
NSA slides explain the PRISM data-collection program - o0-0o
http://www.washingtonpost.com/wp-srv/special/politics/prism-collection-documents/
======
danso
(note/edit: I've made an error of conflation between the recently reported
massive phone record sweep-up and PRISM, which according to the WP, simply
allows analysts to trace (essentially) the totality of someone's online
interactions, though not everyone at once. So really, things don't seem that
much different than last week when it was well known that the government has
discretion to warrantlessly tap us. Still, $20M a year is a pretty good price
for a government contract)

Isn't it kind of surprising that the leak for this came from a career
intelligence officer and not one of the many tech-utopia idealists who work at
these kinds of startups? Not necessarily someone at the executive level, but
one of the scores of employees required to assess, review, and implement the
alleged backdoor? It's not just a matter of ethics, but just that you'd think
_someone_ must be idealistic/reckless enough to leak it from the companies'
side

Edit: Also, as has been pointed out elsewhere...this program only cost $20M a
year? If that's the price of eternal security, I'd say we got a pretty goddamn
good deal. The shitstack that is the government's stimulus contracts database
alone cost $18M to build ([http://www.propublica.org/article/stimulus-
transparency-watc...](http://www.propublica.org/article/stimulus-transparency-
watchdogs-keep-contract-details-a-secret-813)). And what percentage of a
fighter jet's paint job does $20M cover?

I'd say it's possible that the government is unconstitutionally intruding on
our privacy but also doing it in a bumbling way (which also has its
downsides).

~~~
arindone
To be honest I'm still catching up on a lot of the details with these stories,
but it's this comment that made me wonder if there is a bit of hyperbole going
around. Companies make leaks all the time on the most mundane things (hell
Apple can barely contain the new iPhone that is usually coming out.) I'm
hesitant to believe all the conspiracy theories going around that the
companies willingly did this, or that it's as easy as it sounds.

~~~
danso
What really makes me suspicious is this passage:

> _“They quite literally can watch your ideas form as you type,” said the
> “career intelligence officer” who gave documents describing PRISM to the
> Washington Post._

Think of the engineering needed at multiple endpoints to allow something like
this...I can believe the NSA has some of the best cryptoanalysts, but our best
front-end hackers as well (do they have their own Meteor.js)? I'm only being
slightly pedantic here. If this is "literally" possible, then the amount of
work needed for the collaborating companies is non-trivial. It's one thing to
pass along uber-authentication credentials allowing an NSA-agent Zuckerberg-
like privileges...that could be something implemented with as few as a couple
people. But to bake in something right out of a hacker movie?

It just makes a few of the claims sound a bit suspect...because what is
terribly frightening is the government's ability to aggregate and analyze this
information in bulk, not to peep in on you as you're typing in real-time,
which would be one of the least efficient ways ever to spy on the general
American public's online activity.

And no, I'm not being an apologist for federal expansion of powers. I'm
pointing out that some of what this source is leaking seems to be beyond
reality, not because of technological sophistication, but because of the
number of mundane moving parts and actors that would seemingly have to be
involved (theoretically, wouldn't they have to have as many datacenters as all
the companies they're vacuuming from?). The entire PowerPoint slide set looks
like something a get-rich-quick contractor would whip up to win a fat contract
that would never actually be scrutinized for viability.

But still, even if the government doesn't actually have the capability as
described, it is wrong for them to not disavow it...it's not any good if their
mindset is: "Oh we're not doing _that_... _yet_...but we would love to, some
day)

~~~
jonknee
I think "as you type" means different things to an intelligence officer and a
programmer. The intelligence officer probably means "real time" (no need for a
judge/approval/etc). A Google Wave like interface is probably not in the
backend, but if the FISA route took weeks and the new kit takes seconds I
could see "literally as you type" being a description that fits.

~~~
danso
Yes...maybe I reacted too strongly to the often misused "literally."

But even real-time interception would not (seemingly) be that valuable to
analysts. Assuming that suspects aren't dumb enough to use their own personal
accounts and to talk of their plans explicitly, it seems analysts would want
the historical aggregate of which alias accounts talked to which other alias
accounts.

Hell, Facebook can already figure out if you're connected to someone even if
you've never directly interacted on the service...if the allegations are true,
I wonder how much of the requested data comes with pre-baked network-
calculated goodness?

~~~
jonknee
Obviously all conjecture here, but what came to mind for me is things like
having a keyword filter on a bunch of accounts (whoever you're watching). The
moment they Google for something you want to see you get an alert that it
happened.

------
wyck
It's no coincidence this is called PRISM.

<http://en.wikipedia.org/wiki/Beam_splitter>

Some parts of this technology are actual prisms (several patents pop-up via
google) , this might remove all parties legally speaking.

Furthermore these can be installed fairly easily without anyone really
knowing, though some physical access is required.

The same technique was used in <http://en.wikipedia.org/wiki/Room_641A> and
pretty much all over every pipe, including the one this data went throught to
show up on Hacker News.

------
cpeterso
I'm not sure why this is a big surprise to anyone. I'm a cynic, but if anyone
asked me whether I think the NSA, CIA, or FBI are eavesdropping on personal
communications, I would say, "of course they are." This is nothing new:
ECHELON, Clipper/Skipjack, Carnivore, ...

~~~
alan_cx
How many times does some one have to say this? I'm sorry, but this sort of
comment is getting pretty tiresome.

Yes we all "knew". All of us "knew". Some of us have "known" for something
like 15 years. (Which, BTW, is why I'm most sure why Obama is getting so much
flack. Its a Clinton - Bush - Obama scandal.)

But none of us, not one, actually did know anything at all. We suspected, or
assumed. But we did not know. Not unless one of us is working for the NSA,
etc, etc. (Ironic if I have just picked on the one poster who is)

Now we do _know_. It is absolute. No doubt, no shouting down, we know.

There is a huge difference: Before we were written off as conspiracy nuts
jobs. Now we have certain knowledge.

Im not picking on you personally. Your post is one of many in the past couple
of days. As such I have not down voted you, that would be unfair. But please,
can people stop with this sort of comment? We all know we "knew".

~~~
samsonasu
No. Don't downplay people concerned with privacy who noticed a series of
obvious, blatant actions over a period of literally decades as cynics or
conspiracy nuts.

You are picking on people; we really did know, not "know." It was obvious, it
remains obvious, and the fact is that its going to continue and get worse
despite the revelations of this week, unless we do something.

Painting rational people who notice and complain about government overreach as
paranoid is precisely what enables the expansion of these policies. You should
be asking what you can do now to help rather than setting us up to be further
discredited or ignored by implying our years of complaining weren't
substantiated until just now.

~~~
lucian1900
Alan's point is that others _have_ downplayed us, people concerned with
privacy, as conspiracy nuts. Having hard evidence helps with that.

------
cdooh
Two days, two major reveals, wouldn't be suprised if tomorrow I wake up to
find out that they've been switching on the microphones and cameras on webcams
and cellphones.

~~~
yogo
Not to mention all of the revelations over the past few weeks. Either the
administration is trying to top Nixon or there is some kind of conspiracy
playing out.

~~~
cdooh
I wonder how the Obama administration will repond to this other than the usual
"Terrorism is bad and you need to trust us that we do all this for your own
safety"

~~~
edwardunknown
I hate to be this guy but there _are_ people lighting off bombs out there and
as soon as a big one goes off people will demand they do a lot more than this.
Would you rather have your Facebook scanned or see a car bomb go off in Times
Square during rush hour? That's not hyperbole, that's the decision we have to
make.

~~~
betterunix
That is hyperbole. The number of terrorist incidents is massively low, and the
few that the government claims to have stopped were such laughably unrealistic
plots that one wonders the government even bothered. Meanwhile, we have a
government surveillance program that literally surpasses the level of the
Stasi, here in the United States, and simultaneously an administration that
will not even reveal the criteria used for deciding when to engage in an
extrajudicial killing.

Sorry, but you cannot scare me with terrorism. I would rather see the rare
terrorist attack than live in a country where I have to think twice about what
I say on the phone.

~~~
edwardunknown
Bullshit, 'the Stasi"? Go talk to somebody who lived in East Germany. And they
catch people all the time trying to get bomb materials, how did you think they
were doing it, luck? (In the case of the car bomb in Times Square you're
right, it was dumb luck, the timer malfunctioned.) If the average person
didn't freak out and start yelling retarded things like 'Stasi!' I'd say fine,
maybe my fucking Facebook is worth people's lives but they do freak out and
then they pass things like the Patriot Act, or worse. So to prevent mindless
fear I say fine, scoop up whatever crap you need, if I want something kept
secret I know how to do it.

~~~
gaelian
My partner grew up in East Germany and has told me of the Stasi and their
activities. I note that the GP wrote 'we have a government _surveillance
program_ that literally surpasses the level of the Stasi' - emphasis mine, and
I think this is a fair statement.

Also, on a meta-point, every time I see someone start their post off with the
word 'Bullshit' on HN - and I see it quite often, like it's some sort of HN
meme - I always think: gee, that post would have lost nothing from the
exclusion of that first word and probably would have been a little more in
service of promoting civil discourse.

~~~
edwardunknown
How old's your partner, I've known two people who escaped from East Germany
and one from Romania. I asked them all about what it was like living there &
how they escaped because of course I'm an asshole American and all I got was
the thousand yard stare. When the Berlin Wall fell there were hundreds of
divorces because they found out their spouses were spying on them. Bugging
people's homes was routine. If you said anything against the government you
were shipped off or executed. In the case of the Romanian guy I've never seen
that kind of look on a man's face. In all three cases I feel terrible for even
asking, and I won't be doing it again. Datamining your worthless Facebook page
does not compare to what they went through.

~~~
gaelian
I have a general policy of not divulging exact personal details of friends or
family on the Internet without their express consent. But suffice it to say
she was old enough to understand what the Stasi did, and lucky enough to have
not been directly affected by them as an individual, although some people
around her were: interrogations, permanent disappearances, etc.

However, not everything was beatings, disappearances and terror. Believe it or
not, East Germany wasn't all downsides. People were employed, general crime
was apparently quite low, children felt relatively safe, children were given
education (though indoctrination was certainly a heavy component), they were
clothed and fed. While the standard of living sounded like it was relatively
low across the board, it also seemed that this standard of living was more
evenly distributed than might have been the case in some other places at the
time. Obviously traditional Communism has borne out to be more or less
unsustainable, and I won't be participating in any debate about Communism vs
other dogmas, but I feel I would not be accurately conveying all that I've
been told were I not to mention these counterpoints to the Stasi's behaviour.

One fascinating thing my partner has told me is that for some reason, the
memories she has of East Germany before the wall came down tend to be in black
and white, in her mind's eye.

As you retell, the Stasi were quite big on the human intelligence angle, but I
doubt they would have had to resort to such measures would they have had
access to the kind of communication infrastucture that is common in the
developed world today. Such a system as the NSA et al have access to now,
would have been a Stasi wet dream, I'd imagine.

------
FireBeyond
Why leave Apple off the list in the title submission?

(Because they deny it? Then better leave Google off the list, too - they deny
it as well).

~~~
o0-0o
Actually, in my haste to post I only listed the ones that I thought of right
away. I was quite disappointed to hear the Apple too, has succomb.

Now I really have a reason to install Debian Wheezy on MBPr. ;p

This is no way to live. Something must be done.

~~~
eightyone
Does Debian (or any Linux distro for that matter) support HDPI displays
without looking awful?

~~~
jlgreco
I use Debian on a chromebook pixel. It looks fantastic.

~~~
o0-0o
No fair, you had Linus guiding you. Debian on MBPr might be as challenging.
I'm up for it.

~~~
jlgreco
> _No fair, you had Linus guiding you._

Part of the reason I chose it. ;)

------
ericd
I wonder if the NSA and the politicians that enabled this realize the amount
of economic damage this could do to the US by promoting the balkanization of
the world's telecom networks and spreading mistrust for US tech and telecom
companies. This seems very short sighted, if they care about that stuff at
all.

~~~
o0-0o
I guarantee free markets care about this, but yeah. You knew that.

------
adrinavarro
Now. Exactly which data is exposed for each provider?

I'm thinking mostly about Gmail. Because virtually everyone now is using it…

The whole content of any communications? Just origin/dest?

This is becoming scary.

~~~
uvdiv
_Exactly which data is exposed for each provider?_

According to slide 2, all of it. You might be confusing this with yesterday's
Verizon story, which was "only" metadata -- caller, sender, time, and
duration. This one is "actual" data -- email content, chat text, audio/video
of VoIP calls.

(From the article, there's _also_ a parallel NSA program (BLARNEY) that
collects metadata only. I don't know why there's two of them).

~~~
adrinavarro
Rather, I'm trying to hold onto the idea that my mail is not directly piped,
entirely, into a government tracking and storage system. No questions asked,
no filters: just everything.

Which is what is probably happening right now.

~~~
chris_mahan
Let's just say the pipes are there and they have the desire to use them.

------
o0-0o
Link to delete Google Account:

<https://support.google.com/accounts/answer/32046?hl=en>

~~~
arindone
I don't think this is helpful or productive -- it's not the companies at
fault, but rather the government that is making this compulsory.

~~~
PavlovsCat
They lend their face and their bullshit smile to the government towards which
many people have a much more healthy distrust. I agree that this doesn't make
them the main culprit, but they don't get to completely wash their hands of it
either. Big (monstrously huge, actually) corporations make the job of
tyrannical governments much easier; how about we chop them into more
manageable bits _without_ having personally hard feeling towards them, and
deal with the government(s) _at the same time_?

------
digitalboss
What really shocks me is why wouldn't a technologist/coder / etc - Whisteblow
this sort of information. Why would they sit behind a computer, deploy/design
such software, and not have some concern, and go public with this?

This is not about the "NSA, CIA, or FBI" - it's about those other companies
enabling those gov agencies to gather such information, why doesn't someone
from those companies speak up that deploys this software?

Is it really about $$$? Is it the same reason programmers create SPAM bots?

SOOooooo, which one of you geeks wrote the code to track call data, then wrote
a script to export the data to the NSA - THEN you didn't tell the rest of tech
community.

DISAPPOINTED IN YOU

~~~
jlgreco
Most programmers are very much unlike you or I. Think about those _legions_ of
DoD/DoD contractor engineers that trust government implicitly and totally, and
really don't give a shit about more "hacker"/"technologist" subjects.

------
siculars
So when do we get to read about The Machine in Person of Interest?

<http://en.wikipedia.org/wiki/Person_of_Interest_(TV_series)>

------
sfall
Don't worry it looks like they can barely use powerpoint, massive data
analysis is a cinch compared to powerpoint (sarcasm)

------
quackerhacker
Eagle Eye...my favorite movie!

While I understand that this had been uncovered today, is it really that
surprising.

------
rdl
I'd like the raw/unredacted slides, please (or at least images of them, to
protect the source).

------
o0-0o
I-M-P-E-A-C-H

~~~
j2d3
oh please. like this has a thing to do with POTUS. I worked at an ISP in 1998
when we were contacted by the FBI and required to install carnivore. This has
been going on a very long time.

~~~
nthj
When a junior developer screws something up, I accept responsibility and
apologize to the client.

It's my fault.

There is no authority without responsibility.

If you don't like that, don't accept the job.

[FWIW I didn't like Bush either]

~~~
MartinCron
Are you really conflating the challenge and compromises involved with being
the leader of the free world to being a mid to senior level developer?

~~~
nthj
Absolutely. I think all presidents should be expert programmers.

------
qoo
$20M a year, what a bargain!

------
andyl
Google is dismantling XMPP federation, but if these slides are true then their
NSA federation is working better than ever.

------
rasterizer
For what it's worth Apple and Google denie it:
<http://www.cnbc.com/id/100797046>

~~~
ceejayoz
IIRC, they're legally required to deny it.

Plus, careful wording allows all sorts of out. Google says they don't provide
a "back door", but this sort of thing could be defined as coming in the
_front_ door.

~~~
tedivm
Gag orders don't require them to deny it, the require them not to confirm it.

~~~
ceejayoz
Which can be considered to require them to deny it. "We can't talk about that"
confirms it.

~~~
count
Confirming or denying, or stating the (in)ability to talk about it is a breach
of the requirement to keep the information classified. The proper response is
'we do not know what you're talking about'. Which is what they said. It can't
be conflated with something stupid like 'cannot confirm or deny' which tells
you right away.

