Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-05 Thread Seb35
I don’t see precisely how mandatory HTTPS could help spread the knowledge; accordingly if users feel themselves spied and it prevent them to contribute, yes, HTTPS helps; but if others feel cluttered by HTTPS (time load, unfriendly firewalls, various problems), it could also lower the number of

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-05 Thread George Herbert
Theo: They even have a Key recovery service and it's been going on for a long while apparently, to the point that the NSA has been steering the release of encryption standards and tools. I suppose that should make the politics of encryption a bit less relevant? No; with Perfect Forward

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Peter Gervai
On Tue, Sep 3, 2013 at 12:23 AM, Fred Bauder fredb...@fairpoint.net wrote: Their orders would be classified; disclosure of them would be a crime. Not a problem for us, but a big problem for staff on the ground in China. Indeed, I believe it may even be outright life threatening to have strong

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Gerard Meijssen
Hoi, Fred, what is different in your scenario from what happens in the USA ? Thanks, GerardM On 3 September 2013 00:23, Fred Bauder fredb...@fairpoint.net wrote: On 31/08/13 15:17, Erik Moeller wrote: It could be argued that it’s time to draw a line in the sand - if you’re

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread James Alexander
On Mon, Sep 2, 2013 at 10:58 PM, Peter Gervai grin...@gmail.com wrote: illegally collect personal data about them and *monetize it *or use to pressure or threaten selected individuals, companies or agencies. Monetize it? I am in no way going to defend my government on most of this given

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Fred Bauder
Any censor from the United States or European governments that works directly with us (I have no personal knowledge of this, I just know it has to be) is concerned with classified information, not someone's opinions or factual information about historical events or political personalities.

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Gerard Meijssen
Fred, Sorry, there is no us. As far as the United States is concerned they allowed themselves to spy on any person who is not one of US to be speid on. Given that our movement is a global movement, the fact that it is based in the US is incidental. Thanks, GerardM On 3 September 2013

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Fred Bauder
And from that assertion what practical action or policy should follow? Fred Fred, Sorry, there is no us. As far as the United States is concerned they allowed themselves to spy on any person who is not one of US to be speid on. Given that our movement is a global movement, the fact that it

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Marc A. Pelletier
On 09/03/2013 08:36 AM, Fred Bauder wrote: Any censor from the United States or European governments that works directly with us (I have no personal knowledge of this, I just know it has to be) is concerned with classified information, not someone's opinions or factual information about

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Marc A. Pelletier
On 09/02/2013 06:17 PM, Tim Starling wrote: OK, well there's one fairly obvious solution which hasn't been proposed or discussed. [collaborating with the PRC] That's because, ideologically, it would be abhorrent to a very large segment (possibly even the majority) of editors, staff and

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Marc A. Pelletier
On 09/03/2013 09:45 AM, Fred Bauder wrote: Abusive nonsense does not make that fact go away. Someone, actually, many someones, need to be trusted. Доверяй, но проверяй. I agree with your assessment of the risks of working with the PRC, I simply think that if you think that those risks do not

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Marc A. Pelletier
On 09/03/2013 12:33 PM, Delirium wrote: I certainly agree with learning from history, but when it comes to censoring encyclopedias or similar reference works, are there good examples that might more concretely narrow down the specific type of thing we ought to be learning from history? Not

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Fred Bauder
I guess emergencies should not go to legal as there may be a considerable delay. Fred Are there more successful attempts? It would be difficult to enumerate successful attempts since, by definition, they would have been successful at not being known. :-) -- Marc I once suppressed

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Fred Bauder
Are there more successful attempts? It would be difficult to enumerate successful attempts since, by definition, they would have been successful at not being known. :-) -- Marc I once suppressed information about a troop movement underway in Iraq after a request. Troop movements are

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Delirium
On 9/3/13 4:28 PM, Marc A. Pelletier wrote: On 09/03/2013 09:45 AM, Fred Bauder wrote: Abusive nonsense does not make that fact go away. Someone, actually, many someones, need to be trusted. Доверяй, но проверяй. I agree with your assessment of the risks of working with the PRC, I simply

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Michelle Paulson
Hi Fred, Emergencies should go to emerge...@wikimedia.org. Any other concerns should be directed to le...@wikimedia.org. Please note that emergency@ should only be used for actual emergencies (i.e. immediate threats to life, limb, or property). Thanks! -Michelle On Tue, Sep 3, 2013 at 10:48

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Kirill Lokshin
To be fair, none of the people receiving requests through legal@ or emergency@ have security clearances either. Kirill On Sep 3, 2013, at 1:44 PM, Fred Bauder fredb...@fairpoint.net wrote: Are there more successful attempts? It would be difficult to enumerate successful attempts since,

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-03 Thread Kirill Lokshin
The thing is, it's kind of a crapshoot anyways. You might see something that you think might be classified and report it; but, unless you actually have the corresponding clearance yourself, you have no way of knowing for certain whether the material is in fact classified in the first place.

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-02 Thread MZMcBride
Erik Moeller wrote: So, what to do? My main suggestion is to organize a broad request for comments and input on possible paths forward. I think we’re doing the right thing by initially implementing these exemptions -- but I do think this decision needs to finally rest with the Board of the

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-02 Thread FT2
There are many very sane comments in this thread. I agree with most of them - - Network encryption is important as one aspect; - Local threats and digging dirt are an important realistic threat (far more people are of interest to *THEIR OWN COMMUNITIES* vs nationally, or open to so

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-02 Thread Matthew Flaschen
On 09/02/2013 06:17 PM, Tim Starling wrote: It would allow WMF to monitor censorship and surveillance by being in the request loop. There's no guarantee they would accept HTTPS, even if there were still user surveillance inside the data center. It would be kind of like the cooperation we

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-09-02 Thread Peter Gervai
On Tue, Sep 3, 2013 at 6:38 AM, Matthew Flaschen matthew.flasc...@gatech.edu wrote: But as far as I know, the U.S. government has never blocked the general public from accessing a Wikipedia article, nor have they sent a takedown that was based on ideology/social harmony/etc. Instead they use

Re: [Wikimedia-l] Wikimedia and the politics of encryption

2013-08-31 Thread Emmanuel Engelhart
Le 31/08/2013 07:17, Erik Moeller a écrit : We can, of course, ask users in the affected countries. Given that this may lead to degradation or loss of access, users are likely to be opposed, and indeed, when plans to expand HTTPS usage were announced, a group of Chinese Wikipedians published

[Wikimedia-l] Wikimedia and the politics of encryption

2013-08-30 Thread Erik Moeller
Hi folks, As many of you know, this week we enabled HTTPS for logged-in users of Wikimedia projects. See: https://blog.wikimedia.org/2013/08/28/https-default-logged-in-users-wikimedia-sites/ We have geographically exempted users geo-located to China or Iran from this [1], because these