has our world changed, after snowden? it is a question i ask myself, sometimes.. now, hours ago, i read about kasperky detecting some malware, allegedly from nsa.. as always, in such cases, i ask myself where is the money to be made?? why re-invent the wheel if you know very well that it is square..? they publish basically non-information. if you believe half of it,you could get paranoid.. so i am not over paranoid, i still believe it is too expensive to monitor a fat old walrus from the wrong side of the pond, for anyone.. but, but, but, snowden exposed a lot of backdoors, in my preferred software. so, imo, yes, our world has changed, and not for the better.. your thoughts??
I read about this also today .. It was surprising that non-usa based manufacturers would knowingly participate in their firmware being exploited .. I think I'll wait for responses before my hyper paranoia kicks in .. But I'm with you we need to keep a watchfull eye on this .. For the record there are many in the US including myself when it comes to the internet there is no pond only us and them (NSA) .. The NSA is something that was at the end of the day implemented by the wealthiest 1% of the world .. That's what Snowden helped to put the spot light on IMPO . http://www.huffingtonpost.com/2015/02/16/nsa-computer-spying_n_6694736.html We have evolved in some ways ..
Although this doesn't relate to Snowden directly, it is related to the subject. I've been watching this unfold as well. Some more related info on the firmware subject. http://www.zerohedge.com/news/2015-...what-may-be-biggest-nsa-backdoor-exploit-ever And more trouble ahead for the NSA: http://patriotrising.com/2015/02/16/nsa-braces-news-leak-cyber-surveillance-work/
And the sad part is that the average person neither knows nor cares about -any- of the various security exploits that exist today. We become concerned when We become a victim. To answer Nodnars' question I say Yes. And the world is still changing because of Snowden, albeit slowly and subtly. To be honest, I care very little about whatever information the NSA gleans about me. They already know who I am and what I do. I'm no threat to anything that they're doing. I'm more concerned with cyber-thugs who do malicious things, just because they can or for a profit. We need to be aware of their antics, and how to thwart them.
Wasn't long ago BadUSB was discovered/announced/released. I figured it was only a matter of time before someone checked the HDD firmware as well. Code: http://thehackernews.com/2014/10/badusb-malware-code-released-turn-usb.html might be additional info in this link as well Code: http://thehackernews.com/2015/02/hard-drive-firmware-hacking.html
I don't think this is limited to hard drives, I'm sure many other things have been infiltrated. The electronic system on your car for example or maybe your fridge. Snowden opened your eyes to the reality of the situation. He put doubt in your minds about policy, people and technology. The repercussion is that the knowledgeable maybe become paranoid. The ignorant and stupid are oblivious. Due to human backwardness through the lust for power and control, an inflection point is looming. The human races' ultimate stupidity lies in its' fragmentation mentality. Race, Religion, Class etc have all fragmented the human race and deterred progress. Now the problem of fragmentation will have a dire impact on technology. The US has been the forerunner of technological innovation for some time. If this lust for control continues in such a blatant way as has been exposed by Snowden and co. It seems reasonable that the rest of the world, with the capabilities, will choose other avenues for their technological progress.
Another interesting story though not directly to Snowden or the NSA: Lenovo ships PCs "pre-infected" with malware: Lenovo Shipping PCs with Pre-Installed 'Superfish Malware' that Kills HTTPS On a Snowden topic: The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle Latest on SIM card hack: NSA & British GCHQ Hacked SIM Card Maker to Steal Encryption Keys to Spy on Billions of Cellphones Humiliating Admission By UK Government That Yet More Of Its Surveillance Was Unlawful
I can go on and on with articles like this, but the general public will still refuse to believe that governments are spying on them, or they wish to believe that it is a good thing because it is helping to catch terrorists, when it has been proven that here in the US of all the hundreds of millions of people that they are spying on it has only helped them thwart 2 terrorist attacks/cells (whatever). SIM card maker Gemalto investigates spy agencies' hack attack
as for superfish, seems microsoft adapted defender to delete it, including the certificate, except in firefox..
Worst Spying In World History – Worse Than Any Dystopian Novel – Is Occurring RIGHT NOW *Update Lenovo In Denial: Insists There's No Security Problem with Superfish *Update 2015-02-25 Gemalto: NSA and GCHQ Probably Hacked Us, But Didn't Get SIM Encryption Keys
most of humanity behaves a bit like a convicted criminal who has to wear an electronic ankle band on a judges`orders.. the difference is that most of humanity are volunteers, who pay through the nose for the privilege to be under constant surveillance..
New leaked documents from Snowden: Code: [edit] TCB Jamboree 2012 (S//NF) The Information Operations Center's Engineering Development Group will hold its seventh annual Trusted Computing Base Jamboree from February 7-9, 2012. Visit the TCB Program WIKI.CIA page at: https://wiki.cia/ [edit] (U) Invitation (S//NF) The Information Operaticns Center's Engineering Development Group would like to announce the seventh Trusted Computing Jamboree. The Jamboree is organised and sponsored by the Security of EDG's Emerging Technologies Branch (ETB). As in past years, the Jamboree will be an informal and interactive conference with an emphasis on presentations that provide information to developers trying to circumvent or exploit new security capabilities. (U) The Jamboree will be held Tuesday-Thursday, February 7-9, 2012 at the Lockheed Martin Dulles Executive Plaza II, 13560 Dulles Technology Drive, Herndon, VA 20171. Tuesday and Wednesday will run from 9am to 5pm, Thursday will run from 9am to 12pm. (S//NF) The TCB Program continues to explore architectures that will have a significant impact on future Information Operations. Technologies such as the Trusted Platform Module (TPM) pose both threats and opportunities for the Intelligence Community. (S//NF) The main purpose of the Jamboree will be to discuss how the results of the Security Portfolio research can be applied today. Rather than an overview of all the activities within the Program, we will present notable results that will provide developers insight into how to meet the threats of the TCG architectures and embedded architectures and how they can exploit new avenues of attack. Source: iSpy: The CIA Campaign to Steal Apple’s Secrets *Yet more news: Wikimedia v. NSA: Wikimedia Foundation files suit against NSA to challenge upstream mass surveillance A good read: Spoiler Newly released documents obtained via NSA whistleblower Edward Snowden have revealed that the CIA attempted for a decade to gain access to data on Apple’s i devices as part of the intelligence establishment’s continued mass spying program. “Studying both ‘physical’ and “non-invasive” techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted firmware,” The Intercept report by Glenn Greenwald states. The CIA set its sights on accessing user data on iPhones and iPads all over the globe, according to the documents, as well as attempting to introduce backdoors to the devices, in order to monitor them at will. “This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.” the report notes. Within the documents, CIA researchers brag that they have found a way to introduce surveillance backdoors into practically every mobile application downloaded via the Apple App Store. The spooks say that they did this by creating a modified version of the Xcode integrated development environment, which is a Apple’s proprietary suite of tools used to develop software for OS X and iOS. “The modified version of Xcode, the researchers claimed, could enable spies to steal passwords and grab messages on infected devices. Researchers also claimed the modified Xcode could “force all iOS applications to send embedded data to a listening post.” It remains unclear how intelligence agencies would get developers to use the poisoned version of Xcode.” The CIA hackers also boasted that they had managed to modify Apple’s OS X updater, which is used to automatically update software and programs on Apple computers. The agents claimed that they had successfully installed a “keylogger” via the OS X updater, meaning keystrokes from users could be logged and analysed. “The Intelligence Community (IC) is highly dependent on a very small number of security flaws, many of which are public, which Apple eventually patches,” the CIA researchers noted during a secret presentation. The documents note that the CIA began the surveillance effort in 2006, while the first iPhone was still in development. The spooks bragged about the inroads they were making in 2011 at an event known as “Jamboree,” a hush hush confab for the “intelligence” community held at a Lockheed Martin facility inside an executive office park in northern Virginia. “Lockheed Martin’s role in these activities should not be surprising given its leading role in the national surveillance state,” says William Hartung, director of the Arms and Security Project at the Center for International Policy. “It is the largest private intelligence contractor in the world, and it has worked on past surveillance programs for the Pentagon, the CIA and the NSA. If you’re looking for a candidate for Big Brother, Lockheed Martin fits the bill.” Last year, an admission by Apple that a “bug” in its operating system had left devices open to potential hacking had experts questioning whether the security hole was intentional, in order to allow the NSA backdoor access as part of its mass spying program. Apple acknowledged that a “goto fail” command in the company’s SecureTansport protocol had left iPhones, iPads, and MacBooks vulnerable to data intercept on networks and wireless connections. Anyone who had knowledge of the security flaw, could have accessed secure data, Apple noted. A separate Snowden leak, around the same time one year ago, revealed that the NSA had infiltrated iPhones with a program known as DROPOUT JEEP, which allowed the agency access to text messages, voicemails and other personal data. Apple has vehemently denied having knowledge of the NSA’s activities. “Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone,” Apple said in a January 2014 statement. “Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers’ privacy and security.” The company is yet to comment on the latest developments. The latest revelations also come on the heels of a report revealing that the NSA and the British GCHQ successfully compromised the internal network of the world’s largest SIM card manufacturer, allowing them to gain access to millions of encryption keys for mobile phones around the world.
This world is a crazy place to live in. Siri is recording everything you say And Apple admits that it is going to 3rd parties. (c) Siri and Dictation. If your iOS Device supports Siri and Dictation, these features may allow you to make requests, give commands and dictate text to your device using your voice. When you use Siri or Dictation, the things you say will be recorded and sent to Apple in order to convert what you say into text and to process your requests. Your device will also send Apple other information, such as your name and nickname; the names, nicknames, and relationship with you (e.g., “my dad”) of your address book contacts; song names in your collection, and HomeKit-enabled devices in your home (e.g., “living room lights”) (collectively, your “User Data”). All of this data is used to help Siri and Dictation understand you better and recognize what you say. It is not linked to other data that Apple may have from your use of other Apple services. By using Siri or Dictation, you agree and consent to Apple’s and its subsidiaries’ and agents’ transmission, collection, maintenance, processing, and use of this information, including your voice input and User Data, to provide and improve Siri, Dictation, and dictation functionality in other Apple products and services.
The recent documents revealed by Edward Snowden show how closely New Zealand is working with the NSA to maintain surveillance coverage on the South-Pacific region. Source: Sputnik
Glen Greenwald posted some articles on his site about the recent NZ document releases, the NZ media seems to be responding also. Intercept article, Google: NEW ZEALAND LAUNCHED MASS SURVEILLANCE PROJECT WHILE PUBLICLY DENYING IT NZ Prime minister interview, Google: PM refuses to rule out mass surveillance - Radio New Zealand
The Wolf Is Guarding the Hen House: The Government’s War on Cyberterrorism "The game is rigged, the network is bugged, the government talks double-speak, the courts are complicit and there’s nothing you can do about it.”—David Kravets, reporting for Wired Nothing you write, say, text, tweet or share via phone or computer is private anymore. As constitutional law professor Garrett Epps points out, “Big Brother is watching…. Big Brother may be watching you right now, and you may never know. Since 9/11, our national life has changed forever. Surveillance is the new normal.” This is the reality of the internet-dependent, plugged-in life of most Americans today.
I like to think that has changed. But I suspect that a lot of people simply don't care enough and have forgotten about it completely...
Stop the Cybersecurity Information Sharing Bills Why Privacy Matters Even if You Have 'Nothing to Hide': Spoiler Why Privacy Matters Even if You Have 'Nothing to Hide' By Daniel J. Solove When the government gathers or analyzes personal information, many people say they're not worried. "I've got nothing to hide," they declare. "Only if you're doing something wrong should you worry, and then you don't deserve to keep it private." The nothing-to-hide argument pervades discussions about privacy. The data-security expert Bruce Schneier calls it the "most common retort against privacy advocates." The legal scholar Geoffrey Stone refers to it as an "all-too-common refrain." In its most compelling form, it is an argument that the privacy interest is generally minimal, thus making the contest with security concerns a foreordained victory for security. The nothing-to-hide argument is everywhere. In Britain, for example, the government has installed millions of public-surveillance cameras in cities and towns, which are watched by officials via closed-circuit television. In a campaign slogan for the program, the government declares: "If you've got nothing to hide, you've got nothing to fear." Variations of nothing-to-hide arguments frequently appear in blogs, letters to the editor, television news interviews, and other forums. One blogger in the United States, in reference to profiling people for national-security purposes, declares: "I don't mind people wanting to find out things about me, I've got nothing to hide! Which is why I support [the government's] efforts to find terrorists by monitoring our phone calls!" The argument is not of recent vintage. One of the characters in Henry James's 1888 novel, The Reverberator, muses: "If these people had done bad things they ought to be ashamed of themselves and he couldn't pity them, and if they hadn't done them there was no need of making such a rumpus about other people knowing." I encountered the nothing-to-hide argument so frequently in news interviews, discussions, and the like that I decided to probe the issue. I asked the readers of my blog, Concurring Opinions, whether there are good responses to the nothing-to-hide argument. I received a torrent of comments: My response is "So do you have curtains?" or "Can I see your credit-card bills for the last year?" So my response to the "If you have nothing to hide ... " argument is simply, "I don't need to justify my position. You need to justify yours. Come back with a warrant." I don't have anything to hide. But I don't have anything I feel like showing you, either. If you have nothing to hide, then you don't have a life. Show me yours and I'll show you mine. It's not about having anything to hide, it's about things not being anyone else's business. Bottom line, Joe Stalin would [have] loved it. Why should anyone have to say more? On the surface, it seems easy to dismiss the nothing-to-hide argument. Everybody probably has something to hide from somebody. As Aleksandr Solzhenitsyn declared, "Everyone is guilty of something or has something to conceal. All one has to do is look hard enough to find what it is." Likewise, in Friedrich Dürrenmatt's novella "Traps," which involves a seemingly innocent man put on trial by a group of retired lawyers in a mock-trial game, the man inquires what his crime shall be. "An altogether minor matter," replies the prosecutor. "A crime can always be found." One can usually think of something that even the most open person would want to hide. As a commenter to my blog post noted, "If you have nothing to hide, then that quite literally means you are willing to let me photograph you naked? And I get full rights to that photograph?so I can show it to your neighbors?" The Canadian privacy expert David Flaherty expresses a similar idea when he argues: "There is no sentient human being in the Western world who has little or no regard for his or her personal privacy; those who would attempt such claims cannot withstand even a few minutes' questioning about intimate aspects of their lives without capitulating to the intrusiveness of certain subject matters." But such responses attack the nothing-to-hide argument only in its most extreme form, which isn't particularly strong. In a less extreme form, the nothing-to-hide argument refers not to all personal information but only to the type of data the government is likely to collect. Retorts to the nothing-to-hide argument about exposing people's naked bodies or their deepest secrets are relevant only if the government is likely to gather this kind of information. In many instances, hardly anyone will see the information, and it won't be disclosed to the public. Thus, some might argue, the privacy interest is minimal, and the security interest in preventing terrorism is much more important. In this less extreme form, the nothing-to-hide argument is a formidable one. However, it stems from certain faulty assumptions about privacy and its value. To evaluate the nothing-to-hide argument, we should begin by looking at how its adherents understand privacy. Nearly every law or policy involving privacy depends upon a particular understanding of what privacy is. The way problems are conceived has a tremendous impact on the legal and policy solutions used to solve them. As the philosopher John Dewey observed, "A problem well put is half-solved." Most attempts to understand privacy do so by attempting to locate its essence?its core characteristics or the common denominator that links together the various things we classify under the rubric of "privacy." Privacy, however, is too complex a concept to be reduced to a singular essence. It is a plurality of different things that do not share any one element but nevertheless bear a resemblance to one another. For example, privacy can be invaded by the disclosure of your deepest secrets. It might also be invaded if you're watched by a peeping Tom, even if no secrets are ever revealed. With the disclosure of secrets, the harm is that your concealed information is spread to others. With the peeping Tom, the harm is that you're being watched. You'd probably find that creepy regardless of whether the peeper finds out anything sensitive or discloses any information to others. There are many other forms of invasion of privacy, such as blackmail and the improper use of your personal data. Your privacy can also be invaded if the government compiles an extensive dossier about you. Privacy, in other words, involves so many things that it is impossible to reduce them all to one simple idea. And we need not do so. In many cases, privacy issues never get balanced against conflicting interests, because courts, legislators, and others fail to recognize that privacy is implicated. People don't acknowledge certain problems, because those problems don't fit into a particular one-size-fits-all conception of privacy. Regardless of whether we call something a "privacy" problem, it still remains a problem, and problems shouldn't be ignored. We should pay attention to all of the different problems that spark our desire to protect privacy. To describe the problems created by the collection and use of personal data, many commentators use a metaphor based on George Orwell's Nineteen Eighty-Four. Orwell depicted a harrowing totalitarian society ruled by a government called Big Brother that watches its citizens obsessively and demands strict discipline. The Orwell metaphor, which focuses on the harms of surveillance (such as inhibition and social control), might be apt to describe government monitoring of citizens. But much of the data gathered in computer databases, such as one's race, birth date, gender, address, or marital status, isn't particularly sensitive. Many people don't care about concealing the hotels they stay at, the cars they own, or the kind of beverages they drink. Frequently, though not always, people wouldn't be inhibited or embarrassed if others knew this information. Another metaphor better captures the problems: Franz Kafka's The Trial. Kafka's novel centers around a man who is arrested but not informed why. He desperately tries to find out what triggered his arrest and what's in store for him. He finds out that a mysterious court system has a dossier on him and is investigating him, but he's unable to learn much more. The Trial depicts a bureaucracy with inscrutable purposes that uses people's information to make important decisions about them, yet denies the people the ability to participate in how their information is used. The problems portrayed by the Kafkaesque metaphor are of a different sort than the problems caused by surveillance. They often do not result in inhibition. Instead they are problems of information processing?the storage, use, or analysis of data?rather than of information collection. They affect the power relationships between people and the institutions of the modern state. They not only frustrate the individual by creating a sense of helplessness and powerlessness, but also affect social structure by altering the kind of relationships people have with the institutions that make important decisions about their lives. Legal and policy solutions focus too much on the problems under the Orwellian metaphor?those of surveillance?and aren't adequately addressing the Kafkaesque problems?those of information processing. The difficulty is that commentators are trying to conceive of the problems caused by databases in terms of surveillance when, in fact, those problems are different. Commentators often attempt to refute the nothing-to-hide argument by pointing to things people want to hide. But the problem with the nothing-to-hide argument is the underlying assumption that privacy is about hiding bad things. By accepting this assumption, we concede far too much ground and invite an unproductive discussion about information that people would very likely want to hide. As the computer-security specialist Schneier aptly notes, the nothing-to-hide argument stems from a faulty "premise that privacy is about hiding a wrong." Surveillance, for example, can inhibit such lawful activities as free speech, free association, and other First Amendment rights essential for democracy. The deeper problem with the nothing-to-hide argument is that it myopically views privacy as a form of secrecy. In contrast, understanding privacy as a plurality of related issues demonstrates that the disclosure of bad things is just one among many difficulties caused by government security measures. To return to my discussion of literary metaphors, the problems are not just Orwellian but Kafkaesque. Government information-gathering programs are problematic even if no information that people want to hide is uncovered. In The Trial, the problem is not inhibited behavior but rather a suffocating powerlessness and vulnerability created by the court system's use of personal data and its denial to the protagonist of any knowledge of or participation in the process. The harms are bureaucratic ones?indifference, error, abuse, frustration, and lack of transparency and accountability. One such harm, for example, which I call aggregation, emerges from the fusion of small bits of seemingly innocuous data. When combined, the information becomes much more telling. By joining pieces of information we might not take pains to guard, the government can glean information about us that we might indeed wish to conceal. For example, suppose you bought a book about cancer. This purchase isn't very revealing on its own, for it indicates just an interest in the disease. Suppose you bought a wig. The purchase of a wig, by itself, could be for a number of reasons. But combine those two pieces of information, and now the inference can be made that you have cancer and are undergoing chemotherapy. That might be a fact you wouldn't mind sharing, but you'd certainly want to have the choice. Another potential problem with the government's harvest of personal data is one I call exclusion. Exclusion occurs when people are prevented from having knowledge about how information about them is being used, and when they are barred from accessing and correcting errors in that data. Many government national-security measures involve maintaining a huge database of information that individuals cannot access. Indeed, because they involve national security, the very existence of these programs is often kept secret. This kind of information processing, which blocks subjects' knowledge and involvement, is a kind of due-process problem. It is a structural problem, involving the way people are treated by government institutions and creating a power imbalance between people and the government. To what extent should government officials have such a significant power over citizens? This issue isn't about what information people want to hide but about the power and the structure of government. A related problem involves secondary use. Secondary use is the exploitation of data obtained for one purpose for an unrelated purpose without the subject's consent. How long will personal data be stored? How will the information be used? What could it be used for in the future? The potential uses of any piece of personal information are vast. Without limits on or accountability for how that information is used, it is hard for people to assess the dangers of the data's being in the government's control. Yet another problem with government gathering and use of personal data is distortion. Although personal information can reveal quite a lot about people's personalities and activities, it often fails to reflect the whole person. It can paint a distorted picture, especially since records are reductive?they often capture information in a standardized format with many details omitted. For example, suppose government officials learn that a person has bought a number of books on how to manufacture methamphetamine. That information makes them suspect that he's building a meth lab. What is missing from the records is the full story: The person is writing a novel about a character who makes meth. When he bought the books, he didn't consider how suspicious the purchase might appear to government officials, and his records didn't reveal the reason for the purchases. Should he have to worry about government scrutiny of all his purchases and actions? Should he have to be concerned that he'll wind up on a suspicious-persons list? Even if he isn't doing anything wrong, he may want to keep his records away from government officials who might make faulty inferences from them. He might not want to have to worry about how everything he does will be perceived by officials nervously monitoring for criminal activity. He might not want to have a computer flag him as suspicious because he has an unusual pattern of behavior. The nothing-to-hide argument focuses on just one or two particular kinds of privacy problems?the disclosure of personal information or surveillance?while ignoring the others. It assumes a particular view about what privacy entails, to the exclusion of other perspectives. It is important to distinguish here between two ways of justifying a national-security program that demands access to personal information. The first way is not to recognize a problem. This is how the nothing-to-hide argument works?it denies even the existence of a problem. The second is to acknowledge the problems but contend that the benefits of the program outweigh the privacy sacrifice. The first justification influences the second, because the low value given to privacy is based upon a narrow view of the problem. And the key misunderstanding is that the nothing-to-hide argument views privacy in this troublingly particular, partial way. Investigating the nothing-to-hide argument a little more deeply, we find that it looks for a singular and visceral kind of injury. Ironically, this underlying conception of injury is sometimes shared by those advocating for greater privacy protections. For example, the University of South Carolina law professor Ann Bartow argues that in order to have a real resonance, privacy problems must "negatively impact the lives of living, breathing human beings beyond simply provoking feelings of unease." She says that privacy needs more "dead bodies," and that privacy's "lack of blood and death, or at least of broken bones and buckets of money, distances privacy harms from other [types of harm]." Bartow's objection is actually consistent with the nothing-to-hide argument. Those advancing the nothing-to-hide argument have in mind a particular kind of appalling privacy harm, one in which privacy is violated only when something deeply embarrassing or discrediting is revealed. Like Bartow, proponents of the nothing-to-hide argument demand a dead-bodies type of harm. Bartow is certainly right that people respond much more strongly to blood and death than to more-abstract concerns. But if this is the standard to recognize a problem, then few privacy problems will be recognized. Privacy is not a horror movie, most privacy problems don't result in dead bodies, and demanding evidence of palpable harms will be difficult in many cases. Privacy is often threatened not by a single egregious act but by the slow accretion of a series of relatively minor acts. In this respect, privacy problems resemble certain environmental harms, which occur over time through a series of small acts by different actors. Although society is more likely to respond to a major oil spill, gradual pollution by a multitude of actors often creates worse problems. Privacy is rarely lost in one fell swoop. It is usually eroded over time, little bits dissolving almost imperceptibly until we finally begin to notice how much is gone. When the government starts monitoring the phone numbers people call, many may shrug their shoulders and say, "Ah, it's just numbers, that's all." Then the government might start monitoring some phone calls. "It's just a few phone calls, nothing more." The government might install more video cameras in public places. "So what? Some more cameras watching in a few more places. No big deal." The increase in cameras might lead to a more elaborate network of video surveillance. Satellite surveillance might be added to help track people's movements. The government might start analyzing people's bank rec*ords. "It's just my deposits and some of the bills I pay?no problem." The government may then start combing through credit-card records, then expand to Internet-service providers' records, health records, employment records, and more. Each step may seem incremental, but after a while, the government will be watching and knowing everything about us. "My life's an open book," people might say. "I've got nothing to hide." But now the government has large dossiers of everyone's activities, interests, reading habits, finances, and health. What if the government leaks the information to the public? What if the government mistakenly determines that based on your pattern of activities, you're likely to engage in a criminal act? What if it denies you the right to fly? What if the government thinks your financial transactions look odd?even if you've done nothing wrong?and freezes your accounts? What if the government doesn't protect your information with adequate security, and an identity thief obtains it and uses it to defraud you? Even if you have nothing to hide, the government can cause you a lot of harm. "But the government doesn't want to hurt me," some might argue. In many cases, that's true, but the government can also harm people inadvertently, due to errors or carelessness. When the nothing-to-hide argument is unpacked, and its underlying assumptions examined and challenged, we can see how it shifts the debate to its terms, then draws power from its unfair advantage. The nothing-to-hide argument speaks to some problems but not to others. It represents a singular and narrow way of conceiving of privacy, and it wins by excluding consideration of the other problems often raised with government security measures. When engaged directly, the nothing-to-hide argument can ensnare, for it forces the debate to focus on its narrow understanding of privacy. But when confronted with the plurality of privacy problems implicated by government data collection and use beyond surveillance and disclosure, the nothing-to-hide argument, in the end, has nothing to say. Daniel J. Solove is a professor of law at George Washington University. This essay is an excerpt from his new book, Nothing to Hide: The False Tradeoff Between Privacy and Security, published this month by Yale University Press.