We love the EFF, and they can practically do no wrong. The SSD Project is just another stand-up example of their public service. Keep up the great work!

RTFA: https://ssd.eff.org/

The Electronic Frontier Foundation (EFF) has created this Surveillance Self-Defense site to educate the American public about the law and technology of government surveillance in the United States, providing the information and tools necessary to evaluate the threat of surveillance and take appropriate steps to defend against it.

Surveillance Self-Defense (SSD) exists to answer two main questions: What can the government legally do to spy on your computer data and communications? And what can you legally do to protect yourself against such spying?

After an introductory discussion of how you should think about making security decisions – it’s all about risk management – we’ll be answering those two questions for three types of data:

First, we’re going to talk about the threat to the data stored on your computer posed by searches and seizures by law enforcement, as well as subpoenas demanding your records.

Second, we’re going to talk about the threat to your data on the wire – that is, your data as it’s being transmitted – posed by wiretapping and other real-time surveillance of your telephone and Internet communications by law enforcement.

Third, we’re going to describe the information about you that is stored by third parties like your phone company and your Internet service provider, and how law enforcement officials can get it.

RTFA: http://www.youtube.com/watch?v=izMGMsIZK4U

Imagine that every time you print a document, it automatically includes a secret code that could be used to identify the printer — and, potentially, the person who used it. Sounds like something from a spy movie, right?

Unfortunately, the scenario isn’t fictional. Most color laser printers and color copiers are designed to print invisible tracking codes across every single printed page of their output. These codes reveal which machine produced a document and, in some cases, when the document was printed or copied.

Fun! …and a little bit scary. However, there is some interesting software that can protect your privacy from your boss (even if it is ineffective against government entities). Enter yellowdot, which creates a random dot pattern that you can print on top of documents you’ve already printed. Maybe it doesn’t work at all, but maybe (just maybe) it can keep the office IT guru from figuring out who printed that whistle-blowing document.

From the yellowdot page:

For years, commercial printers have quietly inserted yellow dots into their output for the purpose of tracking which printer was used to create any document. The purpose of the “yellowdot” software is simply to bring attention to the issue, and to thwart amateur attempts to use these yellow dots to breach privacy.

This software will create a PNG containing yellow dots that can then be overlaid onto existing printer output. These dots are randomly distributed across the image, and are therefore not useful for securely obfuscating the identity that is encoded within the printer’s generated dot pattern. However, “yellowdot” raises the amount of resources that must be expended to successfully identify the printer that generated a given document. It is hoped that “yellowdot” can be used to thwart amateur attempts to breach privacy, such as could conceivably be practiced in an office environment.

The commercial printer yellow dot initiative has been endorsed in some capacity by the United States Secret Service for the purpose of thwarting currency counterfeiting. As of October 2008, there is no law that requires printers to generate yellow dots for any purpose, including identification purposes. This software is not intended to be used for committing fraud, and it is the belief of the author that this software, in fact, cannot be used for such purposes. By analyzing a sufficient sample of printer output, the “noise” that is generated by this program can be eliminated, and the original printer source can be reconstructed.

Cool! The instructables howto has just been neutralized! …if you want to undo the yellowdot overlay, you’ll have to do some serious statistical work to extract the identifier information.

UPDATE 2008-10-23 Thanks to boingboing for the pointer to the video. Credit for the yellowdot software goes to Ian Dennis Miller.

UPDATE 2008-10-24 Added link to the original EFF Instructables.

RTFA: http://www.eff.org/cases/att/attachments/master-co…

68. Since on or about February 1, 2001, BellSouth has disclosed and/or divulged the “call-detail records” of all or substantially all of their customers, including Plaintiffs, to the NSA, in violation of federal law, as more particularly set forth below.

69. BellSouth has, since on or about February 1, 2001, been disclosing to the NSA “individually identifiable customer proprietary network information” belonging to all or substantially all of their customers, including Plaintiffs, in violation of federal law, as more particularly set forth below.

Today, on the US Senate floor, a bill is being discussed that may or may not include a provision that grants retroactive amnesty to telecommunications companies that participated in the NSA’s domestic surveillance of telephones in the US. Bush has said that he will veto any bill that doesn’t include amnesty.

The excerpt above was taken from the complaint filed specifically against BellSouth, from the Factual Allegations section. These simple facts will mean everything, because if they are accepted as fact, it indicates that there is evidence this domestic surveillance program began seven months before September 11, 2001.

George W. Bush was sworn into office on January 20, 2001. This lawsuit would establish that, within two weeks of swearing to uphold the US Constitution, Bush had authorized the establishment of this surveillance program.

Today, the US Senate will decide whether or not this lawsuit, and others like it, should be thrown out of court.

RTFA: http://www.salon.com/opinion/greenwald/2007/10/17/…

The impact of amnesty on these investigations:

GG: So, if Congress were to enact a law providing amnesty to telecoms — something like the Bush administration is demanding, whereby the telecoms would receive retroactive amnesty — that would essentially put a halt to your lawsuit?

CC: We would certainly argue that it didn’t, but it’s fair to say that it would put a pretty large hurdle in front of us for going forward. . . . GG: But you would expect AT&T’s lawyers and the telecom industry to argue that the amnesty they got from Congress does in fact bar those claims as well?

CC: Yes. Their goal is plainly to get rid of these litigations full stop. They don’t want the courts to ever rule on whether this is legal or not. That’s their goal. . . .

It’s certainly the goal of the administration and the phone companies to ensure that there’s never a decision about what’s been going on is legal or not. The telecom cases are the last, best hope.GG: In all of these cases that might result in an adjudication as to whether the surveillance programs were illegal, the Bush administration has been actively invovled in trying to block these cases from proceeding at all?

CC: That’s right – they made the same “states secrets” argument as they made in our case in all these other cases as well.GG: And having lost the “state secrets” argument in your case, and also in the ACLU case originally, they’re now attempting to put a stop to these cases through the amnesty law that they’re seeking?

CC: I think that’s right. They’re afraid. I think it’s fair to say that they’re worried they’re not going to win with the rules of the game as they were set up at the time they started spying on everyone. They’re running to Congress to try to change the rules of the game going forward, and trying to cover up what’s happened in the past. And the question is – - is Congress going to go for this?

Great interview.