NSA Overwhelmed with Information

puppet wrote to us with a CNN article that's currently running. Apparently, the NSA is drowning in information. The agency supposedly has too many targets, too much info and cannot sift through all of it. So, here's to sending out thousands of bogus signals for them to sort through! *grin*

Of course, they would say that...

[WhyteRabbyt]

...wouldn't they.

Just means they need more funding from that nice Mr Clinton person.

Or are they just letting us know that they're not as scary as we think they are so it's all right, we can just forget about them?

White Rabbit

NSA Distributed Client

If they make a distributed client at NSA, we could help them process all that delicious information. I'd love to get my hands on other people's secrets.

Hmmm...

[Christopher+B.+Brown]

This is clear evidence that spook.el works...

terrorist Marxist FSF North Korea security South Africa nuclear DES Semtex KGB FBI Noriega colonel NSA SEAL Team 6 nuclear Ortega PLO supercomputer Treasury terrorist assassination Semtex [Hello to all my fans in domestic surveillance] Serbian fissionable FBI spy arrangements Kennedy Noriega cracking Nazi Ft. Meade Marxist Waco, Texas cryptographic genetic Cocaine jihad

You don't get it!

[komet]

Don't believe this! It's misinformation intended to make us complacent, thinking that the NSA will miss our plans to Ussama bin Laden World Trade Center bomb President Clinton American Embassy Iran missile or what ever... they have plenty of capacity and just released this information to trap the smart guys who can see through their plans, cos THEY'RE the really dangerous ones.. oh. oops.

Information Overload.

[Rob+the+Roadie]

The NSA aren't the only people suffering from information overload. What about Jo Public?

Each day I've got access to around 120 channels of television, 40 radio stations, over 200 trade publications and some 400 hours of music and 230 books that I can choose from each day.

And then there's the internet. Gig upon gig upon gig of data available for my consumption. Perhaps I should start employing people just to absorb and review information for me each day and email me a digest!

Why does the NSA exsist anyways.

[PenguinX]

Here's the problem with the NSA:

What do they do? attrition.org has some interesting ideas, not to mention a few facts. One thing is for certian hey sure spend a lot of money and generate a lot of international bad press.

Who do they protect? Do they protect the people, or the government? If they protect the government and that's it then they are unethical, immoral, and most importantly illegal. This puts the government in a dictatory position over the people. According to the US Constution we are to have a "representative " and "republican" form of government.

Getting back to the money: Echelon, which Australia supposedly says exsists - the EU and China sure hate the NSA - gee that's most of the world. The United States is gaining a lot of enemies because of the NSA - I wonder why... Essentially constutional rights can be usurped if the NSA says it is to "protect national security" or in laymans terms "usurp the governments power over the people". This is utter bullshit.

The US Fed. Government is crap in my opinion. They have alienated the states, and local governments. Tied up the busines owner and tax the hell out of the end person. For instance if my friend Mark was to make 2 thousand dollars more a YEAR he would be pushed into such a high tax bracket that he would _literally_ be paying 43 percent of his income to the IRS alone.

Are we going to let the Government be seperate of the people forever? Career politicians that make deals with commercial lobbists in order to have the funds for their next campaign? Hell everything is so commercialized anymore it's disgusting. The problem here is that the government does not need to make a profit, or spend money on crap programs such as "The study of the flow rate of Catsup" OR the NSA.

But then again, that's my opinion... what's yours?

Re:Why does the NSA exsist anyways.

[Andy+Social]

The following are my opinions, not my employer's.

We exist to protect the United States of America, not any particular government. I happen to think (as an intelligent, skeptical, and cynical person) that we USUALLY do a good job of that. Have you any idea how much of a threat North Korea is? I do. Alas, the requirement to keep secrets from our "enemies" (defined by politicians, since we are merely instruments of policy, not policy-makers), requires that we keep secrets from our own citizens. For that matter, it requires that we keep secrets between individuals and organizations within the intel community itself.

Now, on to my personal opinions. We, as a country, have WAY too much federal government. Look at the original intent of the Constitution, and compare it to the monstrosity we have today. Notice that before 1860, the United States were a plural, and since then, the United States is a singular. Notice the subtle, yet significant, shift in our perceptions as a result of that change. I personally don't believe that we have any reason to spend as much as we do and send our military to as many places as we do. However, as I said before, I am an instrument of policy, not a policy-maker. So, yes sir no sir and away I go.

As far as Echelon and such goes, since it's not my department, nobody will even tell me if it really exists, and I'm working for the NSA. BUT, it seems to be technically possible, and the AU and NZ governments are up in arms about their roles, so it seems to be true. NOW, think for a minute about all the IMPORTANT information that this program should be looking for. (BTW, I think snooping on a public international network is lower than dogshit, but it's not my call) With all the info that the NSA is actually looking for, your personal conversations (esp. the encrypted ones) are pretty safe. The Dictionary system appears to use keyword searches and originating country searches combined. So, unless you're sending messages to China, containing words about nuclear weapons and such, I'd not be remotely concerned.

All that said, read Puzzle Palace for info on the origins of the NSA. Most people on this site have pretty good knowledge of the issues, but since the No Such Agency is so secretive, there is an awful lot of misinformation floating around about it.

The New World Order

[The+Dodger]

The British Empire once stretched across the globe and it wasn't until Hong Kong was handed back to the Chinese that the sun finally set on it. The UK used to be the most powerful nation in the world, but it is no longer, and that realisation was a hard one to swallow. It's only recently that the Brits have begun to lose their superiority complex, characterised, for example, by their reluctance to fully participate in the European Union.

However, they did eventually come to realise that Britain was no longer a global superpower, and the UK is now doing quite well for itself, that-you-very-much. They no longer rely on brute force to achieve what they want. Practically everyone knows the SAS' motto: Who Dares Wins. That typifies the British attitude which resulted in them standing firm against tyrannic regimes such as Nazi Germany and Iraq. Less well know is the Special Boat Squadron, an elite force which draws it's members from the Royal Marines (think of it as the UK equivalent of the SEALs). The SBS motto is: Not by Strength, By Guile. The UK continues to exert immense geopolitical influence by dint of it's diplomatic and intelligence assets, which it utilises in a subtle manner. Lacking the brute strength to effectively bully or intimidate other nations into doing what it wants, the UK uses less obvious, more sneaky methods to achieve it's aims.

So what has this got to do with the NSA? I hear you cry. Well, I think that the United States of America is going to have to face the same reality as the UK had to - that it no longer has the capability to ake problems disappear by simply throwing resources at them. Just as the Web levelled the playing field in terms of business, allowing companies like Amazon to appear overnight, the sociological, technological and economic developments which have occured since the end of the Cold War are levelling the playing field in a much wider range of areas, from economic to military/intelligence.

The NSA doesn't need to get stronger. It needs to get smarter. It needs to understand better how to pursue it's aims, within the big picture of the world at the beginning of the 21st century. If it tries to cling on to it's position, using the old methods, it will get swept away. Only by adapting to the New World Order (for want of a better phrase), can it survive and continue to fulfil it's mission.

Let's face it guys - even though you all bitch about the NSA, Echelon, the CIA, etc., you all know that they do a lot to protect your way of life. There are entire nations for whom 'Death to America!' is a perfectly legitimate political declaration. Fair enough, there are situations where the intelligence community has overstepped it's mark, but do you really think they give a flying f**k about a bunch of Linux-loving, long-haired nerds?

D.
..is for Dangerous.

Re:The New World Order

[rus_r]

I'm not concerned about a government protecting its citizens from legitimate threats, but
I am concerned about that same government with unlimited police powers. When we
permit our political system, either through action or inaction, to become orwellian in scope
we run the risk of becoming victimized by that political system.

Say that we repeal the fourth amendment and end all personal privacy. The government
is given a mandate to eliminate all threats. Who decides what a threat is? The
government. Now notice that most network intrusion attempts come from linux
machines. Perhaps those long-haired nerds aren't so harmless now...perhaps they bear
closer watching. Someone then might get the bright idea that these people..these
anti-social malcontents (they cant even dress right ferchrissakes!) should be removed
from the general population because they pose a potential risk, with their constant
evaluation of network security implementations..
and those cryptology freaks, what are they hiding? What dont they want us to know?

I, for one, don't want to live in a society where I worry what some bureaucrat thinks of
me. I want the freedom to be left alone as I leave others alone. I dont want to consult a
known list of echelon keywords, each guaranteed to trigger interest from unknown
agencies, before I think what to say.

I dont want to hurt anyone. I just want to be me.

PGP

[Brian+Knotts]

M-x spook, and other means of inserting suspicious keywords are nice, but imagine how much more material we could make the NSA chase if even half your outgoing mail was PGP encrypted!

If you don't have GnuPG or PGP, get it now, and start using it!


Interested in XFMail? New XFMail home page.

Critical Mass is a-commin

[Sorklin]

So when do we reach critical mass? As technology improves, and the power to encrypt and maintain your own privacy improves to the astronomical level -- i see one of two things happening.

1. The NSA routes around the problems using the U.S. government. Using new laws forbidding the use of private security and encryption (in the name of something like national security or other constitutional loophole) -- the NSA can then grow and be able to monitor all the informations on the many different channels it now comes around. This is a changing-the-rules to get around the critical mass. May happen. Though our constitution and the nature of the net make it difficult at best (unless we go behind a national firewall like china).

2. Critical mass is reached with no workable route around and the NSA is rendered fairly innefectual. Realizing they can't monitor every channel and can't limit the channels everyone can use, they start doing their real job and specifically targeting that information they need and find the criminals/terrorists that they need to. They won't be extrememly effective, but will more rely on tips or other info (like the police have to).

Perhaps these predictions are a bit simplistic. Okay maybe a bit more than a bit. But I believe that the essential point is critical mass will be reached, and they will either 1. change the rules to push back the critical mass, 2. succumb to it and have to operate like any other agency that isn't given root access to the world.

Re:Always going to happen

[fwr]

Here's a conspiracy theory for you:

Ever wonder about all those massive fiber cuts that have been going on in the past few months? There was that one in New York, then I think one in Ohio or something. Then wasn't there just one in Florida or something. These massive fiber cuts are the perfect opportunity for the NSA or someone else to tap into them. Gotta wonder about that!

Why the NSA is so big...

[trims]

When people look at the leaked numbers supposing to approximate the budget of NSA (last I saw, the estimate was in the $20billion range) and the number of people (maybe 30,000 or so), everyone seems to assume that they're all codebreaking wizards. This is stupid - it's like assuming that the CIA is full of James Bond people. What people seem to forget is what the money actually goes to, and you'll see why the NSA is having problems keeping up with it's mission:

• Huge chunks of the budget go to the development, manufacture, and maintenance of reconisance satellites. While the NRO shares responsibility for operational use and control of many of these satellites, these puppies cost as much as $2billion a pop to MAKE. With the increasing demand by the US Armed Services for realtime battlefield data, the NSA has had to increase the number of satellites it orbits. Last time I looked, we had something like 8 KH-11 (and followon) low-orbit visual sats, at least two dozen radio-intercept sats, at least that many radar sats, and maybe a dozen other types. Figuring that each one costs on the order of $1billion to develop/make/launch/maintain, and you use it for about a decade before it's gone, around $8 billion each year goes to simply running the satelite section of the NSA.
• Vast numbers of NSA employees are working as liasons with other Federal Agencies. CIA, DIA, FBI, DOJ (oh, yeah, them too), and the various Armed Services Intelligence sections all have substantial "NSA" people working with them. This has gotten alot "worse" (from the NSA prospective), since virtually none of the other organizations has the kind of experience the NSA has, and have been calling on the NSA more and more for assistance. Most of the FBI knowledge about hacking, cracking, and sigint has been from the NSA. And they're getting tapped for help from people that 10 years ago they never would have dreamed of being require to talk to: FAA, DOT, FEMA, and even the Dept of Agriculture.
• In the last decade, with the rise of the Internet, the NSA has started to run field operations, something they never had to do before on any real scale. Alot of this is in conjunction with the FBI and law enforcement, but there's involvement with FEMA and even things like the DOE and NRC (Nuclear Regulatory Commission). Alot of these teams are doing security auditing (ala "Sneakers"), but even more are simply helping the department in question set up proper defences and auditing proceedures. Never underestimate the cost (in dollars, people, and beauracracy) of running a real field operations branch.

With all these extra "duties" that people seem to forget about, I doubt that the NSA spends more than $1b on actual codebreaking each year. And, from the people I know that are involved in some of this, I've gleanned something that I think is significant: While I believe that the NSA retains probably a 10-year lead in the mathematics of cryptography, they have now less than 2 years lead in actual hardware Moore's Law has been very hard on the NSA. While they used to be able to count on having not only unheard-of advances in crypto knowledge but much, much faster and more advanced computers, they now no longer have the significantly advanced machinery. Being perhaps only a single interation ahead, rather than 4 or 5, cuts their advantage down by an order of magnitude.

So, you get an organization that faces an explosion of new requirements, heavier demands in it's old field(s), and a decrease in technological advantage over it's opponents, and well, Things Are Not Going Well At The NSA.

Mind you, they're still very sharp, and what they put their mind and resources to, I'm pretty sure will happen; the problem is now, that in order to focus on a problem, they end up neglecting other areas.

Fun, Fun, Fun!

-Erik

Disclaimer: I do not work for the NSA (or, at least, I can't say so...)

Use Steganography!

[Christopher+B.+Brown]

If people post .signatures that contain "spooky" words, or have news header line like X-NSA-Fodder: guns cuba NSA president assassination This represents stuff that is pretty easy to filter out.

The same is true if some people send "terminologically-enhanced email" around in quantity; some analyst is reasonably likely to notice it, and find some way of filtering it to some degree.

What would be more likely to cause consternation would be to have larger quantities of encrypted traffic. If, for instance, CVS and FTP archives started using GPG to encrypt all file transfer information in transit, this would cause more traffic where it may make it hard to tell if it's suspicious or not.

The entertaining option would be to use something like unto stenography...

This would involve taking "raw" messages, compressing and encrypting them using something like Blowfish. And then transforming them into masses of "dangerous terminology," compressing and maybe again encrypting that, and then transmitting this.

Thus, if we start with message "M," we do: % cat M | gzip - | blowfish -e -k "tata, NSA" > N We now have a file, N, that's hopefully small, and reasonably encrypted.

Now, pass it through a transformation where we turn it into a sequence of "dangerous words." The simplest option looks like:

• ASCII 0 maps to "NSA"
• ASCII 1 maps to "President"
• ASCII 3 maps to "Ortega"
• ASCII 4 maps to "Semtex"
• and so forth...

The obvious answer here is to pick the 256 best "dangerous words;" having only 64 would amount to a perverse equivalent to Base64 encoding; having 4000 words makes life more entertaining.

Another alternative would be not to pick words, but rather to pick phrases in some manner from some controversial essays/books, so that we're not merely getting random words, but rather sets of words that go together to appear to be in a vaguely meaningful sequence. Information Retrieval: Algorithms and Data Structures might have something to offer here. The idea is to pick from the ways that words were phrased in some text, so that the results at least vaguely look like something one might write.

You'll then get the original 500 byte message to expand out to something like 50K of "steganography." Fortunately, that 50K will be highly compressible English text. (Unless, of course, you picked some subversive book written in Russian as the "steganographic dictionary," in which case it'll be 50K of highly compressible Russian text.)

Compress again, encrypt into submission, and send that CVS patch over to the GnuCash archives...

A bunch of adults behaving like school boys

[DragonHawk]

I don't mean the NSA, either. I mean a rather vocal portion of the Slashdot readership. :-(

"Hey, let's post Echoelon fodder!" Yes, brilliant. First, it is pretty doubtful that putting random keywords at the bottom of your message traffic is going to fool even a computer. They're looking at where your message is from, where it is to, and what it is about. They really couldn't care less about your posts to comp.os.linux.misc with "plutonium" and "Iraq" at the bottom. Second, even if you did have an effect, all you are going to do is increase my tax bill. Increase the workload, and more people/computer power is needed, which is paid for out of my wallet. And while you're at it, you might actually be reducing the attention a real problem might otherwise get. Yeah, great idea.

Folks: Governments spy on other governments and organizations. If you think this is news, you really need to wake up and smell something. The CIA and NSA and Armed Forces and whoever else are going to go right on spying on other governments, because I can guarantee you, the other governments aren't going to stop spying on us.

Personally, I'm glad we have a reasonably good military and intelligence operation, because it greatly reduces the chances that we'll be speaking Chinese or Russian in the future, or be reduced to radioactive cinders for that matter.

And if you really think the government is out to get you, you should seek the aide of a professional psychiatrist. They can help you overcome your paranoia, and help you realize that the "X-Files" is just a TV show.