Page 4 of 8 FirstFirst ... 23456 ... LastLast
Results 61 to 80 of 147

Thread: Intelligence post-Snowden: a debate

  1. #61
    Council Member
    Join Date
    Jul 2007
    Posts
    204

    Default

    One POV on where this could end up going:

    "Not having encryption on the web today is a matter of life and death," is how one member of the Internet Engineering Task Force - IETF (the so-called architects of the web) described the current situation. As the FT reports, the IETF have started to fight back against US and UK snooping programs by drawing up an ambitious plan to defend traffic over the world wide web against mass surveillance. The proposal is a system in which all communication between websites and browsers would be shielded by encryption. While the plan is at an early stage, it has the potential to transform a large part of the internet and make it more difficult for governments, companies and criminals to eavesdrop on people as they browse the web.
    Link to Full Article

    This whole story has some eerie parallels to the Napster/Shawn Fanning story back in 1999 thru 2002. Link to Story

    Back then, file sharing technology over the Internet came of age and Napster was the headlines pushing it. Well, a bunch of established media found their business model(s) were being destroyed, so they used the old tried-and-true method of using legal action to save their business model(s) - by crushing the new technology (file sharing, in this particular case).

    Which was successful - temporarily. But what really happened is all those software wizards out there got busy and created far more advanced file sharing technology, which didn't require centralized file servers (like Napster), but instead went to true peer-to-peer file sharing. Which led to P2P filesharing example such as Gnutella, Freenet and many others. Which led to bit torrent, and the likes of Kim DotCom, and Tor, and BitCoin, etc., etc.

    So, now we're likely going to start down the same path with the NSA spying on us and all our Internet based activities. What's the NSA going to do if even 10% of all the Internet traffic becomes encrypted? Take over the entire State of Utah to build more and greater data centers?

    It's going to be the "Techies vrs. The Suits" all over again, only this will be Part II. And the Techies are going to beat those folks like a rented mule.

  2. #62
    Council Member
    Join Date
    Jul 2007
    Posts
    204

    Default

    Originally posted by Firn:
    Ironically I seen now a google-delivered ad praising wireless IP surveillance cameras. Clearly the algorithms are doing their work, sadly I guess privacy and data protection isn't quite as easy to buy.
    Actually, the Techie community is already working on add-ons to existing web browsers to work their way around much of the tracking of a user's browsing habits. It's just a matter of time until they are also able to start to mask user metadata. And Internet traffic encryption will be a giant step.

    It's going to take a while, but this whole 'NSA spying on US citizens' has struck home, and there's lots of folks who are not buying into what they are selling, and to put it bluntly, the techie community thinks they are seeing 'opportunity' in privacy. Might just turn out to be 'the next big thing' in technology.

  3. #63
    Council Member
    Join Date
    May 2008
    Posts
    4,021

    Default I've avoided Snowden and the Guardian -

    frankly, because I saw and see him as something of a Phillip Agee (complete with an FSB-Putin Kabuki playlet) - but did this actually happen ?:

    from the "left wing prats" article

    A few weeks ago, a British national newspaper was visited by a detachment of national security agents who demanded that its computers and hard drives be destroyed. The security men then stood over its staff while they smashed their equipment to pieces.
    without a court order, warrant, etc. Surely, there must be more to the story ?

    Regards

    Mike

  4. #64
    Council Member
    Join Date
    Jul 2007
    Posts
    204

    Default

    I tend to avoid The Guardian, purely on principle. But here's the links:

    Link to the story on TechDirt

    Yeah, there's apparently something to the story.

    It seems like the actions of both the UK and US governments are going out of their way to make a hero of Edward Snowden.

  5. #65
    Council Member
    Join Date
    May 2008
    Posts
    4,021

    Default Based on What the "Conservative" UKG did ...

    Nixon and Kissenger would have been better off to have sent the "Plumbers" into the New York Times and Washington Post with sledge hammers and blow torches.

    So, the logic is that copies of top secret classified documents that the Supreme Court (in NYT v US) said it couldn't order returned to the government, could simply have been destroyed in place by the government. One must admit that logic has the virtue of simplicity; and avoids the costs and pitfalls of litigation. Amazing.

    WITM: Thank you for the links.

    Regards

    Mike

  6. #66
    Council Member
    Join Date
    Jul 2007
    Posts
    204

    Default It's just unending.....

    1,000 Sys Admins Can Copy Any NSA Document Without Anyone Knowing About It; Think Only Snowden Did?
    from the perfect-audits? dept

    Following on our earlier story about how Ed Snowden covered his tracks -- showing that the NSA's vaunted "auditability" of its systems is a complete joke -- comes the news that there are approximately one thousand sys admins with Snowden's authority, who can basically go through any document without any trace. Even more incredible: they can "appear as" anyone else when doing things on the system. In other words if a sys admin wanted to frame an NSA analyst, it sounds like that would be quite easy.
    These people are hopeless....

    So, it's 'supposedly' only 35 'analysts', but, oops, we 'forgot' the 1,000++ System Admins, oh, and btw, they can all go poking around the different spying systems masquerading as somebody else, but not to worry, we're placing an extreme emphasis on "accountability", just as soon as we figure out what the word really means. But it will be 'real soon now'.

    IMO, if builders built houses the way NSA does data security, then the first woodpecker to come around would destroy civilization.

  7. #67
    Council Member
    Join Date
    Jul 2007
    Posts
    204

    Default This entire NSA story is a giant gift to the Tech Community....

    Talking to some folks today, and this entire NSA story is turning into a giant gift to the Tech Community. Whenever there's a screwup (regardless of fault), the new 'first line of defense' against the 'suits' (upper level management) is "Well, if you think this is bad, then you ought to see how the NSA handles it".

    The NSA is fast becoming the new laughingstock of the Tech Community.

    There's even people out there who are starting to look at this entire NSA rolling train wreck as being perfect for creating a series of case studies on how not to do technology.

  8. #68
    Council Member davidbfpo's Avatar
    Join Date
    Mar 2006
    Location
    UK
    Posts
    13,356

    Default

    I know James Bamford, the author of three books on the NSA, has his critics today; caveat aside now.

    This short article is interesting IMHO. In particular the criminal investigation mounted by the DoJ into the NSA, way-back in 1975 :http://blogs.reuters.com/great-debat...ept-oversight/
    davidbfpo

  9. #69
    Council Member
    Join Date
    Jul 2007
    Posts
    204

    Default Time To Go To Court....

    DOJ Tells Court To Toss Lawsuit Over NSA Spying Because 'It's Just Metadata'; Professor Ed Felten Then Explains Why They're Wrong

    from the take-a-lesson dept

    The ACLU's lawsuit over the NSA's program collecting all phone call information under Section 215 of the Patriot Act is just one of many lawsuits over the recently revealed details of the NSA's surveillance activities, but it's definitely one of the key ones to watch. This week there were a flurry of filings in the case from both sides, many of which are embedded below, including the ACLU's initial motion for a preliminary injunction to get the government to cease the data collection, and various declarations in support of that. There's also the US government's motion to dismiss. The argument from the government is, more or less, that even if it does collect the data on private phone calls to and from the ACLU, without proof that anyone ever looked at that data, there's no standing. Furthermore, it pulls out the old "it's just metadata" so there's no privacy violations there.
    Link to Article

    Just as an observation, there's a cumulative effect (politically) to all of this, and it's not just the NSA spying on American citizens. It's Syria, ACA, etc. You are likely to see more and more congresscritters moving away from these stands, and 'movement' is going to go across party lines. POTUS may end up not being all that unhappy if Section 215 of the Patriot Act gets severely restricted, or even tossed. That would be at least one issue off the plate.

  10. #70
    Council Member davidbfpo's Avatar
    Join Date
    Mar 2006
    Location
    UK
    Posts
    13,356

    Default AT&T pay & play their part too

    Sometimes as I read stories like this my admiration for the USA increases. A West Coast activist lodging public information requests discovers Hemisphere, a project between AT&T and the DEA, plus local LE, which has not been in the public domain since creation in 2007. Just as 'Big Brother' becomes a public issue. See:http://www.nytimes.com/2013/09/02/us...pagewanted=all

    Leaving aside 'Hemisphere' I do wonder why AT&T keep, with my emphasis:
    Hemisphere covers every call that passes through an AT&T switch — not just those made by AT&T customers — and includes calls dating back 26 years, according to Hemisphere training slides bearing the logo of the White House Office of National Drug Control Policy. Some four billion call records are added to the database every day, the slides say; technical specialists say a single call may generate more than one record. Unlike the N.S.A. data, the Hemisphere data includes information on the locations of callers.
    Local LE do pay though, quite a lot too:
    AT&T in the amount of $373,795 sole source for Operation Hemisphere investigative services for the Sheriff’s Department for the period ending June 30, 2013.
    Link:http://www.harriscountytx.gov/agenda...3-01-29 ag.pdf
    davidbfpo

  11. #71
    Council Member
    Join Date
    Jul 2007
    Posts
    204

    Default Now This.....

    NSA & GCHQ Covertly Took Over Security Standards, Recruited Telco Employees To Insert Backdoors
    from the not-so-secure dept

    And the latest report on the Ed Snowden leak documents has come out and it's yet another big one: the NSA and GCHQ have basically gotten backdoors into various key security offerings used online, in part by controlling the standards efforts, and in part by sometimes covertly introducing security vulnerabilities into various products. They haven't "cracked" encryption standards, but rather just found a different way in. The full report is worth reading, but a few key points are worth highlighting.

    First, the NSA spends $250 million per year to "covertly" influence tech product designs. The report suggest two ways this is happening. First by infiltrating standards-bodies:

    Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document. It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006.

    "Eventually, NSA became the sole editor," the document states.
    Now they're trying to place 'operatives' in positions of influence inside technical development efforts.

    Where does it stop with the folks? Now they are going about 'impairing' standards and technology development efforts so they can continue their spying on the American public. And then all these clueless types within D.C. wonder why we're losing foreign business opportunities.

  12. #72
    Council Member wm's Avatar
    Join Date
    Dec 2006
    Location
    On the Lunatic Fringe
    Posts
    1,237

    Default

    Quote Originally Posted by Watcher In The Middle View Post
    Now they're trying to place 'operatives' in positions of influence inside technical development efforts.

    Where does it stop with the folks? Now they are going about 'impairing' standards and technology development efforts so they can continue their spying on the American public. And then all these clueless types within D.C. wonder why we're losing foreign business opportunities.


    What's the fuss--the NSA is just providing you with a disaster recovery service for free.
    Vir prudens non contra ventum mingit
    The greatest educational dogma is also its greatest fallacy: the belief that what must be learned can necessarily be taught. — Sydney J. Harris

  13. #73
    Council Member
    Join Date
    Jul 2007
    Posts
    204

    Default Yeah. Except for:

    1) They (NSA) won't acknowledge any of it.
    2) They won't tell us what information on us that they have.
    3) No file layouts/data dictionary of the data as retained (IF exists), so who knows what one is getting.
    4) And Lord only knows what they would charge us in addition for such 'free' backup service. Being that this is Dilbert, it's probably NSA customer service provided via contract with 'The Bank of Ethel'

    NSA 'Customer Service' Guidelines

  14. #74
    Council Member
    Join Date
    May 2008
    Posts
    4,021

    Default Next Round of EFF FOIA Documents

    Lawfare, More NSA Surveillance Documents Declassified (by Wells Bennett, September 10, 2013):

    Like its predecessor, this latest cache apparently was released in connection with a Freedom of Information Act lawsuit brought by the Electronic Frontier Foundation. And, like its predecessor, this latest cache stands to tell a complicated and important story, which we hope to unpack in the next few days.

    Below you’ll find the the documents, which evidently concern activities conducted pursuant to Section 215 of the USA Patriot Act. We’re told that, in all, the documents amount to about 1,800 pages. Each document is linked separately. ....
    These are FISA Court filings and opinions.

    Regards

    Mike

  15. #75
    Council Member
    Join Date
    May 2008
    Posts
    4,021

    Default Lawfare on the latest ducument dump

    Lawfare is running a series on the FOIA disclosures made to EFF. Each of Lawfare's posts are by different people - there is no "party line". I'll simply provide the links and the first paragraph of each post.

    The Latest NSA Documents I: Introduction (by Benjamin Wittes, September 11, 2013)

    The latest cache of NSA documents—a group released yesterday related to errors in collection under Section 215—follows the same basic narrative pattern as the agency’s earlier release concerning implementation of Section 702. That is, it tells the story of a significant set of errors by NSA that caused factual misrepresentations to the FISA court. It tells the story of the court’s response both to the errors themselves and to the government’s reporting failures. And it tells the story of the government’s efforts over a protracted period of time to correct the failures and prevent them from happening again. ...
    Latest NSA Documents II: The Crap Hits the Fan (by Benjamin Wittes, Lauren Bateman and Matt Danzer, September 11, 2013):

    The story starts in May 2006, when the FISA Court granted the FBI’s application for telecommunications companies to turn over certain “tangible things” to the NSA under Section 215. The “tangible things,” in this case, consisted of the much-ballyhooed telephony metadata—the time and duration of each telephone call, the originating and terminating telephone numbers, and the type of device on which the call was made. Judge Malcolm Howard found sufficient evidence to believe that the metadata was relevant to investigations. The order is careful to note, though, that although the government is authorized to collect the information, it must follow minimization procedures set forth by the Attorney General. ....
    The Latest NSA Documents III: The Government Responds (by Jane Chong, September 11, 2013):

    On February 12, 2009, the government submitted a 28-page brief and 93 pages of supporting documentation to the FISC in response to the court’s January 28, 2009 order. The government opens its brief with two clear concessions: “The Government acknowledges that NSA’s descriptions to the Court of the alert list process . . . were inaccurate and that the Business Records Order did not provide the Government with authority to employ the alert list in the manner in which it did.” ...
    The Latest NSA Documents IV: Things Get Worse (by Wells Bennett and Matt Danzer, September 11, 2013):

    The next key date in the metadata saga was February 26, 2009—that is, about a month after the government initially had apprised the court of a violation of the its procedures for querying collected metadata, and fourteen days after the government had elaborated on the difficulties, while humbly claiming that new safeguards might nevertheless ensure obedience to court-imposed rules. Such was the context for the February 26 document, styled a “Notice of Compliance Incident” (“February 26 Filing”)—which confirmed additional errors on the government’s part. ...
    The Latest NSA Documents V: the NSA Investigates Its Metadata Compliance Problems, Takes Remedial Steps, and Reports Back to the FISC (by Raffaela Wakeman and Wells Bennett, September 12, 2013):

    The latest installment in the NSA declassification story comprises five documents. The first is an internal NSA compliance review; the second is a court filing regarding that review. The latter also refers to three sworn statements, two from the NSA director and one from the FBI director. All concern the NSA’s compliance with FISC orders regarding the collection, querying, and dissemination of telephony metadata. ...
    Regards

    Mike

  16. #76
    Council Member
    Join Date
    May 2008
    Posts
    4,021

    Default Lawfare Documents - VI of Series

    Lawfare, Latest NSA Documents VI: Non-Compliance Redux, With More DOJ (by Wells Bennett, September 13, 2013):

    Next came a period of relative calm, and somewhat less wrist-slappy FISC-NSA dynamics. The respite nevertheless was short-lived, judging by the final three documents in this week’s trove of declassified NSA metadata stuff. That said, NSA’s late 2009 discovery of further compliance problems, and its voluntary disclosure of them to the FISC, did not bring about as stern a judicial rebuke as before—though the court certainly expressed irritation at the flubs, and great concern over NSA’s reporting about historical queries of telephony metadata.

    The FISC Restores Unilateral Query Authority to NSA—While Adding Some More Restrictions
    ...
    Two Further Compliance Problems, and a “Deeply Troubled” FISC
    ...
    More on Sharing and Reporting Requirements
    ...
    More FOIA disclosures seem probable - as in this case, partially for and partially against the USG. Lawfare, New FISC Opinion: ACLU Has Standing to Seek 215 Opinions in FISC, Must Pursue Some 215 Opinions in FOIA Litigation; USG to Report on Declassification of Other 215 Opinions (by Wells Bennett, September 13, 2013):

    That is the gist of this unclassified FISC opinion, penned by U.S. District Judge F. Dennis Saylor IV, today. It resolves a motion, which was brought by the ACLU’s national and Washington, D.C. branches and the Media Freedom and Information Access Clinic (“MFIAC”), and sought release of certain FISC opinions construing Section 215.
    ...
    Regards

    Mike

  17. #77
    Council Member
    Join Date
    May 2008
    Posts
    4,021

    Default NSA Analysis of the Metadata

    N.S.A. Gathers Data on Social Connections of U.S. Citizens (by JAMES RISEN and LAURA POITRAS, September 28, 2013):

    WASHINGTON — Since 2010, the National Security Agency has been exploiting its huge collections of data to create sophisticated graphs of some Americans’ social connections that can identify their associates, their locations at certain times, their traveling companions and other personal information, according to newly disclosed documents and interviews with officials.
    ...
    The policy shift was intended to help the agency “discover and track” connections between intelligence targets overseas and people in the United States, according to an N.S.A. memorandum from January 2011. The agency was authorized to conduct “large-scale graph analysis on very large sets of communications metadata without having to check foreignness” of every e-mail address, phone number or other identifier, the document said. Because of concerns about infringing on the privacy of American citizens, the computer analysis of such data had previously been permitted only for foreigners.

    The agency can augment the communications data with material from public, commercial and other sources, including bank codes, insurance information, Facebook profiles, passenger manifests, voter registration rolls and GPS location information, as well as property records and unspecified tax data, according to the documents. They do not indicate any restrictions on the use of such “enrichment” data, and several former senior Obama administration officials said the agency drew on it for both Americans and foreigners.
    ...
    The legal underpinning of the policy change, she said, was a 1979 Supreme Court ruling that Americans could have no expectation of privacy about what numbers they had called. Based on that ruling, the Justice Department and the Pentagon decided that it was permissible to create contact chains using Americans’ “metadata,” which includes the timing, location and other details of calls and e-mails, but not their content. The agency is not required to seek warrants for the analyses from the Foreign Intelligence Surveillance Court.
    The 1979 case is Smith v. Maryland, 442 U.S. 735 (1979); and it's certainly "good law" on its specific facts:

    "A pen register is a mechanical device that records the numbers dialed on a telephone by monitoring the electrical impulses caused when the dial on the telephone is released. It does not overhear oral communications and does not indicate whether calls are actually completed."
    Somehow, to me, multiplying the pen registry by a billion (or is it a trillion ?), and then subjecting that data to sophisticated computer anaysis (together with other content data from God knows where) presents a qualitatively factual difference.

    Regards

    Mike

  18. #78
    Council Member davidbfpo's Avatar
    Join Date
    Mar 2006
    Location
    UK
    Posts
    13,356

    Default Snooping and Trust

    This week The Guardian published a commentary by Sir David Omand, an ex-GCHQ Director and now a War Studies Professor @ Kings College. He ends with:
    Even so, some damage to our security could still inadvertently have been done, since journalists are not best placed to know exactly what detail may complete the jigsaw puzzles of our adversaries. Instead of more revelations the Guardian should focus on a principled debate on how to allow intelligence agencies and law enforcement to do their job in keeping us from harm whilst preventing unjustified snooping by public or commercial sectors.
    Rightly he asks:
    The real debate we should be having on the back of the Snowden case is about what privacy in a cyber-connected world can realistically mean given the volumes of personal data we hand over to the private sector in return for our everyday convenience, and the continued need for warranted access for security and law enforcement.

    Whatever view we take on where as a society we want the balance between our right to privacy against our right to live in security, we all need to have confidence that in the hands of our authorities these powerful tools of interception are not being abused.
    Link:http://www.theguardian.com/commentis...-cyber-attacks

    I have looked at the follow-on comments and they do not help.
    davidbfpo

  19. #79
    Council Member davidbfpo's Avatar
    Join Date
    Mar 2006
    Location
    UK
    Posts
    13,356

    Default Congress on Privacy and Surveillance

    A day event in Lausanne, Switzerland; with a long report in The Guardian, featuring Caspar Bowden, Bill Binney, Richard Hill, Bruce Schneier and Jacob Appelbaum: http://www.theguardian.com/world/201...in-switzerland

    Needless to say the challenges posed by David Omand (above) do not appear.
    davidbfpo

  20. #80
    Council Member davidbfpo's Avatar
    Join Date
    Mar 2006
    Location
    UK
    Posts
    13,356

    Default Smoke, mirrors, SIGINT and politics

    Much has happened publicly in the last month. More revelations of NSA spying, particularly on allies like Germany and friends such as Brazil. With not a few commentators in the USA alleging Greenwald & Snowden are "useful idiots" being played by Russia.

    The controversies have finally got political attention, especially that millions of calls metadata were collected and Chancellor Merkel's private phone too. Politicians appeared to respond with outrage, then today it appears several European nations donated the metadata to NSA!

    In the UK The Guardian, which remains the principal media outlet, has been accused of "aiding the enemy". To my amusement one Conservative MP who came to the fore had posted a clear picture of NSA staff @ Menwith Hill, in his constituency, on his website. Then Lord Carlile, a Lib-Dem peer wrote an article only to be accused of being coached and primed by GCHQ.

    I have enjoyed following Professor John Schindler, ex-NSA, now at the Naval War College, on Twitter and his blog:http://20committee.com/

    Tomorrow the UK House of Commons is due to hold a debate; the last one a few days ago attracted less than ten MPs. On the link is a briefing note by Big Brother Watch:http://bigbrotherwatch.org.uk/files/...fing_31Oct.pdf
    davidbfpo

Similar Threads

  1. The 2006 Hezbollah-Israeli War (catch all)
    By SWJED in forum Middle East
    Replies: 146
    Last Post: 09-12-2012, 09:30 PM
  2. Intelligence Interviewing
    By rborum in forum Intelligence
    Replies: 5
    Last Post: 08-29-2010, 04:50 AM
  3. Replies: 52
    Last Post: 12-23-2007, 05:55 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •