Hacker News new | past | comments | ask | show | jobs | submit login
Snowden reveals GCHQ spy programme with link to Scottish police (thenational.scot)
245 points by ghosh on June 12, 2016 | hide | past | web | favorite | 63 comments

  Metadata includes who a surveillance target is calling,
  emailing, what websites they visit, and, when location
  data is available, a person’s movements.
That an impressive definition of "metadata". To the defenders of these efforts i continue to point to the common trend among these agencies: expansion. First the definition of terrorist expanded without merit. Then the application of spy tracking data expanded similarly. Now metadata, the comfy term these agencies have used to limit public outcry, is expanding as well.

This is a frustrating time we live in. Far too few are taking the necessary steps to prevent this serial erosion of, what just some years ago, was common privacies and judicial rights.

What exactly do you believe people should be doing?

The quick and easy (-ish) solution is end-to-end encryption and anonymization networks (Tor, I2P). Not complete, but better than nothing.

In my opinion - most E2E, Tor, etc are useless counter measures against state-sponsored attackers; topic of the article.

Let's say you tear down the FVEY agencies. Enemy nations can then go rampant. If we collect, then it's obvious they must as well and they have less laws than we do limiting what we can do.

Having been on both sides, it is difficult to see the good they are doing, because they are shrouded in secrecy due to necessity.

Enemy nations can then go rampant.

Let them. I've never been to I dunno, North Korea, I have no plans to go there, let them know whatever they like about me. It's a problem however when a government that DOES have some say over my life does it.

That weaponizes–as if it hasn't been already–personal data collection.

Collect data on a foreign nation's citizens, preferably the only global hegemon, which also happens to have internal constraints on what it can collect on its own citizens.

Then play Let's Make a Deal. Trade personal data for foreign aid, arms deals, oppression of rivals, etc.

Anyone on the planet should be concerned about personal data collection by anyone else on the planet, whether that be North Korea, Google, or anyone else.

Then the mission of GCHQ, NSA et al should be on hardening our own networks, commercial and governmental, rather than exploiting the same holes that allow foreign threats in. In the current scenario, our own governments are incentivised to leave us vulnerable so they can exploit us themselves!

The problem is you can't control countries or ideologies by a border so that approach simply doesn't work.

> The problem is you can't control countries... by a border so that approach simply doesn't work.

Countries are kinda defined by border control, in some sense. Unless you're posting from some alternate reality where the Korean People's Army is free to march on Times Square.

The US did shut down its WWI-era spying in 1929. The (Republican!) Secretary State did so with the simple comment "Gentlemen do not read each other's mail".

> Enemy nations can then go rampant

The main enemy of the FVEY agencies has always been the population of the FVEY countries. This goes back a long time - in the era that US Republicans actually did believe in smaller government and Stimson was shutting down the Black Chamber, British intelligence was manufacturing the Zinoviev letter to bring down the Labour government in 1924. Peter Wright discussed more modern efforts by MI5 against the Labour party in Spycatcher, especially in the 1970s, and this has been discussed in other sources.

Similar machinations were happening in the USA in the 1970s, with Nixon using ex-CIA operatives to, among other things, break in to the national Democratic campaign headquarters in order to rig the election his way. That's against the background of COINTELPRO, spying on blacks seeking their civil right to vote and such, or that part of the electorate that wanted to withdraw from a war in Vietnam that the top brass and chiefs were privately saying was a lost cause. FVEY intelligence also helped bring down Gough Whitlam's Australian Labour government in the 1970's, an American, Christopher Boyce went to jail for, among other things, revealing this news to the Russians.

Insofar as enemy nations, England has had a litany of enemy nations in the 20th century - Indians who wanted independence, Argentinians who wanted the Malvinas returned, Irish who wanted English troops out of Ireland and on and on - think of John Cleese in the Meaning of Life waning on about efforts to "keep China British!"

US intelligence caused Daoud Khan to turn his back on the Soviets who had helped propel him to power, and when the Russians backed another horse and their former friend was ousted, the US said the "enemy nation" of Saur Afghanistan with Soviet backing was "going rampant", so the US helped launched a mujahideen-led jihad against secularizing Afghanistan, financing and arming Osama bin Laden and other proto-Al Qaeda and Taliban forces. Then years later the US decided to plant military bases in Saudi Arabia, causing this Arab nationalist to send his fighters with planes into the Pentagon.

Now we're told we need we need to work and be taxed to finance these FVEY agencies to protect us from these dangers which they themselves created. Whereas the real enemy they are fighting against is their own populations - as MacDonald, McGovern and Whitlam could all attest to.

Great comment. Can you recommend any further reading?

"The Defence of the Realm: The Authorized History of MI5" and "Spycatcher" (the very unauthorised book, which again had to be written overseas).

A curious footnote on "Spycatcher" is that the lawyer who defended the author against a gag order in Australian courts, Malcolm Turnbull, is now the PM.

Tim Weiner's history of the FBI's intelligence operations, Enemies.

A movie was made about the Boyce case, The Falcon and the Snowman.

Indeed. It's true to say that there would have been a lot more terrorist attacks, and more serious organised crime, were our security services not using the bulk surveillance data sets for their analyses.

Of course, none of the details can be revealed for operational reasons, so the more paranoid fill in the blanks with 1984-style dystopian fantasy. It's unfortunate, as they really are doing good work.

"It's true to say that there would have been a lot more terrorist attacks"

Why is it true to say? I doubt there would have been more terrorist attacks. They definitely would have mentioned at least one such planned attack that was stopped as it is in their best interest to change public perception.


    > They definitely would have mentioned at least one
    > such planned attack that was stopped as it is in
    > their best interest to change public perception
They managed to keep quiet about WMDs, despite poor public perception:


Any details at all on plots that have been found and stopped via surveillance would lead to changes in behaviour of bad actors.

Would they? Acknowledging attacks could give clue to operations in play. They're certainly not going to risk sources and or collection that's proven valuable. And to be fair there have been a good amount of publicly acknowledged plot disruptions.



Except for this German one, I haven't found another story on that Wiki page that wasn't clearly some other source.

Except you can't prove that. Are they going to directly say, Satelite XYZ in geostationary orbit was monitoring data link 111322, during which we captured intelligence on platform 2342342 which resulted in a lead then passed on to domestic intelligence agencies. Nope, not going to happen. Everyone here likes to talk about the government and their parallel construction when it supports a negative notion, yet forget that it's also a legitimate tool to protect origination sources.

There is no need to prove someone's claim false, they must prove it true.

eg: Except that the government has claimed that they have foiled attacks and those claims have been shown to be bullshit.

So, given that they have made these claims and they are false, what conclusions should we draw?

A. The government gave us false information to reassure us that their blanket information gathering programs work, they cant tell us operational details or made some other mistake(even though operation details of various programs leak like a sieve.)

B. Their argument is specious, and someone made a list to prop up a program they do not have evidence for.

Should by your own logic of There is no need to prove someone's claim false, they must prove it true." apply to their comment to?

Just trying to understand as Point A and B lack the same evidence.

All claims need evidence to support them, its just that the poster said that the government is doing great work, too bad we cant show or prove that they are(citation needed, big time.)

There is no need to argue for balance in the discussion to protect our government, they clearly can operate these programs without our approval or understanding.

Even beyond that, the fact that we are discussing courts and legal limitations, though they aren't perfect, is an example of the systems in place trying to work. One only has to look at law from any other angle to see that nothing is cut and dry regardless of the topic.

I too have worked on both sides of the game and the irony is that outside of the government it's far easier for me to get raw collection simply by buying a feed from one of the provider(s).

I've taken data from marketing firms that have extensive details on users that have been linked and culled from a myriad of databases sold by the big brokerage firms like Experian. There is far less governance when profitability is involved.

I only hope that in 75 years 1/10th of the work done is shared. Not everyone in the government is evil despite what people project.

It is frustrating as I call it schrodinger's terrorist, why, well, say everybody is in a box.

now you do not know if that person in a box is a terrorist or not and by terrorist, a bad person who will impact others right to life.

So not knowing you can only tell if you look in a box, well if they are not and you look you are lambasted, if you look and they are then your just doing your job.

Now from a PR perspective, it gets down to let us not look as if they are not we get lots of people upset at us, and bad media more so if we get it right.

Which is fine but with one cavet, if you do not look and they are a terrorist then that box can go off and take out all the boxes around it.

So I call it schrodingers terrorist in a box and with that, you see the perspective more clearly.

That is why they look, and yes for those who are not terrorists/bad people it can be intrusive, but most if not all will not even know they are looking. Though many presume the worst and equally it is that mentality of the populous that also carries on in the security services and mentality of presume the worst, hence they look.

But this argument ignores the original probability of a random person being a terrorist. It is a gross violation of the trust necessary to maintain a republic.

And further arguing that it's okay because most people won't know they were violated is like saying a plastic surgeon is justified in violating every unconscious patient in surgery just in case they would have wanted it anyway. Not a good direction for society to go.

The apologists are out in full force on this thread.

It does not ignore the probability at all as that is what the boxes are unopened, so your wrong.

I'm not arguing its ok, I'm stating the situation. your plastic surgeon analogy does not map onto this problem and bit strawman in posture.

As for you labeling people apologists for wanting to discuss a situation clearly indicates a bias in perspective and step back and look at both sides of the problem.

There is no cookie cutter solution to this, and it requires a balance, otherwise you might as well scrap all security services as you are effectively replacing them with police who equally would not be allowed to do any form of surveillance or anything that might possibly entail the potential that they are looking into innocent people. You see the problem now.

So please, look at the problem from all sides, don't just dismiss and label, as we have facebook for such level of discussion.

I understand that details can't be released, but is there any evidence at all for what you claim in your first paragraph?

According to you two random greens.

Yes I too agree with what these two green, totally-not-sock-puppet accounts are saying.

All hail General Krupp.

-Signed, Little Girl

I can only speak from the POV of my country (left unnamed), but I encourage anyone wanting truly interesting work to apply to your country's SIGINT agency. Only there will you find real answers.

Only there will you find real answers

.. which it's illegal to tell anyone else. And if you find evidence of abuse the only way you can do anything about it is to flee to a country from which you can't be extradited.

This is why we can't have a discussion about this and as much as possible needs to be moved from "intelligence" (secret, unaccountable) to "evidence" in courts.

The only sensible answer to "how many terrorist plots have been prevented" should be a count of convictions.

> And if you find evidence of abuse the only way you can do anything about it is to flee to a country from which you can't be extradited.

Not true.



At the July sentencing hearing the presiding judge, Richard D. Bennett of the Federal District Court, issued harsh words for the government, saying that it was "unconscionable" to charge a defendant with a list of serious crimes that could have resulted in 35 years in prison only to drop all of the major charges on the eve of trial.[61] The judge also rejected the government's request for a large fine noting that Drake had been financially devastated, losing his $154,600 job at the NSA and his pension.

Yeah as long as you're willing to lose your job, shutter your business and have the FBI confiscate all your computer equipment in a pre-dawn, guns drawn raid of your home.

Sounds so easy.

One of the more concerning matters on this is that the BBC, for some reason, are choosing not to report on this at all. Gone are the days when the BBC were the most trusted and reputable news source. http://www.bbc.com/news/scotland

Meh. Its not clear to me this is news - its secondary reporting about an Intercept article that doesn't appear on the intercept front page nor on any other Scottish newspaper.

And it's not even the main theme of the Intercept article, which focuses far more on the intelligence agencies collecting far more data than they actually had the capability to use and failing to read harvested emails of identified suspects. https://theintercept.com/2016/06/07/mi5-gchq-digint-surveill...

I am not surprised at all. The BBC is the voice of the UK Government more or less.

>... and more serious organised crime, were our security services not using the bulk surveillance data ...

In the unlikely case these aren't pranks, they would almost certainly be GCHQ astroturfing accounts. Of course, the astroturfing itself is of so poor quality that they probably outsourced the job to either some apathetic social media/perception management firm, or clueless interns.

I could easily see a social engagement platform that's primarily used to spam Disqus comment sections also having support for HN, just for the sake of ticking the box.

We detached this subthread from https://news.ycombinator.com/item?id=11889046 and marked it off-topic.

Anyone who disagrees with you must either be joking or astroturfing? How impolite.

>Anyone who disagrees with you must either be joking or astroturfing? How impolite.

More like anyone who creates two fresh accounts within minutes of each other, one replying to the other in agreement—is either astroturfing, or trying to make it appear as if they are.

Personally, I think you're just a decent troll. If so, at least it was creative.

There was nothing trollish at all in my earlier comment - you just wish not to believe it.

>There was nothing trollish at all in my earlier comment - you just wish not to believe it.

You're correct in that I do not wish to believe that astroturfing either directly or indirectly commissioned by GCHQ could be so incompetent. It sullies their good name.

Granted, what you're doing would actually qualify as somewhat competent if the goal was to simply to derail meaningful discourse.

All these accusations of trolling and astroturfing are completely off topic. If anyone is trying to derail the discussion here, it's you.

it seems like a lot of people here are in a feedback loop, only upvoting / listening to what they think fits. Everyone's quick to believe they know it all, when in fact that is the very issue the arguments are about.

I get why you used a throw away. I'm not against civil discussions, I just hate when people don't use logic and take all evidence with a grain of salt. I don't for a second doubt parts of the govt. are hiding valid evidence for the conversation any more than the media is lying to sell their narrative too. Bottom line is the media has the upperhand, they can make baseless claims and choose what to say knowing damn well that the Govt. can't refute it.

There's nothing wrong with throwaway accounts or opposing views; both are perfectly welcome.

What's problematic is when there's two throwaway accounts created at the same time, replying to one another in agreement, using the same writing style, and advancing same the narrative that's worded as if it's straight out of a public relations office.

HN has seen at least one NSA employee and one American intelligence community member posting in the wake of Snowden, and both were overwhelmingly treated with respect by the community despite their views. I myself often express views here that are staunchly anti-Snowden in nature.

The throwaway accounts you're defending received such hostility because they were perceived as being insincere due to their suspicious posting behavior. It was not due to their views or opinions.

Come on though, you're not even trying. You created this account purely to post in this thread, at exactly the same time as did another account.

Better luck next time.


We detached this subthread from https://news.ycombinator.com/item?id=11888940 and marked it off-topic.

Then how can you trust the intercepts cherry picking of the documents trove snowden took?

My argument is it's pretty ballsy to call people out about transparency knowing they can't argue and that there are likely contradictions or at least further details being omitted by hand selecting documents for dissemination. It's really the same issue on both sides. Neither are telling the whole story.

I would argue your comment "Its all too easy to give out just enough info to get people chasing after the wrong thing." is a correct statement for both sides.


>Can’t we all just admit that Snowden is a limited hangout who’s sole purpose is to benefit the establishment and NSA?

No, because that's absurd.

A "limited hangout" is fundamentally a damage control measure. At the time Snowden went public, there wasn't any damage to control. Most of it had already been done many years prior with the 641A scandal.

If you want to suggest that Snowden was an overarching plan to somehow influence public perception in the NSA's favor, then perhaps /r/conspiracy would be more receptive.

But Washington Post says he is for real. So does the Guardian. And he is telling us which programs to use and which crypto is or isn't broken.

I love that he went from being a network admin to the savior of the internet. At what point in his career did he have perfect visibility into every topic he's quoted on. He wasn't even a part of the groups he tried to out (TAO). My guess is he was genuine in his curiosity, something happened that frustrated him (maybe he was worried about being let go from yet another contracted position, maybe he was denied on his application to join the Remote Operations Team in TAO for the third time due to lack of technical acumen and personality conflicts.....). My guess is through Greenwald and Co, he was sold a narrative to drive him to collecting data they otherwise wouldn't have had (he himself was socially engineered). It's amazing how much money they've made off the leaks and yet that topic hasn't really come up at all. Everyone has a motive, many have multiple.

He was offered a job at TAO, but turned it down to work at BAH (near the end of his career).

I know this to be 100% false.

His first application to join TAO as a remote operator was denied due to personality conflicts (the interviewers felt he was cocky in his responses and weren't sure of his ability to fit in with the rest of the operators.) This was circa 2011 when he was working with the CIA in an NSA joint Billet.

Early 2012 during expansion and hiring within TAO Hawaii, he was given a second chance to prove technical talents in a test designed to pre-empt RIOT (Remote Interactive Operator Training). He failed the test twice both at NSAH and NSAW. His only option was to transition as a contractor at BAH where he was the equivalent of an R&T analyst even though he was in a network administration billet(he was never assigned to TAO directly, because his administration billet supported missions he was asked to fill a critical shortage of manpower). The technical requirements to become an R&T analyst while high, were well below those that perform as Interactive On Net operators (ION). As an analyst he worked projects targeting the exact groups he leaked information about. During his time working his targets he submitted numerous plans that were rejected and greater HQ at NSAW began to ignore is operations proposals. His projects were ultimately removed from him and placed in the hands of capable analysts. It wasn't long after that he decided to lash out. So no he was never offered a job within TAO (which has multiple groups), when he did work with BAH interacting with them he failed miserably.

Wikipedia is wrong.

Whoa. Do you have insider knowledge?

Yes, I was there.

Interesting stuff! Why do you think he was given so much access to material that wasn't directly relevant to his work?

So how might you prove that?

It would have been interesting if this had come out before the Indyref. What did happen to Willy McRae, anyway?

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact