Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Privacy Businesses Cloud Government The Internet

Shadowy Tech Brokers Deliver Data To the NSA 35

An anonymous reader notes an article about a group of companies whose business is to wiretap various ISPs (with permission) to gather data in response to federal subpoenas. Many smaller ISPs don't have the resources to deal with the flood of data requests from agencies like the NSA, so they outsource compliance and collection in order to keep costs down. The article profiles one of these companies, called Neustar: Neustar can in many cases execute the warrant from anywhere within the U.S., keeping within the bounds of the country's surveillance law. But when a wiretap device is needed, they are not hard to come by. Most networking equipment makers sell devices that can be used to collect data, or used to inspect data — so-called deep-packet inspection devices, which can also be used to prevent piracy, the spread of malware, and website access, all at the Internet provider level. Once a FISA warrant is issued, so-called "tasking" orders, which contain selectors — like a phone number or an email address — are often sent electronically to the ISP. These tell the ISP or phone company, or third-parties like Neustar, exactly where to wiretap and what data to collect to hand back to the requesting authority.
This discussion has been archived. No new comments can be posted.

Shadowy Tech Brokers Deliver Data To the NSA

Comments Filter:
  • Remember folks! (Score:2, Interesting)

    by Anonymous Coward

    It's not censorship when it's not the government doing it.

    It's not oppression when it's not the government doing it.

    It's not fascism when it's not the government doing it.

    It's not a Constitutional violation when it's not the government doing it.

  • by thechemic ( 1329333 ) on Friday September 05, 2014 @05:21PM (#47838211)
    Wouldn't a "New Star" (Neustar) be similar to "New World". So if you place an order with Neustar, is that a New World Order?
  • by Crayz9000 ( 2783019 ) on Friday September 05, 2014 @05:22PM (#47838217)
    Now I'm half expecting Commander Shepard to show up at the NSA seeking information on the Shadow Broker.
  • Full Packet Capture (Score:4, Informative)

    by brunes69 ( 86786 ) <slashdot.keirstead@org> on Friday September 05, 2014 @05:32PM (#47838279)

    so-called deep-packet inspection devices, which can also be used to prevent piracy, the spread of malware, and website access, all at the Internet provider level....

    Er, no, that is not what full packet capture devices are used for AT ALL.

    Full packet capture devices are typically used for digital forensics. For example, your company gets hacked using an APT and you know that probably data was exfiltrated, but you don't know exactly what data was taken and you don't know how these guys got into your system. A full packet capture device can help here. Another way they are typically used is to produce evidence for court cases where employees steal company data and so forth, or browse child porn at work, etc.

    They are NOT typically used to "prevent piracy" or "spread of malware" or "website access", I don't even see the use case here. I think the OP is confusing full packet capture with layer 7 application state firewalls, which ARE used for the above.

    • by Jane Q. Public ( 1010737 ) on Friday September 05, 2014 @09:24PM (#47839221)

      They are NOT typically used to "prevent piracy" or "spread of malware" or "website access", I don't even see the use case here. I think the OP is confusing full packet capture with layer 7 application state firewalls, which ARE used for the above.

      Um, wrong.

      Deep-packet inspection was used routinely by the large ISPs to throttle certain kinds of traffic, until the FCC made them stop. This was just a couple of years ago.

      Maybe not "full" packet inspection, but it was deep packet inspection, so they could distinguish, for example, packets of BitTorrent traffic from packets containing streamed video from YouTube.

  • What "smaller ISPs"? Are there many left? Haven't most merged into competition-free oligopolies already?

  • by DoofusOfDeath ( 636671 ) on Friday September 05, 2014 @05:41PM (#47838319)

    Once a FISA warrant is issued, so-called "tasking" orders, which contain selectors — like a phone number or an email address — are often sent electronically to the ISP. These tell the ISP or phone company, or third-parties like Neustar, exactly where to wiretap and what data to collect to hand back to the requesting authority.

    By "where", I assume the article means San Francisco [wikipedia.org]. And "whom" (if it were mentioned) would mean everyone in the damn country.

    NSA, I hope you die badly in a fire.

  • local law contracts out for "revenue enhancement". in this case, the GubMint overwhelms for "data enhancement". low hanging fruit. yum yum.
  • by Anonymous Coward on Friday September 05, 2014 @06:13PM (#47838509)

    The real dark nightmare isn't the NSA as a government agency.

    It's the fact that the NSA is really a cartel of private companies that, as private companies do, work for the good of their bottom line first, and everything else second. They will do everything they can do to get them more business. When their business is undermining your right to privacy guess what the fuck is going to happen?

    Welcome to the "Security Services Complex" - Dark budgets. Secret courts. No oversight. They make money and you lose. It's a gigantic scam and nobody, not even Congress or the President really has the ability to audit them.

    And really, what incentive do they have? What happens if a headless, unaccountable NSA doesn't feel like having their budget slashed? They really could do anything they wanted to intimidate/blackmail/smear/disappear an inconvenient politician and no one would be the wiser.

    Don't forget about Snowden. What's important about Snowden really isn't the leaked information. It's the fact he was just some flunky working for a private contractor. He was able to do what he did because he was walking out of an office building with flash drive. National security reduced to a run of the mills business IT security social engineering attack.

    • by khallow ( 566160 ) on Friday September 05, 2014 @07:15PM (#47838779)
      I find it interesting how we can gloss over the power from being a government agency with access to the data of billions of people and veer right into ZOMG someone's making money! The real story is power without accountability. You could have dropped the first two paragraphs without materially changing a thing.

      Motive just isn't that relevant. An organization brutalizing or blackmailing you for your own good is just not that different from one doing it to make a buck. Except that the latter would stop when things start to get unprofitable.
  • Data collection and spying are going to force society to take all kinds of steps. As the ability to detect increases the number of violations will become ever more obvious. So now we are left with a very serious issue. It is impossible to enforce the laws when you can catch all the violations. Suppose as a simple example that we can catch ten million Americans cheating the IRS. There is simply no way to process and convict ten million people with any kind of fair judicial system. So most people w
    • Re:Open Many Doors (Score:5, Insightful)

      by jenningsthecat ( 1525947 ) on Friday September 05, 2014 @08:06PM (#47838945)

      It is impossible to enforce the laws when you can catch all the violations.... What will happen when the slumbering public becomes aware that society gives some criminals a free pass?

      I think the premise of your argument, (that the primary concern of Three Letter Agencies is stopping crimes of various kinds), is largely false. The prime directive of these agencies, (organisms if you will, because they have many characteristics of living entities), is to grow, to thrive, to gain power, and to become ever more robust and resistant to damage. For example, the last thing the NSA wants is an end to terrorism and various foreign threats. Too much money is at stake, and too many jobs, careers, and personal empires are on the line; if enough enemies don't exist in reality, they will be fabricated as required. (BTW, all that data they're gathering comprises a shitload of raw material for said fabrication). Ditto for the DEA, (that's why you'll never see legalization of drugs), the military, etc.

      Wars of various kinds, (including NSA 'intelligence wars'), are simply too profitable to be 'won' or otherwise concluded; the agencies in question will continue to expand their power and reach so they can make damned sure that the wars will never end. As for the "slumbering public", your description of them answers the question you asked.

    • Re:Open Many Doors (Score:5, Insightful)

      by TheMeuge ( 645043 ) on Friday September 05, 2014 @09:05PM (#47839139)

      It is impossible to enforce the laws when you can catch all the violations

      You're asking the wrong question - the correct question is this - how have we wound up in a situation where he have so many offenders, of so many laws, that there's not enough resources to lock them all up even if we knew every last one of them.
      The answer is simple - if you create a job which comes with money and power, and where the job description is writing laws - you are going to have more laws. It's inevitable. And in a society where as a lawmaker you are rewarded for being "tough on crime", each subsequent law will be nitpickier and more punishing than the last.
      That's it - our own system is going to bury us all in petty crime.
      Freedom is the ability to break little rules. Rule of law is when you get caught when you break the big rules. A police state is when everyone is guilty, and it's up the police to decide who gets caught at what time.

      As someone who was born behind the Iron Curtain, I promise you that the latter is very very scary.

      • by Anonymous Coward

        ... bury us all in petty crime ...

        Most petty crimes don't lead to imprisonment. The criminal system is dysfunctional but don't waste time with the parts that work.

        Petty crime does little long-term damage to society. Hence, the name. Some of the things marked as petty are quite serious. The damage of someone doing 30 over the speed limit can be quite large, but the probability of causing a one-off accident is low. So a fine provides a cumulative punishment (as well as repeat-offender laws) and the police get paid to enforce the law. Th

    • by AHuxley ( 892839 )
      Re: 'Why authorities allowed that drug house to operate in plain sight I do not know but if they arrested everyone that purchased drugs in that drive through it might have bankrupted the city. What will happen when the slumbering public becomes aware that society gives some criminals a free pass?"
      Options: see where the cash goes and follow it up to the 'top' by offering all the lower people found "informant" status.
      This builds insiders and providers open court parallel construction cover to hide mention
  • by Anonymous Coward on Friday September 05, 2014 @08:02PM (#47838937)

    Please don't call FISA directives "warrants." They aren't issued upon probable cause of suspicion of a crime. NSA defenders love calling them that because it gives them a false veneer of legality.

  • by Anonymous Coward

    Our CALEA vendor deployed their own router to create a VPN from the core of our ISP to their network. When a subpoena was issued, they had pre-configured access via SNMP to the core routers to enabled/disable "lawful intercept" duplication of interesting traffic which then flowed over the vpn to their data collection servers. From there, they parse and interpret and forward on to the requesting agency. SSL protected traffic? Useless...

    "Lawful intercept" is a feature set built into all core router images

  • by koan ( 80826 )

    http://en.wikipedia.org/wiki/N... [wikipedia.org]

    Neustar also operates the authoritative directory for U.S. Common Short Codes, part of the short messaging service (SMS) relied upon by the U.S. wireless industry, and provides solutions used by mobile network operators to enable mobile instant messaging for their end users.

Truly simple systems... require infinite testing. -- Norman Augustine

Working...