[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Possibly moving Debian services to a CDN

Am 18.10.2013 um 16:31 schrieb Ian Jackson <ijackson@chiark.greenend.org.uk>:

> Tollef Fog Heen writes ("Re: Possibly moving Debian services to a CDN"):
>> I'm fundamentally of the opinion that if the NSA or a similar
>> organisation wants to track you and is willing to expend that effort on
>> tracking you in particular, there is just about nothing you can do about
>> it.
> This is true, but largely irrelevant.  That the NSA can get something
> if they really want to is true - but the question is how much of a
> price they want to pay.  By making things more difficult for them, we
> reduce the effectiveness of their surveillance capability.  They
> then have to be more selective in their targeting, or divert resources
> from other projects, etc.


> It seems to me that obtaining blanket logs about Debian users from a
> commercial CDN (or small set of CDNs) would be easy and cheap for the
> NSA and give significant and valuable information (what packages are
> installed and what security updates are done) about the vast majority
> of Debian users.  Indeed I would be amazed if the NSA don't already
> routinely collect or scan all traffic to the big CDNs.

If not scanned by the NSA, it's like that your traffic will be monitored by GCHQ or others. Using near-by mirrors will reduce that risk of being monitored by foreign services. Keep in mind that in nearly all countries it is forbidden by law to spy on own citizens.
And I'm sure that all big CDNs are already cooperating with secret services around the world. 

Additionally, as I already wrote in another mail, I think that Debian as a free software project has some sort of social responsibility to ensure peoples freedom and civil rights. Driving them to use a CDN that can be suited to limit their civil rights and freedom contradict the freedom Debian wants to achieve with its social contract to some degree. 

Ciao...            //      Fon: 0381-2744150
      Ingo       \X/       http://blog.windfluechter.net

gpg pubkey:  http://www.juergensmann.de/ij_public_key.asc

Reply to: