Google and Yahoo's internal data-center fiber secretly tapped by NSA and GCHQ


#1

[Permalink]


#2

I don't know whether it's hilarious, terrifying, or both, that the people in charge of all this ubiquitous unconstitutional surveillance added a smiley-face to their back-of-the-napkin plans.

"Trust us" has become a reliable emetic.


#3

That is one of the best/worst smiley-faces of all time. Of. All. Time.


#4

You don't get NSA-grade hacks without some good techies (who probably have the same general traits, pleasure at finding an elegant entry point among them, as techies who aren't quisling scum). That smiley is pretty much exactly the same tone that you'd see in a presentation at any of the hacker cons, it's just that this one happens to concern a gigantic project by an unaccountable clandestine agency, rather than some guy cleverly haxxoring a Cisco IP phone or something.


#5

So, aside from "Because we can" and "Ah, power without responsibility, feels so good" can anybody discern the objective for going in the back door? Is FISA just too mean about some class of 'metadata' that they wanted? Have large corporations actually grown a spine about things that aren't related to taxes? What is it that the feds would want that they couldn't get by flashing a badge?

Is this just a live-fire training exercise for the same hack against Sina Weibo or something?


#6

Are we really looking at top secret information that consists of a sketch on post-it? Which was then scanned and inserted into a power point slide like some kind of relic?

Well, it's too weird to be made up.


#7

Well, by this method a badge is placed on every bit of data collected before/until it's needed.


#8

My little piece of naivete for the day: Why is it okay for the NSA to subvert the technologies of some of the largest companies in the world when the 14 year old kid who figures out how to bypass school tech infrastructure to post on instagram is expelled (or has her computer confiscated, or is publicly shamed, etc)?
Yes, yes, it's the government and they're allowed to do that and so on and so forth. The NSA's peekaboo shenanigans are seriously undermining civil rights as well as business investment in America, with the corollary that businesses will likely rethink their computer security infrastructure and will also rethink their willingness to work with government officials in turning over requested data.
All this was already hinted at, but really, NSA? WTF?


#9

Among these revelations have been indications that the flow of information isn't one-way... some corporations are getting access to valuable information harvested illegally by this loose affiliation of NSA/Strafor/Saic/Shirtbirds.


#10

Thanks for that--I'd not heard it and I'll shortly be looking deeper into that allegation (got any quick cites for the lazy?).
How long will it take for our lawmakers to finally step up and hold some important hearings about how deep this rabbit hole goes? Oh, wait, I forgot about today's rollcall of votes 48 through 50 to re-attempt to repeal Obamacare, or maybe they're interviewing some Texas sheriff about the Fast and Furious operation...


#11

It kind-of makes the on-going trial of Andrew Coulson and Rebekah Brooks in the UK for "phone hacking" look totally moot. If essentially every phone in the country is already hacked by the government.


#12

I can only imagine that after the companies gave the NSA front-door access through programs like PRISM, it's a serious kick in the teeth to learn that they snuck in the back door, too.

My grandfather used to say something about sleeping with dogs...


#13

And now, the other clown shoe has dropped. Of course they did! Because they hit every pathway to every major node they wanted. Just because they could.

And now we know. That all the bs about only snagging headers is exactly that - pure bullshit. Because, the only way to packet-sniff is to sniff ALL of them. And once they see a header they like? They've already nailed your content, too. And, no way to actually hide all that data from everybody without crypto clearance due to just the sheer volume involved. Oh, theyll lie to Congress all over again - but now we know and they can't take it back.

Let's see now - copyright and patent infringement, industrial espionage, regular political espionage, warrantless searches, HIPPA violations, privileged communications between you and your legal representatives....um, did I leave anything out? Oh! Right to peaceful assembly.

M'kay. Now all I have to do is decide whether to leave them in the dirt or stand and fight. And I'm thinking fight. Because WE own this sombeech - not them. It is indeed a War on Terror. We were just confused about who the terrorists are. Let EFF front the civil end. That's fine. Now, who's still moving cash for Anonymous, anyway?


#14

Here's a start:

http://www.washingtonsblog.com/2013/10/nsa-busted-conducting-industrial-espionage-in-france-mexico-brazil-and-other-countries.html


#15

Oh wow, that's a lot of comments over at Washington Post. Over 2400 at this moment. Even more amazing is that many of them no doubt went to the trouble of registering at WP just to express their outrage.


#16

You have won the intertubes for the next 36 hours!


#17

Until we vote out every incumbent EVERY damn time.


#18

Why can't Google and Yahoo simply encrypt the hell out of all their data transmissions? Which also begs the question, are the giant internet companies transmitting our private personal information without any form of encryption?


#19

The irony of outrage from these companies as they found out they've also been betrayed. I hope it continues this way as enablers, profiteers, and politicians who proclaim the necessity of these intrusions, find they been double-crossed and corrupted.


#20

Encryption itself works. Its everything else that tends to fail. The business model of most of the present day internet revolves around reading your personal data (albeit by machine). Even when sites do have encryption, they have to decrypt whatever you give them sooner or later. The NSA have managed to take the easy route and instead of messing around trying to crack SSL they just directly snoop the traffic after its turned to plain-text.