Stallman on Operating System Security and Web Anonymityon July 4th, 2013 at 2:02 PM
Direct download as Ogg (00:09:18, 4.9 MB)
Summary: The latest Stallman interview, which deals with NSA involvement in Microsoft Windows and how to use search engines anonymously
TODAY we turn our attention to two subjects which are not frequently tackled by the corporate media. The first one expands on matters we covered in the second part and to a lesser degree the first part of this interview. The second subject is anonymity. Browsing the Web these days is hard without identifying oneself, due to many cookies and cross-site interaction (e.g. Google and Facebook code inside plenty of Web pages). I asked Stallman what to use for search and the full transcript follows.
Dr. Roy S. Schestowitz: Whenever the source code is being passed for the NSA before release, as you see before the release of Windows Vista or Windows 7, they always pass it through the NSA and they assure you that it’s fine and that it [has[ gone through hardening of the operating system. I think fewer people will believe that after the Snowden leaks, but anyway I…
Dr. Richard M. Stallman: Well, the thing is, it’s different in the case of Windows because Microsoft keeps that source code secret from the users, which is in itself reason to distrust it and that’s why it has the universal back door. The users can’t take that out, so once software is proprietary, that means that the owner of a program has power over the users, it subjugates the users and that is an opportunity for abuses. But that opportunity is not there in the same way with Free software where the users can change this code. Not only do it individually, but they can work together to make their own version of it.
RSS: I’d like to [discuss] different sort of strand of topics. I have everything written down in terms of, like, one-word or two-word kind of a summary of things I wanted to go through and the next few things are to do with browsing and the of of the Internet in the form of the World Wide Web.
So, the first thing I wanted to ask you is, what do you suggest to people who want to do a Web search and what do you use yourself?
RMS: Well, it’s fine to use any search engine as long as it has no idea of who you are.
RSS: And which one would you personally use the most?
RMS: Well, I generally use DuckDuckGo first, but I will use the Google search engine also.
RSS: There are several… OK, this actually relates to a discussion I’ve been having all over the Internet in the past few months and the thing about DuckDuckGo, it’s hosted in the United States, whereas something like IXQuick or StartPage are based in Holland, and some people have pointed out that DuckDuckGo is using Yahoo, which basically means Microsoft for search results, to a certain degree. And they also seem to be very…
RMS: Look, we don’t know to what extent [duck duck go records things]…. there is no proof that DuckDuckGo doesn’t track IP addresses, for instance, of requesters. And they could have been [tracking], right? What can they possibly do to prove that they don’t track people? The point is, I don’t refuse to use Google search engine either because I just never find myself in such a way… I always just use it from other people’s computers, people who have let me use them, of course. I don’t break security, I borrow people’s computers for a few minutes… for a while [incomprehensible] to use, so my searches are done from lots of different machines and each of those machines is mainly used by others.
RSS: OK, so basically you suggest trying to discourage the tracking by using different IP addresses…
RMS: Well, you could use Tor also. The point is, if you identify yourself to a search engine, you are basically helping it track you.
RSS: And increasingly they do provide incentives for people to be logged in, explicitly, when they are using a service like YouTube or Google search engine, which is something that didn’t happen before and I think that’s something that exploits the need for convenience — to have people give away their identity whenever they use the search engine, which didn’t exist about 10 years ago, it’s a new thing. Also, I wanted to point out, I had this small argument with DuckDuckGo over the fact, for example, that even though they don’t retain the data, all of their infrastructure is hosted on Amazon, so Amazon knows people’s IP addresses and whether there is some tracking at the router or some place or another, there might be a third party knowing…
RMS: Yeah, the point is that, the NSA might snoop all your packets and see that you’re sending a packet to DuckDuckGo. You can’t stop that, so the point is, I don’t assume that doing the search there means that I won’t be recorded in any way, but there’s no way they would know that it was me.
RSS: So basically, the notion of anonymity is important here. The use of the Net anonymously…
The next part will deal with anonymity in a broader context, so stay tuned.
We hope you will join us for future shows and consider subscribing to the show via the RSS feed. You can also visit our archives for past shows. If you have an Identi.ca account, consider subscribing to TechBytes in order to keep up to date.
As embedded (HTML5):
Keywords: gnu fsf richardstallman