Members: Your thoughts on a more secure ATS.

Some would give up their privacy for security...I'd give up a few more seconds of my time for some more privacy! (I have nothing to hide but eavesdropping is just plain RUDE.)

Sure, I say give it a try!

I support the idea of greater security - but at the option of the individual member.

I love the speed of currently navigating the site but would be willing to go slower if it beefs up my privacy.

And I do think there are members here who would definitely feel more comfortable about the added security.

As an aside - it is a darn shame that ATS is even having to consider doing this - but such is the nature of our current situation.

Always,
Shawnna

Here's a few suggestions of mine that just might work. First is to scrutinize all IPs that have an address that coincides with a government address. Second, make it a requirement that all the I.P.s from members and non-members alike are do not match any addresses that may appear suspicious. Third and final one, this may apply only to the forums, make sure that articles posted do not match any of these suspicious I.P. addresses either.

Just a few of my crazy thoughts.

at sign-of-the-times forum in the COINTELPRO forum there's a thread named " abovetopsecret.com EXPOSED ",
how did the information in that thread effect the security of ATS ?

Was that connection removed or was none of that true?

I noticed there was no contradiction to the opinion they expressesed so I didn't know if that meant none of you knew about it ,
or it was a lie and not worth your time to defend such a claim against ATS.

just curious

BINGO. She does not have a single shred of real evidence to back up her insane rantings and frankly, it is above ATS to even acknowledge her existence, much less any of the BS she spews.



[edit on 12-4-2006 by Shawnna]

Originally posted by gimmefootball400
Here's a few suggestions of mine that just might work. First is to scrutinize all IPs that have an address that coincides with a government address. Second, make it a requirement that all the I.P.s from members and non-members alike are do not match any addresses that may appear suspicious. Third and final one, this may apply only to the forums, make sure that articles posted do not match any of these suspicious I.P. addresses either.

Just a few of my crazy thoughts.

Unfortunately that would be useless since they could proxy through any public proxy server. Also, Im guessing that they have access to any ISPs services, hence they would be able to use the first 3 digits of any ISPs IP address.

The NSA could easily intercept the encryption key sent between ATS and the end user and use it to decrypt the data. So personally, I think it would be a waste of resources to encrypt the data. Besides, I like the idea that when I post something like "the NSA can go *enjoy* themselves!", the NSA might read it.





Mod Edit: Profanity/Circumvention Of Censors – Please Review This Link.

[edit on 4/13/2006 by Majic]

I would be more concerned about the type of privacy/security issues which Valhall brought up in her thread:

www.abovetopsecret.com...

If the government wants to know who is on this board, and what is being said, I can't help but think they could do it if they really wanted to.

I would think beefing up security aimed at possible government data mining would only serve to give the perception that ATS has something to hide from the authorities...which it doesn't, far as I can tell.

(I hope the above link was formatted correctly...still learning the ropes.

I already said how I felt about this, but I just wanted to ask this:

Wouldn't tighter security raise suspicion even more? Wouldn't that suggest that we have something to hide and attract even more attention and "challenge" them to find the information, i.e. challenge hacks? Given that some members are afraid of their safety - for some reasons I sometimes fail to see - but history taught us that people that really would need security, like our informants from Area 51 with exclusive alien pics, are almost always liars.

What I'm saying is: If you are secretive, you'll make people curious, and they will fish for more information. If you "apparently" have nothing to hide - no one will give you any thought.

And if you really want to share secret information - there are ways, and there are ways.

yeah i agree...i like to say NSA go *enjoy* yourselves...other than that i think nsa and fbi already knows who we are....i know they know who i am...cause im on the fed watchlist cause i got a terrorist charge a couple of years ago. so i guess you could call me ur inhouse ATS Official Terrorist .....BOMBS AWAY kaboom...lol

[edit on 4/13/2006 by ConfederacyOfUnity]

[edit on 4/13/2006 by ConfederacyOfUnity]




Mod Edit: Profanity/Circumvention Of Censors – Please Review This Link.

[edit on 4/13/2006 by Majic]

Great Idea


I'm all for it, anything , any area more secure would make alot of us feel better....

Originally posted by Shawnna
She does not have a single shred of real evidence to back up her insane rantings and frankly, it is above ATS to even acknowledge her existence, much less any of the BS she spews.

Who and what are these comments aimed at?
I must have missed it.

Originally posted by ConfederacyOfUnity
im on the fed watchlist cause i got a terrorist charge a couple of years ago.

Now you've got my curiousity up.
What for? And if you really are on a
watch list, then I have to take back what
I said. I didn't think anyone in the
government would care what was said on
this site. But perhaps they peek in .. just
to keep an eye on you.

well, I dont know whether I am an idiot or just complacent but I don't care really.
Big Brother watches or tracks...big deal. All I know, when I am driving to work, I make sure to wave at the cameras on the freeway and everytime I get money out of the ATM, I know 'they' know where I am... oh and so too when I go to the Doc...the national register knows when I do go and how often...etc etc Why they even know if my kids arent immunised and when there next shot is due....

I honestly dont give a rats...

but at the same time...what would the Feds want with me? How paranoid are we becoming? Bring it on...wow! can you imagine being so 'special' that some govt org is tracking or watching you? Gee, that changes the whole shower routine


knock knock... who is there? ah its the FBI...

open up...

lol

er...you have been posting some stuff on ATS...

lmao

There has to be a balance, I mean the trogan was invented by the powers that be, to catch 'criminals'...paedophiles etc...
Dont we want them off the street or out of our kids playgrounds? oh and as for marketing... the pop up cookie lol now knows what my interests are...which sites I go to and what I am interested in...

um...wow like my thoughts are so important to the big scheme of things...

get a grip!!

lmao
sorry, if others dont see ANY humour in this whatsoever, but strange me, finds it hilarious.... laughing and apologising at the same time... he he he

rotflmao


sorry again, but just got out and read the same page and someone said...."the more secure the better!"

oh no!! how secure do you wanna be? Arent our terrorism laws secure enough?!!

why its almost so secure I can hardly move sideways!! lol

take a deep breath and relax! again...breathe, relax...and one more time

*sighs*

I REALLY hope ATS doesn’t cave in to this ‘security craze’ bs. Please, staff and management, I would like to believe that you are smarter than that…

SSL is Not going to offer in true ‘security’. It might help to make some folks ‘feel better’, but ‘feeling better’ and ‘being secure’ are two different things. (for example, a good bottle of booze might help you to ‘feel better’, too, where’s the security in That?)

I Know it’s a cliché, but, “Responsible people govern themselves.”

If you are willing to surrender that responsibility to someone else, that’s it, you are now out of the loop, you Surrendered.

This whole ‘security’ issue boils down to an issue of Faith.

Some people no longer have Faith in certain aspects of the information delivery system (AT&T/NSA). Now we are discussing the possibility of placing our Faith in another aspect of the information delivery system (SSL)…

We can argue how ‘good’ or ‘bad’ SSL is, but the question is, ‘how much Faith do You have in SSL and Why?’

IF you do have Faith in SSL, then another important question to ask is, ‘How long do you think that Faith will last?’

If ATS decides to go down the SSL road, then please don’t do it behind the guise of ‘security’.

Do it because you Want to. Do it because it will help some people to ‘feel better’ about themselves. Do it because it’s a groovy bell and whistle that will help make this site Rock. Do it because it’s Fun and Fab and Nifty.

Please don’t do it because of Fear.

rock on
twj

Originally posted by ConfederacyOfUnity
yeah i agree...i like to say NSA go *enjoy* yourselves...other than that i think nsa and fbi already knows who we are....i know they know who i am...cause im on the fed watchlist cause i got a terrorist charge a couple of years ago. so i guess you could call me ur inhouse ATS Official Terrorist

.....BOMBS AWAY

kaboom...lol

So what terrorist act did you commit? Did you blow up a truck full of cow poop?

The New Cyberterrorism

Originally posted by GlassRunner
So what terrorist act did you commit? Did you blow up a truck full of cow poop?

Far worse: hijacking an ATS security thread.







(Just teasin'.)



Meanwhile, somewhere in the Midwest, federal agents began closely monitoring commercial cow manure shipments...

Originally posted by Majic
Public Privacy

I'm not sure I see a need for SSL encryption all around.

With the exception of a few private forums like RATS and the staff forums, ATS is publicly-accessible.
Even for the private forums, I frankly haven't seen anything that should worry any government -- or ATSers, should the government gain access to it. As much as I love my fellow members, the truth is that from a national security standpoint, we're rather boring.

So for posting and general member access (which consists mostly of browsing public forums anyway), I'm not seeing a driving need or anything that would justify a performance hit -- unless I'm overlooking something.

Low Profile

If I were to look at an area of ATS security that I would want to upgrade, it would be the member login process and profile data.


Another area worthy of ensuring a high level of security for would be all access by staff members: moderators, super-mods and admins.

Any form of interception of any of these accounts or access points would have grave consequences for the security and integrity of the site. So for staff accounts, full-time https might be a good idea.

Also, being a paranoid maniac like I am, I think anything that can ensure the safety of the ATS databases is of utmost importance. If we lose our data, we're gone.

My impression is that there is already a great deal of care taken with the data, but there's no such thing as "too cautious" when it comes to the database at the heart of our online community.

I agree 100% with what Majic has said.
Securing member logins, member data, staff access and database security/integrity like Majic has mentioned, are my recommendations too.
'Since the final destination of most posts is a thread anyone in the world can look at anyway, I don't see a strong need for post encryption per se'.



[edit on 14-4-2006 by mikesingh]

Few Questions,

Why are you going with SSL as opposed to SSH which is simply better ?

If there is indeed some dangerous info posted by a member and visible to the public then how does encrypting the login page, post page etc prevent the NSA from finding out who the user is ? They can still see the users name, they know ATS dot com's IP address and can find out where your servers are, knowing this they can just get a court order to curtail "seditious activities" and trace the traffic records that ATS keeps and thus nail that particular ATS member's location easily. FBI comes and taketh the vigilante away !!

Why encrypt the login page ? Is there a fear that people would "hack" our passwords and post on our behalf ???

What does ATS hope to achieve with this ? The NSA/determined crackers would be able to break ATS servers and get any/all info they want. Doesnt this attempt at quasi-protection simply dull the membership into falling for a false sense of security ?

Wouldnt it be much easier, cheaper and more effective to "educate" the ATS membership how to become more 'anonymous' than they already are through the use of firewalls, proxies, secure encryption’s, etc ?
I think there are a lot of network professionals on the ATS membership that would be able to teach/educate other members how to achieve a very high level of anonymity with open source software that are freely available on the net with minimal cost to ATS(cost of running a couple of threads and editing ATS code to stop keeping IP logs and instead sorting IP hits in real time to determine the region hits only.) and with maximized security to all the members, more than anything that SSL can achieve anyway.

posted by phiniks: “I have to say: for such an enormous forum it's surprisingly fast. It would be a pity if that speed goes down.

Our security is in the number of participants and their postings. I'm sure if any NSA types wanted to de-crypt any board or forum, it would take only a few moments. I would hope the NSA & etc have more important work to do.