Announcement

Collapse
No announcement yet.

The NSA

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • The NSA

    Since the catch all 'chickens coming home to roost' thread has devolved into the usual 'Obama's a bastard/it's all Bush's fault' I thought I'd restart this particular topic here


    The National Security Agency has developed a powerful tool for recording and analysing where its intelligence comes from, raising questions about its repeated assurances to Congress that it cannot keep track of all the surveillance it performs on American communications.

    The Guardian has acquired top-secret documents about the NSA datamining tool, called Boundless Informant, that details and even maps by country the voluminous amount of information it collects from computer and telephone networks.

    The focus of the internal NSA tool is on counting and categorizing the records of communications, known as metadata, rather than the content of an email or instant message.

    The Boundless Informant documents show the agency collecting almost 3 billion pieces of intelligence from US computer networks over a 30-day period ending in March 2013. One document says it is designed to give NSA officials answers to questions like, "What type of coverage do we have on country X" in "near real-time by asking the SIGINT [signals intelligence] infrastructure."

    An NSA factsheet about the program, acquired by the Guardian, says: "The tool allows users to select a country on a map and view the metadata volume and select details about the collections against that country."

    Under the heading "Sample use cases", the factsheet also states the tool shows information including: "How many records (and what type) are collected against a particular country."

    A snapshot of the Boundless Informant data, contained in a top secret NSA "global heat map" seen by the Guardian, shows that in March 2013 the agency collected 97bn pieces of intelligence from computer networks worldwide.


    The heat map reveals how much data is being collected from around the world. Note the '2007' date in the image relates to the document from which the interactive map derives its top secret classification, not to the map itself.
    Iran was the country where the largest amount of intelligence was gathered, with more than 14bn reports in that period, followed by 13.5bn from Pakistan. Jordan, one of America's closest Arab allies, came third with 12.7bn, Egypt fourth with 7.6bn and India fifth with 6.3bn.

    The heatmap gives each nation a color code based on how extensively it is subjected to NSA surveillance. The color scheme ranges from green (least subjected to surveillance) through yellow and orange to red (most surveillance).

    The disclosure of the internal Boundless Informant system comes amid a struggle between the NSA and its overseers in the Senate over whether it can track the intelligence it collects on American communications. The NSA's position is that it is not technologically feasible to do so.

    At a hearing of the Senate intelligence committee In March this year, Democratic senator Ron Wyden asked James Clapper, the director of national intelligence: "Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?"

    "No sir," replied Clapper.

    Judith Emmel, an NSA spokeswoman, told the Guardian in a response to the latest disclosures: "NSA has consistently reported – including to Congress – that we do not have the ability to determine with certainty the identity or location of all communicants within a given communication. That remains the case."

    Other documents seen by the Guardian further demonstrate that the NSA does in fact break down its surveillance intercepts which could allow the agency to determine how many of them are from the US. The level of detail includes individual IP addresses.

    IP address is not a perfect proxy for someone's physical location but it is rather close, said Chris Soghoian, the principal technologist with the Speech Privacy and Technology Project of the American Civil Liberties Union. "If you don't take steps to hide it, the IP address provided by your internet provider will certainly tell you what country, state and, typically, city you are in," Soghoian said.

    That approximation has implications for the ongoing oversight battle between the intelligence agencies and Congress.

    On Friday, in his first public response to the Guardian's disclosures this week on NSA surveillance, Barack Obama said that that congressional oversight was the American peoples' best guarantee that they were not being spied on.

    "These are the folks you all vote for as your representatives in Congress and they are being fully briefed on these programs," he said. Obama also insisted that any surveillance was "very narrowly circumscribed".

    Senators have expressed their frustration at the NSA's refusal to supply statistics. In a letter to NSA director General Keith Alexander in October last year, senator Wyden and his Democratic colleague on the Senate intelligence committee, Mark Udall, noted that "the intelligence community has stated repeatedly that it is not possible to provide even a rough estimate of how many American communications have been collected under the Fisa Amendments Act, and has even declined to estimate the scale of this collection."

    At a congressional hearing in March last year, Alexander denied point-blank that the agency had the figures on how many Americans had their electronic communications collected or reviewed. Asked if he had the capability to get them, Alexander said: "No. No. We do not have the technical insights in the United States." He added that "nor do we do have the equipment in the United States to actually collect that kind of information".

    Soon after, the NSA, through the inspector general of the overall US intelligence community, told the senators that making such a determination would jeopardize US intelligence operations – and might itself violate Americans' privacy.

    "All that senator Udall and I are asking for is a ballpark estimate of how many Americans have been monitored under this law, and it is disappointing that the inspectors general cannot provide it," Wyden told Wired magazine at the time.

    The documents show that the team responsible for Boundless Informant assured its bosses that the tool is on track for upgrades.

    The team will "accept user requests for additional functionality or enhancements," according to the FAQ acquired by the Guardian. "Users are also allowed to vote on which functionality or enhancements are most important to them (as well as add comments). The BOUNDLESSINFORMANT team will periodically review all requests and triage according to level of effort (Easy, Medium, Hard) and mission impact (High, Medium, Low)."

    Emmel, the NSA spokeswoman, told the Guardian: "Current technology simply does not permit us to positively identify all of the persons or locations associated with a given communication (for example, it may be possible to say with certainty that a communication traversed a particular path within the internet. It is harder to know the ultimate source or destination, or more particularly the identity of the person represented by the TO:, FROM: or CC: field of an e-mail address or the abstraction of an IP address).

    "Thus, we apply rigorous training and technological advancements to combine both our automated and manual (human) processes to characterize communications – ensuring protection of the privacy rights of the American people. This is not just our judgment, but that of the relevant inspectors general, who have also reported this."

    She added: "The continued publication of these allegations about highly classified issues, and other information taken out of context, makes it impossible to conduct a reasonable discussion on the merits of these programs."

    Additional reporting: James Ball in New York and Spencer Ackerman in Washington
    The source, is of course, the Guardian, living up to their name for once in their miserable lives.

    So my little international non American chickadees, how feel you about America spying using their global corporations as fronts to record every detail of your electronic linked lives?
    In the realm of spirit, seek clarity; in the material world, seek utility.

    Leibniz

  • #2
    I don't care. They can do the same thing, only with our money. At least they paid for it.
    No such thing as a good tax - Churchill

    To make mistakes is human. To blame someone else for your mistake, is strategic.

    Comment


    • #3
      What is the scandal?

      The US's National Security Agency (NSA), its wiretapping agency, has been monitoring communications between the US and foreign nationals over the internet for a number of years, under a project called Prism. Some of the biggest internet companies, from Apple to Google to Yahoo, are involved. The US government confirmed the existence of the scheme and its application on Thursday night.

      Which companies are in the scheme?

      Microsoft was the first to be included, in September 2007. Yahoo followed in March 2008, Google in January 2009, Facebook in June 2009, Paltalk, a Windows- and mobile-based chat program, in December 2009, YouTube in September 2010, Skype in February 2011 (before its acquisition by Microsoft), AOL in March 2011 and finally Apple in October 2012.

      How long has it been going on?

      The NSA has allegedly had means of monitoring internet communications as far back as Microsoft's Windows 95, the first version of Windows with built-in internet connectivity, in 1995. This specific project appears to have begun with monitoring in September 2007 of user data going to and from Microsoft.

      What data is being monitored?

      Potentially, everything. The PowerPoint slide about Prism says it can collect "email, chat (video, voice), videos, photos, stored data, VoIP [internet phone calls], file transfers, video conferencing, notifications of target activity – logins etc, online social networking details" and another category called "special requests".

      How much does it cost to monitor so much traffic?

      The budget given in the presentation is comparatively tiny – just $20m per year. That has puzzled experts because it's so low.

      How effective has it been?

      Nobody knows. The US government has said that the monitoring schemes it runs are necessary to defend against terrorist threats. But it hasn't cited any threats that were thwarted – unsurprising, given that the scheme has only just become public.

      Isn't it illegal?

      The NSA – and so the US government – has been careful to avoid any suggestion that the monitoring is being carried out indiscriminately on US citizens, because that would potentially breach the fourth amendment of the constitution against "unreasonable search".

      But people overseas get no such protections. The question then is whether UK and EU governments knew of the scheme and were compliant – and whether they could stop it even if they wanted to.

      What about "safe harbour" rules for EU data?

      US companies that want to process private data from EU citizens have to promise a "safe harbour" – but crucially the documents do not mention tapping by US law enforcement. And if disputes arise, the rules say: "Claims brought by EU citizens against US organizations will be heard, subject to limited exceptions, in the US." That would probably mean the NSA's licence to spy would trump EU complaints.

      How does it work?

      The NSA isn't saying. Sources in the data-processing business point to a couple of methods. First, lots of data bound for those companies passes over what are called "content delivery networks" (CDNs), which are in effect the backbone of the internet. Companies such as Cisco provide "routers" which direct that traffic. And those can be tapped directly, explains Paolo Vecchi of Omnis Systems, based in Falmer, near Brighton.

      "The Communications Assistance for Law Enforcement Act (Calea) passed in 1994 forces all US manufacturers to produce equipment compliant with that law," says Vecchi. "And guess what: Cisco is one of the companies that developed and maintains that architecture." Cisco's own documents explain its Calea compliance.

      Second, it would be possible to tap into the routers at US national boundaries (to capture inbound international traffic) and just search for desired traffic there.

      "The Prism budget – $20m – is too small for total surveillance," one data industry source told the Guardian. Twitter, which is not mentioned in the Prism slides, generates 5 terabytes of data per day, and is far smaller than any of the other services except Apple. That would mean skyrocketing costs if all the data were stored. "Topsy, which indexes the whole of Twitter, has burned through about $20m in three years, or about $6m a year," the source pointed out. "With Facebook much bigger than Twitter, and the need to run analysts etc, you probably couldn't do the whole lot on $20m."

      Instead, the source suggests, "they might have search interfaces (at an administrator level) into things like Facebook, and then when they find something of interest can request a data dump. These localised data dumps are much smaller."

      So the NSA would only need to tap the routers?

      Not quite. Much of the traffic going to the target companies would be encrypted, so even when captured it would look like a stream of digital gibberish. Decrypting it would require the "master keys" held by the companies.

      Did the companies know?

      They say not. Those which have been contacted have all denied knowledge of it: Google, for example, said: "Google does not have a 'back door' for the government to access private user data." An Apple spokesman said: "We have never heard of Prism. We do not provide any government agency with direct access to our servers and any agency requesting customer data must get a court order."

      The Washington Post retracted part of its story about Prism in which it said that the companies "knowingly" participated. Instead, it quotes a report which says that "collection managers [could send] content tasking instructions directly to equipment installed at company-controlled locations".

      It is ambiguous whether "company" refers to the NSA or the internet companies. But the implication seems to be that the NSA has been running a system that can tap into the internet when it wants.

      How could the companies not know if they had provided master decryption keys?

      They might be required to provide them under US law, but would not be allowed to disclose the fact. That would give the NSA all it needed to monitor communications.

      Is there anything I can do to stop it?

      Lots of internet traffic from the west passes through the US because the destination servers are there, or connect there. Encrypting email using PGP is one possibility, though it is not easy to set up. Systems such as Tor, together with a virtual private network (VPN) connection, can cloak your location, though your identity might still be inferred from the sites you connect to.
      Source
      In the realm of spirit, seek clarity; in the material world, seek utility.

      Leibniz

      Comment


      • #4
        Business as usual.Those who did not expected and prepared for this are ignorants and fools.Also,after this round of scandal fades away,the program will use even better cover and enjoy stronger internal security.If what we see is a real glitch and not a cover.

        It's not only the Americans.Everybody with internet connection does it.It's the same old game since the dawn of organized society.The idea is to not say on the internet what you won't say in public and be wise enough about what you say in public.
        Last edited by Mihais; 10 Jun 13,, 12:42.
        Those who know don't speak
        He said to them, "But now if you have a purse, take it, and also a bag; and if you don't have a sword, sell your cloak and buy one. Luke 22:36

        Comment


        • #5
          Originally posted by Parihaka View Post

          So my little international non American chickadees, how feel you about America spying using their global corporations as fronts to record every detail of your electronic linked lives?
          Never thought they weren't collecting all this data - the only 'surprise' here is that so many people are supposedly 'surprised and shocked' at the revelation.
          Pakistan is not going to be a theocratic state to be ruled by priests with a divine mission - Jinnah
          https://twitter.com/AgnosticMuslim

          Comment


          • #6
            Of course they've been collecting data, they, as have everyone else that can, have been doing it since the dawn of societies. The CIA via the NOC programme took it one step further using American businesses as fronts for agents, the businesses getting inside information on international competitors in return.
            The issue here is the extent and access. As far as I can see every single electronic interaction, whether private individual or business is hoovered up and stored in real time, and can be accessed at any time in the future. Data of his sort is the new gold; it is a currency that gives those with access to it an enormous advantage over any competitors, whether nation or corporation. Who would want to invest in a non-American tech company, when that information can and will be passed on to American companies with access to that database?
            This has nothing to do with terrorism and makes the mitherings over China's hacking of US systems not only hypocritical but dwarfs it.
            In the realm of spirit, seek clarity; in the material world, seek utility.

            Leibniz

            Comment


            • #7
              Pari, big data is an issue for several years. Those companies that hopped in early are now laying on 1's and 0's and are digitally rich if you will.

              I am surprised that so many people are shocked from this. There have been reports how people got tailored made offers every time they needed something. I think it was last year when a teenage girl got offers for pregnant women and young mothers even before she knew she is pregnant (or so the reports were saying).

              It's not only collecting the data, but also processing, analyzing, and putting it in equations for what your biz/gov needs. Something like putting together "Numb3rs" and "Criminal Minds" teams to work together for whatever the buyer needs. Yes, it sounds paranoid and I try to stay away from that line of thinking, but the signs were around for a while to just ignore it.
              No such thing as a good tax - Churchill

              To make mistakes is human. To blame someone else for your mistake, is strategic.

              Comment


              • #8
                Originally posted by Parihaka View Post
                Of course they've been collecting data, they, as have everyone else that can, have been doing it since the dawn of societies. The CIA via the NOC programme took it one step further using American businesses as fronts for agents, the businesses getting inside information on international competitors in return.
                The issue here is the extent and access. As far as I can see every single electronic interaction, whether private individual or business is hoovered up and stored in real time, and can be accessed at any time in the future. Data of his sort is the new gold; it is a currency that gives those with access to it an enormous advantage over any competitors, whether nation or corporation. Who would want to invest in a non-American tech company, when that information can and will be passed on to American companies with access to that database?
                This has nothing to do with terrorism and makes the mitherings over China's hacking of US systems not only hypocritical but dwarfs it.
                The 'industrial espionage' aspect of these revelations, and the implications in terms of nations like China and Russia stepping up their own existing operations, will be interesting to follow. The fact that Hillary Clinton as SoS authorized espionage into the UN should have been a warning flag that essentially nothing was off limits.
                Pakistan is not going to be a theocratic state to be ruled by priests with a divine mission - Jinnah
                https://twitter.com/AgnosticMuslim

                Comment


                • #9
                  Pari,flying with Air France means being bugged by their smart fellows,and confidential data being passed to relevant French companies.Putting a Jew on a position of power means a likely sayan.A Chinese delegation to any exhibition conducts mass recruitment and outright theft.The Russian state and Russian firms are the 2 sides of the same coin and even their Mafia acts the same.These are things that are known for decades and are taken as they are.
                  Yep,people are hypocrites.People are bad.That means you need to invest reasonably in security as well as in an aggresive intel collection/analysis effort of your own.No matter if you're a nation,agigantic corporation or a small business.
                  The thing that pi$$es me off the most is that those supposed to act in our interests have been turned against our national interests and act as agents for others.
                  Those who know don't speak
                  He said to them, "But now if you have a purse, take it, and also a bag; and if you don't have a sword, sell your cloak and buy one. Luke 22:36

                  Comment


                  • #10
                    Originally posted by Agnostic Muslim View Post
                    The 'industrial espionage' aspect of these revelations, and the implications in terms of nations like China and Russia stepping up their own existing operations, will be interesting to follow. The fact that Hillary Clinton as SoS authorized espionage into the UN should have been a warning flag that essentially nothing was off limits.
                    I hadn't heard of the Clinton/UN thing, can you give me more detail please?
                    In the realm of spirit, seek clarity; in the material world, seek utility.

                    Leibniz

                    Comment


                    • #11
                      Mihais,

                      It is good that you are still pi$$ed off by the inaction or collaboration of our apparatuses.

                      Over here 99% of the people are just indifferent (lacking a stronger word to show their passiveness).
                      No such thing as a good tax - Churchill

                      To make mistakes is human. To blame someone else for your mistake, is strategic.

                      Comment


                      • #12
                        Originally posted by Mihais View Post
                        The thing that pi$$es me off the most is that those supposed to act in our interests have been turned against our national interests and act as agents for others.
                        Whom are you referring to here?
                        Pakistan is not going to be a theocratic state to be ruled by priests with a divine mission - Jinnah
                        https://twitter.com/AgnosticMuslim

                        Comment


                        • #13
                          pari,

                          The CIA via the NOC programme took it one step further using American businesses as fronts for agents, the businesses getting inside information on international competitors in return.
                          isn't this simply an assumption? were it true, then -every- company would want to sign on, and companies that were left out would probably sue. moreover, the stocks/profits for each of those businesses would be skyrocketing given that they have such a valuable asset.
                          There is a cult of ignorance in the United States, and there has always been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that "My ignorance is just as good as your knowledge."- Isaac Asimov

                          Comment


                          • #14
                            Asty,

                            We can debate from here to eternity, but since you mentioned skyrocketing stocks... Apple comes to mind.
                            No such thing as a good tax - Churchill

                            To make mistakes is human. To blame someone else for your mistake, is strategic.

                            Comment


                            • #15
                              Originally posted by Parihaka View Post
                              I hadn't heard of the Clinton/UN thing, can you give me more detail please?
                              Have you heard about Rice/UN then? Besides "it was all Bush..." connotation, it is actually true.
                              No such thing as a good tax - Churchill

                              To make mistakes is human. To blame someone else for your mistake, is strategic.

                              Comment

                              Working...
                              X