Slashdot Mirror
Speculation On Large-Scale Phone Location Snooping
An anonymous reader recommends a speculative blog entry by Chris Soghoian up on CNet. Soghoian makes a convincing case that the NSA could be using loopholes in the law to gather real-time location information on the mobile phones of millions of people. There is no hard evidence that this is happening, but the blog post sheds light on the dense undergrowth of companies populating the wireless space that could be easy pickings for a National Security Letter with a gag order attached. "While these household names of the telecom industry [AT&T, Verizon, and Sprint] almost certainly helped the government to illegally snoop on their customers, statements by a number of legal experts suggest that collaboration with the NSA may run far deeper into the wireless phone industry. With over 3,000 wireless companies operating in the United States, the majority of industry-aided snooping likely occurs under the radar, with the dirty work being handled by companies that most consumers have never heard of."
...is read your EULAs!!!
Oh look, here on page 13, "You hereby agree to the NSA spying on you without any legal notification of any kind."
Modding me -1 troll doesn't make me wrong.
Unfortunately, this is just one facet of a larger problem with no especially easy solution.
Trouble is, a lot of modern high-tech, networked systems generate huge amounts of potentially creepy data just in order to work. Your cellphone is useless if the network doesn't know what cell you are in, who you are calling, and what cell they are in. Nor does it work if the network doesn't know which handset and SIM are yours. Credit and debit cards only work because the system knows who to transfer money from and who to transfer it to. Hell, the internet isn't going to work all that well if systems between you and your destination don't have the information they need to deliver packets.
Now, none of this means that we should aggregate and make use of these data, indeed, I think we shouldn't. However, because all these data necessarily exist for the system to work, they are constantly just sitting there, yours for the collecting. That makes legislative or cultural safeguards extremely difficult to build, even under the best of circumstances(ours are not the best of circumstances).
Unfortunately, I don't know of any good way out. In some cases, it might be possible, with sufficient will, to build systems that don't generate so much compromising information(I hear very interesting things, for instance, about using clever crypto tricks for electronic currency). In others, that may not be possible. While you can, at a cost of latency and bandwidth, make tracking your activity on a network a nuisance(see tor), you would be hard pressed to defeat an opponent who can see the whole network, and you certainly can't match the efficiency of unobfuscated traffic.
Barring a more or less apocalyptic collapse of modernity, we are going to have a damn difficult time building technology that doesn't, just in order to work, know rather more about us than we would like. Nor will it be very practical to directly legislate against particular abuses, the tech changes too quickly, and a disconcerting proportion of legislators are thick as posts when it comes to technological issues.
If there is any hope at all, which I'm not sure that there is, it would be in doing what we can technologically(cryptographic cash + encrypting everything we can + avoiding potentially backdoored systems) along with encouraging a culture that rejects surveillance.
In the country I was born, about a quarter of the population were recurited as informers of the secret services.
The scale of this "domestic intelligence" was virtually unknown (although suspected by some) until recent laws allowed some old records to be opened.
Yet, even now there are still people who (out of ignorance, political reasons, blind trust in the government, financial gain etc.) still ignore or deny the fact that mass spying was going on such scale.
Based on this experience, if I were you I'd at least entertain the possibility that such thing is possible to do.
Especially if, as the article points out, it is possible that a lot of seemingly innocent data is obtained from a variety of (helpful) sources and then stitched together into a coherent profile by a secret agency with huge budget. ;)
This will not solve the problem of the NSA and everybody else knowing who you speak to and for how long and what time. The fact that your only words on the phone are "Aunti feels better now" are encrypted or not are mostly irrelevant. (Perhaps even the message is some sort of code)
With all the data available, what they are interested to see is who talks to whom and se how the networks are. Only then will they perhaps be interested in taking a closer look at what you do.
Don't fight for your country, if your country does not fight for you.
We in the intelligence community call that a SCIF: http://en.wikipedia.org/wiki/Sensitive_Compartmented_Information_Facility
Yes, let us look at that overhead.
High speed data connections to every data center of every cell phone service provider. We are talking OC3s at a minimum.
Paying the network admins, sysadmins, production support analysts, managers, accountants, and executives of every company, even after they leave the company and/or industry. Oh, and some of those people will have to falsify financial reports, SOX compliance, etc. which can get them sent to jail, so it won't be cheap.
Everyone always forgets that the difficulty of keeping a secret increases exponentially by the number of people keeping the secret.
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
The illegal kinds of stalking are those, where (unwanted) physical presence takes place. It is criminalized under names such as "criminal menace" or "criminal harassment". I don't think, what we are talking about here (which, mind you, is in itself some blogger's speculation), would rise to illegal stalking, even if it were true...
In Soviet Washington the swamp drains you.