Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Privacy Government Software

German Intelligence Traded Citizen Data For NSA Surveillance Software 68

An anonymous reader sends news that Germany's domestic intelligence agency, the BfV, was so impressed with the NSA's surveillance software that they were willing to "share all data relevant to the NSA's mission" in order to get it. "The data in question is regularly part of the approved surveillance measures carried out by the BfV. In contrast, for example, to the Bundesnachrichtendienst (BND), Germany’s foreign intelligence agency, the BfV does not use a dragnet to collect huge volumes of data from the Internet. Rather, it is only allowed to monitor individual suspects in Germany -- and only after a special parliamentary commission has granted approval. ... Targeted surveillance measures are primarily intended to turn up the content of specific conversations, in the form of emails, telephone exchanges or faxes. But along the way, essentially as a side effect, the BfV also collects mass quantities of so-called metadata. Whether the collection of this data is consistent with the restrictions outlined in Germany's surveillance laws is a question that divides legal experts."
This discussion has been archived. No new comments can be posted.

German Intelligence Traded Citizen Data For NSA Surveillance Software

Comments Filter:
  • by Anonymous Coward

    One thing people don't seem to understand is that networks (phone, IP, etc) are not private. They aren't designed to be, they were never meant to be. In fact, they were designed for a complete opposite purpose: so that nodes on the network could exchange information freely and without prejudice. The concept of security on a network was added later (poorly) and is antithetical to the purpose of network communications.

    Therefore, just assume that whatever information you are sending out on a communication netw

    • by 0123456 ( 636235 ) on Friday August 28, 2015 @09:09AM (#50409113)

      There's a big difference between freely exchanging information and having someone scoop up all that information when it's not addressed to them.

      When you sit on a bench in the park talking to your girlfriend, you don't expect some stranger in a trenchcoat to lean in between you and listen to everything you say.

      But, yes, it's unfortunate that the warnings from the 90s were ignored, and we didn't get automatic encryption by default across the Net to ensure this couldn't happen.

      • by Anonymous Coward

        But computer and phone networks are not park benches. Again, I don't understand why people don't understand this. Networks are meant to "scoop up" information no matter where it is addressed. In fact, the original networks broadcast all the nodes information to all the other nodes. This ended because it was inefficient, not due to privacy issues.

        You will also never have "automatic encryption" across the network they way they are designed now, because nodes can stand in for other nodes. You cannot be sure wh

        • by 0123456 ( 636235 ) on Friday August 28, 2015 @09:36AM (#50409353)

          No, they're not. Networks are supposed to take data from one machine and deliver it to another. They're not designed to deliver it to anyone else along the way. That's an attack on the network, not part of the design.

          And automatic encryption can easily be handled by pushing public keys into DNS. Yes, the NSA could force people to push fake keys into DNS, but then no-one would trust it any more.

          • by Anonymous Coward

            "They're not designed to deliver it to anyone else along the way"

            Um, yes, that is EXACTLY my point. They ARE designed to deliver to anyone else "along the way". It is amazing how people don't understand how a network works. If you send information from node A to node B there can be any number of intermediate nodes on the way that also handle the information. This is the original design. Usually the intermediate nodes are switches/routers/etc. They aren't attacking the network.

            In fact as I said originally,

            • You are creating a straw-man out of the GP's terms. The GP even used the term *delivered* to make the appropriate distinction. Information in a payload that is encrypted is not the *delivered* information *without* the decryption key information. A network *may* have access to the *delivered* information, but it doesn't necessarily *need* to have it, and having it is considered a security weakness that may be *attacked*.
          • My NIC begs to differ. It receives every packet and discards those not addressed to it, except when I set it to promiscuous mode.

          • And automatic encryption can easily be handled by pushing public keys into DNS. Yes, the NSA could force people to push fake keys into DNS, but then no-one would trust it any more.

            And this would be different than what they did to the CA system in what way?

        • by Anonymous Coward

          Lets be clear about this, its not accidental snooping by some sort of sentient 'network'.

          NSA has been faking certificates, Backdooring encryption, faking websites, installing taps into fibre optics around the world, hacking into servers to install back doors, writing malware, blocking encrypted connections force unencrypted fall backs etc. etc.

          It didn't accidentally wake up and find it was building 7 massive exabyte class data centers!

          "You will also never have "automatic encryption" across the network they

          • you can exchange a first time key, and to defeat that key exchange, NSA would have to intercept all communications all the time. If it missed the first exchange, it fails, if it missed ANY subsequent exchange, the tap is revealed.

            That's actually a great idea. Too bad that security people are all to happy to ignore good solutions and stick with bad ones simply because they haven't yet found a perfect solution. Everyone knows that unencrypted HTTP communications are bad. We also know that certificate authorities merely provide a false sense of security, particularly against people like the NSA. Yet apparently we'd rather stick with bad and worse rather than adopt any idea that is merely "good" but not infallible.

            Others have re

  • by Anonymous Coward

    Can I have data on the whole of Sweden in return, please? Actually, no, dragnet operations are immoral... I'll stick to women aged between 18 and 34. Thanks!

    (Nobody believes this was the nature of the exchange. This is merely what was written down. Humans are rationalising creatures, not rational creatures, and will formulate official-sounding bullshit in support of anything. Why was Germany really willing to share this data?)

  • by MagickalMyst ( 1003128 ) on Friday August 28, 2015 @08:59AM (#50409027)
    I find this a little surprising. The NSA might have some great spy tools, but some of the most incredible programmers and IT people that I have ever known are German.

    One would think that they could not only build an NSA type system, but do it better.
    • I find this a little surprising. The NSA might have some great spy tools, but some of the most incredible programmers and IT people that I have ever known are German.

      And yet, no software houses but Crytek are known for being German. And when the Nazis wanted to manage the concentration camps, they called IBM. I don't see any evidence that Germans are particularly good at software development.

    • by Tablizer ( 95088 )

      One would think that [Germans could]... do it better.

      USA has more experience snooping and more victims, I mean subjects to test it on. Domain experience matters.

    • by Morpf ( 2683099 )

      While this might be true, as far as I can tell our best or even good developers would not go to a spy agency as they are intelligent people with concience.

  • Every time I hear some political pundit on TV talking about the evils of communism and the police states of the old Soviet bloc I am reminded of crap like this and I laugh out loud. The more time that passes from the fall of communism the more 1984 becomes reality and not in fascist dictatorships or communist countries like Orwell predicted but in the so called democratic countries of Western Europe and North America. I wonder what Orwell would have made of that?
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Orwell's Oceania comprised the UK and the USA.

    • by DarkOx ( 621550 )

      Every time I hear some lefty telling me we need more government in more regulation to prevent abuses by corporation I am reminded of this stuff and laugh out loud. So called democratic countries of Western Europe and North America already have governments that are more abusive than any corporate ever could be.

      • Well, that is hardly surprising when you let the corporations run the government. We need more people in regulation to prevent both corporation and government abuses. Especially in a democ(k)racy.
      • abusive than any corporate ever could be.

        ORLY [wikipedia.org]?

        • Holy Chao! I didn't know there had been such a trial!

          Too bad that the crimes of Chiquita in the early 20th century won't ever be punished...

  • This reminds me of people trading baseball cards, only scarier.
  • It's A Business (Score:2, Interesting)

    by Anonymous Coward

    What people need to understand about the current security and surveillance industry is that it is, first and foremost, a business. The business of keeping the now tens of thousands of people involved in permanent pensionable employment.

    I'm not simply talking about the bonanza of outsourcing, supply contracts, and R&D being enjoyed by companies in the security industry supply chain -- though this is a factor as well obviously. I'm talking about the entire attitude of the 100% government employees who ult

    • by 0123456 ( 636235 )

      As usual, when there's another abuse of power by government, some lefty comes along to blame it on EVIL FREE MARKETS!

      Because, as we know, if governments controlled everything, they'd never abuse their power like this. No, sir.

      • The GP merely talked about market-only thinking, not free markets. In fact, the Marxist ideology you are referencing as a straw-man is merely an extension of the liberal thinking of Adam Smith. Even Adam Smith discussed the disparity of power between classes. That is why Marxists are also labeled liberals. The extreme ideology is unregulated markets, just as extreme as unregulated state power. Markets can be free and regulated at the same time the same way people can be free and regulated at the same time.
  • Comment removed based on user account deletion
    • To put it another way: to individuals, everything that isn't explicitly forbidden is allowed, but to institutions, everything that isn't explicitly allowed is forbidden.
  • I feel like this is a common deal between various western countries and the NSA. At least, this isn't the first time I've heard of it being made, although I don't recall the context in which I've heard of it in the past.

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...