Slashdot Mirror
Australia Admits to sigint
Eater writes "Doubts about Echelon dispelled. "
Hrm... On one level it frightens me to know that this is going on, but on another level I am comforted by the fact that people already suspected it anyway.
← Back to Stories (view on slashdot.org)
"Those stations have to be capturing terabytes of data every day and I'm not sure how well the computers can process the data"
You don't think SETI@home is really searching for extra terrestrials, do you?
At least two ways around it. The first way: stop sending email. Bad idea. The second way: PGP. Good Idea. Especially a copy (like GnuPG) where you can RTFS and self-verify that there is no back door.
I don't particularly use personal PGP today because it is a hassle, and because I tend not to send email that I mind being overread. At work (where serious paydata flows over the wires), PGP is a must.
The more they monitor, the more we must encrypt. We have the tools. With the GPL'd GnuPG, we have them copylefted, so that they cannot take them away. They can only make them illegal.
And if they did that, they would have to imprison a lot of pissed-off hackers who would encrypt stuff anyway. Considering the tremendous geek debt we're in, that's likely to hit the economy hard. Fortunately, Congress tends to avoid things that hit them in the wallet--as long as they understand that it will.
--The basis of all love is respect
As someone who knows chips...
I'd have to say that it's entirely possible. The actual computational speed of one "dictionary" checking node dosen't need to be all that fast. They just need to have millions of them. If you organized the system to have parts that do specific tasks, like message reconstruction, message dispatch, message ananlysis. It becomes no problem to construct a highly scaleable system that can process millions of bytes of text a second. Sure it's specialized hardware, but it can be built from commonly available chips with little or no problem.
As an example, a checking node could be made with a few simple components. CPU, Boot ROM, DRAM memory bank, Ethernet NIC, a few indicator LEDs, power connecter, NIC connecter and PCB. That would easily fit on a PCB 6"x6" and be rack mountable, or better yet, fit as manny as possible on one PCB that is as large as you can make reasonable, say 18"x18" for 9 per board. Crank out these boards by the thousands. Don't worry if your older boards are obsoleated by newer tech, just redesign around the newer tech, and make another batch of a few tens of thousands.
Now lets go to specialized hardware. Lets make a chip that checks a stream of bytes against a list of words. Lets make it so it can check 1024 words up to 32 bytes long. Well within fab techniques 15 years ago. Place it in an 8 pin surface mount package package for size. On powerup it waits till it's addressed to load a block of words. Then it waits for the message byte streams. When it matches a word it sends out an interupt, and the message is flagged for latter analysis. Being dedicated logic, they likely could process data well in excess of 1 MByte a second. 3600 of these chips could be placed on an 18"x18" PCB with driver and control logic. This gives us 3686400 check words per PCB. More than enough for all languages and future expansions. On each board is a processor that receives messages to be checked, then passes them by the checking hardware, noting which ones get flagged for a match. Now scale this to thousands of boards. At 25 boards per card cage, 4 card cages per rack case. That's only 10 refrigerator sized cases to check 1GByte a second against 3686400 words, Now reconfigure the hardware a bit to make it 100x more parallel in the checking, and we have 100GBytes per second against 36864 words. Now make this a room sized endevor, and you can easily get well into the terabytes a second scanning rate. The really scarry thing is this is with tech available in the late 80s. It should be easily able to be scaled by a couple of orders of magnitude by now.
It's all a matter of getting the right hardware in the right volume.
This isn't disturbing at all to anybody with any intelligence. If this is news to you, then you're naive in the extreme, my friend. OF COURSE governments are spying on all kinds of digital traffic. OF COURSE they include civilian traffic in their monitoring (that's where lots of important things happen).
More importantly, though, if you've been assuming that all your emails and other net traffic (or even your phone conversations) are blissfully private, then I'm sorry, but that's just plain stupid. Governments are the least of your worries (hell, my _father_ could tap your phone if he wanted to). If you want something to be secure, don't broadcast it unencrypted in the open. This should be obvious to anybody in this day and age.
So you're going to run off and write your "senators, congressmen, lords, whatever".. Hey, maybe you'll even be successful beyond anybody's (realistic) hopes and dreams and get all the politicians of the world to condemn this sort of monitoring and abolish it forever. Do you really think that any governments are actually going to stop doing it? It'll just go deeper underground and be a real secret, which means there will be even less monitoring, and absolutely no control over any of it.
Just look at the information which prompted this discussion in the first place: An official acknowledgement of (at least some of) what's going on by government officials. Countless people in the world are more aware/confident/knowledgeable of what's really going on because the Australian government was willing to inform their public about things like this. Would they have been willing to do that if they'd been previously forced to condemn this sort of thing and promise it wouldn't ever happen? I don't think so. We'd be sitting here discussing some new Linux feature instead.
Things like this are better in the open.
>>>>
While I'm sure there is some keyword searching being done, I'd be shocked if more thought didn't go into the system.
Surely there's some initial filtering done based on the identity of the sender and receiver-- messages sent between two people with FBI files probably get more scrutiny. Messages that cross national boundaries would also be more suspect, as would be messages the computer couldn't understand.
Assuming a reasonable set of criteria to prioritize messages, reasonable computing power could be brought to bare on "interesting" messages, easily defeating rot13. I'm sure they'd break 40-bit encryption regularly for really interesting messages. At this point, one could also do some interesting things analyzing the words used to try to identify coded messages. Someone from Montana who regularly describes building "watermelon" would likely raise some red flags here.
Of course, with 50 years to develop the system, it's surely smarter than anything we could envision in a few hours...
I've worked in sigint, myself. And I find it hard to believe that a system set up to detect key words and phrases in common internet traffic can be useful enough to justify its cost. Nations and security agencies *know* that internet communications can be intercepted, and so they send messages encrypted or not at all. Corporations are beginning to understand this, also. The only messages that Echelon could usefully intercept are personal communication and the rare 'slip-up' of a corporation or agency.
That being said, I can easily believe that it exists. Slip-ups do happen, and I can see a government betting a few billion dollars on the off chance of finding one. But the most frightening aspect is that the Echelon system is just better suited towards everyday unencrypted communication between private individuals...and thus, whether chartered or not, that's likely how it will be used. Thank you, Orwell.
Genocide Man -- Life is funny. Death is funnier. Mass murder can be hilarious.
One capacitor. 250 volts or better, non-polarized, 0.1 to 0.5 uF (this is going by memory, but that will probably work). Put it in series with the red wire on a phone. Connect it to the target pair, pick up the phone, and listen.
Bruce
Bruce Perens.
Has anyone considered bringing an action in federal court against the relevant federal agencies seeking a declaratory judgment that such monitoring constitutes an illegal search in violation of the Fourth Amendment?
Does anyone know of some legal reason why such an action could not be brought?
DSD operates under a detailed classified directive approved by Cabinet and known as the Rules on Sigint and Australian Persons.
I don't know what worries me more, the fact that they're spying on us, or that the fact that the list of criteria that they're searching for in their Dictionary is kept classified, so we can't even find out what they're looking for, or where all this information goes to and who's looking at it.
Remember: You're not paranoid if they really are out to get you.
"You can't fight in here, this is the War Room!"
I was reading through the info on that site, and the fact that it quotes Texe Marrs as a reliable source basically blew its credibility.
I don't mind governments spying on each other -- I agree, it's necessary for world peace. I don't even mind my government performing some limited monitoring of its citizens -- I do not break the laws of this country, and I'd like them to catch the people who do.
What frightens me about Echelon is that it appears to be shared data consortium, if you believe the conspiracy theorists. Thus, data collected by Australia/Canada/US/UK are available to them all. I know that I've done things that, though perfectly legal in the US, break the laws of the UK. Next time I go overseas, do I have to worry about overzealous law enforcement meeting me at british customs?
Overzealous law enforcement is a danger here at home, too, if you break any of the unenforced-but-still-in-effect laws. (Sodomy, for example.) I just have to trust that my government doesn't lose its mind and start pursuing such minor crimes. But there's no way I should have to trust other governments as well.
Genocide Man -- Life is funny. Death is funnier. Mass murder can be hilarious.
This is very, VERY disturbing. This is still not "proof" of the eistance of Echelon, but it's pretty goddamned convincing. THIS, ladies and gentlemen, is something we need to be very, very concerned about. This direct threat to our privacy cannot go unmatched. Write your senators, congressmen, lords, whatever... this needs to stop IMMEDIATELY. I've spoken out in the past about the rampant paranoia of some slashdot readers, but this case is rather severe.
sKroz
-- Minds are like parachutes... they work best when open.
Well to any of those that wonder why the US and other goverments want key escrow so badly here you go.
Personally, I do not care too much about what they do for hunting terrorists, because I am not making bombs or selling illegal drugs in my spare time and I do not think that I would get caught for any illegal activities (although I can never be too sure about that).
When they took the 2nd amendment, I was quiet because I didn't own a gun.
When they took the 4th amendment, I was quiet because I didn't deal drugs.
When they took the 5th amendment, I was quiet because I was innocent.
Now they've taken the 1st amendment, and I can't say anything at all.
(With apologies to whoever wrote that that I didn't credit).
You should care how they hunt down terrorists, as those same tactics may be used against you some day. Remember 1984? Well, we may not be there yet, but slowly and surely we're heading there. For every law passed that takes freedom from us for doing something that hurts no one else, the hope of staying free dies a little more. Personally, if this type of thing keeps up (the Australian government doing this will encourage the US government to also) I'm going to gather a bunch of people together and we'll go find an island and start our own country.
When I was able to do my own spam-armoring, you got a chance to email me. Now you can only hope I see your reply.
The problem with that approach is that it isn't just what you write, it is what you see, what you read, where you go, who you send email to, who you get email from... all of these things are trackable... perhaps not nearly in real time... but look at it as a method of collecting points like messages here collect points... you and your activity collect enough points, and they may just assign a live body and some serious compute time to you... I am not at all sure that in such cases governments wouldn't feel extreme measures to be justified (at least they would seem "extreme" to me)... sigh - there really isn't much to stop these things, methinks...
:)
One machiavellian scheme gets exposed, and soon a new "black" project is started - these things don't die, they just morph - the trick is to live under the rader and stay out of the way when the fecal matter hits the spinning blades
Shandon
The circles aren't in any depression, they are just cleared areas for accessability to the towers. The antenna's themselves are used for direction finding of a signal, a simple geometry trick. Naval Cryptological Technicians work there and there are a few sites like that around the world (I think the one in Scotland got closed down..) They aren't for spying on Satilites (which is kinda silly if you think about it, just impractical, would involve spying from a satilite and satilite to satilite tracking and all ... much easier to spy on ground objects with satilites and planes). You can find out more by joining the Navy and becomming a CT (Cryptological Technician) or looking around at some museums dealing with cryptologic activities (or by just finding a site with some text and not theorizing off obscure pictures).
Since no human could go through all this manually, it has to be a computer program scanning for keywords. Which means the system is useless:
I'm sure you can all think up lots more interesting ways to bypass any such system without ever using PGP (the problem with PGP being that it's easy for the scanning program to recognize it as being encrypted.)
Oh, and lets all put the keywords in our emails:
Bomb, Gun, Cocain, Heroin - hi, mr. spy, I'm a terrorist!
-- http://www.wholepop.com/
Whole Pop Magazine Online - Pop Culture
http://www.wholepop.com/
Whole Pop Magazine Online - Pop Culture
Now that I am being narcisisstic enough to follow up my own post: I suspect Echelon does exist, I also suspect that the folks who have pointed out that the volume of data is such that it is impossible to "big-brother" everything are dead right.
The NSA relies a great deal on how little is known about them (you should see the speculations people get into about them -- evrything from their changes in the S-boxes of DES to their initial resistance then sudden silence about PGP). NSA is a very smart bunch of people with a lot of computing power and a lot of know-how, but they can't do the impossible.
Most of us have the best defence of all: We're boring.
He wrote a piece for a UK newspaper saying that the ISP Association (ISPA) and the police were holding secret meetings to allow the police to inspect the logs of all UK Net users activity (news pages read/written, Web pages browsed etc). The ISPs were supposedly agreeing to keep logs specially for police use and allow them free access.
Demon (a UK ISP) responded that these meetings were not secret (any one could attend at £60/day), and were primarily concerned with formalising the limits of what the police could ask for, and the evidence that had to be submitted to the ISPs along with the request. A request would have to include prima-facie evidence of a crime, plus supporting details of when and where the electronic side took place. These details would have to match the ISPs logs before any information would be released. The police had asked for wider access, but the ISPs turned them down, citing UK privacy law which makes the ISPs liable for releasing private information to the police without good reason. Many of the police requests (e.g. web browsing logs) were technically infeasible anyway.
Now its possible that Duncan Cambell was right and Demon are spinning a line here. But Demon were the pioneers in the ISP business, and have firmly resisted attempts at censorship (e.g. blocking the porn groups) in the past. And the legal argument about liability checks out. So I'm strongly inclined to trust Demon on this one.
Now DC has moved on to bigger things. He claims there is a whole big sigint organisation dedicated to listening to you. In the referenced article he takes a few quotes from an Australian politician as evidence that he is right. But go back and look at that article. Note what was quoted, and what was written by DC. Big difference.
And the report for the European parliment was ... also written by Duncan Cambell.
Meanwhile a new law to require european ISPs to provide the police with a dedicated line into their systems was passed earlier this week, rammed through the EU Parliament after 10 minutes debate. Fortunately its not binding (the EU Parliament has comparitively little power), but its still worrying. Where is Duncan Cambell when you need him? Quoting Australian politicians in an attempt to play Fox Mulder!
Paul.
You are lost in a twisty maze of little standards, all different.
The US constitution guarantees free speech, weapons, fair trial and other cool stuff. It doesn't have any passage on information though. Shouldn't I as a US citizen know the details of the going ons of my governement? How can I be an informed voter without such information? Confidentiality has no place in a democratic state. If the government feels it can't tell me something then something is obviously wrong. Let's all write our local congress person and demand an amendment to the constituion. The right to be informed.
That would kick ass.
Some good Communications Security Establishment information can be found here
News for UW students
I want to be clear about this. I am not happy that privacy will cease to exist, but I see it as a technological inevitability. Given that the technology for spying (eavesdropping, sigint, video monitoring, etc.) is becoming ubiquitous and cheap, people will start to want covert devices for personal safety, for watching the babysitter, for snooping on their children, etc.
(Aside: I can't believe how teenagers are wanting to own cell phones! Aside from the fact that these are duffable whenever they are on, I think it won't be long before they know where they are and will be queriable. "Going to the movies, eh, junior?")
Governments already have some of these capabilities. I don't presently fear this (here in the United States). Just look at how much the police know about many crimes, most of which goes unused by rules of evidence. I will only start to fear when the courts stop letting people off on "technicalities" (which is code for legal rights, dangnab it!).
I don't like that privacy is gone, but I like even less that the only people who can invade it are governments, banks, and creditors! And only banks and creditors are allowed to act on the information.
So, my view is that given the technological inevitablity of total access, we should make the whole range of such devices fully legal for ALL to use.
Why should the fact that I am being listened to stop me from talking (understanding that I live in a country which protects speech rights and not a country where free-thinkers are "people who need psychiatric treatment"; And yes, of course I worry about McCarthyism, and J.Edgar Hoover and a buch of other potential abuses, but which is worse, a world where only government can spy on people, or a world where everybody can spy on everyone, including citizens on the government)?
When we are able to stand outside the Senate offices and see, perhaps, that Senator Exon takes his famous "blue book" with him to lavatory, perhaps we will become a more open, honest society.
When I say our defence is that we're boring, I don't mean that we are poor coversationalists. I mean that we are self-serving knuckle-dragging apes who are all ashamed of the same stupid things that everyone does and nobody admits to. We are interested in peering into other people's private lives because we cannot easily do so. I'm suggesting that the best way to restore privacy is to lose it completely and wait for boredom to set in. It will, I promise you. Because we are petty, grubby little animals all, and that gets boring.
Cool down. There is no new information here. All developed countries have highly developed and capable agencies that intercept electronic communications. That's the way the world works and neither you nor I (nor all /. readers) are going to change this. Get used to this.
If you find the situation personally objectionable, use strong crypto. That's what it is for.
Kaa
Kaa
Kaa's Law: In any sufficiently large group of people most are idiots.
Something tells me there's more to it than what Australia is letting on. I get the feeling it wants out; something big is going on that they're not telling up about, but Australia doesn't want anything to do with it anymore. They cloak it in this impractical crap like "you have to strike out the names of Australians" to make it sound credible, but what they want is to destroy the system. No better way to do that then to drag it out into the light and let the public get outraged by it.
Frankly, if it destroys the system, I'm all for it. To be honest, I never trusted the government, but I never thought it had gotten so bad that a revolution was necessary. I'm still no revolutionate, but now I am no longer so certain that this government isn't bad enough that one is uncalled for. This is simply going too far. But at least now we know the real reason why the governments don't like crypto. It won't hamper future snooping; it'll kill current snooping.
However, you've got to admit that UKUSA is doing a pretty damn poor job of spying as it is; you'd think that if they were doing anything halfway decent then all terrorists and such would mysteriously "disappear" before the crime was actually comitted.
I hope that the UN takes UKUSA to task and raises hell about this, perhaps even to the point of punitive action (as if the UN's punitive actions have ever had the desired effect, if any at all). Then again, the UN's probably in on Echelon too.
I had my doubts about the existence of Echelon before this. Like, how could such a massive thing really be kept under wraps by agencies as idiotic as our 'intelligence agencies' seem to be. And, how could they process the massive amount of information gathered.
Well, this is pretty convincing. I wonder what made them want to go public? I find it hard to believe anyone in the 'intelligence' game could have anything like a conscience. Maybe they were tired of being junior members.
I am going to write my congress-person, senator, & my local paper. This is outrageous, our governments blatently spying on their own citizens, most likely slipping certain tasty tidbits to favored companies (the bastards probably own stock in). It is unconstitutional, immoral, and sadly, completely what most of us expect from our governments these days
I urge everyone to help get the word out about this. We all know people who love to pass things on via email (hi Mom) so tell 'em. Then call and write your representatives. This has to stop.
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
Although the analogy is funny, it is not correct. You will probably never see a criminal wandering into jail, but it is very likely that you are using unprotected communication channels most of the time: fixed or mobile phone, connection to the Internet, etc. If any link between the sender and receiver can be easily tapped, the whole conversation is not private anymore. Do you know which links your phone company is using, and how secure they are? Do you know if they are using buried or aerial cables, microwave links, satellite relays, and so on?
So even if the spies do not have access to the switches of the telecom operators (which are the easiest and best source of information - but would not be unnoticed), they can already gather a lot of information by eavesdropping on a few selected links.
It depends on the purpose of the system. If Echelon (or whatever exists) is designed to identify suspicious communications and analyze them further, then the simple act of using encryption can already put that criminal group on the suspicious list. If some people are known to exchange encrypted messages regularly and none of them are involved in electronic commerce or banking transactions, then the spies could have a closer look at them. Of course this depends on other factors such as the location of the parties, the frequency of these exchanges, and so on...
If you are trying to hide something, then the best thing to do is to act like if you had nothing to hide. So if I were a member of a criminal group, I would try to avoid encryption because it would draw the attention on me (steganography is a different matter, as I explained in another message.)
But a system like Echelon can be built with today's technology and can be used to scan an enormous amount of information. As someone else explained in another thread, even the technology from more than 10 years ago would be sufficient to scan a fair amount of today's communications. Not all communications, but enough for all practical purposes.
Note that I am not sure if such a system is really existing today, and used to the extent described in various articles about Echelon. (And frankly, I don't really care.) But I think that I know enough about computers and telecommunications to be convinced that such a system can be build, and would not even be extremely expensive.
-Raphaël
Yeah, but if we really wanted to fight this kind of spying it would be very easy if people cooperated. Drowning the signal in a sea of noise would be trivial given some basic assistive technology (mailer demons that send and receive randomly generated "noisy" messages designed to trip up spy computers... everyone just starts up the demons and suddenly the whole world communication infrastructure is flooded with decoys)
Your newspaper, senator, congressman doesn't care. The whole reason this is allowed in the first place is that no one cares. Anyone in support of the project in some way benefits from it so they aren't going to stop it. Anyone opposed to it is regarded as a conspiracy theorist and dismissed just as easily. And people who don't care ignorethe conspiracy theorists and usually listen to the supporters because they dislike conspiracy theorists.
Support your local anarchist.
I'm a loner Dottie, a Rebel.
Ooh, ooh, ohh! One more thing:
Except for the several wars the US has waged upon Vietnam, Grenada, Iraq, Yugoslavia and many others. Plus covert or economical battles against El Salvador, Nicaragua, Guatamala and more.
I am talking about global war. While I share the belief I infer you have: war is immoral, I do think there is a very clear difference between every one of these wars you mention and an event like the Second World War.
In Freeman Dyson's fascinating book, Weapons and Hope, he plots an interesting chart of European wars by year and number killed. This chart shows an exponential growth curve until 1945, where it knuckles down dramatically.
I think we got too good at it. The next point on that curve would finish us all. It was only due to the limits of technology and geographic accident that WWII didn't wreck civilization.
While the evil in us lives on, we shifted our conflict to a different level. A level of "low-intensity conflict" (meaning "killing people in the third world") and "cold war" (meaning keeping secrets and stealing secrets). That's what I'm talking about.
You will never, ever, hear me argue that the world is a good place where people act with love, compassion, and integrity. A few do, but I for one am right there with Hamlet:
"I, myself, am indifferent honest, and yet I could accuse me of such things as t'were better my mother had not bore me." (quoted as well as I can remember it). Hamlet and me: Were both dirty, grubby, knuckle-dragging animals. Who wish we were better...
Posted by Thomas Hoad:
:)
One of the main problems would be having the sheer computing power necessary in order to process all those message.
What you really need is some kind of distributed processing effort. They could always do something like save chunks of traffic, and then get unsuspecting computer users to download and process it for you. How? I don't know....maybe tell them they are actually helping the SETI project and are searching for exterrestrial intelligence? Just a thought.
What? Me paranoid?
It seems that the goal of this release was so that the Australians could limit which Australians the UKUSA nations could tap. If they didn't fulfil some special requirements (foreign agent, criminal suspect, etc.) they would have to be "Australian national" rather than the actual name "Crocodile Dundee" :) This will obviously not work, as the story points out. Australia, to my knowledge, is not the biggest member of this league and saying "You can't spy on Australians anymore" is pretty useless. I'm sure America and UK spy on Canada. We spy on everybody, including ourselves, and I doubt the Australian government, which isn't in too much of a position to make demands, is going to be able to convince any of the other countries not to do it.
What this does accomplish is defeating the whole point anyway. When they say outloud, "We're spying on Japanese trade ministers, Pakistani scientists, and North Korean government officials." doesn't this mean that they'll start using encrypted emails or something? I know everyone suspected those were the people they were spying on anyway (though the Japanese economic people was news to me), there was at least some doubt before. This guy went and spoiled it for everybody!
for the uninformed '/.ers' it's nice to see a whole wad of american tax payers money spent on useful stuff like euchelon, spying on *cough*allies*cough*
the saddest part is the DSD agency (in aus, NSA is accountable to us gov) is not held accountable in australia..what a bloody joke!
peterrenshaw ~ Another Scrappy Startup
And FWIW, if you read the news you'll have noted that the NSA has worked with Netscape, Microsoft and Lotus to guarantee exported software can have a "backdoor" built in precisely for economic intelligence spying.
Please don't repeat this myth.
It's public knowledge that US companies can only export 40-bit encryption. Lotus, Netscape, and Microsoft have gotten around this by exporting 64-bit encryption and escrowing 24 bits with the NSA. All of their products are advertised as 40-bit. True 64-bit encryption is of course avaiable for US customers.
--
Business. Numbers. Money. People. Computer World.
Admitting to things such as this is no big deal. The mass public is still too ignorant of what goes on to get what this really means.
F /...
It really means they have something a hell of a lot better already working or right there in the wings. Why do you think the US goverment let us all know about Stealth tech? Because its child play compared to the real secret stuph they have going on now. They give just enough to pacify the mass populace and keep people content.
---
Openstep/NeXTSTEP/Solaris/FreeBSD/Linux/ultrix/OS
--- I do not moderate.
And you thought "M-x spook" was useless...
I think all of this is necessary. Its part of why, despite a world bristling with weapons of terrifying power, we have gone without a global war for over 50 years.
Except for the several wars the US has waged upon Vietnam, Grenada, Iraq, Yugoslavia and many others. Plus covert or economical battles against El Salvador, Nicaragua, Guatamala and more.
So long as you can secure your communications if you really need to, I think you should accept that they watch everything. Heck, I'm glad they watch everything. I just think I should be able to too.
What ever happened to personal privacy? I will not accept that "they" are watching me in my own home. I will not let my children grow up fearful of thinking for themselves, as well as being afraid to voice they're opinions openly.
Most of us have the best defence of all: We're boring.
Your defence against privacy invasion is your dullness? Not only is that silly, but it is likely wrong. At least I'd like to believe I'm not boring. And there are several other intelligent people around me that I think are quite interesting. But I would NOT want to see them ferreted out because of their communications.
"I have a cunning plan..."
let's just /. them. If everyone adds the line
I'm building a bomb to kill the President
to their sig, how long would it be before even the NSA's got overwhelmed?
This sig left unintentionally blank.
Isn't it wonderful looking at how the youngsters rediscover the classic joys of electronic communications on their own!
Look into the Jargon File for details.
Kaa
Kaa
Kaa's Law: In any sufficiently large group of people most are idiots.
In Germany they first came for the Communists and I didn't speak up because I wasn't a communist. Then they came for the Jews, and I didn't speak up because I wasn't a Jew. Then they came for the Trade Unionists, and I didn't speak up because I wasn't a Trade Unionist. Then they came for the Catholics, and I didn't speak up becase I was a Protestant. Then they came for me--and by that time no one was left to speak up.
--Pastor Martin Niemoller, 1892-1984
I love my computer -- You make me feel alright (Bad Religion)
BTW, a bunch of useful Steganography info can be found at:
http://www.jjtc.com/Steganography/
A (probably incomplete) list of steganography software packages for various OSs can be found at:
http://members.iquest.net/~mrm il/stego/software.html
Instead of mailing the image/text/whatever to a specific recipent, you could use a less trackable (for both sender and reciever) way of distributing it. Putting it up on somewhere that offers free anonymous web space would be good; posting to one of the alt.binaries.* would work too. Then anyone could grab it at their whim and easily hide their identity thru various anonymizers, internet coffee shop, library, etc.
As for the matter of privacy: Given enough time and resources there is a pretty good chance a professional investigator can find out anything they like about you or your activities.
In this day and age privacy is a myth.
We leave information about ourseleves everywhere. In the 80's the world was astounded when kids going by names like Phiber Optik could find out their intimate details.
10 to 15 years later, when the world has become much more connected, and when the President of the USA can be impeached because an internet journalist didn't need an editor to approve his story, when the company owned by the richest man in the world can be sued because of emails written 10 years ago, you cannot tell me real privacy exists. That our information is more secure from those who want to get at it.
Every day people are paid to find out things about others. Corporations, individuals, governments, marketing companies and crime syndicates all have reasons for collecting information on people. IMHO, it is wishful thinking to believe that anything disclosed to anyone else is safe from prying eyes.
Echelon may exist. It probably doesn't for very sound technical reasons. But if the technology did exist - do you think it wouldn't be used?
my blog: good times, man, good times
Posted by FascDot Killed My Previous Use:
There are nearly insurmountable problems in performing this kind of spying.
1) Collection: The various agencies involved would have to have their fingers in many many pies to cover all the ways people could communicate with each other. Phone lines (voice and data), banks, radio, cells, satellites, etc, etc, etc.
2) Bandwidth: All this data then has to be A) processed immediately and/or B) stored. Let's do some back of the envelope calculations for a second. 100 million computers (leaving aside phones, etc) connected at an average of 10 Mb/s (dialup vs T1--hey this is an envelope calc) is 1 billion Mb/s = 1 million Gb/s = 1000 Tb/s = 1 Eb/s.
3) Secrecy: They've been doing for 50 years without a hitch? When they'd obviously need an army of techs/programmers/spooks? Not to mention all the accomplices necessary (phone companies, computer/software makers, etc)?
Number 3 has some additional points: If this conspiracy is so vast, evil and secret, how come Joe Blow from Australia was allowed to blow the whistle?
I don't doubt there is SOME "domestic intelligence" going on, especially on the Internet. But every single message? No fscking way.
--
"Please remember that how you say something is often more important than what you say." - Rob Malda
Don't trust the security of your phone!
Thanks
Bruce
Bruce Perens.
Y'know, one really shouldn't get one's shorts in a bundle over this. This has been going on ever since the second world war. My father was a grunt technician non-com in the US Army Security Agency when he served in the Army. He couldn't tell me anything really about what they did, saw, or read but he assured me that the "powers that be" were well up on who was saying what to whom all over the world and this was in the 1950s.
What I think FDH Americans (FDH -- Fat, Dumb, and Happy) fail to realize is that national givernments all over the world do this routinely. Spying on one another is a stabilizing factor in international relations. What would have happened between Pakistan and India if India wondered if Pakistan had nuclear weapons? The first-strike temptation might well have become overwhelming.
The process of discovering, keeping, and disclosing secrets is the shadowy part of international politics and diplomacy.
I also know that even back in the 1950's various security agencies (including the domestic FBI) have had broadband recording equipment and they systematically record vast swaths of the RF spectrum for later analysis. Heck, the FCC has vans that do this with the not altogether inimical objective of finding and eliminating what radio amateurs call QRM, man-made radio interference.
In your own neighborhood, I'd be willing to bet, there is at least one person who comes to the window every time there's a loud noise in the street. We love to snoop.
If you want paranoia, consider that intelligence services have to consider whether intercepts are planted to ferret out information sources! The people who work on these things will sometimes weigh the importance of information against the importance of assets in place and might choose NOT to use an intercept.
Consider also that they can figure out a lot just from seeing the number, freqency, and endpoints of indecipherable communications. You can glean information from the pattern of messages, even if you can't read the messages.
I think all of this is necessary. Its part of why, despite a world bristling with weapons of terrifying power, we have gone without a global war for over 50 years.
My concern comes in when governments have this power exclusively. So long as you and I can watch the watchers, I think things are reasonably safe. If the US government succeeds in forcing Clipper and Skipjack on us, I think we have something to worry about.
I think the second amendment should add crypto to the right to bear arms as a defence against tyranny. I'm not a gun not, nor am I a crypto nut, but I think the right needs to be there just in case.
So long as you can secure your communications if you really need to, I think you should accept that they watch everything. Heck, I'm glad they watch everything. I just think I should be able to too.
Finally, I don't think it matters much what the government does or does not want us to have. Computing power is becoming nearly free (Beowulf), cameras, recorders, microphones are becoming ubiquitous. It will not be long before everything has a net address (your car, your home, your wristwatch) and GPS will know where all of them are all the time.
Privacy will cease to exist. In fact, it largely already has. Now I think we need to make sure that everybody knows everything or else it will just be governments and marketers. There's a world I don't want to live in.
Go to www.gb.nrao.edu and click on "Quiet Zone". I used to work at NRAO (about 50 miles away), although I didn't know the Navy had an Echelon site down the road at the time. They have a van that drives around and tracks down stray emissions like old faulty microwave ovens or ham radio operators. The NRQZ was apparently established in 1958, so this has been around for a while. I don't know if the Echelon site or the radio observatory came first.
Your right to not believe: Americans United for Separation of Church and
If you want some background info on Pine Gap and Alice Springs and the whole UKUSA/SIGINT bit, check out:
The Puzzle Palace : A Report on America's Most Secret Agency, by James Bamford. Its an older book, but you'll learn quite a bit. I actually ended up having a lot more respect for the NSA when I had finished reading the book.
Another book you may want to check out is Pine Gap : Australia and the US Geostationary Signals
Intelligence Satellite Program. It may be harder to find this one. Its ISBN is 0043030025.
You can always look them up on Amazon.com
Here is one URL on Echelon to get you going.
By the way I think its very silly for Australia to openly or honestly admit this stuff in any fashion or form.
All communications should be considered to be broadcasts. If you don't encrypt and carefully protect your key, you must assume you're being listened to.
Bruce
Bruce Perens.
According to the former Canadian agent Mike Frost, it would be ``nave" for Australians to think that the Americans were not exploiting stations like Kojarena for economic intelligence purposes. ``They have been doing it for years," he says. ``Now that the Cold War is over, the focus is towards economic intelligence. Never ever over-exaggerate the power that these organisations have to abuse a system such as Echelon. Don't think it can't happen in Australia. It does.''
Australia sure looks like a bad place to be given the day's news, but this is going to be the game everywhere. Ever read The Invisibles by Grant Morrison?
I'm not sure what is fiction and what is real anymore. This whole article just makes me cynical. And they say that part of the decision to be open about this is to reassure Australians that its domestic spying activity is strictly limited and tightly supervised.
Anyone feel reassured?