NSA has direct access to tech giants' systems for user data, secret files reveal

You're certainly right, Mirimir, it isn't an elementary task. The thing is, are we willing to let that console us? I'm not. I stay within the law for the most part (no one out there has never once broken a single law, it's impossible to do with the convoluted legal system.), I have nothing to hide..yet the NSA would have still collected my data (and likely did and may still be).

Programs like PRISM don't limit themselves to just the "easy stuff" or people worth looking into. Programs like PRISM are what the Utah facility and others are built for.

 

You can't prevent the NSA and its counterparts from "collecting your data". But you can make it harder for them to determine that it's your data, and what it means.

 

I suspect that you are wrong (it's not like I have any proof, it's just a hunch). From what I read in the past days/month/years, it seems to me that all government agencies and law enforcement agencies want it to be easy. There is no other reason for which they attempt to do mass surveillance and require service providers to give them easy access to the infrastructure. I highly doubt they will make any effort to monitor a convoluted configuration like the one mirimir proposes just to be sure that nobody escapes their net. If you are their specific target, then yes, it is possible that they will try, but otherwise, I don't think so. But again, I might be wrong

 

I find the peculiar brand of foreign privacy "elitism" that has been so oft tossed into the discussion to be rather naive and specious. How do you know your government isn't doing or cooperating in the very same acts? Everyone has known about the NSA for at least 20 or 30 years, but I strongly suspect that many, if not most, other governments have similar entities that perform the same or similar actions.

In regards to what has been the value of the programs... Do you really expect an answer? As the saying goes, absence of evidence is not evidence of absence; most especially when you are dealing with the covert affairs of a sovereign nation.

Lastly, while I understand the skepticism and hostility directed at the NSA, FBI, CIA, and the like... I'm not quite as sure as to the source of the same aggressive hostility towards the statements of the companies themselves. Of course Microsoft, Apple, Google, et al have to respond to valid governmental warrants and subpoenas. What else are you really expecting them to do? But when they say they require a warrant for each such disclosure and that they don't grant wholesale, unfettered, direct access to their systems or data... Why is that so quickly dismissed? You'll note, it's not Verizon and AT&T denying unfettered access... But then you should know about CALEA and it's offspring and ramifications anyway. It's not like it has been that huge of a secret.

 

Good point. Here in EU I read/listen more and more about companies looking for alternatives of US based clouds.

 

U.S. Agencies Said to Swap Data With Thousands of Firms
http://www.bloomberg.com/news/2013-06-14/u-s-agencies-said-to-swap-data-with-thousands-of-firms.html

 

Ad exec: Online ad industry complicit in NSA PRISM datamining.
http://www.zdnet.com/ad-exec-online-ad-industry-complicit-in-nsa-prism-datamining-7000016836/

NSA gets early access to zero-day data from Microsoft, others.
http://arstechnica.com/security/201...ccess-to-zero-day-data-from-microsoft-others/

U.S. Agencies Said to Swap Data With Thousands of Firms - not just a few.
http://www.bloomberg.com/news/2013-06-14/u-s-agencies-said-to-swap-data-with-thousands-of-firms.html

PRISM 2.0: From 9 to ‘thousands’ of technology and finance companies.
http://venturebeat.com/2013/06/14/p...housands-of-technology-and-finance-companies/

 

FB and MS shared the number of accounts subject to Gvmt. data request:

http://blogs.wsj.com/digits/2013/06...-10000-gov-data-requests-in-2nd-half-of-2012/

 

What you're neglecting to think about, however, is that when 99% of the population is "easy mode" to watch, that last 1% is viewed as suspicious. It makes sense, really. Think about it, what reason would just any Joe need to use 3 or more hop VPNs and TOR? Don't give me the "privacy" excuse, because we both know there are far simpler ways to hide from advertising trackers and other "normal" privacy risks on the net. Think like a cop, unless you're a business that needs encryption for sensitive information, what use would there be to go out of your way to use tools of that caliber? Hiding behind all these things, in the eyes of organizations such as the NSA, makes you stick out like a green hat with an orange bill. And, again, you have to be certain that the companies that provide such services aren't already playing ball with them.

I get your point, I truly do. But to be so confident that they'll just skip over you like a question out of your league on a college exam, is playing with fire.

 

Long but worth to read (the history of it):

http://bigstory.ap.org/article/secret-prism-success-even-bigger-data-seizure

 

If I were the NSA, or anyone else interested, and I wanted to find people who are likely doing weird things, I'd look in the "Privacy" section of this forum and others.. and check out the people asking about how to write 2 trillion zeros to their hard drives, among other things... lol...

 

Oh I'm sure they've lurked around here/are here.

 

@Mman79

Using a "convoluted configuration" might indeed attract special attention.

However, identifying those who are using convoluted configurations requires gaining the cooperation of at least one VPN provider (on either end). For those who have attracted attention in other ways, that may be feasible. But generally, it would be necessary to look at all users of all VPN providers. That would be nontrivial, because there are many VPN providers, and the good ones are set up to avoid meaningful cooperation.

I've identified myself, of course, repeatedly and in considerable detail. But it would be amusing if they tracked me down, because they would find nothing more than I share openly here (except for my true name). The only reason that I hide my true name is to demonstrate that it's possible

 

Can you ever bee really safe if they can map out your MAC ddresses to your loction? http://www.skyhookwireless.com/location-technology/performance.php

 

That's only relevant for mobile devices.

 

And MAC addresses are full of problems because of resale. I might sell my router on eBay or Craigslist. Somebody else has my mac address. (Don't EVER buy a used router!)

Also, it's been said a thousand times, but MAC addresses are only good to tie someone to a device after the fact.

.

 

Starts to make one wonder if Cloud based storage was not the brainchild of the NSA to begin with. I mean what easier way to get peoples data than have them upload it right to you, and all under the assumption it is protected.

 

Nice post Mman79, I didn't have the balls to say it myself

Agreed, I think I have smiled more times reading in the privacy section, than in any other section of Wilders

 

Yep, pretty entertaining....

 

Average Joe didn't but the NSA just changed the game, and that 1% is going up. People who never gave it a second thought are migrating to VPNs, Tor , private e-mail services not because they need to but because they don't want someone looking over their shoulder 24/7.

 

Here is also good reason given by inventati.org website:
"You don't encrypt your mail because you have nothing to hide? Very well, but how come do you close the curtains at home then?

You certainly wouldn't like some stranger sitting at the desktop of your Internet provider to grin while reading, for leisure, the messages you're sending to your best friend. If you have never encrypted your e-mail, it is likely that some stranger may have read what you've written..."
https://www.inventati.org/en/stuff/man_mail/privacymail.html

 

Your home gives you privacy, your personal space on the internet should be an extension of your personal home. Not being private is like letting people in and out you front door when ever they please.

 

Various LEA have been opening and copying postal mail all the way back to the 50's. It's a whole different world now. But, I'm not one of those who believes the NSA has no role to play whatsoever. If someone is planning a suitcase nuke attack on Los Angeles or New York, I'd like the NSA to know about it, and act on it, before I see the flash and hundreds of thousands die.

Just because methods are abused doesn't mean there aren't legitimate uses of the most sophisticated of high-tech measures.

But I largely agree with you here - there has to be a balance that we can all accept.

.

 

Anyone doing bad things is using encryption anyway, so what's the point in breaking non encrypted systems, that's just spying on normal people. I am just a normal guy and my email is encrypted at the server level with me being the only one that knows the private key, I can do this £20 a year. I doubt anyone doing bad would not bother with this and use Gmail or the like.

Only undercover agents in foreign countries and at home pretending to be from said countries are able to stop attacks, its the only real way in this modern era, spend less on technological spying and more on training servicemen and women in undercover /counterOps work. Which will save their lives and the lives of other for real and not just read what John doe said to his wife in a Facebook message. The only real reason for this surveillance is corporate blackmail and insider trading for the rich, you better believe that.

 

Wired has an interesting piece on the NSA, the current boss General Keith Alexander, the currently discussed snooping, expansion of the NSA, use of private contractors and more.

'One of the most secretive of these contractors is Endgame Systems, a startup backed by VCs including Kleiner Perkins Caufield & Byers, Bessemer Venture Partners, and Paladin Capital Group.
According to Defense News’ C4ISR Journal and Bloomberg Businessweek, Endgame also offers its intelligence clients—agencies like Cyber Command, the NSA, the CIA, and British intelligence—a unique map showing them exactly where their targets are located.
Dubbed Bonesaw, the map displays the geolocation and digital address of basically every device connected to the Internet around the world, providing what’s called network situational awareness.
The client locates a region on the password-protected web-based map, then picks a country and city— say, Beijing, China.
Next the client types in the name of the target organization, such as the Ministry of Public Security’s No. 3 Research Institute, which is responsible for computer security—or simply enters its address, 6 Zhengyi Road.
The map will then display what software is running on the computers inside the facility, what types of malware some may contain, and a menu of custom-designed exploits that can be used to secretly gain entry.
It can also pinpoint those devices infected with malware, such as the Conficker worm, as well as networks turned into botnets and zombies— the equivalent of a back door left open.
Bonesaw also contains targeting data on US allies, and it is soon to be upgraded with a new version codenamed Velocity, according to C4ISR Journal.
It will allow Endgame’s clients to observe in real time as hardware and software connected to the Internet around the world is added, removed, or changed.' link