Slashdot Mirror
Shadowy Tech Brokers Deliver Data To the NSA
An anonymous reader notes an article about a group of companies whose business is to wiretap various ISPs (with permission) to gather data in response to federal subpoenas. Many smaller ISPs don't have the resources to deal with the flood of data requests from agencies like the NSA, so they outsource compliance and collection in order to keep costs down. The article profiles one of these companies, called Neustar:
Neustar can in many cases execute the warrant from anywhere within the U.S., keeping within the bounds of the country's surveillance law. But when a wiretap device is needed, they are not hard to come by. Most networking equipment makers sell devices that can be used to collect data, or used to inspect data — so-called deep-packet inspection devices, which can also be used to prevent piracy, the spread of malware, and website access, all at the Internet provider level. Once a FISA warrant is issued, so-called "tasking" orders, which contain selectors — like a phone number or an email address — are often sent electronically to the ISP. These tell the ISP or phone company, or third-parties like Neustar, exactly where to wiretap and what data to collect to hand back to the requesting authority.
so-called deep-packet inspection devices, which can also be used to prevent piracy, the spread of malware, and website access, all at the Internet provider level....
Er, no, that is not what full packet capture devices are used for AT ALL.
Full packet capture devices are typically used for digital forensics. For example, your company gets hacked using an APT and you know that probably data was exfiltrated, but you don't know exactly what data was taken and you don't know how these guys got into your system. A full packet capture device can help here. Another way they are typically used is to produce evidence for court cases where employees steal company data and so forth, or browse child porn at work, etc.
They are NOT typically used to "prevent piracy" or "spread of malware" or "website access", I don't even see the use case here. I think the OP is confusing full packet capture with layer 7 application state firewalls, which ARE used for the above.
The real dark nightmare isn't the NSA as a government agency.
It's the fact that the NSA is really a cartel of private companies that, as private companies do, work for the good of their bottom line first, and everything else second. They will do everything they can do to get them more business. When their business is undermining your right to privacy guess what the fuck is going to happen?
Welcome to the "Security Services Complex" - Dark budgets. Secret courts. No oversight. They make money and you lose. It's a gigantic scam and nobody, not even Congress or the President really has the ability to audit them.
And really, what incentive do they have? What happens if a headless, unaccountable NSA doesn't feel like having their budget slashed? They really could do anything they wanted to intimidate/blackmail/smear/disappear an inconvenient politician and no one would be the wiser.
Don't forget about Snowden. What's important about Snowden really isn't the leaked information. It's the fact he was just some flunky working for a private contractor. He was able to do what he did because he was walking out of an office building with flash drive. National security reduced to a run of the mills business IT security social engineering attack.