Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

So when I send data over the internet, am I "giving" it to everyone who owns a router along the route? I wouldn't say so.


They can all read it, if you're using http. In what sense are you not giving it to them?

Even on https, they can see who you are and who you're visiting.


The USPS can read my mail, but I am not giving it to them (legally or morally).

Also, tor isn't HTTP. It's quite heavily encrypted.


The only relevant information being used by the government is who visited what site. (If this is incorrect, let me know). That corresponds to the outside of letters, which the government can read legally without a warrant.


The outside of letters isn't encrypted. The destination in Tor is encrypted by design to everyone who is expected to know who you are. It's literally the purpose of Tor to make that information private.

Or to put it a different way, if Tor doesn't create a reasonable expectation of metadata privacy, what would?


>Or to put it a different way, if Tor doesn't create a reasonable expectation of metadata privacy, what would?

According to the theory put forward in the second part of http://www.abajournal.com/magazine/article/the_data_question..., nothing.


How does the absurdity of that result not serve as its own refutation?


Why is that absurd? The theory is well defined and defended.


The theory doesn't work. It's based on the idea that if you go out into public the police could traditionally have followed you to see where you go.

Which isn't actually true. They didn't have the resources to follow everyone everywhere all the time. And if they were following you, it was possible for you to observe them. There are methods to detect a tail, so you could employ them and then not go to the secret place until there is no one watching. To maintain "technological neutrality" it would require there to exist equivalent digital methods for people to use to prevent being observed.

Kerr's whole premise of technological neutrality is also questionable unless you apply it both ways. But does it really make sense to say that the police can't use fingerprints or DNA evidence because it wasn't traditionally available? How does that framework make any sense at all?


>There are methods to detect a tail, so you could employ them and then not go to the secret place until there is no one watching. To maintain "technological neutrality" it would require there to exist equivalent digital methods for people to use to prevent being observed.

Honestly Tor seems like a great analogy here. It makes it far more difficult to be observed, but it's fallible, as is trying to spot a tail.


But the question isn't whether someone could use a welding torch to break into your safe, the question is whether you have a reasonable expectation of privacy.

Because the consequence isn't that the police can't get the information, it's only that they need a warrant first.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: