Facebook, Google Deny Giving NSA 'Direct Access'
So How About Indirect Access?
Both Facebook and Google came out late today giving very hard denials that either of the companies have given the NSA "direct access" to the company's servers. As we noted yesterday
, reports this week in the Guardian
and Washington Post
claimed that nine companies, including Apple, Google, Microsoft and Facebook, had been providing the NSA with some type of backdoor that allowed the intelligence agency to monitor real-time and stored data on the companies' networks.
In a Facebook post
, Facebook CEO Mark Zuckerberg proclaimed that the company "hadn't even heard of PRISM before yesterday," and that Facebook "is not and has never been part of any program to give the US or any other government direct access to our servers."
Google CEO Larry Page posted a blog entry
that has non-coincidentally similar wording. According to Page, Google "had not heard of a program called PRISM until yesterday," adding that Google has "not joined any program that would give the U.S. government—or any other government—direct access to our servers."
Both companies then took a few shots at the government, suggesting that if the NSA is up to something, perhaps a government claiming to be "dedicated to transparency" might want to be a little more transparent about spying on citizens everywhere.
So a few things are clear. Barring unlikely outright lying, the companies involved didn't know that "PRISM" was the code-name for what the NSA was doing. The similar language about "direct access" to servers is also telling, suggesting that if the Post's leaked slides are real (and there's nothing to suggest they aren't), access to the data is happening without these companies full knowledge: either covertly on site, or further upstream.
If you go back and read AT&T whistle blower Mark Klein's original testimony about the NSA secret rooms at some AT&T central offices
(pdf), he notes that he believes there was equipment installed that can actively create cloned streams in real time -- streams the NSA can then do with what they'd like:
A fiber optic circuit can be split using splitting equipment to divide the light signal and to divert a portion of the signal into each of two fiber optic cables. While both signals will have a reduced signal strength, after the split both signals still contain the same information, effectively duplicating the communications that pass through the splitter....Through (these) "splitter cabinets," the content of all of the electronic voice and data communications going across the Peering Links mentioned in paragraphs 29 to 31 was transferred from the WorldNet Internet room's fiber optical circuits into the SG3 Secure Room (that only the NSA and key AT&T personnel were allowed to access.
Klein then provides testimony that NSA was using this technique to effectively clone traffic using additional network hardware, and may have installed such gear at numerous AT&T offices, including San Jose, San Diego, Los Angeles and Seattle (and surely many more since this time, around 2003). The NSA Is rumored to be building a massive supercomputer warehouse in Bluffdale, Utah
to store and dissect this collected data. Given much of it's encrypted, that's why they're busily pushing to change CALEA
to allow for more direct, and more legal, access to encrypted data.
That in mind, there's probably three possible scenarios at play here:
) As with AT&T and other carriers, the NSA received permission from these nine companies to install hardware on site that creates a clone of data streams and gear that acts as a repository for some of that data. The companies don't ask what these devices do, providing them with the capability to deny their existence and claim nobody has "direct access" to "servers" or knowledge of any specific NSA programs -- since that would technically be true. I think this is the most likely explanation.
) The monitoring of these websites doesn't require their compliance or even cooperation, and the duplication of streams and storing of specific website data is happening somewhere further upstream, such as at regional pops and/or on the networks of larger key carriers like AT&T and Verizon.
) Everybody is just lying through their teeth because, they're legally prohibited from talking about this and really, what's the penalty for denying a legal and congressionally approved
program the government will never, ever fully acknowledge or provide details on? "I was assuming that these tech companies were just lying," respected security expert Bruce Schneier tells the Guardian
. "That's the most obvious explanation."
These three options are my speculation, but they're based on writing and reading about these programs for more than a decade. I'd love to see engineer commentary about what is and isn't possible or potential caveats in the comment section below.
It's worth noting that the Washington Post has since backpeddled a little bit
, and is now stating those companies may not have been aware of the project. Granted if you've been paying attention to all of the whistleblower information exposed over the last decade, their awareness may not have been entirely necessary.
What now? Well, reporters that actually get Facebook, Google, Apple or other supposed participants to talk about this in detail should probably ask: does the government have hardware installed on your networks? If the answer is no, this is all happening further upstream, and we're back staring and companies like AT&T and Verizon for their willful participation in the creation of a covert surveillance state.
said by Karl Bode:Whoa!
I'd trust intelligence analysts and operatives who lie for a living before I'd trust Zuckerberg.
That's going WAY out on a limb there!!
It's gotten PAST the point of trusting ANYONE in government or any CEO/COO!
The Firefox alternative.
| |N3OGHYo Soy Col. "Bat" GuanoPremium
The bottom line... We've come to the point in time in our Republic where people in power are not to be trusted. People in power in the government, people in power in corporate America, all of them need to be considered liars first, until they've proven themselves otherwise.
The notion of it being a Republican vs Democrat, Liberal vs Conservative? that argument is dead. We need to be Americans first. The regime as it has evolved has evolved to be our enemy, and both parties have proven they can't be trusted.
It's the powerful vs rest of us. By powerful I'm not talking about local politicians, or Joe blow the FBI agent, or the local cops. They're in the same boat as the rest of us.
Congress, the Executive branch, the judiciary, and the upper echelons of corporate industry. These are the people that live in their own walled garden version of America....
I guarantee if you're posting here or reading this, you don't qualify as "being in power".
I don't know where we go from here. We certainly live in troubled times and I hope we can, as a people, overcome the divisiveness of the political class and rally around the core issues we can agree about.
America is not the meritocracy it once was. The notion puts me in a low place. I love the ideals this country was founded on, but I seriously doubt we can pull out of the tail spin we've entered. Not due to a certain politician, or group of politicians, but the notion that the political class has become the nemesis of the rest of us.
This is exactly what we WERE NOT supposed to be...
Petty people are disproportionally corrupted by petty power
Re: Mark Zuckerberg...
said by meeeeeeeeee:All in favor of this...
July 4th 2013, Day of National Outrage - Perform an act of civil disobedience.
IF people understand the true definition of civil disobedience.
"In seeking an active form of civil disobedience, one may choose to deliberately break certain laws, such as by forming a peaceful blockade or occupying a facility illegally"
This isn't blow shit up, or get all "Anarchist" and stuff.
It's publicly declaring to the gov't and all else who listen "I (your identity here) disagree with said Gov't policy XXX and bound by believe REFUSE to obey, AT MY OWN PERIL!
That is YOU are willing to stand in front or the tank or the bulldozer or gun the gov't sends but you refuse to obey the unlawful (in your opinion) order.
Once outed, they know who you are so this is a lifelong commitment and people throughout the world including this country have died, or been imprisoned for life for practicing it.
IF it is an act of conscience, you don't need to wait until independence day to start, if it is a violent act of retribution/anger/perversion, please choose another term and quietly 'off' your self at low tide on a hungry beach. (the ocean can probably absorb ONE more human error.)