Hacker Newsnew | comments | show | ask | jobs | submit | dmix's comments login

Where is a good place for an experienced JS dev to start learning about Flux/React without having prior exposure to either of them?

Any video/article recommendations?

I usually wait ~1yr before trying out any new JS library/framework and wait to see if they stick around - given the constant hype machine that generates them.

You really need a demo on the homepage.

For ex: you should remove the need to signup to use it first, let them create a FAQ, then signup to save it to a particular account.

Mobile would be great for taking this kind of approach to bug hunting.

Especially since Android just launched a (proper) bug bounty program [0]. A ton of old problems are new again on Android, especially due to the fact a significant percentage of the OS stuff is being re-implemented in Java (IPC, sandboxing, etc). The more I dig into it the more I'm convinced very few people are conducting serious security reviews outside of Google.

Take this bug as an example: http://seclists.org/fulldisclosure/2014/Nov/81 An apk with system privileges (the settings app) would accept IPC messages from any unprivileged app and relay them with system privileges.

[0] http://techcrunch.com/2015/06/16/google-launches-bug-bounty-...


Someone's ready for a career in politics.


> is this any different than what would happen if a dedicated attacker came after the most valuable data in your company?

Well, most SF/HN startups data wouldn't get people killed if leaked to the wrong hands, whereas OPM had sensitive information on spies/foreign agents/etc where that is a serious possibility.

The question I'm curious about is what if a Silicon Valley style startup was going to start a company holding ID information for gov workers? Including potentially identities of people whose livelihood depends on secrecy. I'd imagine they would be investing quite heavily in security. But it is plausible even that wouldn't stop nation-state attackers...


The problem is that you people like to extrapolate from one small scenario where the law will work without considering the greater practicality or long-term effectiveness of the law. The scenarios ignore basic facts about humans and technology. The simple fact is humans are resourceful and criminals have proven to be very dedicated.

Consider two things,

a) Regarding:

> in particular, it would take a lot to convince me that private ownership of assault rifles is anything but bad news.

The technological different between an 'assault rifle' and a semi-automatic hunting rifle is very small. As Cody Wilson has demonstrated, with a few 3d-printed parts you can turn a simple rifle - which is already restricted by law from being an assault rifle - into a fully blown assault rifle with a relatively small amount of technical knowledge.

The same was true for decades with anyone with metal machining skills.

So how much of a difference will it make if the tech available is merely restricted and not banned? If you can easily modified the technology?

b) The proposed encryption laws must insist that they won't interfere with American corporations from creating, selling, and exporting encryption to valid purchasers. The development of better-and-better encryption will not stop. It will still be one of Americas greatest exported technologies. An industry the US dominates (software).

So now taking that into consideration, will it be feasible to stop criminals from getting access to encryption?

Similar to encryption, America is the largest exporter of weapons in the world - unlike the UK or Scandinavian countries.

The simple fact is that there will be a huge market of both weapons and people (with specialized-skills) which will leak their guns/knowledge onto the black market. Combine that with the internet and decentralized tech and you have a very challenging regulation environment.

At best, it will be become yet another 'arms race' between criminals/police that is ultimately a net-negative investment for society (see: drugs).


> The same was true for decades with anyone with metal machining skills.

This. Also consider there are people with machine shops all over the country that make AR-15's from scratch. These are so-called "custom" firearms. Would we have to go around shutting down all machine shops if we outlawed "black" (named for the blueing) guns?


> What if creating a database would be as cheap as creating a Hashmap?

I wanted something like this for Go recently, settled with SQLite :(


libscore ranks js library usage by crawling sites:

Meteor = 86 sites


React = 552 sites


angular = 6,882 Sites


backbone = 9,853 Sites



That's pretty damning for Meteor. I'd have ranked it similarly to React with the difference being that Meteor more actively markets itself and React is mostly being promoted by third parties.


Just a reminder about FISA's historical performance:

> Between 2001 and 2012, the FISA judges approved 20,909 surveillance and property search warrants - an average of 33 a week. During that 12-year period, the judges denied just 10 applications. Prosecutors withdrew another 26 applications.

> From 2007 to 2012, FISA judges also approved 532 "business record" warrant applications, the category used in the order that directed Verizon to release metadata on all phone calls inside the United States. No business record warrants were rejected.

and, on the judges perception of themselves:

> Walton, the senior judge on FISA, declined to be interviewed. In a statement, he said: "The perception that the court is a rubber stamp is absolutely false. There is a rigorous review process of applications submitted by the executive branch, spearheaded initially by five judicial branch lawyers who are national security experts, and then by the judges, to ensure that the court's authorizations comport with what the applicable statutes authorize."



I can tell you from first hand experience that getting a warrant TO the FISA court from a sponsoring agency is a massive bureaucratic battle in and of itself.

Reason being, the agency powers that be don't want to send something up that will be disapproved because it takes significant time and effort of general counsel and leadership of these agencies to process, implement and track to maintain compliance - even if the warrant is reasonably broad.

So these numbers really don't mean anything in terms of just "blanket surveillance." The bar for even getting something to the court, in my experience, is incredibly high and you typically need very high ranking people to sign off on it. Which means your evidence, reason for doing and ensuring that it is within the boundaries of EO 12333 and a million other regulations, has to be pretty airtight.


Imagine a system that works as follows. You can have people assassinated. In order to do so, however, you need to fill in a hundred-page form with exhaustive details of your personal finances, your medical history, and the contents of your computers' hard drives; and then you need to play six sets of tennis against a strong player and win at least two; and then you need to play a 7-game chess match against a holder of FIDE's International Master title, and win at least two. Oh, and then there's a fee of $100k. Once you've done this, your application takes six months to be processed. Every week during this time, you get a callback and are asked intrusive personal questions about your sex life, your religion, and how you have voted in past elections. And then, at the end of the six months, the person named on the form gets assassinated by government agents.

Can we agree that (1) this would be a "massive bureaucratic battle", and (2) the bar would be "incredibly high" ... but (3) this shouldn't reassure us much, because jumping through the bureaucratic hoops and meeting those difficult criteria doesn't actually constitute good reason for having your target assassinated?

Your comments about the FISA court seem a little like this. Let's stipulate that getting approval is a tiresome process, and that there are difficult criteria to meet. That doesn't in any way guarantee that it only happens in cases where it's actually a good idea.


That's a terribly analogy. The bureacracy isn't there as just a speedbump. It's there to make sure you don't waste time on cases doomed to fail. Secondly, surveillance is an essential tool in fighting crime. Assassinations are not.


> "Secondly, surveillance is an essential tool in fighting crime."

This is a very dubious assertion. I'm not aware of any evidence that mass surveillance deters or prevents crime at all, much less is "an essential tool" for doing so.

But even if one, for the sake of argument, concedes the point that mass surveillance does significantly deter or prevent crime, you still have a system set up where the costs of that surveillance (loss of privacy, loss of accountability for abuses of power, introducing/secretly discovering backdoors, etc) are borne by the least powerful--ordinary citizens--while the benefits of mass surveillance (concentration of power, ability to bribe/extort/intimidate rivals, being seen as "doing something" about terrorism, etc) accrue only to those who are already powerful.

That is the real problem with mass surveillance. It creates a positive feedback loop that only exacerbates existing power imbalances, inevitably leading to corruption and capricious injustices by those who are most able to get away with it. Having a speedbump on the road to that inevitable destination, even a big one, is not much of a consolation if the heading is still the same.


Exactly that, as long as you have those who have access and those that don't you have something to be exploited. There you move towards a great divided in power, towards total lack of privacy or you don't gather the data. I think the later is actually the least likely. There are a lot of really powerful things you can do with good data, that seems worthwhile. The issue is then exploitation of that knowledge. For sure advantage will be had by someone, question is extent of imbalance and lack of privacy.


I'm not talking about mass surveillance. I'm talking about the targeted surveillance that comes from the warrants they sign off on.


> I'm not aware of any evidence that mass surveillance deters or prevents crime at all, much less is "an essential tool" for doing so.

Oh, you think you are sneaky. This is so carefully worded. You explicitly twist the words of the GP, where they use "fighting crime" you turn that to meaning "deters of prevents crime." They mention "surveillance", and you turn that into "mass surveillance."

That's like me saying "I don't see how fingerprint analysis helps to deter or prevent crimes." Oh sure, it helps capture people after the fact, but I don't think there has ever been evidence show that fingerprint analysis has actually deterred or prevented crime.

So, while you can stand their, smug with your "technically correct" remark, the reality is "surveillance is an essential tool in fighting crime" has been proven to be correct time and time again, and has been instrumental in handing convictions for a long, long time.


It's not a great analogy indeed.

However, you also don't provide much proof that "surveillance is an essential tool in fighting crime". Its efficiency to deter/prevent crime, or even to help catch offenders a posteriori, is also highly debatable (I guess it's more likely to be helpful for the latter, but that still makes the definition of "fighting crime" rather vague as well).

For kicks, I like this paper on how street-lighting and CCTV cameras are apparently equally efficient as deterrent: http://onlinelibrary.wiley.com/doi/10.1111/j.1745-9133.2004.... .

In the case of digital surveillance, I'd be extremely cautious about its actual efficiency. And that something is legal and efficient doesn't necessarily warrant that its ethical and should be used.


There is another way in which the analogy is flawed. The analogy states that after the six months, when the forms have been reviewed or approved, the target dies.

If this is to be analogous to bulk surveillance, the assassination agency would have to discover that the target had actually died in an accident eight months ago, just before the forms were submitted, and they would simply retroactively dismiss any wrongful death or homicide cases that may be ongoing.

The panopticon operators are asking forgiveness rather than permission, and only for those specific instances where the surveillance needs to be laundered from illegally gathered to warrant-authorized.

As such, I have no faith that the spying has ever stopped, or slowed, or even decreased its rate of growth. The steep bureaucratic hurdle does nothing to prevent it. The most it does is limit the amount of information that can be moved from the shadows into the sunshine via that method, and strongly encourages less costly alternatives to actually honoring the law. One such workaround is "parallel construction", where the illegal spying is converted into an anonymous tip to another "innocent" agency of the state, who then gets reasonable suspicion on a pretext charge--like failure to signal a lane change, plus the invocation of the magical ritual phrase "I smell marijuana"--and then the road-patrol cop somehow finds 20 kilograms of cocaine in the trunk.

Fixing or eliminating the FISA court won't stop the behavior. Only actual accountability for the people actually doing the dirty deeds will help.


The mission of FISA is explicitly not for fighting crime! It is for foreign intelligence collection only. It's also ill-suited for the purpose.

State and federal law enforcement can request a warrant. The turnaround time is far lower, the search methods more diverse, and the evidence gathered can be used in court.

Unfortunately, state law enforement can still subpoena your email metadata and your phone records without a warrant: https://en.wikipedia.org/wiki/Smith_v._Maryland


So let me get this straight, to prevent agents from wasting time on cases that are doomed to fail, they make sure that agents waste large amounts of time going through bureaucracy for legitimate cases that will probably win?

That sounds perverse.


That's a straw man argument. Andrew said that the reason the court doesn't decline a lot of requests warrants is because the cases that are not "airtight" never make it to the court. I think this is a fair response to the original comment analyzing the court's "historical performance" as being too lax.


Why should we believe Andrew?


Good question. I don't know if we should, although I've heard similar things said about requests to non-FISA judges, as well. It makes sense to me that if investigators' careers involve learning to cross their t's and dot their i's before they go to a judge requesting an intercept, and they spend years doing it, they get good at it.

Separately from belief, which is somewhat subjective (i.e. it involves more inputs than is practical to list in a discussion), it's important to realize that on a logical level, there are at least two interpretations to a 99% acceptance rate: (1) the bar is really low and (2) there are pre-filters. The certainty with which I often hear (1) being declared or implied seems to miss this point.


You make good points to ponder. In this sort of situation I find that looking at the outcome or the end result provides more information towards the intent or competency of the subject questioned. In my opinion the only real reason for a FISA court existence is to prevent civil laws from being broken. Has the FISA court overstepped the constitution in favor of securing our liberty? Has the FISA court been successful in securing privacy for those they serve?


It's so existential when it's about you...


I don't believe you, sorry. You may be telling the truth but there are so many lies we've been told that I just don't. Sorry, that's how it is and I'm sure a very large number of people would agree with that. The FISA court /is/ a rubber stamp, how do we know? Ed Snowden told us about all the incredible amounts of overreach that the FISA court approved in secret.

We're at far more risk from public servants with delusions of grandeur and infallibility going unchecked than lunatics with bombs. Lunatics with bombs cannot destroy democracy & freedom.


> Lunatics with bombs cannot destroy democracy & freedom.

Indeed, the idea of lunatics with bombs seems to be far more effective at that kind of destruction than actual lunatics.


Your last two sentences should be framed and displayed in every office of every agency concerned.



“The Constitution is not an instrument for the government to restrain the people, it is an instrument for the people to restrain the government - lest it come to dominate our lives and interests.” ― Patrick Henry


Totally agreed with you. Just look at anything David Cameron says for incontrovertible evidence of your last paragraph.


I've put a lot of thought into it, and the only reasonable description of David Cameron is that he is a fascist.


We're at far more risk from public servants with delusions of grandeur and infallibility going unchecked than lunatics with bombs. Lunatics with bombs cannot destroy democracy & freedom

Definitely in agreement there. Look at history, it's always been the case.


The problem isn't whether passing FISA is difficult or not. The problem is what does pass FISA.

That something is not illegal does not mean it shouldn't be illegal. The FISA process legitimises a kind of mass surveillance that shouldn't be legal to begin with.

This is why people call it a rubber stamp process. Even if they're only approving valid requests, the put problem is what is being considered valid.


This is exactly the case. The reason there are almost no denials is that there would have been a great amount of due diligence performed to ensure that FISA collection was warranted. The fact that there are any denials after such analytic rigor takes place, suggests that the FISA court is not a rubber stamp.

Every single year people who are read onto FISA must complete a comprehensive course on how to deal with FISA data, and it's not taken lightly. People lose their job over mishandling of this type of data, for reasons such as: poor query construction, failure to timely delete accidental collection on US Persons, or collecting without prior justification.


> failure to timely delete accidental collection on US Persons

You mean that rule which previously said you had to delete accidental collected information regarding US persons after 6 months? That rule was changed a year ago to 5 years, and in 4 years there won't be any systems left that can delete information and the 5 years will be extended again and again, in the same way as copyright.


It's believable that FISA approval is hard to get, but it's not reassuring. What gets through FISA and what people want the government to do don't match well at all. We've already seen leaked examples of what gets through FISA, and a lot of them are sweeping, invasive, and don't respect the US persons standard in the ways most people would like.

Basically, there's no way to claim the system works when we can watch it produce bad results.


The issue seems to be what is considered warranted/justified. Legal vs Moral

If the rules/procedures/expectations are well defined, one will attain a great rate of success simply by virtue of having a system which can be predicted ( failing candidates early, prior to submission ). This doesn't mean that the system is a rubber stamp, simply that it is reasonably consistent and that the expectations are clear.

This view of rigor/justice contradicts perhaps a common sense understanding which could be rephrased perhaps along the lines of 'should this be warranted/justified?'

It is frustrating perhaps as a result of this mismatch.

How many people are denied marriage applications?

Yet, recently with Marriage Equality...


The problem with your argument is that nobody can legally validate it's central premise, because nobody is allowed to review applications to the FISC.

Unless you have some sort of inside track, I must ask you how you know that applications are thorough and well constructed? Because the only way to be sure is to allow for public scrutiny, but the whole point of the FISC is to avoid this.


This reeks of the typical police brutality / killing internal affairs investigation: we investigated ourselves and found that we did nothing wrong. Trust us.


>The fact that there are any denials after such analytic rigor takes place, suggests that the FISA court is not a rubber stamp.

The fact that there are any indictments after such extensive training takes place suggests that Internal Investigations is not dismissing warranted claims of illegal police behavior.

I don't buy that logic at all.


The NSA has re-interpreted the meaning of the word "relevant" (for investigation) in order to collect millions of people's data at once. How can the FISA judges ever approve that?

Also, you're forgetting that a federal Court has just said that the Patriot Act NEVER allowed for bulk collection. Yet the FISA Court allowed it. Why?! But that's what you get with a secret spy Court that has no accountability.


I've been thinking about this for a while. This is a very compelling argument.

You must have left on horrible terms though, the FISA court has just approved tracking your personal calls. I realize it's not personal, heck, they did the same to me. Nonetheless, there is a warrant to track your personal data. I'm not sure how reliable you could be. Why would they collect your data if you aren't under investigation?

Anyway, this is a stupid ranty argument appealing to emotion rather than logic. Bulk collection seems wrong in a way i have a hard time articulating.


General warrants are unconstitutional. That's all you really need to know.


Honestly, this isn't meaningful reassurance. I'll grant that the FISA approval rate is a bad number to look at - most approval systems eventually get into a pattern where people only submit things that will get approved.

On the other hand, saying that it's hard to get something to the court means basically nothing unless we trust that the bureaucracy and the court share our standards for "good requests". Having seen what things the FISA court has approved in the past, we can say that the system doesn't work simply because it already hasn't worked.


If this is true, it doesn't help at all. Getting a patent approved by the USPTO takes literally years (plural plus). Yet look at all the terrible patents and how the patent system has essentially become the opposite of encouraging innovation.

Government agencies will use FISA because it's there and they know it will get them what they want regardless of whether it makes sense to do it or not, leaked documents have shown.



So, it's OK that the court is effectively a rubber-stamp, because we can trust that the agencies requesting warrants won't ask for things they don't think are reasonable?



I believe you misunderstood him. He seems to be saying that almost no invalid requests were submitted, because there was a rigorous review before submission. The court might not be a rubber-stamp, but the agencies happened to only send reasonable requests, so they got approved.


Damn near everything they sent to be approved was in line with how FISA rules on such things.

We've got two arguments

    - Did FISA properly check submissions were appropriate for their rules/laws.
    - Are FISA rules/laws appropriate for USA #1
I think we can all agree the first might be true (and thus they are not rubber stamping), whilst simultaneously mostly agreeing the second is definitely doubtful


This is a great summary of the problem, and of why we're talking at cross purposes. Defending the accuracy of the FISA decisions only defends points one, while almost everyone attacking the court is talking about point two.


Whoever mentions the numbers on how few applications were rejected as an argument seemingly can't be talking about point two. And that was what prompted this particular discussion, so I don't think you can claim the people involved are talking about point two.


The NSA asks for "general warrants" and you think that's "reasonable"?

NSA: Can we spy on everyone at once?

FISA: Why yes of course you can - BUT, you have to fill out this form first...and do it properly or we'll never approve you!

NSA: Oh..but that's such a drag! Okay, fine, we'll do it.

That's kind of what seems to be happening.


NSA: Aw man the supreme court just told us to stop. Fisa: Don't worry about them I'll approve it for "six" more months lol.


That's not what happened here.


Could have fooled me.


Not sure if you read the OP, but it made it clear the conflicting ruling was from the Second Circuit, not the Supreme Court. Also, the Second Circuit ruling was based on Congress not being clear on what was allowed; now that Congress passed another law that extends bulk collection for 6 months, that argument no longer applies.


I didn't say that, I actually have little idea what has been requested. I was just explaining what the above comment meant.

Also, my "reasonable" meant "legally reasonable".


I'm not saying anything about how much trust you should put in the system, rather that the review process is significantly more in depth than what these statistics can show.


Maybe so, but what evidence does the public have of that claim? We get only the tiniest peeks at this process, and they look terrible, and then we're told "it's not so bad, you don't have enough information to know."

Which is exactly what people have complained about.


I stop you right at the term 'court'. The doors are locked and all proceedings are done in secret with no counterparty. I say this 'court' doesn't conform to its definition of a "place where justice is administered". Maybe "court theatre" or "cargo cult court" might be a more accurate term ?


I believe the first Snowden document leaked (the dragnet Verizon FISC decision) is evidence against this argument.


Is there any reason at this point to believe that FISA is less than an NSA organ? Secret courts in the USA, what has the world come to?


If the evidence bar is so high, why exactly have there never been any arrests made using the data? That is an awful lot of people affected negatively for a zero benefit program. You would think a massive bureaucratic battle to only submit valid warrants would result in at least one arrest.


>why exactly have there never been any arrests made using the data?

To clarify the statements in press have been that no terrorists have been arrested based on the data. That is not the same as never having arrests.

There have been plenty of domestic arrests but they don't typically fall under the "terrorism" scope because of the nature of the act. Espionage etc... can be proven with this data and actions can be taken (like arrests) more quickly and easily than determining if someone is going to attack something a la terrorism.

I have no involvement in this case but I would say almost for certain that portions of surveillance in this case went to FISA for approval: http://www.businessinsider.com/fbi-we-arrested-a-russian-spy...

A gripe I have with the community at large is that the messaging focuses too much on terrorism and not enough on the other functions that are seeing successes everyday (counterintelligence etc...).


They have been hiding the activities of FISA by using parallel construction as the basis for arrests: 1) Get dirt on someone illegaly. 2) Find a legal avenue to discover that same information now that you know it's there. That protects their collection methods when defendants try to find out how they were nabbed. The FISA warrant never has to be disclosed if no one outside the community knows it exists. Consequently they are never "officially" used for an arrest.


So the justification of the warrants is to use a "national security" cover for spying on people while evading discovery for when we don't actually use it for national security? That sounds pretty impeachable to me.


The problem with an explanation like that is three-fold:

1. It applies to agencies you know and more specifically parts of those agencies you have experience with. Many federal agencies have demonstrated that the left hand and the right hand don't always talk.

2. Other agencies are free to apply different policies (cough NSA cough DEA cough) that aren't in line with say, the FBI's policies.

3. This does not change the fact that the FISA court acts as a rubber stamp, the bulk majority of what it rubber-stamps might have met the requirement of EO 12333, some of ought might also have been legal under the constitution and existing laws or maybe the judges are so blasé that they just assume that most of what they see must be OK, it got there after all.


Essentially this is the "we know who is guilty" argument.


So you're saying that the pass/fail ration we see is meaningless because there's effectively a prior filter.

What's the pass/fail ratio for it?


Well, it's also very high. Obviously, because these are highly trained, hard working, excessively competent, law enforcement agents who wouldn't suspect a person if he weren't doing something wrong. Who's got the time for that what with them being chronically under-funded, under-trained, and under-staffed. /s


Ok, let's assume anecdotally that this is true. This is your experience.

How would this be any different from the bar that a prosecutor has for bringing a criminal trial to court? Lost time, lost reputation, chance of losing the election. Every time a prosecutor decides to go all in, they're taking what could be a huge risk -- if not in that particular case then in the aggregate.

Yet we see much different numbers from courts when an open adversarial system is used.

So a reasonable outside observer is left to conclude that either the federal government is full of incredibly competent legal minds, for whom the slightest mistake would be anathema -- or it's a rigged game. Doesn't matter what they bring.

I understand I'm making a bit of a false dichotomy for rhetorical effect, but my argument is still sound. One of these options is much more likely than the other one.


That's not a fair comparison, because the FISA court isn't proving guilt, it's requesting a warrant by attempting to prove reasonable suspicion. It would be a fair comparison if you compared them to the percentage-granted for regular search-warrants, and what I can find online seems to indicate that it's fairly high for those as well, again because they're not proving guilt.


I am sorry but did you just say that bureaucracy is against the will of the government? Bureaucracy is the government!


Those numbers don't mean much without the ability to compare them to the acceptance rate of warrants in other criminal courts.

I haven't found a single statistic on that seems that no one actually is keeping or publishing it, but every article I've read seems to point that denying warrants is very rare in all jurisdictions.

e.g.: http://tucson.com/news/local/crime/rejection-of-search-warra...

I mean in California police officers can request a warrant and have it signed digitally, and they even got a fucking app for that.

When you automate a system to a point when a police officer can get a warrant on his Ipad i some how don't think that many of them are denied.


> an average of 33 a week

Sounds pretty reasonable, until you read:

> Every few months, the FISA judges set aside their regular, public cases, travel to Washington, and take the bench inside a secure, windowless courtroom at 333 Constitution Avenue.

Oh, so what actually happens is that every few months the judges get together and do a "rigorous review process of applications" of hundreds of applications?

Sounds legit to me.

... wait...


And we're expected to believe that the three letter agencies just sit around, twiddling their thumbs, patiently waiting all those months for FISA approval before commencing surveillance on their targets?

Something here is not adding up.


Sounds a lot like a grand jury stuffed with hand-picked jurors. We know how that sort of thing usually turns out.

>"During a single four-hour workday last week, a Mecklenburg County grand jury heard 276 cases and handed down 276 indictments.

That means the 18 jurors heard evidence, asked questions, weighed whether the charges merit a trial, then voted on the indictments – all at the average rate of one case every 52 seconds…".



I believe they rotate who has the duty.


A pair of judges every six months with 800 applications to review? Or a pair of judges every month with 150 applications to review? In what time period? Do they spend an hour? A whole day? A whole week? All we have to go on is one vague article.

...and that article suggests that (if we accept they rotate duty and meet monthly say) they spend, on average, (8 hours / 133 * 60 minutes) ~3.5 minutes carefully evaluating each application. If not, it's ~30 seconds per application.

So are the numbers wrong? Or is the bold assertion that they 'carefully review each application' completely farcical?

30 seconds to rubber stamp an application sounds about right to me.

The point remains; there is no 'fulltime' FISA court.

Periodically the presiding judges get together and process a bulk of applications all at once.


> A pair of judges ... Do they spend an hour? A whole day? A whole week? All we have to go on is one vague article.

The FISC has its own website which happens to answer your question right on the "About" page[1]:

The Court sits in Washington D.C., and is composed of eleven federal district court judges who are designated by the Chief Justice of the United States. Each judge serves for a maximum of seven years and their terms are staggered to ensure continuity on the Court. By statute, the judges must be drawn from at least seven of the United States judicial circuits, and three of the judges must reside within 20 miles of the District of Columbia. Judges typically sit for one week at a time, on a rotating basis.

> ...and that article suggests that (if we accept they rotate duty and meet monthly say) they spend, on average, (8 hours / 133 * 60 minutes) ~3.5 minutes carefully evaluating each application. If not, it's ~30 seconds per application.

No, the article says 33 per week. The judges aren't meeting together every few months; the sitting judge is replaced by the next every week or so. Assuming an 8 hour work day and 33 warrants per week, that (8 * 5) / 33 = 1.2 hours per warrant on average.

[1] http://www.fisc.uscourts.gov/about-foreign-intelligence-surv...


All the real work is being done by clerks and staff attorneys. The judges just show up to read the briefs and sign the orders. I doubt the judges themselves are spending much more than 15 minutes on each warrant. The court staff are likely spending 4-12 man-hours on each warrant, mostly filling in the blanks on forms and boilerplate.

And their jobs are not really to weigh the merits, but to cover the judge's ass, just in case something really egregious comes back that points at their bench.

As they preside over a secret court that determines whether the low standard of reasonable suspicion has been passed, the judges barely need to spend any time at all actually judging anything. The worst that can happen is that the trial judge might exclude the evidence collected on their warrant, and that's about as damaging to their careers as an ingrown hair.

I'm not sure you could find a cushier job if you designed one from scratch.


Also the FISA court has been called an "almost parallel supreme court" by the New York Times, and given that it only hears one side of a case, makes this all the more troubling.


people have talked about only hearing one side of the case, but that's the same for all warrant proceedings.

FISA court isn't about declaring people guilty, it's about declaring whether there's reasonable suspicion.


On the other hand, we do have expiry (by default) of the secrecy surrounding regular warrants when they're executed, plus the ability to challenge them at trial and in appellate proceedings, with the result that there's an enormous amount of regular case law about them, even though all of them were originally issued ex parte.

So that is very different.

The main exception that we know about in the regular criminal justice system has been cell site simulators and cell site location information, where the government tried super-hard to prevent people from knowing that this information was being collected or challenging its collection or use.


It's more than just warrants, it's any information about information gathering at all.



Well in that case they've never had it with regard to 'all' business records of ANY kind. By definition there is no 'reasonable suspicion' in that context.

In fact there is no suspicion at all, and that lack of suspicion is the crux of the whole argument is it not?


It's about stuffing databases full of surveillance information gathered by the NSA; databases which are shared with law enforcement agencies across the country. Those agencies then use the data to mine for leads, stage fake context searches, seize peoples' property, and put people on criminal trial; all while denying collusion with the surveillance state. I'm supposed to think this is all okay because, 'hey, they're guilty, right?' except that 1. This is explicitly prohibited by the Bill of Rights and 2. They aren't always guilty.


So how does the FISA court determine that "3-hop" people (millions) are "suspicious, then?

The standard for an NSA "general warrant" is FAR, and I mean FAR weaker than for a regular warrant. Literally orders of magnitudes weaker, to the point you could barely consider it a "standard". Especially when the FISA court approves for for 3 months at once (and now for 6).

What kind of "warrant" is that? Does that sound reasonable to you?


I hate to break it to you, but organizations and agencies are basically using humans to further their own desires, such as to continue existing and expand their powers. You can see this in organizations ranging from companies to government agencies. And Big Data is like crack cocaine to them. Do you really think you can cut off their access to something so eminently collectable? Do you think if it technology has enabled it, then organizations won't find a way to use it? If the USA spy agencies don't do it, the Chinese and Russians will. The details of some domestic law doesn't matter, they'll just find ways around it. At the end of the day, the organizations need the data. Humans can only fight organizations with other organizations... humans that try to get in the way on their own are eliminated and replaced.


> comport with what the applicable statutes authorize

If the statutes are extremely broad and permissive of surveillance, then he could well be telling the truth - FISA could be rigorously scrutinising every request and finding that the statutes permit almost all of them.


The FISA court is unconstitutional.


I don't know that this is true but I think we ought to pass a law or constitutional amendment banning secret/private courts if it is not.


The resistance to the Bill of Rights was based on this very notion, the fear that adding an enumeration of some rights would eventually be seen as an enumeration of all rights and that any rights not explicitly enumerated would be considered as lesser rights not protected by the Constitution.

Of course, a right being clearly stated in the Constitution doesn't do much to protect it either. Consider all the limits on gun ownership that run counter to the second amendment. Even someone who is against guns should be of the view that a Constitutional amendment should be needed to allow for limits like those we currently have. For example, banning a mentally ill person from owning a gun or charging a licensing fee to own a gun. Both of these exists and are not considered to infringe on second amendment rights. Now imagine if the same logic was applied to other rights, such as a fee to vote or not allowing free speech to those deemed to have a mental illness (never mind the difficulty in determining what constitutes a mental illness).


> In a statement, he said: "The perception that the court is a rubber stamp is absolutely false."

Is it me? I just hear Nixon saying "I'm not a crook"...


Or "Read my lips. There will be no new taxes".

Given the track record, I wonder what kind of mindset it takes for people who still believe official statements of that kind.


You're right, he's not very good at the rhetoric [1]. That doesn't mean anything logically.

1. https://en.wikipedia.org/wiki/Ironic_process_theory


Even if it was ultimately valuable in that way, cold war espionage was still an extremely expensive theatrical game of back and forth - often piggy-backing on morally-questionable methodology in order to get those results.

Opportunity costs...



Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact