Let's just assume for the moment that outcome X is good while outcome Y is bad. (I know most people wouldn't agree with that as applied to the NSA's history of wide-net surveillance, but just stick with me...)
You design a system that technically delivers outcome X. It could technically deliver outcome Y, but you didn't implement it to deliver that outcome. However, there is nothing at all preventing outcome Y from being achieved with your system other than stated policy. Additionally, your system as designed brings the possibility of outcome Y much closer to fruition at a fraction of the cost of the quotes from contractors from the time.
It comes to be known that your system has been trivially revised to achieve outcome Y, and you become a dissident. Now you take on the responsibility of educating people about what can be achieved with your system, and systems like it.
I get that part. But here's the question: what was Binney's responsibility in designing the system in the first place? In interviews I've watched he seems to justify his contribution to the program by referring to the policy at the time-- to only use wide-net surveillance data gleaned from the internet on non-U.S. citizen targets overseas, and nobody ever imagined it would be turned around to spy on the domestic population.
But has anyone ever asked him if he regrets building a system in the first place that lowered the cost on a type of surveillance the risks of which are not well-understood? In that sense I don't see anything different in what he did than what the Stuxnet authors did. And I'm quite sure if a whistleblower from that team went public someone would ask why they thought it was responsible to build it in the first place.
As far as the actual legality of the things he does, it seems like pretty much everything in the talk I had heard before, mostly through the Snowden files.
All of this under the banner of state secrets justifying these actions. Whereas in any corporation or visible branch of government the waste would have been a scandal. In the NSA the use of state secrets means power concentrates and individual employees have little recourse (Snowden, etc.).
This is what I'm countering, perhaps something like this needs to be discussed as it's in the public interest.
Of course whether those slides would cause 'serious damage' to national security is a whole other matter or maybe it was 'authorized'.
Classified information does not become unclassified just because it is publicly available if I remember correctly. Either way, I can't comment on whether including them in his slides is disclosing/divulging or not.
Yes, at least in this talk he's very careful only to disclose what can be inferred from already public information (e.g. Snowden leaks). People from his former line of work are kind of used to this, I guess, as they probably cannot even discuss every detail of what they're doing with all of their own colleagues during lunch breaks.
I think the existing state with e2e encryption easily accessible to those who care, but not enabled by default in many areas, is probably ideal.
I'd like to see more work on encryption of the metadata - for example, hiding who is sending messages to who, and when. The who, where and when of communications leaks nearly as much private data as the content itself.
Currently, tech for hiding who, where, and when isn't easy enough to use.
It is clear that major Internet companies are colluded with the government, including hardware manufacturers (Intel).
My understanding is that this bulk data gathering is not as much as preventing attacks but further securing of power for the strange amalgamation that we would call the federal government.
Neural networks, with enough training data (which the NSA surely possesses), and enough compute power (which the NSA also possesses), could easily do this.
I know in other fields the ability to do concept searching (via LSI and other techniques), rather than simple text based searching, has been in use for many years. His example/problem of a search for "bomb" bringing up noise (such as an email talking about a QB throwing a 'bomb' pass) should have long ago been solved.
Note that one of the more useful and interesting uses for this data would be political demographic analysis more comprehensive than anything available legitimately. It could also be used to target leakers, especially if you could use devices to put 3rd parties in the same room. E.g. my phone hears or sees you and your friend together, even if you don't have phones.
The bar for collusion is really low. Look at what happened to the pot dealer for the guys that bombed the Boston marathon.
The odds of any one transaction coming back to get you are practically and almost literally zero but when something bad happens it doesn't happen in a vacuum. The bank robbers have to buy their getaway car from someone.
You have to put together what we know about PRISM with recent testimony.
https://en.wikipedia.org/wiki/Jewel_v._NSA is extremely important here. The NSA argues it can collect virtually every scrap of data flowing across US communications systems and that it does not violate your rights because as long as no one is looking at it your 4th amendment rights aren't violated. So to "look" at the data they get a secret FISA warrant. Jewel was defeated in court with the same tired argument of Clapper et. al -- "Your facts are inaccurate, but we won't tell you how because it is a state secret. Case dismissed. You let us worry about protecting your privacy within our walled garden."
NSA directors have a long history dating back to 2002 with Hayden of misleading congress and then saying "oops, sorry about that." It is a naked power game between congress and the executive branch and a bit of political chicken because the intelligence committees can only go so far before the president/white house can say the legislative branch is undermining your freedom and aren't tough on terror.... which will not go well for anyone at reelection time if it sticks.
The back and forth goes on. The picture painted, and I can't dig everything up is that, essentially, the NSA collects almost everything that happens on US soil. It has a legal fiction via executive orders (see Snowden emails) that let it do this. And then if searches of this data turn up anything interesting (since automated computer searches don't require a warrant under this legal fiction) they then apply for a secret FISA warrant and then humans can "look" at the collected data. And since no humans were collecting or looking at your data your 4A rights are fine and safe.
edit: I guess I meant to add this legal construction is why the "how" of their collection matters so much. Until we have accurate details of the "how" we can't even begin to argue against them in open court. And since the executive branch tries its very best to keep the "how" secret (for many not obvious reasons!) these things are important. I have seen people dismiss the importance of the technical details as just bits and bytes and what matters is the politics at play, but the "how" is very important as shown by the failure of Jewel to win in court due to specious "state secrets" arguments.
This would enable the NSA to search based on scene descriptions of likely crimes and get government-ID tagging with GPS. This would serve as an effective filtering system and increase the productivity of intelligence operators.
Additionally, I am not sure how TREASUREMAP relates to the rest of your comment, as TREASUREMAP is essentially Shodan with more datasets included based on publicly available, commercially available, and collected data.
EDIT: Watching video now and I understand your interpretation of TREASUREMAP...this is bizarre...he appears to believe it is something else entirely. Here is the full presentation he referenced for context though (Warning: TS/SI): https://assets.documentcloud.org/documents/1301057/tm-m-402....
Quarterly production of hard drives is around 100-140 million. That's quite a big slice of global production.
The buying operation of this scale should be visible somewhere on the price charts.
Backup tapes have significant capacity and are cheaper than hard drives.
US defense spending built most of the technology industry. That activity didn't stop.
One can probably leave out all the torrents, youtube and netflix videos that fly across the internet. Stick to text of emails, calls and chats only. Suddenly you only need a few thousand drives.
> Pournelle's Iron Law of Bureaucracy states that in any bureaucratic organization there will be two kinds of people":
> First, there will be those who are devoted to the goals of the organization. Examples are dedicated classroom teachers in an educational bureaucracy, many of the engineers and launch technicians and scientists at NASA, even some agricultural scientists and advisors in the former Soviet Union collective farming administration.
> Secondly, there will be those dedicated to the organization itself. Examples are many of the administrators in the education system, many professors of education, many teachers union officials, much of the NASA headquarters staff, etc.
> The Iron Law states that in every case the second group will gain and keep control of the organization. It will write the rules, and control promotions within the organization.
But it's already come out that searching for Tails or Tor can set off NSA flags, so I was pointing out that reading Chaos Computer Club accounts of NSA surveillance practices sounds like another likely way to be flagged.
It sure is, meaning that a privacy conscious person is not a friend of a government and needs to be held in check. It's also quite disturbing that NSA is surveilling political parties around the World to excerpt pressure on them and to get geopolitical and economic influence.
Is that the relevant part? Haha
I am a mere peasant worthless dumb and powerless. Another gusano.
I looked at it, I didn't feel any chilling effect. From an engineering point of view its interesting. Maybe I'm too dumb to process fear.