Privacy

The new 2600 is out, and it has a few articles talking about various
aspects of privacy and anonymity online, which got me to thinking
how difficult it is to opt-out from, well basically anything that
doesn't spy on you in some way. Take gmail. While it's relatively
easy for us geeks to simply not use it, it provides the MX records
for a remarkable number of private, edu and business domains. Many
more people than that have @gmail.com addresses. So you can have
your own email server, or use SDF for email, and in the end what
does it get you?  When you reply to or send an email to anyone using
Google's email infrastructure, Google (and by extension, the NSA)
gets your IP address, email address and content (because, let's face
it, no one encrypts email). I've had my own email server for about
15 years, and will keep it as long as practicable, but it is
disheartening to see the hold one company has on email.

One interesting thought is that of obfuscation - making the data
held by Google or the NSA even more useless, by injecting random
phrases or subversive keywords into email text, like as part of a
signature block. GNU Emacs has had something like this for many
years, M-x spook. Since I'm writing this in emacs, let's see what it
gives us:

   Waihopai sweep Disaster Grid Meta-hackers MSEE DSD MARTA National
   Biosurveillance Integration Center Biological weapon clandestine
   MSW Chemical Venezuela World Trade Center

That's 15 random phrases from a spook-phrases file. With gmail, it
would be more interesting to use random nouns or marketing phrases,
to throw off their ad-injection algorithms. With carefully chosen
text, it could even be possible to create your own persistent 'ad
profile'.

One of my favorite essays on the subject of privacy is from Bruce
Schneier:

https://www.schneier.com/essays/archives/2006/05/the_eternal_value_of.html