Skip to main content

View Diary: I Doubt the NSA Knows What Data It Has, Where It Came from, Who Has Accessed It and If It Was Stolen (158 comments)

Comment Preferences

  •  That would square with my experience in government (23+ / 0-)

    What people interpret as government secrecy and nefarious behavior is generally just the result of human laziness and corner cutting.

    Money doesn't talk it swears.

    by Coss on Mon Jul 01, 2013 at 02:35:20 PM PDT

    •  Most of the time (17+ / 0-)

      Most of the time, they can't find their ass with both hands and a mirror.  

      But, the NSA is going to find that 1 needle in a 1,000,000,000 phone call per day haystack.  That worked out well in Boston and one of the brothers was on a watch list.  

      •  What's taking the Chinese so long? (6+ / 0-)
        If what I suspect is true, calls and e-mails recorded by the NSA in the morning are probably read by Chinese hackers by sundown.
      •  The nature of IP packets allows complete tracking (22+ / 0-)

        The NSA isn't sucking up your messages.
        They're sucking up your packet stream as part of the Net traffic they are monitoring and storing. Here's how the monitoring and recording system works:

        1. The basics of packets:
        All IP traffic--phone calls, messaging, email, web searches, data access and attachments--all of it using the magic of standardized IP packets.
        What happens is that packets come into a router, which unwraps the packet and notes the source and destination addresses of the packet. The router then looks up the next "hop" router (the next router along the path to your destination), rewraps the packet, and sends it off to that router...and so on until the packet gets to it's final destination address.

        2. Monitoring (intercepting) the packet stream:
        The packets come from the Big 'Ol Net (public and private) on fiber 'cables' that come and go to/from large data centers and network backbone providers. The laws regarding "lawful intercept" allow the NSA to "request" access to this incoming stream of packets, where a splitter is installed, giving the NSA free and total access to the packet stream. No provider may deny lawful intercept requests.

        3. Why the NSA knows what data it has and where it came from: All your packets belong to us.
        Every single packet that has been intercepted has the original IP source and destination address--and all the content--intact. If the NSA wants to search for traffic between you and your aunt Marge, they just enter those addresses into the data base query and -poof- there you and aunt Marge are. A simple command and everything they've ever recorded that aunt Marge has sent is available for key word searches or even Real Person analysis. And of course today's machines can do real-time data stream analysis to search for key words or suspect addresses.

        Now it's possible that maybe--note the word "maybe"--the NSA Big Gov'ment isn't actually capable of building, installing, and analyzing the packet stream and the data they've intercepted and stored "for future use".

        But as some folks have noted in this thread, the NSA Big Gov'ment didn't do any of this. Contractors did. Big contractors, who do this sort of thing for a living, with off-the-shelf and custom equipment from serious commercial companies like Cisco. I'm betting the system works, pretty much.

        (Note: I totally simplified the above description, so don't shoot me 'cause I didn't get deep into protocols.)

        •  Would this be happening without government? (2+ / 0-)
          Recommended by:
          Aunt Pat, middleagedhousewife

          Meaning, are these packets stored regardless, or is the government mandating that something which would otherwise disappear be retained?

          This is what I don't understand. Is the government creating these packets for the purpose of starring data, or do the packets exists anyway and the government is merely guilty of accessing them?

          Money doesn't talk it swears.

          by Coss on Mon Jul 01, 2013 at 06:40:17 PM PDT

          [ Parent ]

          •  OK, let's start again (1+ / 0-)
            Recommended by:

            Think of packets as packages that come with a little gift card, telling you how to open it. These have been around since even before the internet, using various network technologies. It it just how networks transport data. So, yes, they have always been there and no, the government did not create them.

            Now imagine that there is an evil Internet Grinch who sits just outside the doors of Santa's workshop, waiting to intercept, open, and copy all these little packages before letting them go on to their destinations.

            Does that help you see how it works a little bit better?

            •  Obviously I understand that. (2+ / 0-)
              Recommended by:
              middleagedhousewife, Ted Hitler

              I'm asking whether these packets stick around for preservation because of the NSA?

              Would this information have been permanently stored somewhere regardless of the government? Or would it vanish after some point in time?

              I don't really follow the concept of "destinations" with this sort of data. Its not like a letter where's there's one paper copy sent from point a to point b and you'd have to go intercept it to read it. I've always assumed once it's disseminated, it's permanently out there.  And that some day years from now someone would be able to access it.

              Money doesn't talk it swears.

              by Coss on Mon Jul 01, 2013 at 08:02:41 PM PDT

              [ Parent ]

              •  good question (1+ / 0-)
                Recommended by:

                There's not a definitive answer unfortunately.  I have email sitting out on servers that's a decade old. I suspect this comment may stick around for at least as long.

                But phone calls? Texts? My browsing history? Once upon a time I assumed such things had a short shelf life.

                In the early days of the internet you downloaded your email automatically when you opened and it was then gone from the server.We were mostly using analog phones back then too. The point being that we as a people never explicitly said it was okay to keep or  capture our data...we just assumed the same rules applied as they did before technology changed.

                •  It's a new world huh? (0+ / 0-)

                  I can't imagine phone conversations exist (at least not yet), but I just assume a record of all my calls exist. As well as the actual content of my texts and emails. And so I always assumed every republican administration would be accessing this info to catch common criminals from now on. Maybe the only way to change that is to put them into the shoes of us America haters. You know, if they aren't doing anything wrong... They never seem to understand until it's a threat to them.

                  And frankly Obama having this power doesn't worry me. So it's a good time to be having this debate. With a president actually willing to argue he shouldn't have this power.

                  Money doesn't talk it swears.

                  by Coss on Mon Jul 01, 2013 at 09:02:29 PM PDT

                  [ Parent ]

                •  Also I'm pretty sure (0+ / 0-)

                  we hand over ownership of our personal content to sites like Facebook and Google when we hit that little 'agree' button.

                  Money doesn't talk it swears.

                  by Coss on Mon Jul 01, 2013 at 09:05:32 PM PDT

                  [ Parent ]

              •  Well, no, the packets don't stick around (3+ / 0-)
                Recommended by:
                DeadHead, Onomastic, marksb

                unless they're copied (and we don't know if they're copied).

                Here's an analogy. Let's say I mail a regular letter through the postal service to my Aunt Sylvia. On the outside of the envelope is my name (Dbug) and my address and the name and address of my aunt. Plus there's a stamp that's postmarked with the date.

                The outside of the envelope is the metadata (Dbug sent something to Sylvia on July 1). If someone photocopies that envelope, they know that I sent her something. But in between the sending and the receipt, let's say a dozen people handle the envelope (or the bag containing the envelope). There's the guy who picks up the mail from the mailbox, the guy who sorts the outgoing mail, maybe a couple of truck drivers or airplane pilots, and so on. At any point along the line, one of those people could open the envelope and look inside (and make a copy). But they probably don't.


                Emails are similar. If I send an email to Sylvia (who lives on the other side of the country), all that matters is her email address. So my email goes to my local ISP, then bounces around to a few other computers, and eventually it ends up in her email inbox. The message is attached (so it's easier to look inside to see the message), but the idea is the same. At some point along the way, some computer could record the information that Dbug sent a message to Sylvia.


                Cell phone companies have to keep detailed records of metadata. They can't just say that you went over your limit of 400 minutes without explaining every single minute (6 minutes to order pizza from Antonio's, 10 minutes to Aunt Sylvia, 45 minutes to your brother, etc.). The cell phone companies don't record your conversations. They just keep track of who you called or who called you (metadata).

                "Stupid just can't keep its mouth shut." -- SweetAuntFanny's grandmother.

                by Dbug on Mon Jul 01, 2013 at 10:28:31 PM PDT

                [ Parent ]

                •  This is correct (1+ / 0-)
                  Recommended by:

                  In the Good Old Days you sent the packet stream for your message (or web communication or any other data transaction) and once it was received, it went into the Bit Bucket (deleted). Metadata, content, everything. It's like you took the mail from Aunt Marge and after reading it, put it into the fireplace, note and envelope, and warmed your hands as it all burned.

                  Nobody stored the content or metadata because, frankly, hard drives to store the data were too expensive. That's why your email client used to ask you "are you sure you want to delete this message?" after you clicked delete. (The exception that you point out on cell phone metadata is a good one.)

                  But the world of cheap drives and massive security budgets has changed that equation. Today's Tech allows the wholesale sweep of all network traffic. I'm guessing that much of the swept-up data is dumped if it doesn't fit any search criteria (key words, known suspect addresses, etc), but it could be stored, all of it.

                  •  Yes (0+ / 0-)

                    You're right. They can sweep up all the details. And they could hire a million people to read all the emails (or listen to all the phone messages). Although I think it might take more like 5 million or 10 million. Or more.

                    Imagine some teenager in Little Rock is sending text messages about homework to another teenager. Yeah, the message might be stored in some computer underneath a mountain, but nobody is ever going to listen to (or read) that message. And somebody is calling some store, asking what time do you close? And somebody is calling a drugstore for a refill. And someone is leaving a message that says "I might want  to buy your truck." Someone is calling social security about something and they're on hold for 20 minutes. Someone's calling their credit card company to complain about a late fee.

                    No one is ever gonna know (or care about) the mundane details of your life unless you're considered to be a terrorist or a criminal.

                    Suppose I walk into a 7-11 and buy a candy bar and walk out and I get videotaped. Nobody cares about some guy who bought something. But if I walk in and pull out a gun and rob them, my face is on the videotape. That's useful information for the cops. I don't worry about cameras taping me in convenience stores. Or at ATMs.

                    And, you know what? In the old days (before video cameras and computers), your neighbors across the street or the people in church would tell your parents or your wife what they heard you were doing. They used to call it "gossip." Which was an invasion of privacy.

                    "Stupid just can't keep its mouth shut." -- SweetAuntFanny's grandmother.

                    by Dbug on Wed Jul 03, 2013 at 12:14:50 AM PDT

                    [ Parent ]

            •  Sipping from a firehose. /nt (1+ / 0-)
              Recommended by:

              Happy little moron, Lucky little man.
              I wish I was a moron, MY GOD, Perhaps I am!
              —Spike Milligan

              by polecat on Mon Jul 01, 2013 at 08:11:43 PM PDT

              [ Parent ]

          •  Yes. But to what end? (0+ / 0-)

            A corporation or group could hack the packet stream. But they can be caught using the information they steal, it's illegal.

            The govt made it legal for them. And government power is a better target for blackmail.

          •  The packets are communication (0+ / 0-)

            between entities (like your browser and your bank). Or me, here, typing in my browser, and DailyKos when I submit this post.

            Or your bank and your wife's bank. Or ...

            No doubt this is the tip of the iceberg. It is not unlikely they're also buying up or otherwise obtaining full data dumps from VISA (all your credit card purchases) and banks (and all your financial transactions). Integrating these with phone records can provide scary-complete data about people.

            Who you are, who you live with, where you work, what your hobbies are, your phone numbers, your e-mail, facebook, ... accounts, how many and what kind of vehicles you own, your financial health, ...

        •  That's probably just the tip (2+ / 0-)
          Recommended by:
          polecat, marksb

          If these programs had been subject to the audits they SHOULD have been subject to...PCI, SAS70, ISO, HIPAA, etc., there would be very clear documentation about access and oversight. Wanna bet they haven't been bothered overmuch in that regard?

          One thing you might want to add for those at home who care. Most phones these days also use TCP/IP and so when you mention they are just siphoning off copies of packets to be reviewed later...that is how they are getting phone calls too.

          Data mining this stuff will only work if they have a complete set of data from all types of packets (i.e., email, phone, sites visited,texts, etc.) You can't do effective matching on partial sets of data. The metadata is important because it is more efficient to match on but there's no doubt in my mind that the actual call content is being stored somewhere, too.

          I am almost jealous of the freedom those geeks must have. It probably all started with a vendor who did a kick ass demo using Hadoop and Wireshark. ;)

        •  Bad information. (0+ / 0-)

          I can say with absolute certainty that I am not within thousands of miles of where my IP address indicates.

          The IP address is not a valid indicator of location OR source, and by source I mean a person siting at a computer or using some kind of device.

          Unfortunately it sounds like the NSA filters based on IP address, so from a technical standpoint what they're claiming is completely bogus.

          They have no reliable means to determine if they're spying on a real American or not. It's smoke and mirrors in every way.

          •  They also have the MAC address (2+ / 0-)
            Recommended by:
            snoopydawg, Ender

            of the communication device you are using--Ethernet card, router, cell phone, etc.

            That tells them you were using a particular laptop in a Starbucks and you also use it at home.   The ISP can also map your IP address directly to your account with the MAC address of your router.

            A MAC address could also be traced to where you bought the laptop/router.

            Once you input anything through the internet with your real identity on a particular communication device, they have a match to track you.  A reason why library and public computers are so popular.

            That's where face recognition comes in.  Your driver's license photo is very high resolution in their database.  Everyone is photographed coming through immigration. Voter ID laws aside from the added benefit of stopping democrats and minorities from voting, feed the database with photos of the seniors, city dwellers, and others that don't have driver's licenses and don't travel outside the country.   Facial recognition has come a long way.  

            Check out the anti terrorism cameras and AI the DHS has installed in NYC.  They now let the police use it to fight crime.  

            Technology is bringing all the pieces together.  For now it sounds like they are storing everything.  

            Whoever has access to that data, will soon own us. The database should not exist, the temptation to misuse it is too great.  

            •  Your MAC address is available (1+ / 0-)
              Recommended by:

              only on the same LAN. A MAC address doesn't leave your router. It is available from your device to the next connection in the process only.

              What this means is that your ISP is mapping to the address of your router ... not your machine. Again, this does not identify a person.

              More importantly, a MAC can be spoofed far easier than an IP address can be spoofed. It's not illegal, and can be done with pretty simple programs available.

              What I'm trying to say is that if IP addresses or even MAC addresses are used as part of locating the origination of data, PRISM itself is extremely faulty.

              It also sets up a bad precedence, because it's trivial to find out someone's MAC address, and if a bad person's done that they're on the same network and therefore have the same IP address. You can connect the dots from there.

              Jesus! So many arm chair aficionados.

              And then you trail off into photographing in public, AI and facial recognition. Holy christ! Seriously, PRISM is not too hard to thwart. Maybe I should diary this.

              •  Good idea (1+ / 0-)
                Recommended by:
                Ted Hitler

                I am so glad you know how to spoof IP addr or use a VPN. Most of this community--and our country--do not have that knowledge.

                My simplified thoughts on packet collection and analysis is meant to bring awareness of how the system works so folks can understand that every single thing they do with their phones, devices, and computers are able to be collected and tracked. As an engineer you could contribute to this discussion by helping the community understand how to defeat the NSA's top-level tracking and ID capability.

                We don't know exactly what equipment the NSA is using, how they are using it, and what criteria they are (or will be) using to decide what packet streams to follow, store, and analyze. That's the point.

                Back in 2001, when Lawful Intercept was passed by international treaty, the telecom equipment company I worked for implemented that feature into all of it's systems--and we did business in 140 countries. We knew then what that meant: it was just a matter of time and advancing circuit design until the governments of the world had the capability to suck up all traffic. And then it was just a matter of time until a Bad Actor government was willing to use this capability for political purposes.

                Are we there yet?

                •  It's not a great big deal (1+ / 0-)
                  Recommended by:

                  just turn of your router, and turn it back on. More than likely you'll have have a new IP address.

                  I wasn't upset at you. I'm pissed off that our government is using this type of tracking whose only basis for continued success is the belief in the ignorance of its populace. Because that is the only way it will continue working the way it does, and that is not a characteristic of a robust program.


                  With a lot of VPN's, the traffic can be passed via AES algorithm. It may not mean a lot to most people, but it's basically uncrackable. That means the NSA can suck up all the data they want, and it doesn't matter.

                  For reference, top secret information is currently encrypted using AES 256. Secret information is at AES 192. I might be concerned once the US government moves to a different algorithm, because that indicates they've broken AES.

                  And to reiterate, I am completely opposed to this program. They essentially are saying they're breaking into everyone's house, copying all their property and putting it into a box. But don't worry, they'll never open the box.

      •  I love it how they're defending the program (12+ / 0-)

        by claiming that if it was in place, we could have prevented the bombings, except that it WAS in place, and we didn't prevent them!

        Are they this stupid, or do they think we are (and what's the difference?)?

        "Liberty without virtue would be no blessing to us" - Benjamin Rush, 1777

        by kovie on Mon Jul 01, 2013 at 06:21:59 PM PDT

        [ Parent ]

      •  DING DING DING!!! ^^^^ RIGHT THERE ^^^ (4+ / 0-)

        What is the fucking point of all this if they couldn't figure that out?

        There IS a point to it.  It just ISN'T that.

        The Fail will continue until actual torches and pitchforks are set in motion. -

        by No one gets out alive on Mon Jul 01, 2013 at 06:42:55 PM PDT

        [ Parent ]

        •  I think they're building evidence (2+ / 0-)
          Recommended by:
          nchristine, Ted Hitler

          And I trust them to use any and every tool given to them to do so. The Executive Branch is not going to be guilted into not using these tools, we need to have congress take them away.

          But I'm sure they are finding suspects and various crime rings. Whether this is limited to terrorism however is doubtful to me. These are long time wish lists from law enforcement. Bush gave them everything they wanted. Frankly I'm angry Obama is getting saddled with this. If only Republican Presidents are going to oversee this stuff, where's the consequences to conservatives for approving this in the first place?

          I want Obama haters to demand congress take this power away from the Executive Branch period. I want conservatives to admit they were wrong about the Patriot Act instead of just whining that Obama is doing what they gave him the power to do

          Money doesn't talk it swears.

          by Coss on Mon Jul 01, 2013 at 06:52:37 PM PDT

          [ Parent ]

          •  What good is evidence without action? (1+ / 0-)
            Recommended by:

            I don't get you point.

            We spent a fortune, and something pretty damned obvious gets by.

            And then there's that whole 'shitting on the constitution' thing, which I take you don't have a problem with so much.

            I agree with you that it must end.

            It doesn't look like Obama is going to take point on that, though - does it?

            The Fail will continue until actual torches and pitchforks are set in motion. -

            by No one gets out alive on Mon Jul 01, 2013 at 06:58:17 PM PDT

            [ Parent ]

            •  I wouldn't assume they aren't gathering (0+ / 0-)

              crucial data.

              Congress shit on the constitution, what does it matter what Obama does if the next president still has the authority to do all this?

              Why do you think this data collection would have thwarted a couple of crazy dicks from bombing the Boston Marathon?

              Do you actually believe they're listening to all our phone calls and reading all of out emails?!

              Money doesn't talk it swears.

              by Coss on Mon Jul 01, 2013 at 07:04:12 PM PDT

              [ Parent ]

              •  Yes I do believe that (2+ / 0-)
                Recommended by:
                greengemini, coconutjones

                But they were probably too busy reading the emails and listening to the phone calls of OWS "leaders" to bother with a couple of troublemaking brothers in Boston.

                •  The brothers didn't announce themselves (0+ / 0-)

                  as leaders of any group or organization. Particularly not one threatening the establishment or corporate structure. I really don't find it shocking that the government would look into leaders or key players of anti government groups. They'd be fairly harshly criticized if they didn't and something happened later.

                  I understand the frustration here, but logic has to prevail.

                  Money doesn't talk it swears.

                  by Coss on Mon Jul 01, 2013 at 08:23:18 PM PDT

                  [ Parent ]

          •  Coss, it wasn't (0+ / 0-)

            just Bush and the conservaties overseeing AND funding it.
            It is also the Dems too.
            This has nothing to do with hating Obama.
            It might be hating his betrayals of all the campaign promises he made.
            It is also the increasing police state we are living in.
            I wish people could see this is not all about Obama.
            However, HE is in charge of these programs now.
            And he ran on reining in these abuses that happened under Bush.
            Watch his vids.
            He said that.
            And yes, we will get right on demanding Congress to take away this power.
            And again, it wasn't just conservatives that passed all the heinous ACTS.
            In fact, Obama wanted the NDAA.
            I would like people to dtop giving the Dems a pass for all the things the thugs do or did.
            Whete were the holds or filibusters from the Dems?
            Or is it just the thugs that get to play those games?  

            Gitmo is a Concentration Camp. Not a Detention Center. Torture happens at Concentration Camps. Torture happens at Gitmo. How much further will US values fall? Where is YOUR outrage at what the United States does in OUR names?

            by snoopydawg on Tue Jul 02, 2013 at 12:41:20 AM PDT

            [ Parent ]

            •  All I'm saying (0+ / 0-)

              is call right wingers on their bluff and make them take this power away from the Executive Branch. This is about politics. They want to have their cake and eat it to. Obama deciding to tell the NSA not to use the tools given to them will simply end when his presidency ends. What is the point of that?

              And if you don't remember why some dems went along with this stuff after 911, ask Max Cleland.

              Money doesn't talk it swears.

              by Coss on Tue Jul 02, 2013 at 12:01:44 PM PDT

              [ Parent ]

    •  It's also about shoveling boatloads of money... (24+ / 0-)

      ... to favorite contractors without having to worry too much about oversight.

      I deal in facts. My friends are few but fast.

      by Farugia on Mon Jul 01, 2013 at 05:15:53 PM PDT

      [ Parent ]

    •  Me too (2+ / 0-)
      Recommended by:
      Coss, greengemini

      The way I put it is that our liberty and security are pretty safe because of the ethics and commitment of some - a critical mass of decent people fairly evenly distributed everywhere - and the vast incompetence and uncontrollability of the nation due to our sheer size and scale, a supersystem with a momentum of its own.

    •  That and over-reliance on polygraphs. (1+ / 0-)
      Recommended by:

      You can work on whatever as long as you don't feel guilty about stuff.

      And I'm not clear on the "security" threshold applied to contractors.

      Really freakin' strange that they outsource the IT part.

      Must be why he chose Booz...

      ...and then pulled the trigger when he did.  Bet a polygraph was coming up.

      Happy little moron, Lucky little man.
      I wish I was a moron, MY GOD, Perhaps I am!
      —Spike Milligan

      by polecat on Mon Jul 01, 2013 at 08:10:01 PM PDT

      [ Parent ]

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site