Slashdot Mirror
NSA Can't Search Its Own Email
cycoj writes "The NSA says that there is no central method to search its own email. When asked in a Freedom of Information Act request for emails with the National Geographic Channel over a specific time period, the agency, which has been collecting and analyzing the data of hundreds of millions of Internet users, says it can only perform person-per-person searches on its own email."
Perfect example of "do as I say, not as I do". But this isn't just a NSA problem, it is a government problem.
sudo make me a sandwich
FTFY
The cow says "Moo." The dog says "Woof." The Timothy says "Thanks, valued customer. We appreciate your input."
var irony = UInt64.MaxInt;
Requiem for the American Dream
That is rich......
The NSA says that there is no central method to search its own email.
[cough] Bullshit [/cough]
they are only trying to get rid of some of the attention they have now ;)
NSA, we are watching you!
I'm sure GCHQ https://www.gchq.gov.uk/Pages/homepage.aspx will search your mail and that CESG https://www.gchq.gov.uk/AboutUs/Pages/CESG.aspx will advise you on how to fix your problem.
Maybe they should run all their internal email through their PRISM system, that way it can be searched for keywords and META data much easier. Problem solved.
That's such a line of shit.
It's not that they cannot search their emails. It's that they have chosen to not create a search mechanism, because they have found this excuse is accepted by the courts to deny information requests. They will use every trick available to them to avoid adhering to laws they don't like.
Do you really believe anything they say?
I suspect the real reason is that they don't want to, not that they can't. In the NSA's defense, when an organization works with highly compartmentalized information, having the ability to scan all employees' email is not wise from a security perspective.
Isn't this pretty much what privacy adocates have advised for years? The NSA is one of the groups gathering people's data against their will. If anyone knows what possibilities to avoid if you don't want people in your data, it's them.
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
How convenient for them.....
As an Exchange administrator, I can say that searching across an entire mail database is absolutely possible, and also very simple to do from the Management Shell. They're either lying, or just don't want to do it.
Snowden didn't seem to have a problem finding information. Maybe they just need a contractor to come in and do it for them...
[RIAA] says its concern is artists. That's true, in just the sense that a cattle rancher is concerned about its cattle.
If I were in charge, and the agency responsible for technological espionage and information security told me they couldn't search through their own emails, I would fire them. Every single one of them. Bam. Agency dissolved, someone go think of a new TLA for the new agency. This is like a Navy that can't figure out how to dock a battleship, or a tax agency that doesn't know what all the valid exemptions are. Complete and utter incompetence.
What's saddest is that this almost certainly isn't true. They've got these capabilities. They're just trying to hide something ("everything" qualifies as something, for their purposes). *Maybe* they're telling the truth, if they've got some custom, highly-encrypted system where emails can only be decrypted by the users. But that doesn't seem like the phrasing used here.
What's saddest is that "we're completely fucking incompetent" is not just the excuse they went with, but that it actually works.
It's time for Congress to disassemble this agency. Their track record of protecting the American public is horrible.
What a bunch of lying douches.
This is a muse to get more money.
I'm fully convinced that all government agencies exist for the sole purpose of extracting as much taxpayer money as possible.
I concur it's very simple to search across and pull user or timeframe emails. If they are like any other branches of the gov why are they not required to maintain backup copies of email? Wasn't there a big thing during the Clinton administration that resulted in Washington keeping emails on record after that?
Even if their server can't do it what about their backup repository.
I am Bennett Haselton! I am Bennett Haselton!
No doubt a trusting agency such as that would already be scanning their internal emails looking for leaks.
I am Bennett Haselton! I am Bennett Haselton!
As an Exchange administrator, I can say that searching across an entire mail database is absolutely possible, and also very simple to do from the Management Shell. They're either lying, or just don't want to do it.
Of course it's possible with Exchange or with anything else for that matter. There is an exception to FOI requests where getting the information is expensive. What they mean is they can't do it within whatever small budget they allocate to serving FIO requests.
government lies were more believable. Nowadays they don't even try to pretend they give a fuck.
Disassemble? No disassemble Johnny 5!
sudo make me a sandwich
Too incompetent to be transparent, then too incompetent to have power like with Prism.
while(1) attack(People.Sandy);
They might not be using exchange.
I can confirm that it's not easy to do if you use Novell Groupwise and rightly so. Admins should not have access to users mail. But the fact that they do not have an e-mail archiving system is interesting i taught that it was the law for government agency.
Lie, lie, lie, until you get caught, 'cause there's nothing to lose and everything to gain.
"When information is power, privacy is freedom" - Jah-Wren Ryel
There are lots of products that do this for exchange. I would bet that it's a security issue or they just don't want the feature.
.. but ends up as truth.
Seriously though, the NSA is directly involved in lying to Congress. Do you think they would have any system that would allow easy discoverability of their misdeeds? I am sure their processes are in place to make any type of lawsuit or congressional oversight as difficult as possible.
Of course, any results this poor fellow would have received anyway would be just pages and pages of blacked out text with the headers and footers as they only "public" information.
NSA doesn't fund their operations primarily with drug running anymore. Insider trading is the best source of funding. And they have all the information they need to do this.
Or whatever large glob of crap they store the email in. They do have servers, right? Somewhere on those servers is a file, RAID array, partition, SAN or JBOD, Most likely encrypted. Hand over the disks, the encryption keys and whatever else is needed to access that Metatdata.
Have the court appoint someone approved by the EFF to sign an NDA/Gag order/whatever and sift through the Metadata removing items which are of key importance. If those top brass military brats think they are above the law, go around them.
Join the Slashcott! Feb 10 thru Feb 17!
Does a good job tracking emails....
Get up!
Not wanting to or it being hard isn't an excuse to not comply with a valid FOIA request. Finding email correspondence is a pretty routine thing that they should be able to handle. If we truly had checks and balances in the system they would be punished for failure to comply.
Simple, they have all that meta data, and can simply put in the National Geographic email domain and it will return a list of who in the NSA had contact with them.
Then they can filter for just those people and those emails.
So they're a bunch of fucking liars and the Freedom of Information Act is the least of the laws they've broken.
Their track record of protecting the American public is horrible.
Or is it? One issue is that it's entirely possible that they HAVE stopped terrible plots and then buried them in the shadows. And I'm sure they'll claim they have done so if they are ever threatened with de-funding or tighter control/oversight, but of course we'll probably never know either way.
I thought they were monitoring, and could search, all communications on Earth?
-- "Simplicity is prerequisite for reliability." --Dijkstra
It's SO f'ing ridiculous, & worst of all? They're trying to feed us BULLSHIT like we're fucking STUPID or something... It's an INSULT to American people's intelligence!
* This really 'sets me off': &, it should all of you also, as fellow americans - we DON'T want this shit to go on -> http://hotair.com/archives/2013/07/24/video-nsa-white-house-getting-worried-about-defunding-vote-in-house/
Mr. Alexander's getting "panicky" & REACTING too: His tax dollars WE PAY FOR *may* be cut the F off... "We SEE you" pal, for what you TRULY are.
Why am I upset along with every other "Joe Public little person" out there? The assholes use it against us, but "OH, NO, not on ourselves!"...
That, & I saw protesters get f'd over - then, the abuse of the IRS targetting political opponents (both of which are WRONG as wrong gets), but then I saw how Gen. Keith Alexander & Mr. James Clapper outright LIED saying they were NOT intercepting communique data of US citizens (especially since the NSA is or WAS not permitted to do so to native US citizenry - sure, "but it's LEGAL" yea, ok - changing the rules IN "SECRET COURTS" (WTF? They're EMPLOYEES OF OURS, not our masters, we have a RIGHT to know what the fuck they're up to, especially when it concerns us), subverting constitutional rights & such is WRONG too - up there with "hate speech" b.s. too - if you say something, it has every RIGHT to be said, but it's up to YOU to listen or not, but it is STILL a right).
NOW, here's a theory on WHY Mr. Obama is trying to VETO this from passing: My guess is that the reason the head of the IRS didn't lose her job is that she'd "spill the beans" on WHO gave her the "go-ahead" to pull her shit as she did (and his hair has turned grey from it this past quarter - now, there's a clue)... same with all the others like Clapper & Alexander.
The rats WILL start eating the other rats when push comes to shove, just like in this video (i have to hand musicians 1 thing - they're generally intelligent & see things WAY in advance) -> http://www.youtube.com/watch?v=vfpgpf6QVnI&ob=av2n
APK
P.S.=> Folks - today, is THE day, where we find out just how "for the people & BY the people" our representatives in Congress are... apk
The developers should always eat their own dog food.
Everyone might be running their own mail server to compartmentalize information, or not storing any information centrally accessible. Imagine the secrets that would be available to the next Snowden if it was...
Yeah this story sounds real. I am not seeing an accompanying article or evidence. Not saying it's not real, but it sounds like one of those government conspiracy theories like the government faked 9-11. Competent enough to stage 9-11 in front of cameras and people, with no one leaking it, then incompetent, for instance Snowden leaking information about the NSA. Who knows...
If I were designing a secure email system I would encrypt each email by default and backup the keys somewhere. However, that would make it *difficult* to to a global search of any kind...
having the ability to scan all employees' email is not wise from a security perspective.
NOT having the ability to scan email is not wise from a security perspective. If someone is doing something they ought not to be doing, exactly how is the NSA going to find out? They claim they need this ability to find out if civilians are dangerous so why would the same logic not apply to their internal operations? Makes NO sense whatsoever.
As an Exchange administrator, I can say that searching across an entire mail database is absolutely possible, and also very simple to do from the Management Shell. They're either lying, or just don't want to do it.
It is also possible on Notes, any Unix mailbox format (maildir, mbox, maildir+, w/e), and any other e-mail system I can think of.
morcego
That is probably one of the dumbest comments I've seen on slashdot for some time. It's like one of those comments you would see on YouTube or something. I'm no fan of government anything, but to say that the NSA has a terrible track record of protecting the American public is just stupid.
I object to power without constructive purpose. --Spock
these PRISonM developers should actually just eat dogfood
I can see one way in which this might be both true and proper. If each account was individually encrypted with keys that only the users had, what they're saying would be completely true. And I think it would be completely proper and even laudatory to run an email system that way. They could search individual accounts by having the users decrypt them, but they couldn't do a wholesale search of the entire email system. This is the way email should be!
A somewhat more likely approach would be that by policy, users are not allowed to keep email on the server. All email must be downloaded or deleted. No online folders, ridiculously small INBOX quotas, maybe a read-once policy where as soon as the mail is retrieved the server auto-deletes it. I can actually understand this being done; I've worked with corporate lawyers who would love to have the email system set up this way for the express purpose of defeating global searches. Anything can be twisted and used against you, so save nothing, leave no evidence. I certainly don't agree with that mindset, but I've worked with people who are like that.
Not that I think it actually is done either of those ways. I think it's far more likely that they're simply lying and refusing to comply. It's probably simply policy to refuse such blanket FOIA requests, and there's undoubtedly a clause buried in the FOIA itself that allows them to require that requests be specific and narrow. You know, in the way that searches of private individuals are supposed to be.
Chelloveck
I give up on debugging. From now on, SIGSEGV is a feature.
It could be that certain agencies are exempt from the law. For your own safety of course. It's better that you don't know.
c++;
My inclination would be to believe that they have built their email system so that what they are saying is technically correct, but I would bet that is because they don't want to (of course, there is a significant chance that they are just lying). However, even if their email system does not technically allow them to search in the manner that they say it can't, there is almost certainly another way of doing so that would yield essentially the same results.
The truth is that all men having power ought to be mistrusted. James Madison
Because it's one or the other. Mayhem ensues....
Then it is.
http://it.slashdot.org/comments.pl?sid=4011121&cid=44371001
* Shit makes me MAD as hell... this line of CRAP? It *may* fool folks NOT into computing, but it sure as hell doesn't fool me (or doubtless MOST OF YOU AS WELL, since you know how this tech works).
Now, I have nothing against men who probably go in with the right idea & honorable intentions... problem is, as I said in the link I posted earlier above? Is that they are JUST MEN, & subject to "Absolute Power Corrupting Absolutely"... & I suspect THAT is what most folks don't like about it, or trust (especially after the IRS fiasco - hell, the head of it didn't even LOSE HER JOB for Pete's sake!).
Same with Clapper or Alexander - you can bet your BOTTOM-DOLLAR it was the MAN @ THE TOP who gave the go ahead, & they told him flat-out:
"Fucker, you FIRE ME? I will bring down hell on your earth spilling the beans YOU GAVE ME THE GO-AHEAD TO DO IT!"
Bank on that - it IS exactly how political scumbags operate "deny, deny, deny" & then when caught? Stick together like glue, to the very end... then, start TURNING ON ONE ANOTHER for 'self-preservation' for power's sake.
APK
P.S.=> I know 1 thing - were I to bullshit a court, much less the Congress/house/senate? I'd be in jail... nobody is though, & that makes ME say "WTF!"... rules, they are for everyone - perhaps MORESO for those enforcing said rules/laws, & they? They HAVE to be "better than" their opponents, & yes, that means morally, & playing the game STRAIGHT UP imo, not lowering themselves to their opponents own "low ground"... you start doing that? Then other rules/law breaking starts!
... apk
I believe it, actually. Ask anybody that's ever dealt with government software what they think of the experience.
Three possibilities :
1 - It's a lie
2 - It's true because they have a super-secure system in place
3 - It's true because they are incompetent (I'm talking about their administration, not their researchers)
Considering the recent turn of events, I'd go with #3.
What Snowden discovered didn't surprise me. Spying is part of the job after all. But the other part is keeping it secret, and they failed miserably.
They're trying the "We can't be legally responsible because we're incompetent" gambit.
Maybe they should use the PRISM system to search the inbox of National Geographic for emails from the NSA. These should be in the system already.
OK, fine.
Here's a solution: NSA takes their entire email database and dumps it out to Wikileaks.
We'll take it from there. Gratis.
Profit!
Faster! Faster! Faster would be better!
The NSA flipping their finger at you looks like.
The working phrase here is: "Plausible Deniability", kinda like: "Above The Law".
They could be lying, or their system could be deliberately designed this way, to limit the amount of information a mole could find.
My ass
Are you suggesting that NSA would be able to scan interesting topics from peoples email communication?
Wouldn't implementing and using that kind of feature be in violation with users privacy expectation and U.S. law!
Sincerely,
G KBA,
DNSA
As experts in security and infomration gathering, maybe the NSA knows how to keep their email compartmentalized and secure from being searched, even by their own people.
Do they license their email system? It may the only one in the world secure FROM them.
I only look human.
My mother is a halfling and my dad is an ogre, so that makes me an Ogreling
There is an exception to FOI requests where getting the information is expensive. What they mean is they can't do it within whatever small budget they allocate to serving FIO requests.
Which is nothing.
This is the problem with writing locally defined variables into laws.
A budget that they make small on purpose.
Don't kid yourself, they are being difficult on purpose.
Fire everyone involved with saying it's not possible.
A pack of rich boys "billionaire boys club" masonic order idiots getting richer @ our expense - Heh, only politician in the last 60++ yrs. or so I didn't see come out with more wealth than what he came in with? Truman.
We also had a guy working FOR us, he got shot dead in JFK (& you can BET by his fellow wealthy who said "Johnny - you're one of US: WTF are you doing helping the STUPID (but far more honest working class) SLAVES for?"). People cried when he died!
Why? Obvious - it was a signal to what Eisenhower WARNED US OF: "The Eisenhower Military Industrial Complex" & JFK too in regards to "secret societies"...
For Pete's sake they're FRAT BOYS grabbing for "MOAR POWER" from wealthy backgrounds! IIRC, another example of that is Desmond Fitzgerald (& his roots as another on THAT account!)
I've been offered to join the masonic order 3x in my life... why'd I turn it down? I'll let another fellow speak for me (oddly enough, in regards to the NSA since they're largely our topic here today):
http://www.youtube.com/watch?v=UrOZllbNarw
My variation on that's simple: ANYTIME you have to do things "in secret" NOT fully truthfully divulging what you're up to? THEN, you're up to NO GOOD, period & being a fucking SNAKE to doit is what.
These people running us, ESPECIALLY AFTER THIS OUTRIGHT BULLSHIT (that might fool the general public but it certainly doesn't anyone into computing) - they're the product of FUCKING GREED, unbridaled greed, nothing more... there is NEVER ENOUGH for them. It's their "drug of choice", power & CONTROL.
I have a theory on that too, one history tend to back: You have 1 generation, like the folks that lived through the great depression & multiple wars... they got sick of living like shit, & cleaned stuff up for everybody (+ once you eliminate the major manufacturing power competitor in Germany? YOU are the "industrial economic powerhouse" with NO competition... all is great, for awhile @ least, say a generation).
Problem is: Folks tend to spoil their kids, yes, even kids who had it good and their parents want them to have a BETTER LIFE with no hell like they went thru... they end up greedy, spoiled "wanting MOAR MOAR MOAR" is the result.
Who's running us, REALLY running us? The 1%'ers... & they ARE of that "ilk"! HOW MANY OF OUR "LEADERS" ARE WORKING CLASS JOES?
Not many, IF any is what. Why? Well, hell - can't put working class guys in here: It doesn't take a 'genius' to figure out HOW TO FIX THE ECONOMIC MESS is why - you bring back jobs to folks, jobs with disposable income. You don't live hand-to-mouth on those, you can actually stand a chance in "courts of 'law'" (secret law) too if you have money... how to stop THAT? Eliminate the competition in middleclass is what. Erode it away totally by H1B visas, so you can pay low wage, the "rich keep getting richer" & so on.
Man - the mess can be fixed - THE "POWERS THAT TRULY BE" along with "the best politicians MONEY CAN TRULY BUY" don't want it fixed... they like it, JUST how it is, for their REAL "Fix" - POWER! Stop the bogus wars based on UTTER HORSESHIT (wmd's anyone?) & bring back jobs to working class folks is how. Legalize & tax pot is another. You can't stop folks from doing it, so, give them what they want, & gain by it.
I'm no economist, but I DID SEE Greenspan quit... why? He knew it was FUCKED UP, & run fucked up is why.
This isn't even ABOUT money - it's about POWER, & CONTROL.
Are our "fearless leaders" skulking in the shadows with secret courts laws/rules changes doing a good job? Fuck no. Were I to do such a "fine job performance"?? I'd be fired in a heartbeat - we're all "expendable assets", right???
They've ruined it all, & now the shit's out in the WIDE OPEN with this one especially... what a pack of lying bastards!
APK
P.S.=> Where'd I get the idea you ask? The "Good Government " BULLSHIT I was fed my ENTIRE LIFE is where along with "We the People" & the constitution + Bill of Rights they're wiping their ASSES with is where... only to find out we're all being PLAYED like stupid fucks! apk
Thus NSA demonstrating, in the digital era, "quis custodiet ipsos custodes". A little bit scary because it raises the question, if the NSA empowers its people to such a degree, but there is not even a similar capacity within the organization to police itself, is there then a potential for abuses on an individual level? Have such individual abuses occured?
The NSA should simply host their email with Google and it will be instantly searchable through PRISM.
Infact the NSA should compete with google and offer its own free email and search engine, PRISM. Just PRISM it!
That are perfectly capable of such a search, in fact they are required to be able to do so for internal investigations.
I guess no one does.
They'd love to help, I'm sure.
I think they probably put a lot of thought into exactly this when they implemented their system. I have no doubt that the NSA has the ability to search the e-mails of their own employees. But, I also agree that they most likely built their system so that they could fend off open records requests in a way that at least seems feasible to outsiders. They may have implemented additional "security features" or add-ons that make it difficult/impossible. But, I just don't see an intelligence agency NOT having the ability to search their employee's e-mails (both individually and system-wide)... I think that internal monitoring is probably very heavy. They don't want any more Snowden incidents, after all.
As an Exchange administrator, I can say that searching across an entire mail database is absolutely possible, and also very simple to do from the Management Shell. They're either lying, or just don't want to do it.
Also as an Exchange administrator, I can assure you that if your database is sufficiently large, such a request can *still* take forever to fill. You're basically looking at minimum 1 day per Terabyte of email. The interface is not quick, and it does crawl it mailbox by mailbox. Yes, you can do it with a single command, but it is prohibitive on staff time to setup/execute and lawyer time to redact the non-responsive bits.
The NSA response doesn't pass the laugh/sniff test for reality.
++c;?