https://threadreaderapp.com/thread/1779885123363635572.html
Buried in the Section 702 reauthorization bill (RISAA) passed by the House on Friday is the biggest expansion of domestic surveillance since the Patriot Act. Senator Wyden calls this power “terrifying,” and he’s right.
This bill represents one of the most dramatic and terrifying expansions of government surveillance authority in history. I will do everything in my power to stop it from passing in the Senate.
NEW: House votes 273-147 to extend FISA Section 702 surveillance powers for two years.
After rejecting an amendment to bolster warrant requirement when spying involves US persons.
126 Rs and 147 Ds voted for the bill.
Now to Senate.
Deadline: April 19
If the bill becomes law, any company or individual that provides ANY service whatsoever may be forced to assist in NSA surveillance, as long as they have access to equipment on which communications are transmitted or stored—such as routers, servers, cell towers, etc.
That sweeps in an enormous range of U.S. businesses that provide wifi to their customers and therefore have access to equipment on which communications transit. Barber shops, laundromats, fitness centers, hardware stores, dentist’s offices… the list goes on and on.
It also includes commercial landlords that rent out the office space where tens of millions of Americans go to work every day—offices of journalists, lawyers, nonprofits, financial advisors, health care providers, and more.
https://news.ycombinator.com/item?id=40062271
This is the bill: https://www.congress.gov/bill/118th-congress/house-bill/7888/text
This is the report introducing the controversial amendment: https://www.congress.gov/congressional-report/118th-congress/house-report/456
The amendment is the last item in the report, under this heading:
An Amendment To Be Offered by Representative Turner of Ohio or His Designee, Debatable for 10 Minutes
This is the transcript of the session where the amendment was discussed and voted on: https://www.congress.gov/congressional-record/volume-170/issue-63/house-section/article/H2328-1
You can find the discussion within the text using this search term:
Amendment No. 6 Offered by Mr. Turner
126 Rs and 147 Ds voted for the bill.
But you need to for democrats because they’re the good guys
Harm reduction party
They know they don’t have to be any good, they just need to be marginally less terrifying than the alternative.
Frankly, people forgot about the NSA spying on everyone.
Yeahup
snowden leaks were such a generational divide at the time, I feel like everyone over a certain age who lived through the cold war just kind of shrugged and accepted it as natural while simultaneously calling it a conspiracy theory. young people and internet idealists were of course more outraged.
Everyone forgets about the 4th amendment.
Eyyup.
The internet did not exist in 1791
A testament to just how effectively they can control the population that they went from the big scary boogeyman of the 00’s to barely spoken about in public discourse now.
Not the whole population.
Many are waking up.
But the fact that the NSA is out of common discourse is… worrying.
in bad country, the government has control of the internet and uses it to surveil its citizens
I just kind of assumed they already did this
They do it illegally but can’t use evidence obtained illegally in court so they want to do it legally too
Not a new observation, but it still blows me away how Enemy of the State was a wild conspiracy movie when it came out in 1998 and is now basically common knowledge.
Love that movie.
I still often use “a person is smart, people are stupid.” So true, it hurts.
I think that quotes from Men in Black
Haha, shit you’re right. Leaving it up because we should embrace our mistakes.
Ok actual quote from the movie i also use…
Why’d you blow up the building?
Because you made a phone call!
The weird paranoid guy went to my alma mater🙂
They’ve been happy to have back doors for a long time, seems now they insist going through the front door.
Oh neat. I was contemplating a reality where my company would be able to spy on me and it looks like this is that bill hell fucking yeah
Spoiler alert: If you’re talking about your workplace, they already could. Don’t do anything on work equipment, network, or systems (including any free/guest wifi they have) that you wouldn’t want to have read by your boss or read out to you in a courtroom.
☝️ I don’t do any non-work related stuff on company equipment or networks. I never connect my personal phone to company wifi.
I pirate software on my work network for work because they won’t pay for it. It’s just one more step beyond pirating papers because our institution has stopped subscribing to journals…including the ones we repeatedly publish in.
It’s cool though, ALL work related.
In communist China… etc etc
Good time to grey market a Huawei phone.
are they actually usable - like do they work in US/Europe? what’s the major issue with them, no Google app store?
My understanding is that they’ll work if you get the one that has the correct frequency bands for your carrier. That said, “work” depends on exactly what you want it to do any how many hoops you’re willing to jump through to get there.
Phone, sms, internet browsing should all work fine. Apps should also mostly work if you download them through the Huawei store or sideload. However, some apps demand account access to Google accounts, or deeper level access to your OS (e.g. banking and payment apps). Those are the ones which get dicey. Huaweis also lack google framework services, which means a lot of the behind the scenes account shit that makes android easier to use (e.g. unified logins) won’t work. Android auto and smartwatch connectivity also don’t work because they need special access.
If you read that and thought “wow, that’s extremely inconvenient” then a Huawei is not for you. However, I know some people just read that and thought “Hell yeah, fuck google, sign me up!”
I checked it out out of curiosity and some Huawei models have LineageOS available for them which means you could use gmscore(microG) instead of google framework services on LineageOS. A cursory search also shows videos where people get microG on the official Huawei OSes but I can’t say how well that works. That would invalidate the reason to get Huawei though(no Google surveillance). You can remove Google services from any device with enough tinkering, especially if you’re willing to install an open-source OS.
Lineageos is as secure* as stock android. If you’re going to be using stock might as well just use your normal phone, the NSA definitely has shit worse than NSO Pegasus for stock android devices
the NSA definitely has shit worse than NSO Pegasus for stock android devices
Shouldn’t we assume the same for Huawei devices?
Yes, we shouldn’t trust, but the devices that run Harmony OS are significantly rarer than stock Android phones (meaning less interest/pressure to develop malware for them) and are also distinct from stock Android (so malware that could infect stock/LOS/OneUI/other Android “flavours” might not infect Harmony OS). I don’t know about hardening on Harmony OS, but I doubt it implements any hardening, so yeah it is technically as secure as stock Android, but considering the time horizon for threat actors to develop malware, it’s less likely to be successfully targeted. Not good enough to rely on.
oh also it’s developed in China which doesn’t have any incentive to “accidentally leave” vulnerabilities
I understand. My concern with the security of say a Huawei device is, that while domestic surveillance and NSA backdoors into American tech is a significant portion of the state’s security apparatus, I imagine the majority of effort spent by our spy agencies is in compromising and penetrating foreign tech. Yes, its easier for the state to coerce our tech industry into cooperating, but that’s why most of the offensive cybersecurity funding goes towards breaching non-US tech.
Where can I read more about that? Because lineage and eos were my go to digital self defense solutions
Search up “lineageos vs grapheneos” for some reading. Basically the difference is in hardening and the magnitude of the attack surface vector - a truly secure OS would try to minimize the potential for every type of breach even at the expense of usability. While I do use grapheneos on one phone, I personally don’t put any faith in it either as A Truly Secure™ solution simply because it’s American and vulnerable to many attacks outside of the phone (even if we assume it was built perfectly as of now, which it isn’t).
Look out for voice over LTE support. I bought a Chinese phone a while back (after checking bands etc) and after 3g got pulled from my carrier it can’t make calls anymore. Apparently VoLTE is also a thing it needs to support, for the carrier you’re on.
I’ve had little luck finding a community solution either. If someone figures something out they should let me know/make a post because I’d much rather get another one of those then this Samsung.
I’ve been wondering if it’s actually required in the LTE specification that carriers whitelist phones for VoLTE. I’m in a similar situation to you and I’ve found nobody seems to talk about being forced into buying a phone on a list.
The only “smart” appliances I own are my phone and my pc and I am constantly frustrated by how they insist on having interconnectivity. I don’t use banking apps on my phone because I am afraid of losing it + lots of lax security stuff, so less places I’ve got my finances, less places they can get stolen.
Huawei sounds perfect apart from me needing my phone to be a GPS, and that’s kinda tough without Google maps
Organic Maps is a good alternative app I’ve found that doesnt require google maps.
does huawei has progressive web apps thingy?
ngl that sounds like my personal hell
the US* internet
Which is a massive chunk of the internet considering that the biggest providers are there. Aws, Azure, GCP, Cloudflare, etc… And the other ones are in China which is most likely not much better in that aspect.
at least china doesnt have a history of interfering with other countries democracies.
if anything i hope this spurs some competition and more cloud providers outside these two places.
China is actually much better
And the other ones are in China which is most likely not much better in that aspect
Isn’t it? I don’t live in china. I’m not subject to their laws. A local business is much more of a threat than a foreign one.
No CCP agent ever sent me a piracy notice or put me on a watchlist
Don’t worry, I’m already voting for Biden so everything is going to be fine
They haven’t already?
I feel like this is something where I used to hear about the EFF raise hell about it. What happened to them?
i got an email from EFF about this very thing, on Monday
BUT DRUMPF DROOLED