Edward Snowden

[Tom Servo]

This is a shame as the NSA was out of control and 39,999 people are more interested in big paychecks than exposing the abuses of their agency.

That's a bit disingenuous. It assumes that those other 39,999 people have access to the sort of information Snowden did. I sincerely doubt that was the case.

Several whistleblowers have quietly come forward in the last few years. We didn't hear about them on the evening news because they went through official channels rather than being publicity hounds.

 

[cryogenic419]

Given there about 40,000 people working for the NSA and only one spilled the beans. This is a shame as the NSA was out of control and 39,999 people are more interested in big paychecks than exposing the abuses of their agency.

I'm sure not all of them have access to or come across anything that would even closely resemble the spying and government agency run amok. I am sure there is a certain amount of fear on the employees side. You come out with some MAJOR whistleblowing revelation that goes public, careerwise they will destroy you. Is it possible that leaking info could end up with you being charged with a crime and a conviction? The fallout this could bring on your friends and family...even if they had absolutely nothing to do with or ANY knowledge of it. If anybody has any skeletons in their closet rest assured they will come out. I'm thinking that's just the tip of the iceberg, I know there is probably a great deal more for people to consider. As screwed up as this sounds, doing the right thing could cost you (and possibly friends and family) everything. How many people are willing to take that risk?

Without trying sounding paranoid or like some nutjob, but who is to say others have not at least tried to expose some of the goings on, but were either threatened or died from what appeared to be natural causes, accidents, etc. I know it may sound a little far fetched but once upon a time so did our own government spying on us or tracking what guns we might purchase, or any of the other controversies that have reared their ugly heads in the last few years.
A lot of people are kind of shocked about all of the things Snowden brought to light. Imagine all the things that are still going on that he wasn't privy to.

 

[Bartholomew Roberts]

Given there about 40,000 people working for the NSA and only one spilled the beans. This is a shame as the NSA was out of control and 39,999 people are more interested in big paychecks than exposing the abuses of their agency.

I worked for Naval Security Group during my military career. One of the big tragedies of the Snowden leaks is that they expose a very real problem - how do you have a debate about the limits of an open society without exposing your knowledge of other societies secrets? There is a lot in the Snowden leaks that worries me and strikes me as problematic to a republic or democratic society. Having said that, on the Internet forums I frequent, there is a clear lack of understanding in how the NSA works or why some of those techniques might be desirable. Even worse, though I have some useful thoughts on the matter (IMO), I have signed a non-disclosure agreement that prevents me from offering anything more than the most vague and unhelpful commentary.

I would just note, there were at least a half dozen NSA whistleblowers prior to Snowden in the previous 10 years. The big difference is they followed the officially sanctioned whistleblower procedures. And while these questions didn't receive the intensity that Snowden did, they were covered in several major media outlets. The fact that so many Americans know nothing about this speaks more to the underlying problem than anything else IMO.

 

[Aguila Blanca]

If there were other, previous, whistleblowers, apparently whatever resolution was reached regarding their complaints didn't do much to "resolve" the fundamental issue.

Which is not surprising, when everything is conducted in a behind-closed-doors, "I could tell you but I'd have to kill you" atmosphere. The entire concept of a secret court approving secret warrants with nobody to argue for the "defendant" (which is us -- all of us -- is like something out of Alice in Wonderland. Good grief, in probate situations it's routine to appoint a guardian ad litem to represent potential future offspring/heirs who have not been born yet, have not been conceived yet, and who may not even be in anyone's future plans. But "they" get representation. One would think that the entire population of a country deserves at least that modicum of representation.

The secret court thing is like the TSA rules.

"You can't bring that onto an aircraft."

"Why not?"

"It's against the rules."

"Can I see the rule?"

"No, it's secret. I can't show it to you but it's in the rules."

Sorry, but that ain't no way to conduct the business of life in a purportedly free country. How can we claim to be a nation of laws when we're not allowed to read the laws before they're passed, and then the laws are implemented in secret by people who aren't even known to the public?

 

[barnbwt]

"One possibility is that a trace was issued for your gun for some reason, but barring an interagency investigation, that would have been done by the ATF. I have no idea why or how the FBI would get that information."

It seems we are getting confirmed reports that the ATF is engaged in its own version of "Omniscient Information Gathering" by copying entire bound books instead of just entries pertaining to ongoing investigations as the law specifies. What's to stop the FBI from running traces on large numbers or even all guns in their own version of the same under some tenuous justification by terrorism or investigation? Remember these are the same guys remotely turning on computer web cams, btw (only with a warrant, of course, and only pertaining to individuals involved in ongoing investigations...)

TCB

 

[Buzzcook]

One thing that Snowden's acts have revealed is how quickly commercial entities give up information to government.

They do it without warrant or any force of law.

Personally I see this as just as great a threat as cyber surveillance.

Heck why spy on us when corporations have collected loads of detailed information?

 

[Glenn E. Meyer]

I heard a discussion about why the government is different from the companies.

1. You have a choice not to use the companies' services. Granted that would make life impossible nowadays but it is a difference.

2. Importantly, government is seen as the only legitimate entity that can use force against citizens (except in self-defense cases). Thus, having an entity with such power to have such information is a threat to the citizenry. The phone company or Amazon is not going to come for you with armed force.

Of course, an Amazon drone is now ....

 

[Buzzcook]

1. You have a choice not to use the companies' services. Granted that would make life impossible nowadays but it is a difference.

A. We may sign privacy agreements with companies, but only medical information is protected by law.
B. Any privacy agreement we have with a non-medical entity is not binding on the corporation. ie just as an insurance company can change the terms of its contract with us without our consent, a company can also change the terms of a privacy agreement without our consent.
C. If we are concerned about choosing a company that won't share our information with government, then we have to know which companies are sharing and which are not. From what we've learned no telecoms have refused to provide information to government. We can not make a choice when don't know which companies willing give our information to government and which do not, or at least not now.

2. Importantly, government is seen as the only legitimate entity that can use force against citizens (except in self-defense cases). Thus, having an entity with such power to have such information is a threat to the citizenry. The phone company or Amazon is not going to come for you with armed force.

A. Yes we do not want government to have our information without following specific rules.

B. Government can and has bypassed those rules by having private entities collect or give that information to the it.

C. If it is proper to keep government from easy access to our information then it is important to protect all the means through which they can get our information.

D. Government may be seen as the only that can use force, but we are not that far from Pinkertons gunning down workers. But that's a separate matter.

 

[Wreck-n-Crew]

A. Yes we do not want government to have our information without following specific rules.

And how will (following of specific rules) that be accomplished with any degree of certainty? Kind of the problem with them having it to begin with is it not? TMI, Too much power, and no way to insure it is not abused IMO and the reason why I don't want them to have it in the first place.

 

[SC4006]

Sorry that I have nothing productive to offer to this conversation, but the NSA could be reading this whole thread right now laughing at our various theories on how exactly they operate and how much they know.

 

[dakota.potts]

It's very likely that "they" don't read anything at all, just index it into a database which compiles it and makes it easy to look into somebody or something if they want to. I doubt they have the manpower to watch the lives of 300 million American citizens (and Germany and other countries apparently) as it happens or even put man eyes on every piece of information.

 

[SC4006]

Yeah I was just kidding around, I doubt they take the time to read anything unless they feel it pertains to some "threat". I think you're probably right dakota.potts, they probably just collect everything and put it in a big database ready to be reviewed if necessary.

No matter how they do it though, I don't think they will stop anytime soon even with everyone knowing.

 

[raimius]

I agree with many of the opinions in this piece:
http://www.theatlantic.com/technolo...w-the-nsa-threatens-national-security/282822/

I think the risks of the programs, as currently reported, are probably worse than the benefits obtained. Trying to find the needles in ALL the world's haystacks is not going to work well, and the cost of looking through everyone's "haystacks" is very costly to civil society, privacy rights, and is ripe for abuse.

 

[Jim March]

One of the results of Snowden's revelations is that other people are poking their noses into what is going on.

That includes my new wife and I, who wrote this:

https://docs.google.com/file/d/0B6Fh3F6hufhDMGVjMUgxdXEwMzg/edit

It is about one of the NSA supporting contractors, a company called "Endgame" that is a major purchaser of computer exploits that have been discovered by security researchers but NOT yet revealed to whoever is supposed to close the security flaw - Microsoft, Google, Apple, Adobe, etc. These exploits are called "zero day" because the companies affected have had "zero days" to close the holes.

Endgame uses these exploits in their collection to not only help the NSA raid systems, but also sell "black hat hacking services" to major corporate customers...we don't know who but the Endgame managers have a history of working with major banks and investment houses on computer security issues before they started Endgame.

We even know their price list: $2.5mil allows you to use Endgame's exploits to raid any 25 computers in the world. We assume that doesn't include US government systems.

This is what happened when I walked up to the front door of Endgame in Atlanta GA with a quasi-hidden-camera (Looxcie 2 head-mounted):

http://www.youtube.com/watch?v=Vr5LIgZvx_8

There is now legislation pending to ban the sale or purchase of zero-day exploits, in direct response to the reporting Jill and I did which was picked up nationally. But it really shouldn't matter, because what Endgame has been doing is absolutely letter-of-the-law illegal as hell - it's classic "black hat hacking". Put another way: while ownership of exploits (and paying up to a quarter mill a pop for them) is not yet illegal, using them damned well is. Congress appears willing to try and act as best they can to deal with Endgame and their kin but the US-DOJ could come down with both boots and they refuse.

Endgame isn't the only private contractor who are potentially just as annoying as the NSA...Snowden himself worked for a private contractor, after all. What we have here is a classic case where some (with the right connections) are allowed to break the law while any "peon" who does exactly the same thing is stomped on by the full weight of goverment.

The entire financial market has, in similar fashion, been allowed to pull off trillions of dollars in fraud with nary a set of handcuffs in sight.

This is how societies collapse.

As a sidenote, I will be asking the mods special permission to change my username if that's possible, as I'm changing my last name to "Simpson" to match my wife.

 

[drcook]

Do you know what an IP (internet protocol) address is ? each and every one of your cable modems, dsl modems, etc have a static assigned IP address. so even though you have used a creative name to hide behind on a internet forum, you are not invisible to the forum administrators, nor to anyone sifting and intercepting internet packets.

Each and everyone of us that post on these forums and is not using a dial modem anymore has been captured and stuck on a list. That you can count on.

Back during the days of dial of modems, there was more anonymity. Dial up modems accessed a new IP address each time a connection to the net was made. This is how people were able be banned from a forum, but create a new ID with an email address from another provider, such as hotmail, yahoo, etc.

Today, astute forum administrators can ban folks from the forums and block access via an IP address.

That is the other reason why people's computers are hacked and commandeered for nefarious purposes. Any emails, site accesses and such are tracked back to the commandeered computer.

I wrote software for almost 30 years. I know what can be done with machines. The grocery stores are doing it all the time. All those customer cards that you carry in your pocket are used to compile statistics, buying patterns, etc. It lets each store analyze the buying patterns of the people that habituate their particular store and stock the shelves accordingly.

This ability to track each and every transaction is also one of the reasons behind the push to do away with currency. When you pay with cash, there is not way to track who bought what unless you let them scan in your personal information.

 

[CowTowner]

I'm going to partially disagree with you, drcook.
Not every device using cable, DSL, VDSL, or other means to connect to the internet besides dial up has a static IP Address.
In fact, most are DHCP enabled and can get a different address if the device is power cycled an/or the lease timeframe has expired.
You're close, but not completely there yet.

 

[KyJim]

Yes, I have a dynamic IP address assigned to my router by my cable company. My router then dynamically assigns a "local" IP number to various devices (pc, laptop, Iphones, etc.). The outside world, however, only sees my router IP address. The cable company keeps a log so that they know who has what IP address at any specific time. Thus, they could obtain the logs and track an IP address to my home but not know who or what device was used.

However, devices accessing my router will have a unique MAC address (media access control address). Depending upon how a router is set up, it may also log which devices log onto the LAN at certain times. I certainly don't know how to do it, but I'm betting there are ways that a router could be hacked to obtain the MAC address (or they could physically seize the router to obtain logs).

This ability to track each and every transaction is also one of the reasons behind the push to do away with currency. When you pay with cash, there is not way to track who bought what unless you let them scan in your personal information.

That's the allure of Bitcoins.

 

[drcook]

in all actually I am a bit more right than that but yes they can change, but in all actuality, if you have broadband, you have the same IP address for extended periods of time

take a look at

Sticky dynamic IP address

A sticky dynamic IP address is an informal term used by cable and DSL Internet access subscribers to describe a dynamically assigned IP address which seldom changes. The addresses are usually assigned with DHCP. Since the modems are usually powered on for extended periods of time, the address leases are usually set to long periods and simply renewed. If a modem is turned off and powered up again before the next expiration of the address lease, it will most likely receive the same IP address.

so unless you are powering you cable / dsl modems off and on continually and even then, depending on how the provider has its time periods defined, you are more than likely going to get the same IP address. this will give anyone looking more than enough time to scrape up information about you and since IP address then are tied back to the MAC address of the broadband modem

there is really no invisibility on the net.

how do you think they hacked the net ? they went offshore and spliced into the cables

a few years ago there was an outage of the 2 main cables running into India, it affected the business I was at, as well as lots of companies doing offshoring

do you really think it was an accident ? especially in light of what Snowden has said ?