29 posts in this topic

Posted

This past week private search engine DuckDuckGo recorded their best week ever for traffic. The website, which does not record user

Share this post


Link to post
Share on other sites

Posted

Good for them

Share this post


Link to post
Share on other sites

Posted

People switching need to watch / listen to the latest episode of Security Now. (http://twit.tv/show/security-now/408)

The data collection isn't being made at Google's facilities. Using another search engine is pointless.

Share this post


Link to post
Share on other sites

Posted

DuckDuckGo is a good search engine actually

Share this post


Link to post
Share on other sites

Posted

People switching need to watch / listen to the latest episode of Security Now. (http://twit.tv/show/security-now/408)

The data collection isn't being made at Google's facilities. Using another search engine is pointless.

But google is directly involved as a 'supporting PRISM' along with Microsoft, where duckduckgo isn't. don't mean that what you are searching won't be logged, but its less likely and showing that people won't stand for such direct secret involvement.

This guy in the video is a quack too.. he's rambling about things he barely grasps. Near the end when he says hes' 'uncomfortable' with 128bit encryption I nearly lost it. Check out around 1h31 to contradict yourself. Its definitely being made at googles facilities, however its not being made 'in' google itself and they aren't affiliated and they can't talk about it either.

Share this post


Link to post
Share on other sites

Posted

it was US govt that initialy try to restrict the export & usages of > 56-bits encryption.

Share this post


Link to post
Share on other sites

Posted

This guy in the video is a quack too.. he's rambling about things he barely grasps.

You don't know much about Steve Gibson, do you?

I thought too years ago he was a quack...until I started listening to him on a regular basis. You don't need to listen to all 400+ podcasts to realize he knows his stuff.

Share this post


Link to post
Share on other sites

Posted

DuckDuckGo is a good search engine actually

 

It is but I just don't seem to have good luck finding what I want on there. 

Share this post


Link to post
Share on other sites

Posted

But google is directly involved as a 'supporting PRISM' along with Microsoft, where duckduckgo isn't. don't mean that what you are searching won't be logged, but its less likely and showing that people won't stand for such direct secret involvement.

 

Google and MS are not involved with PRISM.  They have issued statements to that effect as well as many other companies.  They do have to respond to legal requests tho...as would any company.

Share this post


Link to post
Share on other sites

Posted

Near the end when he says hes' 'uncomfortable' with 128bit encryption I nearly lost it.

Why? 128-bit encryption isn't what it used to be. MS themselves has stopped issuing certificates with less than 1024 bits almost a year ago. How strong encryption is doesn't remain fixed across time.

Share this post


Link to post
Share on other sites

Posted

Google and MS are not involved with PRISM.  They have issued statements to that effect as well as many other companies.  They do have to respond to legal requests tho...as would any company.

They have 'fell victim to' I guess is a better way to word it, with digital taps on their upload servers. 

Why? 128-bit encryption isn't what it used to be. MS themselves has stopped issuing certificates with less than 1024 bits almost a year ago. How strong encryption is doesn't remain fixed across time.

Its blown open publicly last I knew. I'd be more than uncomfortable with it.. I'm referring to SSL/RC4 encryption, not AES or DES or any other non-common web security layer. Hell I read a few articles on how 256-bit can be severely weakened by predicting possible outcomes and prioritizing the method in brute-forcing it, example would be reducing 2356 years computer processing to around 25 on the same hardware. Theres NO encryption that is secure and there never will be. Its only a time-thing, you hope what you encrypted stays that way until its no longer relevant.

Share this post


Link to post
Share on other sites

Posted

They have 'fell victim to' I guess is a better way to word it, with digital taps on their upload servers.

 

They have no direct access to their servers.  Whatever data is requested, they legally have to give.  But they provide the data.

Share this post


Link to post
Share on other sites

Posted

I changed and am really enjoyed it. The !bangs feature they have is fantastically quick.

Share this post


Link to post
Share on other sites

Posted

You don't know much about Steve Gibson, do you?

I thought too years ago he was a quack...until I started listening to him on a regular basis. You don't need to listen to all 400+ podcasts to realize he knows his stuff.

 

Likes

Share this post


Link to post
Share on other sites

Posted

They have no direct access to their servers.  Whatever data is requested, they legally have to give.  But they provide the data.

 

Theres taps on all the upstreams of the major US data centers. Thats their order, and Snowden made this very obvious with his leaks including their timeline of involvement. Other than those huge data centers of microsoft, google, yahoo, apple, etc, its Tier1 providers, so basically where all the ISPs in the USA get their internet to sell... From a standpoint in the USA you might as well shut off your internet if you are choosing which evil to make your request at, you aren't going to anonymously make it without going through something like TOR. From outside the USA where Tier1 providers are not tapped - duckduckgo may be a wiser choice depending on how you hit their servers. Huge however tho, .com and .net addresses are part of VeriSign which is a US company, and so, they are USA redirected, so your request traffic, IP, times etc bounces off the NSA somewhere when you visit one regardless of where in the world you are.

Share this post


Link to post
Share on other sites

Posted

DuckDuckGo has never given me good results, and if it gets popular you can bet they'll be getting their own fair share of NSL "requests", and like Google/Microsoft/Apple/Yahoo/etc. they'll probably lose if they try fighting them.

Share this post


Link to post
Share on other sites

Posted

DuckDuckGo has never given me good results, and if it gets popular you can bet they'll be getting their own fair share of NSL "requests", and like Google/Microsoft/Apple/Yahoo/etc. they'll probably lose if they try fighting them.

 

They don't record user data so there would be nothing to give the authorities.

Share this post


Link to post
Share on other sites

Posted

Until the government says "You must record their data", and then they have to.

Share this post


Link to post
Share on other sites

Posted

You don't know much about Steve Gibson, do you?

I thought too years ago he was a quack...until I started listening to him on a regular basis. You don't need to listen to all 400+ podcasts to realize he knows his stuff.

 

I know he wrote spinrite, software that saved my ass as well as continuing to save the ass of many of my friends, all for less than $100.

He knows what hes doing obviously, but hes one of those guys who can't summarize his knowledge into a digestible form. I found it hard to listen past 15 minutes of his 91 minute podcast, I can only imagine how he rambles in the other 400+ of them.

Share this post


Link to post
Share on other sites

Posted

 Huge however tho, .com and .net addresses are part of VeriSign which is a US company, and so, they are USA redirected, so your request traffic, IP, times etc bounces off the NSA somewhere when you visit one regardless of where in the world you are.

 

What are you on about? That's not how things work at all!

Share this post


Link to post
Share on other sites

Posted

I'm just curious, how do we know DuckDuckGo is really anonymous?

 

Also, is anyone using Tor web browser? I seen it in the Neowin Privacy Part 1-3 that was on the front page awhile ago.

Share this post


Link to post
Share on other sites

Posted

He knows what hes doing obviously, but hes one of those guys who can't summarize his knowledge into a digestible form. I found it hard to listen past 15 minutes of his 91 minute podcast, I can only imagine how he rambles in the other 400+ of them.

 

Well, ok, I'll grant you most people have a short attention span, and neither him or Leo pretend this is a podcast for the masses.

 

Which is really a shame, as typically the people who keep propagating the most outrageous claims on forums such as this one are those who would benefit the most from listening to what he has to say, as he's thorough in his research and won't say anything he can't back up.

Share this post


Link to post
Share on other sites

Posted

Well, ok, I'll grant you most people have a short attention span, and neither him or Leo pretend this is a podcast for the masses.

 

Which is really a shame, as typically the people who keep propagating the most outrageous claims on forums such as this one are those who would benefit the most from listening to what he has to say, as he's thorough in his research and won't say anything he can't back up.

Why don't you make a summary for the rest of us who suffer from ADD, or point out at what time he actually talks about PRISM.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.