It's not even the spying that makes me so angry, it's that the government doesn't think that they need to follow their own rules. To top it all off, they lie about their motivations. To keep us safe? Really? REALLY? I call bullshit.
-
Happy Birthday ICMag! Been 20 years since Gypsy Nirvana created the forum! We are celebrating with a 4/20 Giveaway and by launching a new Patreon tier called "420club". You can read more here.
-
Important notice: ICMag's T.O.U. has been updated. Please review it here. For your convenience, it is also available in the main forum menu, under 'Quick Links"!
The SNOWDEN Saga continues...
- Thread starter gaiusmarius
- Start date
"If the right to life, liberty and the pursuit of happiness -- which are the stated reasons for forming the United States of America in the first place -- mean anything, they mean that we all possess the inalienable right to be different and the inalienable right to be left alone. Neither of these rights can be honored when the government knows all. And when the government knows all, and doesn’t like what it knows, we will have an authoritarian state far more odious than any history has ever known." ~ Andrew P. Napolitano
http://www.theguardian.com/uk-news/2013/oct/09/david-cameron-mi5-chief-edward-snowden-gchq-leaks
No surprises here:
"MI5 chief's condemnation of Snowden GCHQ leaks backed by David Cameron"
David Cameron has endorsed a speech by Andrew Parker in which the new head of MI5 suggested that the leaks by the US whistleblower Edward Snowden had undermined the fight against terrorism.
The No 10 spokesman said: "The prime minister thinks it was an excellent speech and we are, as you would expect, always keeping under review the measures that are needed to contribute to keeping our country safe."
Parker did not mention Snowden by name in a speech that defended Britain's intelligence agencies. But his remarks appeared to be aimed at the whistleblower who gave thousands of intelligence files to the Guardian that revealed surveillance programmes carried out by GCHQ and its US counterpart, the National Security Agency (NSA).
Alan Rusbridger, the editor-in-chief of the Guardian, defended the newspaper's reporting of files leaked by Snowden that highlighted formidable technologies "beyond what Orwell could have imagined".
Rusbridger told The World at One on BBC Radio 4: "If you read the whole of Andrew Parker's speech it is a perfectly reasonable speech and it is what you would expect him to say. If you are on the security side of the argument you want to keep everything secret, you don't want a debate and you don't want the press or anyone else writing about it. But MI5 cannot be the only voice in this debate."
Rusbridger challenged Parker's claim that the leaking and publication of the NSA files posed a risk to national security. He said: "Glenn Greenwald [the Guardian journalist who received the leaked documents] has a phrase that you would have to be a terrorist who didn't know how to tie his shoelace not to believe that people were watching things on the internet and scooping up telephone calls. I don't think some of this will come as a great surprise to terrorists.
"But what is significantly new about what we have been revealing is the extent to which entire populations are now being potentially put under surveillance. I have just spent a week in America where everybody is talking about this from the president down."
Rusbridger warned of attempts in the US to prevent reporting. "There has to be a balance. There have been instances in the last few months where people have gone through metadata to find out reporters' sources … These technologies are formidable. They are beyond what Orwell could have imagined.
"It may be that everything in a social democracy is fine and the oversight is working. But I would be very surprised if the current oversight methods really understood and knew about some of the things we have been describing as a result of the Snowden revelations."
In his speech the MI5 head defended the work of GCHQ and warned of the dangers of publishing documents which reveal some of its systems. Parker said: "We are facing an international threat and GCHQ provides many of the intelligence leads upon which we rely. It causes enormous damage to make public the reach and limits of GCHQ techniques. Such information hands the advantage to the terrorists.
"It is the gift they need to evade us and strike at will. Unfashionable as it might seem, that is why we must keep secrets secret, and why not doing so causes such harm."
Asked whether Cameron agreed with Parker that the leak of the Snowden files had been a gift to potential terrorists, the No 10 spokesman said: "I would happily point you to all parts of the director general's speech. It was an excellent speech."
Asked whether the prime minister's endorsement covered Parker's claim that making public GCHQ's techniques provided "the gift they [terrorists] need to evade us", the spokesman said: "Including that".
The spokesman's remarks suggest Cameron agrees with MI5 that the government should try and revive the data communications bill, which has been dubbed the snooper's charter. The proposed legislation was blocked by Nick Clegg.
Asked whether Parker's remarks showed that the bill was not dead, the spokesman said: "The position hasn't changed. The government continues to consider how best we continue to ensure our intelligence agencies, our law enforcement agencies are able to stay up to date in what is – in one of the points Andrew Parker was making – a continually evolving technological environment."
A Guardian News and Media spokeswoman said: "A huge number of people - from President Obama to the US director of national intelligence, James Clapper - have now conceded that the Snowden revelations have prompted a debate which was both necessary and overdue.
"The president has even set up a review panel and there have been vigorous discussions in the US Congress and throughout Europe. Such a debate is only worthwhile if it is informed. That is what journalism should do."
No surprises here:
"MI5 chief's condemnation of Snowden GCHQ leaks backed by David Cameron"
David Cameron has endorsed a speech by Andrew Parker in which the new head of MI5 suggested that the leaks by the US whistleblower Edward Snowden had undermined the fight against terrorism.
The No 10 spokesman said: "The prime minister thinks it was an excellent speech and we are, as you would expect, always keeping under review the measures that are needed to contribute to keeping our country safe."
Parker did not mention Snowden by name in a speech that defended Britain's intelligence agencies. But his remarks appeared to be aimed at the whistleblower who gave thousands of intelligence files to the Guardian that revealed surveillance programmes carried out by GCHQ and its US counterpart, the National Security Agency (NSA).
Alan Rusbridger, the editor-in-chief of the Guardian, defended the newspaper's reporting of files leaked by Snowden that highlighted formidable technologies "beyond what Orwell could have imagined".
Rusbridger told The World at One on BBC Radio 4: "If you read the whole of Andrew Parker's speech it is a perfectly reasonable speech and it is what you would expect him to say. If you are on the security side of the argument you want to keep everything secret, you don't want a debate and you don't want the press or anyone else writing about it. But MI5 cannot be the only voice in this debate."
Rusbridger challenged Parker's claim that the leaking and publication of the NSA files posed a risk to national security. He said: "Glenn Greenwald [the Guardian journalist who received the leaked documents] has a phrase that you would have to be a terrorist who didn't know how to tie his shoelace not to believe that people were watching things on the internet and scooping up telephone calls. I don't think some of this will come as a great surprise to terrorists.
"But what is significantly new about what we have been revealing is the extent to which entire populations are now being potentially put under surveillance. I have just spent a week in America where everybody is talking about this from the president down."
Rusbridger warned of attempts in the US to prevent reporting. "There has to be a balance. There have been instances in the last few months where people have gone through metadata to find out reporters' sources … These technologies are formidable. They are beyond what Orwell could have imagined.
"It may be that everything in a social democracy is fine and the oversight is working. But I would be very surprised if the current oversight methods really understood and knew about some of the things we have been describing as a result of the Snowden revelations."
In his speech the MI5 head defended the work of GCHQ and warned of the dangers of publishing documents which reveal some of its systems. Parker said: "We are facing an international threat and GCHQ provides many of the intelligence leads upon which we rely. It causes enormous damage to make public the reach and limits of GCHQ techniques. Such information hands the advantage to the terrorists.
"It is the gift they need to evade us and strike at will. Unfashionable as it might seem, that is why we must keep secrets secret, and why not doing so causes such harm."
Asked whether Cameron agreed with Parker that the leak of the Snowden files had been a gift to potential terrorists, the No 10 spokesman said: "I would happily point you to all parts of the director general's speech. It was an excellent speech."
Asked whether the prime minister's endorsement covered Parker's claim that making public GCHQ's techniques provided "the gift they [terrorists] need to evade us", the spokesman said: "Including that".
The spokesman's remarks suggest Cameron agrees with MI5 that the government should try and revive the data communications bill, which has been dubbed the snooper's charter. The proposed legislation was blocked by Nick Clegg.
Asked whether Parker's remarks showed that the bill was not dead, the spokesman said: "The position hasn't changed. The government continues to consider how best we continue to ensure our intelligence agencies, our law enforcement agencies are able to stay up to date in what is – in one of the points Andrew Parker was making – a continually evolving technological environment."
A Guardian News and Media spokeswoman said: "A huge number of people - from President Obama to the US director of national intelligence, James Clapper - have now conceded that the Snowden revelations have prompted a debate which was both necessary and overdue.
"The president has even set up a review panel and there have been vigorous discussions in the US Congress and throughout Europe. Such a debate is only worthwhile if it is informed. That is what journalism should do."
This one's a little older, from the end of August, but it's the first time I've read about this. The executive branch is knee deep in this shit, how can they expect an impartial review when all of its members are or have been part the problem?
https://www.privacyassociation.org/publications/white_house_names_nsa_review_panel
White House Names NSA Review Panel
By Jedidiah Bracy, CIPP/US, CIPP/E
In response to the slew of leaks stemming from Edward Snowden, President Barack Obama has reportedly named a panel of four experts to conduct a full review of U.S. surveillance programs, ABC News reports.
This “high-level group of outside experts” will include recent acting head of the CIA Michael Morell, and former White House officials Peter Swire, CIPP/US (author the IAPP’s Foundations of Information Privacy and Data Protection), Cass Sunstein and Richard Clarke. Two weeks ago, Obama said the panel will “consider how we can maintain the trust of the people (and) how we can make sure that there absolutely is not abuse.”
The Privacy Advisor contacted Swire for comment, but he said nothing has been officially announced yet.
According to Ars Technica, some critics are concerned the reported panel is not truly a group of “outside experts” since all have worked within the executive branch in the past. University of California Hastings College of the Law Prof. Robin Feldman said, “Choosing insiders has positives and negatives: On the one hand, choosing insiders makes it more likely that they can move the levers of power,” adding, “On the other hand, choosing insiders makes it more challenging for them to have the independence.”
George Washington University Law Prof. Orin Kerr noted, “perhaps that was necessary because everyone needed to have a security clearance, which presumably they all have or recently had.”
More on the NSA, From Transparency to Start-Ups to Op-Eds
Earlier this week, the Office of the Director of National Intelligence started a Tumblr blog focusing on the work of the intelligence communication, called IC On The Record. The blog attempts to be a “hub for further transparency” and includes official statements, declassified documents, interviews and other documents.
Meanwhile, reports on connections between the Pentagon and Silicon Valley continue. The New York Times explores several technology start-ups backed by former Department of Defense and intelligence agency operatives. With the rise in cyberattacks, demand for stronger security tools is on the rise. And the money is there. According to the report, in 2012, more than $1 billion in venture capital has made its way into security start-ups. One former intelligence analyst said of the demand for former intelligence officials, “They have unique insights because they’ve been on the front lines…Now they’ve got commercial desires. The lines are blurring.”
And concerns about the NSA surveillance programs continue. In an op-ed for Boing Boing, Josh Levy opines the programs are the “most serious attacks on free speech we’ve ever seen.”
https://www.privacyassociation.org/publications/white_house_names_nsa_review_panel
White House Names NSA Review Panel
By Jedidiah Bracy, CIPP/US, CIPP/E
In response to the slew of leaks stemming from Edward Snowden, President Barack Obama has reportedly named a panel of four experts to conduct a full review of U.S. surveillance programs, ABC News reports.
This “high-level group of outside experts” will include recent acting head of the CIA Michael Morell, and former White House officials Peter Swire, CIPP/US (author the IAPP’s Foundations of Information Privacy and Data Protection), Cass Sunstein and Richard Clarke. Two weeks ago, Obama said the panel will “consider how we can maintain the trust of the people (and) how we can make sure that there absolutely is not abuse.”
The Privacy Advisor contacted Swire for comment, but he said nothing has been officially announced yet.
According to Ars Technica, some critics are concerned the reported panel is not truly a group of “outside experts” since all have worked within the executive branch in the past. University of California Hastings College of the Law Prof. Robin Feldman said, “Choosing insiders has positives and negatives: On the one hand, choosing insiders makes it more likely that they can move the levers of power,” adding, “On the other hand, choosing insiders makes it more challenging for them to have the independence.”
George Washington University Law Prof. Orin Kerr noted, “perhaps that was necessary because everyone needed to have a security clearance, which presumably they all have or recently had.”
More on the NSA, From Transparency to Start-Ups to Op-Eds
Earlier this week, the Office of the Director of National Intelligence started a Tumblr blog focusing on the work of the intelligence communication, called IC On The Record. The blog attempts to be a “hub for further transparency” and includes official statements, declassified documents, interviews and other documents.
Meanwhile, reports on connections between the Pentagon and Silicon Valley continue. The New York Times explores several technology start-ups backed by former Department of Defense and intelligence agency operatives. With the rise in cyberattacks, demand for stronger security tools is on the rise. And the money is there. According to the report, in 2012, more than $1 billion in venture capital has made its way into security start-ups. One former intelligence analyst said of the demand for former intelligence officials, “They have unique insights because they’ve been on the front lines…Now they’ve got commercial desires. The lines are blurring.”
And concerns about the NSA surveillance programs continue. In an op-ed for Boing Boing, Josh Levy opines the programs are the “most serious attacks on free speech we’ve ever seen.”
yup, gonna see alot more apps with end to end encryption built in.
sounds like NRAG (National Research Assay Group) run by Eric Byer ... i swear Bourne Legacy is a documentary.
Looks like the NSA is about to ruin their internet backdoor by being too greedy with all of the spying. We'll see if any substantive changes happen, I'm not too hopeful, but it's a start.
http://www.wired.com/threatlevel/2013/10/global-net-infrastructure/
WIRED
NSA Leaks Prompt Rethinking of U.S. Control Over the Internet’s Infrastructure
The leaders who run the internet’s technical global infrastructure say the time has come to end U.S. dominance over it.
In response to leaks by NSA whistleblower Edward Snowden, Fadi Chehadé, who heads the Internet Corporation for Assigned Names and Numbers, and others have called for “an environment, in which all stakeholders, including all governments, participate on equal footing.”
Among other things, they were concerned “over the undermining of the trust and confidence of internet users globally due to recent revelations of pervasive monitoring and surveillance.”
ICANN, a nonprofit established by the U.S., has never awarded a contract to manage the .com, .net, .cc, .tv and .name space to a company outside the United States — in fact, VeriSign of Virginia has always held the immensely economically valuable .com handle. The Public Interest Registry, also based in Virginia, manages the .org domain.
All of which means that both registries are under the auspices of the U.S. government, its courts — including the Foreign Intelligence Surveillance Court — and the home turf of the NSA’s snooping efforts.
ICANN was established in 1998 by the Clinton administration, and has been under global attack to internationalize the control of the Domain Name System ever since. A United Nations working group in 2005 concluded that “no single government should have a pre-eminent role in relation to international internet governance.”
Even before the Snowden leaks — which disclosed vast court-approved NSA spying powers and decryption efforts — governments like China, India and Russia have distrusted ICANN. They have demanded control of the net’s naming system to be turned over to an organization such as the International Telecommunications Union, an affiliate of the United Nations — a proposition scoffed at by the United States.
What’s more, who controls the internet’s infrastructure became an issue last year after the United States began seizing hundreds of domains across the globe for allegedly breaching federal copyright and trademark laws.
VeriSign said it was just complying with “lawful orders” from the U.S. courts by redirecting the DNS (Domain Name System) of a domain to a U.S. government IP address that informs online visitors that the site has been seized.
The Internet Governance Project, a global alliance of academics specializing on internet governance, said the statement by Chehadé and the others “was one of the most significant manifestations of the fallout from the Snowden revelations about NSA spying on the global internet.”
Still, no concrete proposals from the major internet organizations were produced at last week’s meeting in Uruguay.
“…They were thinking of new forms of multistakeholder oversight as a substitute for U.S. oversight, although no detailed blueprint exists,” the Internet Governance Project said.
ICAAN is developing a five-year strategic plan and is taking public comment through January.
http://www.wired.com/threatlevel/2013/10/global-net-infrastructure/
WIRED
NSA Leaks Prompt Rethinking of U.S. Control Over the Internet’s Infrastructure
The leaders who run the internet’s technical global infrastructure say the time has come to end U.S. dominance over it.
In response to leaks by NSA whistleblower Edward Snowden, Fadi Chehadé, who heads the Internet Corporation for Assigned Names and Numbers, and others have called for “an environment, in which all stakeholders, including all governments, participate on equal footing.”
Among other things, they were concerned “over the undermining of the trust and confidence of internet users globally due to recent revelations of pervasive monitoring and surveillance.”
ICANN, a nonprofit established by the U.S., has never awarded a contract to manage the .com, .net, .cc, .tv and .name space to a company outside the United States — in fact, VeriSign of Virginia has always held the immensely economically valuable .com handle. The Public Interest Registry, also based in Virginia, manages the .org domain.
All of which means that both registries are under the auspices of the U.S. government, its courts — including the Foreign Intelligence Surveillance Court — and the home turf of the NSA’s snooping efforts.
ICANN was established in 1998 by the Clinton administration, and has been under global attack to internationalize the control of the Domain Name System ever since. A United Nations working group in 2005 concluded that “no single government should have a pre-eminent role in relation to international internet governance.”
Even before the Snowden leaks — which disclosed vast court-approved NSA spying powers and decryption efforts — governments like China, India and Russia have distrusted ICANN. They have demanded control of the net’s naming system to be turned over to an organization such as the International Telecommunications Union, an affiliate of the United Nations — a proposition scoffed at by the United States.
What’s more, who controls the internet’s infrastructure became an issue last year after the United States began seizing hundreds of domains across the globe for allegedly breaching federal copyright and trademark laws.
VeriSign said it was just complying with “lawful orders” from the U.S. courts by redirecting the DNS (Domain Name System) of a domain to a U.S. government IP address that informs online visitors that the site has been seized.
The Internet Governance Project, a global alliance of academics specializing on internet governance, said the statement by Chehadé and the others “was one of the most significant manifestations of the fallout from the Snowden revelations about NSA spying on the global internet.”
Still, no concrete proposals from the major internet organizations were produced at last week’s meeting in Uruguay.
“…They were thinking of new forms of multistakeholder oversight as a substitute for U.S. oversight, although no detailed blueprint exists,” the Internet Governance Project said.
ICAAN is developing a five-year strategic plan and is taking public comment through January.
I wonder... would the US ever go to war to protect it's status as the world's internet boss? Let's hope the UN doesn't get involved, or else we'll never hear the end of the NWO theories.
Last edited:
they should make a new organisation with 1 rep from every country in the world that is part of the internet. then they vote on the big decisions. giving it to any existing organization is always less then ideal no matter who it is. but a group representing everyone on an equal footing, or maybe they get 1 rep per country or one for every 500 million people population. so big populations with lots of users would have more say then smaller populations, but still even a small country gets 1 rep minimum. then you just go by a majority vote. the US has proven that it's not trustworthy enough to be the worlds main hub of the internet.
earlier in this thread we talked about Brazil talking about stopping their traffic going over the US when there is no need, like it does now. but now Germany has also said they want to make changes so internal emails no longer go via the US when there is no need. even if there is some initial costs, it makes sense in the end to have data traveling the direct route, no need to have a email written from one guy in Moscow to another to go over some servers in the US. glad countries are starting to realize what it means to allow this level of surveillance in their borders and are trying to think of ways to minimize the potential for espionage on all levels.
earlier in this thread we talked about Brazil talking about stopping their traffic going over the US when there is no need, like it does now. but now Germany has also said they want to make changes so internal emails no longer go via the US when there is no need. even if there is some initial costs, it makes sense in the end to have data traveling the direct route, no need to have a email written from one guy in Moscow to another to go over some servers in the US. glad countries are starting to realize what it means to allow this level of surveillance in their borders and are trying to think of ways to minimize the potential for espionage on all levels.
NSA collects millions of e-mail address books globally
By Barton Gellman and Ashkan Soltani, Washington Post
http://www.washingtonpost.com/world...58b5be-34f9-11e3-80c6-7e6dd8d22d8f_print.html
The National Security Agency is harvesting hundreds of millions of contact lists from personal e-mail and instant messaging accounts around the world, many of them belonging to Americans, according to senior intelligence officials and top secret documents provided by former NSA contractor Edward Snowden.
The collection program, which has not been disclosed before, intercepts e-mail address books and “buddy lists” from instant messaging services as they move across global data links. Online services often transmit those contacts when a user logs on, composes a message, or synchronizes a computer or mobile device with information stored on remote servers.
Rather than targeting individual users, the NSA is gathering contact lists in large numbers that amount to a sizable fraction of the world’s e-mail and instant messaging accounts. Analysis of that data enables the agency to search for hidden connections and map relationships within a much smaller universe of foreign intelligence targets.
During a single day last year, the NSA’s Special Source Operations branch collected 444,743 e-mail address books from Yahoo, 105,068 from Hotmail, 82,857 from Facebook, 33,697 from Gmail and 22,881 from unspecified other providers, according to an internal NSA PowerPoint presentation. Those figures, described as a typical daily intake in the document, correspond to a rate of more than 250 million a year.
Each day, the presentation said, the NSA collects contacts from an estimated 500,000 buddy lists on live-chat services as well as from the in-box displays of Web-based e-mail accounts.
The collection depends on secret arrangements with foreign telecommunications companies or allied intelligence services in control of facilities that direct traffic along the Internet’s main data routes.
Although the collection takes place overseas, two senior U.S. intelligence officials acknowledged that it sweeps in the contacts of many Americans. They declined to offer an estimate but did not dispute that the number is likely to be in the millions or tens of millions.
A spokesman for the Office of the Director of National Intelligence, which oversees the NSA, said the agency “is focused on discovering and developing intelligence about valid foreign intelligence targets like terrorists, human traffickers and drug smugglers. We are not interested in personal information about ordinary Americans.”
The spokesman, Shawn Turner, added that rules approved by the attorney general require the NSA to “minimize the acquisition, use, and dissemination” of information that identifies a U.S. citizen or permanent resident.
The NSA’s collection of nearly all U.S. call records, under a separate program, has generated significant controversy since it was revealed in June. The NSA’s director, Gen. Keith B. Alexander, has defended “bulk” collection as an essential counterterrorism and foreign intelligence tool, saying “you need the haystack to find the needle.”
Contact lists stored online provide the NSA with far richer sources of data than call records alone. Address books commonly include not only names and e-mail addresses, but also telephone numbers, street addresses, and business and family information. In-box listings of e-mail accounts stored in the “cloud” sometimes contain content such as the first few lines of a message.
Taken together, the data would enable the NSA, if permitted, to draw detailed maps of a person’s life, as told by personal, professional, political and religious connections. The picture can also be misleading, creating false “associations” with ex-spouses or people with whom an account holder has had no contact in many years.
The NSA has not been authorized by Congress or the special intelligence court that oversees foreign surveillance to collect contact lists in bulk, and senior intelligence officials said it would be illegal to do so from facilities in the United States. The agency avoids the restrictions in the Foreign Intelligence Surveillance Act by intercepting contact lists from access points “all over the world,” one official said, speaking on the condition of anonymity to discuss a classified program. “None of those are on U.S. territory.”
Because of the method employed, the agency is not legally required or technically able to restrict its intake to contact lists belonging to specified foreign intelligence targets, he said.
When information passes through “the overseas collection apparatus,” the official added, “the assumption is you’re not a U.S. person.”
In practice, data from Americans is collected in large volumes — in part because they live and work overseas, but also because data crosses international boundaries even when its American owners stay at home. Large technology companies, including Google and Facebook, maintain data centers around the world to balance loads on their servers and work around outages.
A senior U.S. intelligence official said that the privacy of Americans is protected, despite mass collection, because “we have checks and balances built into our tools.”
NSA analysts, he said, may not search or distribute information from the contacts database unless they can “make the case that something in there is a valid foreign intelligence target in and of itself.”
In this program, the NSA is obliged to make that case only to itself or others in the executive branch. With few exceptions, intelligence operations overseas fall solely within the president’s legal purview. The Foreign Intelligence Surveillance Act, enacted in 1978, imposes restrictions only on electronic surveillance that targets Americans or takes place on U.S. territory.
By contrast, the NSA draws on authority in the Patriot Act for its bulk collection of domestic phone records, and it gathers online records from U.S. Internet companies, in a program known as PRISM, under powers granted by Congress in the FISA Amendments Act. Those operations are overseen by the Foreign Intelligence Surveillance Court.
Sen. Dianne Feinstein, the California Democrat who chairs the Senate Intelligence Committee, said in August that the committee has less information about, and conducts less oversight of, intelligence gathering that relies solely on presidential authority. She said she planned to ask for more briefings on those programs.
“In general, the committee is far less aware of operations conducted under 12333,” said a senior committee staff member, referring to Executive Order 12333, which defines the basic powers and responsibilities of the intelligence agencies. “I believe the NSA would answer questions if we asked them, and if we knew to ask them, but it would not routinely report these things, and, in general, they would not fall within the focus of the committee.”
Because the agency captures contact lists “on the fly” as they cross major Internet switches, rather than “at rest” on computer servers, the NSA has no need to notify the U.S. companies that host the information or to ask for help from them.
“We have neither knowledge of nor participation in this mass collection of webmail addresses or chat lists by the government,” said Google spokesman Niki Fenwick.
At Microsoft, spokesman Nicole Miller said the company “does not provide any government with direct or unfettered access to our customers’ data,” adding that “we would have significant concerns if these allegations about government actions are true.”
Facebook spokesman Jodi Seth said “we did not know and did not assist” in the NSA’s interception of contact lists.
It is unclear why the NSA collects more than twice as many address books from Yahoo than the other big services combined. One possibility is that Yahoo, unlike other service providers, has left connections to its users unencrypted by default.
Suzanne Philion, a Yahoo spokesman, said Monday in response to an inquiry from The Washington Post that, beginning in January, Yahoo would begin encrypting all its e-mail connections.
Google was the first to secure all its e-mail connections, turning on “SSL encryption” globally in 2010. People with inside knowledge said the move was intended in part to thwart large-scale collection of its users’ information by the NSA and other intelligence agencies.
The volume of NSA contacts collection is so high that it has occasionally threatened to overwhelm storage repositories, forcing the agency to halt its intake with “emergency detasking” orders. Three NSA documents describe short-term efforts to build an “across-the-board technology throttle for truly heinous data” and longer-term efforts to filter out information that the NSA does not need.
Spam has proven to be a significant problem for the NSA — clogging databases with information that holds no foreign intelligence value. The majority of all e-mails, one NSA document says, “are SPAM from ‘fake’ addresses and never ‘delivered’ to targets.”
In fall 2011, according to an NSA presentation, the Yahoo account of an Iranian target was “hacked by an unknown actor,” who used it to send spam. The Iranian had “a number of Yahoo groups in his/her contact list, some with many hundreds or thousands of members.”
The cascading effects of repeated spam messages, compounded by the automatic addition of the Iranian’s contacts to other people’s address books, led to a massive spike in the volume of traffic collected by the Australian intelligence service on the NSA’s behalf.
After nine days of data-bombing, the Iranian’s contact book and contact books for several people within it were “emergency detasked.”
In a briefing from the NSA’s Large Access Exploitation working group, that example was used to illustrate the need to narrow the criteria for data interception. It called for a “shifting collection philosophy”: “Memorialize what you need” vs. “Order one of everything off the menu and eat what you want.”
Julie Tate contributed to this report. Soltani is an independent security researcher and consultant.
© The Washington Post Company
By Barton Gellman and Ashkan Soltani, Washington Post
http://www.washingtonpost.com/world...58b5be-34f9-11e3-80c6-7e6dd8d22d8f_print.html
The National Security Agency is harvesting hundreds of millions of contact lists from personal e-mail and instant messaging accounts around the world, many of them belonging to Americans, according to senior intelligence officials and top secret documents provided by former NSA contractor Edward Snowden.
The collection program, which has not been disclosed before, intercepts e-mail address books and “buddy lists” from instant messaging services as they move across global data links. Online services often transmit those contacts when a user logs on, composes a message, or synchronizes a computer or mobile device with information stored on remote servers.
Rather than targeting individual users, the NSA is gathering contact lists in large numbers that amount to a sizable fraction of the world’s e-mail and instant messaging accounts. Analysis of that data enables the agency to search for hidden connections and map relationships within a much smaller universe of foreign intelligence targets.
During a single day last year, the NSA’s Special Source Operations branch collected 444,743 e-mail address books from Yahoo, 105,068 from Hotmail, 82,857 from Facebook, 33,697 from Gmail and 22,881 from unspecified other providers, according to an internal NSA PowerPoint presentation. Those figures, described as a typical daily intake in the document, correspond to a rate of more than 250 million a year.
Each day, the presentation said, the NSA collects contacts from an estimated 500,000 buddy lists on live-chat services as well as from the in-box displays of Web-based e-mail accounts.
The collection depends on secret arrangements with foreign telecommunications companies or allied intelligence services in control of facilities that direct traffic along the Internet’s main data routes.
Although the collection takes place overseas, two senior U.S. intelligence officials acknowledged that it sweeps in the contacts of many Americans. They declined to offer an estimate but did not dispute that the number is likely to be in the millions or tens of millions.
A spokesman for the Office of the Director of National Intelligence, which oversees the NSA, said the agency “is focused on discovering and developing intelligence about valid foreign intelligence targets like terrorists, human traffickers and drug smugglers. We are not interested in personal information about ordinary Americans.”
The spokesman, Shawn Turner, added that rules approved by the attorney general require the NSA to “minimize the acquisition, use, and dissemination” of information that identifies a U.S. citizen or permanent resident.
The NSA’s collection of nearly all U.S. call records, under a separate program, has generated significant controversy since it was revealed in June. The NSA’s director, Gen. Keith B. Alexander, has defended “bulk” collection as an essential counterterrorism and foreign intelligence tool, saying “you need the haystack to find the needle.”
Contact lists stored online provide the NSA with far richer sources of data than call records alone. Address books commonly include not only names and e-mail addresses, but also telephone numbers, street addresses, and business and family information. In-box listings of e-mail accounts stored in the “cloud” sometimes contain content such as the first few lines of a message.
Taken together, the data would enable the NSA, if permitted, to draw detailed maps of a person’s life, as told by personal, professional, political and religious connections. The picture can also be misleading, creating false “associations” with ex-spouses or people with whom an account holder has had no contact in many years.
The NSA has not been authorized by Congress or the special intelligence court that oversees foreign surveillance to collect contact lists in bulk, and senior intelligence officials said it would be illegal to do so from facilities in the United States. The agency avoids the restrictions in the Foreign Intelligence Surveillance Act by intercepting contact lists from access points “all over the world,” one official said, speaking on the condition of anonymity to discuss a classified program. “None of those are on U.S. territory.”
Because of the method employed, the agency is not legally required or technically able to restrict its intake to contact lists belonging to specified foreign intelligence targets, he said.
When information passes through “the overseas collection apparatus,” the official added, “the assumption is you’re not a U.S. person.”
In practice, data from Americans is collected in large volumes — in part because they live and work overseas, but also because data crosses international boundaries even when its American owners stay at home. Large technology companies, including Google and Facebook, maintain data centers around the world to balance loads on their servers and work around outages.
A senior U.S. intelligence official said that the privacy of Americans is protected, despite mass collection, because “we have checks and balances built into our tools.”
NSA analysts, he said, may not search or distribute information from the contacts database unless they can “make the case that something in there is a valid foreign intelligence target in and of itself.”
In this program, the NSA is obliged to make that case only to itself or others in the executive branch. With few exceptions, intelligence operations overseas fall solely within the president’s legal purview. The Foreign Intelligence Surveillance Act, enacted in 1978, imposes restrictions only on electronic surveillance that targets Americans or takes place on U.S. territory.
By contrast, the NSA draws on authority in the Patriot Act for its bulk collection of domestic phone records, and it gathers online records from U.S. Internet companies, in a program known as PRISM, under powers granted by Congress in the FISA Amendments Act. Those operations are overseen by the Foreign Intelligence Surveillance Court.
Sen. Dianne Feinstein, the California Democrat who chairs the Senate Intelligence Committee, said in August that the committee has less information about, and conducts less oversight of, intelligence gathering that relies solely on presidential authority. She said she planned to ask for more briefings on those programs.
“In general, the committee is far less aware of operations conducted under 12333,” said a senior committee staff member, referring to Executive Order 12333, which defines the basic powers and responsibilities of the intelligence agencies. “I believe the NSA would answer questions if we asked them, and if we knew to ask them, but it would not routinely report these things, and, in general, they would not fall within the focus of the committee.”
Because the agency captures contact lists “on the fly” as they cross major Internet switches, rather than “at rest” on computer servers, the NSA has no need to notify the U.S. companies that host the information or to ask for help from them.
“We have neither knowledge of nor participation in this mass collection of webmail addresses or chat lists by the government,” said Google spokesman Niki Fenwick.
At Microsoft, spokesman Nicole Miller said the company “does not provide any government with direct or unfettered access to our customers’ data,” adding that “we would have significant concerns if these allegations about government actions are true.”
Facebook spokesman Jodi Seth said “we did not know and did not assist” in the NSA’s interception of contact lists.
It is unclear why the NSA collects more than twice as many address books from Yahoo than the other big services combined. One possibility is that Yahoo, unlike other service providers, has left connections to its users unencrypted by default.
Suzanne Philion, a Yahoo spokesman, said Monday in response to an inquiry from The Washington Post that, beginning in January, Yahoo would begin encrypting all its e-mail connections.
Google was the first to secure all its e-mail connections, turning on “SSL encryption” globally in 2010. People with inside knowledge said the move was intended in part to thwart large-scale collection of its users’ information by the NSA and other intelligence agencies.
The volume of NSA contacts collection is so high that it has occasionally threatened to overwhelm storage repositories, forcing the agency to halt its intake with “emergency detasking” orders. Three NSA documents describe short-term efforts to build an “across-the-board technology throttle for truly heinous data” and longer-term efforts to filter out information that the NSA does not need.
Spam has proven to be a significant problem for the NSA — clogging databases with information that holds no foreign intelligence value. The majority of all e-mails, one NSA document says, “are SPAM from ‘fake’ addresses and never ‘delivered’ to targets.”
In fall 2011, according to an NSA presentation, the Yahoo account of an Iranian target was “hacked by an unknown actor,” who used it to send spam. The Iranian had “a number of Yahoo groups in his/her contact list, some with many hundreds or thousands of members.”
The cascading effects of repeated spam messages, compounded by the automatic addition of the Iranian’s contacts to other people’s address books, led to a massive spike in the volume of traffic collected by the Australian intelligence service on the NSA’s behalf.
After nine days of data-bombing, the Iranian’s contact book and contact books for several people within it were “emergency detasked.”
In a briefing from the NSA’s Large Access Exploitation working group, that example was used to illustrate the need to narrow the criteria for data interception. It called for a “shifting collection philosophy”: “Memorialize what you need” vs. “Order one of everything off the menu and eat what you want.”
Julie Tate contributed to this report. Soltani is an independent security researcher and consultant.
© The Washington Post Company
looks like someone's grumpy. Why would you negative rep for posting a link to an article?
who cares in the end, i didnt even notice till you mentioned it, hehe.
There are trolls everywhere. Don't give it a second thought.
I just hope that commission O'Bummer formed can stay apolitical and will say the NSA did break laws like it most obviously did. But then the NSA was just given this all encompassing "Patriot Act" pass. Still, I'm sure laws were broken that fall outside the scope of that Act.
I wouldn't hold my breath for that though. The rest of the world will have to get involved I think. It seems they are.
the author of the patriot act section on surveillance has said in interviews that the act was never intended to be used for mass surveillance. according to him every individual who is spied on needs to be on the warrant even if it's a fisa warrant. so yeah they broke the law even if you accept the patriot act as constitutional, which we shouldn't, because it plainly isn't.
The gov't is now saying that the widespread collection of data by the NSA is not just for terrorism, but for "criminal activity". So it's no longer about "National Security" but about spying on everyone to detect ANY possible criminal activity, or perhaps just to spy on your wife or girlfriend or neighbor or old school chum, or whomever they choose...
If this isn't worse than Big Brother, I don't know what is...
Let's remember that something like 1.2 million people have access to part or all of the data being collected!
I guess that makes Snowden one in a million, who would risk his future to unveil the secrets and lies of the US government!
If this isn't worse than Big Brother, I don't know what is...
Let's remember that something like 1.2 million people have access to part or all of the data being collected!
I guess that makes Snowden one in a million, who would risk his future to unveil the secrets and lies of the US government!
Our spying, propaganda, and population control infrastructure makes the book 1984 and Big Brother look like Driving Miss Daisy.
there are paid government trolls ,they hang where there is a lot of traffic ,so I am shure there are some pot growing government trolls ,snoden ran for his life and the u s government wants him dead for treason ,there the treasonist bastards ,there is a youtube video where it shows on the local news where some agency is going through neighborhoods and marking the cubs with red x s the blue ones are cut with a grinder and painted blue ,I think this selection is from data mining,and it is a precursor to things to come
yep the paid troll is a new phenomenon, certain governments are literally paying people and providing them with content and arguments on various subjects. they even have tools that allow 1 user to pretend to be 10 different legit looking accounts. as well as this they have way to cheat on the google rankings and search engine stats, you tube is famous for manipulating the view counters in the old days, now they have new tricks to stop some thing from going viral and even making it disappear completely from search results. read a very interesting article about this by RT news recently. they made a short truth seeker episode about gladio and 911, it started to go viral, till all of a sudden it just disappeared from search results, even links being sent on in emails, where not arriving and all kinds of strange stuff.
http://www.cnn.com/2013/10/16/opini...trajectories/index.html?eref=mrss_igoogle_cnn
Your life, under constant surveillance
(CNN) -- Historically, surveillance was difficult and expensive.
Over the decades, as technology advanced, surveillance became easier and easier. Today, we find ourselves in a world of ubiquitous surveillance, where everything is collected, saved, searched, correlated and analyzed.
But while technology allowed for an increase in both corporate and government surveillance, the private and public sectors took very different paths to get there. The former always collected information about everyone, but over time, collected more and more of it, while the latter always collected maximal information, but over time, collected it on more and more people.
Corporate surveillance has been on a path from minimal to maximal information. Corporations always collected information on everyone they could, but in the past they didn't collect very much of it and only held it as long as necessary. When surveillance information was expensive to collect and store, companies made do with as little as possible.
Telephone companies collected long-distance calling information because they needed it for billing purposes. Credit cards collected only the information about their customers' transactions that they needed for billing. Stores hardly ever collected information about their customers, maybe some personal preferences, or name-and-address for advertising purposes. Even Google, back in the beginning, collected far less information about its users than it does today.
As technology improved, corporations were able to collect more. As the cost of data storage became cheaper, they were able to save more data and for a longer time. And as big data analysis tools became more powerful, it became profitable to save more. Today, almost everything is being saved by someone -- probably forever.
Examples are everywhere. Internet companies like Google, Facebook, Amazon and Apple collect everything we do online at their sites. Third-party cookies allow those companies, and others, to collect data on us wherever we are on the Internet. Store affinity cards allow merchants to track our purchases. CCTV and aerial surveillance combined with automatic face recognition allow companies to track our movements; so does your cell phone. The Internet will facilitate even more surveillance, by more corporations for more purposes.
On the government side, surveillance has been on a path from individually targeted to broadly collected. When surveillance was manual and expensive, it could only be justified in extreme cases. The warrant process limited police surveillance, and resource restraints and the risk of discovery limited national intelligence surveillance. Specific individuals were targeted for surveillance, and maximal information was collected on them alone.
As technology improved, the government was able to implement ever-broadening surveillance. The National Security Agency could surveil groups -- the Soviet government, the Chinese diplomatic corps, etc. -- not just individuals. Eventually, they could spy on entire communications trunks.
Now, instead of watching one person, the NSA can monitor "three hops" away from that person -- an ever widening network of people not directly connected to the person under surveillance. Using sophisticated tools, the NSA can surveil broad swaths of the Internet and phone network.
Governments have always used their authority to piggyback on corporate surveillance. Why should they go through the trouble of developing their own surveillance programs when they could just ask corporations for the data? For example we just learned that the NSA collects e-mail, IM and social networking contact lists for millions of Internet users worldwide.
But as corporations started collecting more information on populations, governments started demanding that data. Through National Security Letters, the FBI can surveil huge groups of people without obtaining a warrant. Through secret agreements, the NSA can monitor the entire Internet and telephone networks.
This is a huge part of the public-private surveillance partnership.
The result of all this is we're now living in a world where both corporations and governments have us all under pretty much constant surveillance.
Data is a byproduct of the information society. Every interaction we have with a computer creates a transaction record, and we interact with computers hundreds of times a day. Even if we don't use a computer -- buying something in person with cash, say -- the merchant uses a computer, and the data flows into the same system. Everything we do leaves a data shadow, and that shadow is constantly under surveillance.
Data is also a byproduct of information society socialization, whether it be e-mail, instant messages or conversations on Facebook. Conversations that used to be ephemeral are now recorded, and we are all leaving digital footprints wherever we go.
Moore's law has made computing cheaper. All of us have made computing ubiquitous. And because computing produces data, and that data equals surveillance, we have created a world of ubiquitous surveillance.
Now we need to figure out what to do about it. This is more than reining in the NSA or fining a corporation for the occasional data abuse. We need to decide whether our data is a shared societal resource, a part of us that is inherently ours by right, or a private good to be bought and sold.
Writing in The Guardian, Chris Huhn said that "information is power, and the necessary corollary is that privacy is freedom." How this interplay between power and freedom play out in the information age is still to be determined.
Your life, under constant surveillance
(CNN) -- Historically, surveillance was difficult and expensive.
Over the decades, as technology advanced, surveillance became easier and easier. Today, we find ourselves in a world of ubiquitous surveillance, where everything is collected, saved, searched, correlated and analyzed.
But while technology allowed for an increase in both corporate and government surveillance, the private and public sectors took very different paths to get there. The former always collected information about everyone, but over time, collected more and more of it, while the latter always collected maximal information, but over time, collected it on more and more people.
Corporate surveillance has been on a path from minimal to maximal information. Corporations always collected information on everyone they could, but in the past they didn't collect very much of it and only held it as long as necessary. When surveillance information was expensive to collect and store, companies made do with as little as possible.
Telephone companies collected long-distance calling information because they needed it for billing purposes. Credit cards collected only the information about their customers' transactions that they needed for billing. Stores hardly ever collected information about their customers, maybe some personal preferences, or name-and-address for advertising purposes. Even Google, back in the beginning, collected far less information about its users than it does today.
As technology improved, corporations were able to collect more. As the cost of data storage became cheaper, they were able to save more data and for a longer time. And as big data analysis tools became more powerful, it became profitable to save more. Today, almost everything is being saved by someone -- probably forever.
Examples are everywhere. Internet companies like Google, Facebook, Amazon and Apple collect everything we do online at their sites. Third-party cookies allow those companies, and others, to collect data on us wherever we are on the Internet. Store affinity cards allow merchants to track our purchases. CCTV and aerial surveillance combined with automatic face recognition allow companies to track our movements; so does your cell phone. The Internet will facilitate even more surveillance, by more corporations for more purposes.
On the government side, surveillance has been on a path from individually targeted to broadly collected. When surveillance was manual and expensive, it could only be justified in extreme cases. The warrant process limited police surveillance, and resource restraints and the risk of discovery limited national intelligence surveillance. Specific individuals were targeted for surveillance, and maximal information was collected on them alone.
As technology improved, the government was able to implement ever-broadening surveillance. The National Security Agency could surveil groups -- the Soviet government, the Chinese diplomatic corps, etc. -- not just individuals. Eventually, they could spy on entire communications trunks.
Now, instead of watching one person, the NSA can monitor "three hops" away from that person -- an ever widening network of people not directly connected to the person under surveillance. Using sophisticated tools, the NSA can surveil broad swaths of the Internet and phone network.
Governments have always used their authority to piggyback on corporate surveillance. Why should they go through the trouble of developing their own surveillance programs when they could just ask corporations for the data? For example we just learned that the NSA collects e-mail, IM and social networking contact lists for millions of Internet users worldwide.
But as corporations started collecting more information on populations, governments started demanding that data. Through National Security Letters, the FBI can surveil huge groups of people without obtaining a warrant. Through secret agreements, the NSA can monitor the entire Internet and telephone networks.
This is a huge part of the public-private surveillance partnership.
The result of all this is we're now living in a world where both corporations and governments have us all under pretty much constant surveillance.
Data is a byproduct of the information society. Every interaction we have with a computer creates a transaction record, and we interact with computers hundreds of times a day. Even if we don't use a computer -- buying something in person with cash, say -- the merchant uses a computer, and the data flows into the same system. Everything we do leaves a data shadow, and that shadow is constantly under surveillance.
Data is also a byproduct of information society socialization, whether it be e-mail, instant messages or conversations on Facebook. Conversations that used to be ephemeral are now recorded, and we are all leaving digital footprints wherever we go.
Moore's law has made computing cheaper. All of us have made computing ubiquitous. And because computing produces data, and that data equals surveillance, we have created a world of ubiquitous surveillance.
Now we need to figure out what to do about it. This is more than reining in the NSA or fining a corporation for the occasional data abuse. We need to decide whether our data is a shared societal resource, a part of us that is inherently ours by right, or a private good to be bought and sold.
Writing in The Guardian, Chris Huhn said that "information is power, and the necessary corollary is that privacy is freedom." How this interplay between power and freedom play out in the information age is still to be determined.
