
NSA speaks out on Snowden, spying [video] - sur
http://www.cbsnews.com/news/nsa-speaks-out-on-snowden-spying/
======
olefoo
The fact that Clapper is still in office months after it was revealed that he
had in point of fact lied to congress during sworn testimony should tell you
everything you need to know.

The surveillance machinery formerly known as Total Information Awareness is
being built and fielded with or without the consent of the governed and most
definitely without the consent of those of us who don't happen to be "US
Persons".

The only solution is for you to demand your correspondents use strong
encryption and for all of us to help the less technically adept to reach the
point where that is not an obstacle.

~~~
grugq
It is incredibly simple politics. He is in place to continue to soak up the
bad publicity from the Snowden event. Once the bad publicity stops, he will
step down. There is no point, politically, of taking him out right now. His
replacement will end up tarnished with the bad PR as he starts his gig.

[http://www.constitution.org/mac/prince00.htm](http://www.constitution.org/mac/prince00.htm)

The NSA is unable to do a thorough damage assessment -- they don't know how
which documents Snowden took.

Greenwald is drip feeding the world press "stories" which can go on for an
indeterminate amount of time (see "no damage assessment").

Only viable option is to keep Clapper in place until Greenwald et al. have
exhausted their supply of new scandals.

If, for example, Snowden had gone all Wikileaks and dumped the whole lot of
files at once, Clapper would have been gone months ago.

~~~
olefoo
You are most likely correct.

It seems as though the Intelligence Community is being forced back to
'siloing' since the pooled resource approach seems to be so vulnerable to
singleton conscience-ridden whistleblowers. In a way this plays right into
Assange's analysis of the cognitive structure of rule by conspiracy in that an
organization can know things, but cannot both discuss them internally and keep
them secret at the same time. In effect an attack that requires internal
barriers to communication to prevent; is also an attack on the organizations
overall cognitive ability.

~~~
mpyne
> In effect an attack that requires internal barriers to communication to
> prevent; is also an attack on the organizations overall cognitive ability.

It is indeed. That was one of the issues noted by the 9/11 Commission formed
by Congress, was that the institutional silos prevented the right people from
acting on the available intelligence leading up to the 9/11 attack.

Of course NSA had hardly decompartmentalized; Snowden was able to sysadmin
himself through many of the compartments, which is a hard enough problem to
solve, but that may mean NSA might look and decide they don't need to retract
from other IC agencies.

------
tmuir
This was public relations, plain and simple. Paint Snowden like a weirdo, ask
softball question after softball question, give vague hints about the scary
threats that deem this all necessary, and blindly trust the answers of the guy
in charge of the entire operation, as if he had no incentive whatsoever to
mislead anyone. Then wrap it all up with "Just how did we get this access that
no other news agency could?" Gee, maybe it has something to do your extensive
track record of reporting any story without even a shred of investigation into
it's veracity.

~~~
rlu
What annoyed me is that, as with anything, the devil is in the details. And
the questions failed to clarify on details.

A few examples (all quotes paraphrased):

1\. "we only listen to conversations of non americans"

\-----Ok, so what happens when an American has a conversation with a non
American? Do you tap it at all? Do you get both sides of conversation? Only
one side?

2\. "you can only look at a protected phone number if you have access"

\----Awesome, but this is sort of a non-answer. How many people have access?
How long does it take to get access? How easy is it to request access? Do you
need access per phone number or if you get access for one protected number do
you now get access to all of them?

3\. "PRISM only lets us target US persons with probable cause under court
order"

\-----What is a US person? US Citizen? Person living in the US? This also
contradicts so much of what I thought I knew about PRISM that I'm baffled that
no clarification was asked for.

~~~
mpyne
> What is a US person? US Citizen? Person living in the US? This also
> contradicts so much of what I thought I knew about PRISM that I'm baffled
> that no clarification was asked for.

Uh, these details were actually all hashed out in the media within the couple
of weeks after PRISM was initially revealed.

USPER == Anyone in the physical borders of the United States, whether a
citizen or an alien.

Likewise it is true even when PRISM was described that a USPER couldn't be
accessed without an Article III warrant. The big question was whether this was
a technical safeguard or a "analyst follows policy" safeguard. But even for
non-USPER PRISM still required at least an NSL (which the receiving company
could escalate to the FISC if they felt the NSL was illegal).

If this all surprises you about PRISM then I'd humbly suggest that you've been
getting fed so much misinformation that you should possibly consider using
alternate sources instead of sitting back in an echo chamber. ;)

------
jcc80
Like how they start off right away saying Snowden cheated on the test to get
hired and then discuss his "weird" habits. Seems the same as most high profile
interviews - the interviewer is so thrilled to get an exclusive they just
gobble up whatever they're told.

------
rurban
Again he is spinning/lying about the word "collecting". Their interpretation
of collection is still collecting + looking at it, while the rest of world
still interprets collection as collection.

~~~
salient
Yes, they keep saying that as if all the collected data wasn't already "looked
at" through keyword alerts or similar systems, or that they wouldn't give
themselves permission to look manually at someone's data anyway.

Also last I checked, the 4th Amendment prohibits unreasonable searches (I
would think searching/fishing for elements in the data through autonomous
systems, is still called "searching", no?) and _seizures_ (i.e. collections).

~~~
mpyne
4th Amendment prohibits unreasonable searches of _persons_ , _houses_ ,
_papers_ , and _effects_.

It has never prohibited the government from doing other searches, otherwise
government agencies would not be able to subpoena business records _about you_
from third parties.

Sometimes Congress passes separate laws adding a specific requirement to
obtain a warrant before doing a certain type of search, and the Supreme Court
has also acted to expand 4th Amendment protections to include 'reasonable
expectation of privacy' (concerning a phone booth conversation in an otherwise
public place) but even in that case the Supreme Court specifically abrogated
the concept of a _general_ "right to privacy".

~~~
george88b
Wouldn't an average, reasonable person in today's age consider an email or
digital file to be a modern version of a "paper" or a cell phone to be a
modern "effect"?

~~~
mpyne
Well that already is that the case, but that would only prevent the government
from searching the cell phone or computer itself (which is why you don't hear
of NSA hacking into Americans' computers), not from intercepting
communications made by the cell phone or computer once it leaves the home.

~~~
anaphor
Can the NSA open everyone's mail, make a copy of it, and put the original
letters back without that being "collection" of the letters?

~~~
mpyne
Well it would be the USPS, not the NSA, and the USPS does indeed scan today
every single mail item they process for "metadata" about the contents of the
envelope [1] (note how the linked article reinforces my point about Fourth
Amendment protection).

Either way if the failure of the Fourth Amendment to be protective enough is
that bad then the solution is either to pass a law adding the needed
protection (what Congress did for landline wiretaps) or to wait for an
activist judge to quote James Madison in a ruling that expands the permit of
the Fourth Amendment (e.g. the ruling today).

But simply wishing that the Fourth Amendment says something other than what it
does, doesn't turn the Fourth Amendment into what you wish.

[1] [http://gizmodo.com/5994922/how-the-post-office-sniffs-out-
an...](http://gizmodo.com/5994922/how-the-post-office-sniffs-out-anthrax-
before-it-hits-your-mailbox)

------
foxhop
It irritates me when they use the term "taken" or "lost" when referring to the
data that was leaked or copied. The verb taken works best for physical
document. Lost would mean that the physical document was taken or stolen and
is not replaceable.

~~~
viraptor
That battle was already lost once regarding piracy. According to the media
it's not copyright infringement, copying, or duplication. It's stealing the
movie. This allows pseudo-advertisements like "you wouldn't steal a car" to
exist. (I would definitely copy a car is I could!)

------
dephex
"He was taking a technical examination for potential employment at NSA; he
used his system administrator privileges to go into the account of the NSA
employee who was administering that test, and he took both questions and the
answers, and used them to pass the test."

WHAT? He was a potential employee at the NSA but was already a system
administrator, guys. That's the only reason this all happened - because he's a
liar, cheater and thief! Down with Snowden!

~~~
doug11235
Government contractors are not considered government employees.

------
freyr
Right on the heels of Saturday Night Live skewering 60 Minutes for softball
interviews:

[http://www.nbc.com/saturday-night-live/video/rob-ford-
cold-o...](http://www.nbc.com/saturday-night-live/video/rob-ford-cold-
open/n43342/)

------
wikiburner
Does anyone have any good links to information on the "BIOS" attack the NSA
claims to have thwarted?

To hear the head of the NSA tell it, China was seriously getting ready to
launch WWIII on the Internet, which I find pretty surprising.

------
siculars
What a puff piece if ever there was one. I'm actually concerned that 60
Minutes would actually air such obviously pro NSA propaganda especially after
their Bengazi disaster. How anyone can take this seriously is beyond me. And
the fact that Alexander could blatantly lie to the world on national
television is outrageous.

------
harshreality
Here we go again with the false dichotomy of metadata vs data.

There Is No Difference. Collecting metadata enables you to infer some data,
psychology, and behavior directly, or you can identify the individual and
cross-reference with other databases that contain data.

------
salient
I'll leave this here:

[http://www.theverge.com/2013/12/15/5214452/60-minutes-
softba...](http://www.theverge.com/2013/12/15/5214452/60-minutes-softball-NSA-
expose)

------
teawithcarl
Last week, a PR slot for Amazon on 60 minutes.

This week, NSA public relations decide to put its best spin on ... thanks,
CBS.

------
Bahamut
FWIW, some of the revelations in the NSA video isn't particularly new - you
can get a sense of how the NSA operates by visiting Palantir's website (they
create custom software for agencies like the NSA). I highly suspect that the
video reveals that software in action for forming links with phone metadata.

Contrary to a lot of what has been said on HN, a lot of what the NSA does is
good for the US. It would appear Gen. Alexander sidestepped talking about some
of the questionable behavior that has occurred, but on the whole, the NSA
operates with the right mindset. Anything on foreign grounds are free reign
for any country to operate in, and it has always been that way in the broader
intelligence community. The US has just been especially good at it.

Computing power & ability are getting ever more daunting. The knowledge about
the fragility of computers are getting ever more accessible. What would a lot
of you do about thwarting cyberthreats of varying natures to the US, were you
in the position to have to protect such a powerful entity? Would you leave the
US vulnerable if it meant erring strictly on privacy, which still has the
potential to be prone to mistakes? Metadata in itself is a powerful
intelligence tool. Should the intelligence agencies never have access to it?
Under what conditions should it be available? What would you do in the event
that time is of the essence, and bureaucracy ends up preventing you from
accessing the vital information you needed to stop a terrorist plot? It is
hard for people to know about what successes intelligence agencies may have -
it's a damned if you do, damned if you don't situation, since the information
often needs to remain classified for foreign relations, but if you fail to
save lives, you are then blamed for failing your country, as the intelligence
agencies were for 9/11 due to inadequate data sharing & exactly the type of
bureaucracy that was later decreased.

I have some insight as to how the NSA operates, based on prospective employers
reaching out to me for interviews, including workgroups in companies who
contract directly with the NSA and the NSA itself (I was approached for a role
as a mathematician as soon as their hiring freeze was over, my specialty was
number theory, including analytic & algebraic number theory, precisely the
NSA's domain) - those intelligent and who have interviewed in this field
should be able to extrapolate generally how the NSA likely operates without
having worked there.

I respect the mission, and personally don't have a huge problem with how the
NSA operates. I wouldn't work for them ever anymore though, I picked a
different career.

One thing I think people on HN should do though is think critically about this
though, and not automatically go into scared-mode/hive-mode due to the amount
of data involved. Think it through logically, as you would with any other
problem. I think most of you would understand that this is a far more complex
issue than many here have made it out to be. One may still potentially arrive
at the same conclusion that the NSA overstepped their bounds on a high moral
level, but you will gain more of an appreciation for the high moral level that
the NSA attempts to operate in generally, which should be a surprise if you
haven't thought about this prior to this incident given the world history of
espionage and intelligence.

~~~
jdonaldson
It's pretty faint praise if you have to argue that a lot of what <insert name>
does is good. It's like listening to someone in an abusive relationship.

They have willfully violated privacy expectations of individuals and
corporations, and they seem to have enjoyed doing it (the slide deck showing
how they sniff google data comes to mind).

They do have a big job to do, but "protecting the US as an entity" is not a
risk to the extent you imply. Even additional terrorist attacks on the scale
of 9/11 are not going to threaten the future of our country. Furthermore, even
in the presence of such pervasive surveillance by the NSA, we are still
vulnerable to attacks of terrorism, such as the Boston Marathon bombings. The
American citizen is not really any safer than before, and in fact is more
vulnerable to abuse by those with access to sensitive personal data.

What's happening now _is_ in fact a good deal of logical thought. The question
is whether the NSA's operations need to be severely curtailed and/or
monitored.

Finally, if you're looking for the scared-mode people, I would suggest looking
to the individuals who have put their personal freedoms at stake to try and
bring evidence of wrong-doing to light.

~~~
Bahamut
On the contrary, it is the risk I imply/have stated. I don't work in
intelligence, but I am an infantry Marine reservist - some of the tactics
briefed to us on how foreign governments and terrorists try to compromise
opsec might surprise many, including using Facebook to try to determine troop
movements. Our enemies are also sophisticated.

It's just not as simple as you have stated so far. I'm not making an absolute
claim that the NSA did not violate privacy or such - I was primarily pointing
out some of the complexities involved here that privacy advocates tend to
forget, especially when considering the history of foreign intelligence
gathering, where privacy is not guaranteed by any nation because such a
guarantee cannot be backed.

------
michaelrhansen
we don't collect phone things

------
ChrisNorstrom
Quick Question about encrypted email: For extremely sensitive data, rather
than mess with PGP for Thunderbird and private and public keys. Can't you just
email a TrueCrypt container with a hidden TrueCrypt container inside of it
back and forth between your clients?

~~~
jgg
You'd have to find a way to negotiate the volume password electronically if
you didn't do it in person, which in turn would basically just be asymmetric
crypto, which would probably lead you to PGP.

------
tn13
LOL. NSA is spying on all H1B employees, foreign students and rest of the
world. If they have that capability I am not sure how exactly they would
filter out US persons.

Secondly, these people have the history of lying to Congress itself. I am not
sure if they give any shit about media and general public.

As a non-american one thing is absolutely clear to me. Given two equal
services always choose a non-american one.

------
testaccount4
test comment please ignore

~~~
samstave
Congrats, your sockouppet account is now active.

