Slashdot Mirror
Spies in the Forests
Adam Jenkins writes "More info on the NSA patent has been reported in The Independent.
Specifically they have been lab-testing software that can sift
through calls and e-mails in search of key phrases." Can you say 'Echelon'? Anyone who still harbors any doubts about whether the network could exist should read this.
You have no idea how many people named Jesus are out there committing crimes right now... But probably none the NSA would be interested in.
If a corporation is a personhood, is owning stock slavery?
let's keep as close a watch on these guys as we can, shall we?
Echelon Watch
- Abby Digital -
I think not.
If they were ever to be asked they would simply deny that they're doing it, and if some sort of legal pursuit occurred it would be deflected by the veil of NATIONAL SECURITY.
I saw Phil Zimmerman speak in Syracuse NY many years ago when the US Gov't was still pursuing their investigation of him, and he spoke about the potential collision of technology, and privacy rights.
At that time (1993-ish) Phil mentioned that the NSA had just released some of their speech recognition code into the public domain, and it was several generations ahead of what the best civilian code looked like.
What does this say about the code that they're actually using.
The NSA's motto is to be 5 years ahead of EVERYONE else's technology, and I believe they are.
Bottom line:
The NSA HAS BEEN developing and using speech recognition software for more than 10 years, and will continue to do so regardless of what congress attempts to do to curtail their trampling of people's privacy rights, and regardless of who patents what.
Ignore Alien Orders
Or to keep MS from patenting it. It' the new MS Revolution they're trying to forstall!!!!! (The above post was inspired by Monty Python. Tread Warily.....)
What makes you think that Allah is a word that the NSA would need to listen for? He's the God we believe in. Almost every Muslim mentions his name numerous times throughout the day, and good luck to NSA if they are actually monitoring for any phrase containing his holy name. They will need boatloads of signal processing power.
Get over this, guys. Smart people do not have racial stereotypes and prejudices. Slashdot is all about smart people and free exchange of opinions. The word "Allah" has no more relation to terrorism or anything illegal than, say, "Jesus", or "Jehovah".
I doubt that the poster meant to imply that Muslims are terrorists, just that the NSA might think they are. Such religious stereotyping would not be at all unprecedented for our government. In the 1950s, for example, atheism was strongly associated with communism. Of course, as you correctly point out, filtering conversations for "Allah" would be useless because it would flag most conversations by Muslims.
"I'm going to kill the president with help from my new friends in the terrorist group."
I suspect that if you try this, it'll get noticed the first time and then, after you've been looked at manually and deemed to be un-dangerous, a killfile of sorts will be set to ignore your pet phrases.
That is, of course, assuming nothing strange happens to you in the meantime...
there must be at least half a billion Muslims in the world.
I'd like to see the NSA keep track of them all. hehe...
Dumbass
Looks like one of those John Dvorak Notes and Asides columns.
When I'm singing a ballad and a pair of underwear lands on my head, I hate that. It really kills the mood.
-Tom Jones
Dumbass buttface.
Speech-recognition technology can't do this job even now (1993), and almost certainly won't in this millennium, either.
/. a couple of months ago) to flag specific conversations for analysis and the problem becomes downright simple.
Back in the early 1980s - I don't recall the exact year, call it 1983ish - I played briefly with a speech recognition system one of the profs at Concordia U (where I worked at the time) was developing. It ran on a VAX 11/780 (under VMS), input was via an A/D converter (I used the D/A side of it for sound effects for the game I programmed). It could recognize and parse continuous speech from a random speaker. The catch was that it couldn't do it in realtime, it took about fifteen minutes of processing for about five seconds of speech. Taking out the overhead of printing out all the steps it was taking in the analysis might have shaved a couple of minutes off of that.
But that was fifteen years ago, on a one MIPS machine. Modern machines with some preprocessing of the signal via DSP could do better than realtime. Add in the neural net system that can recognize certain keywords from the background noise even better than humans (mentioned on
Screening text messages by comparison is a piece of cake. A bit more of a challenge is the high volume of binary packets on the net -- most of them probably jpeg fragments from pr0n sites -- but those will have characteristic formats/patterns that distinguish them from, say, encrypted text. (Of course, steganography is becoming popular...)
-- Alastair
They are figuring the cover on the eCheLOn project will be blown open soon, so they will patent everything related to it to prevent everyone else from using it after the technologies are exposed in a Senate investigation. I wouldn't be suprised if patents on technological foils for their systems exist too. (Inaccessable due to "National Security").
penguinicide... when jumping out a window just won't do.
Big dumbass.
what was I thinking ..... all I can say was it was 2am ..... I'd been hacking all nite ....
Yeah right. Reliable British journalism.
You colossal dumbshit.
So, this Echelon scanning system, it relies on boldface text to trigger?
I wish I had a nickel for every time someone said "Information wants to be free".
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
very wishful thinking:
Perhaps NSA knows that a conservative congress will pry open the secrets, and make it all public, and the NSA just wants to protect what it can before the end.
HAW! HAW! HAW!!!
I wish I had a nickel for every time someone said "Information wants to be free".
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
A recent article in the German magazine Der Spiegel detailed how the German NSA-equivalent agency intercepted data traffic originating from Liechtenstein banks, and how this data apparently reveals the big-time money laundering connections of this countrylet. Quite a coup, it seems.
There is no doubt that concern about the increasing invasion of privacy is appropriate, especially when it is unclear which information is intercepted by whom for what purpose. Credit ratings, AIDS, credit card nos. are just the tip of the iceberg.
To put this into perspective, though,
remember that all the electronic sophistication of the NSA and all the president's CIA men failed miserably in predicting, for example, Saddam's invasion of Kuweit in 1990. Similar intelligence failures abound, e.g. the Nairobi/Daressalaam and the Atlanta bombings.
Most telling of all is the case of East Germany, where the Stasi had unlimited powers inside the country, had a spy in every house plus spys spying on spys, had innumerable sleepers and moles in various Western governments -- and yet the state collapsed in a miserable heap anyway, simply because no amount of spying on your own people saves a bad system in the long run.
So, I would not overrate the effectiveness even of a technologically advanced system. Technology is just one of many factors, including the overall state of the economy and the intelligence of the intelligence gatherers.
I will admit, there is a potential for abuse of such a system.
The American Government is based on a system of checks and balances to prevent one branch from gaining too much power. I have yet to realize how an intelligence agency is monitored. I think this might fall under the auspices of the National Security Council. You can't just come right out and say, "I'm Joe Spy. I work for the NSA. I'm spying on the radio signals coming out of the Blahovian Embassy in Washington." In order to supervise the efforts of such an organization, you have to be in the system.
Self-Monitoring has proven easy to circumvent, and is reflective of the current administration of an organization.
Point is, there is no clear, black and white answer to these issues.
I do what the voices on my console tell me to do.
Something to think about:
There is a whole industry based on surveilance, selling technology to the following groups:
Bosses who spy on employees to increase productivity
School Boards who spy on students to keep them safe
Prisons who spy on inmates to keep the dirtbags in
Local law enforcement who want to arrest and convict criminals
I do what the voices on my console tell me to do.
By patenting it, they guarantee themselves exclusive control of the ideas in the patent for the next couple decades. It prevents somebody else from coming up with and using it on their own.
Why would they need to prevent this? I honestly don't know. But it's a thought, at least.
GPL made simple: What was my stuff is now our stuff. If you improve our stuff, please keep it our stuff.
Every day, you are spied on to some extent.
It might be the guy next to you on the bus who does the "Shoulder Shuffle" to see what you're reading.
It might be the receptionist at the office who looks up your personnel file to see what your wife's name is because they met at a party and she can't remember what it was.
It might be the anti-social geek that you picked on in High School who vowed that he would one day get even, so he stalks you and sharpens his knife collection.
Everything you do is being watched. If the government is doing it, that's another thing. Unless you sell all your worldly possessions and hike to the northern wilderness to live in isolation in a log cabin built by yourself out of hand-felled timber, you are in the public eye.
The problem is, technology has progressed to the point that it is relatively easy to spy on anyone else.
Do I feel that I should just sit back and live the life of a naive person while the government violates my privacy? No. I just think that most people are not the targets of intelligence operations.
A major part of risk management is identifying control measures to reduce the bigger risks. If you feel that you might be held accountable for what you say later, get involved in cryptology. Come up with a crypto system for telephone conversations. Rely on your own private system of messenger pigeons.
Computer network security is very similar to electonic eavesdropping in that you do what you can to minimize the holes for exploitation, but you can't get them all. If you want to communicate and exist as a member of society, you have to take risks, and there is a point where safety precautions get ridiculous.
I would just love to live in a world without weapons of mass destruction, armies, and politicians. However, we are stuck in a world with these and more. The National Intelligence community is entrusted with the protection of our national interests. They do a very good job of that. The catch is, where is the dividing line between ethical and unethical? If I am listening to personal phone conversations between US Citizens, that's a pretty wrong (and illegal) thing. However, if one of them starts talking about stockpiling arms and explosives to overthrow the government (not just a hypothesis, look at some of the militia groups out there), then most people would say that I have a duty to report that. It's a very gray issue.
Yes, there is a big potential for abuse of such great power. "Power Corrupts, Absolute Power Corrupts Absolutely." I'm not really sure who watches the Intelligence Community to check for abuses. That's a little scary for me. Hoover was unchecked. However, at the time, he was almost in-line with the popular thought that only criminals would be investigated by the FBI. It was a different time. As a result of these and other abuses, it is now illegal for US Citizens to be monitored. There are loopholes, but not too many.
I do what the voices on my console tell me to do.
>Notice that no wire service THAT is what you are basing yourself on? What? You think that CNN, ABC or BBC give you news? Come on, you cant be that dense! We saw in the Gulf Farce then in the bombing of Yougoslwia how manipulated and manipulative the 'free' media of the world really are. Thank got for the net and the fact that we can go out there looking for the truth. If you expect anything from newswires (oh yeah, theyre reallllllly credible), I hope that the sky in your world is blue as well. zeke
I think you may be missing the point here. Just because the vast majority of us "have nothing to worry about" personally, this doesn't mean that we should not worry about the issue generally. It's very similar to the burning down of rain forrests and 10 million other such areas of concern. Is it sensible that we ignore them just because the effect on us is not personal and immediate?
Snooping by three-letter agencies does indeed seem fairly innocuous (as long as you lay undistinguished and hence unseen among the teeming masses), but what if you have larger ambitions than to live and die unwitnessed? Whatever you do, even if it's totally legal, you're bound to annoy somebody sometime, and it's not beyond the bounds of possibility that the snooped info will pop up to haunt you, because *all* information is for sale to someone at some price. You'll feel different about it then than you do now.
And longer term, what about the Terminator, Matrix, or even Borg scenarios? A system that knows everything about what's going on is a system that can kill you in the end, no matter how benign it is at the start. Don't dismiss it as "just SF". It'll be too late to say "Oops, I was wrong" when it happens.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
Amen!
You think you won the Cold War?... Geez the American government really does tell you nothing.
Wish I had some moderators points to moderate this up.
--
If noone rtfa, then what's the slashdot effect?
You know what you are right. And we are coming to take your countries lunch money. Why you ask, I qoute the great Dennis Leary: "Two words, Nuclear Fuckin' Weapons. We go the bomb"
Get a life, other countries would be doing the same things if they had the same power. At least the US bullies it's own citizens less than say, oh CHINA !! Asshole don't knock it until you have lived here, America is the best and if you think otherwise then why do we have the highest immigration rate of any country in the entire world...I'll make it real easy because everyone wnats to live here.
Has anyone been able to track down further references to this project? I did a brief scout around but didn't turn up anything. The referenced papers would be nice :-)
Which the feds are probably quite interested in doing- identifying all Muslims.
The reason (a partial one, at least) for many other patents is to keep others from patenting the same thing. This is exactly why NSA is doing it too. The catch here is that NSA has a special position with the patent office: the patent doesn't come public until someone else tries to patent the same thing.
As it was stated, this kind of technology is not new, certainly not for NSA. For all we know, the patent may have lain dormant for years - or a decade. Given what we know about Echelon (or rather, the rumors we've heard about it) suggest that it has been around for a long time. And you can rest assured that no matter how sophisticated the technology in the patent may sound, it does not compare to what NSA has now. Because the patent is now public, it means that regarding this particular technology, the rest of the world (well, ok, the US), collectively, is where NSA was years ago.
You BIG BIG dumbass.
Ah, but if i simply add a key sentence somewhere in my email, say,
"I'm going to kill the president with help from my new friends in the terrorist group."
instead of adding a huge list of key-words at the end.. would that throw them off? And if everyone did that? Wouldn't that create quite the ruckus?
'But master, I'm not afraid of the NSA.'
'Oh? You will be. You will be.'
--
rJames.org - illustration
I would call you a dumbass, but you are dumber, even, than that. Dumbshit.
Maybe because nobody in their right mind gives a sack of batshit about UN Conventions?
When I'm singing a ballad and a pair of underwear lands on my head, I hate that. It really kills the mood.
-Tom Jones
Nuff said
Well, i woudn't know much about this, but let me try to get the system to track my ass. We need to sell narcotics to iraq so they can convince pakistan to start a nuclear war because they'll be so drugged up they wouldnt know what they're doing. Also, we need to donate narcotics to china so they will love the president. Then the whole world will be happy and praise Allah and god and we'll all have Pineapple Turnover Cakes and starbucks frappachinos for free. But dont take my word for it, just ask the bomb yourself. We should really consider investing in some C4 Explosives and Cisco Systems because thats my company. Have a good day.
>sack of batshit about UN Conventions?
Doubt it. Its very unlikely that the US is the only country with the political leadership in the "right mind".
UN (as any other democratic institution) works as long as its members permit it to work. On the other hand, if majority of people supports the UN and minority does not it may result in a political isolation of the minority (I mean US).
Ummm, no.
If you're a known member of the Abu Nidal Fan Club, Black September, Islamic Jihaad, Hizbollah... they're going to have a vested interest in monitoring you even if you're ostensibly discussing your favorite laundry detergent.
Only the dead have seen the end of war.
All of us geeks (and nerds) should program our modems and our phones to call each other and constantly say the "key phrases" and set off the buzzers. If we all keep doing this their system will become overloaded. It's the passive DoS attack, since everything is on your own computers on a legal phone service that you are paying for, they can't do anything. You didn't hear it from me, this post never took place.
The first sentence is just an empty tautology that ignores whether or not the UN can ever "work" by either its own or any other definition of the word. Your second assertion assumes the US would not be isolated politically if we went along with the "majority". Even then, who cares if the US is politically isolated in the UN? It is simply a fact that UN conventions are whispy nothings. Little pieces of paper. For example, do you think the Cold-War era Soviet Union ever honored the UN Declaration on Human Rights? Did China? More importantly, name a UN resolution or convention that has had some real impact in the policies of a majority, or even a minority, of member nations.
When I'm singing a ballad and a pair of underwear lands on my head, I hate that. It really kills the mood.
-Tom Jones
Hope I'm not bursting anyone's bubble here, but this sort of software existed years ago -- a co-worker of mine worked on some part or another of it. The software was/is capable of sorting through various communications for key phrases, and it did/does so IN CONTEXT.
I am, therefore you think.
Heh heh heh. I wonder if anyone could try to sue the NSA due to "prior art". Then the NSA would have to admit that no, they had prior art that was unpatented, but classified. I mean, how can the government patent anything they want to keep secret? And if you reinvent it and patent it, do you own it? Or would the USPTO be able to tell?
---
pb Reply or e-mail rather than vaguely moderate.
pb Reply or e-mail; don't vaguely moderate.
Folks:
Two years ago reasonable and informed people could (and did) doubt Echelon's existence. But today if you doubt Echelon's existence, then clearly you haven't been paying attention. Duncan Campbell is the man who blew the lid off Echelon, and his report in all of its detailed and independently substantiated glory is available for free on his web page.
The EchelonWatch page by the ACLU is another good source with current news.
Regards,
Zooko
He seemed credible. He described the mundaneness of most of the calls, and how little information content most of them contained. For example:
the above was demenstrating just how hard it would be to filter out the arrangment of words and phrases. As of the time the report was written it only had an average precision of 27%. That sucks for filtering out trillions of e-mails a day. Maybe me dumb.
Encrypting your mail would probably be the first thing that would set it off.
is that a lot of people (here on Slashdot and elsewhere) think that this is not only necessary, but a very good thing. And people wonder how the Nazi's came to power...let me tell you, it wasn't merely because of people's prejudices. It was because they felt that a police state was both necessary and good. I'm really scared.
Ignoring for a minute the exact patent....
I'm a little confused about the consequences of a government agency, which uses the citizens' money, patenting anything. Do the citizens and that country's companies get free licenses then since it was publicly funded? eh? What about the case of a, again, public school holding a patent?
Any ideas?
If I may point /.ers in the right direction. 1. Intelligence (Mil, Pol, Eco, etc) is NOT collected as you seem to think - It is the product of analysis and other processes. Information/Data is collected and some of it is processed. 2. Take only the connected PCs on the Internet even without any form of encryption on transmissions and try to think of the math(s) involved in just intercepting the HTML formated data, excluding graphics, etc and Fermats last theorem begins to look like 4th grade stuff. 3. When it comes to analysis and 'other processes' all the computer processing power available to any organisation you care to mention cannot do pattern recognition like the human brain - not yet anyway - just wait a while! 4. The realy important questions governments ask of their intelligence agencies precludes idle interest in J. Doe - there is just not the time or resources to waste on such trivia (that is trivia to Govt - not to the individual perhaps), unless J Doe is the Deputy Director having an affair with the Second Secretary of embassy 'X'. 5. If J. Doe's personal information (not the one having an affair with the second secretary) is anywhere in a government department can you imagine how difficult it would be to get. It is difficult enough to get information to which citizens are lawfully entitled out of Government. 6. I would suggest, of much greater concern to J. Doe is the profiling and other methods commercial organisations, etc collect on each and everyone of us. That information is not only NOT protected it is actually sold to anyone with the $$s. 7. Perhaps concern should be expressed at the refusal of the Chairman of the FCC to even consider a 'Privacy Statute', which would at least make it a requirement for personal information to be protected from unauthorized access. The question all of us must ask without appropriate legislation is do we trust commercial organisations with our personal details - Real Networks amongst many thousands! 8. Until there is adequate protection of personal information in the USA there will be continuing difficulties with the EU on eCommerce matters and this may be raised at the upcomming WTO meeting. We generally get the governments and laws we deserve?
I agree with you that encryption must be really easy to use before it becomes standard. As mentioned, the way public keys work is that you encrypt something with someone's public key, and then only that person can decrypt it. So even if email software automatically grabbed keys, if clueless users did not have public keys there is no way they could receive encrypted email.
I think the real solution is to add encryption to the underlying mail protocols. This probably won't happen for a while. The idea would be that to have an email address, you must have a public key.
When clueless Joe User signs onto the Internet via his local ISP, he wants an email account. To get his email account, he must enter a passphrase into his computer. This becomes his private key (which he can remember and use anywhere). His computer then computes the corresponding public key, and sends it to his ISP. The ISP then creates his mail account, and sends his address plus public key to the nearest trusted keyserver.
Whenever email is sent, the appropriate keyserver is queried and the email is automatically encrypted. This way encryption is the default, not plain text. Of course this way there are problems with people forgetting their passphrase, etc. This would also rely on the keyserver's accuracy. So someone could put up an insincere keyserver that always responds, "Yes, I know the public key for that address, it is 0xdeadbeef" where 0xdeadbeef is the public key of the owner of the keyserver.
Widespread encryption is inevitable given the way people (and governments) abuse the situation now. I predict that within 3-5 years most computer-savvy people with use PGP or something equivalent for their normal correspondence. Within 8 years encryption will be the default, and it will be harder to send an email without encryption than with encryption.
-Nathan Whitehead
Sounds like the weekly world news to me. Notice that no wire service, or other tech news has picked it up.
~snort~snuffle~root~
Oh that's was a really smart first post. If you don't care about it, at least put some effort into explaining why! Keep the Peace in the Middle East!
Computer networks and e-mail are a god-send for government spy agencies. It's much easier to spy on people if they are exchanging data in clear-text, over public networks. I figure it's only a matter of time before anything and everything we do on the net is tracked and cataloged. Sending sensitive data through unencrypted e-mail is just plain stupid nowadays, even if you aren't worried about the government reading it someone else will.
Every time there is an article mentioning super computers, parallel computers, quantum computers etc. someone has the very smart, original, and funny hey, lets hook up a Beowulf out of these post.
I don't know if the poster(s) think that their comments are funny or intelligent, but either way, please stop, because I doubt anyone else does.
We could all just start sending emails filled with the "keywords" all day long - some spare mail pop boxes lying around and send emails like those in bulk to each other. In fact, one could set up a RC6 to expressively create and send bulk emails to empty spam mail boxes expressively created for the purpose of receiving these emails. It would not take too long until a system like this spy system will be bought to its feet.
On a more serious note, please visit FreeDonation.com - You can donate Food and Medicine for FREE to Save Children. The donation is fully paid by corporate sponsors with the money they would have spent anyway on advertising. There is no charge to you.
Please visit http://www.freedonation.com and save a life for free every day!
What, you mean someone else thought of it before me?
Now I don't mean to talk about nuclear war with anyone, but Iraq may eventually warrant it. Of course, importing narcotics from Cuba would be wrong, but one needs to avoid the government policies trying to prevent illegal action. I suggest we reveal our secrets to the chinese while purchasing arms for a mighty uprising against Democracy.
-
THIS IS PRE-ALPHA PRIVATE RELEASE CODE!!!
DO NOT USE IT UNLESS YOU ARE A DEVELOPER.
ALL IT DOES IS CRASH!
THIS IS PRE-ALPHA PRIVATE RELEASE CODE!!!
DO NOT USE IT UNLESS YOU ARE A DEVELOPER.
ALL IT DOES IS CRAS
I hate to date myself (but I will) but way back when, we got to add lines to feed the line-eater on our posts, and filled them with all sorts of vague (and not so vague) references to selling drugs, bombing buildings, etc. in the belief that there was some computer somewhere snarfing down all our messages.
Now I find out it's true. I am not sure if I should be happy or sad. From The Jargon Dictionary
NSA line eater n. The National Security Agency trawling program sometimes assumed to be reading the net for the U.S. Government's spooks. Most hackers describe it as a mythical beast, but some believe it actually exists, more aren't sure, and many believe in acting as though it exists just in case. Some netters put loaded phrases like `KGB', `Uzi', `nuclear materials', `Palestine', `cocaine', and `assassination' in their sig blocks in a (probably futile) attempt to confuse and overload the creature. The GNU version of EMACS actually has a command that randomly inserts a bunch of insidious anarcho-verbiage into your edited text.
There is a mainstream variant of this myth involving a `Trunk Line Monitor', which supposedly used speech recognition to extract words from telephone trunks. This one was making the rounds in the late 1970s, spread by people who had no idea of then-current technology or the storage, signal-processing, or speech recognition needs of such a project. On the basis of mass-storage costs alone it would have been cheaper to hire 50 high-school students and just let them listen in. Speech-recognition technology can't do this job even now (1993), and almost certainly won't in this millennium, either. The peak of silliness came with a letter to an alternative paper in New Haven, Connecticut, laying out the factoids of this Big Brotherly affair. The letter writer then revealed his actual agenda by offering --- at an amazing low price, just this once, we take VISA and MasterCard --- a scrambler guaranteed to daunt the Trunk Trawler and presumably allowing the would-be Baader-Meinhof gangs of the world to get on with their business.
NSA_LINE.HTML
LongTail SSH Brute Force analysis tool is here!
The NSA (DoD) paper on Semantic Forrests is available at: http://trec.nist.gov/pubs/trec7/papers/nsa-rev.pdf
For example, The Informedia Project at Carnegie Mellon (can't find a working link, but try http://informedia.cs.cmu.edu/) tries to find information about "interesting topics" from a feed of worldwide TV news broadcasts. They have even put a nice voice-command interface on their system, so you can query it by saying things like, "Tell me about last night's Bull's game."
Another example, the WebKB project, also out of Carnegie Mellon, has shown some success in deriving meaningful information by web-crawling -- where the signal:noise ratio is probably even lower than in phone calls.
The NSA could build a pretty good system for this kind of stuff without doing much original research. Developing the technology isn't that questionable. The application is a little spooky, though.
The thing that gets me the most about the whole Echelon thing is the sheer hubris of the NSA and the US Government to take upon themselves the right to invade the whole world's privacy by intercepting telephone calls, faxes, and emails - and still insist that the Right to Free Speech is enshrined in the US Constitution. I suppose what this really means is "You can say whatever you want, but if we don't like it you may disappear".
Luckily for the US they are the biggest and nastiest dog in the junkyard, so other countries in the world cannot afford to complain. Sadly, Might does make right it seems.
"The first time I got drunk, I got married. The second time I bought a chimpanzee, after that I stayed sober" Arian Seid
Hasn't this type of thing already been speculated? GNU Emacs even has a tool to poison this thing. Try running the "-M spook" command, and place the text in your .signature file. -Craig
How many Americans are pro communist?
What individuals or oganizations want to assassinate the President?
What's the answer to the ultimate quesions of life, the universe, and everything?
The answers could be reasonably estimated from logs of phone calls and plaintext internet communications. Obviously, this has advantages for national security, but could easily be abused.
Yes, and that is just what "They" want,
planting disinformation and hoping everything is
being drowned out by a cacaphony of idle packets...
and still unable to make a connection.
What does the public care ?
We got Monday Nite Football and cheap beer.
Information Overload.
The left doesn't know what the right is doin'
HEH,anything for a sixpack and a joint...
A new ride every 2 years and blowing your dough at
the local strip joint.
AOL is so cool , maaan...!
Oh, pokemon is sooo cuuute....
Oh man...
"May I fullfill you a wish?"
"Yes, get out of the sunlight!"
Diogenes
What is the effect of a government, tax financed patent? Can the NSA dictate terms for use of this technology for the next 25 years or so and charge licensing fees? The technology is useful for many information filtering tasks besides Echelon style eavesdropping. The general technique should no more be patented than other software algorithms.
On the privacy thing I have assumed for quite some time now that as technology advances there is no such thing as real privacy. I am afraid we need to get use to that idea and work to insure there will not be ensuing abuse of other rights when almost all details of our lives are semi-public.
I agree with you that a more immediate concern to me is spying done by employers. I know people who have browsed job sites during their lunch hour only to get called into their bosses office to explain why they were doing so. I suppose it is naive to expect any privacy when you are at work, but I find it extremely unsettling.
Scuttlemonkey is a troll
I totally agree. And, if you think about it - they have no interest in patenting their current technology. That should make you realize that they are really much more advanced than this. If they are patenting this, they are releasing it to the world. You can surmise that this is already old hat to them.
Perhaps this should be entered in bugzilla or whatever the bug reporting system for Mozilla is. Although it is extremely unlikely that it would be included with Mozilla (barring US policy changes on crypto export), it would be feasible to implement a general mail plugin filter, that would not have crypto specific hooks, but which would allow such a beast.
Then the main stumbling block would be establishment of a central database of keys that would be publicly accessible. Of course one would have to deal with all those tricky authentification issues.
Definitely a worthy project, perhaps some folks in countries with enlightened crypto laws could work on it.
Scuttlemonkey is a troll
Am I wrong?
If not, and the NSA doesn't need patents to protect its right to use the techgnology, then the question stands (slightly altered): Why does the NSA care about other people patenting their technology?
--
Fuck the system? Nah, you might catch something.
I know that this is completly off topic but that FreeDonations thing is a really good idea. Imagine how much good the /. effect could do with something like that.
There was a Cold War?
Scuttlemonkey is a troll
Even if people aren't in fact generally being surveilled, there is a definite effect when people feel that they could be being surveilled at any time. It has a chilling effect on democracy -- people become afraid to say things that may be controversial or unpopular when it's possible that Big Brother could use those statements against them in some way. When public discourse is stunted like this, democracy suffers.
And what about when the surveillance goes beyond public policy matters and becomes a tool to give force to the prejudices and petty hatreds of the men who control the cameras? J. Edgar Hoover made a career out of using intelligence collected under official auspices to destroy the lives of people he just happened not to like, for whatever reason. Does it have any bearing on the public good whether, for example, Martin Luther King, Jr. cheated on his wife? Hoover thought so. Hoover decided that any black man who talked about freedom for his long-suffering people was a Communist by definition, and spent untold taxpayer dollars spying on King's private life in order to find some silver bullet that he could use against him. And this wasn't an isolated case -- Hoover kept tabs on anyone and everyone who he could use some leverage over. And anyone who dared speak out against this could count on having Hoover's cameras pointed at them next. This gave Hoover great power -- and his power knew no bound, no accountability. Secret government by its nature is un-democratic government.
Your main point seems to be that people should shut up and sit down because they're not important enough for anyone to pay attention to, and even if they were nobody's being dragged away in Black Marias yet. But "security through obscurity" only works when you're willing to forfeit your right to participate in public life, a right which no free man or woman who wishes to make a difference in society should be asked to surrender. And the fact that we have what freedoms we enjoy today springs from the efforts and sacrifices of people who knew that if you wait until the secret police are at your door to protest the loss of your freedom, you've waited too long.
-- Jason A. Lefkowitz
Read my blog.
er ... and what's to stop the NSA program lifting the same PGP key from the key server the same way and decrypting your mail ...... then running it thru the scanner ...... the only difference is THEY WILL KNOW IT REALLY WAS YOU :-)
...in which case the best way to hide really subversive email would be to add a huge list of keywords at the end. Oh, this spying is such a fun game...
Rupert.
CND's website documents an amazing amount of information about Menworth Hill and the NSA base there, including their programs for monitoring satellite-based communications, and their plans for linking their interception capability with spy satellite systems.
Whilst I have no means of verifying the claims, I have talked with a person who claimed to be familiar with Echelon. He didn't go into details (no great surprise, either way), but his description of extremely massive arrays of very fast DSP systems certainly sound a technically feasable approach.
I agree with other posters - Echelon won't be using keywords. If conventional search engines abandoned that approach as useless, you can be sure that the Intelligence community would have reached the same conclusion, eventually. They almost certainly use some kind of basic "expert system", either as an inclusive or exclusive filter.
Menworth Hill alone, of the 5 countries known to be involved, intercepts hundreds, if not thousands, of hours of communications, every day. If the guys there had to sort through spam and false hits, from a basic keyword search, they'd need an army the size of England just to cope.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Well, great. From now on all terrorists add "bombs iraq nuclear assasination" to their .sig's, and nobody notices them.
Yes, I was in no way implying that Muslims are terrorists. I'm just saying that the government probably scans for that word as well because they have religious stereotypes.
FWIW, several years ago I was working at a major U.S. university. There was a guy working in a back room of the building where I worked. I asked him one day what he was doing. He enthusiastically told me about this voice recognition software he was working on, to be used in an online Spanish course. I asked him who was sponsoring the research. He replied, "The CIA". Stuff like Echelon is definitely happenning.
I have worked in government secure areas and I have worked for companies that sold this sort of email sniffing technology to companies who had to guard against insider trading.
I realize most of you are freaking out over the idea that the government could be reading your personal email without your consent, but there ARE commercial applications of this sort of snooping that are a godsend. If you've ever waited on an auditor to clear the release of some boneheadedly trivial email you want to send, you'd probably rather have a computer quickly and anonymously clear your stuff than wait for some person who might be busy to clear it.
Just a thought.
Scrappy
But, why do we care?
Anybody with any secrets probably uses strong crypto. I bet the NSA/CIA guys have more luck just looking for encrypted messages, or people that have used encryption in the past or are listed in places like the PGP directory. Then they have their supercomputers spend their spare time cracking keys of people listed at places like the PGP directory and then monitor those people automatically.
Now this is an interesting discussion.
First, I happen to be one of the people who believes Echelon doesn't exist. This actually helps my case. For instance, most of the "information" I have read on Echelon indicates that the system has been in place for a number of years. The information in the article referenced indicates that the US had an accuracy if 25% in 1998. For conversations that were already transcribed. Filtering through even a large portion of phone conversations is unlikely.
And Email? Take a look at that web site that shows the internet connections. Tell me where they're going to hook into the net to keep track of messages? And keep in mind that there are more connections than those graphs show. Not likely either.
On the other hand, the fact is that we don't really KNOW what these people are doing. If the Gov/NSA decides they want to know all about you, they can do so. This I do not argue. I think that we should definitely know what these people are doing, and we should definitely be putting limits on their power.
>>>>>>>>>> Kvort
-Don't mind me, I'm personality-deficient and mentally-impaired.
Hard to tell from the brief precis in Wired, but it looks like Dragon Systems has come out with speech-grepping software on the open market (demoed at Comdex).
Of course, hooking your laptop up to a radio scanner modified to get the wireless-phone channels and using this software to look for keywords related to, say, Congressional graft, as you stroll through downtown Washington at lunchtime, would be totally illegal. I certainly don't advocate any such thing; it would be wrong.
Might goose the folks putting barriers in the path of widespread crypto adoption, though. And maybe cast the Justice Department's calls for expanded wiretapping powers-- "because technology is eroding away our ability to lawfully intercept communications" -- in a slightly more skeptical light.
I'm a little confused why No Such Agency would even bother with patenting things. They're not for profit, so they obviously have no vested interest in protecting intellectual property. Furthermore, they've only screwed the pooch more; as soon an Barr and his cronies get ahold of this it'll just add fuel to the fire for congressional hearings on Echelon. As far as I can tell, all they've done is inform the public more as to what they're doing.
--
"Some people say that I proved if you get a C average, you can end up being successful in life."
I think there is a world market for maybe five personal web logs.
I know the federal government can't copyright any of its work (though federal contractors can). Why can they patent things? This works out to being a tax passed by the executive branch, right?
Can we be sure that the DoD and NSA are really working together on these issues? Perhaps there is a bit of competition going on within the American government here.
After all, we were all wondering why the NSA would effectively comfirm that this is what they were doing by taking out that patent. But if they saw that the DoD were working on technology like it, they may have felt that that was reason enough to get a patent.
It also seems to make sense, in light of the cludged up nature of governments that makes it very hard to believe that they are keeping anything really secret. Thank god for profit motives huh
-
We cannot reason ourselves out of our basic irrationality. All we can do is learn the art of being irrational in a reasonable way.
What makes you think that Allah is a word that the NSA would need to listen for? He's the God we believe in. Almost every Muslim mentions his name numerous times throughout the day, and good luck to NSA if they are actually monitoring for any phrase containing his holy name. They will need boatloads of signal processing power.
Get over this, guys. Smart people do not have racial stereotypes and prejudices. Slashdot is all about smart people and free exchange of opinions. The word "Allah" has no more relation to terrorism or anything illegal than, say, "Jesus", or "Jehovah".
--
BluetoothCentral.com
A site for everything Bluetooth. Coming in January 2000.
Zigbee Central: A Zigbee weblog
I've already seen several posts implying that you can fool NSA technology by simply including key phrases in your documents. Thus the "spook" command in emacs, etc.
But NSA technology is far more sophisticated than this. In fact, if you've used a variety of search engines, you've seen such such technology in use. The better search engines do a good job of rejecting key-phrase laden documents and returning only good hits.
Of course, eveybody who's used a search engine and gotten some bogus site hit knows that the technology is far from perfect. But remember, the NSA has been throwing millions of dollars at the problem basically since computers existed. They're likely to be well ahead of current search engine technology.
In other words, you can continue to use spook-mode in emacs (I do, it's fun), but you should be aware that it's probably not fooling anybody. The private sector already has technology that can eliminate that sort of spoofing, and the military is probably years ahead of the game. Trust No One.
The Independent is a very high quality UK broadsheet paper; it's about as credible as any mainstream news source can be. What's more, *all* the people cited in the article know what they're talking about: people like (from memory) Brian Gladman, Julian Assange, Caspar Bowden, and Bruce Schneier.
I think this article is a pretty impressive bit of cluefulness.
--
Xenu loves you!
I think you misunderstand the purpose of the keys available on keyservers.
Only public keys are stored on keyservers, and they're used by a message sender to encrypt messages destinated for the corresponding recipients who are the only people that can decrypt them because they alone hold the corresponding private keys. The NSA can't get the private keys from the keyservers because they aren't there.
Recipients of incoming messages don't grab public keys from keyservers in order to decrypt the messages, but only to authenticate their signatures. For message signing, keys are used in reverse, ie. the sender signs his message with his private key and then recipients can check that it really came from him with the help of his public key.
Needless to say, even a non-clueful user has to generate his own keypair and place his public key on a default keyserver, but that operation can be completely hidden from him by being done at the time his email system is installed, configured, or just run for the first time. Sensible crypto users go to great lengths to select a good and long passphrase to protect their private key, but this is not necessary if the only goal is to defeat the snoops: the passphrase can be left completely empty by default, so the mailreader can decrypt incoming mail (which has been encrypted by the senders using the recipient's public key obtained from a keyserver) without bothering the user with a request for a passphrase. [Not ideal of course, but at least it would make the operation transparent.]
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
A few random ideas... Consider this my "wishlist":
If most of these points are actually implemented, we may be protected from Echelon, depending on the sophistication of the cracking techniques of the NSA. What you write in a forum like
On a side note: "The Independent" is a very well-known and accurate newspaper in the UK. You can have a fair amount of trust in this paper -- it's not called "The Independent" for nothing.
Of course this opinion is worth exactly what you paid for it... =)
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
There is no need for a central database of keys, nor indeed for a new database of any sort. The PGP "database" is an already existing widely implemented distributed repository of public PGP keys which is well supported worldwide.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
The NSA, KGB, GCHQ and other intelligence agencies have been doing this for decades. They are not going to stop just because some people have the illusion that their email and conversations are private.
European countries have been intercepting and reading paper mail in "black chambers" for hundreds of years.
Mea navis aericumbens anguillis abundat
start kite flying...
..one reason COULD be that there is a lot of interest in this field due to the increase in a desire to replace manned call centres with software, so key phrase recognition would be a neat trick. Software designed using this could help callers by recognising what they were talking about and acting accordingly
..end kite flying
Donte Alistair Anderson Roberts - hi son!
Karma: Chameleon
Another site with the same idea is The Hunger Site
Visit and save a life!
A little planning goes a long way...
I am just amazed at the responses here on /. about any news related to the NSA. I am clinically paranoid, and you all exceed even my exploits.
I will admit, though, it does sound like a blatant disregard for my personal privacy, so I'm going to attack the government back.
It never fails that there is a score of posts containing supposedly keywords that would set of the "Echelon" buzzers deep inside some bunker in the DC area. Then, thugs come and raid your house while you sleep and drag you away hancuffed, naked, and screaming to their torture chambers, where you are given a showtrial and then sentenced to 8 years in a work camp in the frozen north.
Wake up, people.
As anybody with a rational mind can tell you. most people (99.99999%) have nothing to worry about. Just because someone can collect information on just about anything they want to (try it sometime--even use whois and a couple of internet search engines to see what you can come up with about yourself) doesn't mean that they will.
Just about anybody who has experience in the intelligence field or law enforcement can tell you that true, valuable intelligence (or investigation, if you prefer) is the result of long-term collection and analysis. Just scanning traffic for keywords will not work. Pull up your favorite search engine and do a search for bomb. How many results do you get?
If you want to collect intelligence, you need to set a specific goal or target. Usually, this is influenced by political means. It's just like a police investigation. In one very well-documanted book ("Inside the Aquarium") about Soviet intelligence collection, Victor Suvorov (former Spetznaz and GRU Major who defected to the west) talked about picking an area such as the US 7th Fleet in the Mediterranean. They focused on the question, "When and where are the major deployments of the Carrier Battle Groups?" Then, you identify the means to collect on that target. In our case, the spies ran a hotel in a major port town that served as a homebase for several fleet ships. They didn't just walk around town asking people for information, which is fairly comparable to scanning IP packets.
In order for intelligence to be valuable, it has to be correct, timely, and actually useful to the guys who need it. It takes a concerted effort between many different organizations to accomplish this. Just because you "intercepted" an email containing a few keywords, that does not constitute an intelligence lead. Basically, it is as reliable as a rumor that you overheard in a seedy bar downtown. No police investigator would bet his reputation on such a piece of information.
All the so-called 'experts" on Echelon are just speculating. They are conducting a very weak intelligence collection operation on the NSA. Alot of information is easily available, such as purchase contracts with suppliers. So, they collect all this information and then make a good guess. That's all it is. Unless you've been in the bunkers and fences, you have no idea what goes on inside.
As far as invasion of privacy, yes, some intelligence agencies are more invasive in their techniques than other ones. Ever since they got their buttocks burned several decades ago (Vietnam and Mccarthy Eras), they have had to seriously rethink their policy concerning this. I think, just like the police, trying to conduct operations in as unintrusive means as possible is basically the policy. Honestly, I'm more worried about my boss tracking my keystrokes to find out if I'm jerking off at work, or my system administrator forking my mail through a buzzword filter to report me to my boss, and the adolescent who lives in the high-rise next to me who was given a 100x telescope for his birthday.
In short, just because the NSA, FBI, CIA, and others can spy on you doesn't mean that they will, or that they even want to.
I do what the voices on my console tell me to do.
Of course it exists. And it wins the cold war and catches terrorists to boot, so don't knock it. Sheesh.
This topic has to do with crypto which has to do with maths so here I go:-
/dev/null.
You have 5 distinct CS books, 3 distinct math books and 2 distinct art books.
Q: How many ARRANGEMENTS if art books are NOT together?
My thinking:
Total arrangements 10!
Arrangements with art books together: 9!2!
Hence arrangements not together == 10! - 9!2!
== 2903040
Is this right? I know its damn easy but my brain isn't working now.
Maybe I should just write a bash script to enumerate all the possibilities. I bet someone could do it in a one liner. Too sleepy though.
All flames to
Although the answer to electronic snooping is clearly encryption, anti-snooping and pro-privacy campaigners regularly bemoan the fact that encrypting one's email never really took off as the normal thing to do, despite a plethora of PGP wrappers.
I think the reason for that is pretty clear, and consequently the solution is as well: the major mailreaders needs to automatically retrieve PGP keys from default keyservers and automatically decrypt incoming mail *by default* for electronic envelopes to catch on in any significant way. [This is even more important than encrypting outgoing mail.] If there is any manual configuration involved, or any hassle whatsoever, or (shock horror!) any knowledge required, then it just won't happen. Clued up computer users simply aren't around in sufficient numbers to form a critical mass in the email world. For encrypted email to take off, Joe Bloggs has to be part of the revolution, without even being aware of it. [Just like he sends WINMAIL.DAT attachments everywhere without being aware of it.]
I guess this means that until Netscape and Microsoft implement the above in their respective products, nothing of any statistical significance will happen in this area.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra