From Tesla Motors to the "Patriot Hack" – Martin Eberhard on Protecting Your Privacy Online

60 Comments


I found Martin Eberhard, co-founder and former CEO of Tesla Motors, in the pages of 2600.

I was deep in the throes of palate nirvana at Stumptown Coffee in Portland (good coffee is not bitter) when I came across a curious article in 2600: The Hacker Quarterly.

Nursing the best dark brew I’ve ever had, I moved from a great article on free global phone calls to another on the language of gang signs, ultimately landing on a column signed not with an anonymous pseudonym but by Martin Eberhard, co-founder of Tesla Motors.

The subject? Engineering a “patriot hack” to protect privacy online. This, I remember thinking, should be interesting…

It was so interesting, in fact, that I reached out to Martin after my bear-rich Pacific Northwest roadtrip and asked for permission to reprint his article here. He graciously agreed.

This article is broken up into four sections, which I titled:

The Patriot Hack – From China’s Firewall to Lockpicking (15%)
The Political and Technical Landscape (60%)
Strategies to Protect Your Privacy (10%)
The “Haystack” Call to Action (15%)

If you want a quick read and aren’t interested in the political or legal aspects, just jump over the second section.

I hope you find this as thought-provoking — and practical — as I did.

The Patriot Hack – From China’s Firewall to Lockpicking

How long can the regime control what people are allowed to know, without the people caring enough to object? On current evidence, for quite a while.

So concludes James Fallows’ article titled “Penetrating the Great Firewall” in the March ’08 issue of The Atlantic. The Chinese firewall is a crude but effective system that looks at every single Internet connection in the country, and decides whether or not the user may proceed, based on policies set by the government. If a Chinese citizen looks too hard for information about, say, Tibetan independence, the Tiananmen Square massacre, or Falun Gong, not only might her search be blocked, she is also inviting a visit from the police.

An outrageous invasion of privacy, isn’t it?

Reading Fallows’ article immediately made me think about how to get around the Chinese firewall, and made me wonder how many people there already have. I guess it’s the hacker instinct in me – I go straight from being outraged about the invasion of privacy to wondering how I might hack it if I had to.

I figured out how ordinary locks worked sometime in junior high school, and soon thereafter, I figured out how to pick these locks, how to make keys for them without fancy locksmith machines, and how to re-key locks my way. Soon thereafter, I discovered computers, which definitely were not personal in those days. I got kicked out of my 10th grade computer programming (Fortran) class for allegedly loading something into the school district’s mainframe that brought the whole thing down. (No comment.) In those days, such security systems were challenges – picking the lock was an end to itself.

As I grew up, I channeled this energy into getting a decent engineering degree, then into becoming an entrepreneur. I guess you could say that Tesla Motors was my first try at hacking the global energy system.

The Political and Technical Landscape

Meanwhile we are busily transforming the “Land of the Free” into a high-tech surveillance society of our own. In the name of preventing terrorism in this post-9/11 world, we have come to accept the Patriot Act, video cameras watching us along highways and intersections, more video cameras in other public places, invasive airport screening, scrutinized financial transactions, widespread wiretaps, surveillance of our online activities, efforts to create national identity cards, face recognition equipment at sporting events, and lots more.

Alarmingly, we give up our privacy not just to protect ourselves from terrorists, but also for mundane convenience: “preference” information gathered by online retailers, credit card usage data, ubiquitous RFID tags embedded in consumer goods, “club” discount cards at supermarkets, deep personal information posted at social networking sites and then sold to marketers, open wireless networks, etc.

In this article I focus on the ocean of data collected about us by search engine companies.

We know that search engine companies collect and save massive amounts of information about our searches, but then again, search engines are so useful and convenient. They ostensibly use this information to tune the advertising that we get to see. We also know that many sites sell the data they collect to others. Who knows to what other ends these data are put? Some, such as Google says as a matter of policy that they will not be evil.

Unfortunately, your privacy is not a right that is clearly or specifically called out in the US Constitution. Some specific aspects of your privacy are protected, such as the privacy of your beliefs (in the 1st Amendment), privacy of your home against demands that it be used to house soldiers (in the 3rd Amendment), privacy of you and your possessions against unreasonable searches (in the 4th Amendment), and perhaps most importantly the 5th Amendment’s privilege against self-incrimination, which provides some protection for the privacy of your personal information.

Since about 1923, the US Supreme Court has interpreted the “liberty” guarantee of the 14th Amendment to guarantee an increasingly broad right to privacy, and is the basis of most privacy protection outside those specifically listed. But the future of this constitutional privacy protection remains an open question. In our current Supreme Court, the so-called “originalists,” like Justices Scalia and Thomas, are not inclined to protect your privacy beyond those plainly and specifically guaranteed in the Bill of Rights. (Supreme Court nominee Robert Bork has derided the right of privacy as “a loose cannon in the law.” Good thing he never made it onto the Court!)

Beyond constitutional protection, your privacy and the protection of your sensitive or personal information are protected somewhat by a patchwork of statutes on a per-industry basis. The Privacy Act of 1974 prevents the unauthorized disclosure of your personal information that is held by the federal government. The Fair Credit Reporting Act protects information about you that has been gathered by credit reporting agencies. The Children’s Online Privacy Protection Act restricts what information about your children (age 13 and under) can be collected by web sites. The Sarbanes-Oxley Act, HIPAA and GLBA each contain some protection for some of your personal or confidential information. Some state laws also provide protection.

Since privacy is not specifically protected in the constitution, there will continue to be a battle between those of us who want our privacy protected and those who want to invade it – often our own government, certainly businesses who aggregate and sell our eyeballs, and worst of all, cooperation between the two.

Let’s not forget most of the phone companies’ gleeful cooperation with the US government’s widespread warrantless wiretap program. You can bet that every service provider company – search engine companies included – is paying close attention to the immunity that Congress is right now granting to these phone companies for their illegal participation in this wiretapping program. [Note from Tim: I did a post on the practical implications of this and FISA here.]

What will happen when the government asks your favorite search engine company to divulge what you and I have searched for? This has happened already. So far, Google has resisted, but AOL and others did not. The World Privacy Forum notes:

“In 2006, AOL released about 20 million search queries of over 500,000 of its users. Those queries were put on the web. Reporters for the New York Times were able to identify a user from the search queries; others have also been able to identify users. In 2005, the U.S. Department of Justice subpoenaed Google, Yahoo, MSN, and AOL for tens of millions of users’ search queries. Google successfully fought the request, and was able to limit its disclosure, but it is unknown how much data other companies may have turned over.”

Although Ask.com has subsequently announced that they will delete your searches after 18 months, Google has not.

To get an idea bout how long Google is interested in your data, a Google cookie on your machine expires in the year 2038! [Note from Tim: this appears to have been reduced but someone with better detective skills should comment.] So the Google search you made 3 years ago for, say, “file sharing music” could come back to haunt you 3 years from now when some new, even more odious version of the Digital Millennium Copyright Act (DMCA) comes into law.

Can even Google forever be trusted not to be evil? To what new ends will they put all that data about us? Anyway, doesn’t it creep you out knowing that they are saving and analyzing every search you have ever made?

And now, with Google’s acquisition of Doubleclick, they will be able to correlate your searches with the rest of your web browsing – and maybe make it more painful to block cookies from Doubleclick and Google.

Strategies to Protect Your Privacy

An anonymizer tool or a proxy site will mask your IP address and some of the info about your computer when you surf the web.

To get an idea about what websites, including search engines already know about you, check out this site: http://ipid.shat.net/. Spooky.

I use an Ironkey when I can, and there are both free sites and pay sites that can make your surfing anonymous. But some websites don’t work well with these tools. [From Tim: I cannot wait to test Pandora -- one of my favorite sites -- overseas using some of the proxy sites.]

The World Privacy Forum suggests several strategies to help protect your privacy while using search engines:

• Do not accept search engine cookies. If you already have some on your computer, delete them.
• Do not sign up for email at the same search engine where you regularly search.
• Mix it up. Use a variety of search engines.
• Watch what you search for.
• Read your news on one search engine, have your email on another, and use a handful of other separate search engines for Web research.
• Vary the physical location you search from.
• If you surf using a cable modem, or a static (unchanging) Internet connection, ask your service provider to give you a new IP address.
• Be aware that your online purchases can be correlated to your search activity at some search engines.

The “Haystack” Call to Action

Unfortunately, these search strategies are cumbersome and not especially effective.

We certainly can not count on the government to respect or help to protect our privacy. And I would rather not have to trust Google and Ask.com to protect my privacy.

What we need is a simple tool that requires little of our attention, and provides pretty good privacy – something as simple to use as a browser plug-in.

This is an opportunity for a little constructive hacking, and browsers that allow plug-ins provide the perfect opportunity. What I am proposing is a simple plug-in for the Firefox browser (and any other browser that supports plug-ins) that will bury your searches in noise. Let’s call this plug-in “Haystack.” [There are step-by-step tutorials for how to create Firefox plug-ins]

Here is how it works: Haystack generates a relatively low level background of random searches across a variety of search engines whenever your computer and your network connection are not too busy. The goal is to generate hundreds to thousands of random (hay) searches for every real search you do, such that your searches are a small needle in the haystack of these automatically-generated searches.

Search engines generally run analytic software that constantly looks for attacks – denial of service attacks, bogus click-throughs to pump up somebody’s advertising costs, etc. Since the goal of Haystack is to protect our privacy, not to bring any search engine down, it must be written in such a way that, from the search engine’s point of view, it looks like you are just manually searching.

Search engine variety: through a setup option, you can select which search engines Haystack uses, matching the ones you normally use yourself.

Frequency: I think one search every 15 seconds on average is about right, though the interval should be random, varying from say 5 seconds to about 5 minutes. If your machine is on for 10 hours per day, this will generate 2,400 “hay” searches per day. Remember, the goal is to look as much like a lot of human-generated searches as possible, not to jam up the search engine.

Search terms: this needs to be very broad, random, and always changing. I suggest seeding the program with a search word list, and then pulling new search terms from the search results themselves, as well as occasionally from the text on the front pages of news sites like cnn.com. The searches must include a spectrum of provocative terms, so that any such search that you might do will not stand out.

Search complexity: like search terms, broad and random. Search for single words, as well as several words at a time, and even with excluded words.

Computer usage: Ideally, Haystack should not initiate searches when either your computer is very busy or your network connection is very busy. Since the actual search results are not valuable, Haystack should even abort an initiated search by closing the connection to the search engine if CPU usage suddenly increases.

• User controls:
o On/off radio button
o Check boxes to enable one or more search engine sites
o Slider for search frequency (2 seconds to 10 minutes?)
o Button to clear search engine cookies and private data
o Button to get latest version

Output: Haystack should not bother the user with an open tab; the search results should be silently loaded and discarded (after gleaning a new search term or two from the data). A small icon on the toolbar indicating that Haystack is running should be good enough, perhaps also indicating the ratio of Haystack searches to your own searches.

If you and I both run Haystack, then the “information” search engines collect from our searches is mostly noise. Perfect. But think what happens if millions of us run Haystack… It does throw a monkey wrench into their lovely data collection machinery, doesn’t it?

Such is the cost of asserting our right to privacy.

So why am I writing this? Simple: I am a hardware hacker. My software abilities are limited to some really tight assembly language code. I am also spending most of my time planning my next big hack into the world of oil consumption, perhaps the subject of a future article.

Although I care a lot about privacy and recognize its defense as a patriotic act, I am not the one to write Haystack.

Are you?

[Postscript: Readers have suggested several good tools that do most of what Haystack is designed to do. Read the comments for all the goodies, but here are two excellent picks: Scroogle (anonymizes Google searches) and TrackMeNot (noise-producing Firefox plug-in).]

###

Posted on: October 8, 2008.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Comment Rules: Remember what Fonzie was like? Cool. That’s how we’re gonna be — cool. Critical is fine, but if you’re rude, we’ll delete your stuff. Please do not put your URL in the comment text and please use your PERSONAL name or initials and not your business name, as the latter comes off like spam. Have fun and thanks for adding to the conversation! (Thanks to Brian Oberkirch for the inspiration)

60 comments on “From Tesla Motors to the "Patriot Hack" – Martin Eberhard on Protecting Your Privacy Online

  1. Hi Tim,

    Thanks for such a great article on Eberhard!

    I also wanted to share with you my good news of recently going from a $40,000, 60 Hour workweek to now working 12 Hours, and completely remotely!

    Bliss! You and your book continue to be an awesome inspiration! Next step: automation!

    Peace,

    Matt

    Like

  2. Very interesting read. I appreciate the percentages you gave the different sections…maybe someone should write a wordpress plug-in that does this automatically for blog headings (as long as we’re on the subject of developing plug-ins)!

    It is a little scary how much data is collected on our internet usage. Unfortunately I feel like search engines will find a way around what ever “privacy plug-in” users decide to implement. Those google folks are very clever.

    I’m personally not too worried about my search terms being logged. Unless the government all of a sudden starts cracking down on fantasy football leagues, local jazz club patronage, and occasional celebrity gossip searches!

    By the way, Tim, I gave you a shout out in my most recent blog post…I site your blog as the stepping stone that took me into the blog-o-sphere, which before that had been mysterious and scary. So thanks for that!

    Like

  3. It doesn’t do everything listed above, but the Firefox plugin TrackMeNot started down this road: http://mrl.nyu.edu/~dhowe/TrackMeNot/

    The problem is that it probably isn’t too hard for Google et.al. to tell which searches generated click-thru (real) and which didn’t (fake). Obviously they could then sort that wheat from the chaff pretty easily.

    Like

  4. Tim, I can confirm that using an anonymous proxy service abroad works wonders for U.S. based content (Pandora, Hulu, etc.), not to mention that it also keeps your laptop safe while you work from public wifi spots. I’m typing this message from my hotel/home in Viet Nam while listening to Pandora and loving every second of it.

    Like

  5. Very well done!

    I would not be too frightened by our government watching what we do just yet. The government is too busy bailing out the financial industry right now to devote any resources to detecting people’s internet motives. Seriously, most large government agencies that hold power are tied up with the bailout package and the monitoring of the companies it is affecting. This includes FBI, CIA, Secret Service, and others that I’m to lazy to think of right now.

    You see, unless they start writing tickets to the people who do participate in, shall we say, activities of little ethicality, very few people will be prosecuted for such activities on the web. Mainly because, there are simply not enough prosecutors out there to handle it. Taking precautions is a good idea, but I wouldn’t stress out unless you are making profits from unethical activity that is web based (very large fines will be involved if you get caught).

    Again, take the precautions, but don’t think that you are being watched that closely.

    John

    Like

  6. This is a very interesting idea brought forth from Martin.

    I am actually really interested in designing privacy tools like this and have been involved in a couple already. I would be interested in starting an open source project, but in case someone beats me to it I want to expand on his idea.

    What if the Haystack simply becomes an internal spider. It scours your history of all your websites and follows internal links on those domains. It would mess up analytical software (not really my goal) but it would provide an extra layer of security and protect your privacy better. For example NetVibes would no longer know exactly what I am reading, or which websites I am actually visiting.

    Great job bringing this forward Tim – I enjoyed the video about FISA a while ago. Bummer it still passed.

    Like

  7. Yeah, echoing the first commenter, I think the plugin would have to be quite clever to convince the search engine that genuine sessions were running. For example, any searches you manually perform could also be automatically added as individual words to the noise list, creating even more confusion – is the main idea that springs to mind.

    Like

  8. Hang on – *are* you in Portland? If so, seriously, come and tango. Next week we have one of the biggest and best tango festivals in North America.

    And that’s the last I’ll say on that, as I’m *way* off-topic and sounding like a stalker.

    I like the idea of Haystack, but I’m inclined to think that the dedicated snoopers will always manage to a few technical steps ahead of 99% of us. And with things like computer-analysed cctv spreading rapidly in city centres (in the UK, at least, I don’t know about here), and government agencies taking fingerprints at the least opportunity, I think we’re going to struggle to maintain any kind of meaningful right to privacy in the future.

    Dear god, I’m sounding like my friend’s libertarian father, who would seriously like to move to a bunker in Colorado. It’s not that – it’s just that I’m English. We’re not known for our political optimism. :) I would love to be convinced I’m wrong.

    Like

  9. Interesting and scary read. I, like many others I know, am aware of the security risks and very open holes in our systems, but lack the drive at times to make the switch in habits (beyond basic, common sense changes). The IronKey looks interesting and Martin is not the first one to recommend it, however what about something for Mac users?
    Tim – I know you own a little silver box… is there a simple, secure method available that works with a Mac like IronKey works with PC’s?

    Like

  10. Tim, I live in China. Most expats here, and savvy young Chinese, know how to use proxies. Many use the Gladder (“Great Ladder for Great Firewall”) Firefox extension, which works great. Once you have set it up for the websites you use often, you forget the Great Firewall is even there.

    As for the Haystack idea, it already exist – it’s called TrackMeNot. But of course an alternative option is always good.

    Like

  11. Hi Tim, there is an interesting speech that Kaiser Kuo, from ogilvy China, gave at bTWEEN about China netizens and censorship, it’s worth watching :)

    http://just-b.com/btween/sessions/censorship-culture-chinese-netizens

    What is perceived by us as the Great Firewall is more a Net Nanny to the Chinese netizens and they already have a lot of strategy to avoid it.

    Thus, the answer to “How long can the regime control what people are allowed to know, without the people caring enough to object?” is not “On current evidence, for quite a while.” they already objected in their own Chinese way by quietly working around it :)

    My wife is Chinese, and I go in China from time to time, and I am always astonished about the perceived helplessness of Chinese people in Western countries.

    And by the way, to add to the list of anonymity tools: http://www.torproject.org/

    Like

  12. Hey Tim,

    It’s true that privacy is a major concern. Things like FICA, DMCA, cameras everywhere I look, scare the crap out of me. It’s impossible to go totally off the grid now.

    However, looking at this from a content provider’s perspective, allowing Google to serve me advertising based on my interests isn’t such a bad thing. On occasion I *do* find ads helpful.

    As someone who strongly advocates using Adwords, what kind of effect do you think it would have on product marketing, and the economy in general, if Haystack were enabled on every PC and search patterns became untraceable?

    I’ll bet that you happily use Google Search, Gmail, and other G products as well. Keep in mind those tools are free only because Google is able to achieve some level of precision matching advertisers to buyers. Haystack would take that away.

    The fact that we don’t have new laws in place to protect the privacy of search data to some degree (legal cases, for example) is appalling. “The Constitution doesn’t protect it” is a ludicrous argument, because there’s no way the Founding Fathers could have predicted this great of an advance in technology. Ironically, the same Supreme Court judges who argue against privacy protection use this same argument (“there’s no way they could have known…”) as a sound argument for all sorts of other infringing legislation (gun control is a recent example).

    The renegade approach described in this article will certainly do a decent job of protecting your own privacy, but if everyone used it we’d be screwed. The author was right…this is indeed a hack, not a long term solution.

    Here’s an interesting thought: what if the hack worked so well that the ad brokers had no choice but to lobby as hard as they could for privacy legislation, so that at least some of their users would feel safe disabling the hack…making search data relevant again?

    Like

  13. I also live in China…I use Hotspot Shield from http://www.anchorfree.com to get into all the blocked sites. Works like a charm! I can watch TV shows on http://www.hulu.com and listen to music on Pandora. Without the shield I am forbidden do a google search on the Falun Gong, Tibet, and other sensitive issues. I’ve even had my internet blocked while chatting about sensitive issues with friends in the US via IMing. I teach 800 high school students and I’d say almost all of them know how to use proxy sites and how to download illegal movies/music/images. But its kind of an unspoken truth that everything you do here is being monitored by someone. Kind of scary…

    Like

  14. Does anyone else feel like they are in “The Matrix”? Can I be Keanu???

    Anyway, great article. Laws will never stop paranoia or “evil doers” (thanks George W for coining this). Gun laws don’t stop crazies from getting guns. Drug laws don’t stop druggies from shooting up. If someone is hell bent to hurt someone or themselves they will succeed. It goes back to being Unrealistic in life. Most people are good and when they get Unrealistic they are successful and help many people. But when “evil doers” get Unrealistic mayhem ensues. Protecting ourselves from “evil doers” and the Govt should always be a top priority. So use all the gadgets available to protect yourself and your loved ones. Never and I say never, expect the Govt to get things right, they can’t even balance a budget for crying out loud.

    Good Luck,

    Dana

    Like

  15. For a few years I was the owner and operator of the MagusNet Public Proxy which provided the kind of service you describe for free.

    It was a way to demonstrate my security knowledge and give something back to the Internet. I had the satisfaction of allowing many people to get access to content, about 20,000 unique IP addresses per day, that they would not ordinarily be able to access and provide some layer of protection for them via my service. The biggest challenge was having to deal with various law enforcement agencies both foreign and domestic. From time to time there would be users of my service that would do bad things and I would have to explain that:

    1. Anonymity is OK
    2. I didn’t do it.

    After a few years this was a hassle and when I moved to a new state I shut down the service.
    I have been thinking about doing this again via the TOR ( The Onion Router ) project ( http://www.torproject.org ) and I2P (en.wikipedia.org/wiki/I2P) which fit the description of what you are looking for in Haystack.
    I have found that by using these and other methods I can connect thru the most draconian filters and firewalls with complete confidence in my privacy.

    I am happy to see that the idea of supporting anonymity for good purposes is still alive and with any luck maybe a few of your readers will help keep projects like TOR and I2P alive.

    JLF SENDS…

    Like

  16. Hi Guys,

    Thanks for the excellent suggestions! Congrats also to Matty — well done :)

    @Gil,

    Haystack wouldn’t negatively affect Google Adwords at all. Think of it this way:

    Random searches don’t click on ads, so they don’t cost advertisers anything or affect the ranking of ads. The people who are actually searching would still see the ads they’re intended to see.

    Imagine there is a billboard on highway and the advertiser is only charged when someone calls the number on the board. There can be drone cars on the road, but none of them call and it doesn’t affect the advertiser. The normal people will still see it and that’s all that matters.

    Google Adwords works because it matches ads to searches. It will work for real people no matter if the static is 1% of total searches or 50%. The advertisers won’t need to lobby, as they’ll still get the results they’re getting now, assuming Google can handle the computational load.

    Assuming that no more than 1-3% of the population would ever use these tools — looking at current usage stats, this would still be high — Google will be fine, and therefore their advertisers.

    Hope that helps!

    Tim

    Like

  17. Cool article. I work right now as a Search Engine Optimization technologist for 360i. Our clients include NBC, MTV, E*TRADE and several more. I know a lot about search engines and have spoken one on one with many analytics professionals from the 10th street Google headquarters here in Atlanta. We use a few custom built tools here for pulling data from Google such as rankings and data, which anyone can get if they want. The trick is to make it look natural, like you have said. Because we pull thousands of searches per day through our automated ranking systems, we have had to practice following the retrieval method algorithm’s frequent changes. For anyone who decides to work on this Haystack extension, make sure you make the search frequency at a random interval. If Google sees a search come through from the same IP every 5 seconds on the second, it wont matter if its 5 seconds or 20 minutes, it knows it isn’t natural. Consider making the tool choose a cryptic pattern of seconds like a Fibonacci sequence or something like that.

    Another thing I would like to offer. I have installed a circumventor on my own personal server that I use for searching and surfing. Its a simple php script encased in one file and can be uploaded to any private server and used for surfing. I call it surf.php. The only thing is you have to do all your surfing through a search engine that you predefine in the script. I set it to youhide.com for me and it works as a double layer circumventor. Also if you have a MAC get TOR open source Onion proxy server and get a list of active IPs. You could be in Atlanta GA one minute and in 5 seconds be in Belgium Germany, next minute Australia. This was originally designed on the DARPA frame a while back by the US DOD. I use and love it.

    If you need secure file sharing with anonymity, use something like drop.io. I have provided a link to the php script surf.php below in a drop.io fashion for you to download, untraceable.

    There is also an extension for FF called SwitchProxy which allows you to switch IP address at any rate you wish. This is optimum for a search engine, the only hard part is getting a reliable list of IPs. Also, as mentioned above, getting out from behind a shared IP is tough, but if you think about it, you are actually already protected within a haystack if you have a good firewall up on your personal computer. In my APT complex there are approximately 20 wireless networks within reach of my mac’s airport. After a little commandeering I can tell you that we are all on a shared IP through Comcast, which means if I search for it, so has everyone else in my complex. And to think I used to hate my shared IP =).

    Another tip, don’t download or use chrome. I love the tool, and I use it for professional work here in the office sometimes, but you talk about no anonymity, incognito is a joke. Basically, the largest information hub in the world will not let anyone who sits at your computer what you have searched for, but they will gladly show up each hit on Google Analytics. (we use this tool all day) Most likely, if they are sitting at your computer, they aren’t the enemy.

    Online purchases, really simple, go to any Simon Mall and pay cash for a Visa Gift Card that will not have any info tied to you and ship all products you order on Amazon to a receptionist since you “may not be there to sign when UPS drops it off”.

    Unfortunately, Brazil(see the De Niro film) is imminent.

    I know I’m about a decade late but, free Kevin Mitnick! =)

    Thanks

    Jeremiah

    Like

  18. Actually Tim, on AdWords, the impressions per click affect click-through rates which negatively do affect ads slightly. The only thing is this is an across the board effect which will hurt the guys on top as much as the guys on bottom, but really don’t worry about it because it would require thousands of impressions to increase the cost you are going to pay for a desired position by a few cents.

    My buddy here works close with SearchIgnite, our sister company, and ad networks is all they do.

    Doesn’t really change anything, so I still wouldn’t worry. Hope it helps!

    Jeremiah

    Like

  19. IF you are really interested in privacy beyond just the digital realm, may I suggest the book “How to be Invisible” by J.J. Luna. The author is someone who takes his privacy very seriously. The inspiration for the title came from some advice given to him by a member of Spain’s secret police back in the days of Franco. After spending the night in a jail for some questioning, Mr. Luna asked his captor how he could avoid a repeat. The response was, “Learn to be Invisible.”

    Some of his advice may be hard to square in our current culture of spilling our private lives onto our facebook pages, but he has some real important advice about protecting your identity and yourself.

    -EB

    Like

  20. With regard to privacy and the US Constitution, it was a concern of the authors that by creating the “Bill of Rights” that it would lead to a situation where the government tried to tell the citizens that the only rights they have are the ones enumerated within the Constitution. To counter this, they insisted that the 9th Amendment be included. Basically, the 9th A says that “Any rights not specifically limited in the US Constitution (via power to the government) are reserved for the People”. For us, that means that ‘privacy’, while not a right listed in the Constitution is still a right that is wholly ours to control, not something the current regime can usurp.

    Unfortunately, even with the protection of the 9th A, we are seeing our un-enumerated rights limited.

    Like

  21. @Jon

    I really dig the clarity and precision of your comment. I feel the same way and I am constantly seeking a better way to protect us all. I feel like 98% of the topics that homogenize to the top are far less important than the few topics concerning our rights as individuals.

    Tim, do you have any suggestions on the matter of the constitution and what someone in their 20’s should do?

    Thanks!

    Jeremiah

    Like

  22. @Jeremiah,

    Man, that’s a good question. To be honest, I don’t have a precise answer to such a big question. What would your answer be? The question to all readers:

    “Do you have any suggestions on the matter of the constitution and what someone in their 20’s should do?”

    I’d also like to repost Jeremiah’s original comment, which is great:

    Cool article. I work right now as a Search Engine Optimization technologist for 360i. Our clients include NBC, MTV, E*TRADE and several more. I know a lot about search engines and have spoken one on one with many analytics professionals from the 10th street Google headquarters here in Atlanta. We use a few custom built tools here for pulling data from Google such as rankings and data, which anyone can get if they want. The trick is to make it look natural, like you have said. Because we pull thousands of searches per day through our automated ranking systems, we have had to practice following the retrieval method algorithm’s frequent changes. For anyone who decides to work on this Haystack extension, make sure you make the search frequency at a random interval. If Google sees a search come through from the same IP every 5 seconds on the second, it wont matter if its 5 seconds or 20 minutes, it knows it isn’t natural. Consider making the tool choose a cryptic pattern of seconds like a Fibonacci sequence or something like that.

    Another thing I would like to offer. I have installed a circumventor on my own personal server that I use for searching and surfing. Its a simple php script encased in one file and can be uploaded to any private server and used for surfing. I call it surf.php. The only thing is you have to do all your surfing through a search engine that you predefine in the script. I set it to youhide.com for me and it works as a double layer circumventor. Also if you have a MAC get TOR open source Onion proxy server and get a list of active IPs. You could be in Atlanta GA one minute and in 5 seconds be in Belgium Germany, next minute Australia. This was originally designed on the DARPA frame a while back by the US DOD. I use and love it.

    If you need secure file sharing with anonymity, use something like drop.io. I have provided a link to the php script surf.php below in a drop.io fashion for you to download, untraceable.

    There is also an extension for FF called SwitchProxy which allows you to switch IP address at any rate you wish. This is optimum for a search engine, the only hard part is getting a reliable list of IPs. Also, as mentioned above, getting out from behind a shared IP is tough, but if you think about it, you are actually already protected within a haystack if you have a good firewall up on your personal computer. In my APT complex there are approximately 20 wireless networks within reach of my mac’s airport. After a little commandeering I can tell you that we are all on a shared IP through Comcast, which means if I search for it, so has everyone else in my complex. And to think I used to hate my shared IP =).

    Another tip, don’t download or use chrome. I love the tool, and I use it for professional work here in the office sometimes, but you talk about no anonymity, incognito is a joke. Basically, the largest information hub in the world will not let anyone who sits at your computer what you have searched for, but they will gladly show up each hit on Google Analytics. (we use this tool all day) Most likely, if they are sitting at your computer, they aren’t the enemy.

    Online purchases, really simple, go to any Simon Mall and pay cash for a Visa Gift Card that will not have any info tied to you and ship all products you order on Amazon to a receptionist since you “may not be there to sign when UPS drops it off”.

    Unfortunately, Brazil(see the De Niro film) is imminent.

    I know I’m about a decade late but, free Kevin Mitnick! =)

    Thanks

    Jeremiah

    Like

  23. This approach may have the opposite effect you are looking for. Let’s say you are actually searching for something big brother would want to know about. They are filtering through each and every request. Sending more requests, which happen to be randomly generated doesn’t some how make those other requests go away.

    If big brother finds something, they just pick up your computer and look at what’s there before you’re prosecuted. If you have random searches those will be picked up too. You may be incriminated for things you haven’t done, and while they’re are searching, and potentially planting evidence, they may find things they didn’t know about.

    The key to protecting your privacy is being smart about what you’re doing. Don’t post things you don’t want others to know. Do use complex and unique passwords for each site. Make sure the challenge questions to have your password reset have complex answers.

    Like

  24. Hey Tim,

    I’ve actually already made a video guide that shows users how to use proxies with firefox while abroad. I had to get creative during my last semester abroad at University of Glasgow; the video was the result.

    Hopefully you find it helpful.

    Like

  25. Jeremiah,
    Brazil is a great film and a I reference it all the time when explaining privacy to people.
    The fact is most people in North America have given up their privacy for convenience. While in law school I did a study of something called “Total Information Awareness.” It was a program that had been proposed by Admiral John Poindexted, who was then head of DARPA’s Information Awareness Office. It was quite controversial at the time it was announced and congress eventually killed it. I had wanted to find out more about it, thus my research. As it turned out, the main part of the proposal was for the government intelligence community to purchase commercially available data on consumers, stuff that is already out there. I was aware there were companies that collected data on consumers, but the extent to which they do boggled my mind. I became much less worried about this proposed government program and more alarmed at the level of information that private companies have on virtually everyone in the country. What was most disheartening to me was that most of this information was given up for the sake of convenience or ‘free stuff.’ Consumer data companies then use this data to segment consumers into several different cohorts with names like “Town & Country” (think wealthy suburbanites with a particular kind of tastes) and then sell that information to marketers.

    It you want to maintain your privacy, it takes active steps. At first it may seem difficult, but it’s just like Tim’s advice about taking control of your life and not going through it on cruise control. Once you’ve created beneficial habits, it’s easy. It’s a fascinating world, if you want to know more about it go to EPIC.org (Electronic Privacy Information Center) and by all means read “How to be Invisible.”

    -EB

    BTW – As an example of the watchers being watched, some pranksters turned the tables on Admiral Poindexter, getting satellite photos of his house and even publicizing his home phone number.

    http://www.wired.com/politics/law/news/2002/12/56860

    http://eyeball-series.org/tia-eyeball.htm

    Like

  26. Tim,

    I must say I am thoroughly enjoying this post! (as I do most : )
    The participation here has been so good that along with several other recent stimuli it has catalyzed me into starting my own personal blog.

    ElamBend,

    That is so interesting about Admiral Poindexter, it actually reminds me of the good old days before 2600, where the birth of hacking began. I myself am no hacker but I find it a fascinating underground world.

    EPIC.org is great and I also recommend EFF.org. The only problem with EFF is that even though they broadcast some pretty crucial and powerful information, no body seems to be responding to the calls to action. I think Tim did a good job with the FISA post before, I know some of my friends and I responded to the calls to action from both he and Daniel Ellsberg on stopping the bill.

    I only hope that as we work to thaw and free our selves and spread the good words and inspiration, others become more willing to respond to our calls to action. It hurts when you know for a fact what will truly help someone but they will not listen to you and continue walking forward like a child running out to the street. I guess that because knowledge is power and brings about an element of responsibility, those of us in the know are now accountable for reaching out and grabbing these children running into the street and bring them back to safety. I hope we can be as strong as some of our previous heros and find it in our hearts to do what is best for the common good.

    Thanks again for an awesome post Tim!

    Jeremiah

    Like

  27. I worry about my privacy a lot, but it seems like I don’t worry about the same things as this author. My web searches and sites I visit tell a lot about who I am, but people who know me already know 99% of that. The other 1% might be embarrassing – but never illegal in the strictest sense.

    I think it’s more important to protect your private communications; especially phone and email.

    I don’t store my email on a web-service (even though I use Yahoo for my account, I download it clean everything every time I check my email). I encrypt every computer hard drive device using TrueCrypt (free encryption software that is highly rated). I use the “whole disk” encryption option on my computers and encrypted volumes on my key drives and detached drives.

    My key drives run keydrive-specific versions of Thunderbird (for email) and Trillian (for instant messaging) so I can communicate from any computer without installing special software on any computer. If I use any random computer to check email or use IM, all of the data and logging generated stays on my keydrive encrypted volume. Instructions for setting this up are available online.

    Encryption works whether you lose your device, or if law enforcement wants to read your data. In America, you can’t be compelled to give up the key to your encrypted devices thanks to the Fifth Amendment.

    Protecting email can be critically important to protecting privacy (ask Sarah Palin). Nobody can be sure they would never be the target of a criminal investigation (ask those Bear Sterns Hedge Fund guys).

    Like

  28. Excellent post Tim, in Europe the same thing is happening, it’s not just in the USA. We’re being controled each time more, and the worse part is that many people are accepting because they’re afraid, not only of terrorists, but also afraid of the governments. Everything is being controled, every cent you spend has to much a cent you earn, the phone companies and internet providers are now forced to keep everything recorded for a period of 2 years. Your bank accounts can be controled and/or frozen anytime, all in the name of security, Governments are using fear as a weapon, the Uruguayan writer Eduardo Galeano was warning us about this in the 1950´s, he told us this would happen and he was right about it. I’m a believer in technology and a user, but i also believe we should cut back a bit, get back to some primitive habits, we’re getting too lazy and that makes it easy to control us. I’m talking about using less credit cards and more cash, this is just one example among many possibilities, and there’s a lot more we can do.

    I would like to know a few things if you can answer me Tim or somebody else here:

    Is it true that Yahoo as given information about dissidents to the chinese government?

    You talked about firefox plug ins, i don’t know anything about that, so this question might seem stupid, but doesn’t firefox belong to google? if so, do you think it’s safe to use firefox as a protection? Won’t google be able to colect information from that browser?

    Thanks a lot

    Once again excellent post

    Like

  29. This is a smart way to obscure your searches, and as such meets the desired goal of making the monitoring ineffectual. But, I don’t believe this is a good idea. It will actually give government officials more firepower against you, not less.

    If someone wants to dig into you enough to pull up your individual searches, they’ll use the inflammatory hay searches against you the same way they’d use the needle searches.

    In a draconian system, where many people are negatively affected by search monitoring this might be an effective way to decrease the system’s efficiency. In our society where it seems likely that search monitoring is used to identify a relatively small list of targets to investigate further, running haystack would be a good way to get yourself on that list. Which seems, unpleasant.

    Awesome dialogue to start, and I’m a huge fan of Eberhard so I don’t mean this disrespectfully. He’s definitely a smart guy as well (certainly smarter than I, by any responsible measure), so I wouldn’t discount the possibility that he’s right and I’m wrong. But I don’t think I’m wrong. :)

    Tyler Willis

    Like

  30. Good morning Tim,

    The reason I’m writing to you is because this post brings up a question in my mind about the current U.S. presidential election.

    You see, my friend and I were talking about how when you run for office, especially the presidency, all these seemingly horrible secrets from your past pop up out of nowhere.

    With the internet giants able to monitor what we search for and our communication, I’m sure in the future people’s past will become even more accessible.

    So my question is this: would you be interested in running a poll along the lines of ‘if you ran for president, would you be afraid of the ads that would pop up exposing your past’?

    The reason I ask is because everyone I’ve talked to says, without hesitation, ‘yes’.

    I think this says something important about the nature of these smear campaigns. And if everyone could come off their own tunnel vision for a moment and see that we’re ALL, as Alan Watts put it, ‘quaking messes’… that it could potentially relieve a lot of stress and wake people up.

    That’s important because if you can see that, on a very real and visceral level, we’re all scoundrels out for ourselves just as much as we’re Mother Theresa’s… the need to chase perfection dissolves… and the measuring stick with which you judge yourself and those around you disolves as well.

    Anyway, look forward to hearing your response Tim.

    Kindly,

    Broc

    P.S. I also think this idea is worth exploring: the idea that being comfortable with who you are is, in the immediate sense, much more valuable than protecting your privacy. Nobody wants to feel exposed before they’re ready, and I am all for privacy over security because let’s be honest… most ‘securities’ that policies like the Patriot Act enforce are little more than illusions.

    But… it seems to me that the more powerful position is to be able to honestly feel the sensation… “so what?”… if your privacy IS indeed violated.

    Like

  31. Maybe we *allowed* things to get this far. Fear, after all, is a great motivator.

    Most of you will already have seen this video. But in case you’re still in the dark about 9/11, please watch “Loose Change”:

    Like

  32. Tim,
    You might also want to check out MyMail (dynamically encrypted emails) and Identity Finder ( Encrypt or securely delete sensitive data ) Both are good products to protect your online privacy and security. Best, Mike

    Like

  33. segundo intento :
    Hola Tim!
    ”Los chinos dicen que hay que intentar 20 veces la misma cosa para que esa se muestre importante.”
    Eres una de las personas de mi lista de celebridades que deseo contactar, para hacer 3 preguntas!
    Soy brasileña, vivo en São Paulo, y estoy ”comiendo” el libro. Será divertido lograr contacto contigo, estoy segura (por tu manera de escribir) que eres una persona sencilla y humilde, y que atenderás mi pedido!
    Por ello, te pido, que me envies tu contacto personal (email), o por lo menos un email que seas tu el que lo vea. (Parezco muy prepotente? [rizas] en realidad no soy, pues aprecio la medida de casa cosa).
    Me pregunto: [Como llamar la atencion de una persona tan confiante de si misma sin parecer una tonta?] Bueno, siendo yo misma! [rizas] Alegrate! Sera una buena experiencia para los dos! Tengo mucho a agregarte!
    Te gustan los chistes? ”Que el sapo ha dicho a Bob Marley? ———-thinking———- Reggae” . [rizas] Ya lo sé.. es un chiste muy malo.. [rizas]
    Sonrías mucho hoy!
    Un abrazo!
    Dani_Índia_Paz
    PS: Para que estés seguro de que no soy una loca, psicopata… o alguna ”super espía” con planes de robar tu cerebro y venderlo a los aliens… Entres en ”my space http://indiakamande.spaces.live.com/ ” para asegurarte de que soy una ”chica normalmente excéntrica”. [rizas]

    Like

  34. Google currently only uses one cookie that I am aware of. It is described as a Preferences cookie, which is just a polite way of saying that it is recording some aspects of what you do in order to “make future use more personal”… blah blah blah; sounds like data mining to me. It currently is set to stay on the host hard drive for 2 year from creation (assuming you don’t visit google again within that 2 years) Google claims that it is does not store user’s search history, but I have not done enough digging to verify this. A growing file size would be one indicator that this may be happening. And of course there is the EULA and Privacy Statement to consider (does anyone read these beside me?), but I tend to feel that legal documents only apply when a company is acting legally (and morally). Google has; however, claimed to anonymize its security logs after 18-24 months, meaning that after this amount of time, IP and cookie associations are removed.
    Now, this applies if you stop using google for 18-24 months. So if you are worried about that “controversial” material you view 6 months ago, you might want to delete the Google cookie, have your ISP change your IP address and cross your fingers that courts decide that past data usage can be grandfathered into law in the same way that physical actions can.

    Here is an interesting article about Google’s response to overwhelming privacy concerns:

    http://arstechnica.com/news.ars/post/20070315-google-to-anonymize-logs-in-a-nod-to-privacy-advocates.html

    Like

  35. The Constitution is only meaningful to the extent that people protect it. If anyone can modify it on a whim, it changes from a foundational document with real power to a piece of paper.

    If you really feel the right to privacy should be constitutionally protected (and reading this article, I have mixed views on it), advocate for it! Don’t insist that some judge follow your preference, but push for a constitutional amendment.

    Amendments are hard to pass. But that’s a feature, not a bug.

    Like

  36. Tim,

    Interesting article.
    However, I doubt that the average person needs to fear the U.S. government, although I know that Portland is the heart of this type of paranoia. Most tracking of computer footprints is done for commercial purposes, not for nefarious secret government projects. What makes you think that the U.S. government has the time or desire to care what you search for on Google? Of course China is a different situation. Is is possible though that many of the outspoken persons in the U.S.(many who also read 2600) are actually worried that their illegal activities could come to light? I know that those that are participating in forums trading stolen credit card information, or perhaps growing illegal substances on their Portland property, would love to be more invisible. However, for most of us, thinking that someone is interested in what we as individuals search for is just plain silly and paranoid.

    Privacy is good, but too much paranoia is not. Too far down that road and we would all be talking about black helicopters instead of living in the real world.

    Like

  37. The idea of spying on every single Internet search has not yet ripened. But give it time, though. The next administration (the likely one) is already carefully plotting to destroy free speech by banning it on the radio. Give them time, and they’ll ban “hate” speech on the Internet, too (and THEY will define “hate” as opposing their agenda.)

    Like

  38. there is good stuff on the EFF and ACLU site on surveillance. aside from jumping on random computers anonymously there is no privacy anymore.

    Like

  39. We have a few digital privacy tips on our website. regarding Bluetooth, GPS units, and choice of electronic devices from a privacy standpoint.

    Don’t contribute to “Big Brother” AKA The Surveillance State, by using your own money to purchase and use a device that is poorly designed when it comes to personal privacy. The NSA and other agencies will still track you passively, so far and as deep as their budget and infrastructure allows them. “The Surveillance State” can not afford to put microphones and cameras everywhere you go; but they can quite easily, and quite inexpensively spy on you, and all the people around you through the “shiny, happy, little devices” that you voluntarily carry nearly everywhere with you, almost every single day of your adult life. Your cell phone has “Big Brother” on the “other end” 24-7 don’t ever forget that!

    http://www.ahh.biz/digital-privacy-info/internet-devices-in-motor-vehicles.php

    Like

  40. AN OPEN LETTER TO TESLA MOTORS: (Public Response Required!)

    Elon Musk
    CEO
    Tesla Motors
    3500 Deer Creek
    Palo Alto, CA 94304
    (650) 681-5000

    2/28/14

    Dear Mr. Musk and The Tesla Board of Directors:

    Recently; Numerous ex-Tesla staff and contractors, former suppliers, federal investigators, investigative reporters, investors and ex-partners of Tesla Motors have provided facts about Tesla Motors which are disturbing to the public, Congress, and the market. Please provide clarification of the following charges and concerns in order to resolve outstanding issues between the public and Tesla Motors :

    – Are Tesla and Google, essentially, the same entity by virtue of the same investors, agenda and stock market manipulations?

    – When damaging news about Tesla emerges, do Tesla and Google investors place multiple stock-buy orders from a multi-billion dollar slush fund in order to make it appear that individual outside investors are excited by Tesla when, in fact, it is only a small internal group of investors “pumping the market”?

    – It is said that the Tesla Model S has the most surveillance devices to watch, track, listen-to and broadcast the activities of the occupants, built into it than any other car in the world. Elon Musk has personally told reporters that his cars constantly watch the driver and occupants. Why is that? Why are Tesla and Google obsessed with spying on the public?

    – Elon Musk is on public record telling the news media that, after careful research, the NUMMI plant in Fremont California would be a very bad choice for Tesla? Why did that suddenly change? What participation did Senator Dianne Feinstein and her husband’s real estate Company CBRE have on that decision and the award of the loan to Tesla? Why do Senator Feinsteins staff now work for Tesla? What political support or funding did Tesla or Google provide to any related political officials?

    – From 2008 to 2010 numerous competing electric car companies have charged that Tesla Motors placed Tesla Motors “moles” inside of their companies to intelligence-gather and cause disruption. Is that true?

    – Google and Tesla motors share the same venture capital investor groups and alliances. Numerous expert at Tech-Crunch, Valleywag and other industry journals have published articles about the fact that those VC’s actively collude with each other to lock competing technologies and companies out of the market and create business monopolies. Did Tesla investors and associates participate in such activities? If so, would that not be a violation of SEC laws?

    – Did Tesla and/or Google reward certain politicians with campaign funding, web promotion, revolving door jobs for staff, and other incentives, in exchange for “hot-tracking” State and Federal taxpayer money for Tesla Motors?

    – While other companies built consumer priced electric cars before and during Tesla’s existence, why did Tesla choose to build an unaffordable car and position the marketing of it to “the 1%” when the money for that car came from the 99% taxpayers?

    – Numerous cities were told that they would have the Tesla car factory and then they stated, or sued Tesla, saying Tesla acted “in bad faith” and “used false and misleading information” to induce them to provide assurances which were used to pump the stock market. Why did Tesla lead so many cities on?

    – The factory that builds your batteries and the U.S. Government states, in their formal technical documents, that when Tesla batteries are on fire they emit lethal, brain-damaging, carcinogenic, liver, lung and DNA damaging fumes and smoke. Why do you not inform the public of this danger in your literature?

    – Lithium ion production kills and terminally sickens workers overseas. Multiple Tesla workers have been burned alive at your factory. OSHA has launched an investigation. What have you done to prevent the accidental and long term injuries to your staff and contractors?

    – Bernard Tse, and other main Tesla Engineering staff including: electric engineer Doug Bourn, electrical engineer Andrew Ingram, Brian M. Finn, senior manager of interactive electronics and George Blankenship; while investigating battery purchases for Tesla Motors, received numerous white-papers and technical documents from LG Chem, Panasonic and the U.S. D.O.E and vast numbers of other battery-makers which specifically stated that lithium-ion batteries would be “stressed” and “likely to combust” when used in the configuration which Tesla intended. Why then did Tesla still use them? What effect did the mass ownership of lithium ion mining and manufacturing resources by Tesla and Google investors have on the decision to use lithium ion?

    – Is it not a fact that a majority of your cars have been sold to your own investors or associates who act as “fluffers” against any bad PR?

    – Elon MUsk is on public record stating that, at the time of application for the DOE loan Tesla was on the verge of bankruptcy. The DOE loan was mandated under a Federal law known as Section 136. This law stated that no car company could receive money if it was on the verge of bankruptcy. Past accountants of Tesla have stated that Tesla was on the verge of bankruptcy at the time of the loan application. Numerous Tesla staff and contractors have verified this. Did Tesla commit a felony and acquire “unfair advantage” per the GAO?

    – Relative to the number of cars sold, why has Tesla had so many Tesla drunk driver related crashes, deaths and homicides. Why are Tesla drivers killing innocent pedestrians simply because the Tesla’s “smell bad”.?

    – Psychographic, demographic and marketing studies have been published showing that Tesla drivers have a higher-than-average inclination towards drugs, strange sexual behavior and risk. Could this account for the number of Tesla crashes and deaths?

    – Is it true that safety testing was done on Tesla cars without fully charged batteries and in a moisture-locked environment because Tesla staff knew that fully charged batteries and moisture in a crash WOULD cause a firey explosion, as they already have?

    – Is it not a fact that Google deletes, or hides any bad PR about Tesla on it’s network? Would this be considered stock market manipulation in violation of SEC laws?

    – Numerous periodicals, including Valleywag, document the fact that Elon Musk sends spy emails to his employees, each with a few words changed in order to track them and see who might reveal anything damaging to regulators?

    – Who are all of the property holders and lease-owners of the Tesla and Solyndra, past and current, real-estate?

    – According to DOE staff, who were at DOE when the Tesla application was submitted, nothing that Tesla submitted was ever built by Tesla. In fact, these staff state that the vehicle that Tesla eventually sold was not even designed or engineered when Tesla was approved for the loan money, contrary to the Section 136 law requirement. They say that Tesla took the money and THEN hired people to figure out what they were going to do with it. As shown in the DOE files, the engineering of the shipping Tesla cars has no element that was submitted to DOE. Is that true?

    – Elon Musks wives and founders have filed lawsuits and made public statements that he is a fraud and coerced them into participation. Is it proper feduciary practice to allow Mr. Musk to continue with the company?

    – Why did Tesla not have to pay the cash participation fee that the Section 136 law said everybody had to pay? Tesla staff stated, at numerous documented Silicon Valley open meetings that they got a “special applicant participation waiver”. Why did Tesla get that waiver?

    – Did Tesla Motors provide falsified information in order to acquire it’s Federal funding?

    – Did Tesla Motors provide falsified information in order to acquire it’s Federal waivers, tax deferrals, credits and discounts?

    – Kleiner Perkins and certain silicon valley VC’s, all investors in a number of DOE “winners” (including Tesla, Fisker, Solyndra, A123 and others), organized meetings with a Dmitry Medvedev and other men known by the State Department, CIA, FBI and federal investigators to be involved in Russian mobsterism and then Ener1, Severstal and A123, dark-money funded and run by billionaires (many of whom own lithium mining interests) known by the State Department, the CIA and federal investigators to be involved in Russian mobsterism, were awarded taxpayer funds by Steven Chu, who was nominated by Kleiner Perkins. Was any of this a conflict of interest?

    – Why is the only company to receive California State real estate exclusives, exclusive tax waivers, credits and stock enhancers and free rides on taxpayer backs also the same company who’s investors were the largest funders of certain State officials?

    – Federal communications monitoring of text, voice and email communications of certain highly placed Senators, lobbyists and venture capitalists from 2005 to today should be made available to ALL federal criminal investigators. Have they been? Are one or more Senators blocking this effort because they are compromised?

    – Why have so many fraud lawsuits been filed against Elon Musk and Tesla Motors?

    – The head of the NHTSA Tesla investigation quit because of increased scrutiny. The facts, such as these, demonstrate that Tesla and Fisker never should have passed any NHTSA safety review. How can the public be assured that ongoing NHTSA investigations regarding Tesla will not be rigged?

    – Did Tesla Motors provide falsified information in order to acquire it’s State funding?

    – Did Tesla Motors provide falsified information in order to acquire it’s State waivers, tax deferrals, credits and discounts?

    – Did Tesla investors bribe, or influence Congress people?

    – Did Tesla staff or owners investors bribe, or influence Congress people?

    – Did Tesla staff, owners or investors provider misleading information to investors?

    – Was there a conflict of interest between Department of Energy staff and Tesla owners, investors or staff?

    – Was there a conflict of interest between White House staff and Tesla owners, investors or staff?

    – Was there a conflict of interest between Senate staff and Tesla owners, investors or staff?

    – Did Tesla Motors use taxpayer money to hire off-shore staff?

    – Marketing sales staff from the ad agencies for 60 Minutes, Consumer Reports, GQ, Fortune and other mainstream periodicals have stated that Elon Musk purchased “puff piece” stories about himself in those broadcasts and that none of those stories were internally generated. Is it good feduciary practice for an executive to use corporate resources for personal glorification?

    – Did Tesla Motors use taxpayer money to purchase supplies offshore that could have been purchased in the United States?

    – Did Tesla Motors participate in a market rigging scam to rig lithium ion purchasing for its investors?

    – Did Tesla Motors participate in a market rigging scam to rig the electric car market for its investors?

    – Did Tesla Motors staff, or owners, sabotage competitors?

    – Did Tesla Motors staff, owners or investors exchange campaign funding quid pro quo for business financing?

    – Did Silicon Valley companies, owned by Tesla investors and campaign financiers, use internet technology to falsify information to the public in order to manipulate stock market perceptions in violation of SEC, RICO, and various other laws?

    – Did Tesla Motors lie about the safety metrics of its lithium ion battery system?

    – Was Tesla Motors holding safety metric data in its files which differed fully from the safety metrics data it provided to investors and NHTSA?

    – Did Tesla Motors violate securities law by using false information to acquire a federal loan which it then used to falsify its stock metrics in order to “pump” it’s stock?

    – Did Deloitte accounting firm conspire with Tesla to manipulate market metrics in violation of RICO Statutes and did that firm manipulate Department of Energy review data on Tesla’s behalf?

    – A U.S. Senator officiated at the opening of the Tesla Nummi plant and lobbied for Tesla’s tax waivers, credits, acquisition of NUMMI and discounts and then that U.S. Senator had their staff work in Tesla’s offices. Is it a conflict of interest that this senator received campaign funding and this senator’s family received real estate deals from the Tesla and, (next door to Tesla), Solyndra real estate deals?

    – Did Welles Fargo conspire with Tesla to manipulate market metrics in violation of RICO Statutes?

    – Did Goldman Sachs conspire with Tesla to manipulate market metrics in violation of RICO Statutes?

    – Were Department of Energy staff manipulating Tesla funding data in order to favor Tesla and it’s campaign funding investors in violation of RICO Statutes?

    – Were Department of Energy staff manipulating Tesla funding data in order to disfavor Tesla competitors and competitors to it’s campaign funding investors in violation of RICO Statutes?

    – Did Tesla owners, staff or investors attempt to delay federal investigations and indictments by asserting influence in violation of RICO Statutes and numerous other laws?

    – Documents sgow there have been more Tesla fires that actually occurred than Tesla has reported in the media. How many actual Tesla factory fires, test car fires and Tesla battery fires have actually occurred?

    – Please provide an identification matrix showing campaign backers who were lithium ion investors who had had their contacts exert influence over NHTSA decisions regarding Tesla?

    – The Secretary of energy was friends with all of your investors. We have been unable to find the name of even one person from OPM and Congressional nomination file wrapper for Steven Chu’s nomination, who Chu did not later give DOE $$ or perks to. Why is that?

    – The U.S. Post Office, The TSA, The DOE, The GAO, Panasonic and over 100 of the leading technical companies in the world say lithium ion batteries can spontaneously explode. WHy do you not disclose this to your buyers in your literature?

    – The Tesla can blow-up from it’s charger and/or it’s batteries. Are there other dangers that have also not been disclosed?

    – Is Tesla operating in violation of the patents of any other company?

    – By Elon MUsk’s own admission, at the time of the DOE loan application all of the car designs were $100,000.00, PER CAR, over budget and they had no final design for a factory production run DFM. How could Tesla have gotten the loan with the worst debt ratio, the least engineering, the greatest financial risk and the least collateral of any applicant?

    – Tesla lobbyists worked with Rahm Emanuel in the White House, to arrange their loan deal. Rahm Emanuals Senior Finance Aide was recently arrested for bribes, kickbacks, corruption and money Laundering. Does this call your dealings into question?

    – Rolls-Royce Holdings said the U.K.’s Serious Fraud Office has opened a formal investigation into bribery and corruption of government officials for cars for the 1%. Does this worry you?

    – The NHTSA said that Elon Musk lied about Fire Safety Review approval and request for recall. Should we trust Elon Musk?

    – Tesla got another $34 MILLION of our tax money in exclusive campaign finance kickbacks for billionaires from the State of California. Why did Tesla billionaires need a few million of our tax money in a recession when people have no jobs?

    – The German Tesla “Safety Review” was exposed as “Sham” in that they conducted no safety review and were just told to “pass the car” by your bankers at Deutche Bank! Why did you not discvlose that the German’s conducted no testing of your battery system of any nature?

    – In Tesla’s own filed patent applications you state that your batteries WILL explode spontaneously and kill and injure people and burn down their homes. Why did you not disclose this in buyers documentation?

    – Tesla is MORE likely to catch on fire than gasoline car”per Bloomberg & MIT. Why did you not disclose this?

    – Lithium Ion is “nearly impossible” to extinguish, “acts like solid rocket fuel” say firefighters. Tesla never supplied required CO2 fire extinguishers to cars. Why not?

    – Federal Investigators say you are using “exploding flashlight batteries that were never intended to be used in cars, in improperly shielded box” to power car instead of commercial energy storage technology. 85% less lithium crash protection on Tesla than ANY OTHER ELECTRIC CAR. All other companies had to recall EXCEPT Tesla. Why not?

    – Over 150 defects and problems per model about the Tesla have been documented on user-forums and in the press including: “Doors lock you in and out. Bad if car on fire!”; “George Clooney Rips Tesla: ‘Why Am I Always Stuck On The Side Of The F*cking Road?”; “Tesla “Satisfaction” survey authored by it’s own investors/fanboys”; “Tesla seat vibration causes Anal Itching!”;
    “VAMPIRE POWER DEFECT slams entire Tesla Model S fleet!”; “Numerous defects documented by owners online.” When the NUMMI factory was in use by GM and Toyota only 5 defects per model car produced there occured. Even after you bought brand new robots, why did the Tesla cars get worse in a pre-configured factory with billions of dollars of past car preparation?

    Thank you for your consideration. We look forward to your public response to clarify these issues.

    Sincerely,

    The American Independent Auto Association
    The Friends of Gary Conley
    Former Staff- Bright Automotive
    The Ingram Fund
    Brett Winston
    Target News Team
    Anton Westerly

    Like