NSA has direct access to tech giants' systems for user data, secret files reveal

Discussion in 'privacy general' started by Dermot7, Jun 6, 2013.

  1. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    If these intelligence agencies are working for corporate giants as opposed to individual nations, it would make plenty of sense. As for motives, plain old greed and the desire for power will suffice. IMO, the lists of verified targets we've seen since the initial Snowden leaks tell us that economic espionage is their primary purpose, not national security, not terrorism, just plain old greed.
     
  2. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,832
    Location:
    UK
    The politicians and the nation states are weak, and some corporate giants are strong. You can also rely on empire building and self-interest in any of the TLAs and security industries to erode any sense of morality and even the good of the organisation the securocrats are working for - just the same as the banking industry, the harm they are doing is not their problem, and they get richer.

    Doubtless, many of the employees intend to act with integrity and believe they are doing a patriotic job. But, particularly given the amount of money involved, and the apparent complete lack of controls, the temptation for "insider dealing" in the TLAs of many countries must be intense. We are talking secrets worth billions here, and it's rather obvious that someone is going to be tempted to take a slice of that action. Particularly if you can pass it on to your supposed allies under an intelligence sharing regime.

    Obviously, the US is in a position to dictate policies which are against a nation's self-interest, or what a substantial portion of their population wanted. For example, I understand that they threatened Germany with withdrawing intelligence sharing if they let Snowden testify to the German parliament.

    As the courts and high profile victims come out of the woodwork though, I think that balance will start to alter.
     
    Last edited: May 1, 2015
  3. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    From Ross Anderson:
    https://www.lightbluetouchpaper.org/2015/05/02/meeting-snowden-in-princeton/

    Edit: "And it’s a matter of record that Ed [Snowden] trusted his life to Tor, because he saw from the other side that it worked."

    I wonder what the haters say to that. Actually, I know: "He's a double agent, and it's all a con." Amirite?
     
    Last edited: May 2, 2015
  4. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,832
    Location:
    UK
    @mirimir - thanks for the link, it was a pretty good overview of the current state-of-play and nicely written - recommended.
     
  5. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
  6. driekus

    driekus Registered Member

    Joined:
    Nov 30, 2014
    Posts:
    489
  7. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
  8. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,832
    Location:
    UK
    It seems like the ramifications of the Airbus revelations continue, see this:

    http://www.spiegel.de/international...dal-puts-merkel-in-tight-place-a-1031944.html

    Essentially the proposition is, and this is something that I also read in the view of Bruce Schneier in Data and Goliath, that essentially the intelligence services in the X-eyes have become too dependent on the NSA and that they were essentially "hooked" by the NSA (and to some extent the GCHQ) data drug. It's also similar to the "siren servers" that Lannier talks about, that due to network effects (literal in this case), they become dominant. Merkel has effectively said that she will do this deal because she doesn't want terrorist acts to be on her watch, and presumably she could be criticised for rejecting this deal in case something happened - even if the basis for effectiveness is emphatically not proven, and the iatrogenics are emerging. It's also the same argument that Cameron has advanced.

    So they allow the NSA to have its way in the country (which includes activities which WILL disadvantage German individual, company and national interest), but with the siren promise that they will not get the consolidated data feed from the NSA unless they bow down.

    I think this is the only way to explain some of the paradoxical and plain foolish actions that we see, they are far from stupid, but are in a bind, and in any case, are not "allowed" to change course. They cannot admit the addiction. I think this applies to Merkel and Obama.

    Of course, this could potentially be undone by the German courts, unfortunately, my view is that that is unlikely, and they will either be leant upon or have some vague "national security" voodoo laid on them - Germany of course is somewhat more resistant to that line because of history.

    So, from the technology and privacy perspective, I think this is making clearer the extent to which data is shared across the X-eyes, and the preferential extent to which that is pooled by the US.
     
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Right. That makes sense. Blackmail, basically.

    Maybe the NSA and CIA have manufactured the threat of terrorism for just this purpose. I'm not suggesting that they're directly involved, in the sense of running covert operations. But they could be manipulating situations to create FUD, and so increase their budgets and influence.
     
  10. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,832
    Location:
    UK
    The essential take-away though, both as an individual and even more so as a corporation, you cannot trust your own government to be protecting you, to the contrary, through the data sharing and other special arrangements, they are making you vulnerable to both bulk data access and targeted access to a wide variety of interests and a large number of people, who cannot possibly be controlled and whose motives will be various and not in your interest.

    I do hope corporations will be acting on this dismal reality (not the internet corporations, I mean the real economy) - because that's the only thing which will be effective at kicking back at this kind of thing.

    I'm coming to think about these bulk databases as radioactive dumps. They are extremely dangerous just sitting there, an disaster waiting to happen - for all that the security services claim that they are not really collected until they are looked at by a human, this is utter nonsense. And transporting the waste to other places, duplicating it, is only adding to the problem.
     
  11. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    @deBoetie
    Nice bit of reasoning. In one respect, these agencies look like a corporations worst nightmare. On the other hand, the data they take from their corporate targets would give a big advantage to those who receive it. This would point to their working for a select group of corporations. Using the AirBus hack for an example, who would most benefit from that hack? Domestic aircraft manufacturers, who also happen to be defense contractors and builders of military planes? Who benefits from the hacking of a South American oil company? Domestic and multi-national oil companies, most of which are controlled by one family name? Who the NSA and their accomplices actually work for can largely be determined by the answer to one question, who profits the most from this "war on terror"?
     
  12. driekus

    driekus Registered Member

    Joined:
    Nov 30, 2014
    Posts:
    489
    @deBoetie

    Still haven't figured out how this protects me from terrorists who that statistically are less likely to kill me that a bee sting. ;)

    I agree with the radioactive dump sentiment. The big question is what would happen if North Korea got hold of the database, they could probably do serious damage.

    The problem with the economic espionage is that I would be certain that the Chinese are doing the same thing. And honestly I wouldnt blame them or hold anything against them for doing it. We are entering an arms race here.
     
  13. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,832
    Location:
    UK
    Indeed. I think my point is regarding the technical/privacy stance we need to adopt as individuals and companies, leaving aside what "ought" or "should" happen, we have to focus on what is happening and what is likely to happen (granted that is paradoxical, foolish, unrepresentative, unlawful etc).

    We have to protect ourselves (whether as individuals or corporations), because we cannot expect our own governments to do so - and to the contrary, they are participating in assaults against our "own" individual/corporate interests (that's effectively the "new" data although perhaps reflecting my naivety), and it also appears that the rule of law is exceptionally anaemic. I won't comment on how I feel about that because it would violate the Tos in so many ways, I'm saying dealing with what is, treating it as the prevailing "weather", means we have to take active steps to protect our privacy and security and that of those we care about - based on that dismal reality, I do not see any different way of reading it, nor do I expect meaningful change in the short term. And I guess that's why many of us are here, to take practical. well-informed and balanced views of what we can reasonably do.

    I'm much less concerned with Chinese attack than I am of the existence and sharing of the X-eyes databases. The Chinese do not have the privileged position to attack critical network infrastructure or citizens so easily, so routinely. Nor is the Chinese government able to lock people up, seize their possessions and violate their privacy on such a wall-to-wall basis - they do that at home of course. What's more, these databases are known to be shared across countries, and accessed by huge numbers of people, whose motives will undoubtedly include many nefarious things, including mega-industrial espionage. When financial transactions or business deals (e.g. $35bn contracts in Airbus's case, and even larger ones in the financial sector) are available for what is effectively insider dealing, you can expect individuals to be tempted beyond their limits. And there is no way of securing large databases, and no prospect of any of the transgressors getting locked up. The Loveint criminals only got a telling off.
     
  14. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,812
    I don't think the NSA manufactured the threat of terrorism, I think they are like a runaway train. Once they received the mandate to do everything in their power to prevent terrorism the train starts rolling and doing everything within their power to prevent terrorism is exactly what they do.
    Whether that threat is real, perceived, or entirely manufactured is rendered irrelevant by the sheer size of the operation, the funding, the contracts, the careers, the promotions and not to mention the huge political risk involved in trying to reign them in.
    I think what the NSA did was to identify every possible way terrorists could communicate, and every possible way terrorists could attack and implement what they felt was the best preventative measure, regardless of the consequences to anyone else. I hate to say it but in all honesty I feel the NSA were just doing their job and what has resulted from that is not really their fault, is the fault of those who direct them.
     
    Last edited: May 7, 2015
  15. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,430
    Location:
    Surrey, England.
    https://firstlook.org/theintercept/...s-nsas-bulk-collection-phone-records-illegal/
     
  16. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,430
    Location:
    Surrey, England.
    http://www.theregister.co.uk/2015/05/07/germany_curtails_nsa_snoop_assistance/

    http://www.theguardian.com/world/20...ts-cooperation-nsa-us-online-surveillance-spy
     
  17. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    Yeah. The Court really socked to em: "

    "...In a blistering 97-page opinion,a three-judge panel of the U.S. Court of Appeals for the Second Circuit overturned a lower court and determined that the government had stretched the meaning of the statute to enable “sweeping surveillance” of Americans’ data in “staggering” volumes..."

    http://www.washingtonpost.com/world...4bf-11e4-bcc4-e8141e5eb0c9_story.html?hpid=z1

    FULL OPINION HERE: http://pdfserver.amlaw.com/nlj/NSA_ca2_20150507.pdf
     
  18. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    Forget about the "blistering opinion."

    They already have giga-tons of data AND:

    "The appeals court did not resolve the question of whether the surveillance was unconstitutional.

    It also declined to halt the program, noting that parts of the Patriot Act including Section 215 expire on June 1.

    Lynch said it was "prudent" to give Congress a chance to decide what surveillance is permissible, given the national security interests at stake."


    OMG what courage. How about an order immediately stopping the collection of this data and a requirement that under the supervisions of U.S. Marshals (the Court's Police Force) all such data be destroyed as well as any records or other info which the data lead to "the fruit of the poison tree" doctrine lawyers call it.

    http://www.huffingtonpost.com/2015/05/07/nsa-phone-surveillance_n_7231872.html
     
  19. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    @RockLobster

    I get what you're saying. The NSA is part of the military, and arguably are following orders. Very throughly.

    But also, I do recall from the 90s that US military and intelligence were looking for work, after the CCCP collapsed. And I get from Bamford that the same thing happened after WWII. So in the 50s, the Cold War ramped up. And since the 90s, starting with Saddam, there's been the threat of terrorism.

    So maybe it isn't the NSA that's behind it, but their masters.
     
  20. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Those who are partnered with the military and profit from continual warfare. What we need is a war on corporate warlords.
     
  21. driekus

    driekus Registered Member

    Joined:
    Nov 30, 2014
    Posts:
    489
    That's absurd, you need a tin foil hat. ;) You also forgot that these government departments benefit from the manufactured threats, what better way to justify a budget than pretend we are under threat.

    ~ Removed Off Topic Remarks ~

    I wonder what threat could be manufactured next?
     
    Last edited by a moderator: May 7, 2015
  22. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I didn't forget. I regard them as one and the same. There's no doubt that they're splitting the money. The sick part is that we're paying to be regarded as potential threats.
    Those who point out that this system is a threat to humanity and peace in any form.

    ~ Removed Off Topic Remarks ~
     
  23. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,832
    Location:
    UK
    Agree, these are just words.

    They have done nothing at all to redress the asymmetry in justice, because if this happened in a "normal" situation, there would have been an immediate injunction, and the guilty party would be facing huge and punitive fines and those responsible open for personal prosecution. There is a big problem with illegally acting governments because fines do not hurt those at fault, they just fall on the taxpayer.

    Instead, they have personal immunity and are rewarded for acting illegally, using public money to continue defending the indefensible and not have sought debate or constitutional ruling before setting up these illegal programs, and taking the action in secret.

    And the court did the nauseating kow-towing to national security. No. They've had 2 years to sort out the legalities, and nothing's changed. The court should have no patience and simply impose the injunction right now. That would be (belated) justice.

    The other thing the courts need to do is radically alter the presumption of standing in these cases where there has been government secrecy and where it is very difficult to establish what has happened without proper disclosure and transparency. In these cases, there should be a presumption of standing, and at least having some evidence made available to the judge what that standing actually is, given that the government has that information, and it should be available. The national security argument could be taken at that point, not fended off by disreputable arguments of standing. Actually - I enjoyed reading the document - the whole government defence reeks of disrepute.

    But the reality is what it is, therefore, even though this very limited judgement appears superficially encouraging, it actually changes nothing, and doesn't change the prospects either. We have to continue to take action ourselves, in our own interests, to protect our privacy, with no expectation of legality or help from our own governments, the opposite.
     
  24. driekus

    driekus Registered Member

    Joined:
    Nov 30, 2014
    Posts:
    489
    Until we are criminalized for protecting ourselves. Maybe that will happen when facebook takes over the privatization of government records.

    The ironic thing is that strong internet security provides protection against attacks from bad actors. The attack on Github was reliant on the fact that the could use MITM attacks on http traffic.

    Https, PGP and strong drive encryption applied at the personal level can protect our privacy from governments (including our own) but if used by the majority of users can enhance national security.
     
  25. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
    EFF Case Analysis: Appeals Court Rules NSA Phone Records Dragnet is Illegal.

    Related: What did the courts just do to NSA spying?

    -- Tom
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.