this post was submitted on 22 Apr 2024
84 points (97.7% liked)

Privacy

31987 readers
641 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Hello everyone, with the unfortunate passing of the FISA expansion, I was left with a few questions. I tried to research it, and to me, it seems like they are beefing up surveillance with routers and ISPs (correct me if I'm wrong.) Aside from having businesses stalk you when you use their WiFi (connected with ISPs.)

And if that's the case, should I just always use a VPN? And furthermore, shouldn't you have always used a VPN prior to this anyways?

That's why I'm confused because I already thought that other businesses were collecting data and our ISPs were already sending our data away, so I'm partially confused about what the real change here with FISA is.

Any clarification and advice is greatly appreciated, thank you.

all 28 comments
sorted by: hot top controversial new old
[–] catloaf@lemm.ee 25 points 6 months ago (2 children)

There is no real change. It's a reauthorization. Continue following best practices to mitigate surveillance.

[–] CCRhode@lemmy.ml 10 points 6 months ago* (last edited 6 months ago)

Continue following best practices to mitigate surveillance.

The slimy part of FISA has always been that the data it collects about overseas communications never sunsets. Moreover, Federal law enforcement officials used to be able to troll through the data without a lot of oversight. In 2020 and 2021, there were 270 thousand questionable uses of the data by the FBI looking for dirt — not on foreigners (who are fair game apparently) — but on citizens. The furor over that is what fueled the failed opposition to re-authorization, which succeeded primarily because the FBI insists that the data provides early-warning of terrorists plots and that [the FBI] promises to play fair in the future by digging for dirt only on terrorists here and abroad.

[–] Coasting0942@reddthat.com 4 points 6 months ago

The reauthorization expanded it to anybody with a computer who passes on communications with the computer.

[–] krolden@lemmy.ml 20 points 6 months ago (3 children)

Stop using any electronics and move into a shack in the woods.

[–] possiblylinux127@lemmy.zip 4 points 6 months ago

The real answer

[–] Zorsith@lemmy.blahaj.zone 3 points 6 months ago

Herd goats.

[–] trippingonthewire@lemmy.ml 2 points 6 months ago

That you Ted?

[–] lemmyreader@lemmy.ml 15 points 6 months ago (2 children)

And if that’s the case, should I just always use a VPN? And furthermore, shouldn’t you have always used a VPN prior to this anyways?

No idea about these USA specific things but always using a VPN would mean that you need to trust your VPN provider more than your ISP and your government. There is only one commercial VPN provider that I trust and one non commercial one. But then there is Tor, and the slower i2p. You also have to take into account that VPN blocking appears to be increasing. For all kind of shopping on-line and filling in forms for government related things (Things like let's say e.g. request money support for a wheel chair) I cannot use VPN because they're blocked or worse : time out. And I found out that lemmy.world likes to block Tor and VPN for posting and uploads. Reading is allowed though. So all in all you have no smooth sailing guaranteed.

[–] jqubed@lemmy.world 4 points 6 months ago (1 children)

I can kind of understand VPN and TOR blocking when those are often used by people wanting to post illegal content or engage in illegal activity that could also be harmful to the service that ends up blocking them. Even if it’s an extremely small fraction of the users coming from those services, depending on the action sometimes just one could be enough to make a service decide they’re not worth the potential problems.

The more cynical part of me might suspect at least some of those problematic actions are coming from people working on behalf of privacy-opposed governments to make it harder for people to use VPN/TOR for legitimate purposes. But there are probably plenty of malcontent trolls happy to watch the world burn that governments don’t need to do that.

[–] CCRhode@lemmy.ml 6 points 6 months ago (1 children)

I can kind of understand VPN and TOR blocking when those are often used by people wanting to post illegal content or engage in illegal activity that could also be harmful to the service that ends up blocking them.

I can't understand that at all. If they are able to identify a real threat, they understand more about their users than their IP address. Blocking IPs is a brutal and lazy way to deal with an imaginary threat. I they are truly that paranoid, they should do what Reddit does: Ban everybody.

[–] refalo@programming.dev 3 points 6 months ago (1 children)

DDoS/spam/malware/hacking from tor and/or known VPN providers is not an imaginary threat. Many companies and websites block it entirely. This is not new, imaginary or lazy.

[–] delirious_owl@discuss.online 1 points 6 months ago (1 children)

Yes, it is lazy to block all of Tor because a few bad actors come from it.

That's like blocking all emails from Nigeria just because some spammera live there.

[–] refalo@programming.dev 1 points 6 months ago (1 children)

It's not a few, it's many gigabits per second.

[–] delirious_owl@discuss.online 0 points 6 months ago* (last edited 6 months ago) (1 children)

That's a few users. Temp block them when they do something malicious. Don't wholesale block someone just for making a simple GET request from an IP on Tor that hasn't done anything malicious.

[–] refalo@programming.dev 1 points 6 months ago (1 children)

Tor DDoS attacks have been ongoing for years now.

[–] delirious_owl@discuss.online 0 points 6 months ago

Right, so temp block the bad IPs 24 hours.

Don't block an entire network just because there's a few bad actors.

[–] possiblylinux127@lemmy.zip 7 points 6 months ago (1 children)
[–] trippingonthewire@lemmy.ml 6 points 6 months ago* (last edited 6 months ago) (2 children)

I tried calling my state's senators, they voted yes anyways...

Establishment

[–] possiblylinux127@lemmy.zip 3 points 6 months ago

Well its better than not calling them

[–] impure9435@kbin.run 1 points 6 months ago (1 children)

Call them afterwards and tell them that because of this you're not voting for them in the next election

[–] trippingonthewire@lemmy.ml 1 points 6 months ago (1 children)

I would, but I'm worried that somehow I can get in trouble for harassing a government official.

[–] impure9435@kbin.run 2 points 6 months ago

No, you're just telling them your opinion. Just make sure to stay calm and friendly, don't get aggressive or insult them and you'll be fine.

[–] Coasting0942@reddthat.com 6 points 6 months ago (1 children)

The Wyden/Lummis amendment would have struck language that expands the definition of an electronic communication service provider to include, with some exceptions, any "service provider who has access to equipment that is being or may be used to transmit or store wire or electronic communications." The exceptions are for public accommodation facilities, dwellings, community facilities, and food service establishments.

So basically anybody with a computer network open to the public has to bend over in secret. This changes nothing if you assume all connections end up in their metadata database. It just makes it faster. Use your VPN/tor/i2p

[–] Woozythebear@lemmy.world -2 points 6 months ago (1 children)

VPN won't be an option anymore after the Tik Tok bill goes through as it's bans the use of them.

[–] ChallengeApathy@infosec.pub 2 points 6 months ago

Source on this? It's very unlikely. It would be hard to crack down on VPNs given the fact that businesses need them, especially now with the prevalence of remote work.

[–] ChallengeApathy@infosec.pub 4 points 6 months ago* (last edited 5 months ago)

I'd say just keep doing what you would have done before to protect your privacy. Switch to privacy tools, especially encrypted communications services, and use both trustworthy VPNs and Tor for different use cases. Also, I heard (can't verify) that this effectively lets the government legally co-opt regular people to essentially function as spies under gag orders, so I'd just keep an eye out if you ever need to let some sort of professional into your home.

[–] delirious_owl@discuss.online 4 points 6 months ago

Nothing different than before. Make sure you use a VPN at all times and everything you send after that is end to end encrypted.