> "If someone from a country with limited internet access installs uProxy, they can get a friend from the US to authorize them to surf the open web using their connection. "
People proxying illegal traffic through the USA would immediately be "on file" in the US registered as dissidents, criminals, and potential spies vulnerable to blackmail from US agencies.
I can see CIA looking at how their propaganda are affecting foreign nations by seeing who reads it from where. Foreign nations could even see proxying subversive traffic through the USA as being a worse crime than the subversive traffic itself.
Also important: can you choose what to allow to pass through your connection? Can I rule out the case of someone accessing a child porn site through my connection?
If I were to run such a proxy, I'd only allow HTTPS or ssh traffic that I cannot possibly decrypt even if I wanted to, so I can't be held accountable for what I proxy.
Same is probably true for the other end: if I were to rely on someone unknown out there proxying my connection, I'd strongly prefer my entire connection to be encrypted, and my identity hard to trace. Else my proxying peers might happen to be exactly the people I'm trying to hide from.
> Also important: can you choose what to allow to pass through your connection?
It doesn't appear that you can, but don't proxy for people you don't know, then. How on earth do you propose ruling "out the case of someone accessing a child porn site through my connection?" anyways?
As for the rest, it appears to just be a browser extension that proxies your connection, whether HTTPS or no. If you want to ensure that you're only going over HTTPS, install something like HTTPS Everywhere or block all connections that aren't secure.
This is like a VPN service but decentralized, with all the downsides that brings (have to find a peer, trust the peer, etc). It is not Tor, not a replacement for secure connections to sites, etc
Can we stop every new thread on HN with NSA spy stories? The NSA can/has/is spying on you for a long time and it has nothing to do with any US company. Much of the traffic around the world (bound for the US or not) is routed through the USA due to us being such a central player, and these core routers have been tapped for a long time.
It doesn't matter if you are dealing with "US company" or not.
With most threads, your request would be perfectly reasonable, but this is a technology designed specifically to keep your communications private. There aren't many threads where bringing up the NSA would be more relevant than it is here.
P2P is definitely a viable solution that makes their job significantly more difficult.
It's not nearly that clear what the NSA is doing. I've worked in the NOC and as a datacenter tech at a Regional ISP and we definitely did not have spying gear in our facilities. We had other, regional BGP peers so it's entirely likely your traffic never crossed the Internet to get to its destination. I'm still not convinced they've tapped a significant fraction of anything.
The Internet is a complex decentralized network and the NSA most certainly doesn't have the physical resources to tap more than a small fraction of it.
I'd consider it at least slightly more likely for major ISPs.
Why else would Comcast route traffic from the western part of the Mountain time zone all the way to Chicago or Dallas before going to a destination in California or Washington?
I don't think collaborator is a good term here, it is implying they are secretly giving up US citizens for some evil nefarious purposes to the government. I'd label them as a US based company that is complying with US law.
> I can see CIA looking at how their propaganda are affecting foreign nations by seeing who reads it from where
Interestingly, this is the second Google project on HN today that caters to people in oppressive countries. uProxy and recently announced Project Shield [1]. The major targets are Syria and Iran. Incidentally, they're also targets for the US military :) Intel from the enemy territory will certainly be of interest.
Good PR that Google is getting from it is in no way helping with mass surveillance at home, which they're themselves a big part of.
If it's PR that actually helps build viable tools used to circumvent censorship and improve privacy on the web in general then I'm all for it. Rather that than some silly TV ad campaign, don't you think?
While technically true "the US" here is only used as an example, I don't believe the endpoints have to be in the US (if I understand correctly any user of this extension can choose to become a proxy).
An other point in the video (at around 0:50) mentions that you can select your route through trusted friends. If that's true it means that you can decide where your traffic transits.
Now obviously if you use the binary chrome builds made by Google they might put a backdoor in there but that's always true.
I don't think it's fair to dismiss this because it comes from Google, if it's open source and an open standard everybody will be free to audit it and decide for themselves.
If you don't want to use any crypto-product which might be even remotely related to the NSA then I have bad news for you...
An important point that should be checked would certainly be if and when the plugin on its own tries to contact servers in the US, be they servers of Google or of the other parties involved.
If it doesn't, it deserves the attention of a more thorrough check.
I really like the idea of this, but somehow have a longing for the world we lived in one year ago, when news of such a project would not have been "tainted" by attaching the name of Google to it.
As it is pretty difficult to run reliable audits these days... I would not run it. You open yourself up to everything from the American Homeland Security people to Child Pornographers.
It's a valid issue, in that it's vile the way the US Government sometimes behaves, but that is not a realistic concern for 99.999999% of the world population.
This is meaningless as you don't know whether you're one of those 70 people until you have a black bag over your head.
And sure, today's bogeyman is terrorism. What will tomorrow's bogeyman be? During any time of social upheaval you can expect those in power to attempt to maintain their power. We are fast approaching obsolescence of a vast majority of human labor. What social ideas will spring out of that and how will the powers that be respond to a threat to their power? We've sat watch as the ultimate system of control was created around us; it's only a matter of time before it is unleashed on us completely.
In the USSR and DDR there lived millions of people.
Not everyone was abducted, the numbers are in the thousands.
People fear lightening. We must not fear our government. Fear of the people who are supposed to represent you is not quite democracy.
That is the point of oppression. To instill fear, not bu actually abducting and torturing half the population, just many enough to get the message across.
People should fear neither lightning (it's spelled without an e, by the way) nor the US government. At least if they are not involved nor plausibly confused for being involved with inciting terrorism. At least, if they want their fear to be a tool of survival rather than just an irrational impulse. They should fear car crashes and things like that.
The US does not abduct people to get a message across, as much as you may want to believe that there is some equivalence between what our government is doing and what the government of the USSR did. Now, I'm not claiming that these abductions were right, but it's laughable to try to equate them.
I don't understand what you're trying to say. Khalid al-Masri had better feared the US government, and probably now does. So should everyone who's a muslim or brown, apparently, as the CIA reserves the right to abduct and torture people.
Yes, being abducted and tortured by the CIA is relatively speaking rarer than a car accident, but it's something entirely out of your control, and something completely avoidable.
I'm saying exactly what you think I'm saying. Even if you're in the unfortunate minority that the US chooses to be biased against, you're thousands of times more likely to be hurt in a car accident than to be abducted. That doesn't excuse the CIA's behavior, but it does inform what a rational brown, Muslim person should spend his or her time fearing. (Hint: Other things being equal, not US surveillance of their innocuous internet traffic.)
I didnt equate them. See you in 10 years from now, then Ill equate them.
For now, I was just making the observation that you dont need to activley supress millions of people to have a dictatorship - it is the fear that is keeping the milllions down and in line.
Examples are made of a few, and that process has already started with the Manning and Snowden treatments.
Not to mention the many that are left in a black bag in a bathtub by the CIA/MI6.
Because they are now vulnerable to blackmail from US agencies which can force them to work as their spies.
"Hello, This is NSA. Will you please provide us name of all your team members, your sponsors, and do a few work for us? Otherwise we have a log file that your government will love to see."
You may want to care about US agencies because:
- you or your family members may want to travel to the USA or one of its allies.
- the USA may trade your information with other states, including your own country
- you may want to protect your own country from USA's spying
They're helpless, squabbling over the terms "boat people" and "illegals" to refer to unannounced immigrants. Actually trying to get something sensible out of our government is pointless.
Ever heard of drones? I remember numbers that indicated for a country that there was 1 strike every 3rd day, on average. It was either Pakistan or Afghanistan.
Should one live in New Zealand, Australia, Canada, UK, France, Sweden, Italy, Germany or in one of many other countries with a recent record of bowing to pressure from US agencies (often in spite of local laws and/or over trivial matters like copyright), then one should care indeed.
Because those agencies may eventually leak out that information. If their never delete stuff, everything they have will eventually be published in zeta-byte level leak.
In effect, they would also be sending all their sensitive, potentially illegal traffic to be read and copied by the american NSA agency. http://en.wikipedia.org/wiki/PRISM_%28surveillance_program%2...
People proxying illegal traffic through the USA would immediately be "on file" in the US registered as dissidents, criminals, and potential spies vulnerable to blackmail from US agencies.
I can see CIA looking at how their propaganda are affecting foreign nations by seeing who reads it from where. Foreign nations could even see proxying subversive traffic through the USA as being a worse crime than the subversive traffic itself.
Think twice about using this.