
Connecting the PRISM Dots: A New Theory on How PRISM Works - yaakov
http://uncrunched.com/2013/06/11/connecting-the-prism-dots-my-new-theory/
======
nl
We already know a bit about Google's automated wiretap system for Gmail,
because it was the system that the Chinese attacked in 2009/2010 in an attempt
to access the accounts of Tibetan human right's campaigners.[1][2]

Bruce Schneier wrote a bit about this back in 2010[3]

I'm surprised no one has mentioned this before, since it's public confirmation
of much of what the PRISM documents say, on the record.

[1] [http://www.washingtonpost.com/world/national-
security/chines...](http://www.washingtonpost.com/world/national-
security/chinese-hackers-who-breached-google-gained-access-to-sensitive-data-
us-officials-say/2013/05/20/51330428-be34-11e2-89c9-3be8095fe767_story.html)

[2] [http://www.techcentral.ie/21618/aurora-hackers-may-have-
acce...](http://www.techcentral.ie/21618/aurora-hackers-may-have-accessed-law-
enforcement-targets)

[3]
[http://edition.cnn.com/2010/OPINION/01/23/schneier.google.ha...](http://edition.cnn.com/2010/OPINION/01/23/schneier.google.hacking/index.html)

~~~
lawnchair_larry
Minor correction, it was not attacked to access accounts of human rights
campaigners. It was leaked 2 months ago that Google lied about this and that
the actual purpose was to see which of China's spies google were watching
under NSL/FISA orders. So yes it was clearly Prism that they were accessing.

~~~
temphn
Wow. Looks like you're right.

    
    
      The breach appears to have been aimed at unearthing the 
      identities of Chinese intelligence operatives in the United 
      States who may have been under surveillance by American law 
      enforcement agencies.
    

[http://www.washingtonpost.com/world/national-
security/chines...](http://www.washingtonpost.com/world/national-
security/chinese-hackers-who-breached-google-gained-access-to-sensitive-data-
us-officials-say/2013/05/20/51330428-be34-11e2-89c9-3be8095fe767_story.html)

------
lawnchair_larry
Justin Schuh is a google chrome security employee and former military/agency
contractor with a TS clearance, who hinted that it is basically a REST API on
his twitter feed. That's getting pretty close to Arrington's theory.

[https://twitter.com/justinschuh](https://twitter.com/justinschuh)

He's a little drunk on the red, white and blue kool-aid, right now and lashing
out, but he had some comments earlier.

(make your own interpretation, I don't know him or anything else, that was
just my read)

The point about these companies being in the program, and twitter not, is a
huge distinguisher. That is essentially proof that there is some
automation/privileged access.

~~~
tptacek
Why, because he asked questions? He's as pissed as you are about the Verizon
stuff, but at the same time being smeared by shoddy journalism on the "Prism"
stuff.

(Bias on the table, I know Justin).

~~~
lawnchair_larry
His questions are legit, and I have some of the same questions, but he's also
doing the smearing. I don't see him _being_ smeared.

My feeling is also that this guy leaked material that he didn't fully
understand, but that it doesn't matter because he could be wrong about all of
the fuzzy details and it would still be just as bad.

------
bambax
This analysis sounds very reasonable and realistic; it does fit the evidence
we have so far. The key insight is "automated process" \-- and I'm sure the
companies involved were really happy with that solution.

This part is a little naive though: _" The NSA can begin surveillance on
someone(s) for a full week before they have to get the rubber stamp from the
secret court"_

Since everything is secret, it's difficult for anyone to examine or challenge
what the NSA does. If they have a week before going to court it means they
have eternity, because no one is going to make sure that provision is always
observed.

~~~
saraid216
> Since everything is secret, it's difficult for anyone to examine or
> challenge what the NSA does. If they have a week before going to court it
> means they have eternity, because no one is going to make sure that
> provision is always observed.

"Secret" doesn't mean "code is written by people who don't document it and are
then killed after it's shipped". Secret means that they don't trust _you_ with
keeping them honest.

------
ig1
"Meanwhile, the BBC has learned that Twitter was invited to join the Prism
programme last year, but rejected the approach from US authorities."

[http://www.bbc.co.uk/news/uk-politics-22824379](http://www.bbc.co.uk/news/uk-
politics-22824379)

~~~
IanCal
What would be the point? The vast majority of the data is public, and Twitter
will give you firehose access (essentially a stream of all tweets) if you ask
nicely.

~~~
netrus
IP addresses that access accounts might be of interest.

~~~
shill
And direct messages, if anyone uses that feature.

~~~
IanCal
Ah, I didn't know that was possible on twitter, that makes a lot of sense.

------
acqq
And as soon as you are not in the U.S. or aren't the citizen, they don't need
any order at all, not even the broad one, it's lawful for security agencies to
get as much as they can and for Google to not even log which queries were
made.

Google can even help agencies by automatically informing them if the "target"
fits "free to access" criteria. And everybody is still not breaking the law.

Moreover, the amount of belief by agency that the data are "free to access" is
enough to be only 51% to make it lawful.

Please write if you know more nuanced details about these limitations.
Everybody should be informed about the laws, that's why they exist and why
they are called laws.

~~~
lessnonymous
As a non-US citizen or resident this is a great concern to me (and I feel it
should be to you too).

The NSA is not allowed to spy on Americans.

ASIO is not allowed to spy on Australians.

But what if the NSA gave the PRISM tech and data feed to ASIO so ASIO could
spy on Americans and answer any question the NSA asks (and vice versa).

Now neither intelligence service has an 'illegal wiretap' on their own
citizens. They just receive 'foreign intelligence' from each other.

Now mix in every other 'friendly' state and there's a massive worldwide mesh
of data gathering that's all legal .. in the strictest sense of the word.

(I feel like I should put my tinfoil hat on .. but since this has broken I'm
fairly sure they're futile)

~~~
lessnonymous
Aaaaand BINGO!

[http://www.itwire.com/it-policy-news/govenrment-tech-
policy/...](http://www.itwire.com/it-policy-news/govenrment-tech-
policy/60282-revealed-%E2%80%93-australia%E2%80%99s-own-prism-facility)

------
buro9
This was pretty much where my mind was going. You don't need direct access or
drop boxes if you can just automate the process. It also squares neatly with
Snowden's "All I'd need is to know your email address"... it's a search tool.

------
einhverfr
I have more or less a reaction like this.

I think the best approach to a FISA order is to say "sure, no problem. We will
have this all printed, bound, and shipped to you surface mail within 24 hour,
preferably from our outsourced printing office in the Yucatan (it's a lot of
pages and we don't have the equipment in house to do that). And on the off
chance you want it to be electronically readable, we will print it out in
OCR-A fonts. Great doing business with you. Have a nice day."

~~~
kniht
So you want to transmit potentially sensitive information through the post in
plaintext? Just to give the middle finger to the NSA?

~~~
saraid216
"Oh, fret not. It's a double encryption. See, if the first letter is a
consonant, then what follows is the mirrored truth."

------
junto
Google re-released that feature to the public in the form of Google Takeout in
2011:
[http://en.wikipedia.org/wiki/Google_Takeout](http://en.wikipedia.org/wiki/Google_Takeout)

------
mtgx
> "It can begin surveillance a week before making the request to the secret
> court, and the surveillance can continue during the appeals process if, in a
> rare case, the spy court rejects the surveillance application."

How can this be constitutional? Doesn't the 4th amendment say you need
_probable cause_ before spying/searching on someone? I've also read that the
NSA is spying on some, and then gives the info to the FBI, "which now has
probable cause". It seems to me they are doing nothing more and nothing less
than fishing expeditions, which are illegal/unconstitutional. I really hope
someone manages to bring the Patriot Act and FISA to the Supreme Court this
time around.

Also, I seriously believe US needs a _Constitutional Court_ to look at all
passed bills by Congress, before they become laws. Congress doesn't seem to
care about the Constitution anymore and just passes stuff to make all sorts of
things "legal", and could be _a decade or two_ before they even arrive at the
Supreme Court, especially with the president trying to fight them at every
turn, and with all sorts of gag orders and whatnot - rules they are making to
prevent you from even suing them over it. This is becoming increasingly more
common with the worst of the worst laws.

I know there are some arguments against Constitutional Courts, but they are
working quite well in Europe, and if they have a secret FISA Court that rubber
stamps all the spying anyway, how much more damage could a Constitutional
Court (that would be public, obviously) do? And of course, the laws could
still arrive at the Supreme Court later, and judges would still have to verify
their constitutionality in trials, just like today.

At least Americans would have an extra check on their governments from passing
all sorts of crazy laws, thinking they get away with it, and might even leave
office by the time it arrives at the Supreme Court, and passing these laws
days before Christmas. At least it would stop the majority of crazy laws being
passed by Congress.

The system you have now is simply not good enough anymore. Not when Congress
and the president are breaking their oath to the Constitution on a daily
basis.

~~~
asperous
One of the biggest criticisms of democracy is that it would be too slow of a
process, when, for example someone runs a plain into a business building and
kills lots of people.

So the founders of America created something called setting the country into a
"state of emergency" which grants certain rights and privileges not normally
legal. They didn't think that the government would be so power hungry that
they'd just leave this feature permanently on.

They were wrong.

[http://www.whitehouse.gov/the-press-
office/2012/09/11/messag...](http://www.whitehouse.gov/the-press-
office/2012/09/11/message-continuation-national-emergency-respect-certain-
terrorist-attack)

~~~
mpyne
The founders of America did no such thing. You should go read the Constitution
yourself to verify, but I only know of the state of insurrection/rebellion or
domestic attack as being mentioned explicitly by the Framers, and that was
only in the context of suspension of habeus corpus.

If you look at the link you posted you'll see that the verbiage about
"national emergency" was designed and implemented by Congress as law, not as
part of the Constitution itself.

------
codeulike
Yeah I think this is on the right lines. See also the detail from this other
article:
[https://news.ycombinator.com/item?id=5845258](https://news.ycombinator.com/item?id=5845258)
that implies that the government does not see _holding_ data as a particular
problem, it believes that _looking_ at data is what it needs a FISA order for.
The metaphor of receiving a van full of boxes, and only needing permission to
open the boxes, but not needing permission to store them. Thats bad news
because of the lack of oversight once the boxes are in their possesion.

------
jdp23
This is similar to Mar Ambinder's explanation in "Solving the PRISM myseter"
[1] and Robert O'Harrow et al's quotes from intelligence sources in "U.S.,
company officials: Internet surveillance does not indiscriminately mine data"
[2]. From the second article, discussing "direct access":

 _Intelligence community sources said that this description, although
inaccurate from a technical perspective, matches the experience of analysts at
the NSA. From their workstations anywhere in the world, government employees
cleared for PRISM access may “task” the system and receive results from an
Internet company without further interaction with the company’s staff._

 _According to a more precise description contained in a classified NSA
inspector general’s report, also obtained by The Post, PRISM allows
“collection managers [to send] content tasking instructions directly to
equipment installed at company-controlled locations,” rather than directly to
company servers. The companies cannot see the queries that are sent from the
NSA to the systems installed on their premises, according to sources familiar
with the PRISM process._

 _Crucial aspects about the mechanisms of data transfer remain publicly
unknown. Several industry officials told The Post that the system pushes
requested data from company servers to classified computers at FBI facilities
at Quantico. The information is then shared with the NSA or other authorized
intelligence agencies._

------
cromwellian
I posted this theory on my G+ feed the first day it was leaked, that PRISM
amounted to an automated-NSL-request-and-response management system, like an
issue tracker. Click a button to mail an NSL request electronically, notify
employee when company approves, go pick up the data automatically.

PRISM is an NSA issue tracker with auto-import essentially.

But someone else pointed out to me something more interesting. All companies
which provide voice telephony, even VoIP, have to comply with CALEA, which
means they have to install equipment maintained by the FBI which allows
intercepts of Voice calls via search warrant.

Once Google added Voice/Video chat, they might have had to comply with this,
just like Skype. Ditto for Apple and Facetime.

The Washington Post said something about the NSA tasking the FBI in this
pipeline. Therefore, PRISM may be abusing CALEA devices which companies are
compelled to install, by leveraging them for intercepts of voice in ways that
don't fit the law.

So, revised theory:

For email and non-voice data, PRISM sends an NSL to company, waits for
approval, then hits a REST API to pick up the goods.

For voice, PRISM sends request to FBI, who then commands CALEA device for
intercept. No company action required?

~~~
tonyb
CALEA is not only for voice. Broadband providers are required to be CALEA
compliant. Basically they have to be able to delivery data in a specific
format to an LEA.

These devices are not (normally?) under LEA control. The service provider
would receive a warrant/court order that says "send data for customer XYZ to
this CALEA capture IP". Even if the LEA had direct control of the CALEA device
it would need the assistance of the SP to know what data is coming from what
customer.

~~~
cromwellian
Is it possible that the NSA is in cahoots with the CALEA device manufacturers?
Once a CALEA device has been integrated with the SP's system, might it be the
case that it can act as a trojan horse?

On the one hand, they could wall off the device, and have packets routed to it
after reviewing the request. On the other hand, the device could be
unfirewalled from the rest of the network.

------
samatman
PRISM sure sounds a lot like a fiber-optic beam splitter. Also known as a
prism. Fits the facts, gives the data, doesn't touch the servers or back-door
anything, because the data is being captured, in total, on the way in and out
of the server farm.

------
stkni
I like this theory. Up until now I've been viewing the media reaction with
skepticism because the interviews, denials and official statements seem to
contradict each other. And much as I dislike conspiracy theories this
particular theory seems too 'tidy' to be dismissed out-of-hand.

The fascinating thing, for me, is whether this catastrophic blow to our
privacy will actually even register with most users of the services that are
deemed to be 'tainted'.

And if they don't care, at least not enough to stop using those services, then
we have accepted these intrusions as a necessary consequence of modern
technology and modern life.

------
easytiger
Given the size of the infrastructiure they have id say its multiple sources
one of which includes ISP level optical taps/aggregation

~~~
yuvadam
Definitely, but this isn't what PRISM is about.

~~~
peterpathname
maybe more significant.

------
purephase
Interesting theory, and definitely the more boring version which lends it some
credibility. My only question would be that the NSA would have to have some
assurance that the data they're receiving is legitimate.

------
drivebyacct2
I've sorta been saying this for a while. Earlier on my G+, but also here.

>(which I suspect were simply the dates that the companies brought up
infrastructure to be able to quickly and easily comply with FISA warrants.
Which means "direct access" is true, but it also means that "we were forced to
make it easy to give the government what they want as soon as they need it")

This telling of the tale fits with pretty much what everyone said. The form-
fill denials are true and make sense. The governments repeated references to
FISA make sense, and it gives them a way to justify their legality.

The rest of the article is great for those _cough_ that keep saying "FISA
warrants" as if the warrants part means anything.

I mean, the API for this automated "Takeout [NSA style]" would be super easy.
I can imagine it. And all the quirks in the spec. "Check the FISA warrant ID
(or don't, it's just a mocked interface that returns true, same result as the
court records)", etc.

