to rail against a particular manufacturer's policy... except the (captive) regulators will have something to say about that, won't they? Specifically, what they will have to say about the idea of an open-source pacemaker is "No."

              What you are complaining about in this specific instance isn't corporate policy, but government policy. I'm actually very sympathetic to your argument, personally. I've made the point many times that any sufficiently-dominant corporation is indistinguishable from a government. But you need to be careful to identify the party who is actually forcing or denying choice.

              • loup-vaillant 17 hours ago

                > Specifically, what they will have to say about the idea of an open-source pacemaker is "No."

                Not specific enough. What they would most likely object to is code you can modify. Code you can inspect on the other hand is a whole 'nother business. And one could easily guarante their pacemaker runs the code the manufacturer says it runs, by having reproducible builds, signing the source & binary, and have the device itself communicate (at least) a version number.

                Being able to modify the source would be potentially even better, but if we could at least inspect it, then we would know of bugs & vulnerabilities (some of which have affected Karen Sandler in the past), and the manufacturer would have no choice but be shamed and correct the error.

          • LMYahooTFY 16 hours ago

            So the argument is not invalid, but you take issue with it because you can imagine someone in a worse situation somewhere in the world? I fail to see the point of your comment, this is not a UN hearing regarding some oppressive regime.

            If you require home internet access to do your 30k salary job, you move into an apartment, and they tell you you have one option for internet access, you have literally been restricted to a single corporate product and subject to surveillance.

      • kareemm a day ago

        The problem is that you can't always opt out of someone else's decisions.

        Example: Doorbell Cams taking video of you walking by, uploading it to a corporate database, identifying you using photo recognition algorithms and your location using the home's address, and using that information to sell you things.

        • ptero a day ago

          Fair. But even this (at least in the US) is the flip side of the laws that in public areas I can take any photos that I want. And I generally like this setup -- I can snap pictures of friends and kids without worrying about proving my right to take those photos).

          This should not be taken for granted -- in the UK I was twice (very politely) asked to leave because I was taking a picture and apparently a gov't building was in the background (and you need a permission to photograph those!!) and the second time because a school volleyball competition was played in the background. This is stupid because if I did it with a phone instead of a DSLR no one would notice.

          Maybe some limits on commercial photography in public spaces makes sense, but I would not go as far as putting strong limits on it altogether. My 2c.

          • jonfw 20 hours ago

            I don't think that limiting the photography or the means of the data collection is the solution. The law is going to have to apply post-mining.

            In my opinion, we need to start treating data about users as intellectual property. Generally speaking, you don't have to worry about intellectual property when you're doing something personal. I can say "Just do it" all I want. In the same vein, I can make casual observations about random people on the street without having to worry about violating their privacy (that guy has cool shoes!). But if I start to use "just do it" in my business marketing materials, I'll be in trouble. Similarly, if I start keeping a database of somebody's shoes every time I see them so I can try to sell them something, that should be illegal.

          • chenning 19 hours ago

            Think of everything you would have to do to avoid being surveilled today. Heck, think about everything you would have had to do even 40-50 years ago. I think the issue is not wether or not you can avoid being surveilled. I think that debate is largely settled. So the next logical question is, what are the rules governing access to that data? At what point do you need consent and from whom do you need consent? I think the fear, sadly, is that even if we come up with rules there is the challenge of how to apply them retroactively or in a backwards-compatible way. It's quite possible that we now we significant portions of the economy relying on companies having unfettered access to their data. I see parallels between this and the shift to renewable energy. Revenue from oil companies is tightly woven into the fabric of the US economy in many ways.

          • mindslight a day ago

            Photography in public places is a separate issue from long term stocking by companies. One can enable the other, but this does not mean they are equivalent. It's a very American fallacy to overextrapolate an individual right into a justification for commercial totalitarianism. But if an individual person were to suddenly start following you around and photographing you every few minutes, you would rightfully complain to the police. That this is being done at scale and for a profit motive should make it more worrying, not normalize it.

        • mlyle a day ago

          That's the thing.

          All of our legal precedent about privacy, law enforcement surveillance, commercial data gathering, etc, really dates to the 1800's and early 1900's when things were fundamentally different. There is a qualitative difference when information can be automatically processed in aggregate.

          I don't really care about individual corporate -- or LE -- surveillance actors if the data is partitioned over many and requires real subpoena power or active, limited sharing. If there's thousands of cameras owned by homes and businesses in my town, and everyone uses the pictures on their own for their own purposes, and law enforcement occasionally asks for and/or subpoenas the data when it'd be particularly useful and there's at least some suspicion-- that's great.

          On the other hand, when we automatically read license plates and form a big database about where everyone goes every day, that's not so great. When individuals are all subject to mass-scale surveillance that we use with data processing and machine learning to manipulate those people-- that's not so great either.

        • roenxi a day ago

          > using that information to sell you things.

          The horror.

          The threat isn't corporations. The threat is when the government goes rogue as governments tend to do unpredictably from time to time. The threat materialises in the government using private corporation data to target arbitrary minorities (although usually the educated, wealthy, foreign and free-spirited).

          People seem to think that because it "could never happen here" they can just ignore the possibility. Then it turns out that that sometimes it can.

          Privacy isn't just about the world as it stands today. Privacy is an acknowledgement that the present and the future are linked and that the future may be profoundly different from today. People aggressively selling you things is more harassment.

          • mindslight a day ago

            > The threat isn't corporations

            In a thread about surveillance, why are you drawing a dichotomy between different surveillers and basically giving one a pass? They're both prongs of the same threat! On the collection side, every bit vacuumed up commercially is available for use by the government. And on the use side, there is little difference between a government proper and corporations that have achieved enough power to exert de facto governmental control - especially when colluding through a common third party.

            • roenxi a day ago

              Corporate surveillance is only a problem because it will sooner or later feed in to government surveillance. If I could wave a wand and stop that happening I'd be fine with corporate surveillance; I'm annoyed but not threatened by the idea that someone will study my every movement trying to sell me things I want. I'm threatened if the extremely arbitrary government decides that I'm an undesirable for some reason.

              > corporations that have achieved enough power to exert de facto governmental control

              Might be a failure of the imagination, but I really can't see myself ever getting involuntarily dragged out of my apartment by McDonalds employees. The worst I've ever seen a corporation do is set the police on someone. As long as the government is functioning sensibly a rogue corp can only do so much.

              • rtikulit 20 hours ago

                Surveillance by corporations is also used for: - creating, maintaining and exploiting information asymmetry - manipulating markets, fostering rent-seeking - finding new ways of externalizing costs that escape easy detection - polluting honest policy debate - manipulating the democratic decision-making process - avoiding responsibility for malfeasance - etc, etc, etc, etc, etc and yet more etc

                On the large scale, I do not want these entities to have access to weapons-grade behavioural models. On the small scale, I do not want them to have compromising information about individual behaviour. They will use whatever leverage they gain to enrich themselves far beyond their utility.

              • throw0101a 21 hours ago

                > ... trying to sell me things I want.

                "want". Do you actually desire them, or were you persuaded/tricked into it? :)

                Also do not underestimate the influence of corporations:

                * https://en.wikipedia.org/wiki/William_Randolph_Hearst#Spanis...

                * https://www.newyorker.com/news/daily-comment/kochland-examin...

                • roenxi 14 hours ago

                  I honestly don't have a problem being persuaded into wanting something and being 'tricked' is either fraud or the wrong word. I don't agree that advertising is somehow a mind control technique. It is very effective, but being persuaded to do and not do things is part of how I want to operate. If someone makes a case that something is a good idea I'll go with it.

                  It seems to me that if an advertiser can convince me to spend money then I wish they'd done it sooner. I can easily imagine having bought my first smartphone after seeing an ad. It wouldn't be a trick.

                  Corporations are worth keeping an eye on, but governments are more unreliable, less governable and generally have larger professional military. And if a corporation acts it is usually in concert with a government.

                  • throw0101a 4 hours ago

                    > Corporations are worth keeping an eye on, but governments are more unreliable, less governable and generally have larger professional military. And if a corporation acts it is usually in concert with a government.

                    Are you an American? :)

              • somebodythere 20 hours ago

                In the same vein, corporate surveillers are roughly bound by law; government surveillers... aren't.

                For example, EU corporations are required by GDPR to comply with deletion requests, unless they are asked to retain the data by a government.

              • mindslight 20 hours ago

                Simply asserting that you're somehow impervious to corporate power is not an argument. Individuals only have the absolute power to not transact in an ideal market where there is vibrant competition for your business, and our real market is far from ideal.

                1. Persistent psychological manipulation (advertising), including political manipulation, based on knowing your weaknesses better than you know yourself.

                2. Punitive insurance rates based on unreasonable inferences, especially for mandatory insurances. Like say doubling your auto insurance rate for buying more than a few beers per week. Or your health insurance going up due to buying power tools.

                3. Blacklisted and prevented from working industry wide. A good concrete example I got from HN just the other day: https://en.wikipedia.org/wiki/Consulting_Association .

                4. Prevented from or price-gouged when using vital services. For example - the unbanked (ChexSystems), recent Internet censorship (Visa/MC), Internet service ("six strikes").

                The issue isn't the straw man of being "dragged out of your apartment by McDonalds employees", but rather being prohibited from buying food due to being uniformly banned from McDonalds, Burger King, and Walmart - say you've previously shoplifted but have served your sentence, are simply wrongly accused, or perhaps just didn't respect a sign saying to take off your sunglasses.

                I know you're likely to respond to these by defining them away as not being problems in your paradigm, but paradigms are only as good as their constructive results. Our current politicatastrophe is basically due to people clinging to their chosen paradigm way past its utility. FWIW our modern society is indistinguishable from a "Libertarian Paradise" where USG is a private corporation that owns everything and who've you've contracted with to be here. An axiomatic approach of morality-by-construction doesn't work - the only way is to judge qualitative situation.

                • jonfw 20 hours ago

                  > Punitive insurance rates based on unreasonable inferences, especially for mandatory insurances. Like say doubling your auto insurance rate for buying more than a few beers per week. Or your health insurance going up from buying a power tools.

                  Is it just supposed to be self-evident that those inferences are unreasonable?

                  I've always thought that this was an interesting argument. If there is some form of correlation with beer consumption and and car accidents, wouldn't it make sense to adjust your estimated risk based on that information?

                  I do find it self-evident that that would be a bad thing, but I also have a hard time putting my finger on why.

                  • autoexec 17 hours ago

                    > If there is some form of correlation with beer consumption and and car accidents, wouldn't it make sense to adjust your estimated risk based on that information?

                    Nope. Because it's flawed reasoning. If many people who get into accidents were driving drunk and everyone who drives drunk buys beer it might seem logical to increase rates for everyone who buys beer, but people who drive drunk are only a small percentage of the people who are beer buyers. That kind of reasoning seems more likely to be a weak justification to raise rates for a large number of people than a reasonable response to a trend.

                    • jonfw 13 hours ago

                      This is assuming that auto insurance isn't a competiitve industry. If a company attempts to raise rates because of a trend that doesn't actually exist, they will inevitably not be competitive with companies that recognize that the trend doesn't exist, and thus it won't change prices for the consumer.

                      If the insurance companies could arbitrarily raise rates due to a trend that doesn't exist, than they would have already done so. These companies know their margin and they don't bid above that if they want to be competitive.

                      • autoexec 13 hours ago

                        > If a company attempts to raise rates because of a trend that doesn't actually exist, they will inevitably not be competitive with companies that recognize that the trend doesn't exist,

                        that assumes that all companies involved aren't doing the same thing. Corporations figured out a long time ago that when one of their competitors does something that makes them more money at the expense of their customers they could start doing the same thing to their own customers and profits increase for everyone without risking prices being driven down by a truly competitive market. The insurance industry in particular is has a long history of shady practices from good old fashioned collusion and price fixing to new techniques like data mining to charge customers different rates depending on where they live, what jobs they have, or how often they're willing to change insurance companies.

                        • jonfw 13 hours ago

                          If you have reason to believe that the insurance industry is colluding to artificially inflate prices, that's a criminal accusation. If you want to make criminal accusations you start with evidence.

                          In my view, the insurance industry looks competitive, which means that even though these shady practices happen they can't effectively dictate the entire market.

                  • sverige 19 hours ago

                    Buying beer is legal. Driving while sober is legal. Assuming you have no record of driving drunk, any such alleged correlation should not be used to inflate insurance rates, unless you're also willing to say that other correlations of increased risk are also fair game, even if they're based on race or sexual orientation or income or education level or politics or any other characteristic that can be measured and grouped into risk categories.

                    One of the tendencies of the neo-puritanism that has become prominent in the last decade is a real willingness to abandon any boundaries that have kept corporations from using certain kinds of information against individuals -- boundaries that were in large part legislated during the civil rights era.

                    • jonfw 13 hours ago

                      It's not illegal to be a male, and my insurance premium still raises because of it.

                      It's the job of the insurance company to accurately assess risk and charge me that plus their margin. If the companies can more accurately assess risk, than that makes insurance a less volatile and therefore cheaper market.

                      Insurance companies don't have access to the actual root causes of accidents. They have no measure of my driving skill or risk tolerance or attention span. They just estimate based on some really primitive data they have about me. What's the harm in including more data?

                  • mindslight 18 hours ago

                    The problem is that "correlation" seems objective and mechanical, but the model itself carries the bias by choosing which overly simplistic factors are relevant.

                    Directing focus at "people who drink a lot of beer" means considering people who who drink a lot of beer at home as guilty by association, ultimately due to the subjective priorities of whomever pushed for that model.

                    Obviously in the expected value sense, charging on correlations is lucrative for the company (as is any justification for raising prices on a set of customers if your competitors do it too). But in the exact same way as saying certain zip codes are more likely to default on a loan, which we rightfully reject.

                    • jonfw 13 hours ago

                      Your model sucks if you are arbitrarily choosing factors. You choose the factors with the most significant correlations, because those correlations are least likely to be "overly simplistic".

                      Why would we reject that zip codes are more likely to default on a loan? Seems like information I would like to be aware of if I was a home lender.

                      I certainly look at crime rates of a community before I live there. While a bad crime rate certainly doesn't make potential neighbors "guilty by association", it certainly increases the likelihood that one of my neighbors might be actually guilty.

          • rjf72 18 hours ago

            It's ironic to see a comment like this in a thread on Snowden. It's remarkable how quick we are to forget about things such as PRISM [1]. PRISM is a government-corporate surveillance coop. Players include Apple, Google, Microsoft, and many others. Capabilities described in slides never intended for public access indicate unilateral access by the NSA to "extensive, in-depth surveillance on live communications and stored information" with examples including email, video and voice chat, videos, photos, voice-over-IP chats (such as Skype), file transfers, and social networking details.

            Especially in modern society government and corporate interests are increasingly interweaving. And I'm no more comforted by governments having access to dystopic levels of personal information than I am by corporations having that access. It just so happens that, in practice, there's no difference anyhow.

            [1] - https://en.wikipedia.org/wiki/PRISM_(surveillance_program)

            • vkou 17 hours ago

              PRISM was an internal NSA web-form for sending what was considered (by some, but not tested in courts) to be legal data access requests to US cloud app providers.

              It was a f---ing web-form for sending targeted, narrowly-scoped, legal notices. Nothing more, nothing less. It was not some magical all-seeing Eye of Sauron that gave the NSA a backdoor into every word you ever said online, your blood type, and the number of nose hairs that you plucked this morning.

              The really illegal backdoor, unscoped intercepts, including the cable taps, were done without the consent of most (all?) of the companies in question, and were not done through PRISM, but rather through physical access to, say, cross-datacenter cables, straight up hacking, and similar means.[1]

              [1] See: SSL added and removed here :v) https://blog.encrypt.me/2013/11/05/ssl-added-and-removed-her...

              • rjf72 7 hours ago

                This is completely incorrect.

                To start with "IS, not WAS". PRISM hasn't gone anywhere and the most reasonable path here is to expect it's only substantially grown - as it already was doing at the time of its initial reveal. This [1] is a snippet of the PRISM collection overview. Data is sent straight from the partners to a DITU - data intercept technology unit which then processes the data in various ways before being sent on for further processing to appropriate nodes and ultimately becoming searchable through PRISM.

                An example of a DITU is here [2]. Microsoft provides unencrypted access to the NSA to user emails. One slightly tricky thing here was Microsoft deciding to roll out a new 'alias' feature enabling users to send emails under an alias. The DITU for outlook there ensured that NSA tracking would remain consistent regardless of the identity chosen by the user. Finally this [3] is a snip of the slide revealing the scope of data available from various partners. [3]

                And yes, there is supposed to be a formal request where an analyst requests our secret court system approve a search before they carry it out. That process is unsurprisingly a rubber stamp - the court approves 99.97% of all requests. But more importantly this is something with no meaningful oversight. As Snowden emphasized, "in general, the reality is this: if an NSA, FBI, CIA, DIA, etc. analyst has access to query raw SIGINT [signals intelligence] databases, they can enter and get results for anything they want."

                So, yes it would be much closer to calling PRISM the all-seeing-eye than it would be to a system for sending out warrants. These systems are the reason that the Utah data center was built with storage estimated on the order of exabytes. One exabyte being a million terabytes.

                [1] - https://en.wikipedia.org/wiki/PRISM_%28surveillance_program%...

                [2] - https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-...

                [3] - https://en.wikipedia.org/wiki/PRISM_%28surveillance_program%...

                [4] - https://en.wikipedia.org/wiki/Utah_Data_Center

      • godelski a day ago

        The two big differences between private and government surveillance is 1) law 2) quantity. Look at China how the private sector freely hands data over. But ask yourself, is it that hard for your government to obtain that data? Are they trying to access it? The answers are probably no and yes.

        If you don't feel comfortable with the government having that data, I wouldn't suggest giving it to private corporations. Even if they are standing up to gov, it means things can change. I think Snowden uses the phrase "turn key tyranny".

      • rmc 4 hours ago

        How do I decide to stop other people uploading photos of me to Facebook?

      • mjparrott 14 hours ago

        Not true. Choice is only as good as your options and also depends on the choices of other people around you. My phone records people standing next to me. They might not have chosen to install the apps on my phone, but they’re subject to the surveillance of my device for example.

      • chiefalchemist a day ago

        > " I am a lot less concerned..."

        On one hand, I hear ya and agree.

        But the reality is, the deck has been reshuffled such that while we're focused on that front door about rights are being sucked out the back by the likes of Big Tech, social norms, etc.

        Yeah, the means differ. But in the end, the ends are the same.

  • mnm1 a day ago

    That's great to hear. Unfortunately, his actions haven't really done anything in the US. I wish I could say otherwise, but I haven't seen a single thing change. Privacy still isn't an issue that's on most people's radar. The government still does what it did before and likely a lot more. I have a ton of respect for Snowden, but he severely overestimated how much Americans care about privacy, spying, surveillance, or anything like that they mostly can't even understand.

    • rockinghigh 29 minutes ago

      > Unfortunately, his actions haven't really done anything in the US.

      It actually changed a lot how some companies handle government requests for data. Apple for example, completely switched their strategy because they wanted to be seen as protective of customer data. They realized that data requests would eventually leak so they avoid storing identifiable data on the servers. They saw privacy as a competitive advantage.

      https://www.apple.com/privacy/government-information-request...

    • vl 20 hours ago

      >That's great to hear. Unfortunately, his actions haven't really done anything in the US.

      At the very least it produced some dissonance between democratic establishment and their support base. Bill and Hilary continue to tour the country and I attended their road show in Seattle. Crowed cheered at every statement until they got to, and I quote, “Snowden is a traitor”, which produced very confused and subdued cheer. It was very fun to watch.

    • nyolfen a day ago

      encryption by default and privacy as an intrinsic good have been pervasive if subtle shifts in the culture

      • tomschlick a day ago

        Yup. Even the dark fiber back haul networks used by data centers that were once thought to be private are now being encrypted (Google, Microsoft, etc have mentioned this).

        This is exactly what PRISM was, not taking data from servers, but tapping into the data networks between them and siphoning off whatever the NSA wanted. And it just so happens that to mirror a fiber optic line you use a crystal prism.

    • newsgremlin a day ago

      It's one for the history books. We can't say we weren't warned. To many of the public bemoan the state of things while ignoring the events that lead up to the current state.

    • khuey a day ago

      Section 215 of the Patriot Act was not reauthorized, for one.

    • kodablah 20 hours ago

      > I wish I could say otherwise, but I haven't seen a single thing change

      I've seen intranet encryption between internal services become much more commonplace

  • duxup a day ago

    > If you talked about the massive surveillance from governments people tossed you aside as a paranoid lunatic.

    I wonder how much that was any given person, or just that the availability of such surveillance has increased dramatically.

    • tracker1 18 hours ago

      My thinking before Snowden was the sheer resources it would take to actually record, catalog and index all that information, let alone into something useful. I thought some people were just a bit too paranoid. Then I learned they did have/spend/use the resources needed for this. It just feels crazy, but true.

      Since then, combined with the ability to use AI patterns against video streams and even deep fake capability. My trust in most things is pretty much broken at this point.

      • ryanisnan 16 hours ago

        My trust in most things is pretty much broken at this point.

        Are you me?

    • BeetleB 19 hours ago

      > I wonder how much that was any given person, or just that the availability of such surveillance has increased dramatically.

      The UK introduced (public) mass surveillance long before Snowden was on the scene.

  • philjohn a day ago

    And yet in the UK we have a notorious data miner in the heart of No 10 giving an edict for all data from government websites to be fed into a central location for targetting.

    • petargyurov a day ago

      Sorry, what/who are you referring to?

      • arethuza a day ago

        "Data privacy campaign groups and Labour have expressed alarm after it emerged Downing Street has ordered departments to centralise the collection and analysis of user information from the government’s main public information website ahead of Brexit."

        https://www.theguardian.com/world/2019/sep/10/no-10-request-...

        Edit: I wonder if this includes the petition site?? Can't say that I'd be too keen on the Dark Lord Cummings getting the details of my personal petition history!

        Edit2: Yes, I know that's not his official job title, at least not yet.

        • boomskats 21 hours ago

          I actually think it is specifically targeting petitions.gov.uk, under the guise of the 'wider gov.uk' scope.

          It's the only part of that site I can see BJ actually giving enough of a shit about to go out of his way and double down on at this point. The rest of the gov.uk stuff is already very well managed and instrumented (and a great public service).

  • snowden_report 21 hours ago

    Much discussion on this topic relies on popular sentiment and media reporting. The redacted and declassified Congressional report should be considered a primary source and contradicts many common beliefs about Mr. Snowden: https://www.congress.gov/114/crpt/hrpt891/CRPT-114hrpt891.pd...

    The Executive Summary provides a good overview.

    In contrast to the Amazon book page that claims he helped "build" the system, it appears he was primarily a system administrator responsible for tasks such as patching and file transfers.

    • nvarsj 21 hours ago

      It's really hard to take that report seriously. It basically reads as FUD against snowden. This is what CIA and NSA agents are trained to do professionally.

    • mgamache 21 hours ago

      I think system administrators would take exception to your claim they don't help build anything.

      Also, Congressional report prepared by whom? Can't take a report by the fox guarding the hen house seriously.

      • snowden_report 20 hours ago

        I was a system administrator with similar responsibilities for several years, and it was quite clear who the system architects were and who the maintainers were. It's a minor point, but speaks to Mr. Snowden's reportedly inflated self-importance.

        It's up to all of us to take this report, and news reports and autobiographies, as seriously as you think they deserve. This provides background information not commonly known and is a valuable counter balance to Mr. Snowden's account. How seriously should we take an autobiography written by the person who perpetrated such (in)famous actions?

        There is "selective reporting" on all sides, it's up to us to take it all in and form our own opinions. For example: read the report, note Mr. Snowden's length of service at each job, his age and experience, and consider how likely it was that he was a "senior advisor" or a more junior system administrator.

        I understand this may be a lost cause, but I'm simply advocating for balance on this issue.

        • boomboomsubban 19 hours ago

          >I was a system administrator with similar responsibilities for several years, and it was quite clear who the system architects were and who the maintainers were

          Both groups would have been necessary to build the a long term system.

          Beyond that, I don't see how his status while working for the intelligence sector is very important, and I've never gotten the impression Snowden was trying to boast about how achievements there.

          • Bartweiss 19 hours ago

            Amazon page blurb aside, I don't understand why this question comes up so often.

            Even during the initial revelations, people who wanted to downplay the topic regularly pointed out that Snowden was "just a system administrator, not an intelligence agent" and attempted to debate whether he worked directly for the government or only for a contractor. It baffled me, because that doesn't even seem relevant to his claims.

            The "government employee" issue would only matter if the authenticity of the leaks was disputed; the various PRISM and XKEYSCORE slideshows were never even challenged, so who cares? And "only a system administrator" sounds backwards to anyone who actually knows what sysadmins do. Dismissing him as a maintainer instead of an architect is a weird sideshow, since his role was mostly important as an answer to the question "how did he get undetected access to so many different files?"

            • onli 18 hours ago

              It's a tactic to undermine an opponent. They want to classify him as a minor part of the machine, hoping to discredit his revelations in the process ("why would you listen to anyone with that little of experience and importance"). It's a reverse appeal to authority.

              It coming up again of again when Snowden is discussed is part of either controlled or natural occurring propaganda, a talking point of the regime. The one bringing it into this thread is a new throwaway account, go figure. One way or another, directly or indirectly, you are seeing the "controlling public discussions" part of what intelligence agencies do in action here :)

            • snowden_report 18 hours ago

              That's an excellent point. Using the "only a sys admin" example was pretty weak. I just chose it quickly as one example of his trustworthiness level from the report. A better example would be that Mr. Snowden claims he began collecting files after James Clapper's testimony, but in fact he began 8 months earlier (third point in the Executive Summary, page iii).

              My main takeaway form the report is that Mr. Snowden was misleading/dishonest about elements of his past and motivations. Read the report for other examples of his misrepresentations, mainly that he never reported his suspected abuse of government programs via established internal process and he took and shared material on much more than the programs he was concerned about.

              The discussion of the programs themselves is certainly much bigger. I view these programs as the nuclear weapons of our age. It was inevitable that they would be created (with similar capabilities in the hands of other governments and corporations), and there is always the risk of misuse. While the US Government is not the ideal owner of these tools, I generally trust the USG more than other countries and corporations.

              The problem with intelligence agencies is that you rarely hear of their successes, and almost always hear of their failures.

              • boomboomsubban 17 hours ago

                > A better example would be that Mr. Snowden claims he began collecting files after James Clapper's testimony, but in fact he began 8 months earlier (third point in the Executive Summary, page iii).

                His claim was that testimony was the "breaking point" on the decision to leak, not download files, and soon after he agreed to publicly be named the source.

                >mainly that he never reported his suspected abuse of government programs via established internal process and he took and shared material on much more than the programs he was concerned about.

                It's his word vs theirs on whether he raised the issue before deciding to leak. And he knew there was a ton of unrelated data in what he leaked, that was why he privately gave it to reporters and didn't publicly post it.

              • jascii 17 hours ago

                As far as I know, none of the documents leaked by Mr Snowden have been found untrustworthy or fabricated. Digging in his past for inconsistencies and speculating about his motivation seem little more then a weak attempt at character assassination. What exactly are your goals in this discussion?

                • snowden_report 23 minutes ago

                  My first goal is to offer the under represented report for discussion, and encourage a better public understanding of the context and consequences.

                  My second goal is to offer opposing information to his account of events, which I though relevant in a post about hist autobiography.

              • hanselot 16 hours ago

                > Mr. Snowden claims he began collecting files after James Clapper's testimony, but in fact he began 8 months earlier (third point in the Executive Summary, page iii).

                I don't think I've ever heard a normal human refer to him as "Mr Snowden", and just for interest, what reason could you possibly have had to memorize this specifically cherrypicked reference?

                Are you an Amazon FC Ambassador when you aren't attempting to defend your agency?

        • craftinator 15 hours ago

          You have, at this point in time, only three comments on HN, all related to Snowden, and are obviously using a throwaway account. You are also advocating heavily that the report, prepared by intelligence agencies in the US government, should be given credence, while you have developed none yourself. Really hard not to imagine you as a disinformation account created by a three letter organization.

          • snowden_report 41 minutes ago

            I've been reading Hacker News for several months and this is the first time I felt motivated to comment. I'm using a burner account because I knew this was a unpopular side to support and didn't want to start an account (that I would rarely use, I'm pretty quiet) off on that. I didn't expect to be trusted on my non-existing record on HN, but wanted to present a side of the story not often told. I am not a "disinformation account". I have always valued discussion from all sides, especially opposing sides, and wanted to offer this resource.

    • gmueckl 20 hours ago

      Hm... while I think that the report is generally correct, it also comtains a clear bias in some sections. It was written by people on the inside, after all. Also, some of the character background was sourced from journalistic articles. I would have hoped that such a report had better sources for things that should be part of government records.

    • simlevesque 21 hours ago

      Why would any non US citizen care about what the Congress has to say about it ? They don't care about any of us in the slightest.

    • prossercj 19 hours ago

      Thanks, I didn't realize that such a report exists. Although I remain skeptical about some things on both sides, I'm glad to understand the official position better.

sleepychu a day ago

Customers who bought this item also bought

- ALFA AWUS036NEH Long Range WIRELESS 802.11b/g/n Wi-Fi USBAdapter

- Yubico - YubiKey 5 NFC - Two Factor Authentication USB and NFC Security Key, Fits USB-A Ports and Works with Supported NFC Mobile Devices

EDIT:formatting

  • csunbird a day ago

    Offtopic: You were faster than my comment!

    I understand the Yubikey is popular but I do not understand the why the Wi-Fi dongle is popular. Any ideas?

    • matchai a day ago

      That wifi dongle in particular supports packet injection, and supports aircrack-ng for penetration testing.

      • thelittleone a day ago

        Indeed and cheap enough to throw away after each project for improved opsec.

        • Godel_unicode a day ago

          Given that you can change the MAC address, how does throwing it away improve opsec...?

          • jascii a day ago

            It seems good practice not to assume there are no other ways to id/fingerprint a device then by mac address..

            • Godel_unicode a day ago

              That's actually the opposite of good practice; good practice in security is to base your planning off of facts and research. Throwing away your whole setup after every gig works for Mission: Impossible, and I guess it makes people feel extra-super-ninja, in practice it just perpetuates the endless (and pointless) culture of I-know-something-you-don't.

              Opsec should be based on reality and threat modeling, not endless rounds of whatabout.

              Edit: if you (the rhetorical you, not parent specifically) actually know something here, chime in!

              • jascii 21 hours ago

                That really is the difference between "proven secure" vs "not proven insecure", which would you consider best practice? As far as fingerprinting WiFi devices goes: It is an rf device and all rf devices vary in behaviour due to component tolerances. This shows in such things as spurious emissions, power variations across its transmission spectrum, oscillator drift, etc, etc. These are fairly easy to detect remotely. One example is shown in this paper: https://www.cs.ucr.edu/~zhiyunq/pub/infocom18_wireless_finge...

                • Godel_unicode 16 hours ago

                  That paper states that the accuracy could be as high as 95%. Apple has sold over a billion iOS devices with WiFi radios in them. I'll let you Google the base-rate fallacy for yourself, and decide if that risk is worth it.

                  Edit: make that over 2 billion

                  Edit: also, "proven secure" is impossible.

              • JasonFruit 15 hours ago

                It's less a culture of I-know-something-you-don't than a culture of someone-may-know-something-I-don't. I don't understand your implication of intellectual delusions of grandeur here; I see it as the opposite.

                • Godel_unicode 11 hours ago

                  If you read the other reply to my comment, you'll see that it was in fact a case of I-know-something-you-don't, although in this instance they are in fact wrong about the implications of the thing that they know. The gate keeping that goes on in security (saying that there's a threat but not saying what it is) is extremely frustrating to me.

              • nickpsecurity 19 hours ago

                "That's actually the opposite of good practice"

                Good security practice is considering all devices as insecure until proven otherwise. Also, mitigating known unknowns where a general problem happens a lot. Devices snooping on you, misleading you, interdiction, hacks on firmwate, etc. Then, you mitigate it in situations where you're unsure of what's going on just in case. So, long as mitigation isn't too costly.

                I used to buy and get rid of WiFi devices and throwaway computers for that reason. Also, buy them in person at random places with cash. You can even turn it into charity by using FDE, wiping them afterwards, and reselling cheap or donating to others that cant afford full price. Put Ubuntu and Firefox on them to spread some other good things.

                • Godel_unicode 16 hours ago

                  > until proven otherwise

                  Well that's impossible (see also the halting problem) so that's pretty clearly not good security practice.

                  Nothing in that says anything about what your threat model is. What risk are you mitigating by doing this? This sounds like the type of "ignore the words and listen to the sound of my voice" security espoused by management and vendor sales people.

                  It sounds like you have a diverting past time, and I wish you the best with that, but this isn't what security is about. Security is about identifying and mitigating specific risks. This goes doubly for operational security. All else is security theater.

                  • nickpsecurity 13 minutes ago

                    Extra comment to add something I left off. There's at least two types of static analysis and solver tools: unsound and sound. The sound ones, especially RV-Match and Astree Analyzer, use a formal semantics of the code, a formal statement of the property, and automatic analysis to determine if it holds or doesn't depending on the goal. Related, SPARK Ada and Frama-C have their formal specs and code turned into verification conditions that check for code conformance to the specs. The VC's go through Why3 which sends them to multiple, automated solvers to logically check them. Far easier to scale and get adoption of these automated methods than manual proofs.

                    The main drawback is potential errors in the implementations of the analyzers or solvers that invalidate what they prove. Designs for certifying solvers exist which essentially are verified or produce something verifiable as they go. There's examples like verSAT and Verasco. The tech is there to assure the solvers. Personally, I'm guessing it hasn't been done to industrial solvers due to academic incentives. Their funding authorities push them to focus on quantity of papers published over quality or software improvements with new stuff over re-using good old stuff. Like infrastructure code, everyone is probably just hoping someone else does the tedious, boring work of improving the non-novel code everyone depends on.

                    Also, given my background in high-assurance research, I'm for each of these tools and methods, mathematical or not, to be proven over many benchmarks of synthetic and real-world examples to assess effectiveness. LAVA is one example. I want them proven in theory and practice. The techniques preventing or catching the most bugs get the most trust.

                  • nickpsecurity 14 hours ago

                    "Well that's impossible (see also the halting problem) so that's pretty clearly not good security practice."

                    No it's not. It's been done many times. The halting problem applies to a more general issue than the constrained proofs you need for specific, computer programs. If you were right, tools like RV-Match and Astree Analyzer wouldn't be finding piles of vulnerabilities with mathematical analyses. SPARK Ada code would be as buggy as similar C. Clearly, the analyses are working as intended despite not being perfect.

                    "Security is about identifying and mitigating specific risks. "

                    Computer security, when it was invented in the 1970's, was about proving that a system followed a specific, security policy (the security goals) in all circumstances or failed safe. The policy was usually isolation. There's others, such as guaranteed ordering or forms of type safety. High-assurance security's basic approach was turned into certification criteria applied to production systems as early as 1985 with SCOMP being first certified. NSA spent five years analyzing and trying to hack that thing. Most get about two years with minimal problems. I describe some of the prescribed activities here in my own framework from way back when:

                    https://pastebin.com/y3PufJ0V

                    I eventually made a summary of all the assurance techniques I learned from studying these commercial/government products and academic projects:

                    https://pastebin.com/uyNfvqcp

                    Note that projects in the 1960's were hitting lower defect rates than projects achieve today. For higher cost-benefit, I identified the combination of Design-by-Contract, Cleanroom (optional), multiple rounds of static analysis by tools with lower false positives, test generators (esp considering the contracts), and fuzzing w/ contracts in as runtime checks (think asserts). That with a memory-safe language should knock out most major problems with minimal effort on developers' part (some annotations). Most of it would run in background or on build servers.

                    https://www.win.tue.nl/~wstomv/edu/2ip30/references/design-b...

                    https://web.archive.org/web/20190428052851/http://infohost.n...

                    Meanwhile, the state of development for a major OS leads to about 10,000 bugs that even a fuzzer can find:

                    https://events.linuxfoundation.org/wp-content/uploads/2017/1...

                    Modern OS's, routers, basic apps, etc aren't as secure as software designed in 1960's-1980's. People are defining secure as mitigates some specific things hackers are doing (they'll do something else) instead of properties the systems must maintain in all executions on all inputs. We have tools and development methods to do this but they're just not applied in general. Some still do, like INTEGRITY-178B and Muen Separation Kernel. Heck, even IRONSIDES DNS and TrustDNS done in SPARK Ada and Rust respectively. Many tools to achieve higher quality/security are free. Don't pretend like it's just genius mathematicians or Fortune 25 companies that can, say, run a fuzzer after developing in a disciplined way with Ada or Rust.

              • scarejunba 21 hours ago

                I actually recycle my entire person after each pen test attempt to prevent people from cottoning on to each body’s unique tics.

          • diminoten a day ago

            Makes you feel more like an operator, I guess?

        • dTal 21 hours ago

          Why would you care about opsec for consensual "penetration testing"?

          • jascii 17 hours ago

            Your security profile needs to exceed that set for the highest level of clearance you could possibly gain. In practice that means exceeding the highest level of security used in an organisation. You wouldn't want to inadvertently exfiltrate a clients data would you? Aside from that, it is not uncommon for say a department to not be aware they are being pen-tested with consent of their management, and you don't want to trigger counter measures.

    • Saus a day ago

      I've bought an Alfa adapter 10+ years ago because you can use them in promiscuous mode. So you can snoop wifi traffic, listen for handshakes and doing so crack WEP/WPA (wifi) encryption.

      Things probably haven't changed..

      • mises a day ago

        They have a little. 5ghz is more common, so you won't get any thing there. WPA2 is significantly harder to crack, and I usually do it on GPU with pyrit or hashcat-ocl and a wordlist. WPA3 is out now, too, and I'm there aren't really any well-established procedures for it yet.

        • TrueDuality a day ago

          Just FYI WPA2 is pretty solidly and quickly broken (lookup KRACK attacks). WPA3 is unfortunately already partially broken (though currently joining the network / password breaking aren't fully broken, see Dragonblood attacks).

          • dayofthedaleks 12 hours ago

            KRACK is patched on most platforms.

            What weaknesses in WPA2 remain?

          • mises 2 hours ago

            KRACK was a nonce re-use, not a core protocol flaw. WPA2's flaws are more around un-encrypted control packets; i.e. I can de-auth you without having to get session keys.

      • jgrowl a day ago

        This was a popular adapter more recently because of the WPS pin exploit using something like the reaver tool.

    • Sendotsh a day ago

      > Description The best wireless adapter for those who use the penetration platform Kali Linux & BackTrack. The wireless USB adapter has been tested to work with Aircrack-ng and supports packet injection along with monitor mode.

    • Noxmiles a day ago

      Someone know a good 2.4/5.0 GHz wifi adapter for these kind of things?

      • zoobab a day ago

        a good directional antenna makes THE difference.

        • arendtio 20 hours ago

          any recommendations?

      • mises a day ago

        The Alfa AWUS1900 is a nice model, but if you want something cheaper (and will put up with 2.4ghz-only), the TP-Link TL-WN722N is cheap, but get the v1 chipset! It's the best-supported with drivers on linux. Oh yeah, and you will probably need to do monitor mode on linux.

  • elbasti a day ago

    Is it even safe to buy yubikeys on Amazon given the counterfeit problem?

    • skore a day ago

      Don't know about counterfeiting, but when I tried to order yubikeys via German amazon, every single one of the blisters looked suspiciously as though they had been tampered with[1]. They were opened juuust slightly on the side - enough to potentially slide the key out and in again, definitely something that you could miss if you weren't paying close attention. I placed a second order and the exact same thing happened. It was quite weird and I've since ordered from yubico directly.

      [1] http://imgur.com/gallery/1c8uMFr

    • jolan a day ago

      You can verify whether you received a genuine key at:

      https://www.yubico.com/genuine/

      • willismichael a day ago

        Unless some entity can man-in-the-middle attack your attempt at verifying it.

      • OrgNet a day ago

        https is not safe against the government....

        • OrgNet 21 hours ago

          ... because they can force CAs to give them the keys to decrypt all traffic.

          • NobodyNada 20 hours ago

            That's not true, since CAs don't have "the keys to decrypt all traffic." They have the ability to sign website operators' public keys, but they do not have access to the website operators' private keys.

            Of course, the CA could also issue a fake certificate with attacker-controlled keys, but if they tried to do so, they would get caught by Certificate Transparency.

    • capableweb a day ago

      Guess there could be two attack vectors, one that is easier to avoid and the other not so much.

      The first one being a targeted attack. Then any ordering of Yubikeys can leave to vulnerable as the supply chain can be intercepted (because they see it's you and switch out the key to a counterfeit one). This can be solved by going to a in-person store and buying it there. Then there is no risk of you being personally targeted as you can go to any store.

      The second one, is where all keys sold being counterfeit, which you cannot solve by going to a in-person store or ordering online. Not sure how you could avoid this vector.

      • 0xffff2 a day ago

        >Not sure how you could avoid this vector.

        While this is a theoretical problem anywhere, it's a practical problem when ordering from Amazon far more often than anywhere else. Going to a reputable physical store likely shields you from the second scenario nearly as well as the first. Also, in the case of Yubico at least, you can order directly from their website, which presumably minimizes the number of hands the product has to go through, thus minimizing opportunities for a counterfeit to be swapped in.

    • diminoten a day ago

      There isn't an actual Amazon counterfeit problem, so yeah, it's safe.

  • quickthrower2 17 hours ago

    More interesting is what the people who will go to their local book store to buy it with cash will also buy, but we'll never know.

  • mercules a day ago

    It's probably part of the reading material for military cybersec.

  • mises a day ago

    It recommended me "20 ORANGE SNAPPY GRIP -Bucket Handles -Mining-Gold Prospecting-Gardening" under the customers also bought... I guess I'm just not leet enough. This in spite of the fact that I've actually bought a few external wifi adapters from amazon.

  • turk73 a day ago

    Oh man, that's hilarious! I fucking hate the Yubikey my company makes me use.

stef25 a day ago

Before his story broke there was an AMA on Reddit about govt surveillance, I'm 90% this was Snowden. Does anyone else remember this?

The person spoke of these things happening in ways we "couldn't imagine". People were guessing at what he meant and his responses were mostly "it's much worse". One redditor posted some highly technical speculations to which the author responded "you're getting close".

Reddit's search isn't good enough to retrieve this but I would LOVE to find that post again.

  • INTPenis a day ago

    Funny enough Google has great tools for searching within that time period. Snowden broke around Q1 2013 right? So I tried searching from Q4 2012 to Q1 2014 and the first thing that came up on government surveillance was actually this[1].

    Which I assume is not what you meant but it's pretty early in the timeline of Snowden's revelations.

    Setting the timeline to 2012-01-01 - 2013-07-03 is just before Greenwald broke Snowden's story and those results are very different.

    Interspersed are results that were likely updated in Google's index after july 3rd so there are some false positives so to speak.

    You'd have to browse more of those results. I've only got 3 pages in.[2]

    Edit: Actually this IAmA from Cory Doctorow could be it.[3] He's definitely in the know about what the government is capable of and speaking from that experience. Which pretty much predicts Snowden's revelations.

    Of course I remember when AT&T was implicated in mass surveillance by a former employee back around 2004, that story just got lost in the ether.

    1. https://www.reddit.com/r/IAmA/comments/2wwdep/we_are_edward_...

    2. https://www.google.com/search?q=site:reddit.com+%22IAmA%22+g...

    3. https://www.reddit.com/r/IAmA/comments/11bm9i/iam_cory_docto...

    • stef25 17 hours ago

      It was an anonymous AMA, author specifically stated he was "inside" so not Doctorow

  • jmkni 18 hours ago

    I remember the DefCon 20 talk, Bigger Monsters, Weaker Chains with William Binney - https://youtu.be/sqIz-RNUL1g

    This was in 2012, 2013 was when Snowden did what he did.

    I always wondered if he saw this talk and was motivated by it.

octosphere a day ago

I'm going to 'recycle' an older comment of mine, pertaining to the comments about the book. The original comment can be found here: https://news.ycombinator.com/item?id=20583363

I was annoyed that someone called Ed Snowden a 'Traitor'. Hopefully it gets a bit more recognition in this thread

__________________________________

For me he made the Great Game of Privacy a lot fairer. You should read the excellent entry on Wikipedia about the aftermath of the leaks[0]. If the leaks meant that privacy-loving folk went 'dark' in light of the leaks, then this is a net plus. Snowden's actions possibly hindered NSA in catching undesirables, but it's a small price to pay for a bolstered Internet and privacy-respecting comms. And who's to say that the apparatus even worked that well in foiling the efforts of plotters? Bill Binney[1] consistently drives his message home that the NSA's surveillance apparatus is very inefficient at foiling plots, and I agree with him.

Even if it stopped one plot in all the time of its existence, it's still an enormous effort and an enormous amount of money spent just to foil one plot. Old fashioned police work is better at foiling plots because it doesn't have to rely on big data algorithms sifting through the noise of Internet traffic (most of which is innocuous). Old fashioned methods work because they employ simple detective work - it doesn't need the NSA at every choke point and decrypting countless crypto.

[0] https://en.wikipedia.org/wiki/Snowden_Effect

[1]https://en.wikipedia.org/wiki/William_Binney_%28U.S._intelli...

  • tomatotomato37 a day ago

    Wow, I thought Binney was just some random analysist news shows brought on to discredit the 2016 hacking thing. Didn't realize he was the key catalyst for the Snowden leak after the government shafted him when he tried to reveal the same NSA overreach using the "proper" channels.

  • CWuestefeld 21 hours ago

    I find that "traitor" argument very troublesome. To make the argument, you must believe that

    A) Privacy is a liability, so that by curtailing privacy we strengthen the country (and conversely, by having more privacy the country is weakened)

    B) The government must allow us only what measure of privacy it deems appropriate, and even has the authority to balance based on factors it need not disclose.

    Both of those ideas should be repugnant in a free society.

  • kerkeslager a day ago

    At a fundamental level, I trust the moral compass of the average person more than I trust the moral compass of government which has incentives to do the wrong thing.

    The most basic tool of law enforcement investigation is the average citizen calling the police when they see someone doing something wrong. Unethical laws are more difficult to enforce, because the average citizen doesn't call the police when they see someone breaking an unethical law. Most people don't call the police when they see someone smoking marijuana, for example, because the average person has a moral compass which tells them that putting someone in jail for smoking marijuana is reprehensible. Historically, whenever the law has been wrong, many people have been saved by people refusing to report them: the underground railroad, hiding of Jews in Nazi Germany, gays under anti-sodomy laws, etc.

    In contrast, I believe that when someone is actually doing something wrong, people call the police on them. If I witness a murder, rape, child abuse, etc., I would absolutely call the police. And while there are certainly high profile cases of people standing by and letting bad things happen, I trust people to do the right thing most of the time.

    Pervasive surveillance bypasses witnesses as the basic tool of law enforcement, which takes the power out of the hands of the average person. This might allow law enforcement to catch more bad guys, and if that were the only concern, violating our privacy might make sense. But the flipside is that it allows law enforcement to put more people in jail who aren't bad guys--people who smoke weed, teenagers who sext, etc. As long as there are unethical laws, privacy is the fundamental tool which allows average people to trust their own moral compasses and not call the police on people who are breaking unethical laws.

    • cmurf a day ago

      Pervasive surveillance also takes responsibility and knowledge of their rights, out of the hands of the average person. Witnessing should lead to empathy, the imagination that the same thing could happen to me, and if I think that would be wrong, I need to call out that wrongness when it happens to others. That is civility. That is how we build trust. That is foundational whether it's the average person or the average lawmaker or the average police person.

      When we're carving out areas of society where we accept less trust, then we can only lose trust, and that area becomes dangerous to us and a safe haven for corruption.

  • dx87 a day ago

    Honestly, saying that the NSA has done maybe one useful thing in its entire existence and that everything it does could be replaced by "simple detective work" just shows you to be incredibly uninformed and ignorant about what the job of the NSA actually is.

    • kerkeslager a day ago

      So inform us. Present evidence for your opinion or keep your opinion to yourself.

      • dahdum a day ago

        Here's a decent article highlighting 4 attacks of the 50 they claim to have foiled since 2001. https://www.ibtimes.com/four-times-nsa-surveillance-programs...

        • kerkeslager 19 hours ago

          > The first example was the case of Najibullah Zazi, who confessed to plotting to bomb the New York City subway system in 2009. Joyce confirmed that the NSA’s Internet surveillance program led officials to a suspect in Colorado who turned out to be Zazi. The FBI took the necessary legal steps to identify him and ultimately capture him, in concert with authorities in New York. Under Section 215's authority, Joyce said, the NSA was also able to nail down a “previously unknown [phone] number of one of the co-conspirators.”

          > “Without the 702 tool, we would not have identified Najibullah Zazi,” Joyce said later in the hearing.

          Okay, sounds pretty legit. His plea bargain was partly informed by threatening his parents[1], but it does sound like there was a lot of other evidence collected through traditional police methods.

          > The second instance described was a thwarted plot to bomb the New York Stock Exchange. Under Section 702's authority, the NSA monitored a known extremist in Yemen who was communicating with a man in Kansas City, Mo. This information led the FBI to Khalid Ouazzani, his co-conspirators and ultimately the plot to bomb the NYSE. Ouazzani ultimately confessed to sending money to al-Qaeda and was never convicted for the stock exchange plot.

          Okay, so we... removed a small funding source of Al Queda? Maybe it's just me, but if I were trying to attack Al Queda's funding, I'd start with not having the CIA give them millions of dollars[2] before going the "surveil all Americans" route. For comparison, the CIA gave them $2 million in one payment[2], while Ouazzani gave them $23K[3]. The NSA yearly budget is ~$10 billion.[4] The NYC police budget was $5.6 billion in 2018[5] and they handled 295 homicide cases in 2018[6].

          > The third instance cited by Joyce was the case of David Headley, an American in Chicago who aided the 2008 Mumbai terrorist attacks. The FBI had received a tip about his involvement in the attacks when the NSA’s 702 surveillance also identified Headley as involved in a plot to bomb a Danish newspaper office that had published cartoons of the Prophet Mohamed that were considered offensive by some Muslims. “Headley later confessed to personally conducting surveillance of the Danish newspaper office,” Joyce said.

          So basically, this guy was already going to be arrested for the 2008 Mumbai Terrorist Attacks, but due to surveillance they were able to also charge him for... surveiling. The irony is staggering.

          > Regarding the final case, Joyce testified that data collection under Section 215 helped uncover terrorist activity that the FBI had been unable to detect previously. In 2007, the FBI closed an investigation it had launched shortly after Sept. 11, when it could not connect the subject of the investigation to terrorist activity. Years later, under its Section 215-sanctioned metadata collection program, the NSA identified a phone number in San Diego that was in contact with a known terrorist overseas. The NSA’s discovery allowed the FBI to reopen the investigation and disrupt the terrorist activity. Joyce later confirmed that the activity involved providing financial support to a designated terrorist group overseas.

          This could not possibly be more vague.

          Ostensibly, since the source is the NSA's PR team, these were the best cases the NSA could come up with? This sounds like a strong argument that the money should be better spent on traditional law enforcement.

          [1] https://en.wikipedia.org/wiki/Najibullah_Zazi#Guilty_plea

          [2] https://www.nytimes.com/2015/03/15/world/asia/cia-funds-foun...

          [3] https://archives.fbi.gov/archives/kansascity/press-releases/...

          [4] https://threatpost.com/nsa-metadata-program-likely-not-cost-...

          [5] https://en.wikipedia.org/wiki/New_York_City_Police_Departmen...

          [6] [Excel File Warning] https://www1.nyc.gov/assets/nypd/downloads/excel/analysis_an...

      • solidasparagus a day ago

        He didn't give any less evidence than OP.

        • SkyBelow 20 hours ago

          I claim there isn't a teapot. You claim there is. Who has to provide evidence? What happens when one applies this to claims about an organization?

      • outside1234 a day ago

        You are kidding right? The whole cold war?

        • kerkeslager a day ago

          During the Cold War, the US government did a lot of things which were extraordinarily harmful to US Citizens and contributed nothing to fighting Soviet totalitarianism. Soviet totalitarianism was certainly a threat, but US repsonses to Soviet totalitarianism were often counterproductive. There's a strong argument to be made that the US government did more harm to US citizens during the Cold War than the Soviets ever did. I'd be open to hearing evidence that the NSA was an exception, but you certainly haven't presented any.

          Simply trotting out old tired Russophobia doesn't prove that pervasive surveillance has been good for the American people, it just shows your own bias. You're turning a blind eye to the wrongs done by the US government, some of them much worse than pervasive surveillance.

          • dahdum 21 hours ago

            > There's a strong argument to be made that the US government did more harm to US citizens during the Cold War than the Soviets ever did. I'd be open to hearing evidence that the NSA was an exception, but you certainly haven't presented any.

            What harm do you claim the NSA did to Americans in that time? Their mandate is foreign surveillance, and while citizens do get caught in their net (especially with foreign contacts), it's not their focus.

            I can think of a couple, but they seem relatively limited?

            a) Surveillance revealing domestic crimes that were prosecuted through parallel construction.

            b) American businesses benefiting from NSA intelligence gathering, through politicians passing along information.

            • throw0101a 20 hours ago

              > What harm do you claim the NSA did to Americans in that time?

              The GP did not say "NSA", but "US government". See for example:

              * https://en.wikipedia.org/wiki/COINTELPRO

              • kerkeslager 19 hours ago

                Correct, this is what I meant.

                • dahdum 19 hours ago

                  The whole thread was about the NSA's budget and mission, so I misunderstood your point. It appears you have no specific qualms with the NSA other than the fact they exist under the same government as the FBI/CIA?

                  • kerkeslager 18 hours ago

                    No, I'm just shooting down the idea that simply saying the NSA was involved in fighting the cold war doesn't mean they're positive for US Citizens.

                    I haven't mentioned my qualms about the NSA up to this point, but since you asked: I object to spending $10.8 billion in 2013[1]. I object to the fact that they have so little oversight, the public had to find out what their funding is from a leak[1]. I object to the fact that this spending resulted in only 4 arrests they will tell us about over a period of years[2] which are all fairly questionable[3]. I object to their continued violation of the constitutional right to privacy of almost every American.[4] I object to them undermining encryption standards[5] which weakens the security of people and companies everywhere.

                    [1] https://www.nytimes.com/2013/08/30/us/politics/leaked-docume...

                    [2] https://www.ibtimes.com/four-times-nsa-surveillance-programs...

                    [3] https://news.ycombinator.com/item?id=20944055

                    [4] https://www.eff.org/702-spying

                    [5] https://www.scientificamerican.com/article/nsa-nist-encrypti...

                    • emmelaich 12 hours ago

                      > No, I'm just shooting down the idea that simply saying the NSA was involved in fighting the cold war doesn't mean they're positive for US Citizens

                      is a big backtrack from

                      > There's a strong argument to be made that the US government did more harm to US citizens during the Cold War than the Soviets ever did

                      • kerkeslager 11 hours ago

                        The second thing you quoted is part of my evidence for the first thing you quoted. It's not a backtrack at all.

                        Do you have an actual evidence-based opinion, or are you just trying to catch me in weird gotchas? I'm sure I've said something slightly incorrect you can track down, but that doesn't really negate the evidence I've linked.

            • CWuestefeld 21 hours ago

              While it happened after the end of the USSR, we know that the NSA contrived to get a crypto system they knew to be weak standardized. And that weakness was later leveraged by hackers in at least one case.

          • Aunche 20 hours ago

            > contributed nothing to fighting Soviet totalitarianism

            I wouldn't say nothing. At the very least, they made sure that Russia wasn't planning to fire any nukes at us.

            • kerkeslager 19 hours ago

              I probably could have worded that better--it's ambiguous. What I meant is that a lot of the things which the US government did were harmful to US Citizens, and a lot of those same things that the government did, contributed nothing to the fight against Soviet totalitarianism.

              Many of the mkultra experiments are a good example: the US government drove a bunch of US citizens insane for projects which ultimately resulted in no useable weaponry.

              My point being: simply waving your hands and saying "the cold war!" isn't a valid defense of US government organizations.

        • WhompingWindows a day ago

          Unfounded claims, calling someone incredibly uninformed and ignorant, with zero evidence to back up these admonitions, shouldn't be posted here. If you have a claim to post, back it up with some kind of evidence or data. No one should have to be called "kidding" when they call out a lack of any kind of data.

          • jonnybgood a day ago

            The person you’re responding to didn’t call anyone anything. Be sure to check usernames.

        • SahAssar 21 hours ago

          Ah, so the NSA was the reason the cold war ended as it did? Via what specific actions/events?

  • 99052882514569 a day ago

    >Bill Binney[1] consistently drives his message home that the NSA's surveillance apparatus is very inefficient at foiling plots, and I agree with him.

    Oh, were you also with the NSA? For how long, and what did you do there? Or is that (let's put it charitably) an "Internet agree"?

AtlasBarfed a day ago

This made me realize I have heard ZERO news on Assange after his arrest, and the likelihood of him being tortured and rendered and railroaded of course means our nation (US) of laws and rights is a sham.

Don't tell me it's boring, this should be a sideshow for the media like OJ. Rape trial? Russian meddling? Little guy vs the government? International intrigue?

Crickets.

A truly independent media would be tracking his case to make sure due process is followed, but we all know what media is in the age of corporate conglomeration and oligarchy.

  • nabla9 a day ago

    He is sitting his 50 week sentence in HM Prison Belmarsh in UK and has access to lawyers. Media is tracking his case. There is nothing to report.

    There are people who spew up conspiracy theories on the spot when they have not heard anything, from pure ignorance, yet they speak ill of mainstream media.

    • IronWolve a day ago

      Hes also sitting in the medical ward due to multiple issues, including mental issues. I dont think the news wants to report on his declining health.

    • reeves23423 3 hours ago

      If they are tracking where is the news about Jullian Assange.

    • seppin 21 hours ago

      > There are people who spew up conspiracy theories on the spot when they have not heard anything, from pure ignorance, yet they speak ill of mainstream media.

      It's much easier than knowing what you're talking about.

  • Synaesthesia 21 hours ago

    You read about him on progressive media, some principled journalists. But nowhere in the mainstream news

hsavit1 a day ago

Any links posted to amazon.com from HN should be to smile.amazon.com -> .5% of your purchase will be donated to a clarity of your choice.

  • NilsIRL 20 hours ago

    I wouldn't see any reason not to.

    Though please keep in mind that smile.amazon.com is a marketing stunt. Firstly, it makes people less reluctant to buy increasing Amazon's revenue and secondly, Amazon is donating the money, so they get to pay less tax.

  • irq11 a day ago

    Better yet, don’t buy the book, and donate the money you would have spent to charity.

    • Zelphyr 20 hours ago

      Can't we do both?

      • irq11 11 hours ago

        Nope. Because then you could donate the price of two books, and not buy one!

matt_morgan a day ago
  • microcolonel a day ago

    Given that there are like... seven copies in U.S. libraries, I think that's probably terrible advice.

    • jrochkind1 a day ago

      Since Amazon says it's not available until September 17th and you can only pre-order it now, I think probably even those 7 are records inaccurately registered before the book is actually there, and there are probably 0! Or did some libraries get the book earlier than Amazon can? Possible, but my guess is not.

      • jonwachob91 a day ago

        I think you are right. I called 3 libraries in my immediate ~15m drive area (university library, County, and City), all 3 confirmed they will have it, but none were listed on the World Cat site.

      • microcolonel a day ago

        Fair enough! I was thrown off the fact that it hasn't been released by the Worldcat page saying that there were three editions. I assumed that it was not possible to have data quality issues of that magnitude.

        • jrochkind1 a day ago

          Oh, Worldcat data quality is definitely very problematic.

          At it's best, it definitely doesn't represent _every_ library copy.

          It requires libraries to register their copies with the central database. All of these libraries are different organizations with different software, at varying stages of 'legacy', trying to interoperate with each other, usually without very well-resourced IT teams. Then WorldCat has got to figure out when copies at different libraries are copies of the "same" thing, and what "same" means.

          The worldcat database is very useful, but it certainly has data quality problems.

          Amazon also says "4 formats and editions": hardcover, paperback, kindle, audiobook. Technically I'd say these are "formats" not "editions" -- the text is the same in each, although you might consider the audiobook a separate "edition" maybe, as it's not text at all, it's a whole different sort of thing. (And the Amazon UI hides it behind a 'more' link, although still just referring to the whole list as "4 formats and editions").

          I'd guess Worldcat knows 3 of those 4 -- maybe all except kindle. Worldcat, like Amazon, is not really capable of distinguishing "editions" from "formats".

          I'm not sure I'd consider the "3 editions" a "data quality" error exactly, in this case. It does point to some of the complexities of figuring out what's out there in the bibliographic universe, and how to model it in a consistent way that makes sense to users. (What _is_ an edition vs a format anyway?). Amazon gets data and corrections from people trying to sell books there providing some data entry/correction labor for free. And Amazon's website and data are _core_ to their business. As well as from other DBs like ISBN. Worldcat has to try to piece things together from a bunch of disorganized under-funded non-IT-expert nonprofits, who may consider "getting good data to WorldCat" not the highest among competing priorities, along with other DBs like ISBN.

          Neither WorldCat nor Amazon are _great_ at determining "what separate editions/formats exist of this thing, and how do they relate to each other" in the general case. Cause it's a hard problem. Amazon does well enough to sell books apparently. They each have strengths and weaknesses. For things published decades before Amazon existed and/or no longer in print, WorldCat will do better in some ways.

          • microcolonel a day ago

            Maybe the long term solution is to put together an open source library database package that serves the needs of 90% of libraries without modification, and make it convenient to make high quality data available.

            • dredmorbius 20 hours ago

              Worldcat / OCLC is pretty close to this. It's not fully open source, but it's widely used and pretty open.

              (The fact that the API isn't publicly accessible without registration and payment is a major annoyance.)

              • jrochkind1 16 hours ago

                Yeah, at one point OCLC was actually being kind of litigious with trying to make sure their db was _not_ open. I think they got over that, at about when they realized nobody actually really wanted it so much anymore. But it's debatable whether it's "pretty open" at present.

                LibraryThing was sort of another attempt, that sort of still exists.

                It's just a really hard thing to do, that takes a lot of resources to do well, and nobody's managed to figure out a funding model.

                I don't think "Just create an open access database anyone can edit, like wikipedia but data, and books" will work (and actually, [that's](https://www.wikidata.org/wiki/Wikidata:WikiProject_Books) been tried too), but you can try to start another project if you want.

                There are a handful of projects with various business models and degrees of openness of data that have tried or are still trying to do this. For whatever reasons (and we can debate em), they haven't really taken off or been succesful. shrug.

    • dredmorbius 20 hours ago

      As noted:

      1. The book is announced, but not yet released (17 Sept).

      2. Worldcat tends to lag acquisitions, and whilst extensive, is not fully comprehensive. There are nonlisted collections, and lagged reports.

      3. Further acquisitions will be added.

      And most importantly: Libraries are highly responsive to patron requests. Ask for the book to be added, and in all likelihood it will be, and you'll be notified when it's in and/or added to the waitlist.

  • ulkesh a day ago

    Or how about we all choose how we wish to get content, and stop implying judgment. When did reading become an us vs. them thing?

    • unethical_ban a day ago

      The point, I believe, is to recommend a vendor other than Amazon, whose business model is datacenter management and datamining and being a front for cheap Chinese goods.

      There is a bit of judgment, and that's okay.

      • ulkesh 11 hours ago

        Which added zero value about the book itself. But yet I’m downvoted for pointing out the stupidity. You win, Internet.

    • kome a day ago

      Is he implying anything at all or are the voices in your head?

Noxmiles a day ago

Does anyone know how much money he gets from every book / ebook? I think buying it is, at least for some people, very much a support Snowden thought.

  • roasm a day ago

    The publisher Metropolitan Books looks like it's part of Macmillan so they're likely a traditional publisher, which suggests he got a pretty healthy advance on the book because of his fame.

    I would also guess that even if he sold enough books to earn out the advance, his take on each incremental book is really small as the publisher took most of the financial risk with the advance itself.

  • grecy a day ago

    I'm self published on Amazon and can speak to that, but I see that this is actually published by a publisher (Metropolitan Books)

    In that case, from what I have learned from speaking to a few NYT Best selling authors, he's getting peanuts per sale, though it's very likely he got an advance in the range of $50k.

    He won't actually get a cent from sales until his share goes above whatever his advance was.

    • tgsovlerkhgsel 16 hours ago

      > an advance in the range of $50k

      That... would not be very much for a book that can be expected to generate hundreds of thousands of sales.

      • grecy 15 hours ago

        I agree.

        One of the NYT best selling authors I spoke to over beers told me at most he can hope to get in the range of $200k in his lifetime for his book that was top of the charts for a significant amount of time, and continues to be very, very famous in it's niche.

        i.e. Writing for a publisher sucks.

      • dredmorbius 2 hours ago

        An "advance" is just that: payment advanced against projected sales, and hence, per-volume royalties.

        The publisher generally calculates the advance based on projected sales, and that's often all the money an author will see, though if an advance is "earned out" (sales exceed the projection), the author can earn additional royalty payments based on a percentage of the per-volume sales price. The usually cited figure is 10%, though this may vary.

        TL;DR: Snowden is guaranteed the advance, but may earn more.

        https://www.thebalancecareers.com/book-advances-and-royaltie...

  • xur17 a day ago

    Is there any way to buy the ebook directly (or at a bare minimum without drm)?

    • madkangas a day ago

      (Macmillan employee)

      To my knowledge, no and probably no. I'll inquire.

      I'm aware that it's available at Kobo in EPUB format but that includes Adobe DRM.

      https://www.kobo.com/us/en/ebook/permanent-record-7

      • xur17 a day ago

        Thank you for the response.

        Sad to hear that it's only available with drm. It's going to show up on torrent sites within days no matter what, so as always honest consumers are the ones that lose.

      • abawany 19 hours ago

        It is available on the Google Play store as an ePub as well with likely DRM added as well. I ordered from there.

  • ramraj07 a day ago

    I vaguely remember 10% as a ballpark for most authors

    • iandinwoodie a day ago

      What happens to the other 90%? Is this typical for book authors?

      • faet a day ago

        It is very typical.

        Assuming Print on Demand w/ amazon. He's not doing that but we'll just assume to keep it easy. And list price of $24

        Amazon takes $5 to print Amazon takes $9.60 royalty

        That leaves $9.40 or 40% available.

        Of that Macmillan takes their cut to cover editing, covers, advertising, etc.

        And what is left is probably $2.40 for each sale.

        For Self published folks (going eBooks this time). Assuming you list for $10 and get a 70% royalty from amazon.

        You'll earn $7 for each sale.

        But, then once you factor in advertising (on amazon which goes to amazon), your earnings for each book drop to maybe a 5-30% royalty range. And that assumes you can sell your book for $10, which most self published cannot.

        I have friends who sell $10k worth of eBooks/mo who make $2k/mo. So 80% goes to amazon and 20% goes to them.

        • anchpop 19 hours ago

          He's using a traditional publisher which means he likely got a decent advance. Even if he didn't, he was likely able to negotiate a better deal than most authors because of his fame

        • iandinwoodie 20 hours ago

          That's insane. Thank you for the detailed insight.

robmiller 21 hours ago

Seems odd that every picture of Edward Snowden shows one of the nose pads on his glasses missing.

empath75 a day ago

I think the administration badly, badly mishandled Snowden and Assange, and allowed Russia to coopt them by isolating and threatening them. If they had treated them as whistleblowers and journalists (even if they had nefarious motivations), they could have kept them in "the west" instead of driving them into the arms of Russia. I don't believe that Assange was a Russian agent at the beginning but he was surely one by the time of the 2016 election.

There's a reason we have laws around a free speech and a free press-- they make the country stronger, even if they make it harder to govern.

  • slg a day ago

    I think you do Snowden a disservice when you lump him in with Assange. Snowden you can easily argue is a whisleblower. You can't argue that with Assange since he doesn't have first hand knowledge of what he is leaking and instead actively recruits people to feed him information to leak. He also seemingly encourages people to commit crimes to get more information for him. Snowden did that all himself. In addition, Assange does not have the high bar that information must meet in order to warrant a leak. He instead leaks everything that he has that fits his political goals. A whistleblower needs to be more precise and targeted with what they disclose. Snowden gave his documents to journalists to sift through, judge, redact, and publish. Assange just throws everything up on his website. Lastly, like multiple people in these comments mentioned, there is the question of their relationship to Russia. Knowingly or not, Assange has clearly been used as a tool of Russian Intelligence. Snowden being compromised is more of a conspiracy theory at this point with little (but some) real world evidence.

    • loup-vaillant 21 hours ago

      > I think you do Snowden a disservice when you lump him in with Assange.

      Correct. Snowden is a Whistle-blower. Assange is a journalist, though perhaps not the kind Snowden would have trusted his stolen data with.

      • pstuart 21 hours ago

        Assange is an attention whore. I had such high hopes for wikileaks but it was, in the end, a vehicle for him to promote himself.

        • Miner49er 21 hours ago

          You think Assange put himself at as much risk as he did to promote himself?

          He spent 7 years locked in an embassy (to great detriment to his health and was arguably worse then jail), is now in jail, and is facing at least life in prison, if not the death penalty. You really think he did all that just to promote himself and for some attention?

          • pstuart 21 hours ago

            It's not like we think everything through when we set out on a journey. He probably went in with good intentions but was blinded by the lights of fame.

          • throw0101a 20 hours ago

            > He spent 7 years locked in an embassy ...

            To avoid criminal charges for things unrelated to his political/journalistic exploits. Plenty of people run when faced with possible jail time, e.g., Roman Polanski.

            • loup-vaillant 20 hours ago

              As far as I know the case was closed then reopened after some embarrassing US document leaked, and without any new relevant element. As far as I know, the Sweden authorities had the possibility to interrogate Assange without extraditing him, yet for some reason did not use that possibility.

              Finding reliable sources with all relevant details is a hassle, so take it with a grain of salt. Nevertheless, I believe at this point that this unrelated affair is more an attempt at character assassination than a real thing. (I do recall that he reportedly didn't used protection, which would qualify him as a major jerk. Legislations seem to disagree on whether this was a crime or not, though.)

            • Miner49er 20 hours ago

              This is a lie. He stated from the start he was hiding to avoid extradition to the United States for his journalism.

              • throw0101a 4 hours ago

                I do not understand this point:

                He was in the UK, who has an extradition treaty with the US. He was facing charges in Sweden, who also have an extradition treaty with the US.

                Why was he afraid of being extradited from Sweden but not the UK? If the US wanted him they could have gone after him while he was still live in the UK.

                Why fear going to Sweden? I never understood this argument: am I missing some nuance in international law?

              • monocasa 19 hours ago

                And it looks like now that he's been removed from the embassy, he's being extradited to the US based on his journalism, just like he feared.

        • boomskats 21 hours ago

          It was & is far, far more than that.

      • bdhess 21 hours ago

        I think calling Assange a journalist is very debatable. He certainly doesn’t comply with the ethical norms of the profession.

        • loup-vaillant 18 hours ago

          How good a journalist he is is debatable. His ethics as a journalist may be debatable. His status as a (possibly bad, possibly unethical) journalist is much harder to debate: he set up a way to have information, which he then made public. Sounds like journalism to me.

        • Synaesthesia 21 hours ago

          People say this on this basis of hearsay, like he “selectively released documents” for which there is no evidence.

          • slg 20 hours ago

            One huge ethical red flag for Assange and Wikileaks is their view on redacting documents. They published numerous details that a traditional journalistic outlet would never make public include the names of informants. This almost certainly resulted in people being killed.

            • BeetleB 19 hours ago

              > They published numerous details that a traditional journalistic outlet would never make public include the names of informants.

              Valerie Plame would like to have a word with you.

              If we keep going down this road we'd end up with No True Scotsman. The reality is "traditional" journalists have done this - Assange is not an outlier in this regard. If we tolerate the "worst" of the traditional (which US society clearly does), then we can't use this as an argument against Assange.

              • slg 18 hours ago

                >Valerie Plame would like to have a word with you.

                I probably shouldn't have used the word "never", but the fact that the Valieria Plame reveal was such a big deal is basically the exception that proves the rule that it is highly unusual for a journalist to reveal this information.

                Assange is certainly an outlier in the number of people who he exposed and the reason for exposing them. He reportedly said on the issue that "they're informants. So, if they get killed, they've got it coming to them. They deserve it." [1] Maybe you think that is a No True Scotsman argument, but I really can't imagine a well respected journalist showing such a complete lack of concern for human life. A traditional journalist would generally required some reason of tremendous value to justify putting those people's lives at risk. Assange's reasoning instead appears to be "They deserve it."

                [1] - https://en.wikipedia.org/wiki/Afghan_War_documents_leak#Info...

                • BeetleB 16 hours ago

                  > but the fact that the Valieria Plame reveal was such a big deal is basically the exception that proves the rule that it is highly unusual for a journalist to reveal this information.

                  It was a big deal because people wanted to score political points, not because of a breach in standards. The more relevant point is the standing the journalist still had in society - he did not lose his job for it, let alone be prosecuted for it.

                  The quote you provide is taken out of context - at least from the Wiki page it is not clear if he is referring to the names that were leaked, as opposed to the ones that they ultimately decided to redact. I suspect the latter because it says "initially refused".

                  > but I really can't imagine a well respected journalist showing such a complete lack of concern for human life.

                  When you add the "well respected journalist", we really are in No True Scotsman territory. If all you mean to say is "He is a lousy journalist," then we have no disagreements. Without that qualifier, have you thought about extreme views held by existing, famous journalists? How much of an outlier is Assange compared to other "extreme" but established journalists?

            • Synaesthesia 19 hours ago

              To my knowledge nobody has ever died as a result of what they have reported. They do careful redaction.

    • madengr a day ago

      Snowden also leaked everything he had. It certainly was not targeted.

      • wolco 21 hours ago

        Everything was 100% vetted through two respected journalist. They decided what to leak and when and what to protect. Very well done by any standard.

        • monocasa 19 hours ago

          And those journalists even gave a heads up to the DoD in case there was a compelling reason on that end to redact that they didn't realize.

      • roywiggins a day ago

        He leaked it all to journalists he trusted to make decisions about how, when, and what to publish. It's not quite the same.

    • wallace_f a day ago

      You are right that Snowden deserves special recognition, but not at the expense of Assange.

  • GuB-42 21 hours ago

    I think the administration screwed up massively in more ways than one.

    - They conducted illegal, and most likely ineffective surveillance. I mean, if they have as huge watchlists as it is claimed, they can't reasonably watch very closely.

    - A subcontractor named Snowden, managed to leak a lot of secret stuff. And while it is the most memorable instance, it is not the first serious leak.

    - They failed at damage control. The couldn't cover up, discredit, etc... While there is a debate on whether Snowden is a hero or a traitor, no one seem to question the truth of the leaks themselves.

    - They couldn't catch Snowden, or found a way to get him to come back home. He is now with the Russians.

    Being a believer in the Hanlon's razor, my hypothesis is that the NSA has become a bloated administration. Focused more on their budget and jobs than national security. Massive surveillance is just a way to keep them busy. Snowden's leaks and their aftermath actually tell two things: the extent of surveillance, and incompetence.

    • empath75 15 hours ago

      They also completely failed to detect and stop russia’s election interference and if they can’t do that why do we even have an NSA?

    • ceejayoz 21 hours ago

      > And while it is the most memorable instance, it is not the first serious leak.

      This is a key bit. Snowden was able to basically walk immensely sensitive data out the front door, and we may only know about that because he told us.

      How much stuff makes the same journey into the hands of intelligence agencies instead of journalists?

  • MiroF a day ago

    To the contrary, I think the fact that you think both Snowden and Assange are Russian agents demonstrates that the administrations response was actually quite effective.

    • baron_harkonnen a day ago

      I was going to say exactly this. It's amazing how many Americans honestly think it's clear that Snowden is a "bad guy" because he's close to the Russians. Likewise Assange was pushed into a position that made him very unlikable to the US center-left (he could have probably played his hand a bit better). So mainstream American's are distrustful of both and pretty much everyone hates Assange.

      • stjohnswarts a day ago

        There are lots of us who aren't though. The Russians gave him safe haven and I'm guessing it was the only big country at the time that would do so and challenge US hegemony. As much as I hate them for hacking and influencing our elections I recognize Snowden's decision made logical sense. Any smaller country would have rolled over and turned him over to the US.

      • wannabcodr a day ago

        If you examine what Ed Snowden leaked, it’s clear he was trying to do significant damage to the NSA. Much or most of what he stole and was leaked was unrelated to domestic surveillance. Much of it revealed our overseas activity. It’s difficult to see how any of it was to the benefit of Western interests.

        • stjohnswarts a day ago

          He wasn't "just trying to damage the NSA", he was trying to get the truth out about surveillance, the fact that the NSA was damaged was tangential and they shouldn't have been spying on US citizens. The NSA and other gov police entities were basically breaking half the dictates and the entire spirit of the US Constitution.

          • slg a day ago

            What are the motives for leaking information regarding our actions on foreign soil against foreign citizens? I was a big fan of Snowden until he started doing that. That isn't whistleblowing against Constitutional violations and seemed to indicate a shift in his objectives. It now appears that he is just against US spying at large, which is a perfectly acceptable political opinion to have, but it doesn't justify whistleblowing in a lot of people's minds.

            • reallydude a day ago

              > What are the motives for leaking information regarding our actions on foreign soil against foreign citizens?

              1. Removing plausible deniability. "Well we might be deeply involved in domestic surveillance but we certainly don't do it outside the US!". The laws that enabled the NSA to do the surveillance were attributed to accessing data that traveled outside the US.

              2. Demonstrating the power and reach for legitimacy/plausibility.

              I'm sure I can come up with more than the first 2 minutes it took to assemble this post.

              https://youtu.be/XEVlyP4_11M?t=822

              • slg 21 hours ago

                1. They don't need plausible deniability because they wouldn't deny they are spying on foreign nationals. Every world power spies on foreign nationals. The controversy that Snowden revealed is that they are spying on their own citizens, spying on foreign citizens is already known and accepted as a reality of modern politics.

                2. No one was really questioning the plausibility or legitimacy of the documents Snowden released (there was some challenges on the interpretation of those documents) and revealing unconfirmed and unrelated intelligence operations does nothing to confirm the information about the domestic operations that he released.

                • reallydude 21 hours ago

                  SMH

                  Your assurances that you know what the NSA (or proxy) would reason is laughable, for example. You have a view that he's a bad actor and it doesn't matter to me, other than it's a trivial thought experiment to justify his actions. GL

            • abugheratwork a day ago

              > What are the motives for leaking information regarding our actions on foreign soil against foreign [human beings]?

              Which side of an imaginary line you were born on should not determine your rights. If he leaked documents about operations against Americans, and then also about operations against foreigners, in my mind he did the same thing twice.

              If there was another difference, like spilling the location or identity of a person likely to be at risk, please spell that out. I have yet to see an example.

              • slg 21 hours ago

                >Which side of an imaginary line you were born on should not determine your rights.

                That is what I am talking about as a "perfectly acceptable political opinion", but it is not an opinion that is based off any laws. Almost no mainstream political figure would share that opinion and therefore if that is the basis of Snowden's arguments, it isn't a wonder why he was treated harshly by the mainstream political system. Foreign spying is an accepted aspect of modern life. I totally understand if you think that spying in unethical. But Snowden would have been received much more favorable if he simply focused on the domestic spying operations which are largely unpopular rather than also revealing the foreign operations which are mostly accepted as necessary by the general population.

              • wannabcodr 21 hours ago

                Just the fact that, at the time in 2013, a large amount of unknown data was stolen and shared with foreign powers by someone with such privileged access was certain to have catalyzed risk adjustments to global operations, including down to the level of specific human assets. Without a doubt, those in the military are informed that Snowden absolutely did real damage to operations. I’ve heard this in person from multiple military officers. Casualties aren’t going to be discussed.

                Snowden’s leaks clearly benefitted adversaries of the NSA:

                * domestic global powers such as goog and fb were able to lock down their customer data, which has the downside of shifting unchecked power to those entities

                * foreign powers of the us now had confirmed intel on usa’s global intelligence gathering playbook and adjusted accordingly

                Additionally, we can perhaps gain insight to any potential upsides or downsides of the proliferation of civil libertarianism that is directly attributable to the actions of Ed Snowden. I do believe personally that the first global superpower (whether the CIA and Google, China, etc) that obtains a way to break all current encryption (and has all of the pcaps) will have a huge upper hand in understanding social effects of this movement of the late 2010’s.

                • monocasa 19 hours ago

                  > Without a doubt, those in the military are informed that Snowden absolutely did real damage to operations. I’ve heard this in person from multiple military officers. Casualties aren’t going to be discussed.

                  They said the same thing about Chelsea Manning, then in her trial the prosecution finally admitted that they couldn't actually point to any casualties.

            • tasogare 21 hours ago

              As a European citizen I’m very glad that Snowden reveled the depth of US surveillance over the world. It may have not benefited US citizens, but it had removed US surveillance from conspiracy theories to put it on a list of facts and I’m very glad for it.

            • stale2002 a day ago

              > What are the motives for leaking information regarding our actions on foreign soil against foreign citizens?

              Because many of the spying actions were against Americans. Did you not read the leaks?

              • slg 21 hours ago

                Sure, I read them. Many of them were about operations against US citizens. However, not all of them were. Here[1] is one example that comes to mind. That story in this leak is interesting, newsworthy, had serious repercussions, and was potentially unethical for the US government to do. However it is also exactly the type of thing everyone expects the NSA to be doing and it doesn't involve the spying on any Americans. This is the type of leak that will ensure that Snowden isn't embraced by the US government.

                [1] - https://www.theguardian.com/world/2014/aug/13/snowden-nsa-sy...

                • stale2002 19 hours ago

                  > However, not all of them were.

                  Ok, but many were. Therefore it is a problem.

                  And spying on Americans is something that many people have a problem with.

          • fouric 21 hours ago

            Your words do nothing to counter the argument of the comment you were replying to. The fact that the vast majority of the documents leaked were completely unrelated to domestic surveillance is as strong an indicator as we can get that he was specifically trying to damage the NSA, and any claims otherwise are PR.

            • smhost 21 hours ago

              drone strikes on people based on heuristics over metadata was the kind of logic that was operating at the highest levels of the intelligence apperatus, and not even congresspeople assigned to intel committees were aware of it.

              people should know about the kind of insane stupidity that they get up to overseas that make the country less safe. or what, do you really think that that kind of stuff is what's keeping the terrorists from doing another 9/11?

              • fouric 21 hours ago

                This is a strawman, and isn't relevant to my argument at all. GP of my original comment never made the claim that the NSA/US weren't doing bad stuff (outside of domestic surveillance), only that Snowden was trying to damage them.

      • drak0n1c 20 hours ago

        Clapper and Brennan (the ones who were in charge and bungled the Snowden and Assange cases) being hired on by major networks as pundits is apparently enough to shift the narrative.

      • AndrewBissell a day ago

        I love that Trump's DoJ hounding Assange into British custody and unsealing a huge indictment against him has done nothing to shake many Democrats' faith that Assange is some kind of Trump/Putin stooge.

    • roywiggins a day ago

      Calling him an "agent" is silly, but Snowden is living in Moscow at the pleasure of the Russian regime. It's hard to believe he's entirely free, or even substantially free, to do what he wants.

      It's pretty clear he never wanted to end up there. The US definitely screwed up by leaving him few other options. He's not an agent of Moscow, but he's not a free man either.

      • slim 18 hours ago

        He's probably as free as he could be. Certainly more free than in US. Russia is scoring against US by simply letting Snowden live free. Then even if it will be hard for you to believe, some countries grant asylum to asylum seekers, simply to comply with international treaties

      • giancarlostoro a day ago

        This right here is what I believe. He isn't there out of choice, he is there out of a lack of options.

      • MiroF 11 hours ago

        I think Russia has a lot to gain by letting him live freely

    • option a day ago

      this. the public in US is so easily brainwashed it is actually very scary. Having lived in an oppressive state USSR and now in USA I find too many alarming similarities :(

  • not_a_cop75 a day ago

    An agent? No. But friendly towards those friendly to him? Who in the world doesn't do that?

    After all, the enemy of my enemy is my friend.

    • roywiggins a day ago

      I don't know about friendly. If you're wanted at home, and living in a foreign country at the pleasure of the local regime, there's going to be hard limits on what you're allowed to do without consequence.

    • JKCalhoun a day ago

      > But friendly towards those friendly to him? Who in the world doesn't do that?

      I feel you underestimate people's intelligence — assuming that everyone can be played with a simple overture of friendliness.

    • EpicEng a day ago

      Seems like a difference without a distinction, and I'm not even sure it's correct. If he's acting in the interest of Russia, he's a Russian agent.

      • mLuby a day ago

        The distinction is responsibility. If he were operating under orders from Russia, Russia bears ultimate responsibility for his actions. If they have no control over him and his actions merely benefit them, he bears responsibility for his own actions.

      • not_a_cop75 a day ago

        Going by that standard, 95% of all Russian peasant farmers are "Russian Agents" and that's pure ridiculousness from any angle.

        • EpicEng a day ago

          >Going by that standard, 95% of all Russian peasant farmers are "Russian Agents" and that's pure ridiculousness from any angle.

          Oh please, you're the one being ridiculous. I think we all know there's a line between farming for the good of civilization and actively working to push an agenda. C'mon.

          • not_a_cop75 a day ago

            I suppose that all the South African farmers that moved to Russia to avoid getting killed over politics by savages are also Russian Agents.

            https://www.thesouthafrican.com/news/land-expropriation-russ...

            • EpicEng a day ago

              If the subsequently worked at the behest of the Russian goverment to push their agenda, yes. Honestly are you even reading what I'm typing?

              • not_a_cop75 21 hours ago

                Well, then I suppose it was indeed a PR stunt for the Russians to accept South African farmers, and they are according to your logic indeed Russian Agents! That is assuming a PR campaign pushes an agenda, and I would argue it does.

                • EpicEng 21 hours ago

                  There is a difference between and unwitting pawn, especially in a circumstance like that, and someone who acts with full knowledge as to what they're doing. I don't understand why this is difficult.

                  • not_a_cop75 20 hours ago

                    It's never an either/or. you're presenting a false dilemma.

  • luxuryballs 20 hours ago

    Hold up, where did you get the idea that Assange has at any time worked for “the Russians”? It seems like he’s stuck to his guns and his convictions on Wikileaks without any misstep. There was never any indication that he had a change in loyalties or that the quality of Wikileak’s content had changed, was there?

  • knightofmars a day ago

    When those tasked with enforcing the rules take a punitive approach as the default, loss of a potential asset is the most likely outcome.

  • stjohnswarts a day ago

    Yeah it would have been an opportunity for Obama to shine but alas he didn't. Just the mediocre, status quo President that we elected. In retrospect, I'll take him any time over our current Mango Mussolini.

    • bsimpson a day ago

      People spend so much time patting themselves on the back for electing the First Black President - who was witty, looked leader-ly on TV, and wore a (D) behind his name - that they totally let him off the hook for so many abhorrent policies, like mass surveillance, drone assassinations, and the way he mistreated the biggest whistleblower of our time.

      It's so disappointing how few people seem to have complex thoughts about our political system/politicians, and it shows in the ever-decreasing quality of those things as time advances. Bandwagons are dangerous, and it seems we only have bandwagons left.

      • goobynight a day ago

        Obama is the equivalent of a SWE candidate that only studies Leetcode and interviewing tactics.

        People thought everything else (e.g. the substance of the job) would be on the level of his oratory skills, but it turned out he was just some guy that knew how to get votes.

  • SlowRobotAhead a day ago

    >I think the administration badly, badly mishandled [whistleblowers]

    Yes, but by design. Other than passing lip service towards transparency. The fact is Obama admin actively sought to silence them. I know this isn’t popular because HN won’t want to hear anything bad about Obama, but it’s a fact.

    In the seven years of Obama's presidency, the administration launched a record number of cases against those who revealed what the government wanted kept secret. Under Obama, eight whistleblowers have been prosecuted under the World War I-era Espionage Act, more than under all other presidents combined.

    Sources abound; pick your favorite.

    • treypitt a day ago

      Agreed. one of the most illuminating aspects of the Obama administration was the divergence between great tolerance for corporate whistleblowers on the one hand, and animosity toward government whistleblowers on the other.

      Also, people cite the "more than any other administration" argument frequently, especially in media, but rarely think to mention the small sample size. nice work!

      • SlowRobotAhead 20 hours ago

        Yea, there is a special handling of that whole line. More than any other administration - doesn’t seem like much. And the qualifier that we’re talking about 8 makes it seem less important.

        However, those 8 people also the qualifier of “combined” where the sum of people charged with espionage until Obama was less than 8 people total, and then he comes in and exceeds that. No one should believe that from 2008-2016 we had some resurgence of traitors to the country. Just people charged as such in most cases for doing the right thing overall.

    • knightofmars a day ago

      To put my views into this perspective. Am I glad that Snowden and others leaked information on government programs? Yes.

      That said, I think it's amusing when people need to call out "Under president <whomever>'s administration..." as if it makes a point by itself and implies something directly about the president that was named. Let's not pretend here, that's exactly what you were doing. Using this same logic, I hope you blame George W. Bush's administration entirely for the 2008 recession. I want to be clear, I'm not pretending that the sitting president's policy decisions and other influences don't have an effect. But inherited legacy, context, and the surrounding details play a huge role in how these things play out.

      First, the people you are talking about (Thomas Drake, Shamai Leibowitz, Chelsea Manning, Donald Sachtleben, Stephen Kim, Jeffrey Sterling, John Kiriakou, Edward Snowden) all have different circumstances surrounding their cases.

      Second, they all stepped forward roughly around 2009 and later. Most gathered the information they leaked between 2000 and 2008 working on programs for the CIA and NSA. They all leaked information that wasn't supposed to be leaked. The default in our government is to handle that with punitive measures. If they had stepped forward during any other presidency would the outcome have been the same? Yes.

      Third, alluding to some sort of hypocrisy with regards to transparency when talking about intelligence programs initiated by the CIA, FBI, NSA, etc is ironic. Just because an administration wanted to embrace transparency doesn't mean it's fine to free-for-all leak information from those agencies.

      • areyousure a day ago

        > They all leaked information that wasn't supposed to be leaked.

        What did Thomas Drake leak that wasn't supposed to be leaked?

        > If they had stepped forward during any other presidency would the outcome have been the same? Yes.

        Kiriakou in fact stepped forward in December 2007. The Justice Department under Bush did not pursue him, and it was explicitly the Justice Department under the Obama administration that did so.

        Similarly, Jeffrey Alexander Sterling was in contact with a journalist during the period 2002--2004 (for a book published in January 2006), but his prosecution was also led by the Obama administration.

      • SlowRobotAhead a day ago

        >[all had difference scenarios and different times]

        Yet all were charged by the Obama Admin, for something people largely agree with and in most scenarios exposed government breaking the laws they themselves set.

        As to your argument it doesn’t count because Obama didn’t put the cuffs on them himself - no, it was only Holder and Lynch who did the actual work, who directly reported to and were appointed by Obama himself.

        I wonder if you would apply the same “AG autonomy” to decisions Sessions or Barr have made where those don’t reflect or implicate direction from Trump?

    • chiefalchemist a day ago

      Yeah. Never post any facts about the BHO admin on HN or you'll be down-voted. It's amazing how many people have been sucked into the smooth and confident talk (and the complete lack then of media fueled outrage). Too many people's confirmation bais forces them to forget that actions speak louder than words.

      If DJT did even half of the questionable things BHO did there would be blood in the streets. Point that out? Down vote!!!

      God bless George Orwell. The guy nailed it.

      • rosser a day ago

        To be clear, I downvoted both your and your parent's comments, not for saying disparaging things about Obama, his record, his hawkishness (many of which criticisms I quite eagree with), or anything otherwise negative about him, but rather for saying that HN is a place where that stuff is wrongthink.

        Disagreement isn't persecution.

        • chiefalchemist a day ago

          > "...disparaging things about Obama..."

          When we start using the word disparaging to describe facts and truth we are ALL in a lot of trouble. So as well-meaning as you believe you might have been with your downvote, you wording has only confirmed the general problem / bias.

          Irony that just pointing these things out will get more DVs is Chapelle-funny.

          • rosser 21 hours ago

            So the part where I actually agree with many of the concerns about the man and his administration is ... what? Noise? Doesn't matter, because I didn't use the "right" word?

            Real talk: we haven't even begun unpacking the ironies here, dude.

            EDIT: No, that's not an invitation. This conversation isn't going anywhere useful to anyone, and I have both a meeting, and deadlines. Have a good day.

            • chiefalchemist 14 hours ago

              There you go again. It was you who used the word disparaging, not me. Plenty of words to pick. You picked that one.

              I point out that truth.

              I point out how that further proves the point I and the parent were making.

              You get all bias'ed and upset (read: subjective) and try to paint me and the facts as the bad guy.

              Don't you recognize the downward spiral of your "logic"?

              Thx for taking the time to vindicate the original theory (on NH "inconsistencies").

              • rosser 13 hours ago

                Okay, then. Why is "disparaging" such a terrible word to have picked?

                Let's start there, and we'll our way 'round to logical "downward spirals"...

        • chiefalchemist a day ago

          So you downvoted _my_ experience? -Time and again? On NH? Because my experience is "wrong"? Oh. I see.

          I wish had a reply for that but I can't even get my head wrapped around the irony and the absurdity.

          • rosser 12 hours ago

            You might be having trouble wrapping your head around the thing, because the thing you're trying to wrap your head around is completely different from what I said.

            To be clear, then: I did not downvote your experience. (I'm not even sure what that means. Can you explain?) I downvoted the counterfactual conclusion that you've drawn from your experience, and then crowed condemningly at the community.

  • 9HZZRfNlpR a day ago

    This sounds awfully similar how Western governments singled out the so called communists. If you don't support war and actively protest against in the Middle East does not make you an agent for isis or Muslim brotherhood.

    If he was an agent the Muller investigation would have revealed it. It doesn't say so in the paper that is public, I actually read the whole thing.

    You're an agent if you get orders from Kremlin, people's interests align often with different people, hence the world and politics is complicated.

  • make3 a day ago

    I believe he is a hero and did the right thing, but I think there is no way the US could do anything but try to put in prison someone who illegally made state secrets public. That would have set the precedent that anyone with secret bad looking intelligence about the US would be safe to come out with it. Turns out I'm sure that there is a lot of intelligence that looks quite bad for the US.

    • godelski 21 hours ago

      There are in fact whistleblower laws. The big question at hand is how it was handled. Snowden claimed to go to his superiors first, which checks off an important box. So the question is if he did that or not. I believe he was also supposed to attempt to report to Congress before he can legally go to the media. It's definitely a gray area and if you believe it is right probably depends on how much you trust the government and moral factors.

      • make3 20 hours ago

        I believe he did the right thing, I probably should have made that more clear. I also understand why the government still can't possibly treat him in anyways but as a traitor

        • godelski 19 hours ago

          I think he did the right thing too (though maybe not the best way, but that's a completely different argument). But I don't think you have to treat him as a traitor. We're a society that values democracy. A branch that is over reaching should be realed in. We've done this is the past. I think the framers very much understood that democracy is always a balancing act. One that must be continually fought for. I think anyone who really has looked into democracy clearly see this. I think we've just lost sight of that (I'm talking about a lot more than Snowden though)

pdm55 a day ago

Another new book just published on data privacy: Tools and Weapons: The Promise and the Peril of the Digital Age Hardcover – September 10, 2019 by Brad Smith (Author), Carol Ann Browne (Author), Bill Gates (Foreword) https://www.amazon.com/Tools-Weapons-Promise-Peril-Digital/d...

  • dredmorbius 20 hours ago

    The contrast between Brad Smith's title, and Gates's The Road Ahead (1996), speaks worlds.

    (Gates writes a foreward to Smith's book. I've not yet seen it.)

mengibar10 a day ago

I wonder what if he would mention anything about 5G in the book. As far as I understand, all the fuss US making against Huawei is actually due to its (future) crippling of its eavesdropping capability. Not that 5G is a panacea for that but Huawei is augmenting their equipments against such attacks, and they will be the main supplier.

  • cwkoss 20 hours ago

    This is interesting. Does anyone have further reading to recommend about this?

einpoklum 17 hours ago

A bit ironic that it's suggested to us to buy the book through Amazon, a cloud services provider for the CIA (and otherwise shady mega-corporation)

See: https://www.theatlantic.com/technology/archive/2014/07/the-d...

  • autoexec 16 hours ago

    Amazon controls so much of the internet that it's increasingly hard for anyone to avoid them. The deal they struck is far more involved than your typical company using AWS, but I wouldn't look to Amazon's customers to make any assumptions about Amazon's motivations beyond their lust for more money.

    The reality is that this book doesn't pose any meaningful threat to the US government's mass surveillance programs and having impotent critiques of the US Government openly available as opposed to outright banned gives us a false sense of security in our freedoms.

eeZah7Ux a day ago

We were called "paranoid lunatics" even when we started speaking about ECHELON in the '90ies.

Same with the clipper chip. Same with TPM/DRM/ME. Same with Internet centralization.

It's worth asking why the general public keeps trusting authorities and distrusts techies, even those among us with a career in security.

  • berdon a day ago

    The answer seems straight forward. The term "authorities" comes with the assumption that they're the ones "leading". We've been taught for most of our lives the person up-front (parent, teacher, president) is always right and the vast majority of people won't question that.

  • vaylian a day ago

    Good question. There are probably similar psychological mechanisms at play when you try to explain to smokers why their habits are bad.

  • qroshan a day ago

    I'll trust techies the day they actually are in the job of protecting people and have to deal with real danger of bad actors continuously trying to blow up Western democracies.

    It's funny the tech/security/sysadmin guys complain that their work is appreciated only when things go wrong, but fail to give the same benefit of the doubt for US law and order.

    • Forbo a day ago

      You mean this "US law and order"?:

      Myron W. Orfield, Jr., Deterrence, Perjury, and the Heater Factor, supra note 13, at 83:

      > Respondents, including prosecutors, estimate that police commit perjury between 20% and 50% of the time they testify on Fourth Amendment issues.

      It should also be noted that many of these respondents did not consider lying at a suppression hearing perjury, infra text accompanying note 47, which would have the effect of deflating these percentages.

    • stjohnswarts a day ago

      Maybe the "US law and order" shouldn't be acting like Stazi all the time and spying on citizens and tracking them without warrants.

    • AndrewBissell a day ago

      The FBI sat on incriminating info about Epstein for years and even still has yet to raid his New Mexico ranch for evidence. Given that he had damaging info on many people with their hands directly on the levers of power in "Western democracies" you'll have to excuse my skepticism that these agencies are acting in the interest of their common people.

dblohm7 a day ago

Are his broken glasses just a prop at this point? Dude, you can buy new frames in Russia!

terrycody 10 hours ago

the 1st humanity king, we should remember!

Clubber 18 hours ago

Just in case you read this, thanks, Edward Snowden. You left it all on the line to help us. The fact that we're still talking about it 6+ years later shows it's importance.

YeahSureWhyNot 21 hours ago

Snowden is being prosecuted for being first to reveal things that everyone knows now

OrgNet a day ago

anyway to avoid the middle man ?

  • simsla 17 hours ago

    Email him? He might send it to you for free. Or just pay the middleman, and he'll get paid too.

ordinaryperson 17 hours ago

Unpopular opinion destined to attract downvotes but: IMHO the NSA spying program was outrageous...for the colossal waste of money and time it was.

First, if you're really worried about privacy, why is it not a DEFCON 1 outrage that state DMVs are selling your info to private investigators? [1] Or if you're really worried about your personal liberty, isn't your local police force a greater threat then NSA eavesdroppers?

Back in 2013 the NSA claimed it was spying on 29 petabytes of internet data (out of 1826) a day [2], or 1.6%. That's both a trivial amount of overall traffic and an insanely large dataset at the same time (since it accumulates every day).

Isn't a big chunk of that traffic encrypted? Even if it's not, how do you find terrorists in that data? Do they self-identify? Even if they use a trivial substitution cipher ('cupcakes' instead of 'bombs') it would evade these billion-dollar supercomputers.

To me the NSA's spying program was security theater akin to airport security: expensive machines that don't even catch terrorists. They fail their own internal tests 95% of the time! [3]. I personally would like to know what algorithms the NSA was using to successfully identify terrorist data in exobytes of (possibly encrypted) datasets. Sounds like billions spent on airport scanners to me.

Finally, on a political level, Snowden seems like a massive hypocrite to me for hiding in China, which harvests the organs of political prisoners [4] and Russia, which routinely assassinates political opponents and journalists [5]. But he's mad that what, the US was reading his Gmail?

I realize he's super popular among the HN crowd and the libertarians for whom all gov't surveillance is evil but I, for one, am not a Snowden admirer. Downvote away.

[1] https://www.vice.com/en_us/article/43kxzq/dmvs-selling-data-...

[2] https://www.zdnet.com/article/nsa-hunger-demands-29-petabyte...

[3] https://www.nbcnews.com/news/us-news/investigation-breaches-...

[4] https://www.nbcnews.com/news/world/china-forcefully-harvests...

[5] https://www.thedailybeast.com/russia-shows-us-what-happens-t...

xparco a day ago

Snowden is a cartoon psyop like Manning and others. They give hope to cubicle slaves.

milquetoastaf a day ago

Snowden will absolutely be revealed as a HUMINT asset.

I am extremely grateful for his revelations but I always found his justification for his actions to be rather flimsy.

He worked as a CIA operative and then NSA contractor helping build global surveillance infrastructure (as well as allegedly designating targets for its use) but only realized his actions were unethical because they spied on US citizens and lied about it? What about all the other people he spied on or stripped of their privacy and rights? They don't count because they weren't born on the right soil? Suddenly lying becomes an ethical issue for someone who worked in the espionage world...

He took a lot more documents than just the NSA surveillance disclosures. Thousands of emails, IMs, and other correspondence between DoD officials unrelated to NSA that blew several agents cover. These fell into the hands of Russian and Chinese agencies..somehow

pastor_elm a day ago

This guy is such a fame hog. Do you really need a full page face shot on the cover of your book? C'mon dawg.

As a side note, I wonder if he feels obligated to keep the stubble goatee since it's part of 'his look.'

jonahbenton a day ago

I really only want read the story told by Snowden's bank accounts and use of cash. Pretty sure this isn't that.

  • unionpivo a day ago

    Why?

    from your tone you obviously already think you know the answers.

  • hdfbdtbcdg a day ago

    What are you implying?

    • jonahbenton a day ago

      Sources and uses of funds are a much more reliable indicator of who someone is, who their friends are, and what they believe than the stories they publicly vocalize to themselves and others.

      • efdee a day ago

        What are you implying, really?

        • jonathanstrange a day ago

          It doesn't matter what he says anyway. You'd need to see his bank account to get the real picture.

          • hdfbdtbcdg a day ago

            Are you implying you've seen it?

            • jonathanstrange a day ago

              I'm being sarcastic. By "he" I mean jonahbenton's bank account.

        • sigzero a day ago

          That he is indeed a traitor maybe?

        • jonahbenton a day ago

          From the perspective of the American experiment in democratic rule of law, my feeling is that Snowden's work has had both positive and negative impacts. Maybe net positive because of increased scrutiny over the natsec apparatus and elevation of "privacy" from a govt perspective (though IMV corporate invasions of privacy are far more profound and impactful and have only deepened); net negative because of the increase in chaos and distrust in governing (I see a direct line from Snowden to Trump).

          It's one thing if these are the ebbs and flows of an open society.

          Many people in the natsec apparatus- yes, at the institutional level attacked by Snowden- have counterclaims that Snowden's narrative of his actions and motivations is incomplete, that there is more to the story, that there are other reasons he lives now in Russia, which is not an entity that is conducting an experiment in democracy.

          To put Snowden's work in better perspective, I would like to see- his use and sources of cash. That's all. And that's not this book.

  • olegious a day ago

    Not sure why you're being downvoted. Even if I don't believe that Snowden is a Russian agent, I think that is a fair question. The point you make about the sources and uses of cash telling the truth about someone is a great one not only within the context of Snowden.

    • newsgremlin a day ago

      Has US intelligence actually claimed Snowden is a Russian agent? People keep saying he is a traitor, but not whether he was always a spy or had been recruited directly by the Kremlin. All that is being fueled by media speculation.

      There is also the likely possibility he didn't expect to be awarded a medal for uncovering the US governments own surveillance program on its citizens.

      • jonahbenton a day ago

        People who claim to have been inside USINT have been vocal about Snowden being an "op". See eg

        https://www.google.com/amp/s/20committee.com/2016/07/02/the-...

        Grains of salt with all of this of course. Even if you trust people like Schindler what they mean by "agent" and "op" is going to have significant nuance.

        Web of trust, shared semantics, and personal priors especially hard to reason about here, IMV.

    • dredmorbius 20 hours ago

      Unsubstantiated, repeated, insinuated character assassination plays poorly on HN.

      Especially in face of repeated requests for clarity and/or specifics.

      The initial question might have passed muster (I'd considered giving it the benefit of the doubt). Reading the rest of the thread, it fails badly.

  • CriticalCathed a day ago

    I really only want to read the story told by your bank accounts and use of cash. How else can I believe your criticism isn't funded by the intelligence agencies?

    • wannabcodr a day ago

      A comment on hacker news hardly raises suspicion of state sponsorship.

onetimemanytime a day ago

IRS is counting your book sales Edward, CIA and FBI might be the least of your worries ;)

  • apercu a day ago

    <RANT>US expatriates are the only expats in the world that have to file annual taxes (and report foreign bank accounts). It's ridiculous for most of us (99% are not tax exiles or tax evaders, we just left the USA for our own reasons). </RANT>

    I wonder if Snowden files taxes?

    • packet_nerd a day ago

      Don't even get me started....

      In many countries it's hard or near impossible for US citizens to get bank accounts and other financial services, I guess due to them not wanting to deal with reporting requirements? Europeans, Aussies, and pretty much everyone have it way easier. Makes me so mad.

      • cynwoody 21 hours ago

        A few years ago, the IRS came after Boris Johnson, then the mayor of London, now the PM, for taxes on the gain from the sale of his house in London. He was born in NYC, you see, making him an American citizen. He ended up paying the tax and renouncing his US citizenship.

        https://www.forbes.com/sites/robertwood/2015/02/15/savvy-lon...

      • buckminster a day ago

        Ha. My ancient mother, who is English, was conducting some mundane transaction in an English bank the other day when the teller asked her "You're not American are you?". She was so surprised she didn't know what to say.

        AIUI, it's not just reporting requirements but the potential for massive fines that's driving this.

    • rendall a day ago

      The astonishing thing is that foreign banks are compelled to report your banking activity to the IRS

    • teddyuk a day ago

      Can you give up your american passport and then stop or do you have to do it for the rest of your life?

      • ummwhat a day ago

        It costs over a grand to quit the club known as "citizenship" you're going to want citizenship in wherever you reside first when you give up US citizenship (you could choose to be stateless, but that makes more problems than it solves). Doing this does not absolve you of existing debts in the eyes of the IRS. And finally, you'll be interviewed at the consulate and if your stated reason for giving up citizenship is "the overseas tax thing", you'll be denied a visa if you ever want to visit the US again.

        • mathieuh a day ago

          You can choose to be stateless? I thought I've read in UK media that countries are not allowed to make a person stateless. This is in the context of ISIS fighters with dual-nationality, these people are having their British citizenship stripped.

          Caused a bit of a hoohah with the Canadians.

        • mosselman a day ago

          Did you actually mean 1.000.000 (a thousand grand) or did you mean 1000.

          > you'll be denied a visa if you ever want to visit the US again.

          Do you have a source for this?

        • Intermernet a day ago

          Apparently, you can run for any government office in a foreign state and it immediately nullifies your US citizenship. I have only heard this as rumour, and I don't have time to confirm / deny this, but it may be worth looking into.

          • jonwachob91 a day ago

            You don't have to look that hard to find that this is not true.

            Boris Johnson (the UK Prime Minister) was a US citizen until sometime in 2016. His UK political office roles until then included serving as a MP (2000-2008), Mayor of London (2008 - 2016), and UK Foreign Secretary (2016 - the time he relinquished his US citizenship). Reports indicate that he gave up his US citizenship to avoid the IRS taxing him.

          • justforyou a day ago

            >> I don't have time to confirm / deny this, but it may be worth looking into.

            Then why take the time to post it?

            • mlrtime a day ago

              Because it is a interesting avenue to investigate if someone wants to know more.

              • dymk a day ago

                Well you’re wrong so there’s that. You can’t give up your citizenship as a result of running for a foreign office.

                • justforyou 19 hours ago

                  >> Because it is a interesting avenue to investigate if someone wants to know more.

                  Seems like an assumption about the value of other people's time vs. your own.

          • Keverw a day ago

            I've heard of this too. This talks a bit more about it https://travel.state.gov/content/travel/en/legal/travel-lega... and also https://travel.state.gov/content/travel/en/legal/travel-lega... that mentions more different ways.

            For some cases it sounds like only if you have the intention of giving up your citizenship, then you have to get a "Certificate of Loss of Nationality". But I'm not a expert in this area, but I can see where this idea is coming from.

              Such employment, however, will result in one's 
              expatriation only if done voluntarily with the intention 
              of relinquishing U.S. citizenship. Running for foreign 
              office, even foreign head of state, is not a potentially 
              expatriating act; only accepting, serving in, or 
              performing the duties of a foreign office are potentially 
              expatriating as described above.
              
              The Department has adopted an administrative presumption 
              that U.S. nationals intend to retain their U.S. 
              citizenship when they naturalize as nationals of a 
              foreign state, declare their allegiance to a foreign 
              state, or accept non-policy level employment with a 
              foreign government.
            
            Also:

              The presumption that a person intends to retain U.S. nationality is not applicable when the individual:
            
              1. formally renounces U.S. nationality before a consular officer;
              2. serves as an officer in the armed forces of a foreign state engaged in hostilities with the United States; or
              3. takes a policy level position in a foreign state
              Cases in categories 2 and 3 will be developed carefully by a U.S. consular officer to ascertain the individual's intent toward U.S. nationality.
            
            
            
            Kinda confusing, but sounds like if you were elected prime minister of Canada (which would be policy level), then there's the presumption you wanted to give up citizenship, while working as a employee for the Canadian government such as driving the snow plows would be ok but things are reviewed by case by case.
      • yardie a day ago

        You can renounce citizenship. There is a large multithousands dollar "fee" to do so. And if they find out you did so to avoid paying taxes (ex. renouncing citizenship and then turn around to cash out some Bitcoin) they can still go after you for taxes.

        Most citizens never hit the threshold to actually pay except if you file from a known tax haven. Income up to $115k is untaxed and any other taxes you do pay are deductible.

        • rahimnathwani a day ago

          "Income up to $115k is untaxed and any other taxes you do pay are deductible."

          It's not as simple as it first seems.

          If you claim the foreign earned income exemption (FEIE) so you don't pay anything on the first $115k or whatever, then you can't claim a credit for all the taxes you paid in the country where you live. You can only claim a portion.

          So, if your income goes up above some certain amount, you're better off (lower US tax bill) giving up the FEIE so you can get a credit for all foreign taxes paid.

          But, if you do that, then you can't claim FEIE again within 5 years, unless you get special permission from the IRS. To apply for this permission (with no guarantee) you must pay a fee of a few thousand USD to the IRS.

        • lonelappde a day ago

          It costs about $400 per year in time and money to file a tax return, so a multi thousand $ lifetime exemption seems ballpark good price.

          • penagwin a day ago

            > $400 per year in time and money to file a tax return

            That number seems pretty high unless you have very complicated income (in which case you likely have a lot of money too)

            Also worth mentioning is that Foreign Income is taxed differently, so while you technically still have to pay taxes, I believe for most people who work mostly in a foreign country don't have to pay very much.

            • davidw a day ago

              > complicated

              Yes, like, say, having an accountant that can read and understand your taxes where you live in Italy and then use that information to file US taxes. And of course they'll need to understand the tax treaty between the two countries so you don't end up paying extra. Of course it's complicated and a huge pain in the ass! And that's with a relatively normal, stable, well-established country with a lot of US citizens living in it.

              I should add: $400 is also a bigger deal when you live somewhere and don't earn as much as a software developer in the US.

              • acollins1331 21 hours ago

                You do know you can file your own taxes for free (or very little $) online if you can read?

                • penagwin an hour ago

                  If you're a resident of the US with not too complicated income then this is true.

                  Working in a different country means you need to know _their_ tax laws, how much you need to pay the US, etc. It becomes complicated quickly, and if you're trying to minimize what you pay in taxes it's another story altogether.

      • easytiger a day ago

        You have to give up your passport. Boris Johnson (UK Prime Minister) did it a couple of years ago.

    • mieseratte a day ago

      > US expatriates are the only expats in the world that have to file annual taxes

      Did Eritrea cleanup their act?

    • microcolonel a day ago

      Yeah, it is a bit annoying, and I can imagine it is beyond a bit annoying if you are making income somewhere that doesn't have a treaty with the U.S.

      I thankfully don't get double-taxed here in Canada, but I'm pretty sure it's possible to have a marginal tax rate greater than 100% between U.S. Federal income taxes and some other systems.

      • navigatesol a day ago

        >I thankfully don't get double-taxed here in Canada

        I bet many of your fellow Canadian taxpayers (of which I am one) are not so thankful for this arrangement. Then again, I fall strictly in the "citizenship is a privilege, not a right" camp.

        • icebraining a day ago

          The no-double-tax scheme means they still pay all their Canadian taxes, it's the US that discounts an amount in their tax calculations.

        • microcolonel a day ago

          > I bet many of your fellow Canadian taxpayers (of which I am one) are not so thankful for this arrangement.

          Well, I pay absolutely all Canadian taxes to the full extent, and I can't make use of TFSAs; what do my fellow Canadians have any right to complain about?

          > Then again, I fall strictly in the "citizenship is a privilege, not a right" camp.

          Well, I am a citizen, and I've lived in Canada my whole life.

          • navigatesol 4 hours ago

            You claimed to be thankful for not being "double-taxed", from which I inferred you're a Canadian, living abroad, "thankfully" not contributing to the roads, schools and hospitals of this country from you which, once can assume, you hope to extract benefit from in the future.

            If you're a Canadian who lives in Canada and pays Canadian taxes, there's no controversy.

            • microcolonel 3 hours ago

              > You claimed to be thankful for not being "double-taxed", from which I inferred you're a Canadian

              It's not "double-taxed", it's double-taxed. The U.S. system in fact makes it possible for the same income to be taxed twice at the full rate. And you didn't need to infer that I'm Canadian, I said it right in my comment.

              I'm thankful I'm covered by the Canadian agreements, which allow me to credit my Canadian tax payments against (most of) my U.S. tax liability. I still have to file taxes in the U.S. like every other U.S. citizen, I still have to file FBARs with FinCEN like every U.S. citizen. I still have to pay Canadian taxes like everyone else who makes Canadian-source income, I still must pay the OHP like every Ontarian, I still must pay into CPP even though I may never be able to take it. Even if I didn't make Canadian-source income I would still be paying property taxes either directly or indirectly, paying sales taxes every time I bought something other than groceries, and that's where the roads and the schools get their money; though because of some combination of my personality and the quality of the schools I never did get more than primary school out of the system here before I left to work and began paying net taxes in my second year of full time employment.

              I don't know why you're being so hostile. If somehow this arrangement allowed me to not pay taxes lawfully, how would that be my fault? It would be all of ours.

              Frankly it's appalling that they manage to make things cost enough to justify these taxes, especially as every Canadian sees these obscene transfers of wealth from every taxpayer to Bombardier, the leniency extended to SNC Lavalin, the "equalization" process by which unproductive Canadians feast on productive ones for the privilege of living in equal comfort without ever considering moving for work; but I do pay them, you're welcome.

    • rahimnathwani a day ago

      That's not true. Several other countries require that their citizens file annual tax returns, and tax them on their worldwide income.

      Why is it ridiculous?

      And what makes you so sure that less than 1% of US citizens living outside the US evade tax?

      • typenil a day ago

        The other countries that tax worldwide income: Libya, North Korea, Eritrea and the Philippines. Great company to be in.

        You could call it ridiculous because it’s so unusual. But the reason most countries don’t do it is that taxes are a supposed to be a deal - the government forces you to hand over money and pays for services you use in return. Expats - they aren’t using those services.

        And your point about tax evaders is moot - taxing global income only hurts law abiding expats, not evaders. Seems like you’re being hostile and skeptical for personal reasons.

        • wrkronmiller a day ago

          Devils-advocate: The U.S. government still provides expats services such as the State Department, potentially U.S. government intervention to help evacuate citizens from troubled areas etc...

          • thelittleone a day ago

            So does Australia whilst not taxing on worldwide income.

            • davidw a day ago

              And Canada, Italy, Germany, Norway, New Zealand, France, UK, etc... etc.... do as well without the silly system the US has in place.

              • navigatesol a day ago

                >Canada...do as well without the silly system the US has in place

                Perhaps you're forgetting about the evacuation of Lebanese Canadians in 2006, "Citizens of Convenience" and the associated changes in Canadian citizenship laws. It's not without controversy.

                • davidw a day ago

                  Canada does not require its citizens abroad to file taxes.

                  I'm sure there are other controversies and things going on, but that's what we were talking about.

                  • navigatesol 4 hours ago

                    >but that's what we were talking about.

                    This controversy is directly related. You should inform yourself.

                    Canadian taxpayers spent $100MM evacuating Lebanese Canadians from Lebanon in 2006, many of whom were citizens but had never paid taxes to Canada. We now bill for extrication. Seems like a fair compromise.

            • navigatesol a day ago

              And in what way is that good for or fair to the citizens who contribute to the system that enables you to take advantage of these services?

          • hfdehfddhs a day ago

            And if you're a Coca Cola employee, that's one of the benefits provided.

        • stef25 a day ago

          > The other countries that tax worldwide income

          When I declare my taxes here in Belgium the form always asks me if I have any income / assets abroad (I don't). I guess "tax worldwide income" refers to "if you also live abroad" ?

          • davidw a day ago

            If you're a Belgian citizen, and move to, say, Canada, you'd file taxes in Canada and that'd be the end of it. If I, as a US citizen,move to Canada, I'd have to file and pay Canadian taxes, and file - and maybe pay - US taxes in addition.

            What you're talking about is if, living in Belgium, you have income from other countries that needs to be reported, which seems fair enough - after all, you live and pay taxes in Belgium, not those other countries.

        • navigatesol a day ago

          >taxing global income only hurts law abiding expats

          If you want to maintain your citizenship and have a safe-haven to run to if SHTF, then you should contribute to the tax system. I truly don't understand why this is controversial. An American passport is powerful.

          Edit: I suppose I shouldn't be shocked that the tax avoiding leeches in Silicon Valley don't feel obligated to contribute to the societies from which they extract their wealth. I'm glad the system is catching up.

          • hfdehfddhs a day ago

            " safe-haven to run to if SHTF"

            If S* is hitting the fan, aren't you assuming said expat lives in, to use El Jefe's words, a "S* country"? By conservation of mass, the S* comes from somewhere. Instead, most expats live in W. Europe, Canada, or Japan/Korea. Pretty safe.

            " tax avoiding leeches in Silicon Valley don't feel obligated to contribute to the societies from which they extract their wealth"

            Well, no. Ppl aren't complaining about paying taxes to the sovereign of where they live, even on their global income. That's another discussion. It's about paying taxes, usually mostly locally earned income, to an entity far away that has no jurisdiction and that provides nothing in return.

            • navigatesol a day ago

              >and that provides nothing in return.

              As others have mentioned, your American passport does provide you with services. But if you truly believe it's worthless, why maintain citizenship? To save the fee to renounce citizenship, even though it will save potentially tens of thousands of dollars annually? Doesn't make sense to me.

              No, it's a safety measure. And I think people are lucky to have it, at the low cost of some of your tax dollars.

              • hfdehfddhs 20 hours ago

                "why maintain citizenship"

                In fact I live in the US but haven't applied for US citizenship for this, among other, reasons("passport" being woefully misused word in this context). Anyway, that is a very poor advice since: 1. Most people have one citizenship, including expats (most return). 2. Giving up your US citizenship implies very many more things than not paying taxes. Look up ex-pat type laws.

                "American passport does provide you with services" Well the passport surely doesn't. The citizenship might, but I've been an expat all of my life (started bouncing around the world at the tender age of three weeks). I've never used, no one in my family has every used, an no one I know has ever used our rich, Western countries' services [0]

                I have used the services of the local police very many times.

                "No, it's a safety measure"

                The Special Forces aren't on a razor's edge ready to jump and come get you. That's BS from Hollywood. You get in trouble abroad, and yes, you can ask for the local consulate to send someone to see you in jail. That's, in the vast majority of cases, about it. But I try to avoid jail myself.

                [0] We're not British. Apparently, Brits get into so much trouble abroad that the Brits have come up with a simple solution: charge the drunk louts for consular services!

                EDIT: To be clear, when I move to another country, I take pains to declare that I'm no longer a resident lest I continue being eligible for that country's services.

          • literallycancer 16 hours ago

            Safe haven with 5.3 homicide rate?

            If you wanted an actual safe haven, you'd chose something like Andorra, Vatican, San Marino, Liechtenstein or Monaco. Those have a homicide rate of 0. Japan with 126 million people has 0.2, UAE 0.5 and South Korea 0.6.

            • navigatesol 4 hours ago

              Go to those countries and get citizenship, then. What's the problem? Oh, it's harder than it looks? I wonder why.

              The question no one here answers: why maintain a valueless US citizenship?

        • rahimnathwani a day ago

          "Seems like you’re being hostile and skeptical for personal reasons."

          You made three assertions. One was factually incorrect. One was a matter of opinion, about which I was curious to understand your reasoning. The third seemed like it was unlikely to be true and hard to get data about, so again I was curious.

          I'm sorry if my pointing out an untrue statement and asking for more information about others seems hostile.

          My personal reason for wanting to point out the incorrect assertion about the US being the only country: https://xkcd.com/386/

    • wil421 a day ago

      Why does it matter? My brother in law lived in Costa Rica for 10+ years. He never had to pay a single bit of tax. I know a few people in Europe with higher salaries and they have never paid a cent either.

      I’ve yet to meet anyone who lived overseas and had to pay the IRS.

      • gwd a day ago

        > He never had to pay a single bit of tax. I know a few people in Europe with higher salaries and they have never paid a cent either.

        He didn't say pay taxes; he said file taxes. Every year I have to tell the US government how much I made, and then explain why I don't owe them any money (i.e., already paid tax on it to the UK). It's a stressful hassle even if you don't end up owing anything.

        • wil421 a day ago

          I fully understand.

          I’m asking if you ever had to pay taxes? Plenty of people complain about filing paper work but I’ve never met anyone who owed anything.

          • gwd a day ago

            I pay taxes to the US (and not to the country I live in) on the small amount of passive income generated in accounts located in the US. I'm not 100% sure if this is the Right Thing to do or not, but it seems fair. But my taxes would be a lot simpler and less stressful if I only had to report this income (and on years where this was 0, not report anything at all).

          • frittig a day ago

            I had to pay. I have lived abroad for several decades and when I decided to do some independent contracting I realized that now I have to pay social security. Also, while I generally pay more taxes than an American, every once in a while there is a tax break that I get that Americans don't. In that case I have to pay that amount to the US.

          • davidw a day ago

            You end up paying quite a bit to owe 0, because it's not easy to find a competent accountant who can, say, understand your Italian tax returns, and then file in the US based on those.

      • rahimnathwani a day ago

        "I’ve yet to meet anyone who lived overseas and had to pay the IRS."

        I've met several, and can assure you they exist.

      • onetimemanytime a day ago

        living and making a living are two different things-- when you make over a certain amount.

  • fb03 a day ago

    I don't think he's ever going to come back to the US. He would be arrested on the spot.

  • faet a day ago

    Macmillan is probably withholding taxes for him. If he publishes directly on amazon, they would withhold 30% and send it to the IRS.

fasinfranco a day ago

Customers who bought this item also bought: YubiKey

wannabcodr a day ago

Anyone have a link to steal and read the book for free? I don’t support his cause but wouldn’t mind reading the book. Yes I’m admitting to intent to pirating Ed Snowden’s book. It’s not like I’d be stealing sensitive military secrets and selling them to Omidyar for a pledge up to $250MM. How many Russian speaking people were in his orbit in Hawaii from 2011-2013? How many of them had the operational capacity to pull off a conspiracy to guide Ed to Mother Russia undetected?

  • SahAssar 21 hours ago

    You do realize that asking a question does not necessarily make it a valid question, right? If you have something to say that has evidence behind it why not just say that.

  • dredmorbius 20 hours ago

    There are few popular books which don't end up at either your local public library, or on Library Genesis, within a few weeks, these days.

    I'm a fan of authors being compensated. I'm an even bigger fan of information being a public good. These are not mutually exclusive propositions.

  • Synaesthesia 21 hours ago

    How about you answer some of your own questions.

    • wannabcodr 21 hours ago

      1) I don’t have a clean link to the book

      2) Yes Russian speaking folks are in our IC, military, private sector etc. and are certain to have been in his orbit

      3) someone could ask mr Omidyar

      Given his connections to Booz and his level of intelligence (punahou grad along with Obama etc) He could be a total patriot at heart and it would be difficult to know the difference. Shit, maybe Pierre is a triple agent, a regular Bond good guy. But I’ll tell ya when I heard he bought up the secrets I was sure at that moment that he is either a total patriot or is part of a conspiracy. Probably just an opportunist though. Kind of like the geniuses who foresaw bitcoin’s rise.

      • Synaesthesia 21 hours ago

        So, all speculation? I mean based on what he has released he's an american patriot. I haven't seen any evidence to the contrary.

        Of course the US govt will try smear him and cover up after he exposed their actions.

        • wannabcodr 20 hours ago

          It’s impossible to tell without access to the full trove. He could be releasing things in a way that either minimizes or maximizes damage (or anywhere in between) to the US.

          Yes, we can only speculate. I’m not in the intelligence community and those who are aren’t likely to voice things publicly.

          The whole situation seems odd. A calculating genius spends months planning what is ostensibly a haphazard plan to wind up in Russia supposedly not by choice? Then Omidyar also in Hawaii and connected to Booz buys up the secrets. Seems odd to me.

          If Mr. Omidyar were patriotic maybe he would have bought up the secrets and kept 100% of them private, thus extending the oath of secrecy that military officers all take. Mr. Omidyar has come forward as an agent of the free press, not as a sworn patriotic military officer. Difficult to tell his motivations from the outside yet worthy of speculation.