I've lived under surveillance before, so I feel my perspective might be somewhat appropriate. I won't comment on the specifics (uninteresting and irrelevant, had to do with where I was living). I won't even make a statement about whether it's justified in my case or in general. I'd just ask everyone here to do one thing:
Watch this, then ask yourself how you feel (if it doesn't go directly to 6:40, fastforward to it, then watch for 30 seconds):
I understand about various interpretations of "collect", "intercept", "analyze", etc. Just watch the video, and ask yourself how you feel. Please know that I'm not telling you how to feel, just providing a small snippet of a conversation. Why do you feel that way, and what does that feeling say about you, or your society?
I've been monitored too, but did you really believe that all of the activities we do online weren't monitored...or do you just believe (like I did before I got convicted), that the gov won't bother with us.
This is just more reason why bills like CISPA need to be revised or blocked. The gov already knows what we do, but it just comes down to what they can prove in court.
I am not defending the program. But doesn't the program only collect data when there is a 51% percent confidence or greater that the source is foreign?
That's a bit slippery, but could be an explanation for his statement.
His body language give him away. That is why we have actors in position of power because they need to perform for the puppetiers in front of the gullible.
How does this stuff work? Would someone at the NSA contact dropbox and ask them to build in a backdoor or are they just able to access whatever the fuck they want and simply do?
What really saddens me is that this confirms all the conspiracy rumors.
Wasn't it always just a rumor going around that the U.S. Government "made" Microsoft buy Skype for spying purposes?
Well:
"10 May 2011, Microsoft Corporation acquired Skype Communications"
and on 2/6/11 Skype was added to the US spy program [1]
They were so eager to spy on Skype users that they implemented that "feature" even before the deal was officially done. Considering that Skype had been around since 2003 the events don't appear very accidental.
Wouldn't surprise to find out one day that the Skype acquisition was indirectly tax-payer funded.
I'm saddened to see Dropbox on the list. Did they choose to participate or is it mandatory?
In any case, we've moved several projects to BTSync recently from Dropbox (for no other reason than to free up space on Dropbox for our personal files) and have been enjoying the service.
As a p2p encrypted protocol, I imagine it's much more difficult to eavesdrop on your files and would actually require a warrant to obtain.
The government's theory is that a national security letter is sufficient to get access to your data. No warrant required. And Dropbox is not allowed to tell you that it happened.
This is why've were trying to make it legal lately. They were already doing it. The same thing happened with the Patriot Act.
It seems FBI/NSA "test-drive" a new illegal spying program first, and then lobby Congress to pass a law to make it legal (regardless of its constitutionality, as we've seen so far).
I bet they would've wanted retroactive immunity, too, in these new laws. Also, let's see how those supporters of FISA, like Dianne Feinstein, try to spin this one as "they already knew about it" (which makes it that much worse) and that it's nothing new.
Also let me see them say with a straight face that this is constitutional and doesn't violate the 4th Amendment. But seeing how cynical these people have become, I don't think it would be too hard for them to do it.
NSA: "Look, I know that this was illegal, and we were not supposed to be doing this, but you have just got to look at the data. Just look at all the crazy terrorists out there. They've been organizing over FB, keeping their data on Dropbox and Drive and talking over skype. Here's our proof! You MUST make this activity legal... the FREEDOM of the US depends on it!!"
Congress: "ok"
---
But we are not fooling anyone. There is not a single worthy human being in congress. Every single last one of them is a corporate shill and they are all opportunistic criminals.
Yes, this is bad. Yes, you are right to be upset. Yes you (not not really me, I'm not American and i avoid american hosting and hosting companies like amazon for exactly this reason) should change that.
But honestly, are you surprised? Are you really?
Government agencies have be building large datacenters, the EU loves data retention. There was no tin foil head required to see this.
When people wanted to talk about this kind of massive wiretapping program years ago, they were called paranoid nutcases. Now that the truth is coming out, people who want to talk about it are called out for belaboring the obvious.
I see this "are you so naive as to be surprised?" reaction in almost every thread about this. It's some kind of defense mechanism.
Im not sure being not American saves us. Do you use any of those US services? If so, I assume they have your data.
If you are British, as I am, I assume our government is shovelling off all our data to the US too.
As far as I am concerned, the internet is now pretty much like having our lives bugged. Might as well go the whole hog and have CCTV in all house holds. Heh, for all I know they access out webcams, etc. So, we might already be there.
I'm afraid the US has essentially infected the internet with a cancer what will only spread. Freedom, privacy, liberty, on the internet is officially gone. Sure we all "knew" about the likes of echelon for years, but it was officially dismissed as loony conspiracy talk. Now we know it basically true.
Sad thing is, this is under the watch of a Democrat, started by a Republican. Who is going to dare to reverse this?
No, but now there is proof, which should make a difference. How are all of these not cases for impeachment? If Fox News thought Obama should be impeached over Benghazi, they should love this.
At least we know beyond a shadow of a doubt that Skype has a backdoor now. Not really surprising although they did have some security people analyze the protocol and state that it was e2e secure.
FTA: "According to a separate “User’s Guide for PRISM Skype Collection,” that service can be monitored for audio when one end of the call is a conventional telephone and for any combination of “audio, video, chat, and file transfers” when Skype users connect by computer alone. Google’s offerings include Gmail, voice and video chat, Google Drive files, photo libraries, and live surveillance of search terms."
I'm not sure when the security people you are talking about did their audit, but when Microsoft bought Skype a few years ago they changed it from P2P communications to routing everything through a central server. After that it would be child's play to put in a backdoor.
What sort of threats does the NSA give to these companies so they participated without any leaks? Just curious what the penalty would be if the NSA approached me about sucking down my user data and I refused.
Would be time for a call on VCs and Incubators that a sustainable future for the web would mean fostering startups that rise the convenience of privacy tools.
This is fucking atrocious. How much money do we allocate to national security in a year and this is the kind of amateurish PowerPoint slide their analysts come up with?
I think it's interesting to ask why these programs are so widely hated.
These are national security assets: evidence gathered here will never be used in a drug case, or a tax evasion case. Why not? These tools exist for the bigger fish: the dozens of Soviet-era nuclear weapons believed to be missing, or the small amounts of dangerous pathogens that periodically vanish from research labs. These are what the government is worried about, and they're not going to risk revealing their methods for something lesser.
Warren Buffet has predicted a major nuclear terrorist attack on an American city to be a "virtual certainty" given enough time.
Ok, but no one here is going to argue that stopping terrorism is bad: the problem is in how we define terrorism. What happens when the definition becomes progressively wider? What counts as "terrorism" is political, after all.
It's important to remember that we still have a functioning democracy. If you -- Hacker News reader -- decided to run for congress tomorrow, you might not win, but you won't be killed, sabotaged, or secretly blocked. While some individual politicans may be corrupt, the system broadly is not. These programs are enforcement mechanisms; the laws themselves are still made by the people, and maybe corporations. While we as a population may argue about social issues like gay marriage and abortion, our government is not fascist.
Further, I take these programs as a great example that security is much harder to create than it is to destroy. Extreme efforts such as these may still be insufficient to prevent New York from being destroyed by terrorists. In that case, the acts of a few crazy people still overcame a monumental effort by the entire intelligence apparatus. What does that say about the time Hacker News is so afraid of, when it's more than only a few crazy people that the government is "worried about"?
Should these programs exist? I don't know. I'm as worried as anyone about the scope creep. I'm willing to accept a level of inherent danger with living in a free society. However, do not forget that we can't see NSA success stories. I might be willing to accept a risk of periodic car bombs, which while tragic are not statistically significant; however, if PRISM is actually effective at tracing and intercepting Soviet nuclear weapons, I can see multiple sides of this issue.
We have rights to privacy and protection from unreasonable search and seizure. Those rights were created to prevent unfair loss of life, liberty, and property. These programs, hidden in the background, don't inconvenience you, or lead to loss of freedom or property. Is privacy good? Of course. But the incentives the intelligence apparatus have to not use any data collected here against anyone for reasons less than "real" terrorism are strong enough, that I think it's not open-and-shut.
An important thing to know here is how compartmentalization works.
On one hand, it's to help limit classified information to those with a need-to-know.
On the other hand, it's used to mislead oversight and limit the visible scope of an overall goal.
So while it may be technically true that PRISM is only doing x, there may be a separate compartment (called, say FROGBUTT or whatever) that performs the sister role of y in support of PRISM.
This is how intelligence agencies hide and mislead the public. They say "Yeah, we do have a program called FROGBUTT that collects call metadata, but we don't collect personal information or examine the contents of a call." What they don't mention is that they have another companion program called LIZARDDICK that does collect that accompanying personal information, and they have yet another program called COWBONG that collects the contents of calls.
This is how this work. Plausible deniability, onion layers, confusion. Combine this with the fact they periodically change compartment program names, and it gets exponential.
See also: RAGTIME, THINTHREAD, STELLAR WIND, TRAILBLAZER, etc
Edit: Just saw the portion markings (the stuff on the slides that says their classification level), and I'm going to change my judgement to "this was pretty classified." And whoever released these slides to the public is going to jail for violating the NDA they signed. Jail for quite a few years for knowingly revealing TS information. I'll leave my previous comment below so you won't think I erased anything.
My problem is how they portray this. Direct from the article:
"The highly classified program, code-named PRISM, "
and also:
"The technology companies, which participate knowingly in PRISM operations, include most of the dominant global players of Silicon Valley."
If you have numerous (non-government contractor type) companies knowingly participating in the program, then it isn't "highly classified." And if you thought that your communications were private then you were fooling yourself. Even Tor, the darling of the EFF, was initially developed by the Navy. It's very tough for people to communicate electronically these days without the government being able to listen in.
Perhaps whomever leaked it regarded it as essential to upholding an oath of office. 'preserve, protect, and defend the Constitution of the United States.... '
> "In 2008, Congress gave the Justice Department authority to for a secret order from the Foreign Surveillance Intelligence Court to compel a reluctant company “to comply.”"
One more reason FISA is one sick, disgusting piece of legislation, and it was just extended to 2017, last year - yet too many were dormant when all of it was going down.
> One more reason FISA is one sick, disgusting piece of legislation, and it was just extended to 2017, last year.
I think you are confusing the nature of FISA -- a piece of legislation designed to constrain excessive executive domestic surveillance passed in the wake of widespread and highly politicized abuses by the Nixon Administration -- and recent amendments to FISA to expand the scope of allowed surveillance that were passed under the justification of the necessities of the "War on Terror".
[+] [-] kevinalexbrown|13 years ago|reply
Watch this, then ask yourself how you feel (if it doesn't go directly to 6:40, fastforward to it, then watch for 30 seconds):
https://www.youtube.com/watch?v=QwiUVUJmGjs&feature=yout...
I understand about various interpretations of "collect", "intercept", "analyze", etc. Just watch the video, and ask yourself how you feel. Please know that I'm not telling you how to feel, just providing a small snippet of a conversation. Why do you feel that way, and what does that feeling say about you, or your society?
Originally found in a comment: https://news.ycombinator.com/item?id=5835025
[+] [-] mtoddh|13 years ago|reply
http://www.youtube.com/watch?v=B6fnfVJzZT4
[+] [-] samstave|13 years ago|reply
And millions of americans should sign a petition to have this happen.
[+] [-] aneth4|13 years ago|reply
Contrast that to his direct confident demeanor when he's telling evasive truths.
Clapper is the Director of National Intelligence
[+] [-] Taylorious|13 years ago|reply
[+] [-] quackerhacker|13 years ago|reply
This is just more reason why bills like CISPA need to be revised or blocked. The gov already knows what we do, but it just comes down to what they can prove in court.
[+] [-] jcrites|13 years ago|reply
That's a bit slippery, but could be an explanation for his statement.
[+] [-] pvdm|13 years ago|reply
[+] [-] jhart3333|13 years ago|reply
[+] [-] chailatte|13 years ago|reply
[deleted]
[+] [-] monkmartinez|13 years ago|reply
[deleted]
[+] [-] donohoe|13 years ago|reply
[+] [-] ryguytilidie|13 years ago|reply
[+] [-] stfu|13 years ago|reply
Wasn't it always just a rumor going around that the U.S. Government "made" Microsoft buy Skype for spying purposes?
Well: "10 May 2011, Microsoft Corporation acquired Skype Communications"
and on 2/6/11 Skype was added to the US spy program [1]
They were so eager to spy on Skype users that they implemented that "feature" even before the deal was officially done. Considering that Skype had been around since 2003 the events don't appear very accidental.
Wouldn't surprise to find out one day that the Skype acquisition was indirectly tax-payer funded.
[1] http://www.washingtonpost.com/wp-srv/special/politics/prism-...
[+] [-] _pius|13 years ago|reply
https://www.cdt.org/content/donate
https://supporters.eff.org/donate
[+] [-] ISL|13 years ago|reply
https://www.torproject.org/
https://en.wikipedia.org/wiki/Pretty_Good_Privacy
etc.
[+] [-] nostromo|13 years ago|reply
In any case, we've moved several projects to BTSync recently from Dropbox (for no other reason than to free up space on Dropbox for our personal files) and have been enjoying the service.
As a p2p encrypted protocol, I imagine it's much more difficult to eavesdrop on your files and would actually require a warrant to obtain.
I presume that's true for AeroFS as well.
[+] [-] btilly|13 years ago|reply
And yes, they can give your data to the government. Communications to/from Dropbox are encrypted. But it is unencrypted on the back end. See http://paranoia.dubfire.net/2011/04/how-dropbox-sacrifices-u... for how we can know that.
[+] [-] cdooh|13 years ago|reply
[+] [-] ISL|13 years ago|reply
[+] [-] tracker1|13 years ago|reply
[+] [-] guelo|13 years ago|reply
[+] [-] nicoritschel|13 years ago|reply
[+] [-] mtgx|13 years ago|reply
It seems FBI/NSA "test-drive" a new illegal spying program first, and then lobby Congress to pass a law to make it legal (regardless of its constitutionality, as we've seen so far).
I bet they would've wanted retroactive immunity, too, in these new laws. Also, let's see how those supporters of FISA, like Dianne Feinstein, try to spin this one as "they already knew about it" (which makes it that much worse) and that it's nothing new.
Also let me see them say with a straight face that this is constitutional and doesn't violate the 4th Amendment. But seeing how cynical these people have become, I don't think it would be too hard for them to do it.
[+] [-] unknown|13 years ago|reply
[deleted]
[+] [-] samstave|13 years ago|reply
Congress: "ok"
---
But we are not fooling anyone. There is not a single worthy human being in congress. Every single last one of them is a corporate shill and they are all opportunistic criminals.
[+] [-] rdtsc|13 years ago|reply
[deleted]
[+] [-] fosap|13 years ago|reply
But honestly, are you surprised? Are you really?
Government agencies have be building large datacenters, the EU loves data retention. There was no tin foil head required to see this.
[+] [-] b6|13 years ago|reply
I see this "are you so naive as to be surprised?" reaction in almost every thread about this. It's some kind of defense mechanism.
[+] [-] alan_cx|13 years ago|reply
If you are British, as I am, I assume our government is shovelling off all our data to the US too.
As far as I am concerned, the internet is now pretty much like having our lives bugged. Might as well go the whole hog and have CCTV in all house holds. Heh, for all I know they access out webcams, etc. So, we might already be there.
I'm afraid the US has essentially infected the internet with a cancer what will only spread. Freedom, privacy, liberty, on the internet is officially gone. Sure we all "knew" about the likes of echelon for years, but it was officially dismissed as loony conspiracy talk. Now we know it basically true.
Sad thing is, this is under the watch of a Democrat, started by a Republican. Who is going to dare to reverse this?
[+] [-] mtgx|13 years ago|reply
[+] [-] nickpinkston|13 years ago|reply
[+] [-] EthanHeilman|13 years ago|reply
FTA: "According to a separate “User’s Guide for PRISM Skype Collection,” that service can be monitored for audio when one end of the call is a conventional telephone and for any combination of “audio, video, chat, and file transfers” when Skype users connect by computer alone. Google’s offerings include Gmail, voice and video chat, Google Drive files, photo libraries, and live surveillance of search terms."
[+] [-] olympus|13 years ago|reply
[+] [-] ry0ohki|13 years ago|reply
[+] [-] Zoepfli|13 years ago|reply
He is welcome to add options to use my own cloud storage while using clientside encryption, and I might reconsider.
You're welcome to send him your opinion as well. It's tcook@youknowntherest.
[+] [-] natrius|13 years ago|reply
[+] [-] ISL|13 years ago|reply
[+] [-] stfu|13 years ago|reply
[+] [-] danso|13 years ago|reply
http://www.washingtonpost.com/wp-srv/special/politics/prism-...
I wonder which cub analyst got the job of putting together a collage of logos for that final slide?
[+] [-] pavs|13 years ago|reply
http://www.slashgeek.net/2013/02/17/self-host-everything/
[+] [-] frisco|13 years ago|reply
These are national security assets: evidence gathered here will never be used in a drug case, or a tax evasion case. Why not? These tools exist for the bigger fish: the dozens of Soviet-era nuclear weapons believed to be missing, or the small amounts of dangerous pathogens that periodically vanish from research labs. These are what the government is worried about, and they're not going to risk revealing their methods for something lesser.
Warren Buffet has predicted a major nuclear terrorist attack on an American city to be a "virtual certainty" given enough time.
Ok, but no one here is going to argue that stopping terrorism is bad: the problem is in how we define terrorism. What happens when the definition becomes progressively wider? What counts as "terrorism" is political, after all.
It's important to remember that we still have a functioning democracy. If you -- Hacker News reader -- decided to run for congress tomorrow, you might not win, but you won't be killed, sabotaged, or secretly blocked. While some individual politicans may be corrupt, the system broadly is not. These programs are enforcement mechanisms; the laws themselves are still made by the people, and maybe corporations. While we as a population may argue about social issues like gay marriage and abortion, our government is not fascist.
Further, I take these programs as a great example that security is much harder to create than it is to destroy. Extreme efforts such as these may still be insufficient to prevent New York from being destroyed by terrorists. In that case, the acts of a few crazy people still overcame a monumental effort by the entire intelligence apparatus. What does that say about the time Hacker News is so afraid of, when it's more than only a few crazy people that the government is "worried about"?
Should these programs exist? I don't know. I'm as worried as anyone about the scope creep. I'm willing to accept a level of inherent danger with living in a free society. However, do not forget that we can't see NSA success stories. I might be willing to accept a risk of periodic car bombs, which while tragic are not statistically significant; however, if PRISM is actually effective at tracing and intercepting Soviet nuclear weapons, I can see multiple sides of this issue.
We have rights to privacy and protection from unreasonable search and seizure. Those rights were created to prevent unfair loss of life, liberty, and property. These programs, hidden in the background, don't inconvenience you, or lead to loss of freedom or property. Is privacy good? Of course. But the incentives the intelligence apparatus have to not use any data collected here against anyone for reasons less than "real" terrorism are strong enough, that I think it's not open-and-shut.
[+] [-] shmerl|13 years ago|reply
[+] [-] anon808|13 years ago|reply
[+] [-] runjake|13 years ago|reply
On one hand, it's to help limit classified information to those with a need-to-know.
On the other hand, it's used to mislead oversight and limit the visible scope of an overall goal.
So while it may be technically true that PRISM is only doing x, there may be a separate compartment (called, say FROGBUTT or whatever) that performs the sister role of y in support of PRISM.
This is how intelligence agencies hide and mislead the public. They say "Yeah, we do have a program called FROGBUTT that collects call metadata, but we don't collect personal information or examine the contents of a call." What they don't mention is that they have another companion program called LIZARDDICK that does collect that accompanying personal information, and they have yet another program called COWBONG that collects the contents of calls.
This is how this work. Plausible deniability, onion layers, confusion. Combine this with the fact they periodically change compartment program names, and it gets exponential.
See also: RAGTIME, THINTHREAD, STELLAR WIND, TRAILBLAZER, etc
[+] [-] olympus|13 years ago|reply
My problem is how they portray this. Direct from the article:
"The highly classified program, code-named PRISM, "
and also:
"The technology companies, which participate knowingly in PRISM operations, include most of the dominant global players of Silicon Valley."
If you have numerous (non-government contractor type) companies knowingly participating in the program, then it isn't "highly classified." And if you thought that your communications were private then you were fooling yourself. Even Tor, the darling of the EFF, was initially developed by the Navy. It's very tough for people to communicate electronically these days without the government being able to listen in.
[+] [-] AnthonyMouse|13 years ago|reply
Tor is open source. Are you suggesting there is some secret backdoor inserted by the Navy which is not apparent in the public code?
[+] [-] ISL|13 years ago|reply
[+] [-] mtgx|13 years ago|reply
One more reason FISA is one sick, disgusting piece of legislation, and it was just extended to 2017, last year - yet too many were dormant when all of it was going down.
[+] [-] dragonwriter|13 years ago|reply
I think you are confusing the nature of FISA -- a piece of legislation designed to constrain excessive executive domestic surveillance passed in the wake of widespread and highly politicized abuses by the Nixon Administration -- and recent amendments to FISA to expand the scope of allowed surveillance that were passed under the justification of the necessities of the "War on Terror".