
White House admits it has 'access' to Facebook, Google - WestCoastJustin
http://www.theweek.co.uk/us/53475/white-house-admits-it-has-access-facebook-google
======
ig1
Facebook: _" We do not provide any government organization with direct access
to Facebook servers."_

Yahoo: _" We do not provide the government with direct access to our servers"_

AOL: _" nor do we provide any government agency with access to our servers."_

Paltalk: _" Paltalk does not provide any government agency with direct access
to its servers"_

Apple: _" We do not provide any government agency with direct access to our
servers"_

~~~
lawdawg
And if they didn't say that, everyone on HN would be whining about why they
didn't deny "direct access" when that was the headline accusation.

Can't win with you guys.

~~~
ig1
It's not the phrase "direct access" (which they could reasonably use given it
was used in the original leak story), but rather the construction of the whole
sentence.

There are millions of ways you could phrase the response (Dropbox and
Microsoft used completely different language), the chance that these five came
up with the phrasing used independently seems fairly low. Especially as the
statements weren't all given to a single reporter (who could have phrased the
question in a particular way) but rather to a variety of different news
sources.

It could still be completely innocent, they could all have cribbed off whoever
did the first denial or they could have discussed it beforehand and co-
ordinated messages without there having been any government involvement.

It is however something that needs explaining.

~~~
DannyBee
There are millions of ways to deny things.

This is the most clear and direct way

I accused you of doing X

You could say "you know, my brother and I, we once, 30 years ago blah blah
blah blah blah blah but X, X never happened".

Most people, however, will just say "No, i don't do X".

They were accused, point blank, of providing direct access to their servers.
They said "we do not provide direct access to their servers".

But please, see a conspiracy here because people are trying to be as direct
and clear.

~~~
eatitraw
I accused you of doing X on mondays. You could say "You know, in fact, I do X,
but on tuesdays". Most hypocrites however will take your question as literally
as possible and will just say: "No, I don't do X on mondays".

You see, people don't want to know if government has direct access(ok, they
want, but it is not their primary concern), they want to know what happened.

It simply doesn't matter if google uploads data to government servers or
government gets data from google servers by "directly accessing" them. I would
even guess that the latter is simpler to implement and maintain.

I don't mean that google is happy to hand user data to government - they
probably aren't - I want to know how many data governments gets.

~~~
DannyBee
"You see, people don't want to know if government has direct access(ok, they
want, but it is not their primary concern), they want to know what happened. "

The companies are saying they have no idea. They literally said "we've never
heard of this program". What more do you want?

The claim the newspapers made, in line 1, was, "the government has direct
access". The denial made was "the government does not have direct access".

If they want to publish a different claim, i'm sure a different denial will be
written.

If you want to know what happened, why are you asking GOogle? Go ask the NSA

------
kahirsch
This article is _terrible_. What exactly did "the White House" say? There is
not even one sentence that is attributed to a specific individual. Was it the
White House press secretary, or Obama, or somebody else? Or are they referring
to the statements from the Director of National Intelligence?

Here is what Obama said: [http://www.whitehouse.gov/the-press-
office/2013/06/07/statem...](http://www.whitehouse.gov/the-press-
office/2013/06/07/statement-president)

Here are the statements from the DNI:

[http://www.dni.gov/index.php/newsroom/press-
releases/191-pre...](http://www.dni.gov/index.php/newsroom/press-
releases/191-press-releases-2013/868-dni-statement-on-recent-unauthorized-
disclosures-of-classified-information)
[http://www.dni.gov/index.php/newsroom/press-
releases/191-pre...](http://www.dni.gov/index.php/newsroom/press-
releases/191-press-releases-2013/869-dni-statement-on-activities-authorized-
under-section-702-of-fisa)

Nowhere in those do I see any confirmation that there is direct or unlimited
access to the servers of the companies mentioned.

------
winslow
"EDITOR'S NOTE: Since this story was published, The Guardian has reported that
the UK intelligence gathering organisation GCHQ has had access to the PRISM
system since at least June 2010 and has generated 197 intelligence reports."

So other governments have a backdoor to our government's backdoor... What
stops China among others from being able to access this?

On the other hand, what is the truth if Larry Page is saying that Google does
not allow 'direct' access but the White House is saying that it does have
access? This just looks like a giant finger pointing and blame game now.

~~~
ihsw
> So other governments have a backdoor to our government's backdoor

And we have a backdoor to their backdoor. It's fairly easy to assume that they
-- state-sponsored intelligence agencies -- collude with each-other by
offering access to each-other's data stores.

In a sense we are all foreign to each-other, and the USG may access American
data through requests acting as foreign agencies.

~~~
brown9-2
The US, UK, Australia and NZ have had a bilateral intelligence sharing
agreement since the 1940s: [http://en.wikipedia.org/wiki/UK-
US_Security_Agreement](http://en.wikipedia.org/wiki/UK-US_Security_Agreement)

------
jcampbell1
The presentation makes it seem they are harvesting the data. That would
resolve any apparent contradiction. The biggest question is how? Surely google
has noticed these man in the middle attacks. I think the guardian
misinterpreted the word "provider".

Edit: it appears the NSA has google's ssl keys. That would explain all the
talk about "direct access".

~~~
tptacek
Google could not provide the NSA with its TLS keys and then argue it hadn't
given the government direct access to its servers. Nor could the government
MITM TLS, which would be detectable, nor could they have compromised a TLS CA
to accomplish the same thing, because Google's keys are pinned in Chrome and
recent Firefox; you can examine the builds to see that.

~~~
jcampbell1
How do you resolve the the fact the presentation is real, and Larry Page's
statements?

This is the only explanation that makes sense. Some secret court compels
Google to provide their TLS keys, which is a a few kb of data. No one at
Google has to know, and no one at Google can accidentally detect the leak.

Also, can you clarify for me why you think giving someone access to eavesdrop
overlaps with "direct access to servers"?

If what I say is correct, Larry Page's statement is 100% defensible.

~~~
foobarqux
Could it be that the presentation describes targeted surveillance? PRISM may
just be a program to standardize a process and the type and format of
information returned.

~~~
jcampbell1
Yes, I think the $20M figure makes it clear it is targeted. They have the
ability and authorization to eavesdrop on foreign packets, but that is like
drinking from a firehose. They need a way to syphon and interpret the data,
and also a way read TLS streams. I think the dates and companies are a
combination of getting access to the TLS keys, and actually implementing a
sane way of sipping from the firehose. In facebook's case, I think they
implemented a way to eavesdrop, and then later compelled Zuck to provide the
keys.

The slide about how traffic is routed through the US is really telling. This
program works because there is access to the packets.

------
denzil_correa
Can someone just tell what the final deal is? I'm quite annoyed by conflicting
reports from the media, Internet firms and the US government. Also, please
stop playing with words. It doesn't matter if the program is named PRISM or
Hexagon. What matters is the access powers to otherwise private data by
governments.

~~~
fchollet
The White House has confirmed that PRISM existed, and has condemned the leak.
This means that the power point slides that were leaked are real.

Now go read the slides, and you'll know exactly what is going on.

~~~
joevandyk
Even if the White House confirmed the PRISM program exist, and condemned the
leak about the PRISM program, it doesn't mean all the facts in some power
point presentation is real at all.

~~~
jlgreco
If the powerpoint were fake, why would the white house hesitate to point that
out?

------
fragsworth
> “It [PRISM] cannot be used to intentionally target any US citizen, any other
> US person, or anyone located within the United States,” said James Clapper,
> the director of national intelligence.

And how are we supposed to believe this? We were already blatantly lied to.

------
coldcode
Mark and Larry seem to disagree. Someone's not telling the truth.

~~~
danso
Or...you may be misinterpreting what's at issue. I can't claim to really know
either, but from what I gather, the issue at hand is: Does the NSA have a
direct feed into Google's servers, via PRISM?

Google says "No".

However, Google _has not_ denied giving government access to user data: in
fact, Google for a few years has been publishing a report of how many times
governments ask it for user data:

[http://www.google.com/transparencyreport/userdatarequests&#x...](http://www.google.com/transparencyreport/userdatarequests&#x2F);

~~~
reledi
Fixed link:
[http://www.google.com/transparencyreport/userdatarequests](http://www.google.com/transparencyreport/userdatarequests)

------
fragsworth
Eric Schmidt, in March 2010, knew about this when he said the following for
users who wished their actions to be private:

> But if you really need that kind of privacy, the reality is that search
> engines, including Google, do retain this information for some time. And
> [...] we're all subject, in the US, to the Patriot Act, and it is possible
> that that information could be made available to the authorities.

------
smtddr
Whatever your views on this are, I hope nobody is actually surprised. If I
were a $CURRENT_MEDIA_BOOGIEMAN_SCAPEGOAT_THINKOFTHECHILDREN, I would
definitely assume that the usgov has access to any "big data" on the general
public and can get it anytime they want. My plans for world-domination won't
be sent through gmail or sent in a private message on facebook, or an text-msg
on VerizoNSA. I'd take the time to learn and use PGP.

Only regular citizens will be caught by this and... the whitehouse knows it. I
only wish the general public could see HN now. Someone with lots of money,
_looks-at-Google_ , should buy like 2mins of commercial-time during the Super-
bowl to talk about stuff like this.

~~~
hrbrtglm
Ok, but what about companies who store sensitive data and emails on Google
Apps for business, especially non US companies ? What about non US citizens
who seems to have less protection and spyable at mercy ? Should we the (
whatever your country or citizenship ) avoid by all means US internet corps.

If the American gov wanted to kill the cloud, then good job ! I want to
clarify that I do not trust my own gov neither ...

~~~
rayiner
Nobody should store sensitive data and e-mails on a system where they're
sitting there in plain text accessible to god knows how many people at Google
and their data centers. That's insane.

~~~
hrbrtglm
As Microsoft was the first company to adhere PRISM as stated by the leaked
slide, that also means that no company worldwide should ever use office 365,
azure or managed sharepoint / exchange !

These software corps better be persuasive because a whole economic part of USA
will be endangered then !

~~~
rayiner
Yes. Storing sensitive corporate documents in plain text on servers owned by
Microsoft, Google, etc, with no legal protections in place, is retarded.

------
wavefunction
To be honest, this whole thing is coordinated. The leak, the opportunity for
outrage, the opportunity to gloss over the outrage, and now it's out in the
open where the politicians and CEOs don't have to face real outrage.

True theater!!!

~~~
krapp
If they were truly that powerful and organized, wouldn't they have rather just
not orchestrated the leak to begin with?

~~~
wavefunction
If it's going to come out eventually, why not control the leak?

PR 101, mang

~~~
krapp
But they're not controlling anything, they're just doing now what they would
be doing if the leak had been real, assuming it was orchestrated. They
would've done a better job letting everyone stay distracted by all the other
crap being dropped on Obama's head right now.

~~~
leoc
Not necessarily: you could for example throw in red herrings and
disinformation along with whatever facts you're disclosing. The "limited
hangout"
[http://en.wikipedia.org/wiki/Limited_hangout](http://en.wikipedia.org/wiki/Limited_hangout)
is apparently a real thing, though of course once you've heard of them it's
easy to start imagining them where they don't exist.

------
ibudiallo
I don't know if you know this, but we all have access to facebook data. Not
much of it is private

------
danbruc
What really pisses me off is something like »It [PRISM] cannot be used to
intentionally target any US citizen, any other US person, or anyone located
within the United States«. Mass surveillance without suspicion of foreigners
is even worse than spying the own people.

------
devbin
Another Onion fake news became real.

[http://www.theonion.com/video/cias-facebook-program-
dramatic...](http://www.theonion.com/video/cias-facebook-program-dramatically-
cut-agencys-cos,19753&#x2F);

------
maresca
If it's going over the wire, you can bet they have access to it, with or
without 'access.'

[http://en.wikipedia.org/wiki/Room_641A](http://en.wikipedia.org/wiki/Room_641A)

~~~
stusmall
Facebook is opt-in https and I believe google is https by default. I don't
know about the other services.

Without their keys having it over the wire won't get them what they want.

EDIT: poor wording.

~~~
maresca
I don't think it's a stretch to think the government has the ssl keys. Or the
ability to find the ssl keys.

------
mrcactu5
The public has unprecedented access to information b/c of the stuff publicized
on HackerNews. Should come as any surprise the White House also has this
access?

I just assume Barack is LOLing everytime I crack a funny on twitter.

------
runn1ng
Is this article providing anything new? It seems just like a rehash of all the
old articles, with a speculative title.

------
der3k
V for Vendetta IRL.

