
How NSA and GCHQ are tapping internet cables - zecg
http://electrospaces.blogspot.com/2014/11/incenser-or-how-nsa-and-gchq-are.html
======
lorddoig
Isn't it interesting that governments can get their act together and come up
with big distributed systems crunching tens of Gbps in real time but still
continue to implode spectacularly when it comes to large-scale webapps (e.g.
Obamacare, UK NHS systems, UK taxation systems.)

~~~
Nanzikambe
> when it comes to large-scale webapps (e.g. Obamacare, UK NHS systems, UK
> taxation systems.)

There's absolutely no reason to believe the spy tech isn't as poorly
implemented and terrible value for money as the examples you mention. Given
their secretive nature it's even more likely to be the case I'd suspect.

~~~
drzaiusapelord
This is my thinking as well. A lot of what spy tech is, is the ability to
throw a warrant or NS letter into someone's face and force them to open the
gate. The mythical uber-competent security services seem to be a pretty
questionable premise. The few criminals caught via these tools are almost
always the low hanging fruit of unconnected crazies, who seem to be harmless
cranks and not real terrorists. Five eyes didn't stop or predict Snowden,
Assange/Manning, Boston bombers, the rise of ISIS, Putin's advance on Crimea
and Eastern Ukraine, the massive cyberwar Russia and China have declared on
us, etc. In fact, all these things were major surprises to these security
services, at least from what we can tell.

There's a lot of federal tax money spent on what is cargo cult science and
cargo cult intelligence. The NSA has the ability to buy a lot of PhD's but
they are stuck with the same batch of incompetent and profiteer federal
contractors the rest of the government is stuck with.

~~~
xnull1guest
That's because these systems were not designed for, or used very often for,
antiterrorism purposes.

These capabilities are every bit about decision advantages and sabotage on
international and geopolitical levels.

* Brazilian competitor PETROBRAS hacked by NSA on behalf of US oil companies.

* German elite, including Merkle, spied on during the Eurozone crisis.

* Iranian nuclear efforts sabotaged for several years by Stuxnet, and then by other cyber weapons.

* Syrian Air Force hacked and grounded during ISIS and civil war activity.

* "FISA" & FISA courts = Foreign Intelligence Surveillance Act

------
thewarrior
"First, the data stream is filtered through what is known as MVR (Massive
Volume Reduction), which immediately rejects high-volume, low-value traffic,
such as peer-to-peer downloads. This reduces the volume by about 30%."

So all ye folks can start disguising your packets as BitTorrent porn downloads
now :)

~~~
toomuchtodo
A Truecrypt container shared by Bittorrent would be a bad idea.

~~~
Phlarp
Why specifically? I always considered this a relatively safe way to transmit
encrypted data. Assuming you have secure key exchange worked out, which is
always the harder part anyway.

~~~
smtddr
I'm not sure if this is what the OP meant, but this[1] is what I think of when
I hear anyone mention "Truecrypt".

1\. [http://motherboard.vice.com/read/nsa-paranoia-has-fanned-
the...](http://motherboard.vice.com/read/nsa-paranoia-has-fanned-the-flames-
of-truecrypt-conspiracy-theories)

~~~
Phlarp
Ah, I guess I should have qualified my statement with "assuming the underlying
crypto of truecrypt is secure, does sharing the ciphertext via bittorrent
introduce any further side channel attacks outside of compromising the key
exchange?"

------
a3n
It's not apparent from the post or a skim of the linked article, but "via
Schneier" is apparently because Schneier links the article here:

[https://www.schneier.com/blog/archives/2014/12/putting_nsagc...](https://www.schneier.com/blog/archives/2014/12/putting_nsagchq.html)

~~~
nly
He obviously missed this guy sneaking in the side:

[https://goo.gl/maps/CsUJE](https://goo.gl/maps/CsUJE)

------
sjtgraham
FLAG 1 Terminus station on Google maps -
[https://goo.gl/maps/2kM89](https://goo.gl/maps/2kM89). Note the black clad
security guard standing watch.

~~~
knowaveragejoe
Well, you'd expect that from any such facility whether it's involved in spying
or not.

------
rl3
It must suck being the people assigned to damage control on these continual
document releases.

I wonder if NSA and GHCQ are changing program code names as they become
compromised, or if at some point they just changed all code names regardless.
I suspect the latter. If that is the case, I imagine it was probably a
bureaucratic nightmare of biblical proportions.

