NSA Can't Search Its Own Email

cycoj writes "The NSA says that there is no central method to search its own email. When asked in a Freedom of Information Act request for emails with the National Geographic Channel over a specific time period, the agency, which has been collecting and analyzing the data of hundreds of millions of Internet users, says it can only perform person-per-person searches on its own email."

big surprise

[Sparticus789]

Perfect example of "do as I say, not as I do". But this isn't just a NSA problem, it is a government problem.

Re:big surprise

[rullywowr]

Probably using Lotus Notes r7. Search function blows.

Re:big surprise

More likely a case of somebody lying to get around a FOIA request, for which there will be consequences. All government agencies have very strict regulations concerning record keeping and FOIA, with jail time possible for anyone who fails to abide by those regulations.

Re:big surprise

[rickb928]

Consequences. They're cute when they say that.

Re:big surprise

jail time??? your funny to think that anyone will see jail time. A promotion maybe.

Re:big surprise

[Sancho]

FOIA does not require that you make it easy to comply with FOIA requests. Nothing in there says you have to have globally searchable e-mail or document storage, in fact. And the costs to fulfill the request are paid by the requestor, not the agency. By using an archaic, difficult to use system, they can legitimately make the costs of fulfilling FOIA requests prohibitively high. Thus they follow the letter of the law, though not the spirit.

Re:big surprise

I've got this great big bridge for sale you might be interested in buying ...

Fortunately, I already know about that bridge, because you're not so good at keeping secrets.

RTFA...

the FOIA office can search emails only “person by person,"

You would give access to search all emails of all NSA employees to the people that talk to reporters?

Re:big surprise

[houghi]

I would call it a human problem. Many parents tell their kids not to smoke, while they do so themselves. Same will go for driving under influence. People telling their SO not to cheat on them, while they do so themselves.

I am sure you can find many more examples.

Re:big surprise

[ttucker]

More likely a case of somebody lying to get around a FOIA request, for which there will be consequences. All government agencies have very strict regulations concerning record keeping and FOIA, with jail time possible for anyone who fails to abide by those regulations.

Consequences? What, for the requester? I think we both know that nothing will happen. If it ever turns into a real scandal, the president will just say something stupid about George Zimmerman, wait for everyone to go insane, rinse, repeat.

Re:big surprise

it is a government problem.

Government is a problem that has never been a solution to anything but other governments and the failures of society. In shrot, it is a self-propogating problem. It is merely a patch for the failures of society. The bigger the government the more screwed up society is and one condition mirrors the other. "That which governs the best governs the least." Therein true anarchy (anarchy being a purposely corrupted word as used today, much like "hacker" or "liberal" etc ) would be best, unfortunately the human race is not and may never be advanced enough to where they have no need or desire for governance, simply cause self-governance has become suffiicient for peaceful co-existance.

The US didn't form the USA just because they wanted a big government, they formed the USA to ward off Britain and other major governments from imposing their will and governance here one one city or state at a time. Thomas Paine's Common Sense was written and published, in part, to convince the colonists that it was necessary.

"SOME writers have so confounded society with government, as to leave little or no distinction between them; whereas they are not only different, but have different origins. Society is produced by our wants, and government by our wickedness; the former promotes our happiness POSITIVELY by uniting our affections, the latter NEGATIVELY by restraining our vices. The one encourages intercourse, the other creates distinctions. The first is a patron, the last a punisher.

Society in every state is a blessing, but Government, even in its best state, is but a necessary evil; in its worst state an intolerable one: for when we suffer, or are exposed to the same miseries BY A GOVERNMENT, which we might expect in a country WITHOUT GOVERNMENT, our calamity is heightened by reflecting that we furnish the means by which we suffer. Government, like dress, is the badge of lost innocence; the palaces of kings are built upon the ruins of the bowers of paradise. For were the impulses of conscience clear, uniform and irresistibly obeyed, man would need no other lawgiver; but that not being the case, he finds it necessary to surrender up a part of his property to furnish means for the protection of the rest; and this he is induced to do by the same prudence which in every other case advises him, out of two evils to choose the least. Wherefore, security being the true design and end of government, it unanswerably follows that whatever form thereof appears most likely to ensure it to us, with the least expense and greatest benefit, is preferable to all others."--Some Common Sense

Re:big surprise

You are more right than you know.

Though I must say I do like SameTime.

.

Posting AC for reasons I hope are obvious.

Re:big surprise

[crath]

More likely a case of somebody lying to get around a FOIA request,...

I agree. Telling porkies is their specialty.

... for which there will be consequences. All government agencies have very strict regulations concerning record keeping and FOIA, with jail time possible for anyone who fails to abide by those regulations.

Now you're dreaming in Technicolor. The liar might get a promotion for their behavior, but there certainly won't be any negative consequences.

Re:big surprise

[Jane+Q.+Public]

"More likely a case of somebody lying to get around a FOIA request, for which there will be consequences. All government agencies have very strict regulations concerning record keeping and FOIA, with jail time possible for anyone who fails to abide by those regulations."

Agreed. It's either BS, or (literally criminal) incompetence. Based on what we have been told so far, I would have to guess BS.

Re:big surprise

[mendax]

This comment is spot on. This is a blatant lie by the NSA and National Geographic should be lining up their expert witnesses to back up such a claim in order to get the judge to force the NSA to "create" such a capability.... quickly. A computer-savvy high school kid can build an e-mail system search tool. There is no reason why someone at the NSA can't do something similar in a short period of time.

Re:big surprise

[nucrash]

I use R8.5.2. For the most part the search functionality is good. There are some times where searching turns up screw results.

Re:big surprise

[crbowman]

I don't see why this is a problem. They have a duty to search their files for the requested information. It's not the requester issue that some may have to do this employee mail box by employee mail box. What am I missing?

Re:big surprise

[tom+arnall]

anyone who's used ANY kind of email system knows that they are lying. or rather, saying to the American people, "F*CK YOU, you pathetic wimps."

NSA *Won't* Search Its Own Email

[TWiTfan]

FTFY

Re:NSA *Won't* Search Its Own Email

[interkin3tic]

It's pretty shocking that after having been caught lying to congress about the program, they're STILL LYING ABOUT IT. They must not think much of us. I guess they've been reading all our e-mails, they probably know us pretty well and are right to think that we'll let it slide.

Re:NSA *Won't* Search Its Own Email

[TWiTfan]

Why wouldn't they continue to lie? Congress, the President, and the American public have made it abundantly clear that there will be no consequences for lying. So, why not?

Re:NSA *Won't* Search Its Own Email

[bfandreas]

I'm still going with "can't".

If they were asked to produce all relevant correspondence then a simple search algorithm won't be relyable enough.
If that is the case and that's how they interpret that request then it is further proof that red tape is thicker than their mission statement. Cooperation looks differently. This is a bureaucracy trying to weather a storm. And this is why the NSA should be dismantled and their place should be taken by somebody who understands their mission and takes it a little bit more seriously.


I've seen enough CYA reactions to know one when I see one. This is one. Doesn't even need to quack like a duck.

Re:NSA *Won't* Search Its Own Email

[shentino]

Correction.

They are right to think that their buddies in DC will protect them and that we can't do shit about it.

umm

[easyTree]

var irony = UInt64.MaxInt;

Re:umm

[easyTree]

Arguably. Let me just run a quick hadoop query over every email with a north american correspondent to get a feel for the consensus.

Right...

[sjbe]

The NSA says that there is no central method to search its own email.

[cough] Bullshit [/cough]

Re:Right...

[mapsjanhere]

Well there is, but they'd have to kill you if they tell you about it.

Re:Right...

[TWX]

Yeah... Perhaps a congresscritter should ask during a joint committee meeting, and if this answer is provided, the individual should be held for being In Contempt of Congress...

Re:Right...

[NatasRevol]

I think you forget that they're on the same side. That ain't gonna happen.

Re:Right...

[dkleinsc]

Yup: They won't use Contempt of Congress to deal with this, which is why I have Contempt for Congress.

Re:Right...

[runeghost]

The Director of the NSA has openly admitted he lied to Congress, and his punishment is... nothing. Not even harsh language, much less prosecution or losing his job.

Re:Right...

[ColdWetDog]

OK, the comfy chair it is!

Re:Right...

[shentino]

That's because only the President can actually fire him.

For Congress to get rid of him, he has to be impeached.

As for prosecution, the President is also head of the DOJ that would be in charge of prosecuting him.

Re:Right...

[Tom]

Yes and no.

This is political. There are two possibilities here: Either, the guy who said that is an old-school politician, or he is of the new breed.

The new breed outright lies to you, straight into your face. That's the kind of people that run our governments today.

The old-school guys, however, will not lie. Well... not outright. In this case, he would say something that is technically the truth. For example, if they have several seperate and independent internal mailing systems - which is quite likely given that they have offices around the world and certainly don't want to send confidential mail around public data networks just for the convenience of central mail management - then he could well be saying the truth in that there is in fact "no central method"... see where this is going? Of course they can search their e-mails, but they can't search everyone's emails from one central location. See, not a lie...

Don't worry.

[auric_dude]

I'm sure GCHQ https://www.gchq.gov.uk/Pages/homepage.aspx will search your mail and that CESG https://www.gchq.gov.uk/AboutUs/Pages/CESG.aspx will advise you on how to fix your problem.

what is good for the goose is good for the gander

Maybe they should run all their internal email through their PRISM system, that way it can be searched for keywords and META data much easier. Problem solved.

Suuuuure

That's such a line of shit.

It's not that they cannot search their emails. It's that they have chosen to not create a search mechanism, because they have found this excuse is accepted by the courts to deny information requests. They will use every trick available to them to avoid adhering to laws they don't like.

Do you really believe anything they say?

Re:Suuuuure

[idontgno]

People seem to be all worked up about the use of the word "can't".

It's a perfectly legitimate, honest, non-fibbing word to use in this context. The context being "We can't be arsed to search that email."

Like I said, perfectly appropriate in context.

Re:Suuuuure

[ImprovOmega]

It costs money to build that search mechanism. And you would basically only be doing it to fill FOIA or subpoena requests. It's hard to justify spending the scratch for the benefit of outside agencies.

"Can't" vs. "Don't Want To"

I suspect the real reason is that they don't want to, not that they can't. In the NSA's defense, when an organization works with highly compartmentalized information, having the ability to scan all employees' email is not wise from a security perspective.

Re:"Can't" vs. "Don't Want To"

[Sparticus789]

Even the government is not stupid enough to run multiple Exchange servers within the same intranet. They probably run a version of Exchange with some add-ons they bought from Microsoft to handle classification controls. Even with multiple Exchange servers, in order for e-mail to actually be sent between subnets, they need to be connected. NSA is 30,000+ people, so we're talking about a cloud (hate that word) environment for managing that many e-mails. Querying for data from the "cloud" is not complicated or difficult.

Plus let us consider how many of those 30,000+ people are not analysts or anything of the sort. Half of those are probably support staff, handling paperwork, budgets, crappy powerpoint presentations, etc. The only thing they have to hide is how little they actually do at work.

Re:"Can't" vs. "Don't Want To"

[djmurdoch]

Suppose that instead of "National Geographic", someone at the NSA wanted to search every email that was sent to Snowden's Gmail account from within the NSA.

Do you think they would be able to do that? Not being able to do that sounds like a security problem.

Re:"Can't" vs. "Don't Want To"

[Firethorn]

Plus let us consider how many of those 30,000+ people are not analysts or anything of the sort.

Indeed. While I'd expect the NSA to generally have it's stuff together, everybody needs to realize that large organizations can have varying levels of competence(and incompetence) in varying areas and tasks.

For the NSA, the lion's share of it's resources goes towards providing security and exploiting security holes. It has multiple 'defensive'(not in the news much) and 'offensive'(been in the news much more) cells, and they tend to not talk to each other. You have the mentioned admin people, but they're mostly afterthoughts.

Even the government is not stupid enough to run multiple Exchange servers within the same intranet.

*snerk* You have more faith in government than I do. I wouldn't be surprised if there are multiple exchange servers set up, heck, I KNOW there has to be multiple networks, at least 4, probably a lot more. Thus the 'find the individual' comment, so you can find the appropriate network(s), the appropriate servers, to do the search.

Re:"Can't" vs. "Don't Want To"

[Em+Adespoton]

Suppose that instead of "National Geographic", someone at the NSA wanted to search every email that was sent to Snowden's Gmail account from within the NSA.

Do you think they would be able to do that? Not being able to do that sounds like a security problem.

I thought their excuse was that they could do a search for a single email address, just not a complete domain. So snowden@nsacontractor.com would work, but *@natgeo.org wouldn't.

Others seem to be arguing that they're saying that they can only search against one employee as well.

Re:"Can't" vs. "Don't Want To"

[datavirtue]

The only thing they have to hide is how little they actually do at work.

You've obviously have never worked in government. There is no need to hide how little you actually do--furthermore, working hard or working extra will ultimately get you in trouble (we call it "getting your hand slapped").

Re:"Can't" vs. "Don't Want To"

[datavirtue]

Seems then that a simple script run against a dump of the account names would work.

Re:"Can't" vs. "Don't Want To"

[djmurdoch]

Now that you've revealed this hole in NSA security, they'll be after you. Those damn spies are going to sign up for their own domain names, and send their secrets to a different username @stolensecrets.com every time!

Smart design.

[intermodal]

Isn't this pretty much what privacy adocates have advised for years? The NSA is one of the groups gathering people's data against their will. If anyone knows what possibilities to avoid if you don't want people in your data, it's them.

Re:sounds like they're running exchange

[jongalbreath]

As an Exchange administrator, I can say that searching across an entire mail database is absolutely possible, and also very simple to do from the Management Shell. They're either lying, or just don't want to do it.

Get Snowden to do it

[charnov]

Snowden didn't seem to have a problem finding information. Maybe they just need a contractor to come in and do it for them...

Re:Get Snowden to do it

[1s44c]

Snowden didn't seem to have a problem finding information. Maybe they just need a contractor to come in and do it for them...

It is highly unlikely that Snowden knows everything the NSA is involved in. The stuff he released might be inflamatory but there will be plenty more he never knew about.

Re:Get Snowden to do it

[Salgak1]

Indeed. To release something, you need to know it exists in the first place. We've all heard tales of programs that don't, officially, exist. I'm sure all the Intelligence agencies have a plethora of them, but you could never prove it. Which is kind of the point of such programs. . . .

Yep. The Men in Black have the data, and the NSA is THEIR cover (grin)

And we accept this excuse?

[gman003]

If I were in charge, and the agency responsible for technological espionage and information security told me they couldn't search through their own emails, I would fire them. Every single one of them. Bam. Agency dissolved, someone go think of a new TLA for the new agency. This is like a Navy that can't figure out how to dock a battleship, or a tax agency that doesn't know what all the valid exemptions are. Complete and utter incompetence.

What's saddest is that this almost certainly isn't true. They've got these capabilities. They're just trying to hide something ("everything" qualifies as something, for their purposes). *Maybe* they're telling the truth, if they've got some custom, highly-encrypted system where emails can only be decrypted by the users. But that doesn't seem like the phrasing used here.

What's saddest is that "we're completely fucking incompetent" is not just the excuse they went with, but that it actually works.

Re:And we accept this excuse?

[1s44c]

If I were in charge, and the agency responsible for technological espionage and information security told me they couldn't search through their own emails, I would fire them. Every single one of them. Bam. Agency dissolved, someone go think of a new TLA for the new agency.

Not an option. The NSA has a portfolio of affairs, abuses of power, criminal behavior, tax fraud, drug abuse, etc. on every member of the government. Nobody will oppose those who could end their career in a few keystrokes. ...Or maybe I'm just paranoid.

Re:And we accept this excuse?

They may have some sort of distributed email system, based on something old / classified. Think of it from NSA's side for a moment. You have this network of people with some of the most secret stuff in the US, and you are in charge of designing an email system. You're worried that someone could gain access to the servers, maybe even physical access, and you want to minimize such damage if it happens.

I could easily imagine that each person or workgroup would have physically separated mail servers.

Re:And we accept this excuse?

[Em+Adespoton]

If I were in charge, and the agency responsible for technological espionage and information security told me they couldn't search through their own emails, I would fire them. Every single one of them. Bam. Agency dissolved, someone go think of a new TLA for the new agency.

Not an option. The NSA has a portfolio of affairs, abuses of power, criminal behavior, tax fraud, drug abuse, etc. on every member of the government. Nobody will oppose those who could end their career in a few keystrokes. ...Or maybe I'm just paranoid.

I'm sure some oppose those who could end their career in a few keystrokes... you just haven't heard about those people for obvious reasons.

Re:And we accept this excuse?

[datavirtue]

Anything can be done with digital information, but if they have to hire a contractor to do it or even write a script they can say it inaccessible for FOIA purposes.

Re:And we accept this excuse?

[Rockoon]

he NSA has a portfolio of affairs, abuses of power, criminal behavior, tax fraud, drug abuse, etc. on every member of the government.

I would like to believe that there are at least a couple members of government for which a portfolio containing that sort of data would be empty. The idea that of the hundreds of congressmen and senators, that none of them at all have avoided committing these serious violations of the law just doesnt seem reasonable. Its reasonable to suppose that most of them are guilty of serious violations of the law, but not all of them.

Re: And we accept this excuse?

[SpaghettiPattern]

What makes you think this is incompetence? It actually may well be competence in bullshitting the people.

Re:And we accept this excuse?

[Jmc23]

What's saddest is that "we're completely fucking incompetent" is not just the excuse they went with, but that it actually works.

Not sure if you've noticed, but that's been the US governments MO for decades for hiding their true purposes.

Re:And we accept this excuse?

[houghi]

Paranoid would be nice, because then you only THINK they are following you. However they ARE actually following you.

Re:And we accept this excuse?

[SleazyRidr]

If I were in charge,

I've found that most of the time when someone begins a statement with "If I were..." they usually continue to describe one of the reasons they aren't. The people in charge are fully comlicit with what the NSA is doing. The NSA are the ones keeping them in charge.

Re:And we accept this excuse?

[1s44c]

Paranoia doesn't not exclude the possibility that they really are after you.

Next we find out that the X-files was based on deliberately leaked government files just to discredit the truth if it ever came out, and that FEMA really is planning a government takeover real soon now.

Re:And we accept this excuse?

[Tom]

*Maybe* they're telling the truth, if they've got some custom, highly-encrypted system where emails can only be decrypted by the users.

Incredibly unlikely. The NSA would be the #1 top candidate for a list of "organisations that know what key escrow is for".

If you work in the intelligence sector, you should understand that people can go missing or become no-longer-trustworthy very unexpectedly and you definitely do not want to lose access to their data. And in the later case, you absolutely want access to their data, especially communications, to check if they did any damage and what they knew.

Remove funding, destr their systems, fire them all

[Picass0]

It's time for Congress to disassemble this agency. Their track record of protecting the American public is horrible.

Epic Fail

[jebus187]

What a bunch of lying douches.

Re:sounds like they're running exchange

[g0bshiTe]

I concur it's very simple to search across and pull user or timeframe emails. If they are like any other branches of the gov why are they not required to maintain backup copies of email? Wasn't there a big thing during the Clinton administration that resulted in Washington keeping emails on record after that?

Even if their server can't do it what about their backup repository.

Re:what is good for the goose is good for the gand

[g0bshiTe]

No doubt a trusting agency such as that would already be scanning their internal emails looking for leaks.

Re:sounds like they're running exchange

[1s44c]

As an Exchange administrator, I can say that searching across an entire mail database is absolutely possible, and also very simple to do from the Management Shell. They're either lying, or just don't want to do it.

Of course it's possible with Exchange or with anything else for that matter. There is an exception to FOI requests where getting the information is expensive. What they mean is they can't do it within whatever small budget they allocate to serving FIO requests.

Re:Remove funding, destr their systems, fire them

[Sparticus789]

Disassemble? No disassemble Johnny 5!

incompetence

[O('_')O_Bush]

Too incompetent to be transparent, then too incompetent to have power like with Prism.

Same ol' NSA protocol

[GameboyRMH]

Lie, lie, lie, until you get caught, 'cause there's nothing to lose and everything to gain.

Exchange

[daninaustin]

There are lots of products that do this for exchange. I would bet that it's a security issue or they just don't want the feature.

Re:Exchange

[datavirtue]

Avoided the feature because of FOIA requests. There are a lot of loopholes for gov organizations to avoid sunshine requests if they really want to--part of it is making the information difficult to reach (can't get the info==do not have to comply). Also, FOIA compliance hinges on each institution's policy in regard to the information. They can set a two day retention policy so that if you request it four days from now they will delete it and reply that the information is not available. Government institutions are hostile to information requests--believe it or not. Power and control is paramount in these environments and arbitrary information requests from outsiders flies in the face of this disposition. [first-hand knowledge]

Re:Exchange

[Karl+Cocknozzle]

There are lots of products that do this for exchange. I would bet that it's a security issue or they just don't want the feature.

For that matter, it does it out of the box and has for several years and revisions...

Sounds like the Onion..

[sylivin]

.. but ends up as truth.

Seriously though, the NSA is directly involved in lying to Congress. Do you think they would have any system that would allow easy discoverability of their misdeeds? I am sure their processes are in place to make any type of lawsuit or congressional oversight as difficult as possible.

Of course, any results this poor fellow would have received anyway would be just pages and pages of blacked out text with the headers and footers as they only "public" information.

Re:Sounds like the Onion..

[Em+Adespoton]

.. but ends up as truth.

Seriously though, the NSA is directly involved in lying to Congress. Do you think they would have any system that would allow easy discoverability of their misdeeds? I am sure their processes are in place to make any type of lawsuit or congressional oversight as difficult as possible.

Of course, any results this poor fellow would have received anyway would be just pages and pages of blacked out text with the headers and footers as they only "public" information.

Who needs the contents? As we've been arguing with PRISM, the message headers are more than enough to gather a detailed picture. They can always look up the precise NatGeo emails from THEIR side once they get the bigger picture of subject lines, internal people, date/time, message routing, etc.

Re:Sounds like the Onion..

[shentino]

Congress cannot fire him, only the president can do that.

And don't hold your breath waiting for impeachment.

Re:Clearly they need a bigger budget

[ArcadeX]

The bureaucracy is expanding to meet the needs of the expanding bureaucracy.

NSA

NSA doesn't fund their operations primarily with drug running anymore. Insider trading is the best source of funding. And they have all the information they need to do this.

Re:NSA

[johnny+cashed]

NSA drug running? Really? I thought that is what the CIA does to top up the slush fund. That and arms trading. Who know how many Libyan small arms they've just acquired for future distribution when they need deniability.

Easy fix. Supply the Metadata then.

[sl4shd0rk]

Or whatever large glob of crap they store the email in. They do have servers, right? Somewhere on those servers is a file, RAID array, partition, SAN or JBOD, Most likely encrypted. Hand over the disks, the encryption keys and whatever else is needed to access that Metatdata.

Have the court appoint someone approved by the EFF to sign an NDA/Gag order/whatever and sift through the Metadata removing items which are of key importance. If those top brass military brats think they are above the law, go around them.

Smarsh

[raind]

Does a good job tracking emails....

being difficult is not an excuse

[Dale512]

Not wanting to or it being hard isn't an excuse to not comply with a valid FOIA request. Finding email correspondence is a pretty routine thing that they should be able to handle. If we truly had checks and balances in the system they would be punished for failure to comply.

Tell them to snoop on themselves

[taikedz]

I thought they were monitoring, and could search, all communications on Earth?

Damn straight! apk

It's SO f'ing ridiculous, & worst of all? They're trying to feed us BULLSHIT like we're fucking STUPID or something... It's an INSULT to American people's intelligence!

* This really 'sets me off': &, it should all of you also, as fellow americans - we DON'T want this shit to go on -> http://hotair.com/archives/2013/07/24/video-nsa-white-house-getting-worried-about-defunding-vote-in-house/

Mr. Alexander's getting "panicky" & REACTING too: His tax dollars WE PAY FOR *may* be cut the F off... "We SEE you" pal, for what you TRULY are.

Why am I upset along with every other "Joe Public little person" out there? The assholes use it against us, but "OH, NO, not on ourselves!"...

That, & I saw protesters get f'd over - then, the abuse of the IRS targetting political opponents (both of which are WRONG as wrong gets), but then I saw how Gen. Keith Alexander & Mr. James Clapper outright LIED saying they were NOT intercepting communique data of US citizens (especially since the NSA is or WAS not permitted to do so to native US citizenry - sure, "but it's LEGAL" yea, ok - changing the rules IN "SECRET COURTS" (WTF? They're EMPLOYEES OF OURS, not our masters, we have a RIGHT to know what the fuck they're up to, especially when it concerns us), subverting constitutional rights & such is WRONG too - up there with "hate speech" b.s. too - if you say something, it has every RIGHT to be said, but it's up to YOU to listen or not, but it is STILL a right).

NOW, here's a theory on WHY Mr. Obama is trying to VETO this from passing: My guess is that the reason the head of the IRS didn't lose her job is that she'd "spill the beans" on WHO gave her the "go-ahead" to pull her shit as she did (and his hair has turned grey from it this past quarter - now, there's a clue)... same with all the others like Clapper & Alexander.

The rats WILL start eating the other rats when push comes to shove, just like in this video (i have to hand musicians 1 thing - they're generally intelligent & see things WAY in advance) -> http://www.youtube.com/watch?v=vfpgpf6QVnI&ob=av2n

APK

P.S.=> Folks - today, is THE day, where we find out just how "for the people & BY the people" our representatives in Congress are... apk

Re:Damn straight! apk

[meta-monkey]

Citizen, you seem upset.

"Upset" is a condition in which one's reality is found to not match one's expectations. Frequently because of faulty expectations.

Now, what mistaken expectation did...ah, yes, here:

They're EMPLOYEES OF OURS, not our masters

Wherever did you get that idea, Citizen?

Doesn't add up

[sjbe]

having the ability to scan all employees' email is not wise from a security perspective.

NOT having the ability to scan email is not wise from a security perspective. If someone is doing something they ought not to be doing, exactly how is the NSA going to find out? They claim they need this ability to find out if civilians are dangerous so why would the same logic not apply to their internal operations? Makes NO sense whatsoever.

Re:sounds like they're running exchange

[morcego]

As an Exchange administrator, I can say that searching across an entire mail database is absolutely possible, and also very simple to do from the Management Shell. They're either lying, or just don't want to do it.

It is also possible on Notes, any Unix mailbox format (maildir, mbox, maildir+, w/e), and any other e-mail system I can think of.

Re:Bat Boy Escapes

[msmonroe]

Yeah this story sounds real. I am not seeing an accompanying article or evidence. Not saying it's not real, but it sounds like one of those government conspiracy theories like the government faked 9-11. Competent enough to stage 9-11 in front of cameras and people, with no one leaking it, then incompetent, for instance Snowden leaking information about the NSA. Who knows...

Sorry I'm stupid, the link wasn't showing in my browser for some reason. They're idiots then for not upgrading their email services.

Re:Remove funding, destr their systems, fire them

[datavirtue]

That is probably one of the dumbest comments I've seen on slashdot for some time. It's like one of those comments you would see on YouTube or something. I'm no fan of government anything, but to say that the NSA has a terrible track record of protecting the American public is just stupid.

I can see one way

[Chelloveck]

I can see one way in which this might be both true and proper. If each account was individually encrypted with keys that only the users had, what they're saying would be completely true. And I think it would be completely proper and even laudatory to run an email system that way. They could search individual accounts by having the users decrypt them, but they couldn't do a wholesale search of the entire email system. This is the way email should be!

A somewhat more likely approach would be that by policy, users are not allowed to keep email on the server. All email must be downloaded or deleted. No online folders, ridiculously small INBOX quotas, maybe a read-once policy where as soon as the mail is retrieved the server auto-deletes it. I can actually understand this being done; I've worked with corporate lawyers who would love to have the email system set up this way for the express purpose of defeating global searches. Anything can be twisted and used against you, so save nothing, leave no evidence. I certainly don't agree with that mindset, but I've worked with people who are like that.

Not that I think it actually is done either of those ways. I think it's far more likely that they're simply lying and refusing to comply. It's probably simply policy to refuse such blanket FOIA requests, and there's undoubtedly a clause buried in the FOIA itself that allows them to require that requests be specific and narrow. You know, in the way that searches of private individuals are supposed to be.

Re:sounds like they're running exchange

[pipatron]

It could be that certain agencies are exempt from the law. For your own safety of course. It's better that you don't know.

Re:Bat Boy Escapes

[minstrelmike]

Yeah this story sounds real. I am not seeing an accompanying article or evidence. Not saying it's not real, but it sounds like one of those government conspiracy theories like the government faked 9-11. Competent enough to stage 9-11 in front of cameras and people, with no one leaking it, then incompetent, for instance Snowden leaking information about the NSA. Who knows...

I suspect it is a very real FOIA excuse. Whether the excuse is valid or not is hard to say.
Within the bureaucracy, you can tell the FOIA officer your limitations and s/he sends them back to the requester.
Then it's on to step two: Natl Geog calling them full of congress and demanding information about their e-mail system (probably already available on a Chinese site).

And I'll bet the NSA is not lying.
I'll bet they have multiple different e-mail systems, all of them installed by different contractors at different times under different contracts and no easy way to search thru them all, especially with the additional security overlays.
That's just a guess based on normal corporate behavior in groups that grow fast and have money to burn.

Re:sounds like they're running exchange

[Attila+Dimedici]

My inclination would be to believe that they have built their email system so that what they are saying is technically correct, but I would bet that is because they don't want to (of course, there is a significant chance that they are just lying). However, even if their email system does not technically allow them to search in the manner that they say it can't, there is almost certainly another way of doing so that would yield essentially the same results.

NSA lying OR hilariously incompetent?

Because it's one or the other. Mayhem ensues....

Sounds unbelievable

[ElitistWhiner]

Then it is.

Incompetence ?

[GuB-42]

Three possibilities :
1 - It's a lie
2 - It's true because they have a super-secure system in place
3 - It's true because they are incompetent (I'm talking about their administration, not their researchers)

Considering the recent turn of events, I'd go with #3.
What Snowden discovered didn't surprise me. Spying is part of the job after all. But the other part is keeping it secret, and they failed miserably.

Re:what is good for the goose is good for the gand

[Zorpheus]

Maybe they should use the PRISM system to search the inbox of National Geographic for emails from the NSA. These should be in the system already.

Re:sounds like they're running exchange

[ColdWetDog]

OK, fine.

Here's a solution: NSA takes their entire email database and dumps it out to Wikileaks.

We'll take it from there. Gratis.

Profit!

this is what

[SlashDread]

The NSA flipping their finger at you looks like.

Working Phrase

[ThatsNotPudding]

The working phrase here is: "Plausible Deniability", kinda like: "Above The Law".

By design?

[goodmanj]

They could be lying, or their system could be deliberately designed this way, to limit the amount of information a mole could find.

Can't do `tail -f mbox`?

[FuzzNugget]

My ass

Maybe they know what they are doing

As experts in security and infomration gathering, maybe the NSA knows how to keep their email compartmentalized and secure from being searched, even by their own people.

Re:Maybe they know what they are doing

[Meneth]

Mod parent +1 Insightful.

Re:Maybe they know what they are doing

[johnny+cashed]

As experts in security and infomration gathering, maybe the NSA knows how to keep their email compartmentalized and secure from being searched, even by their own people.

That is what I first thought. They want to compartmentalize internal emails to keep things compartmentalized. +1 indeed sir!

Re:Maybe they know what they are doing

[johnny+cashed]

And this may yet expose a flaw in deep compartmentalization. Should there be a super-user who can do such searches? Maybe someone that has to get keys from other users to do such a search. I would assume every employee can search their own email. National Geo. could certainly know which employees exchanged email with the NSA, and narrow their request.

Do they license their email system?

[Dareth]

Do they license their email system? It may the only one in the world secure FROM them.

Re:sounds like they're running exchange

[shentino]

A budget that they make small on purpose.

Don't kid yourself, they are being difficult on purpose.

The Watcher

[znanue]

Thus NSA demonstrating, in the digital era, "quis custodiet ipsos custodes". A little bit scary because it raises the question, if the NSA empowers its people to such a degree, but there is not even a similar capacity within the organization to police itself, is there then a potential for abuses on an individual level? Have such individual abuses occured?

Simple fix...

[LoRdTAW]

The NSA should simply host their email with Google and it will be instantly searchable through PRISM.

Infact the NSA should compete with google and offer its own free email and search engine, PRISM. Just PRISM it!

Re:Simple fix...

[Capt.DrumkenBum]

Who do you think wrote gmail?
I am reading a spy novel at the moment that relies a lot on email intercepts to move the story along. I was thinking to myself that a great way to get all the "bad guys" email would be to create a free "anonymous" email service, or get someone else to do it for you.
Since this book is mostly concerned with middle eastern terrorists I thought they could call it: Allahmail

Who Watches The Watchers?

[kehren77]

I guess no one does.

Re:sounds like they're running exchange

[StormyWeatherL33T]

I think they probably put a lot of thought into exactly this when they implemented their system. I have no doubt that the NSA has the ability to search the e-mails of their own employees. But, I also agree that they most likely built their system so that they could fend off open records requests in a way that at least seems feasible to outsiders. They may have implemented additional "security features" or add-ons that make it difficult/impossible. But, I just don't see an intelligence agency NOT having the ability to search their employee's e-mails (both individually and system-wide)... I think that internal monitoring is probably very heavy. They don't want any more Snowden incidents, after all.

Re:sounds like they're running exchange

[ImprovOmega]

As an Exchange administrator, I can say that searching across an entire mail database is absolutely possible, and also very simple to do from the Management Shell. They're either lying, or just don't want to do it.

Also as an Exchange administrator, I can assure you that if your database is sufficiently large, such a request can *still* take forever to fill. You're basically looking at minimum 1 day per Terabyte of email. The interface is not quick, and it does crawl it mailbox by mailbox. Yes, you can do it with a single command, but it is prohibitive on staff time to setup/execute and lawyer time to redact the non-responsive bits.

Re:sounds like they're running exchange

[krshock]

++c;?