enrichment. Why do you think it was so broad based and encompassing? If it had been the government and not private companies, the eavesdropping would have been more targeted, maybe organizations that might be harboring terrorists, knowingly or unknowingly, but EVERYBODY? That's only for profit, IMHO.

Last edited Tue Jun 25, 2013, 09:42 PM - Edit history (1)

I personally no longer trust the US government based on just what we do know today.

The incestuous relationships between the CIA and Wall St. bother me already. That some contractor like Booze Allen muckety mucks could tap it is astounding.

You know those fuckers would tap it to find investments.

They have corporate clients as well as government. Is the only firewall between them people like Snowden who think of it as their own personal info? Money is a more successful enticement than anything.

..of course they are tapping into it for info on trading. Cheney and his chums will do anything for a buck. Link to their combined "asset" management webpage. http://www.carlyle.com/our-business/portfolio-of-investments/booz-allen-hamilton-inc

Where does our data go then?
Or when a contractor decides to go rogue and sell our secrets to the highest bidder.

It's so rife for blackmail and extortion.

So you can guarantee that it's illegal, immoral, and blackmail.

I knew they would screw me over then, but I kinda trusted them on the big stuff, like the Iron Curtain. I was naive.

I'm too young for the ol up the river shit. I was a bubblehead on a boomer.

Likewise, Mark. We should get a beverage sometime you're in DC. PM me.

...what the government is actually doing is worse than you imagine. -- William Blum

We are so beyond fucked now that the light from fucked won't reach us for 10,000 years. -- Roseanne Barr

Last I saw, 60% of the NSA's surveillance is being handled by private contractors - you know, corporations who work for profit.

Last edited Fri Jun 28, 2013, 06:54 PM - Edit history (1)

doing what I can:
I don't care whether you approve or disapprove of Edward Snowden's leaks. What REALLY outrages me

Principiis obsta and Finem respice -- Resist the beginnings and Consider the end.

The Origins of the Overclass by Steve Kangas



(Edited to fix the other two links that I had originally included in this post - but which became invisible - after finding out what went wrong thanks to Skinner in the ATA group.)

I am oblivious at times. I had rec'd that thread.

That ought to tell you a great deal...

Hey, what a great jobs program. We literally have it all the way up and down the chain in government!

eventually.

Encryption says, please target me. Idiots.

It's kind of the reverse of those who say I have nothing to hide so I don't care. But in both cases it doesn't matter if you have anything to hide or not, you are supposed to be able to expect to have a right to privacy.

I missed the part in the post where the NSA is a particular race.

There were a number of threads last week where this was explored seriously and sarcastically.

I took it as a positive comment.

unless that's two words. I forget

Some private NSA contractors would have access to a whole lot of encrypted and supposedly privileged commercial information that is not classified for national security purposes. I don't suppose anyone would be tempted to act on or sell such information...

never did, did they?

between NSA and Silicon Valley?

It s so much...that making sense of all.

Make it sufficiently strong, and all the computers at Fort Meade and their new Utah facility won't be able to crack it.

They will rely on Cisco to provide VPN security, which is strongly encrypted. My bet is that the NSA has been able to strong arm a master key out of Cisco.

Encryption puts a red flag.

Encrypt your data using a strong algorithm like AES, Blowfish, RSA (with a 4096-bit key), and all of the NSA's state-of-the-art supercomputers could be running continuously until the heat-death of the universe, and still won't be able to crack your encryption.

They can red-flag it and store it if they want, but they won't be able to reassemble the digital guacamole into the avocado.

Hmmm . . . we'll start with the goacamole with gispacjo soup. and then for a main course . . .

If it were only so simple. The NSA isn't really there to break codes, anymore, anyway. It's all about profiling and these days - unless you're with Citigroup (in which case they KNOW you're breaking the law), your strong encryption just moves you a hop or two closer to the attention of an analyst. Carry on.

Bruce Schneier, for example.

But you're right - it's all about the metadata. They don't need to actually read the contents of your emails anymore - when they have your entire social network mapped out, they can figure out what you're doing without bothering with decrypting the message body.

...unless...

you use anonymous remailers to conceal the destination of your emails, and you use Tor to encrypt your web-surfing and make it difficult to figure out where you're surfing to, and so on.

I'll simply say that the technology is there to foil the NSA, but it is a bit of a pain in the ass to use.

to defend ourselves against our own government?

By all rights, we should have a government that doesn't pull this shit. Not on its own citizens.

How prescient

But I bet it would be possible to get a secret court to issue a warrant you weren't allowed to tell anyone about demanding you give them your encryption keys.

It's not like they've got a history of being out in the open or particularly troubled about anyone's rights.

They beat you with a rubber hose until you disclose the decryption key.

either by discovery of a successful attack or by a breakthrough in mathematics ?

If they can, then you can bet they can muster the horsepower THEN to open it like a packet of peanuts.

Let them store it.

Not a chance that encryption would hold ten years. Not a snowball's chance at the heart of the sun. That's a free market consumer solution to 'mining' encrypted bits attached to a few dollars.

That ain't shit compared to the money and the desire behind NSA decryption programs. If they need millions of hours of compute time to crack it, they will build that capacity. (Assuming they haven't already)

The most likely method of breaking such an encryption would be to (after an appropriate court order had authorized it) use a key-logger to determine your private-key. For most keyboards this can be done from the street just by listening in to the faint RF signals. From there, all the encrypted traffic could be unlocked, even if you'd removed it from your computer.

Also, since we're on the subject, this clearly cannot be used to snoop on VPNs due to the sheer volume and mundanity of such. Most likely they're talking about storing encrypted emails.

- C.D. Proud Member of the Reality Based Community

Ten more years of moore's law and whatever technologies replace integrated circuits in the coming years when we hit atomic limits on photolithography.

Time is not on your side. (To say nothing of undiscovered weaknesses in various encryption methods themselves.)

Except for your parenthetical point about undiscovered weaknesses in the encryption methods, and maybe quantum computing (though that seems to have a serious limit in terms of how much can be entangled), there is no way that any expected advances in technology, or moore's law, will do anything to break hard encryption.

Brute force computation at the atomic limits on photolithography would still not be crackable at the heat death of the universe.

- C.D. Proud member of the Reality Based Community

not to throw aspersions on your asparagus


fwiw, when news there was to be the TIA i think in '03, it occurred to me that ultimately the folks who would end up benefitting most from that kind of info were the corporations, all those companies that manage to keep us enslaved in one form or another. in our jobs, by our things, to our consumption.

and make no mistake, this is the final crafting of the fascist state. especially when you remember that the very definition of fascism is governance by business; mussolini famously noted that fascism might just as well be called corporatism because it is a merger of state and corporate power. merger? more like corporate power swallowing the state.

mcclatchy's recent revelations about not just nsa's inside info on everything and everybody, but their agenda to propagate lies to manipulate the citizenry (think advertising from hell) - this is the real nightmare.

and we're in it. to my mind, the most effective means for all of us to shut it down is to break with the enslavement. the only way to do it is to stop feeding the beast. yup; pull the plug, cut the umbilicus, and - as john oliver alluded to recently - join the smug amish.

i know this makes me something of a luddite, but hey - any better ideas?

Unless you're an asshole about it.

perhaps Fucking Fascism, but fascism none the less

As in, 'Fuck it, we are now the Fourth Reich."

And when listening by accident usually to major people who are part of the Corporate MIC coup that has taken over America, "Shut up you fucking Fascist!" i said that a lot last week when stumbling upon a C Span recorded coverage of the Senate Committee on Intelligence and Surveillance, or what ever committee it was that Senators Di Feinstein and McCaskill were chairing last week.

Hell, they have backdoors in all kinds of things.

I can think of a million reasons that's impossible; I'm more curious why you think that's obvious.

Shit that defy explanation until the corner cases are fully explored.

I'll accept one technically solid reason why the NSA wouldn't have one.

Your VPN gateway is (if you're doing it right) not your router, and you can tell if data is going anywhere you don't want it to.

Who wrote the monitor that is telling you everything is copecetic? Cisco. Consider the links in post 34

What do I know, I'm no security specialist, I just an old school programmer who laughs at them in meetings when they suggest some brain dead scheme that makes nothing more secure. Once in a while you come across a good one, then you pay attention.

This isn't difficult

If data is getting out of my network, I can see it.

I built my router myself. Did the NSA hypnotize me and make me insert code into the my routing tables?

The packets are still visible on the net segment for each hop in the route. Your routing tables, first don't accept code, and second only identify the host (router or gateway) that you drop your packets to. Unless you're using some sort of quantum entangled point to point routing, oh wait, that would be a modem, not a router and in any event what happens to your packets after you hand them off is out of your control. It's why IP makes no specification about packet order at the receiving side.

I agree, though. This isn't difficult.

The VPN device has no idea where it is. If it tries to phone home, I would see that in my router. Agreed?

My understanding is that they are just slurping the fat pipe.

You could well be right that your router protects you, how many corporations have implemented their own? Do you connect to Cisco on the other end of the VPN connection? Did you implement Cisco's VPN protocol from scratch?

One one of the original 'IT magicks': http://cm.bell-labs.com/who/ken/trust.html

Yes, along those lines, I was a programmer cub when that was written, earning a living working on hardware analysis.

by all telcos and later for all ISPs routers. The entire Internet and fiber optic backbone inside the US is bugged, and that is mandatory by law. The same switches and routers are sold by CISCO and the others around the world. Everyone uses them to bug their networks. China included. So do we.

Doesn't apply to anything on my LAN. I'm not a telecom.

If my VPN gateway device itself has a back door, how is the data getting through my router (that I built myself) without my seeing it?

Some of this woo is kind of amusing.

If you have a private network bigger than your building, NSA will be interested. How do you connect remotely - your own cable or sat? Do your routers have an air space or are they connected to the web at some level?

So, as I said at the start of this subthread, there's no "back door" to a VPN appliance on my LAN for the NSA.

The reality is bad enough; why make shit up?

It must be someone v-e-r-y important to take so much trouble.

That's what a lot of actual admins do.

what you're talking about. My point is, I acknowledge that I'm an amateur, and have dealt with many IT admins and security pros working for major companies in my line of work. I know enough to know how unlikely it is that anyone is going to defeat NSA using off-the-shelf equipment and software that you or I could buy or build.

This isn't some hackathon. I'm just saying if a VPN box tried to phone home, you would be able to tell that was happening.

I haven't seen whilst in a while :p

I just like the word, use it all the time.

Research and drafts of legal documents for law firms including criminal defense firms.

All your data are mine. That's what the NSA is saying to all of America. I think that commuting via computer and encrypted connection to work from your office may be a thing of the past.

Allegedly, possibly, Snowden told them that but the reference to Snowden saying that came from one paper and it's been disputed. Personally, I don't believe he did because of other reports I read because this pissing match has been going on for a while. I think Chinese tech companies figured now is as good a time as any to oust Cisco. I certainly would if I were in their shoes, especially knowing how easy it is to hack into surveillance cameras with Cisco technology. Cisco's excuse is that this "bug" isn't really a bug, it's a feature.

So much irony here.

Thanks for the links about Cisco and the NSA!

Saves me some googlefoo!

I didn't realize there's a candle flickering smiley either.

while making dinner lol, I wanted to come back and edit to thank you because, even though I'd read about it, it was great someone confirmed it with their own observation. The whisteblowers had indicated this without going into too much details so I started googling about the technology inside computers, cameras, TVs etc... None of it was very reassuring. Thank you for your

At least my salary would indicate that.

I was just astounded by the broadness of it. Seems like the GWOT is not about individuals (or terrorism) at all.

I agree with you, the breadth of this is absolutely astounding.

Published on 2012-10-14 12:14:03
Back Doors, Remote Access, Vulnerable Code - Are Chinese Routers Spying On Us?


Huawei staff performing routine maintenance - (Huawei)

By Paul Laubacher
Nouvel Observateur/Worldcrunch

Chinese routers from Huawei and ZTE are "a threat" for the United States, or even the world, according to a U.S. Congressional intelligence committee report made public on October 8. The committee suspects that these machines, which transmit Internet communications, could be working for the Chinese government.

...

The House Intelligence Committee's conclusions are stark. "Based on available classified and unclassified information, Huawei and ZTE cannot be trusted to be free of foreign state influence and thus pose a security threat to the United States and to our systems."

...

The congressmen launched their investigation because of the unclear relations between the Chinese government and the two companies. They believe that Beijing could use the two companies' products to conduct economic and military warfare, or even cyber-attacks. With Huawei and ZTE, according to the committee, China would have "the means, opportunity and motive to use telecommunications companies for malicious purposes."

The American authorities have suspected for a long time that chips, routers, and other digital equipment from China could be equipped with "back doors," hidden access that would allow an ill-intentioned remote user to connect, giving the Chinese government the chance to access sensitive information as it passes through the machines.

...

http://www.worldcrunch.com/tech-science/back-doors-remote-access-vulnerable-code-are-chinese-routers-spying-on-us-/huawei-zte-lindner-security-vulnerability-espionage/c4s9821/

'conspiracy theory' bullshit, as it would have been declared?

Redemption to all the lost souls that warned us.

Just saying...

But then it gets muddied with the Jews and the Vatican and the Royal Family wanting to destroy our national sovereignty and form a One World Government and they're all being controlled by reptilian ALIENS!

And the latest trend is that every major event is just a psyop. Like, all of those Boston bombing victims were just actors.

Hate to say it, but I trust no-one and assume everything is monitored. I hope I am not labled as paranoid over that. It isn't paranoia, it is a lack of trust in general, better safe than sorry. I have a memory stick so why not type it up and take it to work in the morning type of thinking.

Why I am one of the last holdouts that refuses to get a facebook account.

Welcome to the new 'normal'.

or else you could be breaking rocks in the Gulag tomorrow.

That isn't even close to the point, but, welcome to DU anyway.

Mind boggling.

...Money Launderers, Child Molesters, etc., etc., etc., so of course We the People can trust them to do the right thing. Heartwarming.

Like what Steve Kangas was talking about...

Damn always amazed with what you find.

Who has gotten away with mass murder, lying America into wars for profit, torturing children, and then bragged about it?

Heh heh heh.

Even if the NSA does store all this data indefinitely, once a file is decrypted and it becomes known that it was decrypted.. would the owner of that data have grounds to sue the Government for violating the DMCA?

Just wondering....

Still works.

Last edited Wed Jun 26, 2013, 10:11 AM - Edit history (1)

Thanks for going into more detail about what it means in action.

Been trying to get others to see this is MUCH bigger than just the NSA....

Now that "American" corporations are no longer loyal to the US, they become potential enemies.

unless there are robust systems in effect to detect and correct the misuse.

They have planted nano-transmitters in your food. They know when you scratch your ass. Not only that, they are actually interested.

This must be the most cost effective government program in the history of the world. The NSA, in addition to its regular duties, knows everything about everything. And they do all this on a measly $10 billion per year.

Nano-transmitters? Really?

Cast your asparagus elsewhere please.

what some on here think, that I was only certain it was sarcasm from the "scratch your ass" part.

Help people who are stuck in the "it's only metadata" mentality.

And then bolding of certain word sequences? This is DU, but it is still an Internet message board. I do something similar in thinking the material should stand on its own.

Their computers were not networked together, because it would make them too vulnerable.

Must never be president.

The question is, how do we limit the damage the powerful can do to us?"

– Chris Hedges, "The Failure of the Liberal Class in the United States," address to the Poverty Scholars Program, April 10, 2010.

And I wouldn't doubt it a bit.

Just for the record, encrypted data would include all cell phone traffic, most email and Internet traffic, and text messages. Most data these days is encrypted in some way. But your point is well taken.

It's no question that the ultra connected, uber wealthy would use any means possible to attain more wealth...money is god to them.

We should just let all criminals get away with their spying crimes, torture crimes, war crimes, banking crimes, etc...

Or so we are told...

and becoming more so, with chips that can almost effortlessly encrypt all output becoming common in PCs made within the last few years. VPNs at work are now de rigueur and they are catching on in the home. And online commerce is actually founded on encryption.

Without access to the keys, recording of encrypted data streams means that the spies have to store data in its heaviest, least-digestible form. It is actually far easier to capture unencrypted data because then it can be categorized, de-duplicated and compressed... not to mention hold some possibility of garnering a near-term advantage. OTOH, cracking decent encryption is like trying to build a livable city on another planet... its easier to talk smack about it to try and impress people.

Let the trend toward encryption continue... The more people use it, the more online privacy and verification of trust we will all have.

k&r

This also means that the Feds have access to all of the crooked Wall Street transactions, associated e-mails, etc.
Good thing the government is well captured by Corporate interests.......

It's by James Bamford, appeared in Wired on Mar 2012. It's quite long, but definitely worth the read for everyone. What you said is true.


http://www.Wired.com/threatlevel/2012/03/ff_nsadatacenter/all/

Not that we're specifically worried about the NSA, we're worried about anything that slips in.

It's just too much work for them to go through everything to discover that the email that they'd spent so much time and effort decrypting is somebody sending a picture of a pony to their grandson.

There must be some pretty lame stuff out there. They must be very bored most of the time.

Was this before coffee or after coffee. Not that it matters. You are spot on.