Isn't this what they're supposed to be doing? I don't really have a problem with intelligence gathering against non-allied nation state actors.
* Would you accept that the US Government pays tech companies to install secret backdoors in operating systems, hardware, and apps? Windows, Android, iOS are all insecure by default -- and nothing is stopping foreign governments and private agents from taking advantage of these backdoors other than simple secrecy.
* Would you accept that the US Government infiltrates tech companies to install secret backdoors? Don't users (and the tech companies themselves) deserve to know that their hardware/software is being sabotaged? Nothing is stopping foreign governments and private agents from taking advantage of these backdoors other than simple secrecy.
* Would you accept that the US Government infiltrates security standards organizations to install secret backdoors? These security standards are implemented and accepted as high-quality and reasonably free of defects, and they're utilized for all forms of communication on the planet -- but they're rendered insecure for the convenience of the US Government. Nothing is stopping foreign governments and private agents from taking advantage of these insecurities other than simple secrecy.
The US Government is destroying the padlocks on everybody's doors, paying padlock companies to manufacture shitty locks, and infiltrating padlock companies to make sure only shitty locks get manufactured. This isn't just spying, it's malicious.
It's not purely 'gov on gov' anymore -- spying on your adversaries' population gives great insight into the internal political structure of their government. Economic espionage is the norm now, and the US Government is using every advantage it can get now (regardless of the legality).
Shouldn't you have a problem with them getting caught then?
I don't understand this defense of the NSA, no, its not what they are supposed to be doing. At least not anymore.
If you are in favor of the US bullying and spying everyone they don't consider an ally then you should be outraged they can't do it efectively. They got outed by a lone contractor and your "potential enemies", or however you get to call every single other country in the world to justify the spying, now have most of the technical details they need to thwart the NSA's efforts and hence make it spend lots of your taxpayer dollars in coming up with other forms of spying.
What are they supposed to be doing, then? Should the US just not have any spy agencies? Should it shift away from signals intelligence and focus on human intelligence like Israel does?
Absolutely. The US should interact with foreign governments via the diplomatic process, pull up all its foreign bases, and stop playing "world policeman."
Not sure why this is so hard to understand. The justifications for actions like these either fall into "but we can't be world's policeman without these intel programs" or "the other guy does it" which are both morally bankrupt.
Being a citizen of a nation state does not require me to approve of that nation's foreign policy or military actions. In fact, I'm compelled to be extra critical of these things as they are often abused and cause not only domestic issues (large tax load, dead soldiers, blowback, etc) but worldwide issues as well.
We have yet to see any evidence that these dangerous and provocative technical programs have actually resulted in anything used to thwart attacks or other justifications from the usual defenders of the status quo. If anything, from a dollars per result perspective its a major tax dollar waste and a massive opportunity cost. If we had a Russian-like military budget my tax load would be lower and arguably allow me and others to invest and do things that can actually help domestic life, instead of watching my dollars get burned up in spy games and the slaughtering of completely innocent Iraqi and Afghani civilians over the last 10 years.
So the US should be the only major nation with no spy agency?
> We have yet to see any evidence that these dangerous and provocative technical programs have actually resulted in anything used to thwart attacks or other justifications from the usual defenders of the status quo.
It may have accomplished nothing. It also may have accomplish something that is still undisclosed.
I'm partially playing devil's advocate here. I do agree with the sentiment that the US should stop behaving like the World Police. However, the idea that the US should have no spy agency in 2014 is ridiculous. All the major nations are spying on each other..
Because diplomats demonstrably don't always cut it when you are dealing with bad-faith actors, and the world is not so full of love and sunshine as to have eliminated all the bad-faith nation-states.
Reliable sources are hard to come by (for obvious reasons), but just as an example, see: http://www.nytimes.com/2012/03/18/world/middleeast/iran-inte...
> For its spying efforts, Israel relies in part on an Iranian exile group that is labeled a terrorist organization by the United States, the Mujahedeen Khalq, or M.E.K., which is based in Iraq. The Israelis have also developed close ties in the semiautonomous region of Kurdistan in northern Iraq, and they are believed to use Kurdish agents who can move back and forth across the border into Iran.
> While the National Security Agency eavesdrops on telephone conversations of Iranian officials and conducts other forms of electronic surveillance, the National Geospatial-Intelligence Agency analyzes radar imagery and digital images of nuclear sites. Outside analysts believe high-tech drones prowl overhead; one came down late last year deep inside Iranian territory, though American officials said they lost control of it in Afghanistan.
> Meanwhile, clandestine ground sensors, which can detect electromagnetic signals or radioactive emissions that could be linked to covert nuclear activity, are placed near suspect Iranian facilities. The United States also relies heavily on information gathered by inspectors with the International Atomic Energy Agency who visit some of Iran’s nuclear-related facilities.
> But collecting independent human intelligence — recruiting spies — has been by far the most difficult task for American intelligence. Some operational lapses — and the lack of an embassy as a base of operations ever since the hostage crisis three decades ago — have frequently left the C.I.A. virtually blind on the ground in Iran, according to former intelligence officials.
With human int, you can get more understand of what the thinking and intentions are.
Oh come on man. This is plain old Appeal to Emotion.
Let me know when you find a powerful country that does not engage in spying.
Why not "anymore"? What has changed?
Yes, I'm sure NSA does some of that work, too - their original work - but the problem is they've surpassed their boundaries way too much, and much of what they're doing today is spying on everyone - including innocent citizens and on companies and allies, too. Let's not forget that so easily.
This story seemed like a well planted one to NYT, where they mention the attacks but only to the "worst of the worst" countries, to make people like you believe that "hey, this is what they're supposed to be doing - so I guess everything is fine, then".
I think they've started improving their PR relations for this year. That article had way too many quotes from the NSA for a story about a "leak", and the responses seem well prepared, too.
This is a new year, and now we believe what NSA says about its activities? Read more carefully what the article says:
> The NSA said the technology has not been used in computers in the US.
The NSA! The NSA says. And yet I bet a lot of people read that as if the "leak says" or something along those lines, and they probably believed it.
> "NSA's activities are focused and specifically deployed against - and only against - valid foreign intelligence targets in response to intelligence requirements,'' Vanee Vines, an agency spokeswoman, said in a statement to the Times.
Again, the NSA says. Come on people. Don't be fooled so easily. Oh, and by the way - this is not a Snowden leak, if you didn't figure that out already. It actually seems like a controlled leak by NSA that shows "they are doing their job". The article itself was half-press release for the NSA.
A leak is, if verified, is both allegation and proof. The leak would be an actual NSA document, which the NSA didn't want made public. If they did, its wouldnt be a leak, it would be public record. If the leak was not true, it would not be a leak, it would be a lie, a fiction. The NSA don't even claim that. So, yes, we believe the leak.
A statement by the NSA is simply what they want to say. It cant be proven or verified, you have to take their word for it. Now, if the NSA were to release verifiable documented proof, then we would have to consider that. But it still is not as powerful as a real leak. It can't be because a NSA release has potential for manipulation since they are the source of the release.
Yes, real leaks from a given source are much more believable than statements from that source. Which is why, time to time, governments like to release information in the form of a leak. So, we do have to be very careful about where leaks come from. In the case of Snowden's leaks, I believe we can be sure that they are real and not a very clever manipulation by the NSA or US government.
So, yes, a lot of people would believe the "leak says" over "the NSA says". Rightly too.
But you better believe Russia, China, Iran, etc. are actively hacking (or attempting to hack) US assets.
And yes, I think this story is way too positive toward the NSA. The NYT is part of the mainstream establishment and generally kowtows to Washington.
Bugging a hundred thousand computers? That's a lot of resources thrown at a problem and the results are terrible. Maybe a single attack averted since 9/11. We know why: too many false positives waste resources - and you don't have that much humint to start with.
That they're doing that much surveillance is a sign that they're either incompetent or the official justification is a smoke screen. They're also spying on allies. Was it really necessary to bug Merkel's cell phone?
Spying on allies and passing off trade secrets only results in backlash - and when that many computers are bugged it's only a matter of time before it's discovered.
While you're growing sigint budgets, you're not spending enough on humint.
Do you really feel safer with the government conducting spycraft so incompetently?
It's not that they are hacking. It's that they are not accountable to the system that feeds them.
What are the odds senators will debate the privacy implications of hacking routers all over the world (let alone stop them from doing it)? I'd bet almost zero.
> The NSA calls the effort an "active defence" and has used the technology to monitor units of the Chinese and Russian armies, drug cartels, trade institutions inside the European Union, and US allies including Saudi Arabia, India and Pakistan, the Times reported.
From the viewpoint of an American: hacking the EU trade institutions, and India, bothers me. The rest is exactly what the NSA et al /should/ be doing. Saudi and Pakistan are "allies" out of necessity -- there is no history of genuine mutual trust and support.
There certainly needs to be more control of who the NSA targets, and better constraints keeping them from targeting others, but pretending that all spying is bad is silly.
Saudi Arabia has done little to engender trust.
On the one hand, put every non-US citizen killed by the US.
On the other hand, put every US citizen killed by all other countries and terrorists combined.
Guess which number is vastly bigger than the other. 5-10 thousand dead in 9/11? That's peanuts, compared to the disproportionate responses that ensued. (I'm not saying it's peanuts in an absolute sense. It's still a tragedy, of course. Any death is.)
If we use this handy wikipedia page shown below we can see that US military casualties are at a touch over 1.3 million.
Let me know when you're done being facetious and/or have an answer for your number of non-US citizens killed.
You know when the US government tells you it's killing enemy combatants in Pakistan via drone attacks? What they don't tell you is they define any combatants as men aged 18-40 in that region.
Presumably better than bombing the men.
Trust is supposed to work both ways. Before dismissing countries such as these it's worth looking at the history of relations from both sides.
In the case of countries, any such asymmetry is meant with resentment. It is fine that the US spies on, say, Iran? Then it means Iran has lower status than the US. Then it means that an Irani citizen (denizen?) is worth less than an American citizen. While we're at it, why don't we show what we're made up of? Knocking down a building or two should teach them a lesson…
It doesn't really matter that it is right or wrong to spy on another country. But it sure is dangerous, should you ever get caught.
Newspeak is real.
Even if the NSA is telling the truth about this only being deployed against foreign targets, the scale of this effort is impressive.
Thus, information gathering is an active part of defensive operations.
Imagine you are an antimalware company (a real one, a good one). Maintaining a virus tank, actively trawling the internet for brand-new viruses, and studying them as they appear, would be part of an active defense against malware.
Also, spying on viruses is very different than spying on people.
The sound of Dell, Intel and other hardware tech stocks of US firms plummeting over the next 12 months as they realise they can now only sell domestically as nobody else in the World trusts them any more.
Tens of thousands of jobs lost here. And of course, they'll blame it on Snowden. It was classified in part because tens of thousands of jobs relied on it.
But you have to wonder if there isn't just a little bit of an air of the two-faced about this...
That perception is now gone. The valley will suffer. Why buy Intel when I can license the blueprints for ARM, build my own chip-fab plant for less than $1 billion and build a processor myself? And if I can do that, how much more investment do I need to build my own motherboards, displays and other components?
$10 billion? Saudi makes that in oil money in a week.
You really think they're going to keep buying US tech? The golden age for US tech firms is now over, and the idea that "of course" the US was spying is laughable: the assumption was always that the spying was targeted and not carte blanche over entire populations.
"We do not use foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of - or give intelligence we collect to - US companies to enhance their international competitiveness or increase their bottom line.''
The damage through the Snowden leaks is massive, he did not concentrate on the misuse of the NSA against US citizen, this reveals core assets in their spying ablities. What a setback. Might as well invite foreign entities a tour of the NSA data centers.
My guess is the next guy that tries such a thing gets treated very differently, too late for Snowden, he is too famous now. The next one disappears if there is only a whiff of a leak. Ms Manning might be a better example of things to come.
The people overseeing Snowden's work/access should be tried though. Gross negligence, massive impact on national security.
Also this doesn't appear to have been a leak associated with Snowden. But it is certain that the Snowden leaks even being possible is a huge f'up on the part of the NSA who is supposed to be all about secrecy and data security.
> [NSA] has implanted software in nearly 100,000 computers around the world [...] While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of [covert radio channels]
>And yet they have very little to show for it
Without knowing more about how the information was leaked and what was leaked there is no way to determine if this particular NSA activity was "worth it" or not.
But since they're claiming to hack the Chinese, Russians, Saudis, and Pakistanis, this very well could be an "authorized leak" to counter the Snowden leaks. Like, the NSA actually does go after their enemies (as well as their friends). Very few Americans would oppose to them hacking Chinese Army computers.
"New leak says NSA spies only on the bad guys".
States have historically spied on each other (allies and enemies). I can understand the sensationalist aspect of this as 'news', but IMHO there is nothing new here; move on.
Perhaps, someone here with a much better command of history than I do could help out with the latest time in history where the relevant technologies of the day were not key parts of nation states' intelligence gathering systems.
(Although the truly paranoid might doubt the veracity of a claimed "tear down". It has become incredibly easy to accuse the NSA of doing anything, and at least be partly believed. Which, ironically, is actually a pretty good cloak of secrecy in itself!)
1,000 people gaining access to 100 machines a piece? 100 people, breaking into 1,000 machines? Is that per year or in general?
If one targeted individual owns 10 machines, then it's 10,000 people targeted by the program.
If this includes organizations, bussinesses, institutional computer labs and offices, then maybe it's 1,000 offices with 100 work stations each.
So, perhaps a rough estimate of the scope of the program 100 to 1,000 staff attacking between 20,000 and 1,000 targets?
The bottom line, though? This isn't surprising. Nations spy on each other. A lot of nations have been engaging in a lot of phony outrage over our NSA spying who are doing the exact same thing, but have managed to keep it secret. Any nation who is using imported computers in sensitive operations should know enough to check those computers for possible spy hardware.
Taking into account what we have learned this year about the extent of the activities of the intelligence services, I think we have to assume that somebody (Whether the NSA, the FSB or somebody else) has compromised the manufacture of at least part of the electronics and/or software supply-chain.
I am not too sure what it would take to audit the software and hardware components in common use today?
But at least these leaks made the US halt their phony outrage at "Chinese hackers", which is a positive thing. We can move on to have a real grown-up debate about the effects of surveillance on democracy.
And how is that going for the Drug Cartels? Doesn't seem to have an effect on them, considering they continue to operate with imprudence.
Sure the US could take military or covert action against the drug cartels, but then where would American and other customers get their drugs? Who would then supply them? Sounds like a recipe for a new turf war (simply replace the existing cartels with newer, and possibly more ruthless groups) I'm not saying the US is allowing this, just that dismantling the cartels may bring a whole host of unwanted side effects.
Not to mention it would be a jungle war and likely resemble insurgencies. And as you note, someone will fill that void.
I loved the West Wing but feel they relied too heavily on the "Vietnam/Jungle" angle when proposing the feasibility of an actual "drug war" in Columbia. Also, the West Wing was aired before many of the US's major military actions in the middle east, which have arguably proven that the US can combat an insurgency (if they care enough to that is) and can operate in an "unconventional" manor.
I think the worries of getting sucked into another Vietnam, or getting bogged down like the Soviets in Afghanistan have been debunked. As long as the political will is there, the US military can operate successfully in almost all combat scenarios.
You must pick your definitions of "operate", "successfully", and "combat scenarios" very carefully here to be a useful statement.
I suspect they'd find a new illegal business to run, more people to extort, murder and threaten and continue on as before.
While that may also be true, I suspect from context that what you meant to say was "impunity", not "imprudence". Very different meaning.
But of course not. The NSA wouldn't spy on Americans, would it?
How about domestic U.S. law enforcement? FBI, DEA, U.S. Marshals, etc.? It would be interesting to know what technologies they're using, especially when there's a long-running surveillance operation.