Hacker News new | comments | show | ask | jobs | submit login
Google Security Team Member on NSA: "Fuck These Guys" (plus.google.com)
1217 points by cdvonstinkpot 1025 days ago | hide | past | web | 396 comments | favorite

I think it's pretty clear that we need both technical and legislative fixes to NSA surveillance. Just one of the two isn't enough: to get be even vaguely confident that surveillance ends, we need both. The technical fixes I can't speak to, but the legislative ones I've been thinking about for a while. In the last week, there have been two prominent bills announced to deal with surveillance:

- Bill 1: The FISA Improvements Act, from Feinstein and the Senate Intelligence Committee. In short it legalizes most of what the NSA has been done.

- Bill 2: The USA FREEDOM ACT, from Sensenbrenner and Leahy, currently being considered by the House/Senate Judiciary committees. It amends §215 of FISA to end bulk phone metadata collection and fixes some of the problems with §702 of the FISA Amendments Act (under which PRISM is run). But it doesn't fix §702 fully, does nothing to end BULLRUN (undermining encryption) nor the surveillance that happens outside FISA (MUSCULAR, for example, and god knows what else).

Obviously the Feinstein bill can't be allowed to pass. But some really big names (ACLU, CDT) have thrown strong support behind the Freedom Act. I'm wondering what we as the Taskforce(.is) should do. It's clear to me that it doesn't go nearly far enough. And there's some chance that if it passes, Congress will view this whole thing as "dealt with" and not revisit the issue for years to come. But unfortunately the Freedom Act barely has the votes to get out of the judiciary committee, and getting it to pass through both houses requires a lot of momentum.

We've been working on a campaign asking folks to call and oppose Feinstein, and potentially to support the Freedom Act. But I'm not sure if that's a right move. Unfortunately, the public doesn't understand why privacy is important, and Americans aren't nearly angry enough for Congress to do anything more substantial than the Freedom Act. We might be able to push for amendments, but it's a long shot.

tl;dr - We've got two bills in Congress. One is terrible, one is mediocre. But we don't have the political momentum to do anything better than the mediocre bill. What do we do? Tech advocate conundrum.

But it doesn't fix §702 fully, does nothing to end BULLRUN (undermining encryption)

Nor should it. Undermining the encryption used by legitimate surveillance targets and intercepting their communications is what the NSA is for. The point of legislative solutions isn't to stop having a signals intelligence agency. It's to limit that agency to spying on people it legitimately believes to be terrorists, agents of hostile foreign powers and the like.

Ok but to agree with that argument is to agree that the NSA and organizations like it are necessary. I'm still waiting for the proof that they are. Everything I see points to them compromising countless people's privacy and having nothing to show for it.

But that's the core of the problem. By the nature of what they do, their successes are never clear.

Not that this is a very robust intellectual defense, but the US is far from the only country to do this. Just two days ago the NYT had an article about Brazil spying on Americans within its borders:


If we shut down the NSA tomorrow we would be an an international disadvantage.

Can we please try not to equate a diplomat's car being followed around a city's public areas with the indiscriminate collection of private communications from every man, woman and child on the planet?

Look, my eyes are open. I'm spying on you. Everybody spies!

Difference in quantity turns into difference in quality sometimes. It is stupid to disallow taking pictures on public streets. It is not stupid to say to the government "you should not film everything on public streets 24/7 and keep it for years, because we don't want you to". Citizens are owners of the government and can set rules of what it is allowed to do.

can we please try not to equate reality with "indiscriminate collection of private communications from every man, woman and child on the planet"

I understand the line "By the nature of what they do, their successes are never clear." but I would think that will all of the bad "publicity" the NSA is receiving they would at least pull one example out where they prevented an attack. They have only release vague numbers on the number of incidents prevented and when put under a microscope they weren't a very big part of the plots they claimed to have foiled. I understand the "international disadvantage" but I don't think we can allow everything the NSA does with "Everyone else is doing it" defence.

An annual transparency report from the NSA? Good luck with that.

I doubt the NSA cares about negative publicity. Deep inside the NSA it's business as usual.

This is why my opinion is that the TLA policies and limits should be set by Congress in open debate. While their work may be secret, the limits and approach to the work should be set by the representatives of the people, publicly.

Leahy is the author of CALEA, a surveillance law that is one big reason we're in this situation to begin with. He introduced portions of the Patriot Act under the name EPPSCA a year before the Sep. 11 attacks (http://thomas.loc.gov/cgi-bin/query/R?r106:FLD001:S58859).

Leahy has sat on modest surveillance reform (requiring search warrants for email, cell phone location) for over three and a half years without advancing it to the Senate floor. One proposal he circulated a year ago included an exception allowing dozens of federal agencies to access email without a warrant (http://news.cnet.com/8301-13578_3-57552687-38/). Then, after Snowden's revelations, when the political tide was moving toward significant reform, Leahy's first instinct was to handcuff companies from challenging NSLs (http://news.cnet.com/8301-13578_3-57592778-38/).

I suspect that, after all the likely political compromises and conference committees and markups, any bill principally authored by Leahy will follow the same pattern as CALEA and the Patriot Act. One obvious solution, of course, is to avoid limiting yourself to looking at a pair of existing flawed bills and find a politician willing to back real reform.

Another solution, better for HN, is to work toward technical solutions that will work in the likely event that our esteemed leaders in Washington, D.C. get it wrong once again. Trust math, not laws.

There is no technical solution that works when the federal government can seize/inspect/hack into any computer located in the United States or in friendly countries, as well as hack into computers anywhere in the world. They can then access the decryption private keys of anyone, and thus all encryption can be defeated, along with any other means of attempting to hide information from prying eyes. If Google itself is unable to protect its own network from NSA intrusion, what makes you think anyone else is able to?

Remember, the NSA is tasked with spying on Russian, Chinese, (and everybody else's) systems, and given that the Russians and Chinese have great mathematical and computing minds, is should be assumed that the NSA is employing equally great minds in the USA in order to penetrate the military (including nuclear and biological weapons systems), government, commercial, and individual systems of these foreign powers.

That the NSA turned the sophisticated looking glass inward to spy on the citizenry, in such an insecure manner, is the problem.

The other problem is that, well, citizens of the United States can be terrorists. If the NSA is tasked with stopping terrorism, then they, of necessity, need to monitor everyone, including US citizens.

So the answer lies in the terrorism part: Everyone went bonkers wondering why the government agencies were not able to stop the Boston bombers, yet when they do try to collect information and analyze it in a manner consistent with stopping this threat, they are then denounced as violators of the Constitution.

I have a sobering proposal: We tell the NSA to not worry about terrorism.

On the other hand, we come to terms with the notion that terrorists do what they do because it does terrorize us, and we make a conscious decision that we are going to not care anymore and accept a certain amount of casualties in exchange for the government not spying on us.

We accept that 30,000 Americans die on our roads each year in car accidents. We accept that another 30,000 Americans die of gun violence every year. Could we not accept that 30,000 Americans die of terrorism related incidents every year?

I lived in France in the 1980's. We had a lot of terrorism. Bombs in malls, bombs in restaurants, bombs in the street in front of synagogues. After a while, callous as this may seem, the French just stopped caring anymore. It had become routine. Then the terrorists stopped. There was no reason for them to keep doing this, because the French would just put it on page 4 of the paper, next to the political scandal section. The police would close the street, clean up, etc.

Yes, these were tragedies for the families, but not more than the tragedies for victims of gun violence, drug overdose, and horrible car accidents that mangled the bodies of children beyond recognition.

Taking away everyone's car is not the solution to car accidents. Taking away everyone's guns, swords, pick-axes, chainsaw, power drill, kitchen knives, and banning boxing, wrestling, and martial arts is not the solution to murder. Likewise, taking away everyone's freedom is not the solution to terrorism.

Because taking away everyone's freedom's been tried before, and the human spirit of freedom asserts itself, and people die on both sides as they rebel and attempt to overthrow the oppressors.

And that is why the NSA and other agencies that spy on Americans must be muzzled.

I agree with your general premise and thesis, but the gun deaths from guns statistic, while pedantically accurate, ignores the context shown here:


Firearms were used in 19,392 suicides in the U.S. in 2010, constituting almost 62% of all gun deaths

Analogy with not using encryption?

Yeah, I'm familiar with that. Since committing suicide is against the law, then does my analogy hold?

Now using encryption or not using encryption does not matter in the context of being monitored by the NSA.

Since you've brought up the topic of poorly enforceable laws, when was the last conviction.

My reference re: not using encryption is that it is akin to suicide.

Well, if you have life insurance and you commit suicide, your beneficiaries won't be able to collect (in most cases, there are a few policies...) because suicide is against the law.

It may be the reason suicide's illegal.

Legislative fixes aren't going to buy you a lot, though they'll buy you something. The fundamental problem is structural: there are a lot of things the NSA is totally allowed to do, especially when it acts as an agency of the executive outside of the U.S. Technologists tend to ignore national and jurisdictional borders because networks cross those borders, but the powers of the NSA are defined in terms of those borders. Not just statutorily, but as an agency of the executive, Constitutionally.

For example, Mike Hearn says: "Bypassing that system is illegal for a good reason." Illegal under whose law? Obvious things like the Wiretap Act simply don't apply outside the U.S. And this is by design: Congress and the courts are primarily domestic institutions. The executive, by design, has primacy when it comes to activities outside the U.S. Maybe this design made a lot more sense back in the day before the advent of trans-national corporations, but it's the design we have, and we're talking Constitutional-amendment level fixes to change that design.

Internally, you might see fixes without a Constitutional amendment. E.g. the Supreme Court might at some point weaken the third party doctrine, which is what makes a lot of the NSA's data collection not a violation of the 4th amendment. But they won't touch the activities of the NSA internationally.

U.S. law follows U.S. citizens around the world. For example if a U.S. citizen rob a bank in the U.S. and then flees to the UK, when the UK police catch him, he will be extradited and prosecuted in a U.S. court. He's not stuck into a UK jail without a trial.

That's the minimum issue here--Google ships the data of U.S. citizens around the world, and the NSA knows it. They are trying to play a cute game by pretending to assume that if the GCHQ collects the data in the UK, the NSA can safely treat it as foreign data. We need to call them on it.

U.S. law does follow U.S. citizens around the world, but only in certain circumstances does it apply to conduct abroad. For example, there is a law against U.S. citizens engaging in underage sex tourism abroad. But such laws are the exception. If you, e.g., murder someone in England, the U.S. can't hold you accountable under American law.

Your example is a bad one, because in your example the law is broken by conduct in the U.S. In this case, the splicing of the leased lines happened outside of the U.S.

The conduct in this case is not the fiber tapping, but the possession and use of U.S. citizen data by the NSA. It does not matter how they gather it, their restrictions are the same--they must limit and justify it.

The Google+ comment objects to the fiber tapping. It doesn't say anything about the use of U.S. citizen data, and the NSA asserts it has safeguards in place to filter out such data from foreign taps.

It depends. Extradition is complicated and often has conditions, like requiring that the act was illegal both countries. Some countries will not extradite a citizen of the theirs (dual nationality comes into play here), and countries in Europe will not extradite to the usa if the death penalty is an option.

Constitution, huh?

You may have noticed it getting thrown out the window already, what with American citizens in danger of being declared "enemy combatants" and locked away indefinitely without trial, or just droned to death on the spot and all.

Then there's Mr. Snowden, enjoying his Constitutionally protected right to freedom of speech.. in Moscow.

Legal access to a document can't compel the owner of the document to hand over encryption keys. And if the existence of the document can be denied, you can't even prove it exists. This level of protection is within the reach of existing tools. Services like Google can make those tools accessible to the masses.

The law has to observe physics. You can get a court order to "compel" someone to float off the ground, but that doesn't mean it's going to happen.

Sure, there are certain things that can be achieved by technological means. My point is that when it comes to certain areas of NSA activity, you're dealing with more than just simple legislative fixes. The specific example mentioned by Mike Hearn, the NSA tapping into international leased lines, is really illustrative. Our whole government is structured around the assumption that the executive branch is supreme when it comes to activities outside the U.S. To make it illegal,[1] for the NSA to tap into foreign leased lines would require more than just legislation, it would require Congress to decide to regulate the NSA's activity abroad in the first place. And in doing so Congress would run up against separation of powers issues, because in our system, it's not really Congress's place to dictate to the President how he carries out foreign security activities.

[1] I think as it is it might be a 4th amendment violation, but it's not contrary to any statute that I'm aware of, at least not any American statute.

And in doing so Congress would run up against separation of powers issues, because in our system, it's not really Congress's place to dictate to the President how he carries out foreign security activities.

I agree with you completely, but when the political will is there, Congress can dive head first into separation of powers fights. Look at the War Powers Resolution. It's almost certainly unconstitutional in a strict sense, or at least extra-constitutional. But the Supreme Court will likely never touch it, and Presidents take its requirements seriously.

One potential avenue for limiting foreign intelligence gathering short of an amendment would be ratifying a treaty to that effect. But that seems as unlikely as any other route, since, as has been pointed out a few times, most Americans care not a lick about foreign SIGINT, and to the extent they do would like it to be as effective as possible.

Those are both excellent points. A treaty would be a good idea, but first we need a President willing to negotiate such a treaty.

That depends on the meaning of "how."

Congress can very well pass laws that dictate foreign policy: You shall/shall not bug the Germans.

Though it's dubious, Congress can also say "You shall not spend money on fiber taps. You shall have money for satellites."

The bottom line is that the Congress can get into NSA's pants as much as they want to.

Congress can very well pass laws that dictate foreign policy: You shall/shall not bug the Germans.

They can pass them, but they'd almost certainly be as unconstitutional as a law from 1944 that mandated the invasion of Calais rather than Normandy.

It is beyond even that. Even if you get legislation making illegal for the NSA to spy outside the US you also have to pass a law saying they can't receive data from the GHCQ who were the ones who tapped Google and Yahoo in Europe and then shared the data with the US.

There's no conundrum. You take what you can get, when you can get it - especially with how Washington functions today. The other big name groups recognize this. Perfect is the enemy of good here.

"But some really big names (ACLU, CDT)"

Just to point out, neither of these are actually big names to congress, or more importantly, particularly effective at getting things passed when push comes to shove.

If you want these things passed, never rely on advocacy orgs to do the work of the people.

In fact, there are many members of Congress that would be delighted to oppose whatever the ACLU is recommending (and perhaps even put out a press release announcing it!).

I'vw been thinking about this pretty hard this summer - I've been involved in some local tech activist stuff.

My take on it is as runs:

Fundamentally, what's needed here is the ability to have confidence that the intelligence system is not overstepping its bounds. The US founders' framework for building that confidence is to have multiple parts of power, whose interest is roughly aligned with countering each other. So in the case of the TLAs:

* The judicial system for warrants needs to be open. No secret courts. Cases' contents might be sealed; the existence of cases should not be. Secret courts are not new, and they have been a bad idea for a long time.

* The policies for data collection need to managed by Congress; no policy about this should set by the executive branch. The policies need to be open and debated. Should we take foreign intelligence on our own citizens?

* Comprehensive reports to Congress. I believe Zoe Lofgren cited a report that was under a page about the NSA activity. That's entirely disingenuous and disrespectful of the representatives of the people.

The other thing that needs to be done is in the polls: Legislators that seek to legalize snooping need to be replaced with ones that don't.

And finally, the thought process needs to be that there's a 4th Amendment rights protection movement and organization, which will work over a long timeframe (generations). There's no band-aid act that will fix this once and for all, this entire thing is an upswelling from overprotective and anti-risk mindsets. It comes out of deep into the roots of what's considered acceptable risk. The privacy/4th amendment movement is going to have to plan for advocating higher risks, more freedom, more liberty, combined with more laws about privacy, along with determining how to build change in mindset over time (it's called propaganda or, more politely, marketing). Privacy implications need to be worked out, discussed, brought to light in fiction, philosophy, law, debates, etc. The mindset of fear and "never again" and "risk is unacceptable" has to be broken in order to make mass surveillance a non-starter.

Worse - The reality is that privacy is going to be dead with the Internet of Things coming online. The question is, what is acceptable and legal to monitor and record? For myself, I believe that we need to have stringent personal data laws forcing deletion of consumer data unless required for a service, as well as requiring warrants for any data collection not already given to the government (i.e., irs filing).

The 2nd Amendment groups are in this for the long run. I don't see how the privacy groups can afford to do otherwise.

edit: I would enjoy discussing this with interested parties, particularly activists and activist-leaning people. My email is in my profile.

It's wrong to portray this as a trade-off between more risk or less risk. In reality it's a trade-off between two kinds of risk. Without the NSA snooping there is a higher risk of terrorist attacks, but with the NSA snooping there is more risk of attacks on democracy. Imagine j. edgar hoover or richard nixon able to use all that NSA data for illegitimate purposes. How easy would it have been to supress dissenting political opinion? The NSA database is a time bomb of political abuse just waiting to explode. Its very existence is a threat to democracy.

That's a fair point. There are an array of risks that less (or more) intelligence shifts the balance around on.

N.b., I don't really like to frame it as "attacks on democracy". That is (1) hyperbolic and (2) not obviously true. Words must be chosen very carefully in this debate (and it is a debate!) in order to not mislead or scare people away. I would argue that TLA snooping leads to the "Chilling effects" idea, where debate and discussion are chilled from freedom due to awareness of snooping. Obviously there are follow-on and side effects as well, as well as long-term risk of political persecution. But let's focus on the visible problem today without speculating on the worse potential problems.

Further point with respect to word choice and bringing the mainstream awareness up: tinfoil hatters do not speak for me, and they don't speak for the mainstream. They poison discourse by being radical and not bothering to look at conventional reality. Same for conspiracy theorists. Reasonable and respectable people can move the needle, infowars/alex jones/coast to coast types really are no ally in the effort to make this a real issue.

I'm interested in this distinction.

It seems to me fairly self-evident that actions which chill debate or discussion limit political expression and an informed electorate, thereby fundamentally impinging on democracy. Why then distinguish between 'chilling effects' and an attack on democracy?

So a dictionary defines chilling effects as the inhibition or discouragement of the exercise of your rights.

Let me frame the thought by giving an example: if I am talking with someone, I might not say a few things because, hey, the TLA might care enough to pull the record and listen in. Or we take care to communicate with GPG or something. It inhibits what we do. We can still vote; our vote actually has meaning; our votes actually change the elected officials, etc. We still can run a socialist candidate (c.f. Kshama Sawant 2013 in Seattle) and they aren't shut down via police action or other hardcore discrimination.

This is in contrast against what it could do: it could be always used to harass and discriminate against those dissenting from the Two Parties and the State. Anyone who said anything would be looked at and actions taken to shut them up and limit the expression and formation of dissent.

While the database of communication could be used against people to significantly disrupt everyone who speaks out, it is not, and in my opinion, it will take a few emergencies like 9/11 to actually alter the mindset of the US to make that acceptable. Of course, people are harassed; some people are okay with that. It doesn't mean there's general acceptance of that, and it doesn't mean everyone is harassed.

Thus I draw the distinction: people self-censoring vs. the heavy hand of an apparatchik forcing change. The first is very immediate and to-hand; it's reality today. The other is possible, possibly even probable given certain courses of events, but fear-mongering is not the best way to go; let's deal with the clear and present threat at hand- chilling of free speech, chilling of dissent, chilling of the business interests of United States citizens, (frankly, these all apply outside the US as well, and hopefully the debate within the US around privacy and data capture also places the operations of TLAs on non-US citizens & non-US soil within the public purview of the United States citizenry via their elected representatives).

Fear does work as a campaign tactic, but the reality is, fear is not something people want to work for. People are willing to work for hope (didn't we all see that in 2008?), and I really would prefer the pro-privacy, pro-4th amendment activists focus on the positives and hope of what we can do rather than performing the traditional stick of the Republicans & Democrats (vote the other way and the free work and the US will END!!!11!oneoneone). It is in hope of being not being tracked against my will, not being monitored in every phone conversation, not being advertised at without my consent that I advocate for these changes to come to pass. It is in hope that I can say thoughts and perform actions online and offline and feel the liberty of not having peeping government Toms and raucous advertisers know anything about me.

So there's my distinction and my spiel. :-)

>our vote actually has meaning; our votes actually change the elected officials, etc. We still can run a socialist candidate (c.f. Kshama Sawant 2013 in Seattle) and they aren't shut down via police action or other hardcore discrimination.

See, my theory, call me a tinfoil hatter if you will, is that we are on the brink of losing our votes. 1) Collect extensive data on any and all citizens. Any especially politically active citizens will receive extra scrutiny. Ones that are further up in local, state and federal politics will receive even more. This information will be used secretly to ensure that, besides a few outliers who are either allowed to be subversive for the sake of maintaining a smokescreen, all politicians can be controlled. Russell Tice, a prominent NSA whistleblower has alluded to exactly this process occurring under the NSA of today, as it did under J Edgar. He ominously refers to a young man who now resides in a nice white house as one of these who received extra attention. (To me, that explains a whole great deal. And think about it - one of my google searches released to the press would destroy any political career I had, and would be quite enough to turn me into someones puppet, or force me out of politics all together.)

2) With the political market cornered, to an extent, step two begins. Militarise the police. Use infiltration and subversion to delegitimise, split and turn public opinion against activists, whilst also using techniques to track and monitor the most influential ones. Again, there is evidence that the NYPD and other departments have undertaken actions like this. There is a wealth of technology to aid them - tracing FB profiles, using false cell towers, facial recognition tech combined with surveillance cameras, etc. This will have a chilling effect, as mentioned above - acitivists movements are accused of vandalism, of violence, suspect motives, etc, and are also brutally put down. Public sympathy fades, and the support for and involvement in protesting and other forms of activism begin to wither.

Congratulations, you have the makings of a great authoritarian state!

Note that nothing I referred to above is beyond the realms of possibility - in fact, please point to anything I said and I will try to dig up some solid evidence for it.

Quite simply, we are going past the point of no return. It will become progressively more difficult to have an impact on the political apparatus. At some point, it will come down to one thing: a fight.a very bloody fight. it happens every few centuries when an existing political and social order becomes stagnant, and the citizenry are pushed out of fear, hunger or anger to act. When we the people have nothing to lose, that is when things will change. It may not happen tomorrow, or next year, or next decade, maybe not even this century, but it will happen.

Couldn't agree more and this is what I have been saying.

EVERYONE has dirt on them that they wouldn't want a hypocritically moralistic press to publish to the world with the worst possible spin on.

Either Presidents get access to some scary ass shit that makes them all immediately move hard to the right when they get in office or someone shows them their phone calls to their dealer in 1986 or the abortion clinic in 1997 or an email to an illicit lover or a gay experience at college or or or.

Occams razor would suggest that with the overwhelming superiority of the USA militarily and economically that there isn't some massive scary vulnerability that requires the maintenance and expansion of the security state therefore the second posit is more likely. Dirt. Lots of it. J Edgar Hoover with access to all of your inner most thoughts. That's what a google search is after all.

How many times have you heard something or read something and done a quick google, something that out of context would be dreadful? I for example ended up following some links from Reddit and ended up on a white nationalist site (the post was taking the piss out of their idiocy), I immediately clicked away from it thinking 'fuck, if the govt were to see that' (I am on a work visa here and have essentially no 4th amendment rights when seeking entry), pretty chilling already.

Now imagine being a politician. 'Candidate goes on storefront!' But I was just curious, following an internet thread...yeah right. Racist.

/end ramble.

I understand the implications of having surveillance and using that information to ... regulate... dissent to be acceptable dissent. I completely agree that we have wound up with certain things in place that are foundational to a police & authoritarian state. However, I don't see any direct evidence of police state action; no smoking gun if you will. So I believe it's better to confine ourselves to openly known facts & working to roll back the (already very bad) truth rather than looking forward to a (worse) fork in the road.

Remember, a great number of people have to be on board with restricting the TLAs in order for effective change to happen at the national level. While YOU might not want monitoring of influential activists, others might (and probably do). So your possible future might be a wanted one for segments of the population. Confine yourselves to facts and positives and you have a stronger base to work with rather than pushing fear (no one wants fear, everyone wants hope).

Understand that I'm not denying your hypothetical future. I'm simply convinced that a narrative not focused on "what-ifs" and fear will be more successful at winning support.

I don't agree with your point that arguing what-if scenarios is a losing argument. These days there are enough actual or potential attacks on groups that someone holds dear such that a what-if argument can be constructed that will resonate with anyone. Sure, there may be some people that would want, say, the Occupy Wall Street activists monitored, and those same people would deplore the Tea Party "activists" being monitored by something like the Obama administration.

I would argue that imagining what-if scenarios and disseminating that fear are the only way to prevent us from crossing the threshold where there's no turning back. Waiting for direct evidence of a police state is a losing battle. Just take a look at what a decade of the All-Seeing-NSA-deniers have brought us? Relying on the next Snowden to bring us hard evidence about intelligence activities is a losing proposition.

> However, I don't see any direct evidence of police state action; no smoking gun if you will. So I believe it's better to confine ourselves to openly known facts & working to roll back the (already very bad) truth rather than looking forward to a (worse) fork in the road.

You didn't see any diret evidence of massive surveillance either. Yet it is quite clear it exists. All that means is you are willing to wear blindfolds. By not preparing yourself for the worst, you simply let it happen.

It may feel self-evident to you but I don't think the evidence supports that position. The US is not exactly known for its engaged electorate or educated voters. I would need to see a lot of evidence in order to convince me that things would get any worse in a surveillance state. The UK is probably farther down that road than the US at the moment and I haven't heard that they have exhibited any of the problems you are worried about.

>Without the NSA snooping there is a higher risk of terrorist attacks, but with the NSA snooping there is more risk of attacks on democracy.

Bullshit! This is the exact thing we have been demanding proof of. There is none.

Not a single event has been proven to be thwarted by these activities.

Boston? Sandy hook? Aurora? Lax? Mall?

All actual attacks, he'll they took days to ID Boston guys and even then couldn't do a decent job in tracking locating them after they found them out!

The NSA is a criminal organization. Period. Tyre is no grey or legal area here. They need to be shut down.

All of those but possibly Boston are essentially mentally ill people who went nuts - domestic attacks. The NSA is usually tasked with dealing with foreign threats. So your complaint is, by and large, mistaken. Your complaint is better directed at local police and mental health facilities.

It's almost certain that the TLAs generally tries to keep within the law as they see it, and push the boundaries as far as they can - this is the trend of the executive branch. I would expect them to have batteries of lawyers hired to find out exactly what is permissible, and then to do all of it.

It'a also entirely disingenuous to say that the TLAs have no purpose. To riff off of @leashless from Twitter - they are a reaction - an immune response - to some entities which do and did some very bad things covertly, and are now being an autoimmune disease on the host state. The truth is, 9/11 gave a rather large blank check to the industrial/ security/intelligence companies and agencies in the US, and most people were not in the mood to worry about civil liberties too much at the time. "Never again" was the refrain, and that sort of perspective removes all ability to do a cost-benefit analysis. So they expanded with that attitude and that check... then, like beauracracies do, they entrenched and began to expand power and capabilities. This is not new behavior in any bureaucracy. This sort of eventuality was, as I recall, predicted quite loudly after the Patriot Act was passed.

Don't understand why you list unthwarted attacks. The real question is how many attacks were thwarted. That is the point of disagreement.

Yeah but "higher risk of terrorist attacks" is like, what, an increase from 0.000001% to 0.0000011%?

That's the thing with Fear. It makes you stupid.

One thing that needs to be taken into account is that terrorism is responsible for very few deaths at all. Guns and cars both cause more deaths. I'd love the US to do something about guns, but are you guys having a crisis about cars?

The response is utterly disproportionate to the risk.

I don't know. What do you think they would've done to suppress dissenting political opinion?

Which is where this whole conversation goes to hell - the trailed off sentences where people assume they actually have a clue what dangers they're talking about.

Because if your problem is "oh, someone might find out about someone's mistress and tell the media..." well - the problem begins and ends with the fact that their voters turn out not to be ok with that. But they're still voters who's votes matter.

"What do you think they would've done to suppress dissenting political opinion?"

Easy. You use government power on them. You "coincidentally" hit them with an IRS audit, one that's incredibly hostile and refuses to resolve itself. You hit their business with every inspection possible, held to the most stringent of standards. Even if, and perhaps especially if, they don't own it, and you find a way to sufficiently hint to the business why exactly they're having these troubles. You have a cop follow them and nail them with every petty infraction in the book. Any government program they may be on, you inspect their compliance to the n-th degree. Layer heavy bureaucratic red tape on at every opportunity. Find ways to make them need a lawyer. Find a petty excuse to claim you suspect them of drug trafficking and inspect everything they own, which basically allows you to take everything they own, and effectively destroy or hold on to everything for years.

And that's if you have a goal of staying plausibly legal. If the mask is off for some reason, there's even more you can do. And these are just examples; if one truly took a survey of what the government could do to you without even stretching the law, I think we could produce a very thick and scary book.

Unfortunately, I don't think the capabilities of the NSA are bounded by your imagination.

So again, you just listed a big list of things which don't actually require a covert surveillance program to implement because the whole point of suppressing people is to be rather overt about doing it.

You then postulate the US government just ignoring the law altogether.

You see the pattern right? All these are things where the US government does some questionably legal, pretty highly visible stuff to you. It's not unintrusive electronic surveillance.

Or to put it another way: the Soviet government didn't start out surveilling their citizens before they just murdered all the ones who were considered dissidents. They started doing it after they needed to get better at murdering the dissidents. But the real problem, was the fact the government was willing to murder dissidents. Has the US government killed a bunch of your neighbors? Disappeared them?

>So again, you just listed a big list of things which don't actually require a covert surveillance program to implement because the whole point of suppressing people is to be rather overt about doing it.

No, he just mentioned things that could be currently done. However, only on a small scale. To truly disrupt anyone's life like that, and to do that for thousands or millions of suspects or dissidents or what have you, you would need an equal amount of auditors, cops, and so forth.

Now, if you were to automate that schema, you would have yourself a system capable of much more. And by doing it illegally to the extant that even elected representatives are not allowed to have oversight, you could achieve a very great deal.

>was the fact the government was willing to murder dissidents. Has the US government killed a bunch of your neighbors? Disappeared them?

Two arguments. 1) The signs are that we are eroding the legal safeguards that at least made it very difficult and very risky to do this. Now, however, dissidents (call them traitors if you will, that is your opinion) can be whisked to secure holding facilities the world over and subjected to torture, and it is technically legal. US citizens can be assassinated legallly. And now we hear that we have been watched for decades, illegally. Clapper commits perjury, but walks free. Torturers are given clemency, but Snowden is wanted for esponiage. All of this tells me that currently, our freedom is a facade, and soon even that will be able to be dispensed with.

2) You could subscribe to the view that we don't need to be murdered or dissapeared, just convinced that keeping our mouths shut and our eyes on the TV are the safest option. Pepperspraying OWS protesters, militarising the police - I can see why political engagement is dropping, and I'm sure you know who benefits from that. Hint: not us.

Hike dem goalposts. You asked what they could do with the information they illicitly obtain, and I provided an answer.

"Has the US government killed a bunch of your neighbors? Disappeared them?"

No, not yet. However, I believe there's a "there" there with the IRS scandals, which is definitely headed in that direction very, very strongly. Which is to say, it's riding your line, it crosses a lot of other more realistic lines already.

> Or to put it another way: the Soviet government didn't start out surveilling their citizens before they just murdered all the ones who were considered dissidents. They started doing it after they needed to get better at murdering the dissidents. But the real problem, was the fact the government was willing to murder dissidents. Has the US government killed a bunch of your neighbors? Disappeared them?

Your faith in human nature is disarmingly naive. Remember Hitler has been elected. What keeps a democracy alive is not the people at its head or the people that elect their rulers but the structural foundations and laws. You can't trust men. Most of these foundations and laws have already been circumvented by the NSA with the benediction of the US government. That the government seems "nice" to you doesn't matter. As soon as the rulers can disregard laws, they will.

On the legislative side, it seems that we need more transparency and the ability to curb abuses once detected. I don't really know what a working system that acts in this capacity would look like but I think it would include citizens as well as senators and congressmen. We don't really know what our government is doing and, although that might not have been an issue in the past, I feel that it's becoming an issue today as a result of everyone being spied on. If the government has nothing to fear, it has nothing to hide.

Feinstein is a villain. Time to get her out of office.

Good luck with that. She's not up for re-election until 2018, and so far as I'm aware there are no allegations of crimes of the sort that would get her expelled from the senate (in practice, looking at previous examples).

She's always been a villain. Its just that the other Senators are so much worse she looks good in comparison.

Try to find a fix for the ridiculously broken system that is the US government?

It definitely won't get fixed if all people do is bitch about how it's totally impossible to fix on internet forums.

If you can get exactly the right people to bitch about how it is impossible to fix on internet forums, then they won't be around during the planning stages and you may then be in with a chance.

Yes. It's fixable the moment the public realizes that it is within their power to fix.

How? Voting and protesting haven't worked so far.

Just because people don't vote the way you want them to doesn't mean it's not working.

Voting is not working. As far as the media is concerned, there are always going to be only two candidates, both of which are in bed with corporate lobbyists. Without every voter doing significant research on their own to make meaningful third-party voting blocs, that will not change. Money determines the primary candidates, and that money comes from the same places year after year.

The fundamental problem is not the media (for all the problems the media has and produces), it is the electoral system, as is demonstrated by the comparison with the greater number of competitive parties in all the democracies that also have profit-oriented corporate media but do not a national legislature elected by plurality or majority/runoff elections.

Italy has one of those proportional parliaments. It's not exactly a utopia.

No place is "exactly a utopia", but the issue was the media being blamed as the root cause of the partisan duopoly in the US, which is pretty clearly not the case.

OTOH, systems with greater proportionality in representation also tend to have higher public opinion of how well the local government works, which is probably not coincidental; for a good general survey, see Lijphart's Patterns of Democracy.

> systems with greater proportionality in representation also tend to have higher public opinion of how well the local government works

Maybe they tend to, but when they drew that graph, Italy is definitely an outlier. People are not at all fond of how the government works, putting it mildly!

Very proportional systems have large problems of their own too, including all the "horse trading" that goes on to form a coalition. This can and does involve a party that got, say 10%, driving a very hard bargain with the party that got 45%, giving far more relative weight to the people who voted for the 10% party.

You're right that the media is not The Problem, no argument there.

> Maybe they tend to, but when they drew that graph, Italy is definitely an outlier.

Granting that, why bring Italy up them?

> Very proportional systems have large problems of their own too, including all the "horse trading" that goes on to form a coalition.

Horse trading goes on to form a winning coalition in two-party systems, too (the major parties in electoral systems that create a two-competitive-party dynamic are, invariably, coalition parties); the difference is that, in such systems, the disporportionate power of the needed-to-win segment is less than in two-party systems, because its much easier -- because the factions are formal parties that you can negotiate with -- to swap coalition partners and form a new majority coalition if a minor partner wants too much.

(That's also, really -- outside of systems like the US where you've got an FPTP electoral system forcing pre-election coalition building -- a bigger issue in unitary parliamentary systems vs. separation of powers systems -- because having a majority coalition in parliament is a more significant issue in unitary systems whereas in separation of powers systems, ad hoc coalitions on particular issues can function in the legislature without requiring a stable "ruling" coalition in the legislature. So, if you are looking at an FPTP separation of powers system like the US, its a problem that moving to a proportionally-elected but still separation of powers system alleviates rather than making worse.)

> Granting that, why bring Italy up them?

Because I live here and it's a very good example of proportional systems not being strictly better than what we have in the US.

> swap coalition partners and form a new majority coalition if a minor partner wants too much.

Easier said than done in many cases.

Who are you, Wile E. Coyote? Just because something hasn't worked "so far" doesn't mean it needs to be abandoned. There are a shit ton of problems in our world and with our political system right now. But that's the historical norm. Even in the "good times" it's the historical norm.

Today there are so many people who have this weird belief that somehow the lack of change due to their extreme apathy is a justification for that apathy. It's not. If more people spent the time to educate themselves deeply on issues and candidates. If more people spent the effort to have legitimately worthwhile political discussions instead of merely agreeing with those who already agree with them and shouting down those who don't. If more people decided to take the risk and enter politics. Things would be a whole lot different.

Today the biggest problem isn't entrenched power structures, or gobs of money in political campaigns, or the lack of good candidates. All of those are symptoms. The biggest problem is that the primary ways that people learn about and discuss political issues are horribly broken. Most major news media outlets are horrid, only a few steps away from outright tabloid journalism. People decry fox news all the time but CNN and even the New York Times are, on the whole, little better, just different flavored output from fundamentally the same machinery. And people don't tend to realize this because every once in a while there will be something of legitimate quality that leaks through, and that event will serve as a rationalization for continuing to feed from those sources of information. These are precisely the same processes that keep people attached to religious institutions as well.

Ask yourself, how much effort do you, personally, put into researching political issues and candidates? What about your friends? Do you hold them to account for being low information voters? Do you ever have serious, non-shouting, political discussions with people who have different views than your own?

Who said I abandoned voting? I said it doesn't work in this case. I research and vote every election. But I know for the more important offices at the state and national level, the system is broken. The two party system and big money means I don't get any say in selecting who runs, the corrupt system does.

Until you realize that the public doesn't have as much money as the lobbyists.

The labor, civil rights, and environmental movements were all hugely outspent and yet changed the country and the law. Complaining about asymmetric resources is IMO a cop out and an excuse.

Of course new movements are under resourced. If it was easy to make that kind of change, it would already be done!

Who do you think the lobbyists are? Them is us.

No, them is some of us.

Example: I used to work for BigCorp. BigCorp had a PAC to which they would gently encourage employees contribute. They ran an annual contribution campaign, sent emails, made phone calls, etc. It was not mandatory, just encouraged. Many employees did so. The PAC in turn contributed to any politician who supported BigCorp.

So the net result is a bunch of people who ended up contributing to politicians who they otherwise may not have supported, and they did so out of a vague fear that doing so was important for their jobs. There was strong social pressure at work in this situation. I.e., left to themselves, these people would not have given a dime to these politicians.

The PAC in turn, spoke on behalf of these people, but only about issues that BigCorp cared about, not the issues the original donors cared about.

And that's why them is not us.

OK to clear up some muddy thinking here, there's lobbying and then there's campaign finance.

Lobbyists are unregulated employees or contractors, whose budget is only limited by the largesse of the sponsor. Its goal is to affect legislation and regulation through swaying the votes and actions of elected officials, political appointees and to a lesser extent career bureaucrats. In this regard they are limited by anti-corruption and bribery laws.

Campaign finance is a highly regulated system through which politicians amass money to fund campaign to sway the votes of the public. PACs and other organizations channel money to candidates whom they believe will be sympathetic to their causes.

Regardless, forget about the PAC money and the campaign finance. I assume BigCorp has lobbyists, and those lobbyists look out for BigCorps interests. As an employee of Big Corp, you are a beneficiary of those lobbyists.

I took the meaning of the OP to be generically 'those who pay to influence politicians', not strictly the lobbyists themselves. So although you are technically correct that there is a distinction, the spirit of the original one-line comment was that individual voters don't have the power that organized interests do. I gave a practical example in which the interests of individuals are overshadowed by leverage that an employer has over those individuals. It's a case in which a vague threat of 'hey, you want a job don't you?' turns into aggregating money into the hands of a few people who lobby (in the generic sense) politicians to support things that may be against the interests of the employees. Such is the game they play.

As to your last statement, largely it is the shareholders and executives who are the beneficiaries of the lobbying they do. You can argue that the employees are beneficiaries in the sense that they have a job, but that misses the point: the benefits of lobbying fall asymmetrically. Again, it's a leverage thing. They leverage the desire of the little guy to have a job and raise his family and in turn reap huge rewards for the shareholders. So although you can say everyone benefits and gets what they want, the result is really a distortion of power and influence.

The legislative fixes need to create an environment where the technical capabilities and safeguards put in place are considered normal, and companies are not forced to do harm to users. That's the most important part, creating an environment that sets precedence for user's rights.

If HHS Feinstein bill passes, then it should be assumed to make all surveillance legal, thus any following of her personal actions: location, where-abouts, transactions, conversations etc are fair game. We should post cameras outside her Presidio Terrace San Francisco home watching every ingress/egress action by anyone visiting the place.

You'll need to change the us constitution so that us foreigners are covered by the 4th amendment ban on warentless searches.

As a dual citizen (US, and French) am I protected by the 4th amendment, or not?

I dunno. Ask a lawyer...

Sad that one would have to ask a lawyer for something as simple as this.

We've always been spied on and we will be. Just be honest souls. And let them spy or do whatever; This talk is kinda tiring now. I'll not worry as long as there are checks in the system that someone inside is not misusing this information.

It's ironic that when the Chinese attack against Google occurred, we thought the Chinese government was the most hostile state actor threat to worry about, but it turned out to be the US and UK government.

China is a much more hostile state actor in how it would use any information it gathers up, especially to a free-enterprise company like Google.

That's quite a claim. Right now the NSA holds privileged information for millions of Americans. What happens if one of those people becomes some populist political entity. It would be trivial for the NSA to leak dirt of any kind (sexual fetishes, hangups, private emails to wife, other private things that when taken to the public would look bad, trash talking others, etc) to help discredit this person. Imagine that this person ran on a platform for cutting down the NSA or reforming the intelligence agencies. How "protected" do you think this "metadata" would be?

The Chinese wouldn't do that to me. They don't have a dog in this fight.

That's quite a claim.

US Government agencies using "dirt" to smear and/or blackmail populist political figures is a historic fact.

Exactly. See Martin Luther King Jr [0] as an example. Private information obtained through surveillance was leaked by government agencies in an attempt to discredit him.

[0] https://en.wikipedia.org/wiki/Martin_Luther_King,_Jr.#FBI_an...

I know a lot of Snowden's and Assanges' sex life and many, many personal details. I've never actively seeked out that information.

Also, the US has proven experience in smearing political characters. Heck, even John fucking Lennon had an FBI file full of personal information.

It would have also been "quite a claim" awhile back about the NSA collecting anything and everything about citizens. I don't get your comment.

They don't have a dog in that fight because you specifically chose the fight to make that true. If the same person ran on a different platform that argued for, say, boycotting or tariffing Chinese green energy products in order to build up local industries, the Chinese would care but the NSA would not.


Airbus might disagree with you there, I can't see the NSA ratting Boeing out for supplying bribes.

Ironically, at the time it would appear that the NSA was probably prohibited from spying on at least US-based Boing personnel. In fact, even today, they claim they'd be prohibited from looking at it(though not collecting it or analyzing meta data which is the whole problem) at least as far as the people involved are US Persons.

I think I see what you are getting at, but surely a trade with a foreign nation like Saudi Arabia - because the Saudi's are foreign, the NSA would have always had the remit to spy on the transaction?

I used to think much the same. These days however the unchecked secret security apparatus of the United States is a sword over the necks of it's citizens' freedom.

I'd argue that the NSA is actively destroying more american business right now by discouraging large international companies from doing business with US based technology and web companies.

Why do people assume the Chinese government is not able to use similar techniques?

China doesn't have agreements with BT, AT&T etc which allow it to tap fibre in our countries at will. I'm sure they try some tapping, but they can't do it on the scale that GCHQ and the NSA have been outside China.

The Chinese do not need any agreements to tap undersea cables and are more than capable of doing just that.

Sure, but they don't have the "home field advantage" that the NSA does, whereby much of the core internet infrastructure is housed in the US. I forget the exact number, but something like 70% of the world's internet traffic transits the US. (they mention this constantly in NSA-related articles)

But how much of the core infrastructure is made by the Chinese?

An astute question, considering the strange wifi-chips-in-irons story.

Are they? That's a very complicated thing to pull off and China isn't known for having the most advanced Navy (e.g. they can't secure their own oil tankers in the Persian Gulf) and they only have a small number of submarines.

But they could easily have agreements with every chip fab to build back doors into every piece of networking equipment.

This is exactly why Australia is very leery of letting the Chinese telecom hardware manufacturer Huawei have any of the contracts for networking hardware on the nascent National Broadband Network -- they are suspected of having ties to the Chinese government / army: https://en.wikipedia.org/wiki/Huawei#Security_concerns

My sister in law works for Huawei in Kenya. Her job (so far) has largely involved ripping out Siemens made mobile-telephony infrastructure and replacing it with Huawei-made mobile-telephony infrastructure. Such are today's instruments of empire.

That's very unlikely nobody would have noticed them by now, if it were the case.

Do you mean - as unlikely as not spotting the weakening of encryption standards - for example by another branch of the same government (NIST/NSA)?

Those were spotted.


You can packet-trace networking equipment you own.

You can't packet-trace a cloned switch port you don't know about.

So can the US.

How do you know that?

I would assume they use similar techniques within China and perhaps allied countries like North Korea and Cuba, but the US is performing wiretapping in at least the UK, Canada, Australia, and New Zealand. Also, how much non-Chinese Internet traffic passes through China?

> and perhaps allied countries like North Korea and Cuba

Nobody is more distrusting of each other than two communist countries.

Disregarding for a moment that a state can not be communist (one defining characteristic of communism being absence of state), only socialist, North Korea has long disassociated itself from communism. Since the 90s at least there has been a systematic removal of any mention of Marxism, communism and related terminology from the constitution, laws and official discourse.

Well, when you eat off the hand of the other country you don't have much choice. Nobody actually asks you if you trust or not.


I'm sure lots of botnets use China servers as well.

Why on Earth are you comparing a suppressive regime to the a western democracy?

Of course the Chinese gov is able to do so without any repercussions. The difference should be that in a democracy you can't abuse your power without repercussions.

<i>"The difference should be that in a democracy you can't abuse your power without repercussions."</i>

Do you see the irony? Western governments are abusing their powers.. and they are getting away with it. Democracy means nothing if the government doesn't hold itself accountable.

No, democracy means nothing if the people don't hold the government accountable.

Relying on the government to hold itself accountable makes democracy no different from monarchy.

Right, but as long as cable tv works and fast food restaurants are open the mass majority of people won't do anything about it.

Maybe it "should" but democracy and domestic popular opinion doesn't traditionally have a significant impact on US foreign policy. Except for big wars.

The Chinese were targeting specific journalists and critics. Presumably to harass them.

I'm not saying the US doesn't do that, but the evidence is not as clear.

Maybe you didn't notice the detainment of Greenwald's partner by the GCHQ whereby they demanded him to turn-over/destroy whatever he had.

Further, the break-in to Greenwald's residence and theft of his machine.

As well as the visit to the Guardian and destrution of machines....

The evidence is crystal.

As much as the UK government would probably love being confused for the US government, at least the visit to the Guardian and detainment of Miranda were both done by the UK.

And given how the UK government loves nothing more than to be the lapdog of the US, I have no doubts it was done entirely voluntarily.

Eagerly even, as an opportunity to show off just how extra exceedingly loyal minions they are.

Frankly, I have little doubt that the UK government participates so eagerly that just occasionally some of their US counterparts must be a little bit embarrassed on their behalf over seeing their total lack of self respect in trying to impress.

Except you know, in that case the person actually did have classified documents of an allied nation on a thumbdrive on them.

Which you know - is still illegal to have. Though it's funny how the Guardian thoroughly underreported that fact.

When I last checked, in the US, it's actually not illegal for someone without a clearance to possess classified material. This is why newspapers can print unredacted classified documents and not immediately go to jail.

It is, however illegal for someone with a clearance to mishandle classified material. "Mishandling" includes "Permitting access to classified material to non-cleared personnel.". If you mishandle classified material you may be reprimanded, have your clearance revoked, be fined, or go to jail for a very long time.

It's also illegal to traffic it across international borders, which is why what foreign spies do is prosecutable. Which is the exact thing they were doing.

Exactly my thought. Making me embarrassed to a singel fact that I live in UK, as that happened.

Good point, but the Greenwald-Snowden case is a little different. We all know the identities of the informants. The issue with the harassment of Miranda has nothing to do with espionage, it's just heavy handed.

In the case of the Chinese hackers, they were spying on reporters to discover their sources.

What they appeared to be looking for were the names of people who might have provided information to Mr. Barboza.


AFAIK we don't have evidence of similar US spying for the purpose of blackmail, harassment, etc. because my concern is whether the NSA might use its sources for those ends.

The destruction of the Guardian's laptops was about ensuring they didn't get stolen by someone else - if you read the story at the time, the spooks actually wanted the Guardian to hand the laptops over but Guardian refused and destruction was a mutually agreed way out.

Miranda's detainment, confiscation of the memory sticks etc was to be expected - as far as the UK Government is concerned he's carry stolen state secrets.

What I don't really understand is why he flew through London carrying them, I believe Madrid has more routes to South American - I wonder if he was routed so he would be picked up for massive publicity.

They weren't actually. Google lied about that. It came out later that the real reason for the Chinese hacking gmail was to see which accounts had "lawful intercept" on them so they would know if their own spies had their cover blown. If the US knew about their spies, it was assumed that they would see the US sniffing the spies gmail accounts.


> Google lied about that

Huh? There's nothing in the Post's information that would preclude both from having happened, so it's would be a stretch to call it a lie even from that article. But in fact, the original blog post[1] talks about multiple goals of the main attack, including listing the targeted attack that the GP is probably referencing as independent from the attack that "resulted in the theft of intellectual property from Google". I think it's you that's confusing incidents.

> Third, as part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users' computers.

edit: ah, and the GP wasn't even talking about the gmail accounts.

[1] http://googleblog.blogspot.com/2010/01/new-approach-to-china...

I was referring to the NYT attacks,


Also, what kind of spy uses gmail? Sheesh.

Also, what kind of spy uses gmail? Sheesh.

The kind that is trying to maintain cover as a non-spy so uses the same email services as everybody else.

Sure but only an idiot uses their personal email account for work, right? Especially if your work can get you killed.

The point being made isn't that they would send sensitive data using gmail, it's that if they were compromised the NSA would most likely be reading the emails, and hacking Google would theoretically let the Chinese know if cover was blown if they could see evidence of the NSA listening in.

Of course, that means the joke's on them, because the NSA was listening to everyone...

how would you know whether NSA was listening in (for example by tapping google's links between datacenters) or not even if you successfully hack into Google's infrastructure? Not finding evidence of eavesdropping doesn't exclude that eavesdropping happened, so if that was the only purpose to hack Google, it doesn't seem worth the effort.

On the other hand if you want to read people's mail, then hacking into the provider is certainly an option.

I'm not sure I necessarily buy that explanation either, but I don't know enough of the facts of this particular story to know where it falls down or is supported.

On the other hand, we don't really know what the Chinese knew, or thought they knew, about Google and how it functioned WRT government surveillance. If they had reason to believe that Google would be cooperating with authorities and would have infrastructure in place to monitor email accounts that they could look for and identify if it was monitoring the accounts they were looking for, then this explanation makes a bit more sense.

More importantly, whats the difference between Chinese and American government when it comes to privacy?

That the US intervenes domestically and in Europe, L. America, Middle East, etc, whereas China is mostly concerned with itself.

The terrible things the Chinese government does aren't being done to you.

Those things aren't being done to most Chinese people, either. And they are being done to some Americans now, and increasingly so.

The Chinese are honest about it !

Because they have hundreds of their employees doing shifts of skript kiddie hacking over the open Internet. That is why "people assume the Chinese government is not able to use similar techniques."

no, YOU thought of China as terribly hostile. We in Europe know the deal for a very long time. It's not like there was no cold war and vietnam war and irak war and....

Why did the US jump in priority. Just because it is a problem doesn't mean it is a bigger problem.

I think US journalism is causing us to misprioritize. Everyone is talking about the NSA so everyone assumes it's the biggest problem.


The use of equivalent technology does not imply equivalent outcomes or moral standing.

At a minimum the U.S. and UK spying needs to be balanced against the fact that U.S. and UK citizens invented the core technologies of the Internet, and gave them to the world for free.

I wonder why people aren't using calling the current unpleaseantness attacks (or war).

I want them charged with unlawful access to a computer system

Gosh that would be the perfect example of poetic justice.

On the whole, I think I'd rather be spied on by an ally rather than a dictatorship.

I live in a "Western", English speaking democracy, with friendly relations with both the US and China.

Our biggest trading partner is China, and we have a free-trade agreement with the US.

Who exactly is our ally again?

As a Brazilian that had ti witness the effects of US alliance during cold war... No, hell no. With a friend like that, who needs enemies?

You had enemies in the cold war. The USSR was much, much worse.

Things US did for Brazil:

Sent aircraft carriers, ships and soldiers to help depose a democratically elected president, just because he wanted closer ties with China and wanted to do agrarian reform.

Disappeared lots of people (I don't know any personally, because I am too young, but I DO know personally lots of people that still want disappeared people back)

Spied on us (erm, that part still applies, no?).

Sabotaged our agriculture (ie: some plagues started after US agrarian engineers visited us to "help" with our agricultural technology).

Supported and funded very repressive crazy dictators that killed boatloads of people.

What the USSR did for us during the cold war: Gave us some really cool technical books in spanish (yes, our language is portuguese, but spanish is good enough), I still have a bunch of them, they are really good, somewhere around my house there is calculus books, structural engineering, and lots of other cool stuff, russian books but written in spanish, targeted at Latin America.

USSR borrowed us some scientists (Russia and Ucraine still do, by the way).

Helped our exiles, not only left wing ones, but right wing ones too.

Sold us some very interesting stuff, even if shitty sometimes (example: during the cold war Lada cars were very popular here).

Computers! (for example when some companies here tried to develop a computer compatible with the Macintosh, US government helped Apple in forcing them to stop, while Russians borrowed us some engineers and books)

Now, who were our real enemies in cold war again?

nice propaganda. cold war was about influence. the super powers would do any and everything to gain a foothold in another country. feel free to ask any polish citizen about the friendliness of Soviet Russia, they may welcome your speech with a punch in the face for the sake of those who suffered and died because their brethren spread similar idiotic notions of "the Soviets are our friends look at these free Russian texts and cars and..."

It is not a question of propaganda.

It is just that this is what happened to us in Brazil, and USA never gave any clear indication that it wants to improve its behaviour.

So, why should we trust it now, if we could never trust it in first place?

Things the US did for Europe:

Stopped us getting nuked or invaded by the USSR

Don't believe everything you watch in hollywood movies.

Hollywood movies? I suppose all the USSR missiles were imaginary? They never really invaded Czechoslovakia?

And I suppose you believe the US has single handed saved Europe from WWII, the Enigma machine was captured by the US crew of U-571 and Inglorious Bastards was fact.

The fact is reality is much more complex than your simple statement which is further skewed by Hollywood.

...that's irrelevant to what he was saying.

Are you sure they were? As far as I can tell the US has done more damage in Latin America than any USSR meddling. Stalin was really bad but the USSR was not ruled by Stalin for that long.

The US in Central America weren't angels, for sure, but I doubt if the USSR funding of left-wing groups was any better.

Stalin was a mad man on a par with Hitler, but even under later leaders it was still a repressive regime with Gulags.

>I doubt if the USSR funding of left-wing groups was any better.

When you say that you doubt it, is that code for having no idea of the impact of Soviet funding in South America, but not being willing to say that you don't know? Or is it just that you know that everything bad that the US did was to counter something even worse that the evil USSR was doing?

Missile gap?

It's code for the funding of Right Wing Groups by the US having been publicised more widely than the funding of Left Wing Groups by the USSR.

However, Cuba is a repressive dictatorship which will was funded by the USSR for many years.

Previous to that, it was a repressive dictatorship which was funded by the USA for many years...

Completely disagree with that. That is like saying you would prefer to have your own brother punch you in your face than a stranger.

It hurts a lot more because you are meant to look out for each other, not distrust and stab each others back.

Well I trust what the US does with the information more than China. It's like Tiannamen Square never happened.

You trust the US of today. That is your right and well, that is fine.

But who is to speak for tomorrow? None of us can tell what the future brings. Not me and not you. So who is to say that in ten years, when that data is still there, that the US is still worthy of your trust?

It is the future we should distrust, even if you trust the past, and the present.

A fair point. Distrust of governments is a healthy position to have.

Tiannamen Square is believed to greatly affected Chinese politics, mostly for the better. They do not like talking about it but they have done much to prevent something like that from happening again.

No way! Do you think 9/11 could have been an inside job? :-)

Lets start from the beginning: the NSA "hack" became possible because Google (and its security team) made bad assumptions about the security of the connection between Google's data centers and did not encrypt the traffic. Basically, this is security 101: protect data at rest and protect data in flight. So, sorry but I think the better subject for discussion would be how badly Google screwed up, not how evil is NSA. Moreover, it is not clear if other governments or criminals also had access to the users' data (e.g. in Google's data centers located outside of the US). So far Google did not produce any public post-mortem thus we have no clue how bad was the problem.

P.S. I am sure I will get smashed in the comments, so let me say right away that NSA actions should be controlled and audited by the public (e.g. through our representatives in Congress). I think that the biggest "evil" here are the members of Congress who either approved NSA actions or failed to do their job and monitor/audit NSA properly. In particular, I would point my finger at Sen. Dianne Feinstein [D-CA] who should have been ousted from the office long time ago.

> Lets start from the beginning: the NSA "hack" became possible because Google (and its security team) made bad assumptions about the security of the connection between Google's data centers and did not encrypt the traffic.

The assumption isn't bad - it's a private network line, not a public internet connection. Nobody else had access to that line, at least they weren't supposed to. Splicing a fiber line is a bit outside the scope of your random attacker. You can't blame Google for not anticipating a hostile break-in by the government. The discussion should absolutely, 100% be directed at the NSA here. To accept that a private network connection is open season for the government to tap is batshit insane.

> Moreover, it is not clear if other governments or criminals also had access to the users' data (e.g. in Google's data centers located outside of the US). So far Google did not produce any public post-mortem thus we have no clue how bad was the problem.

How is Google supposed to tell you if they themselves didn't know?

Although from the leaks it sounds like everyone is fucked thanks to the GCHQ and the NSA getting friendly with each other.

Well, I feel that encrypting traffic inside the data center is not a bad idea (and we do it at WePay where I serve as CSO). The reasons is that you never know who is listening (big smile here). For example, I don't want our system administrators to have an easy way to look at the traffic: yes, it is still possible to do but it is harder and requires some very unusual actions that will trigger alerts everywhere.

If indeed Google does not know then it's just another sign of security failures at the company. Nobody is perfect and security incidents do happen. A good security will have in-depth defense and built-in monitoring/audit measure that would at the very least allow you to determine what have happened post-factum.

> Well, I feel that encrypting traffic inside the data center is not a bad idea (and we do it at WePay where I serve as CSO).

Do you have your own data center building? And if you don't have your own data center buildings, how are you guarding against physical attacks? Because just saying "encryption" doesn't actually mean anything. Encryption isn't free, and at Google scale that can add up. Useless encryption is just wasted power

> For example, I don't want our system administrators to have an easy way to look at the traffic: yes, it is still possible to do but it is harder and requires some very unusual actions that will trigger alerts everywhere.

That can be accomplished in many ways that don't involve encryption. And your servers are all capable of decrypting the data at some point, so you still have to trust your sys admins and/or have alternative systems in place as they still have access to the unencrypted data.

> A good security will have in-depth defense and built-in monitoring/audit measure that would at the very least allow you to determine what have happened post-factum.

How, exactly, do you detect cable splicing? Much less audit said splicing? You seem to be asking for a hell of a lot more than "good security"

At WePay - no, we don't have our own data centers just yet. In a couple large companies I worked before - yes (and we did encrypt the traffic as much as possible).

Some types of encryption are pretty cheap actually. I used to use special SSL cards in the servers 10-15 years ago but today my laptop would outperform these cards and wouldn't even get hot :) Plus you need to remember that relatively expensive public key encryption needs to be done only for key exchange. After that you run block or stream cyphers and those algorithms tend to be really fast.

So far I haven't seen any evidences that there was cable splicing. Thus using occam's razor I would assume that the hack was much simpler than that. To detect the issue, I would start from reviewing the visitors log to the data center (assuming there is a visitor log).

I'll re-iterate that security should be built on defense-in-depth principle. Every single protection layer will fail or someone will go around it. The assumption that a data center is "safe" is a bad assumption period. You have to play "what-if" game and think for the attacker.

> So far I haven't seen any evidences that there was cable splicing. Thus using occam's razor I would assume that the hack was much simpler than that.

What? The evidence totally points to cable splicing. What hack involves getting all the inter-DC packets but nothing else? Obviously the machines weren't compromised, or they wouldn't have cared about reverse-engineering the wire protocol. So what are you proposing was hacked?

> I'll re-iterate that security should be built on defense-in-depth principle. Every single protection layer will fail or someone will go around it. The assumption that a data center is "safe" is a bad assumption period. You have to play "what-if" game and think for the attacker.

And I'll re-iterate that you're asking for a goddamn magical pony.

Side note, if your data center isn't safe go get a new one. Seriously. Most DCs have tons of security to make them safe. That's not an assumption.

> The evidence totally points to cable splicing.

I don't think there are any evidences at all. As far as I know, the only known thing is that NSA was able to obtain the un-encrypted google traffic. For example, it could have been backdoor in the router, one extra cable in the switch, or a few other similar low-tech options.

> Most DCs have tons of security to make them safe.

Don't disagree. But this doesn't make them invincible from other attack vectors (e.g. rogue employees). I actually heard the same argument from quite a few people during interviews and I usually don't hire them because you have to be paranoid to get security right :)

Seriously? If the NSA wanted to own WePay they would have even with your "security best practices". Sorry bud.

Sure. A court order would do it no problem.

Also: Having someone in your outsourced datacenter splice cables, SPAN ports, install trojaned hardware, etc etc etc...

BTW, "at least they weren't supposed to" is not a good enough argument in security :) You have to think about people who are not following the rules or your security is only protecting from a well-behaving 1st grade student.

There is no such thing as perfect security, only good enough security. At some point you have to accept risks, and the risk of physical network attacks is incredibly small compared to all the other attack vectors. Nobody was well prepared for the NSA's physical network attacks.

Everybody who cared knew that the world's governments tap every fiber they can lay their hands on. It has been discussed on HN with great regularity for years before these NSA non-revelations. Physical attacks were and are a certainty. Anybody who ignores this fact has only themselves to blame. A good argument can even be made that they deserved to be pwned as punishment for their utter fecklessness.

No, what was discussed was the NSA tapping in at ISP points, not digging up cables to splice them.

And "discussed" is not accurate. It was proposed by a few but rejected by most as paranoid.

Wait a minute... "It was proposed by a few but rejected by most as paranoid." and yet is most likely what happened? so the most in "rejected by most" were wrong. Wrong!

So when someone says: "You're just being paranoid", my reply will be: "Better paranoid than wrong."

Even a broken clock is right twice a day.

A broken clock is always unreliable.

"The assumption isn't bad - it's a private network line, not a public internet connection. Nobody else had access to that line, at least they weren't supposed to."

You don't use telnet when you access your home server(s) from your laptop ... that's basically what they were doing.

They skipped over a zero-cost, obvious best practice, and I think we should be suspicious. Either they've run that part of their network in a stunningly negligent fashion ... or this was the ingress they gave to the NSA which could be plausibly denied later.

No, it's not. Telnet sends packets in the clear over many networks controlled directly by third parties and accessible to them as an inherent part of operating their business.

This was a point-to-point cable. The only access possible was physical, by digging it up and splicing it.

Obviously that attack was possible, but arguing that this is somehow "the same kind of attack" as running tcpdump on a router to sniff packets is just insane, sorry.

Other attack vectors: rogue google employee, breakins into the data center, ...

> You can't blame Google for not anticipating a hostile break-in by the government.

"The" government? The lines were also being tapped by organized crime, China, France, etc. Google severely failed at data protection.

Would you still feel Google had screwed up if the way the US government got the data was to burglarize one of their datacenters and tap directly into the machines' CPUs and memory buses?

Yes (search for SSAE16 or SAS70). However, I would not feel the same way if US government would have used Area 51 technology to hack 4096 public key encryption. The difference from my perspective is that in "burglary" scenario (and un-encrypted traffic scenario as well) Google failed to protect against well known threats. And in the "alien technology" case Google did everything you can at the known security/technology level and the failure came from aliens (aka an "unexpected technology advances").

Basically, I think Google's decision to do not encrypt the traffic is a gross negligence and I would love to see how someone would sue Google for it.

> Basically, I think Google's decision to do not encrypt the traffic is a gross negligence and I would love to see how someone would sue Google for it.

Wow. Just wow.

I know that people don't like lawsuits. But for security to work there should be consequences for not doing security right. To give you an example, if a company X doesn't have any risks or damages from lack of security, then company X should not be investing in security to save money. However, if there is a monetary (or other) liability from a security breach, then the company X will have to make a choice and hopefully they will invest in security.

That would make sense if you had a signed contract from Google that they were encrypting their internal traffic. I don't have that and I doubt anyone else does either.

If the courts get involved it should 100% be at the hacking perpetrator, not to the victim.

Side note: Sec 702 of the FAA gives NSA complete immunity from all federal, state, and local laws, criminal prosecutions, and civil lawsuits when doing this kind of fiber tapping. "Notwithstanding" is an extremely powerful phrase. Wildcard. Trumps all other laws.

(And this is why some of us were concerned about CISPA, which uses the identical language. Note CISPA's proponents have quietly faded into the woodwork post-Snowden revelations.)

What if the government kidnapped a Google engineer (or several) and hit them with a wrench until they retrieved the data? That's a known, low-tech threat too.

Absolutely. That's why you have to have logs and regular audits to make sure that employees are not doing things that they are not supposed to do. BTW, one should consider not only kidnapping but just a "rogue" employee. For example, in the Snowden's case the NSA itself put too much trust into system administrators and did not perform audits that should have detected downloads of secure files.

In my scenario, the log maintainers and the auditors were among the people being hit with wrenches.

I can't agree with that, this was on Google's on fiber connections between their own data centers, right? And no other company with multiple data centers encrypts all traffic between them, right? (maybe you'll find a small counterexample but no big one.) So I don't think this is "security 101".

I work for a company bigger than Google, and we encrypt everything in flight between datacenters. It is security 101.

Does your company have dedicated, unshared, fibre between those datacenters?

Consider the recent passwords leak from Adobe: they stored passwords in a dedicated unshared datacenter. Does this make a good security decision to encrypt passwords instead of using a hash because nobody should have been able to access these encrypted passwords? I really don't think so.

There are problems with your analogy.

1. Data at rest (Adobe) vs data in travel (Google).

2. Software Hack vs Hardware hack

The Adobe data was sitting on a server in a datacenter, it was accessible from the internet on some level. The Google data was taken, apparently, from a dedicated, google owned, unshared link (quite likely a fibre-optic tap)

The methodologies, skill levels and required hardware for the penetrating the above two types of setup are wildly different.

I blame adobe for getting a server hacked, it happens a lot and and they ignored a lot of body of knowledge built up over the years. I do not blame Google for getting their inter-datacentre links physically compromised by a security agency of the US government.

Nor do I blame them for (incorrectly, as it turns out) deeming that an unlikely scenario and therefore giving it low priority.

I would blame them for not doing anything about it now that they know it is happening but that does not seem to be the case.

(I fully expect companies to encrypt data between datacentres if they are not on dedicated unshared links)

I hear what you are saying but I think there are similarities. In both cases there was an assumption "X is safe" and then the thinking have stopped. I've heard different version of how the data was taken from the google's link and some ideas were pretty low-tech. The data links have been compromised in the past not only by NSA (search for "Operation Ivy Bells" if you haven't heard this story before) but also by criminals or even competitors.

Yes we do. Still use encryption.

> And no other company with multiple data centers encrypts all traffic between them, right?

Indeed they do! From personal experience, Cisco was hawking its TrustSec inter-DC encryption solution five or six years ago, even over dark fibre.

If you believe the threat is a government agency splicing private, unshared fiber to capture your traffic between data centers, why in the world would you trust equipment from Cisco (who lists "Government" as one of the industries they sell to) to protect you from that?

Well I certainly understand your point, but the question was 'are big companies encrypting their inter-DC traffic' and the answer is 'yes', even if it's backdoored without their knowledge.

Google's inter-dc links are way too big for any appliance type of thing to encrypt. Like most things at Google the scale of their network is incomprehensible to most people.

> Google's inter-dc links are way too big for any appliance type of thing to encrypt

Frankly, no.

There are numerous network devices that can handle AES-256 on 10 Gbps links, as a matter of routine, whilst doing 'mundane' switching for the day job.

If you have the money there are dedicated hardware that can handle the same at 100 Gbps. IP Cores is one from memory that produces the circuitry for that. They can throw compression in there as well if you like.

Encrypting data links isn't magic. Google just didn't do it.

Those were very amusing tiny numbers you wrote in your post.

100Gbps is nothing for a company at the scale of Google. They are probably closer to 10-100Tb/s on there backbones.

You don't need appliances here as they can't handle the load, build the encryption into your application.

In addition to the numbers already posted, you can remember that Google decided to add encryption to the data links in September.

This is not true. Quoting from http://www.washingtonpost.com/business/technology/google-enc...

"Google’s encryption initiative, initially approved last year, was accelerated in June as the tech giant struggled to guard its reputation as a reliable steward of user information amid controversy about the NSA’s PRISM program,"

Well, I do :) Moreover, I encrypt all the traffic even inside the same data center.

could you share which technology are you using to encrypt all the traffic?

* Mid-tier servers: standard HTTPS with nginx

* Database: SSL connections for MySQL

* Memcached, Gearmand, and other tools that don't have built-in SSL support: simple home grown message level encryption (AES256)

And of course, there are VPN tunnels between data centers in addition to the above.


> And of course, there are VPN tunnels between data centers in addition to the above.

Could you please be more specific on the VPN solution that you are using? How do you manage the shared keys? How do you make sure 'system administrators can't easily read the traffic?"

We use Cisco appliances for VPN (a few different models) and indeed there is a shared key that we have to input manually. However, after the key is entered (and configs saved) in order to decrypt the traffic one would need to print Cisco configs which is a very unusual operation that would be logged and then alerts will fire, audits will catch it, etc.

>> in order to decrypt the traffic one would need to print Cisco configs

Which could be done legally via 'Cisco Service Independent Intercept (SII)' built into IOS to comply with CALEA (Communications Assistance for Law Enforcement Act). And not so legally via user-escalation exploits within the same service.

Anyway, props for making the effort. I too am interested in your key exchange methods.

Just out of interest how do you transfer the key between datacentres for setup? Same person travels between them? PGP encrypted email? Or over the phone?

Phone is I think an obvious (and now clearly wrong choice) although maybe always suspect if you are concerned with dark fibre . The endpoint security of a device generating and transmitting the key now also being a risk. How far up the chain do you worry?

An airgapped device to generate the key and a single person travelling between datacentres seems the secure (although costly) solution. Obviously if TSA/customs remove device from them for inspection or connect it to anything it needs to be thrown away (or moved to insecure duties) and the setup process restarted.

I think public key encryption with long enough key is a pretty safe bet these days. Of course, NSA might have new non-public discoveries in math/crypto that might make public encryption obsolete. Or they might have a device form Area 51 that breaks any encryption. However, I haven't seen any evidences of this yet.

Amazon does that.

I wrote my thoughts on the subject in a blog post as well:


The moral of the story is that there is always a bigger fish.

I wondered about that traffic, and getting confirmation from the source that the only way the NSA could have it would be by tapping into the internal network is as quite damning.

Google has the best OpSec team I've ever known, it is my hope that they close this 'loophole' as completely as possible.

Closing that loophole was underway in Sept according to this article (also linked in the post)...


Google, and their "geniuses" in opsec, should not be given a pass at all for this.

Even if this is a leased private line, non-Internet routed, whatever, it is trivially easy to encrypt the communications and is absolutely a best practice. I see this as great big egg on their face.

In fact, it's such a cock-up that one wonders if this is the plausibly deniable ingress that they agreed to provide for the NSA, et. al

This is akin to using telnet to access your home server because you're "on your own network". Nobody does that and I can't believe they would have either.

You are of course entitled to your opinion, I know Brandon and I know how dedicated he is, I got to watch him and the OpSec team in action during the Chinese incursion. One of the side effects of being in the platforms group was that I had exceptional access to what was going on everywhere on Google's internal network and machines. And a lot changed after that event, both internally and externally.

I can forgive someone for thinking that if they dug trenches in the street, bought some fiber, and ran it between a couple of buildings, in a country where the rule of law was in effect, they might consider it a reasonable assumption that the fiber is laying in the street unmolested. Even if the distance is such that they can't see the entire length of the ground above the conduit.

Prior to Snowden's disclosures, it was the common belief amongst the security community that in 'safe' countries, the government in power would not subvert your infrastructure through physical access. They might do some network tricks, but not tap your fiber. In 'bad' countries counter measures were taken. And the network setup in say Russia or China was different than it was in the US and the UK. That your own government would illegally subvert your infrastructure [1] through the use of a technicality was not considered a "likely" threat [2]. Given that not it has been exploited it is rewriting a bunch of assumptions. I am not surprised in the least that they are now deploying the same hardening they use in hostile environments world wide.

[1] The NSA cannot legally tap into communications infrastructure in the US (that is the FBI's job) and when the FBI does it they need a warrant. By doing this in the UK they sidestepped those constraints.

[2] In classic vulnerability analysis you deploy your resources against both the probability and damage potential of a given threat. So for example datacenters are vulnerable to being bombed by aircraft, the probability of that is low enough that you don't defend against it, bombed by cars you put a security perimeter around the building.

No, but they should take some precaution if someone unseemly (rogue employee, hacker, etc) has network access. You don't need a NSA level fiber taps under the ocean to do packet sniffing. Passing all of their service calls, database replications/connections, etc. in clear text over the wire is just plain lazy, bad security for an operation of their scale and (supposed) sophistication. I am sure it saved them some money on server/load balancers however.

Please explain how you would "trivially" encrypt an optical line system that is capable of pushing 19TB down a single fiber (for example, http://www.advaoptical.com/en/products/technology/dwdm.aspx)

The only people who think this is "trivially easy" are people who don't have to do it.

Tapping multi-mode dark fiber unnoticed is now considered trivially easy? I must have missed when the bar was shifted this high.

You don't need to tap dark fiber for this to be poor security. They were passing all internal data around in clear text. It would have been trivial for any data center employee to gain significant amounts of open data this way. Why wouldn't you have services, db connections, etc. encrypted internally? Its certainly possible and done within many companies, it is surprising how lax google was in their assumption that once inside the network everything is going to be a-ok.

This isn't something that is "easy" when you run one of the biggest infrastructures in the world.

The fiber doesn't run straight into a Google datacenter. It's operated and managed by the company which lays the cable under the sea, which means it goes through their stations at the coast and probably through quite a bit of other non-exclusive routing hardware.

The fact that routing hardware exists means you can pretty easily tap it.

I believe my comment is pertaining to the use of the word "easily". James Bamford in The Shadow Factory was talking about how difficult this is, even for government institutions.

We still don't know if that was really a loophole or rather access given by Google (of course, they will decline that).

My personal opinion is that it's more likely that the access was given by a telecom that Google leased from than from Google itself.

Appreciate Mike speaking up like this. We need more people within the industry to speak up. Not just hackers.

(People within these companies are also hackers, but they have more effect when they speak because they are part of a company)

I agree, but I do wonder what is going to happen when people start speaking up to say something quite the opposite. "I don't speak for my employer, but I think the NSA is quite awesome and I don't mind that they've been listening to us at all." Or something to that effect.

The clash might be interesting to watch.

With the increasingly alarming NSA plans being revealed, if someone thinks NSA is doing a good job, they deserve to be fired. His thoughts and opinion doesn't give him the rights to have public data available to governments. This, ofcourse, assumes that he is into Security Team at some well known company.

Anybody who praises the NSA should be blacklisted from existence in this solar system.

Oh, the hypocrisy....

> "Bypassing that system is illegal for a good reason."

Yes, so is invasion of privacy. Yet Google has no problem breaking the law and violating civil rights for profit.

> "Unfortunately we live in a world where all too often, laws are for the little people."

Yeah, like tax laws and privacy laws...

If you want to get on this high horse, you shouldn't be working for Google.

I totally agree. And I was even more stumped by Eric Schmidt's hypocritical blathering.

This from the guy, who blacklisted CNN for reporting on him based on information found on Google.


Wow, it's been a long time since CNN wrote news. I wonder if they've been coopted and the new owners are trying to piece them out by devaluing the brand.

Erm, what? Which law did they break, and which civil rights did they violate?

Like indiscriminately and illegally sucking up WiFi data with their street view mobiles?

Including account information and passwords on unsecured WiFi connections.

Even if the accusation of "violating laws" may be a tad hyperbolic in the great scheme of things it's not a stretch to deem Google one of the most hypocritical companies around.

That did happen, but I believe the data was captured and stored by mistake. At the least, they had no intention to view or use any of that data.

The NSA on the other hand actively intends everything it's doing in this case. Comparing Google's Wifi mishap with the NSA's hundreds (thousands?) of deeply questionable operations driven by invasions of privacy and security is comparing apples with oranges.

Except, they didn't explicitly mean to do that, stopped doing that, and paid for the autonomous collection of trash that they threw out.

How do you do that by accident? Somebody had to design, implement, and test a feature to sniff and store data off wireless networks.

The goal was just to sniff the wifi APs MAC to pair it with a GPS location for wifi location lookups, not to store the entirety of the packet.

As the story goes, the code [library] was written for another, past project at Google and a work in progress; the car project extended or implemented it without looking under the covers.

You are very naive if you think that Google does something by mistake (that also happens to fit well into their Big Black Hole of Information).

I work for Google, and I can assure you, we do 100,000 things by mistake every day.

In your narrative, would Google have self-reported this intrusion? Because, they didn't have to, and they did it anyway.

You are very paranoid if you think a corporation with thousands of employees never makes mistakes.

First of all, the public should do something about their privacy, if they are concerned about their privacy. Parents are teaching their children that anything they do on the internet is never private.

Nonetheless, I doubt I'm naive to believe engineers are not always making mistakes. The trick is always in admitting mistake, learning from them, and fixing the future. In this case, Google acknowledged the -- lawful -- slip in privacy encroachments and assigned a privacy director to oversee engineering and product management efforts. Every Google product now maintains a privacy-design document.

Given some of the other revelations, is it too tinfoil-hat to entertain the notion that Google were compelled to make the aforementioned slip-up?

Almost certainly it is, but would I be surprised if it were true? Would anyone be?

I'd be willing to bet the NSA had a good browse of the resulting data, either way.

Sniffing unencrypted wifi packets and (apparently accidentally) storing them is just as bad as deliberately breaking into someone else's network to steal data? Come on.

I remain amazed at the ability of people to project their own biases (Google is Evil in this case, probably via extrapolation from Apple is Insanely Great) onto things that one would hope would be objective moral points (spy agencies shouldn't be attacking the networks of non-enemies!).

  Sniffing unencrypted wifi packets and (apparently accidentally) storing them is just as bad as deliberately breaking into someone else's network to steal data? Come on.
Where did I say anything like that?

Paraphrasing -, or quoting something that has absolutely no relation to what was really said is a pretty dishonest and low debating tactic in my book.

Receiving a broadcast isn't illegal - you shove it out into the air, you lost all privacy rights on that broadcast legally speaking.

You can debate the ethics of it, but it wasn't illegal. And Google did get penalized for it.

I'm not sure about the storage issue. At least not in the EU, which has pretty heavy restrictions on data collection and storage.

Who in their right mind broadcasts account information and passwords unencrypted and expects it to not be recorded? That would be akin to using a megaphone and yelling your credit card numbers and expecting your neighbours to pretend they didn't hear you.

Tax evasion in EU/US by Google/Apple is beyond imagination.

Are you claiming they act illegally, or are you claiming that they have some duty to pay more than they do today?


Why do they have a duty to?

Unfortunately, it's not illegal.

Immoral? Yes. Evil? Yes.

Oh no! Now the government knows the same things about you as we do! It's OK for us to exploit this information for profit, but I'm pissed as hell someone else might make use of it. I sense a little bit of butthurt from security people who thought they were the bee's knees but where getting completely owned.

How can Google become a more well behaved company if everyone working for them follows that rule?

True but I don't really mind hypocrisy. Would you rather he stayed quiet about the government?

This has been asked before, but I'd love to hear from a dev (anonymously of course) who actually helped build this NSA madness. Is it like The Cube, where no one really knew what each piece was for? Is it that they are morally pro the NSA's attitude toward personal and corporate privacy, or do they just not care either way?

William Binney in an interview suggested that the tech he built for spying on foreign countries was simply retrofitted and used to spy internally.

I am gathering not a lot of people actually knew what was happening at the beginning, and the tools they were using for "valid" purposes were just refocused.

There still have to be technical people involved for refocusing software. You don't simply drag and drop an icon to get something redeployed for another purpose, and definitely not for something of this complexity.

I agree, however I think it is very credible that a lot of people involved in this were not fully aware or complicit in regards to what was happen.

I do not think they were stupid, but just didn't see the entire picture, or were never given the entire picture.

I asked this question 6 months ago, I liked the reply.

---- Most programmers are very much unlike you or I. Think about those legions of DoD/DoD contractor engineers that trust government implicitly and totally, and really don't give a shit about more "hacker"/"technologist" subjects. ---- https://news.ycombinator.com/item?id=5836416

The other half of that equation is that the requirements for a security clearance tend to filter out the people who are mentally predisposed to question authority.

It is a very rare person who can see all the things wrong with the various Wars on Dignity (drugs, terror, etc) and yet has a nose so clean as to qualify for a top secret clearance. It's kind of like the saying about walking a mile in someone else's shoes before you criticize them - most people just can't conceive of what life is like for someone with an entirely different set of experiences and the logic of authoritarianism is so deceptively simple.

That's not to say that the people with clearances aren't perceptive, just that they are likely to have a focus on other, more technical, issues.

Just because someone can see what's wrong doesn't mean they do anything about it. Without that evidence of action, there's nothing for a background check to turn up. Getting a security clearance is not incredibly difficult.

Indeed, there are over 4 MILLION top secret holders. That's almost twice as many people as are in prison.

You have it utterly backwards. In my experience, clearance holders have a far more bleak outlook on government than you. If you think people will elect madmen and witch hunters no matter what, which seems to be the case, you might as well make sure the spy-fest is good enough to stop the occassional war. In this view there are not well-meaning plans with collateral damage, but planned crass destruction with collateral benefits.

Incidentally, the U.S. system is strongly anti-authoritarian. There is no wise man or even thug running the show, just a parliament of whores tarting themselves up for the next election. We could really use some authorities in charge. Even a bad plan would be better than what we have if we just stuck to it.

Maybe there are some good programmers and engineers who agree with the NSA's goals and methods?

There are some politicians, judges and journalists who agree with what they do - why should any other field be different?

Plenty of good engineers work on weapons systems, despite the use those systems are put to. The fact the systems are also used for national defence is often used as self-justification.

More directly: many good programmers build viruses and/or sell exploits for systems (and don't try and claim "they aren't from the US" - plenty are). Being a good programmer does not mean a persons moral code is the same as yours or mine.

A few of my school friends worked for GCHQ and I questioned their reasons for doing so around ten years or so ago (a lot has changed in the world since then, but a lot hasn't). Back then there were three reasons beyond 'I need an income':

1) terrorists - someone has got to stop them blowing up innocent babies and children

2) kiddie porn - someone has got to take the war on paedophiles seriously

3) organised crime - who knows? Selling arms to the terrorists? Laundering money. That's it. Laundering money and drugs. I remember now.

These 'reasons' can be trotted out like a mantra and working for them is a bit like being a soldier fighting a noble cause that everyone else has to respect.

As per other comment on 'The Cube', people at GCHQ are kept in little boxes and not made aware of what the big plan is. It is a system that works really well. So, even if someone's job has nothing to do with the war on kiddie porn, the war on drugs or The War Against Terror, they know that without their organisation's effort then we would be flooded with the evil stuff and democracy would be doomed.

The 'I cannot talk about my work' thing works really well. Although I am not convinced by it. I think that it is all too convenient to hide behind that rather than be honest about how dull/wrong a given job is.

I think you also place too much thought into the idea that NSA/GCHQ build these systems. Actually it is the guys at the contractors - Lockheed Martin - that build these things, the NSA/GCHQ guys are no more involved in things than the checkout staff at a supermarket are involved in all the evil things Walmart/Monsanto/whoever do. That is the saddest part of it. We uphold NSA/GCHQ to be omnipotent and omniscient, but they are not. The main contractor - Lockheed Martin - are upstream of what the NSA/GCHQ does and they are experts at getting government contracts. Since they can listen in to what all of the other contractors bid they can bid competitively if they really want the work. Since they also own most of the politicians and can promise so many jobs in so many states, they can own the entire government. NSA are not the enemy, Lockheed Martin and their rivals are. And, to answer your question, the dark side programmers work for them.

All these reasons for breaking network neutrality were discussed in congress and engineers spoke about how this undermines the foundation of the internet. So, a lot of good that does. There is no more regulation from the government unless it's protecting business. The government has failed time and time again, it's just another business at this point. This is why we can't have nuclear power, it would would be a boondoggle of lax safety and kickbacks.

In The Shadow Factory (written after the Klein leaks but before Snowden), Bamford notes that a lot of surveillance equipment comes from Israel. I don't know much about Israeli culture but it may be significantly different from the US.

I am at the openstack conference right now. My colleague was talking in hebrew to a lot of folks the past few days. I said to him jokingly "Where did all these Israeli's come from that are here"

His reply: "Dude, all this shit comes out of Israel! its the whole tech/NSA bullshit used against the palestinians!"

It was a casual comment - but very interesting in that its a foregone conclusion that the surveillance state is just a function of the culture of Israeli tech development.

Highly self-aggrandizing. I think the most that can be said is that it's a highly symbiotic relationship between .us/.il.

As an (ex-) Israeli with no inside information I'd say the NSA is probably way ahead of Israel on this and wouldn't need or use any Israeli knowledge or equipment. I'd also say traditionally Israel relies on human intelligence while the US on signal intelligence. In terms of commercial surveillance equipment I'm sure there's a lot on the market from lots of countries.

I'm not implying anything, but there are some large Israeli companies which have access to lots of data or provide surveillance or spy tech; Narus, Trusteer, Amdocs, Comverse, Verint, to name a few.

Some equipment might come from Israel (it's just guessing though), but I do not like your implicit hinting that Israeli developers are somehow less moral than U.S developers (because of "cultural" differences?) - especially since you don't know much about it. You seem to be forgetting which government and agency is at the center of this debacle, don't try to share the blame on other nations or cultures for developing those spying system

He isn't saying Israel is less moral at all. The book mentioned above specifically points out there are a good handful of companies that sell hardware/tech to the US government that have originated in Israel.

I think the point being that Israel happens to excel at this type of thing due to the simple fact that they have been surrounded by countries who have wanted to wipe them off the map for a long time. This has happened to breed the talent that is very useful to the NSA / surveillance industry.

In the context of the comment he was replying to, and the allusion to "cultural differences" it doesn't seem to be just about technical proficiency. Otherwise, the second the part of his reply is meaningless, and the entire comment seems out of context.

Living in a country where wars with immediate neighbors and rocket attacks are frequent over 10 year time spans, especially in one much smaller and more culturally diverse than the US (at least among relatively antagonistic cultures), sounds like enough of a "cultural difference" to give some engineers a more "us or them" lens on morality and drive them to passionately work on defense driven technologies. Combine that with a culture that prizes education and a government with access to NATO equipment and know-how (also makes trade in military tech the other way easier too) and it's not a surprise some SIGINT and defense equipment comes from Israeli companies.

It's really not surprising that we don't hear about someone speaking up - would you be willing to risk doing so (even anonymously) after working on projects that you _knew_ that were monitoring everything on the internet?

About who made these tools, I would say that this was built through a combination of different people:

- very patriotic individuals: e.g. someone who joins the military and gets a military sponsored world class education in comp sci; or someone who gets recruited at an early age on the campus of berkeley/stanford/yale/mit/etc (remember how spies were recruited back in the days)

- consultants: Palantir, Booz Allen and many more

- buying outsourced tech (e.g. from startups in the Valley/Boston/Penn/Virginia/Maryland or Israel)

- captured black hats in exchange for softer sentences

- renegades from big tech companies: i.e. ex-google employees. You'd be surprised how pissed off some people can be at their previous employees and to what lengths they might go to hurt them

It's like being a cop: you get to shoot people (and people's dogs) and break most laws every non-cop has to abide by, with impunity.

> Is it like The Cube, where no one really knew what each piece was for?

Not possible. You cannot unwittingly buy a house in Cupertino, fill it with 48 V batteries and wave division multiplexing transceivers, and trench the back yard. The maintenance techs driving the fake pool service van knew exactly what they were doing.

'Privacy' currently is just a facade, most people have just not realised that. Here is an interesting fact, that joe public do not realise.

If you have a mobile phone, you can be tracked, even if there is no GPS on the device. Besides this if the NSA chooses, they can track practically ANYONE in the world, all they need is a mobile number. I would not be surprised if this is actually one of the tools they have.


Due to the nature of how GSM and mobile operators integrate when roaming. When a mobile operator signs an international roaming agreement, they setup signalling links between their switches and VLR's (Visitor Location Register).

The mobile operator in the visited country needs to authenticate you against your home network, this happens via SS7.

Once this link is established, it is assumed to be trusted, and most operators DO NOT apply any filtering on these commands. So with a carefully crafted SS7 command, you could request the location of a mobile subscriber, even if they have not even attempted to join your network.

Now here is where it gets interesting, get access to send ss7 commands from an operator with many international roaming agreements, and you can get details on practically any subscriber. Get access to 2-4 (i.e AT&T, T-Mobile, Vodaphone) of these massive tier1 operators, and you can get the location of practically everyone with a mobile handset.

I don't have a mobile phone.

You don't need one, really. Skype at work, landline at home. Why would I want to talk to anyone on the go?

I go out for beers and other social activities all the time. My social life is not suffering at all. The need of having a cellphone is a lie.

I am surprised this exerpt from Alan Rusbriger's article in the New York Review of Books [1] hasn't made the rounds:

> "But I did have an interesting (unattributable, of course) briefing from someone very senior in one West Coast mega-corporation who conceded that neither he nor the CEO of his company had security clearance to know what arrangements his own organization had reached with the US government. “So, it’s like a company within a company?” I asked. He waved his hand dismissively: “I know the guy, I trust him.”

West Coast mega-corporation does not know what West Coast mega-corporation does.

[1] http://www.nybooks.com/articles/archives/2013/nov/21/snowden...

Wow, a guy working for Google said "fuck you" to the NSA. All my doubts and worries are gone now.

Are you being sarcastic?

For months Google's only public response was to lobby the government for permission to release stats(?) to prove that they complied with the law - nary a word of criticism for the law itself.

So now that Google's own autonomy has been breached by the NSA (all above-board and legal according to the NSA's legions of loop-hole seeking lawyers) instead of just Google's users, now they are mad?

I just made another post about how a lot of people are unable to imagine what its like for others to be in a situation until they themselves are in the same situation. But... I'm not so sure Google, as an organization, has fully recognized the scope of the problem here.

I was being sarcastic, yes.


I had laugh-snort reading the discussion on that page - at one point the original author, Mike Hearn, tries to argue that ad-based services are actually a good thing for privacy. Does Kool-Aid have a google flavor now?

You should respond to his argument instead of accusing him of brainwashing. The latter does nothing to advance the conversation.

Can't. I so disbelieve in his argument that I won't sign up for G+.

Besides, as Upton Sinclair was fond of saying, "It is difficult to get a man to understand something, when his salary depends upon his not understanding it."

I'm suggesting you could rebut his argument here instead of just insulting his integrity.

I doubt he's reading this - but for you, sure...

His claim is that there aren't any viable anonymous payment systems for the web but that advertising is semi anonymous, so that's better.

(1) There are ways to make anonymous payments on the net, I can use cash to buy cash-cards in denominations up to $500 that work just like debit cards online, they are even branded with Visa and/or MasterCard. Until a couple of years ago you could buy even larger denominations but war on terror hysteria made it illegal to do without providing ID. None of the entrenched powers seemed to mind the new regulations all that much, which leads too...

(2) The rise of advertising as the primary source of online funding has choked out development of alternative online payment systems in the same way that an invasive species chokes out native species that occupy the same ecological niche. If it weren't for companies like google we wouldn't be in the situation we are now because a lot more work would have gone into the development of alternative payment systems.

(3) The entire goal of modern online advertising is to identify and track users as narrowly as possible so as to better "target" them. The more sophisticated online advertising systems become, the less anonymous the users become. Companies like BlueKai and hundreds of others exist to connect your real-life identity (and associated database entries) with your online activity. Even google does it with their real names policy for g+.

So instead of each vendor only knowing about the specific transactions they have with you, there exist multiple databases that amalgamate all of your transactions (online and offline) across multiple vendors into one central record that is for sale. I'm well aware that Google thinks their user records are super proprietary and that they would never make that data openly available outside of Google, but (1) they are far from the only holder of such data and many of the others see selling/renting that database as their main source of profit, (2) sophisticated use of targeted ad-buys can indirectly mine Google's data, it's not as easy as just buying access like you would from a place like Experian but it is feasible under the right circumstances and (3) who can say if Google will have a change in corporate direction tomorrow and start selling access to all that data that they have been collecting for over a decade?

So, in short, his claim was so blindered that it really was quite ridiculously naive/ignorant.

Thank you for responding in a meaningful way. I appreciate it.

> There are ways to make anonymous payments on the net, I can use cash to buy cash-cards in denominations up to $500 that work just like debit cards online, they are even branded with Visa and/or MasterCard.

This still puts you at greater risk of exposure than creating a Gmail account through an anonymizing proxy. Prepaid cards can be traced to where they are purchased, which at least narrows your location geographically, if not the exact location. From there the NSA could probably catch you buying it in person by reviewing CCTV footage.

> The rise of advertising as the primary source of online funding has choked out development of alternative online payment systems in the same way that an invasive species chokes out native species that occupy the same ecological niche. If it weren't for companies like google we wouldn't be in the situation we are now because a lot more work would have gone into the development of alternative payment systems.

I don't really understand this point. You seem to be positing a world where online advertising didn't become the dominant mechanism for making money on the web, but you don't explain how this could come about. Perhaps if "companies like Google" did not exist? But there were advertising companies before Google and there will be long after Google is gone. Advertising is an inextricable part of the global economy. It would take a revolution to change that.

> So instead of each vendor only knowing about the specific transactions they have with you, there exist multiple databases that amalgamate all of your transactions (online and offline) across multiple vendors into one central record that is for sale.

I think this is deeply wrong and I wouldn't be working for Google if I thought we were heading in this direction. It's not my place to comment further on your other assertions about Google.

> So, in short, his claim was so blindered that it really was quite ridiculously naive/ignorant.

I don't see how your argument supports this claim. Nothing you have said would be news to Mike, who has been thinking about all this stuff longer and more deeply than most people. He just has a different perspective to you, that's all.

This still puts you at greater risk of exposure than creating a Gmail account through an anonymizing proxy.

I note that you've specifically gone to the most extreme case of the state looking to track you rather than some other private entity. The NSA/FBI looking at camera footage at the point of purchase for a cash card is just as likely as the NSA de-anonymizing your proxy (well probably less likely given what the NSA has been up to). However, for private databases nobody is going to make those efforts. But what they will do (and do all the time) is cross-reference web activity to minimize anonymity and increasing "targeting."

Advertising is an inextricable part of the global economy. It would take a revolution to change that.

That's circular. My point is that the industry's overwhelming movement toward advertising as a payment system starved out the development of alternative payment systems, micropayments, e-cash, etc. Hell, paypal could be so much more privacy preserving simply by not disclosing your email to the seller but they don't make that trivial effort because they have no competition.

I think this is deeply wrong and I wouldn't be working for Google if I thought we were heading in this direction.

If you think I am specifically talking about Google, you are mistaken. Go install Ghostery and watch how simply visiting a web page like The Verge gets you into the databases of at least 7 different trackers other than Google. If Mike Hearn was arguing that google should have a monopoly on advertising because google currently doesn't deliberately share its secret stash with anyone, then that opens up a whole different line of disagreement.

The industry moved to advertising because it works. When something more compelling comes along, people will move to that. So far it doesn't exist, but many people are trying.

PayPal are not a monopoly, by the way. I would not be surprised to see them unseated from their current position in the next few years.

I do have Ghostery installed. I'm glad it exists, and wish more people would use it so that they could see the extent of the tracking that's going on.

> If you think I am specifically talking about Google, you are mistaken.

I was responding specifically to your paragraph about Google.

The industry moved to advertising because it works.

That's really overly simplistic. It's a complex system and to assume that its the best system (as Mike Hearn stated) is to ignore the fact that there are competing interests at work and the ones who value privacy have significantly less clout than the ones that don't.

PayPal are not a monopoly, by the way.

That's just wordplay. Paypal has not faced significant competitive pressure for over a decade, if ever.

Hearn claimed that there are two ways to fund services: through advertising, and through direct user payment. This is wrong. There are plenty of other ways to fund services.

You could fund them indirectly, through sales of another product. Think about Apple giving away its software and Web services (funded by hardware sales), or Microsoft giving away its Web services (funded mostly by software sales), or even of Google's nonprofitable services and projects (the ultimate income source here is ads, but it needn't be).

Alternatively, you could accept some anonymous form of payment. Bitcoin is the obvious one, but there are plenty of others -- gift cards come to mind, and these have been pretty successful for iTunes and the XBOX arcade.

Or, of course, there's cash, Bitcoin, and other less convenient or mature technologies.

Finally, the argument is a little disingenuous, given Google's push, with Google Plus, to know people's real identity anyway. It is clear that "advertising = better privacy" isn't a Google goal, at the high level.

He did preface it with a "I don't speak for my company".


I took your comment as being serious. Maybe my sarcasm detector needs adjustment.

Here's one potential cultural snafu - my understanding is US intelligence based almost entirely on SIGINT. I'm not sure how great we are at plain old HUMINT, i.e. using people and relationships to get information and an overall picture of the world.

So all the defense community was raised on SIGINT, and anything seen as a curb on this - technical or legal, they will probably view it as some sort of existential threat. They would then fight tooth and nail to block any sort of reform. And the military industrial complex has quite a lot of legislative muscle....

One of the outcomes of various 9/11 reviews was the realisation that HUMINT had degraded as far as it had. The problem is that it is very expensive, both in time and money, and it has uncertain outcomes.

The rise of technology, both its widespread use by the public and the ability to capture it by agencies, had made SIGINT seem much more attractive in the couple of decades prior to 9/11.

So, yes, agencies had become over-reliant on SIGINT over HUMINT, but for understandable reasons with the benefit of hindsight. Currently, they certainly don't view it as an existential threat and all agencies are working to re-establish HUMINT capability, the opposite of trying to block it. The trouble is that it is hard, really hard work.

It hasn't always been this way, and I'm sure the State Department and the Office of the President rely on SIGINT far more than direct diplomacy -- even to the point where diplomatic efforts are, universally, a cold formality.

They like to toss words like "Terrorism" around like frisbees hoping someone will catch it and toss it to someone else, however I personally think we can assume that direct diplomacy is dead. SIGINT is more consistent and dependable than engaging another nation's diplomatic apparatus, and all nations are clamoring for their own monitoring solution.

It's a new baseline measurement of international political power -- the cost is so low that it's foolish not to get it.

and here's the original "fuck these guys" post https://plus.google.com/108799184931623330498/posts/SfYy8xbD...

The submitted link is Mike Hearn agreeing with and elaborating on Brandon Downey's original thoughts on the matter.

I'm personally far more angry with Congress utterly failing in their oversight role, and to some extent with the judiciary for becoming at best a rubber stamp, than with NSA. The President (pretty much from LBJ onward, but even farther back) is also fairly complicit in this, but that part is accelerating.

I would probably be a single-issue voter if a candidate for congress were likely to win and was aligned with me on this issue but opposed on virtually everything else.

One essentially-fantasy is to run for Congress directly. Unfortunately I haven't lived my entire life to my mid-30s in trying to become a viable political candidate, so this would be difficult. Central or Eastern WA is probably the best bet, along with starting a 50-500 person business which employs a lot of local people (manufacturing of some kind) and generally being an engaged local citizen for a decade or more. But that's a long term goal.

The NSA must have somebody working on the inside at google. Otherwise it would be extremely difficult to reverse engineer the RPC protocol that was used by google's servers to communicate between each other. Even on an unencrypted network I can image it would be very difficult to reverse engineer the protocol without any help.

The RPC protocol is stated to be based on protocol buffers so the encoding is known. What you would need to do to reverse engineer it is coming up with matching message descriptions.

But, even without that piece of the puzzle, reverse engineering a protocol that doesn't use encryption wouldn't be "extremely difficult". This is not an indication of an inside man.


The only published information is how the values are encoded, not what is encoded (the specifications aren't transported together with the data) so to crack 1622 different protocols only involved in authorization according to the NSA slide is not such a small task, at least if they are interested in more than just recognizing e-mail addresses which can be found using regexps. And just counting the protocols proves that they were indeed interested in more.

The screenshots of the ascii dump of the RPC calls shown in the WaPo article show that there is tons of information to work with, besides just the email account.

You're talking about the NSA here, an outfit which has cracked the cryptosystems of foreign governments in a variety of foreign languages, and even cracked a Russian one-time-pad that they had accidental;y used more than once.

I don't think it's very hard at all for them to reverse engineer RPC serialization that is not even encrypted if they can crack cryptosystems.

Of course it's not impossible just reverse engineering the protocols but we now know that these guys also rightly measure their smartness by taking shortcuts wherever they can. It would be stupid to do unnecessary work to "rediscover" easily accessible information. The right approach is using the internal documents describing the protocols. Shouldn't be so hard, "it's all in the cloud."

Yes, that's what I meant with "message descriptions". It's definitely not a small task, but again not something that I would say is extremely hard. It's just a lot of work.

I'm curious what 1622 represents here. 1622 different protocols, each with their different messages? Seems like a crazy amount. 1622 different message types for authorization? Even that seems like a stretch.

I guess its just 1622 fields or message types.

No need to reverse engineer it, it's a public spec, ProtoBufs. It's like saying "it's extremely difficult to reverse engineer JSON"

Or, they could have just hired an ex-Googler familiar with the protocol. No need for someone working for the NSA "on the inside" at Google, and no need for reverse engineering.

Just "being familiar" would probably slow them down too much, considering how much different protocols they attacked "1622 Google authorization protocols" are listed on one NSA slide here:


I know how hard it would be, I implement low level protocols (not Google's or of men in black).

Years and Years ago I reverse engineered the weird binary protocol that Yahoo Messenger used with nothing more than Ethereal and an absolute shit load of packet logs.

I did that for fun and I was (and am) a mediocre programmer at best, the NSA/GCHQ has some of the best talent around I doubt they would find it much of a challenge to this on a bigger more complex protocol.

Unencrypted traffic is (relatively) easy to reverse engineer even without a protocol description (examples, the Samba guys, the Asterix folks) as most protocols are designed to be structured (that is kind of the point of having the protocol).

Keep in mind when considering reform by our legislature that any serious efforts on that front will likely be undermined with blackmail made possible by the very surveillance apparatus they are attempting to curtail [1]. I sincerely hope that Snowden's revelations prove or at least strongly hint towards such an assertion because until they do it's still "conspiracy theory." Free society is in deep shit, and for the life of me, even though I've thought about it obsessively for the past couple months now, I have no idea what can be done about it.

[1] http://www.boilingfrogspost.com/tag/russ-tice/

My feeling is that the NSA/GCHQ hack was arguably an unfortunate thing for them to do, although somewhat predictable, once one knows of the existence of the network topology vulnerability that was exploited. But presumably somewhere in Google someone knew about this possibility sometime back. I wonder whether there was an assumption that nobody would be clever enough to figure things out, or whether security engineers were working 24/7 to fill in the gap and just didn't get there in time.

Either way, this is a good stimulus for rolling out deeper encryption.

Is information about disruptions to the US PSTN collected anywhere?

The discussion of cable tapping and the NSA's apparent taste for doing things the expedient way instead of the legal way makes me wonder if the "vandalism" domestic underground fiber cuts in the years after 9/11 form an interesting pattern.

Cussing is all fine and understandable, but I missed the part where the Google opsec team was searching for and plugging the holes the NSA is exploiting, or switching to another carrier, or suing the NSA for illegal wiretapping.

Indeed, you missed it. It was back in September:


The problem is that it's not the NSA doing it. It's GCHQ, in the UK.

What was the physical location of this fiber? The UK?

Yes, according to the Washington Post, the interception took place in the UK.

I can understand using unencrypted network within a data center (unless you are doubly paranoid), but why wouldn't they encrypt data between data centers?

Apparently these data centers were linked via dedicated lines -- there was no traffic or outside access to these fiber lines. They were used solely for communication between the two data centers (so technically still an isolated network).

A pretty good example to smack in the face of all those "Just Air-gap your distributed SCADA system!" devotees.

Such people exist?!

they do, sadly

They buy the lines in the ground. It is suppose to be 100% private. It is like having a wire from one room of your house to another. Wikileaks has a list of vendors/products who allow these types of things to happen. What I want to know is how they tapped the actual line. I would assume these lines are going directly into Google owned (or controlled) buildings.

You can tap fiber in a non-destructive way ( http://en.wikipedia.org/wiki/Fiber_tapping ) and in ways that increase attenuation only slightly (and that is contingent on you detecting it and having the equipment to even detect it).

If you know the route the fibre takes (which should be public and certainly government knowledge) you can install the tap anywhere along the length of the cable, roll up with a van the equipment and two guys in high viz vests with a fake work order, who the hell is going to check....(think the Ghostbuster's scene where they close half the road).

The crazy thing is that so many smart people at Google and encrypting the data still wasn't done.

So, this is how it's gonna play out:

Over the next few years it will become more and more common for "in-flight" data to be encrypted. As the "low-hanging fruit" starts to disappear, state-level attackers will increasingly turn their attention from fibre to endpoint; with a corresponding increase in the number of attacks on mobile devices, apps, and embedded systems. This is, to put it mildly, incredibly challenging terrain for passive defence, where complexity all-but-guarantees unknown vulnerabilities and hidden attack vectors.

Now, I am not too sure about the ethics of active defence / networked HIPS, (Too similar by a long shot to the sort of malevolent behaviour it is supposed to defend against) but it might be something that we are going have to have a look at.

"Unfortunately we live in a world where all too often, laws are for the little people."

This is sort of the crux of it. We are degenerating into a true oligarchy and/or gangster state in which there are two different systems of law: one for the politically connected and one for the plebs.

My bet, especially with the rumors of a secret google data ship, is that google is getting ready to make a data power play.

Something along these lines:

"Look at the horrible way NSA treated our customers... We're gonna make sure the NSA can't get our data in the future, and protect everyone's data. Come use our services where we treat you right!"

It was always just a matter of time before a corporation had the ability to compete in the total information awareness arena with the three letters. Google is probably the primary candidate that has the capability, besides MS/Apple.

Of course the three letters win on the data side, but the company wins on the customer side. Win win. For them. Lose for us.

I think that we also forget in this age of reduced crime, that it doesn't matter whether or not something is illegal if you have no means of preventing someone from doing it or holding them responsible when they do. We discovered this situation not by uncovering the intrusion, but from leaked documents. The government has a lot of employees and likes to document its operations, which can lead to whistleblowing... organized crime has few employees, tight lips, and doesn't offer the same protection of whistleblowers. The problem here is not the NSA.

Any data running over a leased or owned fiber between data centers should still be encrypted. Why didn't they have a VPN between the data centers? I don't get it and I personally think it's inexcusable. I believe I would lose my job if I my companies data was stolen and their was something I could have done to prevent it, and rightly so. I personally think that everyone has been far to forgiving of companies like Google, Yahoo, Microsoft, Facebook etc... for having done such a poor job of protecting the data we entrust to them.

They are likely both complicit in - as well as victims of - fiber tapping given GOOG now owns the building housing one of the largest peering exchanges on the Internet [1].

[1] 111 Eight Ave in NYC (housing Hiberia's trans-Atlantic cable, Equinox, Deutsch Telecom, etc)


I think the trends has been like this and history tends to repeat it self but in different forms. 1) Main frame - central computing 2) PC revolution - decentralized computing 3) The cloud - central computing 4) ? Hackers invent p2p - decentralized network corporations,government not in control of any communication, information heavily encrypted possibly distributed using erasure codes. Network run by friends who you can trust. Code written by hackers

"Fuck these people" was Wikipedia's reaction to seeing the puzzle globe on the NSA slide too. First time I've ever seen Jimmy Wales use profanity in a tweet: https://twitter.com/jimmy_wales/status/362626509648834560

Global security sure is easy if you're an engineer working for a large tech company. I say that with as much sarcasm as possible.

Day after day I see post after post around the tech web about how horrible the actions are of the NSA but few if any propose a workable solution to balancing both securing and obscuring actions taken to protect a nation, with the public's need for privacy and protection from abuse.

Oversight, oversight, oversight is all we hear yet nothing concrete to describe how the US (or any nation) is supposed to provide security and keep the enemy from monitoring the techniques and actions taken by intelligence services.

Maybe I'm naive but I don't see a way to keep spying (something all nations do and have done for centuries) with the public's need for complete disclosure.

I think it's time to also highlight the fact that people enabled the NSA to do these things. A lot of them engineers. In some cases I'm sure the ones building the stuff didn't or couldn't see the end goal. But I guess there have been many who HAVE suspected or known about the use-cases of the products/software that they have been a part of making. This scares me, it is time that engineers take some moral responsibility. Maybe some course in ethical decision making wouldn't hurt to include in engineering colleges?

(Note: All fields should take moral responsibility, but engineers seem to be worse than a lot of others.)

Well that's ok. But what really needs to happen is this to come from the top management - and most of all, they need to ACT accordingly. Until then, all this "fuck them" exclamations aren't worth a dime.

You mean like working on projects to encrypt all of their data center links, which started, incidentally, before the Snowden revelations. Or the fact that David Drummond and Eric Schmidt have publicly said the diplomatic equivalent of 'fuck these guys'?

And rather unprofessional where where these guys when Eric Schmidt was making his creepy uncle statements.

Well, if you read the Terms of Service that Google (and to be fair - everyone else) makes people agree to - Google is free to sell your data to anyone they want. So I don't know which 'Google user' is expecting their data to be private anyway. Not to beat the 'you are the product' dead horse, but I wonder if they were to actually start selling user data would people be in uproar?

The judiciary should always have an adversarial relationship with the Intelligence community in order to have checks and balances. I think FISA could work with more and varied members on it's committee.

Feinstein is a joke and obviously isn't well informed on the subject matter she's supposedly overlooking.

Given the snippet of traffic involved, can they make an educated guess which links were compromised to get it? (It is DB replication traffic so if you know the source DB and the dest DB then you can work out the route... in theory anyway, with Google Complexity, who knows...)

Just simple big government(s) v.s. big company - happened over and over again in history - remember how powerful Microsoft was in the end of the 90.

Governments don't like challenge to its power. They will find ways to control the Jedi Council.

I really don't think this is that clear cut. On this thread alone, two people have have vouched for their companies that encrypt internal traffic as standard MO (wepay, and another larger than google [by their words]) and considering that some mailing list chatter[0] has pointed out some interesting dynamics (read duplicitous) on the behalf of some companies (among the remarks on here), I wouldn't fool myself with its that simple.

As someone working on a start up now dealing with crowd-sourcing/mining data on people/identities and leaving it public, it's very interesting to see the dynamics play out with online services especially with ones that create the perception of walled gardens vs those that position themselves as inherently public and the flak (or lack thereof) they take from privacy advocates and what not.

[0] http://cryptome.org/2013/10/nsa-hysteria-coverup.htm

Where are the startups that disrupt the 1984 surveillance state? I think YC recently ventured into nonprofits, maybe they should consider adding one company that "furthers the cause of freedom" to each batch or something.

How do we know the Chinese or someone else hasn't hacked into the NSA and is using that data to gain access to secure systems that would otherwise be almost impossible to break into.

Wasn't there a Google break in not so long ago?

Considering the track record of Governments and technology, I pretty much assume that whatever systems the NSA (and friends) had made are so ridden with holes that any/all people who really want access to it, already do, and that all our (worldwide citizens) access is basically out in the open now.

If anything, I'm actually pretty impressed it has gone on this long without seeing posts on underground forums offering access via cracked/leaked accounts and 0days, in exchange for money. Or maybe it has?

It's good to see there are still people at Google with integrity and not afraid to speak up. Sadly, they do not run things. In this environment, you either quit or turn to the dark side.

Being that google probably has an unreal security, did they know the NSA got in.. or was it a surprise after learning it from the info leak?

This is the first time I've seen a HN article pass the 1000-point mark. Who doesn't love someone telling the govt to eff off?

fuck these guys, they stole our business model!

This may put a small kink in their plans, but the NSA and GCHQ have unlimited resources and will find another way in.

How does one "capture" data flowing over a private fiber channel? Does it require a physical tap?

Most likely, yes.

You can tap a fiber optic line without breaking it by bending it such a way that light leaks out: http://www.techrepublic.com/blog/it-security/protect-your-ne...

So how long before HN gets shut down for supporting criminality and terrorism?

There comes a time when principles are more important than life itself.

afterwards they will be fu* * * * using FISA court orders ...

This is just crap!!! The google guys are no better.

One of the few who dares thanking Snowden...

Lol a Brit trying to lay into an American corporation for imperialism. I wonder why a system he "worked" on for 1 (or 2) years was so easy to subvert. What a laugh.

Oops. What a Hypocrisy? The moral righteous Google. Little People vs Big People? Please stop. Don't do Evil still works for you guys.. I guess.

You have the resources to defend it, if you want to defend. You choose not to in many ways.

So please dont explode in profanity several times a day.

Has it ever occurred to anyone that, just maybe, the whole NSA thing is a cover-up to distract the attention from the fact that it's actually the megacorporations that want to spy on you? This is a good way for Google, Microsoft, etc. to look innocent. Let's not forget that it was us who decided to trust these corporations with all our personal data.

This is absolutely true. DPI was used by corporations first. NSA et. al. have to use it to stay in the game. Of course, you'll never hear this because the multinational media decides who you root for.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact