Whatâs with the hairballs of alphabet soup parentheticals spewed all over all these NSA presentation slides? If the viewer knows what they mean theyâre unnecessary, and if the viewer doesnât know what they mean theyâre useless.
All that budget and they canât afford the Tufte books?
âIn contrast to [most] GCHQ equivalents, DISHFIRE contains a large volume of unselected SMS traffic,⌠This makes it particularly useful for the development of new targetsâŚ"
Sounds like theyâve given up looking for the proverbial needle in the haystack. Now theyâre just making more haystacks.
âDevelopment of new targetsâ â what a chilling phrase, so many unexamined assumptions, so careless of consequence.
Yeah sure the military-info-industrial complex can rebuild the flight deck of imaginary spaceships but JEEZY-CREEZY their slides are breathtakingly shit.
Theyâre like those 1950âs aliens who had the technology to skip across the galaxy faster than light but couldnât master the advanced Earth technology of the apostrophe.
If you have worked in IT for large corporates at any time in the last decade (especially if you are at the decision making level) you would have been invited to an endless stream of vendor lunches promoting Data Warehousing and CRM products. The only vendors that are able to supply the NSA with infrastructure on the apparent scale they are operating at are the usual suspects in the top tier enterprise market. They are building massive aggregated data repositories that are probably technically âlegalâ if you look at it from a certain conceited angle.
Dishfire, PRISM, MUSCULAR, Fairview etc are âoperational systemsâ that feed raw data into the ETL Layer and are completely insulated from the end analysis of data. Snowden claimed that as a consultant, he could look up data on anybody, so there appears to be a monolithic aggregated data warehouse, or more likely, a federated database system offering a common schema to query constituent databases internationally (I have written more than my fair share of proposals and documentation).
On the output side, Data marts at various levels of classification let them dig through the dataset. XKeyscore is an example of an internationally available tool that queries a data mart that provides a selection of intelligence information to friendly intelligence agencies. It is query based, and will gather information on those queries based on a 24hr - 30 day buffer, but if something of particular interest is discovered, more precise queries can retroactively gather additional information. This is a data mart with a relatively small âOperational Data Storeâ attached to a data warehouse system.
If UK had, under the umbrella of UKUSA, access to a data mart that provided them with a subset of the aggregated NSA data that excluded UK citizens (apart from those allowed under Anti-Terrorism acts), that would be kosher, in their humble opinion. Likewise, the US can build data marts that query the warehouse excluding US citizens. The UK can submit information that it has âdiscoveredâ about US citizens without penalty under UKUSA and vice versa.
The US is probably also free to build highly classified datamarts that directly query the entire data warehouse, stricly for use in extraordinary circumstances. You know, in case of war, or martial law or something. Ok, just this onceâŚ
It is tempting to see what the US is doing as some sort of Manhattan Project of surveillance, or âSkynetâ, but the reality is far more disappointing. The whole thing is standard enterprise architecture practice, and owes more to IBM Rational System Architect than Orwell. If you want a vision of the future, imagine a sales consultant clicking through powerpoint slides - forever.
I like the fake corporate outrage from Vodafone. They were exposed as longtime partners of the GCHQ in a previous leak.
GSM security is shockingly bad anyway. Iâd be more surprised if they werenât doing this as its so relatively easy and the volume of data is small compared to the contents of phone calls.
Also, this is a large store of potential blackmail material, for now or the future.
this looks like a presentation, and so the speaker would probably use the full description of any not common abreviation
I think the âalphabet soup parentheticalsâ are classification levels and âcaveatsâ indicating who the information can be released to.
I would guess that the parentheticals are required in any document produced at NSA. A technical description of the nature of the secrecy on every paragraph. It is not of any consequence that the paragraphs are only one sentence in this case. Universally ignored.
The creepiest thing about this is the smiley face at the intersection of sets in the Venn diagram. We all know someone at work who will do shit like that on a PowerPoint slide.
I have been trying WICKR; itâs freely available for Apple and Android devices; full encrypted text, video, voice, pictures; it installs in five minutes and so far it works. If we can get a bunch of people trying this thing, maybe we can slow down the âdata harvestersâ a bit.
yup.
u- unclassified
FOUO - for official use only
s- secret
etc.
classifying line-by-line makes it easier when itâs redaction time.
I just continued to be amazed that Snowden had access to such disparate programs.
For example, itâs just terrible opsec that he had access to both this SMS program and the radio program. They are just so different that the type of unfettered access to the details of both is something that I canât imagine he had at his level, let alone the scores of other information heâs released.
I will not be surprised to learn that he had help in obtaining some of this info.
Itâs probably a sad sign that the thing that has me most outraged at this point is that the slide uses the word âmetacontentâ to replace the perfectly good âcontentâ, which anyway would be the correct term for what theyâre collecting - the content of text messages.
I just canât bestir myself to outrage at the NSAâs abuses of US citizens, the constitution, democratic oversight - the only thing that gets a reaction anymore is their abuse of the English language.
There have already been articles about how he got this information, from borrowing his superiorâs credentials to using his own system administrator privileges to get on systems he would otherwise have no âneed to knowâ on. Thus far we have not seen any mention of accomplices, and he had the tools necessary to do everything himself, so itâs plausible that he acted alone.
Iâve read those accounts and I find them a little incredulous. Both he and his supervisor could have been immediately fired (or worse!) for sharing credentials. Itâs very very rare to find two people with that level of clearance who would be willing to take such a risk. People with that level of access tend to be very paranoid by nature.
That aside, the fact that he and/or his supervisor would have such access violates core principles of SCI. http://en.wikipedia.org/wiki/Classified_information_in_the_United_States#Access_to_compartmented_information
The first weekâs worth of releases: plausible. The fact that weâre seeing weekly if not daily new revelations makes me very skeptical of the idea that he grabbed all this himself.
Whatâs written in the books and what people actually do arenât always the same thing. Sometimes people just have to get work done. Itâs one of the paradoxes of security, where if you bolt down everything too tight, people have to start ignoring your rules just to get their job done, and in the end open up bigger vulnerabilities than a slightly less restrictive policy would have.
Well done.