NSA harvests 200M of SMSes every day with untargeted, global "Dishfire" program

In what world is “Meta Content” = Content ?

It’s disturbing how much the current political system is twisting concepts and definitions to equivocate on the laws of the nation.

1 Like

I commented above, but I believe they’re doing that is to bypass legal definitions.

Same reason we now have enhanced interrogation tactics.

1 Like

I’m not talking about a “slightly less restrictive policy.” I’m talking about fundamental firewalls between separate operations. To reiterate my example, the Dishfire and the Cottonmouth projects are so fundamentally different in nature that it would be very unusual for a guy at his level to have access to (or even knowledge of) both.

And yet, he’s attributed to having access to some 30 different subcompartments? http://www.myantiwar.org/view/268615.html (Cottonmouth is not even on that list)

You are welcome to believe what you want, but you’re not giving me reason to retreat from my skepticism.

The traffic is the haystack. What they’re doing is making more needles.

1 Like

The letter and the spirit of the law was once understood as enough to catch the bad guys. So much for that.

NSA: You said we couldn’t grab any content on American citizens, you didn’t say “Meta content”.

I wonder if the attrition rate at NSA has changed at all because of Snowden’s revelations?

Unfortunately, I believe our current social-media overlords have aided and abetted the current zeitgeist in understanding how one can infinitely maneuver around the letter and the spirit of the laws.

All it takes is a good PR campaign, a media blitz and fake reference sources to prior works to act like this is the real definition.

A good example is the PR war waged on wikipedia to generate content that has no merit to the general public, but is valuable to the google aggregation engine, which then drives visibility.

I haven’t seen it yet in the snowden leaks, but a couple of years ago, a story was posted about the CIA/NSA or whoever had put out a request for proposal on a piece of software that could track at least 50 pseudonyms on Facebook; lo and behold, twitter is infested with the same type of software.

The zeitgeist is fanning the flames to continually redefine our perceptions, and it’s clear that our current systems of checks and balances simply don’t work because they’re too slow.

They simply cannot keep up with how people, public, private and in the NSA are rerouting concepts and ideas to fit their agendas.

There’s a great quote to end with, and I’m arsed to find it, but it revolves around rallying people to an idea after one has chosen a course. It’s almost as if technology has switch from following to leading.

1 Like

The tail wagging the dog, maybe? But good points, all.

1 Like

And he’s the guy tasked with making sure the servers in a particular datacenter stay running? Every project doesn’t get their own set of sysadmins, that would be hideously inefficient. While he theoretically wouldn’t have access to the live data, it’s hard to completely block the guy who needs root to keep the machine patched and up to date.

And in some cases where he was effectively blocked, he was able to use his superior’s credentials instead.

Apparently he worked on a smaller site and odd hours so the oversight was not as stringent as it might have otherwise been.

Something deeper than that, but that’s sufficient. This is as close as I got:

It is not to be forgotten that what we call rational grounds for our beliefs are often extremely irrational attempts to justify our instincts.
Thomas Huxley

1 Like

Do you have any references or professional experience with security at the national intelligence scale to back up that opinion? Because right now you are arguing by assertion.

The wiki article I shared with you previously expressly states

To achieve selective separation of program information while still allowing full access to those working on the program, a separate compartment, identified by a unique codeword, is created for the information. This entails establishing communication channels, data storage, and work locations (SCIF—Sensitive Compartmented Information Facility), which are physically and logically separated not only from the unclassified world, but from general Department of Defense classified channels as well. [emphasis mine]

See also: https://www.fas.org/irp/dni/icd/icd-503.pdf which details the risk management guidelines for this stuff. Particularly relevant for this conversation is the accreditation process, role of the authorizing official to be responsible for ensuring the design / architechture comports with the risk levels described on page 5. I’d be surprised if not a few of these programs, if not all, weren’t in the highest risk category, thus requiring the greatest oversight.

And yes, “hideously inefficient” is what our government does.

1 Like

The fact that Snowden could access all the data, strongly suggests that they are warehousing it, or at least have a federated database system. The Data Warehouse model fits well with institutional funding too (there are many academic papers to justify it), as it is highly modular. Information gathering and analysis programs can be added or decommissioned, but the core infrastructure remains.

These operational and analysis programs are classified in line with traditional models of security, due to varying degrees of sensitivity (capability, international agreement etc), but the repository of the data could well be classified at the lowest common level. If you are operating under the conceit that blind interception and warehousing of the data isn’t surveillance, having a flat, and relatively low level classification makes sense, in that any data mart/analysis program can reap the rewards of aggregation. In their mind, surveillance starts when you make a targeted intercept of information. And that only occurs when a data mart queries the warehouse.

Somebody has to manage the warehouse, and those sysadmins will have the ability to query the federated schema. After all, it is statistically largely ‘junk’ data. In their legal opinion, it is not intercepted data at all, just a recording of background noise. Contractors working on intelligence gathering programs and data marts will also have access to the federated schema. To the NSA, they are the equivalent of a field agent sitting in a secret room in the basement of a Berlin hotel, checking the recording gain on the microphones. It is only when the recorded conversation is in the hands of an analyst who has read the dossier of Mr Jones in room 443, that the information becomes sensitive. The recording technician just has to make sure that the system he is working on is on the down low.

Traditional models of an intelligence program, where interception and analysis would take place in a separate and discrete manner and only output high quality intelligence, are largely irrelevant. If we are running around exposing one program, such as PRISM, or XKeyscore, they have others. It is like trying to take down the global banking network by railing against ATMs.

Security in the traditional sense is being overridden by a push for integration. IBM Rational System Architect handles DoDAF, NATO Architecture Framework and MODAF. These frameworks are internationalised through UPDM (US/UK) and the IDEAS Group (US/UK/Canada/Australia/Sweden/NATO). The first ‘core process’ of DoDAF is ‘Joint Capabilities, Integration and Development’. Connect everything to everything else. Essentially, the current paradigms of enterprise architecture, as taught in business schools are infesting government at all levels, including international security and diplomacy. Who else is qualified to run such large scale IT projects in this day and age?

2 Likes

Please clarify “all that data” that “Snowden” released.

All the documents that I’ve seen thus far attributed to him are powerpoint decks.

Highly polished slide decks. Polished to the point that some lowly security analyst has had to review them, line by line, and tag each line-break with it’s security classification.

I appreciate your position, but you focus variously on “data” or “data wharehoused in a federated system” or a “repository of data” or “largely ‘junk’ data.”

Higlhy polished slide decks are not what I consider to fit any of those descriptions. These powerpoints are carefully made, well-digested descriptions to provide a high-level overview of the programs that are collecting the data.

Snowden may very well have run one or a handful of data marts. And thus positioned, might have been privy to the overview slides of same. But at 30 one of the narratives has to break - either the NSA, the greatest spying organization ever, has terrible internal opsec, or that Snowden has help.

Obviously, for Snowden to get as far as he’s done he has terrific personal opsec, as the stories where he’s interacted with Poitras and Greenwald show. So it’s possible that Snowden has alliances with other similarly positioned sysadmins who oversee their own SCIFs and he’s agreed to be the public face.

We’re seeing a steady release of data because that’s the way the Guardian and the Washington Post are managing it, to keep the story above the news cycle, to maximise the pressure on our governments.

Snowden himself worked for the CIA from 2007 to 2009, then subcontracted until 2013. He first contacted journalists in late 2012 and bailed out to Hong Kong in May 2013. Even if he’d only started to formally gather data after contacting the press (unlikely) he still had half a year to do it. There’s skepticism, and then there’s irrational doubt.

Weren’t you questioning how Snowden got hold of so much data upthread? Either it’s a lot of data or just a bunch of Powerpoint slides, make your mind up.

If you have a point to make about me contradicting myself, I’d appreciate you taking the time to actually quote the statements that you find to be in conflict.

I’ve just reviewed all the comments I made in this thread, prompted by your jab, and find the only time I mentioned “data” prior to this response to @nic was when I quoted wiki and emphasized “data storage.”

I don’t ask that anyone here believe my position on this issue. But if you want to debate it I will - and I will insist on fair and respectful debate.

Why quote you? Don’t you know what points you’re making?

Does not the juxtaposition of these two quotes suggest where my confusion as to your point lies, and where an explanation might illuminate?

I do know what points I am making and I differentiate between data and releases and revelations and documents. And, also, info / information

I shall not use them interchangeably and have no interest to discourse with someone who’s not going to reciprocate.

Snowden claimed that while contracting at the NSA, he could pull records on anybody. He claimed: “I, sitting at my desk [could] wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email”.

Greenwald later reported that this claim was based on the capabilities presented in the documents on XKeystore.

Snowden copying documentation is incidental to this.

1 Like

Sure.

Makes sense.

If you believe that Snowden is a reliable narrator.

I know you’re not talking to me any more, but if that’s the totality of your point, it’s a pretty banal one. Nobody is a reliable narrator, and it’s a rare piece of evidence, considered only by itself, that points in only one direction.

Instead of hinting at secret knowledge, how about you come out and state what you believe is the truth about Snowden?