NSA has direct access to tech giants' systems for user data, secret files reveal

Discussion in 'privacy general' started by Dermot7, Jun 6, 2013.

  1. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    111,058
    Location:
    Texas
    Some posts removed. While politics are a big part of the world today, we won't discuss that here and it really isn't necessary to quote Socrates or Aristotle at this point.
     
  3. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    -http://www.washingtonpost.com/world/national-security/black-budget-summary-details-us-spy-networks-successes-failures-and-objectives/2013/08/29/7e57bb78-10ab-11e3-8cdd-bcdc09410972_story.html

    Edit: ... and ...

    -http://www.washingtonpost.com/world/national-security/nsa-paying-us-companies-for-access-to-communications-networks/2013/08/29/5641a4b6-10c2-11e3-bdf6-e4fc677d94a1_story.html
     
  4. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    111,058
    Location:
    Texas
  6. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,321
    Location:
    AmstelodamUM
    Thanks for the laugh.
    So the announced --not implemented-- steps by the US government, against the current 'Off the reservation'-style NSA data collection frenzy, have NOT been implemented in Europe.
    Message is clear, Europeans are doing worse. Makes sense.
     
  7. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Given that this data doesn't include requests under NSLs, I'm not sure how probative it is. I see no reason why broadly invasive access demands and intercepts by other major intelligence organizations would be any more public than NSA's were before Snowden. Maybe the NSA doesn't really know Russia's, China's etc capabilities, or maybe Snowden just wasn't looking for that information. With enough resources, anyone could tap the major undersea cables and such.
     
  8. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
  9. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    This is one of the reasons I believe the nearly blind faith in encryption measures will sometime soon bite its believers. Bruce Schneier is a good, smart guy, but he's one of those that I think places far too much faith in modern measures. Agencies like the NSA aren't hiring just any old math geeks. Some of the brightest, most clever minds that walk the Earth check into that giant mirrored building every morning, and they've got billions of dollars a year to play with. This isn't even factoring in the folks at the CIA and DARPA..DARPA not really focusing on such thing, but many of their ideas go on to have unplanned benefits to many technological areas. I've often heard the phrase "the math is solid". Well, yes it is, until the next math genius decides to walk to the chalkboard and obliterate the "facts". It's been happening for centuries, no reason to believe that as we've become more advanced that it will cease.
     
    Last edited: Aug 30, 2013
  10. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    From Practical Cryptography (2003):
    They would not need 35,000 people or $10 billion for research into cracking encryption. They're not going to waste that much money or manhours on brute force attacks either. These numbers suggest that they have found the feared "class of attacks" and need that many people to get through the encrypted data they've already accumulated. They wouldn't need that many people for data encrypted by non-standard (or as some call them, obscure ciphers).

    Forget the probability numbers for brute forcing touted by those who say AES can't be attacked. The money spent and the people required tell you what you need to know. Get away from AES.
     
  11. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    That's the way I figure it too, I'm just waiting for that ~ Snipped as per TOS ~ moment when somebody leaks out what we believe to be already true. I have no idea why brute forcing is ever discussed in these matters. It's a pathetic argument to use when trying to make the case that breaking is "impossible". Who ~ Snipped as per TOS ~ brute forces things anymore unless it's some stupid little password to a Facebook account or something? It's not even worth the trouble of trying.

    Between Ft. Meade and the Utah facility, they've got the money, time, classified know how and tools to do almost anything they darn well please as far as code and crypto goes.
     
    Last edited by a moderator: Aug 31, 2013
  12. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    If they want to expend that kind of money and manpower cracking peoples encrypted files, the least we can do is keep them busy. We should all start encrypting cat videos, common newspaper articles, PDF textbooks, audio recordings of rush hour traffic, etc and upload them to sites like rapidshare, dropbox, e-mail draft folders, etc.
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Even better, just use random data, such as:

    -----BEGIN PGP MESSAGE-----
    Version: GnuPG v1.4.11 (GNU/Linux)

    [many 64-character lines with random characters that GnuPG uses]

    -----END PGP MESSAGE-----
     
  14. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    With a decent webcam, a few batch files, and a task scheduler, the process could be automated. Every half hour, a new video, from a webcam pointed at the fish tank.
     
  15. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    Only issue is, when dealing with Dropbox and others, eventually all those uploads will hit your wallet.
     
  16. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Recent events suggest another place to put them. Hidden Tor servers. They're digging thru them looking for kiddie porn.
     
  17. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    Tor is literally the last place I'd put anything, even to screw with them.
     
  18. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    It would be one of my first choices. I realize that nodes and exits operated by 3 letter agencies is a real problem. While we can't get rid of them, the more nodes/exits users create, the lower the chances of your traffic using a bad node become. If Tor users got together, they could create a lot more nodes than all the 3 letter agencies. Even if the agencies could match the quantity, they'd need a lot more people to go through the data, at a time they're trying to eliminate potential leaks by reducing staff.
     
  19. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Have you seen this?

    -https://metrics.torproject.org/users.html

    Best guess seems to be a botnet.
     
  20. Pinga

    Pinga Registered Member

    Joined:
    Aug 31, 2006
    Posts:
    1,420
    Location:
    Europe
    Mrs. Slocombe's?
     
  21. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    You score points for that reference :D

    @Mirimir: That's what I'm guessing too. One never knows though.
     
  22. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
    'Hello, NSA? I accidentally deleted an email'.

    -- Tom ;)
     
  23. controler

    controler Guest

    i just think it is funny how they use my taxes to spy on me and other countries. The other countries should at least foot their part of the bill.

    If i understand this who mess, they do not use software at the PC level at all? only access to who ever bushiness they want's servers? such as wilders or any other anti maleware, social sites if they so chose?
     
  24. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    As I understand their setup for intercepting the Internet, they are using grid computing:

    -https://en.wikipedia.org/wiki/Grid_computing

    The 2008 document about XKeyscore indicates that there were about 500 intercept sites that could be searched in parallel, looking at live data, and that useful traffic could be directed to long-term srorage. That sounds like a grid.
     
  25. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.