The answer to your question is that you were quite right before that he intends to do as much damage as possible, and the best way to do that is this long term dribbling out of scandal with a certain build to it. And GG, being in the media, knows how this stuff works.

it is the obvious attempts to create permanent records from this data that scares me. A system deliberately designed to have insufficient resources to "grab it all" must be smart about what it gets. The "collect the whole haystack" idea seems to be driving our operations though, and I cannot think of anything more chilling to a free and open society.

Rise to a certain level of annoyance and after about 30 seconds on a keyboard it's like Agent Mike has been even closer than your significant other for years. Certainly enough lead time to discredit an individual before their message can gain traction in any given news cycle.

The most obvious and undiscussed application of "metadata" was always for security clearances and eliminating "insider threats". Do you have a reporter two hops from you? What about someone with the wrong political sympathies? I haven't tended to believe in government conspiracies (like did FDR know about Pearl Harbor) because in a large group of people, you will tend to always find someone with a slightly different viewpoint whose conscience will have them talking about unethical things regardless of "security clearances." Not so much when such a powerful tool to preselect ideological conformity can be applied.

Having seen more than enough political cronyism in politics (Bush's dismissal of U.S. attorneys comes to mind) I really have no desire to have a system where a "loyalty rating" can be easily and automatically generated by the next unethical bunch of Republicans to come into power.

I think any other country with the ability to spy on everything wouldn't even try to go after metadata, I think they'd go after everyfucking thing and do all sorts of behavior analysis on every single morsel of information.

The NSA collects, mind you, everything we write (yes, even this post here is being indexed, written language isn't that much, I did the math, it's ridiculously small), but they say that they only look at said data if the metadata gets triggered.

If true then they're going out of their way. I frankly don't think they're actually looking at metadata only.

edit: oops, seems, interestingly, you were one of the people to have read that post before, my bad. Still, others may want to see this, the NSA has effectively admitted to spying on the world and collecting every post by every human on the internet.

Traffic analyses were always easier to do than actual interceptions and have a long history of being valuable from a military point of view (The Battle of Midway, for example, which was a codebreaker victory first and foremost). It also would be data more relevant to investigators trying to bust up a terror network from a handful of suspects (known associates). As we discussed to death last summer, it requires a tiny, tiny, tiny fraction of the server space in one of our many fusion centers. Given the size of a metadata record and the number of calls made per day in the US, several years worth of calls can be saved on pretty much a single rack of servers. If it was "just metadata" this project could run from a single nondescript office in some technical park on the outskirts of a major city.

When the post-9/11 gloves came off, metadata came first because it could be done quickly -- the telcoms already had the info! The rest came later.

But I've never doubted that eventually storing everything was a goal and that it was certainly to enable the exact functionality I fear regardless of other reasons being given. The technical problem is trivial even if the scale is huge, but not impossibly so, and there are metrics! Anyone beholden to a funding authority knows that a precise looking "completion" bar graph which moves is gold, regardless of debates about the value of the actual end product.

Sorting it all? They're not there yet, otherwise DARPA would not be advertising research money to "detect anomalous patterns" in massive datasets. They have too much data, making sense of it in a usable way is actual hard (near impossible) project.

If, and it's a big if, they're only collecting metadata of foreign-US communications, then that is an epic and amazing effort. I don't think they are. They can get more clear data looking for stuff that takes an entire snapshot.

Look at the post I linked. I didn't have it bookmarked, I just googled it, and I even used a shitty search query (I asked about myself and NSA data, but it was more than that). It was the first hit. Google knows what shit I look up though (I've looked that post up before to share it) and has decided what I'm looking for without me trying.

Metadata proves some spurious connection, but it doesn't get to the nitty gritty of behavioral analysis. Google knows more about my behavior, about my likes and dislikes, about what I want, more than anything else on this Planet. Google knows me better than my mom, brothers, or even my most intimate lovers. It has never been wrong about me the past few years (when looking up searches about myself, with shitty keywords). And I even turned off its search history for me. It's remembering!

Now, they might sequester whole searches against a metadata search, and then only "look" at metadata transactions, but I don't think that counts. All it takes is one intelligence official to basically promote a metadata search to the higher level background search and ones entire human personality and psyche profile is revealed!

But even if they did that it wouldn't prevent abuses or massive privacy violations. All it takes is one person in the position to promote some data to searchable and your entire life is consumed and observed and analyzed.

I reread your post after typing this (I tend to do that before submission) and I agree that metadata was a "baby step" but I think we can both agree, after digesting your post some more, that they're not just looking at metadata, these fuckers are spying on the entire internet and what I post, what you post, what everyone posts here is going through some filter, some algorithm. We might even be triggering it at this very moment for someone to look over.

And I agree. They are scooping up everything and building profiles. After all, there are only 6 billion people on the planet. Only a few hundred million Americans. That's not even a challenge.

I hope people take the time to think about what this makes possible. Even now the profile on any individual probably reveals more about that individual than they realize themselves. It all comes down to how that information is sifted, and given enough computational power and information, the imagination is the limit. You might, for example, believe you prefer women in their mid thirties with brown hair, but the NSA knows better. Much better. They aren't just looking over your shoulder, they are looking over your shoulder, taking notes about things you are incapable of noticing yourself (how many microseconds did you look at this image versus that one), and using that information to build a profile. Not just a profile on you, but on every person you have ever known. They know where and when you went to school, and they "remember" better than you do the names of your classmates and teachers and how they turned out.

And if they don't have that information yet, they will.

I switched to Duckduckgo some time ago because of that. Not that that is any guarantee of course (certainly the NSA would WANT to give extra attention to the search engines that don't save the searches for them in their quest to be the ultimate nosy neighbor). Haven't wanted to switch to Tor yet, mostly because that is such a high profile thing that the NSA is certainly trying to undermine it and you will get an "extra special" notation in your record for having tried to keep off their radar. Thought about trying to hide my actual personality in Google keyword salting (randomly sending a volume of searches automatically just to hide what I actually am interested in) but that merely raises up your visibility at this point, too few people do it.

And no, I don't consider myself exceptionally paranoid. I don't think I have anything to hide, of consequence, nor am I high profile enough that anyone with a brain should particularly care about me. Then again, I don't know what TPTB's automated algorithms have TOLD them are of consequence and I know for a fact that I am well outside one standard deviation from the mean in most behavioral traits and opinions. And this stuff is CERTAINLY philosophically rooted in "different equals suspicious."

And that is what bothers me more than anything. Automated anomaly detection defines a mean and attaches a cost for deviating from the mean. What a way to force a compliant population over time. As this shit has already shifted from "terra" to "drugs" (Well documented in the NYTIMES so don't waste bits denying it is happening) it'll start dribbling down to everything else.

Erase their database and cut their funding back sharply so they are forced to concentrate on actual, relevant threats to national security.

TOR has its own weaknesses. I'm not especially paranoid either, but as an avowed anarchist (google my name and that term if you disbelieve me), I know I'm on some lists somewhere. It's just inevitable.

I think ultimately the NSA is the gold standard for spying on the world. And I think they know it. I think, ironically, while the US constitution is simultaneously the gold standard for free speech protections, our own government is spying on its own citizens to shut that down. It's amazing really.

Another poster posted about this new malware that infects BIOS's of certain computers. This shit is insane. Yet, the NSA gets a free pass (I am increasingly convinced this is an NSA operation).

Shut down the NSA and CIA and replace it with absolute transparency. If the US wants to remain relevant, they will do this. They can, in theory, even keep the NSA and CIA, but make them fully and completely and utterly transparent. Every action viewable by the world at large. OK, so some agents get deported, so what, at least we tried. OK, so some ambassadors get kicked out, OK, at least we tried. But the US is too corrupt to event attempt that.

Think about it. Would a foreign country really expel an agent who was openly trying to infiltrate the Taliban? Fuck no they wouldn't. But a guy who's on a motorcycle who blows away two innocent people? No fucking shit they'll expel them!

In other words, someone within the corporation is breaking SSL.

And the programmers and the top tech people weren't aware of it (even if a dozen two of them knew, it would cause at least one of them to come clean, as this is an absolute breach of security, and even violates the ToS of the given platforms).

SSL is not broken. But if a service provider provides the SSL keys, it becomes irrelevant. Lavabit closed down because the NSA was requesting SSL keys. The same likely happened with Google but rather than Google telling technology staff, they just kept it to a very small group of people. Google is not going to admit this but the hack had to have been internal as someone would've spotted it.

If, instead, Google was actually hacked, that would be beyond comprehension but I would have to think it was an insider at most that did it, someone paid by Google, someone working for Google, not an outside hacker breaking in and breaking SSL.

The fact that Google and Yahoo add secure socket layer (SSL) to their communications between data centres is well known. The fact that the location in the data stream where this encryption/decryption takes place is also no secret. This "post-it note" does not say or imply that the SSL encryption is broken.

Are you frightened that the NSA and the CIA have access to this publicly available information or are you just trying to stir up more paranoia?

Think about it for more than the half a second it takes you to turn into a Chicken Little; the NSA and CIA get their access to such data direct if they need it. Investigations into suspect encrypted communications are triggered by surveillance of the metadata which is the publicly open part of any internet communication and such access can always be requested or required from the owners of the servers; i.e. the SSL is irrelevant.

Now let me try again to get it through your skull - the internet never has been and was never intended to be secure and no-one should ever think that you have any privacy in the internet; there has never been such security and privacy.

Google has a lot of liberal / leftist minded workers and if top tech guys weren't aware of an NSA hack or compromise to their system, you know something is going on.

In theory Google's actions violate privacy laws, and like the 2008 telecom immunity, are open to a class action lawsuit for it.

What they will be swearing about is the revelation of Google's participation.

As to the violation of privacy laws - get it to court and get it proven.

Just like it did when Obama voted for it (while ironically Hillary voted against).

quite the contrary.

So tell me again why it was never intended to be secure? Why was https developed? How and why is on-line banking secure? Why is is against the law for you to read my E-mails? What's the purpose of passwords, is not for security and privaticy?

not just those in the science field have to go through intense training.

APA Ethical Principals of Psychology and Code of Conduct

Ethics training for scientists

technologically, not the ethics of it.

I didn't trust the NSA's motives, but I did not imagine they could pull something like this off, either.

I was never shocked that they could do it. Just that they *would* do it.

If so that means that the NSA was, at the time of the slide, taking data from Google's internal network stuff, which would've been unencrypted.

If so, Google fucked up. But I will wait for further information on this one. It's still an epic breach.

But when Google transferred the data within its cloud, it was unencrypted.

So how do you find the plaintext of an IP sending an email over an SSL connection?

Easy, you look for that IP in the headers of the plaintext emails being sent internally within Google.

That's the thing about SSL it just encrypts the transmission from client to server and vice versa. It doesn't necessarily encrypt the transmission from server to server unless the servers are configured to do so (such as with SFTP or FTPS).

Like Snowden, but for the government, electronically.

Edit: makes it very easy to incriminate someone you don't like too.

Snowden isn't a traitor. Greenwald is Snowden's censor, and he shouldn't be chastised for not putting out info sooner. I figure these guys must be mighty stressed.

We have to know what's going on in order to know how to deal with it.
No democracy can sustain the damage of not knowing what's going on w.r.t. matters of basic human rights.
Or isn't there a right to privacy?

eom

been uncovered.

I thought you'd like that irony

Anyway thanks for the insight .

It is Greenwald's fault. OK. A few days ago we were still just a bunch of Obama Haters, even if we happened to be right about the NSA leaks, plus Snowden is still a creep.

How about "I was wrong. nt."

Actually the CIA does not have the tech expertise or resources that the NSA has. The NSA has specialized in "signals intelligence" since its inception, and has been doing their global snarfing of everything possible for decades, and those of us paying attention, Snowden or no Snowden, have known this.

But Snowden opened the floodgate of truth.

nt.

The Washington Post report is also summarized at SlashBI.

Also in can't-trust-the-government-not-to-spy news, an anonymous reader writes: "According to recent reports, the National Security Agency collects 'one-end foreign' Internet metadata as it passes through the United States.

The notion is that purely domestic communications should receive greater protection, and that ordinary Americans won't send much personal information outside the country.

A researcher at Stanford put this hypothesis to the test... and found that popular U.S. websites routinely pass browsing activity to international servers. Even the House of Representatives website was sending traffic to London. When the NSA vacuums up international Internet metadata, then, it's also snooping on domestic web browsing by millions of Americans."

lost in the torrent of GiGi screaming homophobes who have diligently attacked him for being gay year in and year out. He knew YOU would not listen at first but instead spend time playing with the 'Moderates' how always hate Greenwald, who always have hated him.
Many people were very wrong, will any of them admit that?

LEFT TO REVEAL" following the initial information dump by he and Snowden.

This thread is chock full of bull..Dec, 2011
"I have found out that Greenwald is Gay, and I know from a lot of posts here at DU that many of the LGBT community here at DU are disenchanted with Obama. I find that interesting, because all of the LGBT community outside of DU strongly - and I mean STRONGLY - support him! I have many friends and co-workers who are LGB ( I had two friends who were T in the past, but we have lost touch as happens so often with friends) and they are appalled at Greenwald’s portrayals of Obama’s policies.
http://www.democraticunderground.com/100297376

Thank you.

So, you were 100% right, so feel free to name a charity, or PM me your banking information (just remember who's listening). This was exactly the kind of layer 2 / layer 3 tap you theorized that I dismissed as absurd.

and it sucks. I also argued against you. Nice to see you waking up to how dangerous this is.

I have a live one below trying to pretend it means nothing. Let's see what our "expert" has to say.

I do appreciate your post, and please feel free to give to any charity you'd like, but in your own name. You don't owe me anything--sorry for the low-grade snark, and have a good weekend.

"The American people should be assured that they are not being spied on. These are just some unintrusive common-sense steps that will help to ensure that we keep our nation safe from people who would complain about their government. Why, as I was telling Michelle last week while we were using toothbrushes to clean mildew from the grout in the White House bathtub..."

You're in for a rough ride...

There's a hardened group here who are impossible to reason with.

Glad to have your analysis. Those of us who aren't techies, yet who viscerally reacted to Snowdens info, appreciate having your expertise on this.

She gave a talk at Netroots about it this summer that was very detailed. It's hard to post about it here though, since inevitably one gets a torrent of firebagger!!111 noise to deal with. Hopefully you'll have more luck.

the NSA or other spy agencies can do whatever you imagine.

But there's a few other things off in your post.

"Google was transmitting US data overseas....and there really isn't a good reason for them to do so."

Have you ever heard of a concept called backup? Have you ever heard of people traveling overseas before and accessing their data? Have you ever heard of the idea of distributing connection points so that in the event one goes down another can take over for it?

LOL. This has to be the silliest "it's not the NSA's fault" argument I've ever heard.

No better way to mindlessly attack than to go charging after something that isn't there.

So, where in my post do I say "it's not the NSA's fault?" The word "fault" does not appear in the post at all. And until this story came out, the vast majority of people assumed that Google didn't bother shipping their data unnecessarily over the transatlantic or transpacific links. And they still may not - there is not enough information in this story to indicate if they're sending everyone's data, or only some data.

Alternatively, you could actually read my post and notice that I am claiming the NSA can do anything outside the US. How, specifically, is that excusing the NSA?

I'm not sure what you read that you didn't write. "They have no reason to do that."

I'm pretty certain, also, that the concept of failover and what you are attempting to describe as happens in a modern server room is either contrived and purposefully trying to sound like you know what you are talking about to mislead others, or you really have no experience.

You can pick which one it is.

Judging by this:

"If you were talking about the Bay Area and Chicago, this could be relevant. But there's a transoceanic link involved in these transfers. You aren't going to route all the data from the US, across the Atlantic to London, then back to the US. You're going to have multiple US datacenters."

I'm going with "have no experience" with global IT structures.

Google not having a reason to send everyone's data overseas means nothing as to whether the NSA is "at fault".

Yet you insist it does. Because then you can incinerate that strawman.

conditions under which data is mirrored and stored around the globe, "expert".

when it's only used domestically instead.

Your US-based company with only US-based data usage shipping your data off to London for shits and giggles? (You'll now say but Google's international, ignoring that there isn't a need to ship the data overseas when it's only used within the US)

Oh mighty expert of all IT who's desperately trying to find a way out after massively misconstruing a result.

You will now claim that because I did not list the acronym you want, you can't be bothered to explain and you are so vastly superior. Never mind that you still haven't quite managed to explain how that quote was saying it wasn't the NSAs fault.

Please proceed.

You can't. That's okay, 99% of the population couldn't, either. Maybe even 99.9% couldn't either.

But see, if you can't answer that simple question, it shows that you haven't got the slightest idea what you are talking about. Heck, tech support people could answer that question, but you can't, so I don't know why you are pretending to be an expert on why data gets transmitted. You don't *know* why.

I'll just sit here and shake my head. Recursion had an epiphany because Recursion is in IT. You aren't, obviously.

Ooo.. and a hint, Recursion's name actually hints at the answer

Good job doing exactly what I said you would do.

Now, let's get back to that quote you claim was a defense of the NSA. You know, the thing you're desperately running away from?

Oh, and I'm well aware of the terms. Because instead of maintaining the servers, I write software for them. But those terms just aren't relevant to you shoveling a massive pile of bullshit about a quote.

You will now continue to talk about IT prowess as you continue to try and deflect from your bullshit upthread.

Please proceed.

53.

Go ahead, proceed Governor. Show everyone that you know what you are talking about. Show me yours, I've shown you mine.

Which makes you a network engineer, a security engineer, and a router technician. I'm so sorry that I didn't recognize your importance in making everything work, because, YOU WRITE SOFTWARE. Omg.

It's not like anyone in the other 3 professions do, either, to keep the network running, and do other things you can't even dream of. If you knew how to file a fiber optic connection, run it, what to do with it, and how to SET UP the servers you deploy your code on, I'd be stunned into oblivion. Nevermind the backbone of what happens afterwards, which is why you are the absolute worst person to defend the NSA's spying.

You have this idea that because you write code you know about what happens afterwards. Honey, software is called "soft"ware because it takes hardware to run it. I didn't realize that you do network architecture from your armchair because you can string lines of code together, or can deploy a server in the field from your chair.

Uh-huh.

So about that quote you claim shows the NSA is not at fault. You remember that, right? It's how you entered the thread? The thing you wrote that you are desperately trying to run away from by bringing up irrelevant IT issues?

Oh wait, it'll take a few more posts of you trying to claim your IT superiority before you realize you are doing exactly what I said you'd do, and aren't looking terribly good for it.

So go ahead and make your next "I'M AN IT GOD" post. It still won't correct your previous mistake, but I'm absolutely sure distraction will work any time now.

Honey, you got outclassed. Sorry, that's just what happens when you attempt to defend the indefensible and have no ammunition. You are trying to defend the indefensible and failing miserably at it, but I give you points for trying .

Welcome to the club.

We simply saw different things between the lines earlier, I wish you had given my arguments more consideration.

Now for those who think I'm some kind of libertarian loving anti Obama shithead... It's a shame you couldn't have joined me at the Stop Watching Us rally.

He is deeply hated by a small group of people and anything he posted would have been chalked up to Obama Derangement Syndrome..

There is a software program called "Magic Lantern" that allows federal agencies to monitor your keystrokes as they happen. If all the feds wanted was "metadata" then why spend billions developing this software?
I never doubted one word of what Greenwald said.

i think we are still in the "tip of iceberg" realm

Thanks for the thread, Recursion.

Where are all the NSA apologists? Maybe I'm just not seeing them due to my ignore list, but it seems pretending this isn't occurring is their modus operandi now

I have a live one that claims to know all about why they "shouldn't have links overseas" and pretends to be an expert.

from the beginning of this i figured it would take a good long time to sort out the technical side of things. i'm a words and pictures person with an arts and sciences education. i get out of my element in the technical realm pretty damn quick.

when my hair caught fire on this, i was looking at this through the lens of the 4th Amendment and what I was taught a democracy can withstand in terms of intrusion of privacy. i had faith that the tech end was holding water b/c people I trust, like Marcy Wheeler and Julian Sanchez, were confirming that.

All that to say, I think there's been some needless bloodletting amongst ourselves. Not everyone has a tech background or follows tech writers they trust. Those on my side of the fence have been frustrated b/c we perceive that those with misgivings about the tech end were too easily dismissing the damage this could do to our democracy.

That's clearly not the case. You knew what you were looking for in terms of confirmation. You just hadn't seen it yet. And so, I'm sorry if I or anyone gave you hell. This was a very important post. Thank you!

This monster in our government has been playing GOD, OK? They know what we do, what we think, where we go, every single little thing about us. As for the internet... Who invented the internet? Uhhh,k I think it was the military, no? They invented the internet for a reason, and it's now come to fruition. BUT, now the world is hooked on it. Not just business and banking but every single individual on the effing earth. They've got each and everyone one of us by the balls, folks. The only way you could possibly counter it is unplug and head for the hills, taking your family and friends with you.

their bounds. After all they operate in mostly secrecy and were given carte blanche by the Bush administration and an seemingly unlimited budget. In addition Snowden wasnt the first whistle-blower to try to expose abuses by these agencies. Those on this side of the issue took the attitude of giving Greenwald and Snowden the benefit of the doubt based on further investigations. I would call these peoples "politically liberal". Skeptical but not gulible.

At the same time there was another side to the issue. There were those that immediately aimed ad hominem attacks at Greenwald, Snowden, Rep. Grayson, and anyone that would dare to question the NSA. Some of the arguments got ugly. Claiming that anyone that dared to question the mighty NSA must be racist Obama haters. Now I ask you, with ad hominem attacks and ridicule, can these posters claim to be politically liberal? I say no. Some are just confused conservatives while others are just trouble makers.