Trying to reset the net to privacy

Trying to reset the net to privacy

Summary: Sick and tired of an internet where the National Security Agency may be tracking your every online move? So is an alliance of privacy groups and technology companies, which is proposing that users reclaim their privacy on the Internet.

SHARE:
12

Privacy on the internet is hard to come by. We can argue over exactly how much information the National Security Agency (NSA) is gathering on each and every one of us, but no one questions that the NSA is doing a fine job of spying on us. A new alliance of privacy groups and technology and media companies, led by Fight for the Future, wants to put a stop to this by using already existing Internet privacy technologies with a popular movement they've named Reset the Net.

Reset The Net

Fight for the Future is a non-profit group that's "dedicated to expanding the Internet's transformative power for good. Our goal: To build a grassroots movement to ensure that everyone can access the Internet’s many resources affordably, free of interference or censorship and with full privacy. Our vision: A world where everyone can enjoy the basic freedom to express, create, and connect online."

The other groups behind Reset the Net include Demand Progress, Reddit, the Libertarian Party, and the Free Software Foundation. According to them, governments are turning the Internet into a virtual prison. But, while the NSA and its allies, such as the UK's Government Communications Headquarters (GCHQ) think they can hack anybody, "...they can't hack everybody. Folks like the NSA depend on collecting insecure data from tapped fiber. They depend on our mistakes -- mistakes we can fix."

That last statement may or may not be true. While it seems, for example, that the NSA did not pick up on the OpenSSL Heartbleed security vulnerability, there's little doubt that the NSA has other ways to break Secure-Socket Layer (SSL) encryption.

Top NSA hacks of our computers (Gallery)

Be that as it may, the group is urging all web site owners to start adopting SSL to protect users from surveillance. This is far from a new idea. The Electronic Frontier Foundation (EFF) has been encouraging Web sites and users to adopt SSL for years. In 2010, the EFF released HTTPS Everywhere. This is a browser extension that forces popular Web sites to connect to you, if possible, with SSL, Transport Layer Security (TLS), or TLS/SSL over HTTP (HTTPS).

Specifically, Reset the Net wants web users and developers to use SSL, TLS, and HTTPS. In addition, they want everyone to adopt the less well-supported HTTP Strict Transport Security (HSTS), a web security policy tool, which forces HTTPS connections, and Perfect Forward Secrecy (PFS), a public key encryption program. The EFF claims that if sites used PFS even security holes as bad as Heartbleed wouldn't leave users' private messages vulnerable to attacks.

"HTTPS, HSTS, and PFS are powerful tools that make mass spying much more difficult," the groups said on its site. "Until web sites use them, we're sunk: agencies like the NSA can spy on everything. Once they're ubiquitous, mass surveillance is much harder and more precarious — even if you're the NSA."

Aye, there's the rub: while HTTPS is quite commonly supported neither of the other two are. For example, while Chrome, Firefox, Opera, and Safari support HSTS, Internet Explorer still doesn't. This has led the EFF to claim that this "means that there's basically no such thing as a secure website in IE."

Still, the group is encouraging everyone to adopt these technologies as soon as possible. And, to make sure the non-technical public gets the point, they want everyone on June 5th, the anniversary of Edward Snowden's first NSA revelations receiving press attention, to post "“Don't ask for your privacy. Take it back. Today we #ResetTheNet to stop mass spying. Encrypt everything! Learn how: http://thndr.it/1euOUIl" on all social networks."

Reset the Net sounds like a grand idea. How much practical difference it will have remains to be seen.

Related Stories:

Topics: Networking, Privacy, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

12 comments
Log in or register to join the discussion
  • Paranoia Reigns; criminals win.

    I do realise that that "if you've nothing to hide, you've nothing to fear" is not sufficient; I really do.

    But the anti-surveillance backlash is waaaaaay over the top, and ultimately helps only drug dealers, people traffickers, other money launderers, and - potentially - terrorists.

    We have now reached the point where it would be no more than honest to say:

    "Better to let 1,000,000 criminals
    go unchallenged than one person
    gets ads matched to their Internet
    browsing habits."
    Heenan73
    • It also helps individuals...

      by keeping their personal secrets private.

      Preventing business plans from being stolen.

      Preventing identity theft.

      And helps preserve our freedom.
      jessepollard
      • Privacy has no place in public activity.

        Kind of clueless there. Just what secrets exist in what is private you secrets are subject to examination when demanded by Cort order. Is it fair to say that privacy involves secrets? Clearly it does not. Secrets exist beyond mere privacy you are not guaranteed secrecy. The world is not a place for the ignorant and stupid if you wish to live a life of freedom. The wheels of freedom are lubricated with the blood of patriots. Not just those who clam to be patriots. The enemy's of freedom don't really care about patriots or not any ol blood will do. Business is not a good thing to recommend secrecy as their covering up inhuman atrocity, murder, theft, poisoning, bribery and worse much much worse things when you speak of business plans.
        Altotus
        • How would you like a stalker to follow your daughter...

          Just because she may have posted a tweet?

          Or a burglar that decides your house is the one to hit because you posted some christmas photos...

          Or an identity thief to steal your credit card?

          Or get killed because some nut across town didn't like what you said?

          Or loose your job because your manager didn't think your post to the editors page was "correct".

          Or the local gang didn't like what you sent to the police about their activities?

          You have no idea what privacy is.
          jessepollard
      • An audience

        Has no impact on 'freedom' only on 'comfort'.
        luke mayson
    • That is an extremely US-centric statement!

      This is about resetting the global Internet. It's about guaranteeing privacy and security for everyone. In that context, the NSA and its collaborators are clearly the largest criminal enterprise on the Internet.
      mirimir
  • THIS is why you cannot have Privacy!

    http://www.computerworld.com/s/article/9248153/Emails_shed_light_on_Google_s_work_with_NSA

    Bullwinkle Responds >
    COMPUTERWORLD May 6 2014

    This is NOT a chinese BIOS attack!
    This attack has been duplicated on INTEL Motherboards running Windows XP

    I have complete videos showing the attack which cannot be reversed by reflashing the BIOS or swapping hard drives

    Microsoft was included in these discussions because MICROSOFT WINDOWS 7 and 8 CAN be reinstalled after the system is attacked!
    However, Windows XP and Linux Operating Systems CANNOT EVER be installed again after the attack

    Ask yourself, WHY would MICROSOFT be included in discussions of a BIOS attack, but not Linux?

    The videos I have are Genuine and have not been edited!
    Anyone who has read my posts showing you how to prevent Stuxnet and other Gov't malware in XP systems now understands why these exploits cannot be stopped in Windows Spyware 7 and 8 and you "should" understand what is really transpiring here
    OutOfBoxExperience
    • maybe because...

      Win 7/8 are able to deal with uefi bios and cant rewrite required code blocks as part of their installation whereas Linux and winxp being so outdated cant deal with the new tech?

      Also the whole article was about Google and Apple/Microsoft are only mentioned along with Dell/HP/etc because they were asked for help...
      aesonaus
      • Maybe because...

        You never read my post

        XP was already installed !

        It was not UEFI !

        and the problem affects other computers

        and the videos and other related documentation can be made available to serious reporters

        This site and other tech sites know how to reach Bullwinkle J Moose

        Propaganda Shills Need Not Apply!
        You either
        OutOfBoxExperience
  • Big Deal

    I have no problem with the government tracking me online. I was not at all surprised to find out what the NSA is doing, because I always presumed it was doing this.

    I don't subscribe to conspiracy theories and never have. I don't harbor paranoid delusions about what the government is doing with my information.

    As far as I'm concerned, the U.S. government can do anything it wants to keep my family safe. I save my venom for the cowardly terrorist fanatics who force us to live this way.
    BulldogXX
  • 'Obama Care' Is Nothing More

    than a way for the government to force you to "Drive By" the NSA 'Service Center'!
    Mujibahr
  • Take Back Your Privacy!

    Please help support RESET THE NET!!!
    Would appreciate 3 seconds of your time to hit the like button and help spread the word on our mobile security app page. D-VASIVE
    https://www.facebook.com/pages/D-Vasive/1426387784297277

    MORE INFO: http://dvasive.com

    Thank you so much and have a great day.
    D-Vasive