NSA responds to damning WSJ, WaPo articles on vast reach of spying programs


#1

[Permalink]


#2

The NSA/FBI spied on all peoples email in Salt Lake City ahead of the Olympics. They are using this system for crowd control.

http://www.techdirt.com/articles/20130821/00421524264/nsa-fbi-spied-all-emails-salt-lake-city-before-after-olympics.shtml

How is it that this program is so expansive involving so many people and yet we have only just been made aware of the extent of their spying capabilities? How many millions on people have access to this data? Do state and city law enforcement have access to the data? How many moles are their in the system just lifting tons of personal, professional, and financial data out of the system? If a lowly soldier and government contractor can walk away with the jewels of the American intelligence apparatus just how big and how open is the security hole/backdoor the NSA put into US telecommunications?

These guys are complete bumble fucks. I wouldn't trust them with the codes to a toaster oven.


#3

Because you haven't been paying attention. Those who ignore history, et cetera, et cetera.

Many years ago there was a widespread assumption that the NSA was working on email keyword scanners, to the point where many hacktivists were running "signature block" generators which appended a bunch of terroristic phrases to the end of each e-mail -- often along with "Hello, NSA!" taunts -- with the vague hope of spoiling the statistics and making such scans useless. It fell out of vogue as the Endless September effect took over and the typical Internet population became much less technically sophisticated.

Old advice: "Any time you connect to a machine, you're connecting to every machine that machine ever connected to. Practice safe hex." If you want it secure, it's your responsibility to find or create services that will keep it secure. They won't be as easy to use. They may not be free. And by using them you're probably announcing that you may have something to hide and increasing the spooks' active interest in you.

If this bothers you, I highly recommend Snail Mail. The US Postal Service has strict rules against tampering with the mail, and hardcopy can't be bulk-scanned. And gods know they can use all the customers they can get.

Understand the technology. Understand the history -- remember that the Internet evolved from the ARPAnet and the government has always felt a certain ownership interest in it. Understand that data analysis and extracting useful information from huge amounts of background noise is one of the NSA's major areas of focus.

Then decide how much it really matters now, and how much it may matter in the future.

Then get on the horn to your congresscritter and give them a piece of your mind. And with the other piece, remember that conversations in public are not protected, and that "public" is not well defined in this space, so if you don't want it heard your best best is not to say it in the first place.

You don't have to like it. But if you don't grok it, you can't either protect yourself or get useful rules passed.

(This, BTW, is why I say Snowden's info was Old News and not worth the attention it's been given. If you didn't know that it was possible you weren't paying attention to the Internet; if you didn't think it was likely you haven't been paying attention to the Homeland Security Theater fiasco.)


#4

I'm reasonably comfortable with allowing the NSA the ability to touch 0.000004% of all the world's internet traffic, but only if there is transparent and independent oversight that this is what actually can occur. 1.6% is mind-boggling.


#5

"Touch". What a beautifully weaselly word. Does that mean that 1.6% of the world's Internet traffic is actively funnelled by direct request of an analyst? Because I'm pretty sure the leaked presentations and FISA court decisions show the machines are "touching" a lot more than 1.6% of the world's traffic.

Percentages are beside the point at any rate - the point being "come back with a warrant".


#6

Remember that, even if they aren't using DEA math, that it would be comparatively 'honest' to calculate that number as 'traffic by volume' rather than 'traffic by activity'. Consider, for instance, all the netflix traffic, Windows Updates, downloads of uninteresting programs, and other bulky-but-boring communication that the NSA has no reason to be interested in (or, even if it is interested, they only need to 'touch' the first few KB out of a hundreds-of-megabytes-to-gigabytes collection of traffic in order to get the salient details).

When people watching Gigli count for 2GB/hour, and emails are lucky to weigh in above 100k(with formatting fluff), you can touch a lot of the good stuff with a relatively small percentage of the traffic.


#7

HA! Practice safe hex... I'm older than DES.

We only heard bits and pieces before Snowden. The difference is Snowden proved it which is much different that speculating. Now you know you're in their sights.

Technically speaking, they owns us. Everything protocol and service will need to be rewritten for a network that is much more hostile that we thought before. The tor project was original started to help activists in China and Iran. I never thought I would need to use it here.


#8

Remember DES's antecedent, Lucifer? (Can't claim I ever used it in that form, admittedly; that was a DARPA project and at the time needed a pile of dedicated hardware.)

IP was never designed to be robust against snooping, only against loss of nodes. If you didn't want people to see the content of your packets, it was always up to you to encrypt that content. We were briefly protected by sheer volume, and folks got careless. Technology has caught up with that. Had to happen.

"The internet interprets censorship as damage and routes around it"? Maybe, but sometimes the solution is to remember that not everything belongs on the Internet in the first place. Tools for tasks.


#9

What do you think about a broadcast model for private communication? A large pool of users both append to, and read from a stream of binary data. The data should be encrypted in such a way that the reader doesn't know it is for them until they try to decrypt it against their private key, so it difficult to associate senders and receivers for a sufficiently large pool of contributors.

It has scaling issues of course.


#10

Bitmessage has promise but it needs some peer review. I've looked it at it. I have some concerns.


#11

Focus on the data. Who has access and who is abusing it. Back doors are security holes. We know that NSA shares there data with FBI, DEA, and other agencies. We know that they share data with German secret service which really shakes up Mericans. We can assume other European governments have access too. Scores of contractors have access to the data. Who doesn't have access to the data? Who has access to the data equally important as the collection of the data.


#12

Why does it matter what the NSA says? They have no credibility anymore. I don't believe them. By linking their statements, you are just giving a voice to a serial-liar.


#13

I love how "touches" is in quotation marks.

Show me on the doll where the NSA "touched" you.


#14

"I con the record . com" - priceless,


#15

That is a crafted document, full of "I see what you did there".

For example, they don't have sift through and have unfettered access to (maybe one or the other?) 75% of U.S. online communications. Rather, they only "touch" 1.6% of the WORLD'S internet traffic. Given that I doubt they're tapping into China's backbone and most of their facilities are in the U.S., I suspect their inside-the-U.S. numbers to be considerably higher. I also suspect filters such that they never "touch" things like MP3s or pr0n or YouTube streams.

Email, Facebook, chats, and web searches of everyone in the U.S. could easily fit into the figure of 1.6% of world traffic.

Frankly, I find 1.6% of world traffic to be an alarmingly HIGH number for them to own up to.


#16

My response to the NSA.

The following are the facts:

You keep using that word, I do not think it means what you think it means.

The reports leave readers with the impression that NSA is sifting through as much as 75% of the United States' online communications, which is simply not true.

Great! It's far from the only problem, but it's a start. So what percentage of the United States' online communications DO you 'sift through'?

In its foreign intelligence mission, and using all of its authorities, NSA "touches" about 1.6%, and analysts only look at .00004% of the world's internet traffic.

Riiiight, so that's not an answer to the same question, and I think you know that, don't you? Were you my child, I'd accuse you of being deliberately deceitful.

As a representative of such an important office, I assume you expect to be held to a higher standard than a pre-teen?

Legal babble saying basically 'it's okay to do what we are legally, and we only have to tell people when we decide it's okay, which I'm sure you're aware is never, right?

You didn't actually say that, did you? That'd be honest, I must have failed at cut and pasting, let's skip to the end.

The collection under FISA section 702 is the most signifigant tool in the NSA collection arsenal for detection, identification, and disruption of terrorist threats to the US around the world.

That's really funny, you start off by being deceptive and expect us to believe you now? Because we've never been lied to by representatives of our government about the effectiveness of your crazy programs.

And these 'terrorists', they're not my fault, they're not the fault of my parents or children or anybody I know, because we don't blow things up in other countries and keep making more of them.

How about you guys all go to some island somewhere, and you can fight the terrorists from there, and you can stop stealing our resources to do it and using us as human shields, k?


#17

"The NSA "touches" about 1.6%, and analysts only look at 0.000004% of the worlds internet traffic"

To play Devil's Advocate, i think that by reading BoingBoing i touch about the same internet.

also, i like the statement from the NSA, its cool to know that they are only using their omnipotent, injust and totally inhuman spying capability for good! I guess we can all calm down now? smile


#18

As for the nsa.gov link . . . "servers are not responding . . . "

Of course.


#19

The NSA should be renamed to the NSA (National Statistics Agency) and all of their data should be made public over the internet.

When will the 1%ers learn that Its not the collection of data that we mind, its the secrecy on our data that we mind.

We don't care what they use it for, but we do care about their not letting us play with it.

This is another internet moment.

You know, the internet? The thing that created email, Google and a jillion commercial web sites, destroyed print advertising, is creatively destroying print everything else.

What else are the selfish idiots preventing us, the citizens who pay for it all, from doing?


#20

U.S. Postal Service Logging All Mail for Law Enforcement