

Canada Casts Global Surveillance Dragnet Over File Downloads - etiam
https://firstlook.org/theintercept/2015/01/28/canada-cse-levitation-mass-surveillance/

======
wintercomes
So basically, Canada is tapping HTTP to popular sites and logging the IPs and
URLs for later searching and correlation, on undisclosed grounds.

For most people that probably means in practice Canada knows who you are what
you download, and has it available for searching on a whim. As disgusting as
it is, I think the technical among us already assume every spy agency
everywhere is doing _at least_ this much behind closed doors, so it's not a
shocking revelation.

My reaction can best be summarized as sadness. I was never under the
impression my home country was somehow better than the states, but it's sad to
have evidence of that.

~~~
username223
> My reaction can best be summarized as sadness. I was never under the
> impression my home country was somehow better than the states, ...

AFAICT, you're a timber-and-oil operation with a small enough population to
make it profitable; Saudi Arabia with snow. If those of us in the States could
still live that way, we would. That said, you seem a bit less eager to exploit
your Fellow Man, so you're slightly better.

~~~
tacoman
If I read this right, Canada's largest single export is cars (probably from GM
Canada to GM America)

[https://en.wikipedia.org/wiki/Economy_of_Canada#mediaviewer/...](https://en.wikipedia.org/wiki/Economy_of_Canada#mediaviewer/File:Canada_Products_Export_Treemap_2012.png)

Russia is the Saudi Arabia with snow:

[https://commons.wikimedia.org/wiki/File:Russia_Export_Treema...](https://commons.wikimedia.org/wiki/File:Russia_Export_Treemap.png)

~~~
chongli
Wow. I never would've guessed our aerospace industry outstrips our wheat
exports. That's pretty crazy!

------
dmix
Probably the closest thing to pre-crime than any other Snowden leak. Canada
FTW.

This is the side-effect of reaching the goal of 'collect-it-all', the next
logical step would be to evolve beyond targeted surveillance, or even honey-
pots, and start doing large-scale behavioral analysis of raw traffic patterns,
and use those as probable-cause indicators for further surveillance.

This is the ultimate promised-land of the surveillance state.

~~~
upofadown
The fact that these signals intelligence entities are working so hard on the
pre-crime angle causes me some optimism. Because most of the countries of the
world are not actually at war and are not likely to go to war there is little
value in signals intelligence. The idea that it might be possible to predict
when individuals are going to do something bad can be seen as a kind of last
gasp at relevance for such entities. If it turns out that such prediction is
not possible then signals intelligence will simply be defunded in most of the
world.

~~~
sandworm
It's not about winning wars or even predicting crime. It's about having the
knowledge to control events to your advantage.

Intelligence agencies are tasked with questions like "If Russia invades the
rest of Ukraine, how will Germany react?" That can be answered with data from
tapping the leadership's phones, or by how often the words "putin" and
"despot" appear together in emails from German citizens.

Will the current German government fall if they do not react? How about if
Russia moves the day after an important German election? How much does Russia
know about German public opinion? Is there a greater chance that they will
invade after/during/before the election?

Replace "German election" with "the Winter Olympics" and you have a very
realworld question.

~~~
kghose
That, sir, is a grown up attitude, and has no place here on Hackernews.

------
userbinator
_an analyst from the agency jokes about how, while hunting for extremists, the
LEVITATION system gets clogged with information on innocuous downloads of the
musical TV series Glee._

What that seems to imply is they have no interest in piracy and that it is not
considered "extremist" to be a pirate... which is an interesting position for
the government to take - the * AA and various other industry associations
would _love_ to have access to this data.

~~~
rudolf0
Signals intelligence agencies have to deal with enough data as it is. They
don't have the resources to care about piracy or even the vast majority of
drug offenses.

~~~
sitkack
You know this because? Once stored it can be farmed to anyone with a mapreduce
job to spare. Esp when the investigating agency can take some of the bounty,
law enforcement can be a nice profit center.

~~~
rudolf0
Valid point. We don't know if they're doing that (and I suspect it's probably
illegal) on a wide scale (the parallel construction cases appear to be
specific help requests made by the FBI/DEA to intelligence agencies), but they
certainly could in the future if they're not already.

------
JoshTriplett
This is the kind of thing I think of every time someone suggests that there
exist sites that "don't need HTTPS".

 _All_ sites need HTTPS, and all protocols need TLS or equivalent; plaintext
should never appear on the wire.

~~~
peeters
While I agree, there's a reason that file sharing and video sites have been
slow to take up HTTPS, and that's that it removes the ability for any
intermediaries to cache the content. It puts more of a burden on ISPs and
services to carry the extra load, whether it be through SSL-terminated
peering, or more scaling at the home servers. It may be a necessary burden,
but still, it's a pretty significant one.

In extreme cases, think of the infrastructure cost of streaming say, a world
cup final game over HTTP vs HTTPS.

~~~
click170
I see that as a good thing, it's an argument for ISPs to finally invest in
upgrading their networks, though if Google Fiber wasn't already enough of a
reason I doubt this would make a dent.

------
kstenerud
This is very handy for doing an end-run around constitutional issues. If each
country is not allowed to spy on its own citizens, but is free to spy with
impunity on others, all you need is a strategic alliance (Canada <-> USA)
where each country spies on the other's citizens and passes along information
of interest.

~~~
SeanDav
This is already happening, on a large scale. There are numerous posts about
this if you are looking for further information.

------
ChrisGranger
Aren't they going to be catching only the lowest of the low-hanging fruit
using a technique like this, or am I giving terrorists too much credit?
Wouldn't the ones engaging in _actual_ criminal actions be using encrypted
services, encrypted files, VPNs, etc. and not just randomly uploading things
in the open from their devices to mainstream websites?

~~~
endgame
Replicating stainednapkin's [dead] comment:

> If you think these systems are meant to catch terrorists you are truly
> misinformed.

~~~
happyscrappy
Fascist Canada? Doesn't sound right.

~~~
sitkack
Not fascism, a Public Private Partnership. Win-Win for everyone!

------
xnull5guest
Looking at the document it appears that the CSE also collects and actively
trawls through web search terms and is in the process of developing the
capability to associate collected data not only with IP addresses but with GPS
waypoints, other devices close to the target device and associated telephony
information.

------
logn
Apparently they are using Pentaho. See screenshots starting at slide 7:
[https://www.documentcloud.org/documents/1510163-cse-
presenta...](https://www.documentcloud.org/documents/1510163-cse-presentation-
on-the-levitation-project.html)

Pentaho Data Integration Kettle: [http://www.pentaho.com/product/data-
integration](http://www.pentaho.com/product/data-integration) ,
[https://github.com/pentaho/pentaho-
kettle/](https://github.com/pentaho/pentaho-kettle/)

------
MichaelGG
TLS would do a good first-pass of stopping this, right? And SPDY could defeat
size-based profiling by using server push to send enough data to pad things
out to make transfers all look the same length. (Say round up a max of 10% to
create size "bins".)

~~~
politician
We were doing this 10 years ago, but we modulated the output to make file
downloads look like streaming video.

------
sandworm
After looking at the documents, they seem to be harvesting http get requests.
The initial get is sent to the hosting service, which then directs the user to
wherever they are keeping a copy of the wanted file. That location changes
regularly. Only the initial get, the initial link, would be consistent.

If I am right, spoofing the system should be easy. Sending a get doesn't mean
you download anything. Sending a few thousand protest gets could mask those
you actually follow through on.

~~~
yAnonymous
>Sending a get doesn't mean you download anything.

I don't think they care.

>Sending a few thousand protest gets could mask those you actually follow
through on.

Will only get you on more lists.

You're implying common sense, but there's very little of that.

------
leeoniya
HTTPS.

Just Do It (R)

~~~
tamersalama
I'm wondering which services hasn't changed to HTTPS by now?

~~~
pmalynin
Netflix. Do a correlation between IP and watched shows. Flag people who go for
"extreme" shows such as say Frontline: United States' Secretes as "dissidents"
and apply "appropriate" measures.

