Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Privacy Communications Government United States

Inside PRISM: Why the Government Hates Encryption 457

Posted by timothy
from the they-hate-envelopes-too dept.
Lauren Weinstein writes "Now, what's really going on with PRISM? The government admits that the program exists, but says it is being 'mischaracterized' in significant ways (always a risk with secret projects sucking up information about your citizens' personal lives). The Internet firms named in the leaked documents are denying that they have provided 'back doors' to the government for data access. Who is telling the truth? Likely both. Based on previous information and the new leaks, we can make some pretty logical guesses about the actual shape of all this. Here's my take."
This discussion has been archived. No new comments can be posted.

Inside PRISM: Why the Government Hates Encryption

Comments Filter:
  • Definitions. (Score:5, Insightful)

    by Mitreya (579078) <mitreya@gmail.LAPLACEcom minus math_god> on Friday June 07, 2013 @07:14PM (#43942359)

    The government admits that the program exists, but says it is being 'mischaracterized' in significant ways ... The Internet firms named in the leaked documents are denying that they have provided 'back doors' to the government for data access. Who is telling the truth? Likely both.

    Considering that the government is not saying anything in particular, it is easy to tell the truth here. When they defend the program as a "crucial tool in war on terrorism", that's quite possibly the honest truth since neither that "war" nor "terrorism" has been defined to any degree. Thus anything could be a crucial tool.

    • Re:Definitions. (Score:5, Insightful)

      by Jherek Carnelian (831679) on Friday June 07, 2013 @07:43PM (#43942543)

      If they are willing to do things like define all military age males as militants [salon.com] to avoid admitting to civilian casualties from drone attacks you know they don't have a problem redefining pretty much any word in order to avoid being held accountable to the people.

    • Re:Definitions. (Score:4, Insightful)

      by cold fjord (826450) on Friday June 07, 2013 @09:05PM (#43943115)

      that's quite possibly the honest truth since neither that "war" nor "terrorism" has been defined to any degree.

      For it is the doom of men that they forget. -- Merlin, Excalibur [imdb.com]

      SEC. 2. AUTHORIZATION FOR USE OF UNITED STATES ARMED FORCES. [gpo.gov]

      (a) In General.--That the President is authorized to use all necessary and appropriate force against those nations, organizations, or persons he determines planned, authorized, committed, or aided the terrorist attacks that occurred on September 11, 2001, or harbored such organizations or persons, in order to prevent any future acts of international terrorism against the United States by such nations, organizations or persons.

      By their deeds you shall know them.

      1996 Bin Laden's Fatwa [pbs.org] - The following text is a fatwa, or declaration of war, by Osama bin Laden first published in Al Quds Al Arabi

      1998 Bombing of US embassies in Tanzania and Kenya [nytimes.com]

      2000 Photo: USS Cole [washingtonpost.com] - Video: 2000: USS Cole Attack [cbsnews.com] in Yemen

      2001 9-11 [telegraph.co.uk]

      2002 Bali terror attack [bbc.co.uk]

      2004 Madrid train attacks [bbc.co.uk]

      2005 London 7/7 Terrorist Attacks [www.bl.uk]

      2009 Now classified as "workplace violence" - Nidal Hasan Admitted Jihadist Motive, Ft. Hood Victims’ Attorneys Say [go.com]

      2013 Boston Marathon Bombing [cbsnews.com]

      Note that this is only a snapshot of attacks, and doesn't include the many attacks that occurred in the Middle East (except the Cole). It also doesn't include the many plots disrupted by the security services, or cancelled by the terrorists planning them. It doesn't include the many arrests for terrorism related activity, but snapshot of that over a short period of time is below:

      FBI’s Top Ten News Stories for the Week Ending January 27, 2012 [fbi.gov]

      Denver: Man Arrested for Providing Material Support to a Designated Foreign Terrorist Organization

      Jamshid Muhtorov was arrested by members of the FBI’s Denver and Chicago Joint Terrorism Task Forces on a charge of providing and attempting to provide material support to the Islamic Jihad Union, a Pakistan-based designated foreign terrorist organization.

      Baltimore: Man Pleads Guilty to Attempted Use of a Weapon of Mass Destruction in Plot to Attack Armed Forces Recruiting Center

      U.S. citizen Antonio Martinez, aka Muhammad Hussain, pled guilty to attempted use of a weapon of mass destruction against federal property in connection with a scheme to attack an armed forces recruiting station in Catonsville, Maryland.

      Washington Field: Man Pleads Guilty to Shootings at Pentagon, Other Military Buildings

      Yonathan Melaku, of Alexandria, Virginia, pled guilty to damaging property and to firearms violations involving five separate shootings at military installations in northern Virginia betwe

      • Re:Definitions. (Score:5, Insightful)

        by ebno-10db (1459097) on Friday June 07, 2013 @09:24PM (#43943203)
        What's your point? For how many of those things were these monitoring programs necessary? They only started in 2007. They weren't able to do this kind of work before that? I find that hard to believe. The FBI could have prevented 9/11 if only headquarters had listened to the field offices, and no widespread monitoring like this would have been necessary. Since 9/11 they're more on the ball. Good. And they were plenty on the ball through 2006, before these programs started. It's called police work, and it was done very successfully for many years without massive surveillance.
      • Holy wall of text, batman. I feel we should build a Plinth upon which to erect this comment, for never before, and perhaps never again, will a person as completely encompass why the acronym "tl;dr" was invented.

        Let's wind back the clock a few months to the 3rd week in February. It's late at night and Jon Stewart pops in; "So 'imminent threat'... in other words, imminent... or not imminent. Broadly speaking, imminent in the geological sense. So, wait, we can kill an American who is in al Qaeda or al Qaeda-a

  • by ze_nexus (1123017) on Friday June 07, 2013 @07:16PM (#43942369)
    that if our government really has all of this data then China has it too
    • by PPH (736903)

      Thanks for bringing up China.

      On the eve of Obama's meeting with President Jinping, any conversations about Chinese espionage is going to be quite embarrassing.

      • by ebno-10db (1459097) on Friday June 07, 2013 @07:41PM (#43942533)

        On the eve of Obama's meeting with President Jinping, any conversations about Chinese espionage is going to be quite embarrassing.

        That's it! The Chinese found out about this through their hacking, and leaked it to the press to avoid complaints about their hacking. Is there anything like a Pulitzer Prize for conspiracy theories?

  • back door? (Score:4, Interesting)

    by stanlyb (1839382) on Friday June 07, 2013 @07:19PM (#43942393)
    What about the front door? Did anyone denied access to the front door? What about any door? What about the room? Did anyone, explicitly denied any kind of access?
  • Rogue employees (Score:5, Insightful)

    by hawguy (1600213) on Friday June 07, 2013 @07:25PM (#43942415)

    There's always the chance that NSA has Google employees on its payroll that are tasked with secretly handing off data. They could even be there under a verbal handshake agreement with Google management, giving Google plausible deniability in case they are ever discovered: "I'm shocked, shocked to find that data gathering is going on in here!"

    Then everyone is happy - the NSA gets their data, and Google can legitimately say that "they" are not handing over data to the NSA.

    And since secret FISA orders can apparently compel anyone to do just about anything and keep it a secret, there's nothing illegal about it.

    • Possibly but I have to think at least some of these billionaires would say hold on, and buy a half hour block of TV that evening to have a chat with America.

      • Re:Rogue employees (Score:5, Insightful)

        by hawguy (1600213) on Friday June 07, 2013 @07:37PM (#43942513)

        Possibly but I have to think at least some of these billionaires would say hold on, and buy a half hour block of TV that evening to have a chat with America.

        "Sergey and Larry, we know the Justice department has been hard on your company, and we've heard that they are going to open a lot more probes into your business practices, you'll be deposed so many times that you may as well move to Washington DC. I think we could make things better for you if you'll just agree to let us put a few of our employees in your datacenters....as a token showing of good faith, we're giving you use of NASA's runway at Moffett Field for your little 767 jet"

      • by stanIyb (2945195)

        What are you even referring to?

      • I have to think at least some of these billionaires would say hold on, and buy a half hour block of TV that evening to have a chat with America.

        And put themselves out of business? Not likely.

      • Possibly but I have to think at least some of these billionaires would say hold on, and buy a half hour block of TV that evening to have a chat with America.

        Why? Given the cost of 30 minutes of prime time, it'd probably be cheaper to just buy a few senators, and then have them tell the spooks to back off...

    • by PPH (736903)

      I think this goes beyond a few employees walking out with the occasional thumb drive. If they have a link inside Google* it means a sh*tload of additional traffic to their backbone provider. Or a dedicated fiber link. Someone would notice.

      *Its more likely this is being monitored in real time at the backbone providers. The same people that were given unconditional amnesty for handing customer data out. Cue the movie scene where the crooked cop has all the local hoods on a short leash when he needs some dirt

      • by hawguy (1600213)

        I think this goes beyond a few employees walking out with the occasional thumb drive. If they have a link inside Google* it means a sh*tload of additional traffic to their backbone provider. Or a dedicated fiber link. Someone would notice.

        Depends what data they are monitoring, if they are just capturing search queries and IP addresses, it's not that much data. Google gets around 4B queries/day [statisticbrain.com]. If each query log entry consumes 256 bytes (should be less with compression?) that's 1TB of data per day, which *would* fit on a thumb drive [wired.co.uk]. Or consume around 100mbit/second of bandwidth, which would be lost in the noise of Google's outbound bandwidth (or served by a single AT&T fiber drop that terminates at the NSA)

        *Its more likely this is being monitored in real time at the backbone providers. The same people that were given unconditional amnesty for handing customer data out. Cue the movie scene where the crooked cop has all the local hoods on a short leash when he needs some dirty work done.

        Depends on whether or not they

    • Re:Rogue employees (Score:5, Insightful)

      by Enry (630) <enry&wayga,net> on Friday June 07, 2013 @08:31PM (#43942921) Journal

      You want tin foil? How's this:

      Go read James Bamford's "Body of Secrets". Near the end, he mentions the things that the NSA needs to get right in order to stay ahead in the intelligence business:

      Distributed data so that the loss of one data center doesn't impact data
      Ability to import and index a massive amount of information continuously (while keeping it available)
      Accurate speech to text
      Accurate language translation
      Ability to search massive amounts of data very quickly, ranking results
      Search through different media formats (video, audio, text, etc.)

      Now go look at what Google is good at and known for.

  • by ganjadude (952775) on Friday June 07, 2013 @07:26PM (#43942423) Homepage
    zuckerburg said he doesnt give the government "direct access" to its servers, that doesnt mean that it doesnt give them access. I am sure there will be more "legal speak" in the days to come
  • by fustakrakich (1673220) on Friday June 07, 2013 @07:29PM (#43942453) Journal

    Unless you're one of the 1.5% of the people didn't vote for a republican/democrat, STFU! You voted for this at least six times since it was officially made legal. And no doubt you will approve again in the next election.

    • Oh wait, I apologize for being so harsh. What I meant to say was, you have the right to remain silent. Please make the most of it. Thank you very much

    • There are a lot more than 1.5% of us who didn't vote for the US government, starting with almost everyone outside the US, who the US Powers That Be don't much seem to care about alienating this week even if we're all "allies". This whole mess is exposing the fundamental problems of international legal frameworks when it comes to commercial and intelligence practice.

      For example, it's now going to be very awkward for US businesses that deal with lots of personal information about people from Europe -- where d

    • by squiggleslash (241428) on Friday June 07, 2013 @08:35PM (#43942951) Homepage Journal

      Oh rubbish. You forget that in 2008 there really was a choice. One of the guys, a senator from Illinois, promised to end things like warrantless wiretapping, torture, wars on whistleblowers, etc, if he was elected.

      Alas the other guy won. I think. He did, right?

  • by Anonymous Coward on Friday June 07, 2013 @07:42PM (#43942539)

    The companies denied knowing a code name (PRISM) and using a specific method for giving data to the gov't (backdoors). They didn't deny participating in a program to give data to the government. ABC News has a good analysis of their statements:

    http://abcnews.go.com/Technology/nsa-prism-dissecting-technology-companies-adamant-denial-involvement/story?id=19350095 [go.com]

    • The companies denied knowing a code name (PRISM) and using a specific method for giving data to the gov't (backdoors). They didn't deny participating in a program to give data to the government. ABC News has a good analysis of their statements:

      http://abcnews.go.com/Technology/nsa-prism-dissecting-technology-companies-adamant-denial-involvement/story?id=19350095 [go.com]

      Also all the companies say they only do it in accordance with the law. That may well be true, but so what? That doesn't mean the law isn't corrupt, or that they didn't get an overly broad FISA court order that comes with a gag. I really can't blame these companies as they have little choice. The problem is with the government.

  • by pla (258480) on Friday June 07, 2013 @07:43PM (#43942549) Journal
    The current US government has a complete disregard for the rights of its citizenry. Name a single Bill of Rights amendment that remains in full efffect. Go on... Name just one. Secret courts? DNA collection? "Free speech zones"? Compulsory self-incrimination? State imposed limitations to the 2nd amendment (which in effect guts the 10th, commerce clause aside)?

    In this case - Just straight up fuck the government. No sane reading of the rights guaranteed us by the constitution allows for such a tortured interpretation. And I don't care how you use it Barry O - I care that you collect it in the first place. The constitution doesn't say "we can stop by and take a look around your place as long as we don't press charges", it says "no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized". Doesn't take a legal scholar to parse that, you worthless floaters atop the DC sewers!


    / For those who would inevitably bring up the 3rd amendment - We lost that one over a century ago - Thanks, Mr. Lincoln! They just haven't had a reason to casually disregard it in the past century, but make no mistake, they would (again) in a heartbeat.
  • Why so surprised? (Score:5, Insightful)

    by Trax3001BBS (2368736) on Friday June 07, 2013 @08:16PM (#43942817) Homepage Journal

    I've always assumed anything I've posted, including E-mail or said is public knowledge.

    Way back when... The usenet group knew or took for granted that every message
    went through NSA, at the time is was no big deal just be a backbone and filter for words
    or phrases. The practice was referred to as the eight words, while I forget them, one or more of the
    eight words were sure to get your post sidelined and read.

    As for back doors these have been in place for a long time, Microsoft's Firewall will
    allow trusted parties to slip right through. There was a time these were talked about
    in the open.

    ToS and privacy policies tell you what information is being collected and what it's used
    for, Angry birds has one line that says any amount of your data will "go overseas".

    The game appropriately named "Jewel link!" one of many free games put out by Ezjoy Network
    has no ToS or privacy policy and requires every permission Android has. Ezjoy Network can make
    a copy of your entire system if they want as they've promised nothing, which you accepted when installed.
    https://play.google.com/store/apps/details?id=com.ezjoynetwork.jewelslink&feature=search_result [google.com]

    paste m.ezjoygame.com into google and watch what happens. "You get a Google Instant is unavailable. Press Enter to search"
    message but you can learn more here: https://support.google.com/websearch/answer/186645?form=bb&hl=en [google.com]

    Google isn't all the Innocent, recently Google Play restricted any program that interferes with
    the data capture of another program, blocking programs like Adaway, or any number of programs
    that blocked sites (a HOSTS file) or change permissions.

    Why so surprised?

  • by mrxak (727974) on Friday June 07, 2013 @08:46PM (#43943005)

    If this is what the government is doing to protect me, I don't want to be protected anymore. I'll take my own chances.

    I would rather be dead to a terrorist bomb than live in 1984.

  • Horseshit (Score:5, Insightful)

    by Charliemopps (1157495) on Friday June 07, 2013 @08:55PM (#43943051)

    Sorry, I've always thought Lauren Weinstein was an idiot, and now it's been confirmed. Google doesn't have to give the NSA access, the NSA will just take it. You're a moron if you think there's anything other than the constitution stopping the feds from doing whatever the hell they want. They have more money than any other organization on earth by several orders of magnitude. If the government does not respect the constitution in one way, why would they respect it in any other? If they are already packet capturing all of our traffic, is steeling API access to Googles databases any worse? As far as technical ability goes, all they would have had to do is bribe a couple of high level, psychologically profiled DBAs with talk of patriotism or telling their wives about their boyfriends and they're in.

    If the federal government thinks it can fire a hellfire missile from a drone and kill a US citizen without evidence, trial or judicial oversight, then reading our email is a joke to them. It's an easy thing to do, they think they are righteous in their attempts and they have endless resources... OF COURSE THEY'RE DOING IT. The idea that Larry Page would have any fucking clue is a joke. "yes, lets makes sure some celebrities know about our evil plan!"

  • by Camael (1048726) on Friday June 07, 2013 @11:24PM (#43943877)

    ... from US government intrusive spying. Oh, the irony.

    Consider this- The Great Wall of China filters out most of the debris. Most Chinese citizens use local equivalents such as Sina, Weibo, QQ etc which PRISM doesn't touch. The Chinese government has demanded (and received) and vetted source codes of software such as Microsoft's Windows which are used internally. Chinese telecoms are immune to FISA.

    Then again, if you go down that route all your data belongs to China.

    On a related note, this whole PRISM thingy does give a lot more credence to China's complaints about being victims of US covert intelligence.

  • by lightknight (213164) on Saturday June 08, 2013 @12:46AM (#43944183) Homepage

    The government hates encryption because it despises the idea that it isn't in control of everything. 'Tis the singular life goal of every government -> to expand and destroy all competition, act with all subterfuge until it completely controls everything within its visible domain. Duh.

    It's a simple life-form, with a predetermed mindset, that follows a path laid out for it much like every one of its predecessors. It has all the complexity of an amoeba (a single-celled organism), engulfing everything in its path, and so on.

    The current set of scandals? Predictable, sadly so. What this government is planning for later? Already written down in some text book somewhere. But no, we're going to continue as we always have, because hubris demands it.

    Frankly I tire of this play, but it's the only thing that anyone wants to watch.

  • by flyingfsck (986395) on Saturday June 08, 2013 @05:14AM (#43944933)
    Honecker called. He wants his republic back.

Those who can, do; those who can't, write. Those who can't write work for the Bell Labs Record.

Working...