Frosty Posted May 11, 2015 Share Posted May 11, 2015 I'm interested to hear opinions and arguments on the issue of privacy and how it relates to the Non Aggression Principle. More specifically I'm interested in the issues of modern day privacy with digital communications and private digital information that can be copied or replicated as opposed to taken or stolen like a more traditional message that relies on physical media to be communicated. I'm a hacker and I'm aware of different techniques that can be used to passively capture and break encrypted messages between devices/people that don't rely on force, coercion, manipulation, lying, threatening or even any kind of interaction with the people communicating. Hackers tend to end up with skill sets which allow them to do things that the state makes illegal (although often perform themselves) but it also opens up somewhat of a moral grey area for me as a libertarian and how this relates to an objective morality based world view. Can passive collection of private information alone be a violation of the NAP? What about if you learn something private about someone but you never do anything with that information, it simply remains in your head as a memory, you never replicate, leak or otherwise use that information to harm the other person. If not the NAP are there any other universal moral principles that passive invasion of privacy would violate? Link to comment Share on other sites More sharing options...
J. D. Stembal Posted May 11, 2015 Share Posted May 11, 2015 Can passive collection of private information alone be a violation of the NAP? If not the NAP are there any other universal moral principles that passive invasion of privacy would violate? No, I don't think it is a violation because individuals voluntarily decide to put that information on the internet (for the most part). The notion of privacy on the internet is a complete farce. Read any privacy agreement, and you will understand to what extent you actually have the opposite of privacy. Whatever knowledge or information you do not wish people to have, keep it off the network. This is why I find it abhorrent that people upload pictures and video clips of their kids to Facebook. You are exposing your child to the entire world without their consent. Link to comment Share on other sites More sharing options...
Frosty Posted May 11, 2015 Author Share Posted May 11, 2015 What about private communication between 2 people, for example a facebook chat message or a phone call, something you reasonably expect to be private because there's technology to encrypt that communication, but people can passively sniff network traffic and break the encryption. Just for clarity when I say passive collection I mean collection that is done without modifying or "touching" the original message, any breaking of security technology is done through brute force or abusing weaknesses in the technology, not through trickery or interaction with the people doing the communicating. I'm struggling to see the "aggression" part in the collection only part, obviously the use of private information to bribe or coerce someone is morally wrong and an obvious violation of the NAP. Link to comment Share on other sites More sharing options...
TheRobin Posted May 11, 2015 Share Posted May 11, 2015 Well, I'm no hacker, but I doubt there's anything passive in what you describe. In order to collect ANY information it has to end up on your PC somehow and in order to do that you need to "tell" other PCs (that aren't yours) that they need to send you this information. Unless the owners of those PCs consent to that, you're breaking the NAP by using their property without consent. Link to comment Share on other sites More sharing options...
J. D. Stembal Posted May 11, 2015 Share Posted May 11, 2015 What about private communication between 2 people, for example a facebook chat message or a phone call, something you reasonably expect to be private because there's technology to encrypt that communication, but people can passively sniff network traffic and break the encryption. The only way you can have a practical expectation of privacy is if you chat with people alone face-to-face, barring any high-tech snooping devices. There is a legal protection from having your mail read since it is a federal crime to open mail not addressed to you, but I wouldn't consider it practical, as it's not too hard to open an envelope, or the addressee to show the correspondence to another person. Whether it's passive or active hacking, snooping, or data mining, it does not matter. Nothing on a network connected to the internet will ever have an expectation or certainty of privacy. This is the side-effect of living in the information age. There are no secrets, at least not for long. One the whole, this is a positive development, because it means evil people cannot hide their misdeeds without the tacit consent of nearly everyone else in the world with an internet connection, and the will to liberate data. Link to comment Share on other sites More sharing options...
ProfessionalTeabagger Posted May 11, 2015 Share Posted May 11, 2015 It's commendable that you are questioning the morality of your actions imho. Link to comment Share on other sites More sharing options...
Frosty Posted May 12, 2015 Author Share Posted May 12, 2015 Well, I'm no hacker, but I doubt there's anything passive in what you describe. In order to collect ANY information it has to end up on your PC somehow and in order to do that you need to "tell" other PCs (that aren't yours) that they need to send you this information. Unless the owners of those PCs consent to that, you're breaking the NAP by using their property without consent. All wireless communication can be collected without active interference, it just radio waves that anyone can read. When it comes to physical networks it's very similar except you need to have some kind of physical connection to the network somewhere, typically this data is routed through several pieces of equipment between people and it may travel through networks you don't own and who can easily read the traffic without modifying it, that doesn't infringe on anyone's property. Essentially you can think of this not as telling their PC to send you data but simply listening to the network and pretending you have every possible address (this is called promiscuous mode for anyone interested, network cards in promiscuous mode never reject traffic they always read traffic even if it's not addressed to them), and I don't believe you can exclusively own an address or address space in that manner. There seems to be a class of problems where the gut says that this is immoral and that the golden rule would be enough to say that ideally we don't breach each others privacy, but I'm struggling to really work that back to first principles, I'm not a fan of the "you're a dick" kind of rule that Stefan has talked about before, we can all kind of casually agree that it's a dickish thing to do but that's not very philosophical, I'm not convinced there's a way to stretch the definition of aggression to something that's completely passive in nature There is a legal protection from having your mail read since it is a federal crime to open mail not addressed to you, but I wouldn't consider it practical, as it's not too hard to open an envelope, or the addressee to show the correspondence to another person. Oh certainly there's many laws that cover this stuff, but as most of us probably agree, a lot of our laws do not track from first principles and in a libertarian or anarchist society may not exist unless we can find good philosophical reasons to back them. I suppose a voluntary society could enact laws that we can't reason from first principles are immoral or bad but hold those values anyway, seems like a slippery slope though. It's commendable that you are questioning the morality of your actions imho. I think it's an important part of hacking and, there's a lot of moral grey areas that hackers face, even just with respect to current laws which struggle to keep up with the fast paced technology world, but also if you're deriving your morality somewhat objectively from universal first principles like the NAP then that seems to leave an even wider scope for allowable actions. I tend to err on the side of caution and most of my work is solidly in the realm of white hat hacking (hacking system that I either own or have explicit permission to hack) as I'm breaking into doing this as a career, but a lot of these attacks are very abstract quite frankly what we think of classically communicating like say sending a letter to someone which is protected against snooping largely because we can adequately seal letters and consider them property seems to fall apart with digital communications protected with with cryptography. 1 Link to comment Share on other sites More sharing options...
Agalloch Posted May 12, 2015 Share Posted May 12, 2015 Not read much of this post, read about two lines of the OP starting "I'm a hacker (sic, cracker?)..." Obvious first thought was to see if I could add to the only important discussion to be had given ops misunderstanding of his potential behaviour, so I did a search for "ISP" and couldn't find it. I don't think they use a different term in the Americas, so in worried as to what is being discussed here... Words like privacy are euphemisms, not for moral situations where privacy is an invalid moral category, but for the results of immoral actions. Much like free speech isn't a natural right but an arbitraty set of situations in which people wish government was actually restrivted, invading someone's privacy often involves more simple immoral actions. So disvudd them, not the useless concept of privacy. Which brings me back to, why has nobody mentioned the OPs ISP? He implies all his access is remote, as he doesn't engage in social engineering, and that he doesn't access the internet usually, as that udually requires physical access which denies someone's property rights. In that case, the op is likely breaking an explicit or implicit contract with their service provider, which they're fully in their rights to have given that the internet isn't some magical floating mass of information but accessed through the numerous physical devices the ISP is allowing the op access to. As for the implicit contract, everyone understands that cracking is unwanted, and no contract will bother mentioning it if the law says that it is a given. As such, its a more than reasonable thing to consider contractual between ISP and op. Link to comment Share on other sites More sharing options...
square4 Posted May 13, 2015 Share Posted May 13, 2015 With wireless communication, it is not uncommon that your neighbor is sending their waves of data into your house. It is then a small step to capture and analyse the data for possible weak or missing encryption. So there are situations where passive capturing of private information is possible. An example is also the Google street view cars that captured private wireless data. A possible principle could be that we have property rights in information that we produce, and that consent is needed to use it. A possible objection to this is that information property rights necessarily restrict physical property rights. They cannot both be fully valid at the same time, because information always resides also at some physical location. So it isn't possible to deduce information rights from physical property rights. It also cannot be deduced from the non aggression principle. But that doesn't mean the principle is invalid. In the modern technological situation, with the internet and the cloud, ownership of the physical means on which your information is stored is becoming less common. Despite that, many people desire the right of exclusive control over certain information that they created, for various reasons (privacy or economic). Even if digital ownership is not accepted as independent principle, the owners of the physical layer of digital spaces could of their own accord implement terms and conditions that make digital ownership possible in the digital virtual world. And often they do. Link to comment Share on other sites More sharing options...
labmath2 Posted May 13, 2015 Share Posted May 13, 2015 Passive capturing sounds like eavesdroping or pointing a telescope at someone's window. I do not think those are immoral. Link to comment Share on other sites More sharing options...
TheRobin Posted May 13, 2015 Share Posted May 13, 2015 Thanks for clarifying the technical part. Essentially you can think of this not as telling their PC to send you data but simply listening to the network and pretending you have every possible address (this is called promiscuous mode for anyone interested, network cards in promiscuous mode never reject traffic they always read traffic even if it's not addressed to them), and I don't believe you can exclusively own an address or address space in that manner. But I don't think it's a matter of owning the adress but more of fraud then. For example, you also can't own a name, but if you know a packet is waiting for someone at the post office to pick up and you present a false ID with their name on it so you can get to the packet that's still fraud on your part, or wouldn't you say? I mean, the adress only describes the location of where your mailbox is, so when someone sends you stuff (like if you bought something from amazon), the contract is, you give them money and they put the packet in your mailbox (more or less). So if someone else also puts a nother identical mailbox where yours is in order to receive the package, then that's theft, cause they don't have such an agreement with amazon and so they don't get the packet with their consent. Link to comment Share on other sites More sharing options...
Frosty Posted May 13, 2015 Author Share Posted May 13, 2015 Not read much of this post, read about two lines of the OP starting "I'm a hacker (sic, cracker?)..." Obvious first thought was to see if I could add to the only important discussion to be had given ops misunderstanding of his potential behaviour, so I did a search for "ISP" and couldn't find it. I don't think they use a different term in the Americas, so in worried as to what is being discussed here... Words like privacy are euphemisms, not for moral situations where privacy is an invalid moral category, but for the results of immoral actions. Much like free speech isn't a natural right but an arbitraty set of situations in which people wish government was actually restrivted, invading someone's privacy often involves more simple immoral actions. So disvudd them, not the useless concept of privacy. Which brings me back to, why has nobody mentioned the OPs ISP? He implies all his access is remote, as he doesn't engage in social engineering, and that he doesn't access the internet usually, as that udually requires physical access which denies someone's property rights. In that case, the op is likely breaking an explicit or implicit contract with their service provider, which they're fully in their rights to have given that the internet isn't some magical floating mass of information but accessed through the numerous physical devices the ISP is allowing the op access to. As for the implicit contract, everyone understands that cracking is unwanted, and no contract will bother mentioning it if the law says that it is a given. As such, its a more than reasonable thing to consider contractual between ISP and op. The term hacker isn't well defined, I tend to use the broad definition that someone such as Richard Stallman would use, which is playful cleverness, much of the hacking I do is technical and related to computers and digital systems, but certainly not all of it is. The specific case here is digital communications where information is communicated with some expectation of privacy via the use of encryption or similar methods but through technical weaknesses can be discovered. All encryption can be broken with sufficient hardware and time. I've specifically addressed the issue of privacy in this context because it presents an uncommon set of circumstances where privacy can be invaded in what I believe to be a way that does not constitute explicitly immoral actions at least as far as the NAP is concerned. Simply stating that it's often the case that invasions of privacy require immoral actions is not a good argument in this case. ISPs don't really factor in to the circumstance I'm talking about, the ISP has a contract between themselves and the person who has an expectation of privacy, a 3rd party listening in has no such agreement or contract with the ISP or the "target" with which to break and often the ISP is not involved in any kind of meaningful way anyhow, the service you're snooping on might be self provisioned. I did acknowledge that laws clearly state a lot of this is illegal already, however they also state that you go to prison if you don't pay your taxes but in a libertarian/anachist society these would be seen as immoral, hence my investigation into how laws for such actions could be morally and philosophically justified. With wireless communication, it is not uncommon that your neighbor is sending their waves of data into your house. It is then a small step to capture and analyse the data for possible weak or missing encryption. So there are situations where passive capturing of private information is possible. An example is also the Google street view cars that captured private wireless data. Yeah you can completely passively capture and crack all wireless data from all common wifi standards as well as GSM cellular data, again completely passively, there are active attacks you can do but for the sake of avoiding nitpicking details I'm trying to eliminate technical details by simply discussing classes of attack where there can be no reasonable sense of aggression involved in revealing communication. It's really to get to the heart of the problem which is tying the concept of privacy inherently back to first principles. Thanks for clarifying the technical part. But I don't think it's a matter of owning the adress but more of fraud then. For example, you also can't own a name, but if you know a packet is waiting for someone at the post office to pick up and you present a false ID with their name on it so you can get to the packet that's still fraud on your part, or wouldn't you say? I mean, the adress only describes the location of where your mailbox is, so when someone sends you stuff (like if you bought something from amazon), the contract is, you give them money and they put the packet in your mailbox (more or less). So if someone else also puts a nother identical mailbox where yours is in order to receive the package, then that's theft, cause they don't have such an agreement with amazon and so they don't get the packet with their consent. In the case of picking up a parcel claiming to be someone else we have an analogy that's just not sufficiently nuanced for a couple of reasons. First of all wireless data can be copied and isn't stolen in the same way that it denies the original message from existing or being correctly delivered. Also the data in wireless transmission is just broadcast out to a specific address, all network cards read that data, and do in order to determine the address its intended for, except normally if its not addressed to you then it's simply ignored, in promiscuous mode the card just captures all the data irrelevant of address. It requires no handshaking or negotiation with the sender and so there is no confirmation of identity of the recipient and so it cannot be analogous to fraud. In something like a MITM (man in the middle) attack where you advertise to targets that you're a specific identity/address which you in reality aren't, to explicitly have them send data to you, that is a reasonably analogy for fraud. These are called active attacks since they require active interaction with target systems, passive attacks that I'm discussing don't meet these same criteria. Link to comment Share on other sites More sharing options...
Agalloch Posted May 14, 2015 Share Posted May 14, 2015 The term hacker isn't well defined, I tend to use the broad definition that someone such as Richard Stallman would use, which is playful cleverness, much of the hacking I do is technical and related to computers and digital systems, but certainly not all of it is. The specific case here is digital communications where information is communicated with some expectation of privacy via the use of encryption or similar methods but through technical weaknesses can be discovered. All encryption can be broken with sufficient hardware and time. I've specifically addressed the issue of privacy in this context because it presents an uncommon set of circumstances where privacy can be invaded in what I believe to be a way that does not constitute explicitly immoral actions at least as far as the NAP is concerned. Simply stating that it's often the case that invasions of privacy require immoral actions is not a good argument in this case. ISPs don't really factor in to the circumstance I'm talking about, the ISP has a contract between themselves and the person who has an expectation of privacy, a 3rd party listening in has no such agreement or contract with the ISP or the "target" with which to break and often the ISP is not involved in any kind of meaningful way anyhow, the service you're snooping on might be self provisioned. I did acknowledge that laws clearly state a lot of this is illegal already, however they also state that you go to prison if you don't pay your taxes but in a libertarian/anachist society these would be seen as immoral, hence my investigation into how laws for such actions could be morally and philosophically justified. I know what hacking is, and it has nothing to do with privacy, which is why I questioned the term and used cracking in my post as that was clearly your intention. You can't use Stallman's definition of Hacker, with the public connotations of hacker, that's basically new speak. You continue to talk in euphemisms and vagueness. "through technical weaknesses can be discovered" doesn't actually describe the actual physical interactions, Are you now arbitarily restricting yourself to only Wi-Fi snooping? Again though, you're using vagueness to hide the real actions. Wi-Fi isn't magical floaty data, it's an electromagnetic communication standard that requires physical hardware, which you don't have permission to access, and you are fully aware of what you are accessing when you snoop on that information. Otherwise, ISP's do factor, not because your victim has an ISP, but because I very much doubt you have a direct legal hardline to the internet backbone with no contractual stipulations, and so you are likely breaking explicit or implicit restrictions with your own ISP. Hiding the immoral actions doesn't make them go away. Just because I say my shop is moral because I'm selling items voluntarily, doesn't mean the fact all my shops merchandise is stolen is suddenly moral. Provide an explicit situation instead of saying "might be self provisioned", or other vagueness. Morality is about actions, not euphemisms like privacy. The law also sets down the rules for paying in Restaurants. Do you think a Libertarian society would have restraunts that want you to leave without paying? My point about the Law was clear, ISP's would restrict these activities if the State didn't. Link to comment Share on other sites More sharing options...
kenshikenji Posted May 14, 2015 Share Posted May 14, 2015 there are no rights to privacy in a free market that exist outside of explicit contract. this applies to all rights. 1 Link to comment Share on other sites More sharing options...
Frosty Posted May 15, 2015 Author Share Posted May 15, 2015 I know what hacking is, and it has nothing to do with privacy, which is why I questioned the term and used cracking in my post as that was clearly your intention. You can't use Stallman's definition of Hacker, with the public connotations of hacker, that's basically new speak. You continue to talk in euphemisms and vagueness. "through technical weaknesses can be discovered" doesn't actually describe the actual physical interactions, Are you now arbitarily restricting yourself to only Wi-Fi snooping? Again though, you're using vagueness to hide the real actions. Wi-Fi isn't magical floaty data, it's an electromagnetic communication standard that requires physical hardware, which you don't have permission to access, and you are fully aware of what you are accessing when you snoop on that information. Otherwise, ISP's do factor, not because your victim has an ISP, but because I very much doubt you have a direct legal hardline to the internet backbone with no contractual stipulations, and so you are likely breaking explicit or implicit restrictions with your own ISP. Hiding the immoral actions doesn't make them go away. Just because I say my shop is moral because I'm selling items voluntarily, doesn't mean the fact all my shops merchandise is stolen is suddenly moral. Provide an explicit situation instead of saying "might be self provisioned", or other vagueness. Morality is about actions, not euphemisms like privacy. The law also sets down the rules for paying in Restaurants. Do you think a Libertarian society would have restraunts that want you to leave without paying? My point about the Law was clear, ISP's would restrict these activities if the State didn't. Well as I said, it's not a well defined term, actually the computer type of hacker such as one that only exists in the digital space is a much newer and more specific use of a much older and more general term that started out in MIT. I don't really want to get distracted with this point though because it's not really relevant to the topic, I'll just clarify by saying I consider myself a hacker in the more classical sense of clever playfulness, only some subset of what I tinker with is electronic or digital. Let me be more precise to clear up some confusion. The reason I didn't describe specific physical actions because that's going to be beyond most peoples understanding and is more likely add confusion rather than remove it, I don't believe it's necessary to discuss what is going on in terms of electromagnetic waves in order to investigate the issue of the principles privacy in a more general philosophical context. But I'm more than happy to discuss the lower level interactions and why I believe that they don't violate the NAP, something I go into later in this post. My restriction to Wi-fi only was not arbitrary, I've discussed and acknowledged that many different types of snooping require violation of the NAP to be achieved, however I've made an observation that in some circumstances there appears to be no clear violation of the NAP. This is open to interpretation and I'm happy to discuss if that really is the case or not but after quite a lot of thought my honest opinion is that there is no violation of the NAP in these cases. Now, if this really is the case (note, I say if) and my gut feeling is that invasion of privacy is immoral, then is there any other principles that we can infer this immorality from, or framed another way how does privacy factor into something like universally preferable behaviour (UPB)? Could it simply be that violations of privacy in some circumstances simply aren't immoral? I should note that I've not made up my mind either way, the point of bringing this up was to discuss it with others and see other peoples arguments on it as a way to investigate the issue. But let me get more technical and set a more specific example in order to clear up some of your concerns. I'll give you a real world example that anyone with a few bucks can do. We take a laptop with a wireless network card that is able to run in promiscuous mode. The normal operations of wireless cards is to read all traffic they're capable of reading, inspecting the header of the data packet to see who the packet is addressed to and then discarding any that are not addressed to itself and forwarding any that are addressed to itself on to the networking stack so the operating system can handle that data. Cards running in promiscuous mode simply read all packets irrelevant of their address and forward all of them onto the OS. In this example we take the laptop and we listen in a physical area that contains some number of access points and clients who connect and send data to that access point. We then let our wireless device simply "listen" to and record messages sent back and forth. Wireless communications for those who are less familiar with how electromagnetic waves work are closely analogous to regular human to human speech. The wi-fi cards are analogous to the mouth and ears of a person which are able to transmit messages and receive them. Voice messages transmitted are in the form of air pressure waves which propagate outwards and everyone who is close by can hear, this is how wireless communication is done with computers but instead using electromagnetic waves, every active wi-fi card is listening to the electromagnetic spectrum and listening for all messages that fit the wi-fi standard. I'd argue that because of the passive nature of capturing traffic that doesn't require interaction with the communicating parties, there is simply no sense in which you're acting in aggression. You wouldn't say that by being close enough to hear someone talking that you're accessing their mouth with your ears, we understand that eavesdropping like this couldn't possibly be construed as aggression. You can potentially be trespassing while you eavesdrop or you can fraudulently appear to be someone you're not while you eavesdrop, but neither of these are prerequisites for the principle of eavesdropping. Certainly the concerns of ISPs do not come into play in the circumstance I'm talking about, you're not connected to an ISP or sending data through an ISP nor do you have any agreement with the target access point or client, data that goes between the client and AP may not even be forwarded onto the internet. there are no rights to privacy in a free market that exist outside of explicit contract. this applies to all rights. To my surprise the more I think about it the more I'm certain that this conclusion is true. You can negotiate privacy with someone before you reveal information to them however in a more broad technical sense if you want to transmit publicly so anyone can receive the message, then your only expectation of privacy can be to the degree you're able to obfuscate the message so it's unreadable, which is what encryption is for. If you rely on an encryption standard that is weak to being broken that is surely your own fault when others are able to decrypt it? For example if me and you agree in secret to somehow modify the meaning of regular English and we have a conversation in a room full of other people, we can reasonably expect that no one will be able to decipher what we're saying unless they know the rules by which we modified the meaning of words. However if someone who is listening puts in sufficient effort to break this code and discover the original meaning we cannot say this person acted with aggression towards either party. If they go on to use the real message to intimidate, threaten, coerce or alike then obviously that is aggression but the act of simply learning it may not be. The conclusion seems oddly unintuitive especially given the states laws to protect encryption, that is to say breaking encrypted radio messages is not legal in many places. Could it be in these circumstances that expecting an inherent right to privacy is really just a statist invention and that with something like universally preferable behaviour as a moral system there's no such moral principle that guides this behaviour? Obviously if you create a circumstance where it's impossible to violate privacy without also violating the NAP, such as having a conversation inside private property where no one can hear or see then you, then you can reasonably expect privacy. But this is only through circumstance you're boot strapping privacy from an unrelated moral principle (the NAP) by communicating in specific ways that are conducive to secrecy. I think it's an interesting topic, I'd love to hear more opinions on the matter. Link to comment Share on other sites More sharing options...
Bradford26 Posted May 15, 2015 Share Posted May 15, 2015 Level of Deterrence - Are safeguards in place to prevent theft? Aggression depends on the person being affected by an action. There are situations when people are allowed to take things from others because they don't care if the items are taken, a washing machine on the curb, for example. However, if there are safeguards in place to communicate that an item is not available for taking, then it is no longer acceptable to take that item. Doors, fences, chains and locks all qualify as deterrents Level of Control - Is the owner known? It becomes tricky when control is lost or ownership isn't immediately clear. A stray dog may be owned, but without a collar or tracking chip, it's acceptable to pick the dog up and claim it. When the owner of the dog is clearly identified by a tag or tracking chip, then it is no longer acceptable to take the dog. Negatives can also accrue this way, in case the dog attacks someone or whatever. Level of difficulty in discovering the owner could also effect the level of control. Aggression Spectrum No Deterrence/No Control - No ownership Low Deterrence/No Control - Weak ownership. It would likely be a jerky move to take this. High Deterrence/No Control - Medium ownership. This would likely be stealing. No Deterrence/Low Control - Weak ownership. It would likely be a jerky move to take this. No Deterrence/High Control - Medium ownership. Taking this would likely be stealing. Low/High Deterrence/Low/High Control - Strong ownership. This would more likely be stealing. Radio Waves Radio waves might be classified as No Control/Low to High Deterrence since the owner isn't known and it usually (?) has some kind of encryption. However, I assume that by breaking the encryption, the original owner could be discovered. If so, then the classification changes to Low to High Control/Low to High Deterrence. Conclusion Based on the above analysis, I conclude that the NAP is broken somewhere along the spectrum when the level of deterrence (theft prevention) and level of control (known ownership) combine to create a high enough ownership value. Link to comment Share on other sites More sharing options...
Frosty Posted May 17, 2015 Author Share Posted May 17, 2015 That's an interesting summary, I do think it matters if someone is attempting to protect something because it directly infers intent of the message, although less so in the case of encryption because in the vast majority of cases people do not understand the schemes that protect them or even that they are being protected. I think where I primarily disagree with this is that reading a copy of a transmission medium as theft, it has the same problem as copy protection, there's no way to apply theft to this in a meaningful way, at least with regards to the legal definitions. Digital media has been available to copy (duplicate) which precludes it from being theft, something that is commonly misunderstood with copyright unfortunately. This is one step even further removed from the copy protection example, because you don't even access a device or system to copy this, you simply read the data from the radio waves, it's something that all wireless cards are already doing because they need to inspect the data header to determine if the data packet is address to them or not. I'm struggling with the idea of ownership of messages, I'm not sure that's a valid idea. Maybe the ownership of something physical like a letter or parcel, or even an electronic device, but not a specific configuration of electromagnetic waves. 1 Link to comment Share on other sites More sharing options...
Bradford26 Posted May 18, 2015 Share Posted May 18, 2015 Thanks for your comments. I agree that the ability to duplicate something does blur the line between right and wrong. I don't know the answer to that. I agree that the content of a message can't be owned, since a message is just an idea. An Analogous Example The example of radio waves and cell messages is analogous to sound waves and voice messages. When communicating verbally, you must send your sound waves in all directions, just like cell radio waves. There are certain things you can do to prevent people from intercepting the message, like whispering into someone's ear or closing your door, just like encryption on a cell radio wave. If your office neighbor closes their door to make a private phone call, you can sometimes hear muffled sound which can easily be dismissed, just like the cell radio listening for messages addressed to itself and dismissing the others. If you take a cup or directional microphone and put it against the wall to to hear the message clearly, it's just like setting up a computer program, or browser (or whatever) to eavesdrop on wireless communications. Eavesdropping is unethical, but it isn't immoral. "Maybe the ownership of something physical like a letter or parcel, or even an electronic device, but not a specific configuration of electromagnetic waves." I think you make an illogical leap when you list a specific configuration of electromagnetic waves along with parcels and electronic devices. Technically, it would be the electronic waves themselves! Do people own the electromagnetic waves that their cell phones generate? I submit that they do, because if you send out enough waves to make people sick, you'd be held responsible for the damage. Therefore, when you eavesdrop on encrypted wireless communication, you are manipulating electromagnetic waves that belong to someone else in order to extract a message that you know they do not want you to receive. That sounds very close to immoral to me. Link to comment Share on other sites More sharing options...
Agalloch Posted May 19, 2015 Share Posted May 19, 2015 @Frosty, Bradford62: In relation to your shared incorrect basis that loss is required for something to be immoral... Rape? Assault? Almost every contract violation? That was just a silly thing to agree to, to be honest. Just because someone else says it could only be equivelant to theft and can't be because a fourth a party arbitarily describes theft as requiring the owner to have no access, doesn't make any of that true. Link to comment Share on other sites More sharing options...
Frosty Posted May 19, 2015 Author Share Posted May 19, 2015 I agree with the analogous example of sound waves, I made the same kind of analogy in one of my prior posts. Lets assume for a moment that I concede that you can own electromagnetic waves, which I'm not really convinced you can, that is to say a specific configuration (certain frequencies and certain encoding of data sent across that frequency). Does that not just have the same issues of ownership as digital property that can be copied without altering or destroying the original? I see these as the same class of problems, I find it hard to see how this can be construed as aggression in any sense of the word. In the analogy if reading radio waves was indeed in breach of the NAP then surely so would eavesdropping on a conversation (where no other violations of the NAP were taking place, such as fraud, trespassing, etc)? So if you and a friend have a conversation in a public place and you don't see me behind you and I hear what you're saying, is that essentially in violation of the NAP? The analogy seems good enough, again you could say that by making a sound so loud that you ruptured eardrums and damaged hearing that you'd own the consequence of that action, so is the same true for owning the airwave you produce when you communicate? It's tricky. @Agalloch, I'm not bias towards loss being required for something to be immoral, we're talking about a very specific circumstance where we've ruled out other interpretations of the NAP such as physical violence, coercion and fraud which would otherwise be the basis for immorality without the need for loss. I think we all have the same gut feeling that violation of privacy ought to be considered immoral, I'm just trying to derive that clearly and concisely from the NAP, and when we investigate the route of ownship of the transmission medium such as airwaves or electromagnetic waves in these specific examples, we encounter practical problems of ownership. I think you'd have to concede that if reading electromagnetic waves that "belong" to someone else and you don't have permission to read is immoral, that the same is true for sound waves in a conversation. I just can't make that leap to overhearing a conversation between 2 people who are talking in a public place as immoral and that seems to be the logical conclusion of this line of thinking. Maybe it's a violation of the NAP in some other sense, I'm open to all arguments. Link to comment Share on other sites More sharing options...
Agalloch Posted May 19, 2015 Share Posted May 19, 2015 @Frosty: Well I was specifically responding to Bradford62's comment, "I agree that the ability to duplicate something does blur the line between right and wrong" which makes no reference to even the inaccurate claim that contract violation is wrong only because it's "theft". However, your comment "available to copy (duplicate) which precludes it from being theft, something that is commonly misunderstood with copyright" heavily implies that you also misunderstand the situation.We definitely don't agree on privacy, as I stated earlier in the thread: You don't require euphemisms like privacy to see why it's wrong to knowingly interpret electromagnetic waves from a device you don't have permission to access.A public place is likely a violation of private property. Also this is exactly the kind of jump you only get when using euphemisms like privacy. What does a public conversation have todo with Wireless router ownership? Link to comment Share on other sites More sharing options...
Frosty Posted May 21, 2015 Author Share Posted May 21, 2015 We definitely don't agree on privacy, as I stated earlier in the thread: You don't require euphemisms like privacy to see why it's wrong to knowingly interpret electromagnetic waves from a device you don't have permission to access. A public place is likely a violation of private property. Also this is exactly the kind of jump you only get when using euphemisms like privacy. What does a public conversation have todo with Wireless router ownership? Again you're talking about "access" to a "device" which is just not what is occurring here, a device creates a message which propagates out, there's no sense in which you're accessing someone's device you're simply measuring the propagation of a wave. When I say a public place I'm constructing a hypothetical scenario with specific properties that eliminate other possible forms of aggression to try and narrow this down to the core discussion which is the question that should privacy as a concept in its own right be something that we consider immoral to violate, regardless of the mechanics of how its violated. Put another way if we only consider violation of privacy immoral because the NAP is being ignored, then if you adhere to the NAP but are still able to learn some private information then that should not be seen as immoral? The public conversation was an analogy for wireless communication, the 2 are closely analogous and it helps clear up confusion with regards to "accessing devices", you no more access someone else's router by reading radio waves than your ear accesses someone's mouth when they talk and create sound waves. Maybe we should just drop the router case for the moment and focus on something that has less technical ambiguity otherwise we'll get distracted with details, we can come back to that when we have found some common ground. Lets just focus on conversation between people in a public place. Is it immoral for me to knowingly interpret airwaves (sound) of 2 people having a discussion they both want to remain private? Let's assume no violence is taking place, no fraud or manipulation, no trespassing. If this scenario is immoral how can we construct the argument from first principles such as the NAP? Link to comment Share on other sites More sharing options...
Agalloch Posted May 25, 2015 Share Posted May 25, 2015 Again you're talking about "access" to a "device" which is just not what is occurring here, a device creates a message which propagates out, there's no sense in which you're accessing someone's device you're simply measuring the propagation of a wave. When I say a public place I'm constructing a hypothetical scenario with specific properties that eliminate other possible forms of aggression to try and narrow this down to the core discussion which is the question that should privacy as a concept in its own right be something that we consider immoral to violate, regardless of the mechanics of how its violated. Put another way if we only consider violation of privacy immoral because the NAP is being ignored, then if you adhere to the NAP but are still able to learn some private information then that should not be seen as immoral? The public conversation was an analogy for wireless communication, the 2 are closely analogous and it helps clear up confusion with regards to "accessing devices", you no more access someone else's router by reading radio waves than your ear accesses someone's mouth when they talk and create sound waves. Maybe we should just drop the router case for the moment and focus on something that has less technical ambiguity otherwise we'll get distracted with details, we can come back to that when we have found some common ground. Lets just focus on conversation between people in a public place. Is it immoral for me to knowingly interpret airwaves (sound) of 2 people having a discussion they both want to remain private? Let's assume no violence is taking place, no fraud or manipulation, no trespassing. If this scenario is immoral how can we construct the argument from first principles such as the NAP? Privacy isn't a principle, it's a euphemism. As I've already stated, a public conversation isn't analogous to accessing a wireless routers data, so you're trying to prove a principle in one situation and then apply it inaccurately to another. You seem to have the impression that because of your limited understanding of philosophy and probably less than equal to my knowledge about wireless technology and cracking that somehow I'm lacking in information, please don't pass your burden on to me. Of course you are accessing the router when you intentionally intercept and interpret data it is broadcasting. You are completely aware of what you are interpreting, it isn't just magical floating data without a source, and you need some idea where it came from to decypher it. How hardware can determine whether the information is for them is clearly layed out in the 802.11 standard, so there's no ambiguity that you are accessing data from a router not intended for your use. Just because you don't touch the router with your bare hands is silly, the same would happen if you accessed a telelphone cable outside someone's property. Link to comment Share on other sites More sharing options...
Frosty Posted May 25, 2015 Author Share Posted May 25, 2015 Privacy isn't a principle, it's a euphemism. As I've already stated, a public conversation isn't analogous to accessing a wireless routers data, so you're trying to prove a principle in one situation and then apply it inaccurately to another. You seem to have the impression that because of your limited understanding of philosophy and probably less than equal to my knowledge about wireless technology and cracking that somehow I'm lacking in information, please don't pass your burden on to me. Of course you are accessing the router when you intentionally intercept and interpret data it is broadcasting. You are completely aware of what you are interpreting, it isn't just magical floating data without a source, and you need some idea where it came from to decypher it. How hardware can determine whether the information is for them is clearly layed out in the 802.11 standard, so there's no ambiguity that you are accessing data from a router not intended for your use. Just because you don't touch the router with your bare hands is silly, the same would happen if you accessed a telelphone cable outside someone's property. You've only stated that a pubic conversation isn't analogous to wireless communication you haven't actually demonstrated this. You're being mealy mouthed which is not helping the situation, let's clear some of that up to make this a bit easier to reason. First of all you've created a fallacy of ambiguity, you're equivocating with the use of the term "access" and continue to misuse this despite being pointed out several times that this simply isn't true. There's 2 senses in which the term access could be applied here, you say: isn't analogous to accessing a wireless routers data then Of course you are accessing the router when you intentionally intercept and interpret data it is broadcasting You're conflating the 2 and using them interchangeably and that's causing confusion, let's be extremely crystal clear on this. You are not accessing a device, there is no sense in which you are accessing the device. There are senses in which accessing it could be true such as sending radio waves in order to negotiate a session which authenticates you with the network and/or lets you log into and manage the device, we're not talking about this. Accessing a device you don't own could reasonably be seen as violation of the NAP to which I'm sure we both agree. Where as accessing or interpreting data has not been demonstrated to be in violation of the NAP, radio waves aren't property any more than sound waves are, you don't own exclusive rights to them, nor has it been demonstrated that interpreting that data is in any way aggression. Next, you use the term intercept, this is misleading because it suggests that you stop the radio message from reading its destination, you do not, so lets not use misleading words like intercept. I never said that you weren't aware of what you are interpreting, nor did I say or infer that it's magical floating data without a source, the sources are very clear, it's a router or some kind of access point and a 2nd device negotiating with it. All the data you need to decrypt/decypher the information is self contained within the packets of data that are sent, you don't require anything other than passively reading the data to decypher it. Yes the wireless standard clearly states that in the header of the packet you put the address of the device it is intended for, this means that wireless devices are interpreting all electromagnetic data and inspecting the headers of all packets to determine if the content of the data packet is intended for itself or not. There is no ambiguity that you're accessing data which is not intended for your use, but how is this in any way in violation of the NAP. What do intentions have to do with anything? Does that mean if I transmit a message through some medium (lets say verbal) and it's interpreted by an eavesdropper (let's say you), and my intention is that this message remains private and only intercepted by the intended recipient (lets say by my brother Joe) then does that mean you're also in violation of the NAP when you interpret the message because you're physically located between me and Joe? Just because you don't touch the router with your bare hands is silly, the same would happen if you accessed a telelphone cable outside someone's property. Hold on, but you're the one saying that there's no such thing as privacy and that it's only a euphemism you only get what many people would consider "privacy" through the degree to which you can protected the message such that it requires a violation of the NAP to interpret it, so surely the technicalities actually matter? Accessing a telephone cable that you don't own is certainly in violation of the NAP as this is someone else's property, however the electromagnetic spectrum used for radio waves, or the air used for sound waves cannot reasonably be owned by anyone as we all use them to communicate. Besides it's not just a case of not touching the router with your bare hands, you're not "touching" it or "accessing" it in any sense of the word, you can capture 4 way hand shakes with hardware which is designed to be receive only and is completely incapable of transmitting or in any way capable of interacting with another piece of hardware, this is all purely data in the air. Link to comment Share on other sites More sharing options...
john cena Posted June 22, 2015 Share Posted June 22, 2015 I think some of you may be missing the point. Inherently no, there is no privacy guaranteed by the NAP. But remember we can do anything through consensual contractual obligations. First I'd like to say that over the internet, there is absolutely no way to get a really secure connection without physically exchanging keys with the other person. I don't know how interested people are in this, but it's very important. Modern SSL (when your browser says HTTPS) uses public key authentication. This means that when you connect, both parties exchange public keys remotely. Each public key can only be used to decrypt information. Each party then uses a corresponding private key to decrypt the information. This key is kept secret. So in theory if you are directly connected to the person you are communicating with, you are secure. However that is not at all how it works in modern systems. MITM attacks can easily break greater than military grade encryption simply by being the person controlling the internet. If you can listen in, you can gain both public keys, and then communicate with both parties as if you are either of them. This makes traditional encryption utterly and completely useless against government agencies and ISPs. This is fundamental to understand because in our current system there is no recourse for people who are illegally spied on. So in conclusion in the current case of ISP monopolies combined with government tapping fiberoptic/undersea cables and potentially MITM attacking every single encrypted connection in the world, yes it is absolutely immoral that they are doing this, because it specifically goes against your contract with the ISP, as well as violating your supposed "social contract" with the government to a fourth amendment in the US. I'm not sure if you are asking about the current situation, or the situation in a free market. In a free market, privacy would be prediscussed with any ISP you did business with. Without governments having the ability to illegally tap cables without suffering consequences, there is really no problem here. Because if the ISP violates your contract, that are liable for some prediscussed sum. (If you negotiated the contract that way, which I'm sure would be offered as many privacy minded people as there are out there) So in a free society, there are only a few cases for your private information to be solen across the wire. 1. Hackers illegally tap cables and perform MITM attacks.In this case, it is clearly punishable because you are interfering with the property and operation of the ISP which is very serious. 2. The ISP goes back on your privacy agreement, which leads to compensation to you. 3. An attacker gains access to your computer physically, stealing your information. (This is the tough situation) At face value, clearly the attacker has stolen from you by simply using your computer. Electricity costs and wear and tear caused by the attack (however minimal) still exists. Thus at face value they would be in fact violating the NAP by simply accessing your computer without your consent. That being said, I think it does have a lot to do with what is stolen. If they steal nothing but you internet history, maybe you don't deserve any compensation. I simply can't answer that. But if they did steal something like the schematic to a new machine you were designing, an article you were writing, etc these are clearly stealing intellectual property. Don't get me wrong, I am not a proponent of copyright law, however when some plan/article is not publicly available for sale and dissection to replicate it and instead is directly stolen, this is a clear violation of the NAP. If anyone wants to know more about the technical information I discussed: Standard public key cryptography: https://en.wikipedia.org/wiki/Public-key_cryptography MITM attacks: https://en.wikipedia.org/wiki/Man-in-the-middle_attack In conclusion, absent a giant fiat currency powered NSA able to directly tap private information lines, I don't see any problem with privacy that we can't fix with encryption. Link to comment Share on other sites More sharing options...
Frosty Posted June 30, 2015 Author Share Posted June 30, 2015 I think the conclusion is really just what I arrived at eventually myself then. There is only privacy when either: 1) You explicitly negotiate privacy in a contract with a specific party. 2) You build a system that requires a violation of the NAP in order to breach privacy. In the 2nd case which is the more general case, since you don't have contracts regarding privacy with the vast majority of people on earth, this is how most of our privacy comes about. Unfortunately with the 2nd case sometimes information isn't protected by the NAP, but rather through obscuring the information in some way that makes it hard or impossible to break, in these cases privacy comes from things like strong encryption but its vulnerable to being broken under certain circumstances. In the case of passive interception attacks on wireless networks I believe this to hold true, there is no aggression committed here. MITM attacks could reasonably be seen as fraud and so in violation of the NAP. Link to comment Share on other sites More sharing options...
john cena Posted September 15, 2015 Share Posted September 15, 2015 In the case of passive interception attacks on wireless networks I believe this to hold true, there is no aggression committed here. MITM attacks could reasonably be seen as fraud and so in violation of the NAP. Here's my question to the community: If Jill leans to Jack and whispers the location of a hidden treasure that he has discovered and wishes for him to go and claim, yet the conversation is overheard by a third party who goes and gets it first, depriving Jack of the treasure Jill discovered specifically for him. This could also be applied to a situation where Jill whispers secret plans for her new novel/machine/program that is sure to make millions. Again a third party secretly listens in and "takes" the idea for himself before Jack has the means to produce it himself. Has the NAP been violated here? Clearly information was received by a person it was not intended for, and this information used in a way not intended by the transmitter. Is this morally right, wrong, or neutral in this case? Is the responsibility merely held by the transmitter of the message to ensure it's contents, or is there some responsibility by the third party not to exploit overheard conversation? Would this be handled at all through morality or simply contractual obligation? Link to comment Share on other sites More sharing options...
joej Posted October 19, 2015 Share Posted October 19, 2015 Because people own what they create, in this case communications, using them without their permission is a violation of property rights. This problem is corrected because in a stateless society ultimate property rights would have to be observed. Link to comment Share on other sites More sharing options...
Recommended Posts