Slashdot Mirror
DHS Set To Destroy "Einstein" Surveillance Records
schwit1 sends word that The Department of Homeland Security plans on disposing of all the records from a 3-year-long surveillance program without letting the public have access to them. The Department of Homeland Security is poised to ditch all records from a controversial network monitoring system called "Einstein" that are at least three years old, but not for security reasons. DHS reasons the files — which include data about traffic to government websites, agency network intrusions and general vulnerabilities — have no research significance. But some security experts say, to the contrary, DHS would be deleting a treasure chest of historical threat data. And privacy experts, who wish the metadata wasn't collected at all, say destroying it could eliminate evidence that the government wide surveillance system does not perform as intended. The National Archives and Records Administration has tentatively approved the disposal plan, pending a public comment period.
I mean, he did invent the nuclear bomb. And we don't know that zombies aren't real.
They're seeking public comments on a system that collected bulk data from the public that turned out to be useless? I think I might just submit "fuck you" as a comment.
"destroying it could eliminate evidence that the government wide surveillance system does not perform as intended", so we'll prove that it wasn't necessary by revealing everyone who looked at it and publicly cross-checking them against troublemaker lists? What could go wrong?
Since the author of the post didn't bother to link to the public comment request site, here it is.
Then there would be an outcry for the opposite reason. Continued invasion of privacy and a continued threat of selective leaks of information from private conversations.
Keep in mind that Einstein is a DHS program for monitoring the security of government networks from an internal point of view. It consolidates information from participating agencies' firewalls, intrusion detection systems, malware detection, anti-virus scanners, etc,. It has nothing to do with monitoring anyone or anything aside from government-owned systems, government-owned internal networks (i.e. the LAN in a government office building), and the actions of government employees using those internal government-owned stems and networks. In other words, it's exactly the same sort of thing every major company, university, or other organization does in their security operations centers.
Whether or not the data should be kept around for research purposes is a worthwhile question, although publishing it would require a lot of sanitization to avoid revealing data that would be useful to attackers (for instance, the name, IP address, and precise version number of every firewall within a given agency).
But in this case it's not about covering up any surveillance or information gathering on public behavior.
Einstein is a big IDS, the only data is collected on the public was when they used government websites. Those websites all have consent to monitooring clauses and privacy policy statements.
has my hat...
The option we're looking for is for the government to stop spying on Americans and then submit to legal repercussions for their unconstitutional acts, not to destroy the evidence and then start over with a name.
That said, my understanding is that "Einstein" was the government's Intrusion Detection System, and unless they lied about it being the intrusion detection system, there should not be too much in there that would affect Americans' privacy, but it would be educational to see what kinds of attacks are used against the federal government's systems and make sure that they cannot be used against my systems.
The EINSTEIN Program long predates the current administration, as it dates back to 2004. In fairness, though, we could ask whether this is in keeping with past treatment of such records - that is, has DHS always done this with these records, or is this new?
You obviously suffer from ODS, mi. What Republican media wound you up and set you loose with a head full of derp to inflict on people outside your bubble?
They don't want evidence of wrongdoing and ethics violations are their part surfacing.
Lucky them, at least their computers did not crash
http://online.wsj.com/articles...
DHS is a colossal waste of time and money.
The NSA has a backup, nothing will be lost, fear not!!!
These aren't the data troves you were looking fof.
Short version: this is a bunch of IDS logs and similar data that DHS (mainly US-CERT) has kept from various federal agencies. This isn't secretly collected information, it's records of things being sent to the government (email, web traffic, whatever). According to TFA, Civil Libertarians are apparently for the deletion, because releasing it means everyone gets to see what you sent the government. This assumes (and that's a big if) that there's nothing in there that DHS wants to hide. SANS doesn't think it should be deleted after only three years, because they think the research data (for intrusion activity) is still relevant (and by comparison SANS keeps theirs for 12 years).
Lets not beat around the bush. This has little to do with "liberal" vs "conservative", this has more to do with "democrat" and "republican". Not ideaologies, but formal organizations with well defined leadership and central planning. They are both guilty in varying degrees.
Honestly, what is amazing is that if you watch the "third party" debates, across the board, all canidates involved are dead set against this sort of thing. This includes the Greens, Libertarians, and even pretty standard conservative "Constitution Party".
Heck, my Libertarian days are behind me, but I'll be the first to admit, they've had the loudest truest voice against state survaillence, since day one. So where the Greens.
Its not "liberalism", something there aren't any of really left. Its the system. Its the party system we have.
Einstein was created by Dubya, little dittohead.
all the stuff that also happened under a "conservative" president.
Lets not beat around the bush. This has little to do with "liberal" vs "conservative", this has more to do with "democrat" and "republican". Not ideaologies, but formal organizations with well defined leadership and central planning. They are both guilty in varying degrees.
Honestly, what is amazing is that if you watch the "third party" debates, across the board, all canidates involved are dead set against this sort of thing. This includes the Greens, Libertarians, and even pretty standard conservative "Constitution Party".
And people wonder why I feel we need to amend the Constitution to stop favoring the 2 party system...
"Don't meddle in the affairs of a patent dragon, for thou art tasty and good with ketchup." ~ohcrapitssteve
Sure, some records may contain what could be considered sensitive. Redacting IP addresses is not overly complex, but in this case may be time consuming. Considering that the Government has tons of super computers why not let one of these systems parse and redact the text.
Just deleting makes things appear bad, even if they are not.
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
and then her, "fuck no they're not".
There is nothing wrong with the Einstein system itself. Deleting its records, however — to destroy evidence of government overstepping legal bounds — try blaming that on W...
In Soviet Washington the swamp drains you.
There is no such "favoring" anywhere in the Constitution. We have multiple parties and, in fact, one of them was — the Whigs — once strong enough to gain major chunks in Congress and the Presidency.
What confuses many people — including, it seems, yourself — is that in the US we do not vote for parties. We vote for individuals. The individuals may or may not choose to affiliate with a particular party, but such affiliations are not binding. An elected lawmaker can quit/join any party without any official consequences to his position.
On contrast, many (most?) Democracies do vote for parties, who then appoint party-members to the legislature. That makes party-affiliation binding — by quitting a party, the politician will resign his position (unless another party accepts him).
In Soviet Washington the swamp drains you.
Some of it was, indeed, happening under a Conservative President. We were then told, it must be ended — "before liberty is destroyed" — and that electing an Illiberal President is the way. We got such a President, and all of the government abuses became worse.
For example, whereas Bush was using drones to kill suspects, who could not be captured, Obama uses them to kill all suspects (because he does not want to get stuck with "inconvenient" detainees).
This "EINSTEIN" is the same — the program was instituted under Bush, but it took Obama Administration for them to begin destroying their records — just as the public started wondering about them overstepping legal bounds.
Scream all we want about Bush-era NSA surveillance, but such surveillance has not hurt an innocent American yet — the worst we've heard was the Feds "leaking" info to local police departments, who are then "reconstructing" events to make it appear, they got evidence on their own. But the crimes are still real! Now contrast this with Obama's use of the IRS audits to suppress opposition.
As I said, electing Illiberals causes the materialization of the worst fears...
In Soviet Washington the swamp drains you.
If there is evidence of a government cover-up, then there is a moral obligation to turn the data over to someone who can and will do a proper investigation.
Otherwise, the two best options are to either seal the evidence until everyone who could possibly be hurt by someone seeing the files is long dead (in other words, since the files should never have existed, let's make sure we don't cause additional damage to innocent victims whose privacy needs to be protected) or to destroy the files outright.
Unfortunately, since we can't know for sure if the government is trying to hide anything until either an independent person or group investigates and/or the government admits "yes, we are trying to hide things," the two situations are in conflict and we'll probably never know if we did "the right thing" because we will never know what "the right thing" was.
Don't blame me, I voted for Kodos.
Confidential perhaps, but public data. We paid for them.
There is value in them, when is it's just historical data.
deleting the extra space after periods so i can stay relevant, yeah.
Posted 11/19, already closed with 0 comments. I find that hard to believe.
Scream all we want about Bush-era NSA surveillance, but such surveillance has not hurt an innocent American yet
you mean "it just didn't make the news yet".
typical partisan tripe. Dodge all responsibility and blame the other guy.
But the crimes are still real! Now contrast this with Obama's use of the IRS audits to suppress opposition.
If you think that is bad, see what the DEA has been doing since reagan.
I mean, no one — not even you — has any evidence of it.
Empty words.
Citation needed.
In Soviet Washington the swamp drains you.
First when it was found out that IRS was illegal harassing citizen groups in the USA, and an investigation was launch, IRS responded by telling the world that all the computers used by the people involved that case were mysteriously and co-incidently damaged --- so no trace of guilt could be found
Then it came the case of the records of H1B be destroyed, without letting the public to check it
Now this
I have been in America since the 1970's, and when I first landed at America, the Watergate thing was still a very hot topic
No matter how tricky that Tricky Dicky was, he paled in comparison to the wholesale destruction of evidence the Obama administration is doing
When I first arrived in America, I was a refugee from China
Now, I am an American citizen
Back when I was a refugee, I felt so awed by the American system - that even the President can be thrown out of office if he did rotten things
But now, as an American citizen, I feel rotten. I feel rotten because as an American citizen I can *DO NOTHING* about the illegal activitiess my own government is involved in
I feel so powerless, I feel so ashame
I know that, the founding fathers of my adopted country, the United States of America, told me, in the Declaration of Independence, that it is my duty, and the duty of ALL AMERICANS, to overthrow the government if the government turns rogue
The Obama administration is rogue, but as an American citizen, I have failed to carry out my duty, as has been instructed by the founding fathers
I am ashamed, man. Very very much ashamed, to have failed to live up to the expectation of the founding fathers, to uphold the Constitution of the United States of America !
Muchas Gracias, Señor Edward Snowden !
Data about catastrophic threats must be retained. Minor threats are quite likely either inconsequential or already squashed. Don't computer scientists sometimes hack each other or target each other with malware (with consent) as a kind of contest to sharpen their security skills? If Einstein works in the best possible way, even little blips like that are recorded, and if they're significant then surely the scientists are either publishing papers or implementing solutions already. I'd expect the remainder of non-catastrophic events to be covered by security software like antivirus or to be so deprecated or ineffective that there's no reason to care.
Since the catastrophic event data must be retained indefinitely, I think they're doing exactly the right thing. Of course user data will get caught in the crossfire! And if the government published that data on some public website, privacy advocates would rightfully howl. Since they seem to be doing things the right way here, the article just tells me that some people have angst seeking an issue. That, or they're paranoid.
Public comments are allowed via the Federal Register. Comment to the National Archives and Records Administration. State you want the records saved in a "lock box" for judicially approved historian access.
JJ
I mean, no one — not even you — has any evidence of it.
except we do. the docs snowden leaked contain entries going back to around ~2005 https://en.wikipedia.org/wiki/PRISM_%28surveillance_program%29 PRISM is a clandestine anti-terrorism[1] mass electronic surveillance data mining program launched in 2007 by the National Security Agency (NSA) and government survialence has been consistantly leaked on slashdot since it started in 1997, going back to CARNIVORE, RAPTORE, and this: Narus
Citation needed.
This is the war on drugs
Reagan declares war
This is parellel construction, basicly allowing cops to either plant evidence, and effectively nullifies reasonable suspicion.
This is civil foreiture. As you can see, the government can now just take your stuff without having to provide evidence
far less conviction in a court of law, jury of peers or not
Empty words.
hey mr pot, the kettle called, your fucking black.
Keep in mind that Einstein is a DHS program for monitoring the security of government networks from an internal point of view. It consolidates information from participating agencies' firewalls, intrusion detection systems, malware detection, anti-virus scanners, etc,. It has nothing to do with monitoring anyone or anything aside from government-owned systems, government-owned internal networks (i.e. the LAN in a government office building), and the actions of government employees using those internal government-owned stems and networks. In other words, it's exactly the same sort of thing every major company, university, or other organization does in their security operations centers.
Whether or not the data should be kept around for research purposes is a worthwhile question, although publishing it would require a lot of sanitization to avoid revealing data that would be useful to attackers (for instance, the name, IP address, and precise version number of every firewall within a given agency).
But in this case it's not about covering up any surveillance or information gathering on public behavior.
How about records of one or more government agencies intruding into other government agency's or branch's networks?
For instance, could there be evidence contained in those logs of TLAs intruding into the networks of Congress, the SCOTUS, etc?
Never mind TLAs spying on normal everyday citizens. The Executive Branch has been quite cavalier of late in spying on those in the other branches of government, particularly when said other branches may be deciding whether or not to exercise their duty and ability to limit the Executive Branch's power and scope.
This data could provide hard evidence regarding just how extensive and pervasive these practices have become.
Strat
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
I know Slashdot hasn't been as popular these days and it's cool to hate on beta, but it seems like a ghost town now. Where did everyone go?
My claim was not, that the government was not engaged in surveillance, but that no innocent American has been harmed by it. Your examples enumerate the cases of such surveillance, but do not list anybody being harmed by it.
Drugs are illegal — criminals are prosecuted. That's not evidence of innocent Americans being harmed.
Yes, I know about the parallel construction and did mention it my post. It has not, however, been used against an innocent party. Some day it may be abused that way, but it has not happened yet — whereas Obama's use of IRS and DoJ power to silence critics has happened and continues to happen.
Yes, such forfeitures are a travesty, but they have nothing to do with NSA or DEA surveillance.
So, to counter my statement, that NSA's surveillance has not harmed innocent Americans (unlike the IRS abuse), you gave examples of criminals prosecuted or of confiscations, that had nothing to do with the NSA... I think, we are done here.
More empty words.
In Soviet Washington the swamp drains you.
Agree to the destruction of said records *if* in the same act the DHS dissolves itself.
Drugs are illegal — criminals are prosecuted. That's not evidence of innocent Americans being harmed.
Except its been used against "innocent" parties. Its been linked in the article.
Yes, I know about the parallel construction and did mention it my post. It has not, however, been used against an innocent party. Some day it may be abused that way, but it has not happened yet — whereas Obama's use of IRS and DoJ power to silence critics has happened and continues to happen
you mean habitual tax evaders? from the article you linked:
Wynn Resorts is under investigation for potential money-laundering law violations, according to a new report from Dow Jones.
Money laundering is a crime. People are being investigated for it.
It seems to be, just as many innocent people were harmed by the DEA as the IRS, if you want to apply your logic evenly to both sides.
Whatever makes sense with your skills, resources, and connections... These alternatives are there to provide the seeds for a next generation. They can be things like non-profits, for-profits, hobbies, community organizations, libraries, social networks, barter exchanges, citizens groups focused on one important local issue like a better library or better infrastructure of some sort, a movement for a basic income, LETS systems, or whatever. A healthy society has a good mix of subsistence, gift, exchange, and planned transactions. If you think the system is out of balance, then create or support counterbalancing forces (in a legal, healthy, and optimistic way). Tiny non-profits across the USA are suffering from lack of leadership and members as TV and the internet and dual-income families soak up all the otherwise spare volunteer time. The "old" USA from a century or so ago had those strong traditions of a mix of all those things, and such a mix is at the root of "Democracy" IMHO.
I used to think Debian provided one example of alternative governance, although lately mostly bad news on that front regarding the systemd issue. Hopefully it will move past that and become stronger through some self-reflection.
Search on "Michael Rupert Evolution" on his "From the Wilderness" site for some related interesting reading where he tried to move to another country and it didn't work out (an extreme case, and I dismiss his worries about "Peak Oil" as overblown, but he had some insights there about building where you are now and are connected).
A 21st century issue: the irony of technologies of abundance in the hands of those still thinking in terms of scarcity.
This is more dangerous than not destroying them. All of the departments that have or will use the data will now do so and there will be no way to prove how the data was obtained. If you are forced to defend yourself in court you'll be SOL proving anything against the information that is used against you.