Hacker News new | past | comments | ask | show | jobs | submit login
How the NSA tracks people [video] (ccc.de)
260 points by znq on Aug 7, 2017 | hide | past | web | favorite | 78 comments

Here's something that pops in my head every time Binney comes up, but I've never quite articulated it...

Let's just assume for the moment that outcome X is good while outcome Y is bad. (I know most people wouldn't agree with that as applied to the NSA's history of wide-net surveillance, but just stick with me...)

You design a system that technically delivers outcome X. It could technically deliver outcome Y, but you didn't implement it to deliver that outcome. However, there is nothing at all preventing outcome Y from being achieved with your system other than stated policy. Additionally, your system as designed brings the possibility of outcome Y much closer to fruition at a fraction of the cost of the quotes from contractors from the time.

It comes to be known that your system has been trivially revised to achieve outcome Y, and you become a dissident. Now you take on the responsibility of educating people about what can be achieved with your system, and systems like it.

I get that part. But here's the question: what was Binney's responsibility in designing the system in the first place? In interviews I've watched he seems to justify his contribution to the program by referring to the policy at the time-- to only use wide-net surveillance data gleaned from the internet on non-U.S. citizen targets overseas, and nobody ever imagined it would be turned around to spy on the domestic population.

But has anyone ever asked him if he regrets building a system in the first place that lowered the cost on a type of surveillance the risks of which are not well-understood? In that sense I don't see anything different in what he did than what the Stuxnet authors did. And I'm quite sure if a whistleblower from that team went public someone would ask why they thought it was responsible to build it in the first place.

Yes, there is a lesson there for all of us. For a quick (~4 hour) recent computer game on the same subject (very well executed, IMHO) check out Orwell: https://news.ycombinator.com/item?id=13549725

Can't you take it as an axiom that if someone can build something that can do Y, that you should assume its construction is inevitable? And isn't it always better to be the one building it first than to be the one building it second?

How is Bill Binney still walking around a free man? Surely he had security clearances and made an oath not to break them. Is it just that he's riding a fine line and not disclosing classified information?

He actually sort of answers this in the last question they ask at the end. He says that because he's made it so obvious that they're his enemy it's impossible for them to do anything about him in the public light except possibly have him killed which would obviously be incredibly suspicious.

As far as the actual legality of the things he does, it seems like pretty much everything in the talk I had heard before, mostly through the Snowden files.

This is all publicly available information. You don't give up your right to free speech when you gain access to sensitive information. He probably vetted this content very carefully and had several friends within the intelligence community review it for him to ensure he wasn't revealing anything undisclosed to the public already.

He's been termed as an NSA whistleblower though. How can one be a whistleblower on publicly available information?

He did it internally. He didn't leak very much publicly other than broad strokes about what was happening. He 'leaked' internally to the DoD IG. The response from the FBI/NSA was essentially to punish them and what amounts to a public witch hunt at the hands of the FBI. This response was what started the trend of much more public whistle blowing because it became clear if you went through the official routes you would be persecuted and your life made miserable, even if they could not land you in jail.

All of this under the banner of state secrets justifying these actions. Whereas in any corporation or visible branch of government the waste would have been a scandal. In the NSA the use of state secrets means power concentrates and individual employees have little recourse (Snowden, etc.).

As a counter-point (regardless of the legalities) if there are, as he conjectures, 1.2 million people on a drone kill-list (with seemingly no-oversight), is it not in the public interest that these things are highlighted by whistle blowers?

This 1.2 million number sounds like his zettabyte number. Nobody could possibly take him seriously, and that's probably why he doesn't get into any trouble — it's not a crime to talk about aliens in Roswell or zettabyte capacity datacenters because those things obviously don't exist.

I didn't really make a point, so I don't know what you think you're countering. I just asked a question, and apparently the answer is that he doesn't disclose classified information.

> Surely he had security clearances and made an oath not to break them

This is what I'm countering, perhaps something like this needs to be discussed as it's in the public interest.

I don't think OP was addressing morality, though, just raising the practical question of "isn't this a jailable action?"

That's exactly what I was asking.

I didn't watch the whole thing just jumped around but he has included slides that are marked 'SECRET//NOFORN' so if that material is accurately classified at that level (and its disclosure was not authorized), well he probably shouldn't be presenting to that.

Of course whether those slides would cause 'serious damage' to national security is a whole other matter or maybe it was 'authorized'.

All classified slides shown were from Snowden. One unclassified (but marked "Law Enforcement Sensitive") slide is from elsewhere.

Perhaps they were previously leaked through Snowden or others and he's only included them in his slides? Then he's not disclosing anything. He hasn't worked at NSA for a loooong time.

I'm no expert, and you are right he did leave sometime ago, perhaps there were changes with regards to protecting classified information after he left.

Classified information does not become unclassified just because it is publicly available if I remember correctly. Either way, I can't comment on whether including them in his slides is disclosing/divulging or not.

Around 7:30 he says that he is using some documents that were leaked by Snowden.. maybe that's them.

> Is it just that he's riding a fine line and not disclosing classified information

Yes, at least in this talk he's very careful only to disclose what can be inferred from already public information (e.g. Snowden leaks). People from his former line of work are kind of used to this, I guess, as they probably cannot even discuss every detail of what they're doing with all of their own colleagues during lunch breaks.

If you silence him then it gives credence to what he's saying.

If the people don't care anyway, and can't see beyond pro/anti-Trump and pro/anti-SJW BS (at their most "political") and the latest pop/tv BS (for the typical apolitical masses), then it doesn't matter if it gets credence for some small minority that cares.

I don't think that stops them.

Could be a limited hangout.

Apologies if this may sound a little naive, but I can't help but wonder; Can anything be done about this situation within the next couple of years? Or is this process of mass data collection just going to continue and reach an irreversible stage where those agencies' power is out of control?

Making the issue key for reelection to congress would have an impact. Absent that I think we'll have to wait for a favorable court result, which may be difficult or impossible.

One thing that is being done is to reduce the amount of clear text available for collection: more and more data is encrypted in transit and at rest.

Gotta be careful with that - make too much encrypted and there will be pressure to change the law to make encryption illegal.

I think the existing state with e2e encryption easily accessible to those who care, but not enabled by default in many areas, is probably ideal.

I'd like to see more work on encryption of the metadata - for example, hiding who is sending messages to who, and when. The who, where and when of communications leaks nearly as much private data as the content itself.

Currently, tech for hiding who, where, and when isn't easy enough to use.

Well if a "hoper and changer" won't do it...

Besides doing all messaging in PGP?

The codenames do not provide a material insight, also "what" is being done is very different to "how". An audience such as CCC would be more interested in the "how".

It is clear that major Internet companies are colluded with the government, including hardware manufacturers (Intel).

What I don't understand is with such capabilities, why weren't Michelle carters texts flagged? Or the heather Mack texts/fb messages. Or the texts revolving around the death of Tim piazza at penn state? If the capability to save these people was there, why wasn't it exercised?

He states it in the video: they are incredibly overwhelmed with data coming in and are just using "old search methods" such as word search that he deems ineffective.

My understanding is that this bulk data gathering is not as much as preventing attacks but further securing of power for the strange amalgamation that we would call the federal government.

Even if they cared, they wouldn't risk burning a source/method over a couple of teenagers potentially harming themselves or each other. This apparatus isn't about helping police, it's about state control, ostensibly of things like immigration and terrorism, but realistically as you say it's pure power.

That was years ago - By now, I'm sure they run it all through deep networks and ought to easily be able to "search by thought" - for example, "find all people who have considered or ever talked about blowing up something in a non sarcastic way".

Neural networks, with enough training data (which the NSA surely possesses), and enough compute power (which the NSA also possesses), could easily do this.

Having left his job more than 15 years ago, is there any chance that he's simply not aware of the actual methods they're using?

I know in other fields the ability to do concept searching (via LSI and other techniques), rather than simple text based searching, has been in use for many years. His example/problem of a search for "bomb" bringing up noise (such as an email talking about a QB throwing a 'bomb' pass) should have long ago been solved.

It's odd reading about this on HN.. Paul Graham sprading bayesian flagging long ago. One thing though... money isn't everything; I can imagine NSA employees being blindsighted by their own resources and keep using a hammer to kill a fly.

Occam's razor says it's because the capability to gather far exceeds the NSA's ability to analyze. The data they collect is probably run through basic automated analysis (probably keywords, sentiment, and social network analysis, possibly some attempt to correlate to interesting real-world activity like purchase of large amounts of fertilizer, etc). But mostly the cache is used for retroactive surveillance to catch colluders after an event. The data would also be useful for local law enforcement (a kind of "super tap"), and certainly they have the eyes (if not the skill) to analyze the data, but that's a political hot potato. (And thank God - there are plenty of local police chiefs just itching to send the SWAT team in to a family home based on NSA "cyber").

Note that one of the more useful and interesting uses for this data would be political demographic analysis more comprehensive than anything available legitimately. It could also be used to target leakers, especially if you could use devices to put 3rd parties in the same room. E.g. my phone hears or sees you and your friend together, even if you don't have phones.

>But mostly the cache is used for retroactive surveillance to catch colluders after an event.

The bar for collusion is really low. Look at what happened to the pot dealer for the guys that bombed the Boston marathon.

The odds of any one transaction coming back to get you are practically and almost literally zero but when something bad happens it doesn't happen in a vacuum. The bank robbers have to buy their getaway car from someone.

If it would reveal secret capabilities (or illegal procedure), the NSA does not reveal their information.

Their analysts cannot query on US Person Information, so unless this was discussed in foreign-to-foreign communications, flagging would not be possible.

For the public source of this information, rewind to 2013:



You have to put together what we know about PRISM with recent testimony.

https://en.wikipedia.org/wiki/Jewel_v._NSA is extremely important here. The NSA argues it can collect virtually every scrap of data flowing across US communications systems and that it does not violate your rights because as long as no one is looking at it your 4th amendment rights aren't violated. So to "look" at the data they get a secret FISA warrant. Jewel was defeated in court with the same tired argument of Clapper et. al -- "Your facts are inaccurate, but we won't tell you how because it is a state secret. Case dismissed. You let us worry about protecting your privacy within our walled garden."

NSA directors have a long history dating back to 2002 with Hayden of misleading congress and then saying "oops, sorry about that." It is a naked power game between congress and the executive branch and a bit of political chicken because the intelligence committees can only go so far before the president/white house can say the legislative branch is undermining your freedom and aren't tough on terror.... which will not go well for anyone at reelection time if it sticks.

The back and forth goes on. The picture painted, and I can't dig everything up is that, essentially, the NSA collects almost everything that happens on US soil. It has a legal fiction via executive orders (see Snowden emails) that let it do this. And then if searches of this data turn up anything interesting (since automated computer searches don't require a warrant under this legal fiction) they then apply for a secret FISA warrant and then humans can "look" at the collected data. And since no humans were collecting or looking at your data your 4A rights are fine and safe.

edit: I guess I meant to add this legal construction is why the "how" of their collection matters so much. Until we have accurate details of the "how" we can't even begin to argue against them in open court. And since the executive branch tries its very best to keep the "how" secret (for many not obvious reasons!) these things are important. I have seen people dismiss the importance of the technical details as just bits and bytes and what matters is the politics at play, but the "how" is very important as shown by the failure of Jewel to win in court due to specious "state secrets" arguments.

Bill mentions that the current solutions are much more expansive, so it seems very likely that the NSA uses a private Google Cloud Video Intelligence[1] installation with TPUs in combination with their current iteration of TREASUREMAP.

This would enable the NSA to search based on scene descriptions of likely crimes and get government-ID tagging with GPS. This would serve as an effective filtering system and increase the productivity of intelligence operators.

1. https://cloud.google.com/video-intelligence/

I'm having trouble understanding what you mean to imply here, or how it relates to likely crimes and GPS tagging. Could you elaborate?

Additionally, I am not sure how TREASUREMAP relates to the rest of your comment, as TREASUREMAP is essentially Shodan with more datasets included based on publicly available, commercially available, and collected data.

EDIT: Watching video now and I understand your interpretation of TREASUREMAP...this is bizarre...he appears to believe it is something else entirely. Here is the full presentation he referenced for context though (Warning: TS/SI): https://assets.documentcloud.org/documents/1301057/tm-m-402....

>very likely that the NSA uses a private Google Cloud Video Intelligence[1] installation with TPU


Actually, I may be thinking of another program other than TREASUREMAP.

So a quick calculation. 1 zettabyte if stored on 4GB HDD, that's 250 million hard drives. That's without any redundancy.

Quarterly production of hard drives is around 100-140 million. That's quite a big slice of global production.

The buying operation of this scale should be visible somewhere on the price charts.

Read a rumor once that the tsunami in the Thailand that "knocked out" HDD factories several years was used as cover to buy up large amounts.

Did non-HDD factories in Thailand experience a similar price increase after the tsunamis? (I don't know the answer -- I'm just curious)

Now, think that the data is immutable, doesn't necessarily have to be in a hard disk. Could be in tape.

Backup tapes have significant capacity and are cheaper than hard drives.

Yes, but why backup the internet if you can't process the data afterwards without waiting for ages for the results.

You mean if stored on 4TB HDD... but they could easily cut that 250 million in half by using 8TB drives.

8TB HDD were manufactured only since 2014.

not sure when they came out but pretty sure that you could get 8TB SSDs before that

Buying 100 mil. 8TB SSDs when SSD market is even smaller than HDD market would be not possible without everyone noticing. That's entire year (2015) of total SSD units production. 8TB drives would be at the time a tiny fraction of the total.

I think that you underestimate the US Government... they are not a regular consumer...

Who says that it isn't?

US defense spending built most of the technology industry. That activity didn't stop.

No need to store all the data.

One can probably leave out all the torrents, youtube and netflix videos that fly across the internet. Stick to text of emails, calls and chats only. Suddenly you only need a few thousand drives.

Even if you do need that data, you can probably dedupe the large sites fairly easily. Save one copy, then just record the ID of the video watched/downloaded.

He's talking out of his ass. Remember, Binney hasn't worked at the NSA since 2001. Where do you think he gets these numbers?

Compression may help a lot though in such use case

His main point as I understood it seems to be that the problem is the direction of the organization demands that it continue to grow in that direction. More data means more power which demands more funding but also leads to less effectiveness at what they are actually supposed to be doing. It's really smart that he is confronting the problem by trying to create a legal framework that can steer the ship in a better direction. I really appreciate his work.

As they say, any bureaucracy will eventually be controlled by people trying to preserve the bureaucracy rather than those trying to achieve the actual goals of the bureaucracy.


> Pournelle's Iron Law of Bureaucracy states that in any bureaucratic organization there will be two kinds of people":

> First, there will be those who are devoted to the goals of the organization. Examples are dedicated classroom teachers in an educational bureaucracy, many of the engineers and launch technicians and scientists at NASA, even some agricultural scientists and advisors in the former Soviet Union collective farming administration.

> Secondly, there will be those dedicated to the organization itself. Examples are many of the administrators in the education system, many professors of education, many teachers union officials, much of the NASA headquarters staff, etc.

> The Iron Law states that in every case the second group will gain and keep control of the organization. It will write the rules, and control promotions within the organization.

(That sense of mild threat you feel right now that is preventing you from either watching the video or commenting here is entirely natural and nothing to worry about. Go about your day as normal.)

I went to the comments instead of the link to take a look at whether there was a second source that didn't involve hitting a CCC page. Chilling effects indeed.

Sorry for the ignorance, but whats the problem with CCC pages?

Nothing inherent - the CCC is a great organization.

But it's already come out that searching for Tails or Tor can set off NSA flags, so I was pointing out that reading Chaos Computer Club accounts of NSA surveillance practices sounds like another likely way to be flagged.

> Chaos Computer Club accounts of NSA surveillance practices sounds like another likely way to be flagged.

It sure is, meaning that a privacy conscious person is not a friend of a government and needs to be held in check. It's also quite disturbing that NSA is surveilling political parties around the World to excerpt pressure on them and to get geopolitical and economic influence.

I often address the NSA by microphone, I doubt they pay attention to me though. I'm just like "Hey NSA, monitoring my "steps"" haha as I try to start a fire.

"I address them to myself"

Is that the relevant part? Haha

I am a mere peasant worthless dumb and powerless. Another gusano.

Chilling Effects.

The goal isn't even to watch everyone, even if you devoted 100% of all federal spending to watching everyone you wouldn't be able to do it. Not enough resources or time. The goal is to chill conversation and thought that is too critical of institutions. Mission accomplished.

The way the government is growing it will be big enough eventually. Remember, they only have to watch those that don't work for the government.

The more people who visit ccc sites the better.

I think some people need to have some backbone, and less fear.

I looked at it, I didn't feel any chilling effect. From an engineering point of view its interesting. Maybe I'm too dumb to process fear.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact