Slashdot Mirror
Training Materials for NSA Spying Tool "XKeyScore" Revealed
dryriver writes with news of the latest document release on NSA spying programs. Quoting The Guardian: "A top secret National Security Agency program allows analysts to search with no prior authorization through vast databases containing emails, online chats, social media activities and the internet browsing histories of millions of individuals, according to documents provided by whistleblower Edward Snowden. The NSA boasts in training materials that the program, called XKeyscore, is its 'widest-reaching' system for developing intelligence from the Internet. The latest revelations will add to the intense public and congressional debate around the extent of NSA surveillance programs. They come as senior intelligence officials testify to the Senate judiciary committee on Wednesday, releasing classified documents in response to the Guardian's earlier stories on bulk collection of phone records and Fisa surveillance court oversight. The files shed light on one of Snowden's most controversial statements, made in his first video interview published by the Guardian on June 10. 'I, sitting at my desk,' said Snowden, could 'wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email.' U.S. officials vehemently denied this specific claim. Mike Rogers, the Republican chairman of the House intelligence committee, said of Snowden's assertion: 'He's lying. It's impossible for him to do what he was saying he could do.'"
The slides in question. Looks like it was Mike Rogers that was lying and not Snowden. So much for the NSA's attempt at quieting public fear by releasing information on the Verizon phone data collection program before Congressional hearings today.
"They don't want the voice of reason spoken, folks, 'cause otherwise we'd be free. Otherwise we wouldn't believe their fucking horseshit lies, nor the fucking propaganda machine, the mainstream media, and buy their horseshit products that we don't fucking need, and become a third world consumer fucking plantation, which is what we're becoming. Fuck them! They're liars and murders. All governments are liars and murderers, and I am now Jesus. Now. And this is my compound."
- Bill Hicks, Live at Laff Stop in Austin
...yes. It runs Linux.
b&
All but God can prove this sentence true.
First off, almost anything "publicly" done on the Internet or through a third party server is suspect. Second, the idea that the NSA isn't doing this is patently absurd. Third, if you believe the NSA when they deny doing things like this, you are an idiot. Espionage agencies are basically required to lie. It's in their job description. Quite literally, their job is to deceive people.
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
They run themselves. They have a secret court where defendants are not allowed to attend, and are not even told they are on trial. They lie to congress. They lie to the president. They have an unlimited secret budget that nobody can check. They appear to be mostly controlled by the contractors and companies that sell them services. It's a giant graft. Private parties are helping themselves to public money, creating a surveillance state for unknown reasons under the guise fighting terrorism.
This is going to end badly. People with money and lots of power don't give up their toys easily. Expect to see the following soon: Lots of assassinations, or the NSA being raided by another enforcement branch of govt. Or maybe both.
Every public statement they make is a fucking lie. If they tell you it's sunny outside, you can bet that it's raining. They lie to Congress, they lie to the public, they lie to the President. When they go home at night, they lie to their wives and kids. They tell their dying grandmothers that they're fine and don't need chemo. They take down "Road Closed" signs and laugh when people wreck their cars as a result. They will climb a tree to lie when they could stand on the ground and tell the truth.
They always lie. They always WILL lie.
The cow says "Moo." The dog says "Woof." The Timothy says "Thanks, valued customer. We appreciate your input."
"we only plan to store metadata" my buntrocks.
Lovely bullet point:
* Show me all the VPN startups in country X, and give me the data so I can decrypt and discover the users.
Translation: not only do you have no privacy, doing what you think will make you hidden will just shine a spotlight on yourself.
b&
All but God can prove this sentence true.
Why would anyone assume the database includes only suspects that they're authorized to track? Given the track record of the NSA it is less likely that that is the case and it is more likely that they have anyone they want in it.
Modern copyright is theft of culture from everyone and it retards the progress of the useful arts and sciences.
Bogus! It's a congressional coverup designed to rationalize all this bullshit, with people like Pelosi on her knees before the NSA. Of course what makes it worse is the idiot public who believes all this crap and reelects these bums. How do we stop them from voting away our rights?
“He’s not deformed, he’s just drunk!”
For me the only viable solution is making the NSA's work/effort and all of their data capture completely transparent with audit trails, Etc. not to stop them, but so when the abuses do come we can figure out who did want and seek redress.
http://www.hawknest.com/
Now how did they get their server in a territory of Russia? I understand Ukraine, but Russia???!!!!!
Kool-Aid tastes good, huh? The authorities should have to prove their innocence. That is the price we have to demand for such power. Put them all under the Sword of Damocles.
“He’s not deformed, he’s just drunk!”
What part of PRISM didn't you get? The part where they hoover up data on everyone without a warrant or the part where they don't have to justify it to anyone?
So what does being a bootlicker pay these days?
Wikipedia has an entry on it: X-Keyscore
Good background story: Solving the mystery of PRISM
Spiegel Online covered it: 'Key Partners': Secret Links Between Germany and the NSA
Oddly enough it appears that news about intelligence programs used by America and its allies is reported in Persian. Go figure.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
I take it you either failed to read or comprehend the presentation then. Unless I'm misunderstanding, slide 18 makes it pretty clear.
You can do most of what Snowden says for free on the internet with a couple of specific search engines for pete's sake. For instance: https://pipl.com/search/?q=Jeff+Flanagan&l=Bolingbrook%2C+IL%2C+US&sloc=US|IL|Bolingbrook&in=5
That's a literal 3 seconds of work on a publicly available site without an email address, doesn't require an extensive database for even that small amount of information and your profile is relatively clean. They've already admitted that nearly the entire US was in their "authorized" group of people through 3 hops from the target. I'd guess that their software has access to a lot more than this really simple public tool, and even some of the paid tools. Make no mistake I can ruin your life without NSA tools, the NSA can most definitely do what Snowden was saying they could do and believes it has the authority to do so.
Because they have been saying they need to collect everything so that when they know what they're looking for it's already there.
They've been steadily expanding into the "record everything" domain for years now.
I see no reason to doubt that they're grabbing everything they can get and then deciding if it's pertinent later. That's been their stated goal for a long time.
Lost at C:>. Found at C.
It's shocking to discover that the government can actually accomplish anything, as opposed to wasting $800 million in taxpayer money with nothing to show for it.
But I'm sure if they would just show us the redacted slides, it would clear everything up... right?
Seriously though, I kind of expected things to be this bad, and they may even be worse, but this really does add frightening perspective. If they release enough information about their systems, perhaps one day someone or some group will come up with a way to at least partially work against it, or at least muddy up the data they are collecting.
Brought to you by Carl's Junior.
They've already cop'd to mapping networks out to (n>2) degrees of contact. It's the "implicit authorization to track people networked to a suspect" that makes this all so dangerous.
I'm not the first to refer to the lame "Kevin Bacon" jest.
Rep. Mike Rogers may not have been lying, exactly, with what he stated earlier. He may have been misinformed (e.g., lied to) by whoever briefed him on NSA's capabilities and available data. Which is not surprising, given the blatant lies and deception exhibited over and over again by the highest levels of NSA executives.
Next time, go and buy doggy treats and condoms.
What? I don't want my dog to ruin the fun by barking so I have to keep him busy somehow while I fuck hi... my girlfriend.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I heard the NSA has had trouble complying with a recent FOIA request, something about not being able to read their own emails. Someone should tell them about this "XKeyScore" thingamajig!
How could you even implement a search unless you had a database that already contains scads of generic data to search through? If you could make a database consisting only of "suspects they're authorized to track", then you wouldn't have to search anything. You've already got the search results.
A database containing only suspects they are authorized to track would be worthless to them in the context they're trying to sell it. Every argument they have made makes it clear that they see it as searching for a needle in the haystack, and all of us, all of us, are the hay.
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
I'm not exactly sure what they mean by a "strong-selector," and maybe someone can explain that, but it seems to me slide 15 implies they can look through large pools of data they've already collected to find targets. So it seems like they're gathering info about everyone they can.
That the data is collected has already been established, by more than one whistleblower. That's old news.
The new revelation here is that a relatively low-level guy could easily search through the database looking for everything they want. That lapse in security is actually surprising, even if you have a low opinion of the NSA.
From a legal perspective, it seems they are allowed to collect the data, but they can only look at it if authorized (ie, crtain requirements are met). What Snowden is saying is that the authorization method wasn't very robust, which means that someone somewhere probably has actually abused this to check up on his girlfriend or something.
"First they came for the slanderers and i said nothing."
*gasp*
You did assume that someone was allowed to use surveillance on the NSA? What audacity! Of course there need not be any oversight or restraints. It's for the good of the nation. Protecting terrorism and fighting children. Or something like that.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Why is it that nobody points to the obvious?... That this is evidence that the NSA (and US government) has intentionally undermined the security of all communications and computer systems. The global financial and communications infrastructure is wide open for anyone that has the key. Every power the NSA has, they have also granted to everyone else on the planet with the interest and means to wield it. They might say, "well, if someone could do that, then we'd know about it..." but I don't believe that it would be so obvious. If someone set up a trade in industrial trade secrets, or skimmed financial transactions properly, the world wouldn't be the wiser. Blackmail, extortion, ...
I wonder how much of an accident it is that Chrome's Incognito mode tells you:
Going incognito doesn't affect the behavior of other people, servers, or software. Be wary of:
well.. it's only people they're authorized to track(EVERYONE OUTSIDE USA!) and then people with connections to them..
soo.. yeah, figure it out.
yes, I am aware that it is a bit of a hyperbole because they've only admitted to two levels of separation between persons of interests.. those being anyone with ties to iran, middle eastern groups, unwanted groups etc.
besides, how the fuck do you think you add people to the system? that the judge reviews the data on the case, ponders and then the judge gives an authorization key that lets them add a contact? fuck no. you just add their addresses while making a single promise holding up your pinky that you "believe" you have rights to to add that tap. they don't have the manpower to go through every tap added.
world was created 5 seconds before this post as it is.
OK what I see is a raw TCP traffic that they are scanning and parsing for hosts, request types (get,post), header info (referrer), and content. So they are talking about any web site. So does it mean they have access to record every single piece of traffic passed through a major backbone? But than they have a server in Russia. And in China. Someone above mentioned that the servers could be inside of the embassies. Not exactly intelligence friendly countries. Does it mean they managed to put a sniffer on their hosts' networks backbone? HOW if they do not have a physical access to the major routers?
"The XKeyscore program also allows an analyst to learn the IP addresses of every person who visits any website the analyst specifies..."
You seem to be under the impression that they do not have the content. There have been several reports from NSA Whistleblowers prior to Snowden that have come right out and said they have the ability and they do listen in on phone calls. Why you are believing an agency who consistently lies to the public is beyond me. The bill of rights id over, which means the Constitution is done. Our government has no authority beyond might anymore.
Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
There appears to be at minimum a 3 day buffer within which everyone and everything is effectively wiretapped.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
If you tell a kid that it should not steal cookies and when it does you do nothing about it, it will assume that it is allowed to take the cookies. The longer you allow it, the harder it will be to enforce the rule.
The defense of the parent could be anything from "Because I said so." to "My house, my rules."
So who has told the NSA to stop it and what actions have been taken to punish them? If I were the NSA, I would assume that all I do is authorized, until somebody stops me.
Don't fight for your country, if your country does not fight for you.
A database containing only suspects they are authorized to track would be worthless to them in the context they're trying to sell it. Every argument they have made makes it clear that they see it as searching for a needle in the haystack, and all of us, all of us, are the hay.
That is, until someone in some government somewhere decides you look more like a needle.
An enigma, wrapped in a riddle, shrouded in bacon and cheese
How many more lies are we going to put up with until something is actually done?
I'm sorry, but you actually believe that they don't or are you just playing devil's advocate? Because frankly, the thought that they got authorizations to track all of these individuals that it would require, "Over 700 Servers"
"Don't meddle in the affairs of a patent dragon, for thou art tasty and good with ketchup." ~ohcrapitssteve
Next time, go and buy doggy treats and condoms.
What? I don't want my dog to ruin the fun by barking so I have to keep him busy somehow while I fuck hi... my girlfriend.
In a hilariously incidental twist, today is the ASPCA's annual adopt-a-pet gala on Capitol Hill...
An enigma, wrapped in a riddle, shrouded in bacon and cheese
Too bad the media bought it hook, line, and sinker. They did not build the huge, Soviet-style Utah Data Center to store meta data...
No, wait, it was yesterday.
Still funny.
An enigma, wrapped in a riddle, shrouded in bacon and cheese
I am sorry but to suggest you are not already wiretapped strains credibility. There is only one reason to put storage on the order of 12 exabytes, which is what some estimates put the NSA planned Utah facility at. That reason is you are keeping payloads.
I don't think you need anything close to 12 exabytes to keep all the meta data you could get your hands on for even decade time scales.
Sorry given all the revelations lately, all the lies we have been told by the folks who say Snowden is lying and some back of the envelope estimates based on the little information i do know there is no reason I can see to accept of any public statements made by NSA. Credibility and trust are be earned; If the NSA wants to be believed its incumbent upon them to offer something better than "because we say so"; right now their critics are more credible than they are. Snowden has little to gain and everything, perhaps his life to loose doing what he did, Snowden has documentation that even if may be inadequate to fully support all his claims does offer proof the NSA dramatically exceeded its understood activities, and absolutely has mislead the public.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
He did also show that they were snarfing up all call data on everyone. Gee, I wonder where they put that mass of data. If only there was some stable base platform for storing data....
Exactly. There is a reason they are called PUBLIC servants, and we are called PRIVATE citizens. Their actions are supposed to be public so that we can make sure they are representing our interests and vote accordingly. A representative democracy in which that is impossible is fundamentally broken, and one in which the privacy of all the private citizens is ignored, even more so.
What changed under Obama? Nothing Good
You raise a very important point. It's more like they're looking for arbitrarily chosen pieces of hay, and all the pieces of hay that they suspect may in some way be related to that other hay. By their own arbitrary criteria, of course.
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
Which is not surprising, given the blatant lies and deception exhibited over and over again by the highest levels of NSA executives.
You are being unfair to the NSA. Eric Holden, the Attorney General in office, is on record for more perjury before congress than any single NSA official. Once regarded as a felony (and officially still being labelled as that), perjury before congress has become an integral part of playing the representatives of the public, and those are being good sports about it. Nobody crying foul here.
Found a little comment in the Austin,TX paper that is very appropriate to the NSA actions: "If we are to accept that the executive branch of the U.S. government is operating within the bounds of the Constitution in its implementation of the recently disclosed domestic spy program. i.e., having approval through the FISA court and tacit congressional consent, then per the 4th amendment, “no warrants shall issue, but upon probable cause,” the only valid probable cause to surveil the entire domestic population is to declare them likely criminals. The question to answer then becomes, what do the citizens of this land do when their government has wholesale declared them all criminals?" So I put it to you, what is the correct course of action when we citizens of these United States of America are now all criminals in the eyes of the government?
Not only are they spying on you - they also stole all you money a few years back.. remember? Pepperidge Farm remembers..
this is just part of it... they can also add phone taps on people because they're connected to other people. there's no practical judical oversight in that if they believe that they're talking to outside of the country(even by proxy).
point being that they're doing so many taps that the system for it is automatized heavily and even the pool of people who can add people to be authorized to add people must be quite high.
the email and other info on db is just key to finding your phone and then they can add it to be tapped - they just need to ask some other dude that hey, "don't cha think someone from persia might call this number?".
so, you have conditions under which you can just add people to be wiretapped at will and the only thing keeping them from putting the tap online is them.
for example, you call me(I'm outside of USA) and boom you're free game to add to the list, no tape no nothing. just other intelligence pointing to that you might call me is enough.
what's new is that they can do retroactively 3 days taps too.
ultimately in principle there is no difference of course if the pool of people who can add wiretaps without questions or checks is 3 guys or if it's 30000, but judging from the taps that they bother to get warrants for the number is much more than 3000. that's the worrying part, not really that there is some guys who can add anyone to the tap. obama can order drones to kill guys so naturally president can order anything he want, but that there are scores of pretty random dudes who can add taps is the worrying part. there's going to be some guys who will sell wiretap data to chinese, who stalk their exes and all that nasty unfair ddr shit.
world was created 5 seconds before this post as it is.
Besides, there is no rule to prohibit surveillance of non-American or communications between non-American and an American.
President Merkin Muffley: General Turgidson, I find this very difficult to understand. I was under the impression that I was the only one in authority to order the use of nuclear weapons.
General "Buck" Turgidson: That's right, sir, you are the only person authorized to do so. And although I, uh, hate to judge before all the facts are in, it's beginning to look like, uh, General Ripper exceeded his authority.
We don't have a state-run media we have a media-run state.
If tomorrow you become a suspect, they will need to examine all your past data. So all the your data must be there, just in case. QED
Addendum: unless you are out of trial by definition, like being a politician, some middle-to-high management level related to this and other government protegees, in that case your data probably is not there, and never will. Nobody watches the watchers.
Thirty pieces of silver
They have been doing this for years, blaming "Obummer" glosses over the fact that a very many number of people are infringing on constitutional rights.
"No other system does this!" is repeated on practically every slide. This smells a lot like a sales pitch. Kinda like a private contractor trying to upsell a government agency. I am not saying that this isn't legit, but if a salesman tells you that their system does "unbelievable and unparalleled thing X" (ahem, decoding, storing, and indexing all VPN traffic around the world) he better have more than just a slide to prove it.
It breaks my pluginses, my precious!
Batman listened to everything through everyone's cellphones. Barrayaran Imperial Security monitors everything. BBC-America's MI5 (or Spooks, for original BBC wachers) seemed to be able to access every webcam ever made. Jack Ryan survives through signal intercepts.
Google and Bing and Yahoo are scanning all your base all your time. How else can they find whatever you want whenever you want it?
This is one of those things that seems like a good idea when applied to OTHER things and OTHER people. Search engines on the web? Of course, anybody putting something online *wants* it to be found. Fictional security agents hunting the bad guys hiding among the solid citizens? Of course, that's what we fictionally pay them for.
For arguments' sake: How do you debug a problem? Probably trace everything and look for anomalies, right? So why be surprised that the NSA thought any different?
We're starting to argue over semantics.
The NSA clearly has a different definition of 'wiretap' than how Snowden used it, which is how they can argue 'no, we don't do that'. I assume that Snowden meant 'I can retrieve large amounts of data on you given your e-mail address' while to NSA it meant 'we can set up an individualized 100% reliable sniffer given your e-mail address'.
Next, we should discuss what the definition of 'is' is.
Build it, and they will come^Hplain.
This is false. He said, and I quote, ""He was lying, He clearly has over-inflated his position, he has over-inflated his access and he's even over-inflated what the actually technology of the programs would allow one to do. It's impossible for him to do what he was saying he could do."
It turns out that he was in fact NOT lying, and Rogers WAS lying by saying Snowden was lying.
Sorry to inform you but it says so in the very document:
"Rolling Buffer" of ~3 days of ALL unfiltered data seen by XKEYSCORE:
- stores full-take data at the collection site - indexed by meta-data
- over 500 servers distributed around the world
Later:
- we can use this traffic to detect anomalies which can lead us to intelligence by itself
- E-mail Addresses, Extracted Files, Full Log, HTTP Parser, Phone Number, User Activity
It appears they take all data and then use that to detect anomalies. It includes data on everyone, and from all of the data they try to pinpoint targets.
Look for anomalous events
- Someone whose language is out of place for the region they are in
- Someone who is using encryption
- Someone searching the web for suspicious stuff
They have example tasks listed such as:
- Show me all the encrypted word documents from Iran
- Show me all PGP usage in Iran
- Swow me all the VPN startups in country X, and give me the data so I can decrypt and discover the users
- Show me all the Microsoft Excel spreadsheets containing MAC addresses coming out of Iraq so I can perform network mapping
- Show me all th exploitable machines in country X
- Show me all the word documents with references to IAEO [International Atomic Energy Organization?]
- Show me all documents that reference Osama Bin Laden
Just think of the data mining that was done in the swing states last election. Is sending a taylored message to a specific subset of people which has a high probability of changing their voting position truly the democratic way of electing our officials? We're just sheep in swayed by parties to vote Democrat or Republican.
Full disclose here, I'm a security professional. I personally see a capability within these slides that the US needs to have and would be scared if we didn't. For me I have no expectation of privacy when on the Internet. The protocols were not designed for privacy they were designed for availability. All the meta data is in clear text all the connections are in clear text. Yes we can encrypt our payload but it's very difficult to mask were we are going. Even with a VPN it has to terminate somewhere and the traffic from that termination point would be available to be snooped. As almost all communication moves to the Internet how does a government with limited human resources investigate potential threats? Are we satisfied with after the fact response from our government? If this was in place and it stopped 9/11 would we be grateful for all the lives it has saved? Over 300 terrorists captured. It only took a handful to pull off 9/11. Does the government care if I look at something a little strange. Maybe, I'll be flagged and then an analyst will look into my traffic and see that there is nothing of major concern, move on to next suspicious activity. I ask slashdotter's what is the best way for a government to find threats to it's citizens in this digital age? Should the Internet be hands off for our government?
Don't think that the revelations about the NSA are the only areas of secrecy.
Based on the example queries in the slideshow, you're assuming that things like "show me all spreadsheets sent from Iraq that contain MAC addresses", or "show me all exploitable machines in country X" only include data from people on some list? Wouldn't they have to first get the data in order to find out if it is even relevant to their list? If they already have the data, why not just store it? It may come in useful later, right? Don't worry though, they claim to have captured over 300 terrorists with information from this system. So all of our web searches, HTTP traffic, email addresses, phone numbers, files and documents, VPN traffic, VOIP traffic, Google Earth traffic, cookies, usernames, buddy lists etc are in their databases, but that's ok because they've captured over 300 terrorists.
Go fuck yourself if you're going to defend this program, and scroll up to the top of the comments and read that quote from Bill Hicks.
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
Tha's what I've been saying every story so far -- the "safeguards" are written process that people are supposed to follow. There is no uncorruptible logging going on, with MD5'd files shipping offsite to multiple storace sites; no alarms going off; no checks that servers don't have extra stuff installed.
If a G. Gordon Liddy operative wanted to do a little political spying on the opposition, nobody would know. And it is exactly this issue, spying on opponents, that half the first 10 amenents exist, not to stop them from spying on hot chicks.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
That is, until someone in some person in government somewhere decides you look more like a needle.
Slight addendum. A person like, say, a vengeful ex?
upon the advice of my lawyer, i have no sig at this time
A very effective way to demonstrate the power of the system would have been, prior to his departure, to run the XKeyScore system on himself and then release that information at some point in the future. This would have shown the power of the system, and the fact that it can be used arbitrarily against anyone, US citizens included. Right there for all to see, his personal online activities and communications. It's not like he's still living that life anyway.
I've given a couple of presentations on the vast amount of publicly available data that is available on everyone. To demonstrate, I used reports I purchased on myself from a couple of data aggregation providers. Eye-opening.
BlameBillCosby.com
This.
Same boat here. Nobody cares, really. I say it jokingly - at least I used to - that as long as the average American gets their daily dose of the Kardashians (or whatever other entertainment they fancy), the NSA could install anal probes in their sofas and they wouldn't think once about it.
Nobody I know really truly values their rights, or why we have them. "Who is King George?" is a question I get frequently in response to my explanations of the tyranny that brought this country to revolt.
People really, truly don't care that their government is spying on them because they really, truly believe they are doing nothing wrong - when the average person commits several federal felonies every single day and is none the wiser about it.
When I first got onto the Internet in the early 1990's, there were three things that were made quite clear to me when given my account:
The NSA claims they are simply collecting Call Detail Records (CDRs) and packet headers, although likely more is being collected. But seeing CDRs and IP headers is no different than watching me when I'm walking around the street. Seeing the packets to my Google session is no different than knowing that I walked from my house to the nearest pizza shack. Everybody and anybody could see me do it, but it doesn't mean my privacy was violated -- I did all of these actions in public!
People should not be surprised or upset that this information is available to be collected because that is the cost of using the Internet. You are intentionally sharing information with third-parties in the interest of obtaining a service. Even the snooping of email in GMail or Yahoo should not be surprising because you shared that information with a third-party (the service provider) and the provider has different legal requirements than if you simply shared that information directly and exclusively with your interlocutor.
If you are upset about the Internet being public, then you should stop wasting your breath complaining about how what you thought was private is actually public and instead start advocating for the wide-spread use of encryption algorithms and always-on SSL. You should start advocating for the ability to run servers (mail and web) on residential connections so you don't have to share "private" information with third-party providers. You should advocate for rolling out IPv6 instead of being lazy and claiming that unencrypted NAT-ed IPv4 is good enough security.
And when your done advocating, lead by example and use these technologies yourself.
Just because you think something is private and secure doesn't mean that it is.
Why keep this in the shadows and create all this controversy. If the American public wants this, then just repeal the 4th amendment and have at it. No one would be at all surprised to learn that China monitors all electronic communication, they have made no promises not to.
Now if there aren't enough votes to repeal the 4th amendment, maybe, this isn't what the public wants.
Spying could be interpreted as act of war ... you know
You cannot just spy on countries and do not expect consequences.
I thought they couldn't search their own e-mail
Haha, you believed that one, did you? Yeah, it was funny when I read it too. Do keep in mind that it was their reply to a FOIA request for their email.
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
> people sharing an IP address space with criminals and terrorists?
Possibly, if the space you meant was 0.0.0.0/32 .
Be real, it's probably everyone connected by having sent email to each other, posted on the same threads in any forum, or even possibly just visited the same URL even at different times. Or connected to a connection (by the same criteria). Etc.
It has been intentionally dumb down over the decades, as the elite ruling class knows, the more knowledgeable a person has, the more dangerous (to the elites) this person will become.
New Economic Perspectives
This is false. He said, and I quote, ""He was lying, He clearly has over-inflated his position, he has over-inflated his access and he's even over-inflated what the actually technology of the programs would allow one to do. It's impossible for him to do what he was saying he could do."
It turns out that he was in fact NOT lying, and Rogers WAS lying by saying Snowden was lying.
Or Snowden might be exaggerating what the software could do because he wasn't actually authorized to use it (i.e. he drew conclusions based upon the training materials on SharePoint) and Rogers is downplaying how poor the security at the NSA actually is.
If Snowden was a system administrator at the NSA then there would have been no reason for him to be using the tools that the intellegence analysts would have been using and I would like to think that he would not have had need to know to actually use the systems even if he had knowledge of them. So he likely was not in a position to be fully briefed about the actual capablities of the systems. Even if he was being truthful about being a "infrastructure analyst" (i.e. black hat) there still wouldn't have been much of a reason for him to the tools of an intellegence analyst.
Nor should there be. Ever.
I see, you don't believe in human rights, only in American rights.
The Tao of math: The numbers you can count are not the real numbers.
buck 'o five
This is not to say that all lines are constantly tapped because they are not. But they will be capable of such in the next few years when all telephony traffic is going over VOIP.
Snowden was not lying about this capability.
All of the 'discussion' in D.C. regarding the telephony metadata is just a distraction, to keep the public from seeing the VOIP and Internet tap issue.
You are being MICROattacked, from various angles, in a SOFT manner.
Someone in some person?
The Tao of math: The numbers you can count are not the real numbers.
Ever since Edward Snowden went public, I have been racking my brain trying to conceive of a catastrophic event involving government surveillance that would motivate a large number of people to march on Washington chanting "Enough!" Say the words "Social security reform" out loud and retirees start boarding buses bound for the capitol. Suggest that limits on gun ownership should be put in place and the NRA is on your doorstep. Point out that the NSA is building a massive repository of every aspect of your very being...and people shrug. They just don't see the value of and power of personal or private information. It's too nebulous a concept for the average person to grasp, and no amount of public awareness is going to help. And those running the program and collecting the data sure as hell aren't going to give up their valuable and powerful tools, no matter how embarrassing it is when they're called out in public. Quite the opposite: they want more tools and they want them yesterday, and they don't want to be told what they can and can't do with them, especially when are busy protecting us from the bogeyman. Very few of us - Mr. Snowden et al - are willing to stop and consider why this is wrong. So does anyone have any ideas of what it will take to turn this indifference into outrage? Or will it take a full-scale and bloody revolution to stop us from being dragged down that path to hell that is paved with good intentions?
"Could be worse...could be raining." Igor
I understand that at first glance this looks like overreach, and depending on who had access and how often it was used, perhaps it is. But the NSA does not do law enforcement, they do threat detection.
Imposing a suspicion-based, after-the-fact scheme would mean terror cells could (and probably already do) host their own encrypted SMTP servers with no archive, thus thwarting any attempt to trace messages sent before a target is identified. So even if a judge finds probable cause and some kind of targeted hack/trace could be established, it would be too late to look at data created before the warrant was issued. Why would we hobble our first line of defense against real, plausible threats in order to avoid theoretical abuses? Wouldn't it make more sense to keep the programs intact and ensure safeguards against abuse?
Even if you are afraid of some hypothetical future fascist regime that has plans to abuse this apparatus on a large scale, please explain why such a regime would have any interest in respecting the Constitution at all? In other words, if things got so bad that the NSA started spying on you because you wrote something to a friend they didn't like, citing the lack of a warrant is not going to help.
Of course there are many (actually just some, but they like to think they are many) who believe the US is already some kind of fascist state, but I would suggest you talk to people living in places like Russia or China before establishing a "Big Brother" standard against which to compare the US.
As for the legality, IANAL, but some obvious observations:
We need to protect ourselves against government overreach and abuse - we are after all a nation of laws, not men. But the notion that the NSA keeping a few days worth of 1s and 0s just in case they are needed is anathema to our way of life is ludicrous. We keep medical, criminal, travel, financial and many other records for years and years. Why is this any different except that its a convenient vector of attack against an arm of government that is charged with doing exactly what XKeyScore is designed to do - seek out and neutralize threats to national security.
You unblock guadian with noscript, but then you have a list of 20+ other sites and no idea which one leads you to the article. I wanted to see the slides, but fuck it, I don't want to keep guessing on which sites to unblock.
Be seeing you...
Batman listened to everything through everyone's cellphones. Barrayaran Imperial Security monitors everything. BBC-America's MI5 (or Spooks, for original BBC wachers) seemed to be able to access every webcam ever made. Jack Ryan survives through signal intercepts.
Google and Bing and Yahoo are scanning all your base all your time. How else can they find whatever you want whenever you want it?
This is one of those things that seems like a good idea when applied to OTHER things and OTHER people. Search engines on the web? Of course, anybody putting something online *wants* it to be found. Fictional security agents hunting the bad guys hiding among the solid citizens? Of course, that's what we fictionally pay them for.
For arguments' sake: How do you debug a problem? Probably trace everything and look for anomalies, right? So why be surprised that the NSA thought any different?
Okay, the first shit was movies dude. Movies. Not reality. Yes, Google, yahoo & MS have search engines, they search the internet for data. They track our online movement to make money off us. Does MS & Yahoo scan my Gmail email account? No. They don't. Does Gmail scan my emails? I do not know, and I do not care. See, I understand that the internet isn't safe. That gmail has access to my gmail account. If i really wanted to send info I didn't want others to read, I'd encrypt it first. Probably like most any fucking terrorist would do, because it puts a layer of security on your email that YOU control.
The NSA has been compiling a database on everyone. Forcing corporations to give up security keys, open holes in the system, etc to get info about everyone in the world. While claiming it wasn't. Not only was this done on tax payers money, it was done in secret, while we were being lied to about it. It is a system that is being abused, and will continue to be abused unless we do something about it.
Be seeing you...
"The new revelation here is that a relatively low-level guy could easily search through the database looking for everything they want. That lapse in security is actually surprising, even if you have a low opinion of the NSA."
It's not really surprising at all, without any particularly negative opinion of the agency involved beyond expecting that they are more concerned with the tasks immediately before them than with the legality of what they are doing and the long term affects on the republic. This is negative, yes, but it hardly applies to them, in this they and the rest of the government unfortunately mirror a large portion of the public.
Any sort of security or accountability layers here would be seen as needless mickey-mouse nonsense getting in the way of them doing their jobs. And that's exactly why our founding fathers were far-sighted in denying the government the authority to run this sort of operation in the first place. The power to snoop like this is simply too much power for any individual or institution to be trusted with. Power corrupts.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
Dude - I *agree* with you. I think the lying bastards are just DOING THEIR JOBS defined by the conservative congressmen who WROTE the Patriot Act and pooh-poohed the worries and objections at the time, and who are now claiming to be offended since the president is of the other party.
I realize those are movies and TV shows and books. My title did include the word "fiction", right? Then the idea creeps closer with search engines, until finally someone is reading my diary over my shoulder. It's frighteningly easy for this stuff to go from "1984" fiction to current fiction to reality.
But they cannot capture these communications between Americans with a drag net, they have to get individual warrants (presumably secret FISA warrants).
If you had actually seen the contents of this most recent leak you would have noticed that no warrants are necessary to perform a search of the database which includes the actual content of emails, IMs, and telephone conversation audio. Somehow you seemed to have missed the whole point of this leak. All of our worst fears about Big Brother have now been confirmed.
Quite an experience to live in fear, isn't it? That's what it is to be a slave.
we KNOW everything we do on the net is visible to anyone who cares
Just like in the real world there are forms of communication that don't involve any expectation of privacy and forms of communication that do have an expectation of privacy. Email, IM, and Skype are some examples that did have an expectation of privacy. Obviously not anymore. Facebook has very little expectation of privacy which is one reason I don't have a Facebook page. We always used to joke that it was actually founded and run by the NSA or FBI. That turned out to be more true than we realized. I don't think Twitter has any expectation of privacy. And web forums are the equivalent of billboards. I have no problem with the NSA reading this post. It is intended to be a form of public communication. I do have a problem with them reading my emails or IMs. That is intended as private communication and just because it is trivial for them to monitor and record does not make it moral or legal to do so.
As for defending our privacy against government intrusion, we should definitely attempt to do so. I'm not sure if it is practical or possible at this point, but we should at least try some technological solutions. Nevertheless it is important to keep in mind what is right and what is wrong. A government that spies on its own citizens is an important component of tyranny. The first step to controlling all of your citizen-slaves is to monitor everything they say and do.
Quite an experience to live in fear, isn't it? That's what it is to be a slave.
intelligence from the Internet.
If I was looking for intelligence, the internet is the last place I would look.
...no need to go to any further degrees, as it's not just one subject (i.e. everyone, not just KB) the birthday paradox means they get 100% coverage.
All your ghosts are just false positives.
If you remember, Mike Rogers was trying to push through CISPA. I think the signs of this were out there, long before the SOPA / PIPA debates.
I'm with the NSA and I'm posting as AC for obvious reasons.
When you assume that they're always lying, they'll tell the truth, under the secure knowledge that you won't believe them.
We always lie and I'm lying.
Hey, it worked on Star Trek!
Unfortunately, this paradox is easy to sidestep: I reject your statement that you're with the NSA. Now the rest is irrelevant.
Should have gone with the Princess Bride instead of Star Trek.
Yes, Anonymous Pedant... it should have been /0... ("I'm a mathematician, Jim, not a network guru!")