dslreports logo
 story category
Once Again With Feeling: You Have Absolutely No Privacy Online
Former NSA Employee: Government Spies on Everything, Constantly

We've noted repeatedly how privacy technology discussions often have a bizarre and amusing lack of context, the press getting borderline hysterical about every NebuAD or CarrierIQ scandal, while ignoring that carriers and the government buy, sell and trade all user information daily with only a fleeting regard for law.

Time and time again we've seen folks come forward with evidence of carriers like AT&T, Sprint and Verizon simply dumping all live traffic in the government's lap in violation of law (which they simply change when they get caught).

AT&T employee Mark Klein gave evidence of this, and a slew of intelligence whistleblowers have since confirmed it repeatedly. In an interview with RT, NSA whistleblower William Binney is the latest to remind the public just how little privacy we actually have:

quote:
The Naris device, if it takes in the entire line, so it takes in all the data. In fact they advertised they can process the lines at session rates, which means 10-gigabit lines. I forgot the name of the device (it’s not the Naris) – the other one does it at 10 gigabits. That’s why they're building Bluffdale [database facility], because they have to have more storage, because they can’t figure out what’s important, so they are just storing everything there. So, emails are going to be stored there in the future, but right now stored in different places around the country. But it is being collected – and the FBI has access to it.
If you're not following along, what Binney is again confirming here is that major carriers have embedded hardware that gives the government access to all communications and voice data in real time.

The problem hasn't been getting carriers to hand over the data, adhering to law or getting access to lines, the problem for the NSA has been analyzing this maelstrom of data and picking out pertinent information. That's why the agency is building several giant warehouses packed with supercomputers to store and dissect their information treasure trove, just one of them being a $2 billion operation in Bluffdale, Utah.

This all seems fairly important to remember the next time someone gets bent out of shape because Facebook sold the fact you really like Eggs Benedict.
view:
topics flat nest 

battleop
join:2005-09-28
00000

battleop

Member

"You Have Absolutely No Privacy" - DUH!

DUH! I've never understood why anyone would expect privacy over a public network. I guess I assume there is no privacy because I remember a time when there was none on the interwebs.
jc10098
join:2002-04-10

jc10098

Member

Re: "You Have Absolutely No Privacy" - DUH!

Privacy is an illusion since Bush came in to office. The playing field has not only been level, it's been sodded, stripped, and painted. Bush opened Pandroa's box, and once politicians saw the powers given, none were willing to turn back.

Obama gave the NSA wiretapping program a blanket immunity. Did anyone expect him to reverse course of Bush's 9/11 Fearism tactics? Of course not. Once you give up rights, they are almost always gone or very hard to reclaim. Now, we're only going to see things get MUCH MUCH WORSE.

The media is too lackluster to care. Most of these giants own or are apart of the same establishments profiteering off the government spying efforts.

Et Al.

Time Warner
Cox
etc

battleop
join:2005-09-28
00000

battleop

Member

Re: "You Have Absolutely No Privacy" - DUH!

Privacy was an illusion before Bush came into office. It was during Bush's term that it became common knowledge
MyDogHsFleas
Premium Member
join:2007-08-15
Austin, TX

MyDogHsFleas to jc10098

Premium Member

to jc10098
said by jc10098:

Obama gave the NSA wiretapping program a blanket immunity.

No, the bill passed by Congress, signed by 2 presidents, and upheld by the courts, gave immunity for civil lawsuits to corporations who legally cooperated with the other provisions of the bill. There is no immunity to unlawful acts by corporations or the government.

KrK
Heavy Artillery For The Little Guy
Premium Member
join:2000-01-17
Tulsa, OK
Netgear WNDR3700v2
Zoom 5341J

KrK

Premium Member

Re: "You Have Absolutely No Privacy" - DUH!

Again with the splitting of hairs. The Telcos were given blanket immunity from CIVIL LAWSUITS regarding the formerly ILLEGAL actions of the Corporations and Government.

In effect complete immunity as a citizen cannot bring criminal charges vs anyone--- only a civil case.

End result: Everyone got away with it.
MyDogHsFleas
Premium Member
join:2007-08-15
Austin, TX

MyDogHsFleas

Premium Member

Re: "You Have Absolutely No Privacy" - DUH!

said by KrK:

Again with the splitting of hairs. The Telcos were given blanket immunity from CIVIL LAWSUITS regarding the formerly ILLEGAL actions of the Corporations and Government.

In effect complete immunity as a citizen cannot bring criminal charges vs anyone--- only a civil case.

End result: Everyone got away with it.

Almost correct. The actions were not "formerly illegal". They were legal, by definition. The 3 branches of government decide what is legal. Bill passed by congress, signed by 2 presidents, upheld by courts.

As a citizen you cannot bring criminal charges, correct. No matter how strongly you believe something is illegal, it's not your call. Except indirectly, by voting for your representatives. That's fundamental to our justice system. It's not "splitting hairs". How would you like it if some random guy could haul you into criminal court for whatever?

Unfortunately IMO there are many who hold that the "death by 1000 lawsuits" tactic is righteous when they believe their cause is just. I find it a shockingly inefficient way for a minority to try to impose its will.

KrK
Heavy Artillery For The Little Guy
Premium Member
join:2000-01-17
Tulsa, OK
Netgear WNDR3700v2
Zoom 5341J

KrK

Premium Member

Re: "You Have Absolutely No Privacy" - DUH!

said by MyDogHsFleas:

Almost correct. The actions were not "formerly illegal". They were legal, by definition. The 3 branches of government decide what is legal. Bill passed by congress, signed by 2 presidents, upheld by courts.

*Retroactively after the deeds were done*

Formerly illegal. Now, legal...

Lone Wolf
Retired
Premium Member
join:2001-12-30
USA

Lone Wolf to jc10098

Premium Member

to jc10098
said by jc10098:

Privacy is an illusion since Bush came in to office.

Which Bush? I always get confused when people say "It's Bush's fault" because I'm older and remember there were two Bushes. One of them was part of the beginning of the Information Superhighway.

I think it's this guy's fault:

Li Ka-shing:
New Ruler of the Information Superhighway

Global Crossing, Enron's evil twin, is about to be "rescued" by a Chinese billionaire with ties to the People's Liberation Army.
Why not? He already controls the Panama Canal. Will it threaten national security to have a Chinese company controlling the fiber-optic network our defense department uses to communicate and store data?
That's something we should be asking.


danclan
join:2005-11-01
Midlothian, VA

danclan

Member

So then encryption means nothing?

While I believe they are capturing some data, capturing it all is a bit far fetched. The sheer amount of data running across the wires these days is HUGE, ridiculously massive. Even the Federal government with all its resources just doesn't have the storage capacity to store it all. They would need tractor trailers full of disc drives daily to keep up with the volume of both encrypted and non-encrypted data flowing daily across the US alone.

I would also wonder about the state of encrypted data. Can it really be decoded so simply? Does Google et. al. just let government entities just capture and decode their encrypted data? Sorry, but call me skeptical of these claims and allegations.

Uncle Paul
join:2003-02-04
USA

Uncle Paul

Member

Re: So then encryption means nothing?

They capture all the data. Their current issue is storage. They can only keep the data for a certain period of time before they have to flush it due to storage constraints. That's the point of the new facility, to be able to keep the data for longer.

The idea was in the past if they needed a wire tap they would go to a judge to issue one, and once issued from that point forward they could listen in. Now, they have access to all the history too.
Killersaurus
join:2012-09-17

Killersaurus to danclan

Member

to danclan
said by danclan:

Does Google et. al. just let government entities just capture and decode their encrypted data? Sorry, but call me skeptical of these claims and allegations.

Ask youself how the FBI got access to General Petraeus' gmail account so quickly and easily. Nope, no collaboration there between Goog and the feds.
momus_98
join:2002-09-10
united state
·Google Fiber

momus_98

Member

Re: So then encryption means nothing?

said by Killersaurus:

Ask youself how the FBI got access to General Petraeus' gmail account so quickly and easily. Nope, no collaboration there between Goog and the feds.

Gen. Petraeus was the director of the CIA and held other high level positions. Not really the best example as he'd certainly be under far more scrutiny than the average citizen.

vpoko
Premium Member
join:2003-07-03
Boston, MA

vpoko

Premium Member

Re: So then encryption means nothing?

He was still using the same email service as us non-CIA directors. So the government can get your email if they want it, you're just hoping they don't want yours.
Wilsdom
join:2009-08-06

Wilsdom to danclan

Member

to danclan
I imagine they can filter and compress the amount of data down quite a bit since most of it is redundant or obviously irrelevant. "Persons of interest" or persons who match certain patterns can be targeted for the most intensive data gathering, and corporations would cooperate willingly, though they probably don't need to be asked

vpoko
Premium Member
join:2003-07-03
Boston, MA

vpoko to danclan

Premium Member

to danclan
Of course they do. Now end-to-end encryption (where the carrier has no access to the key) is different, and probably much more secure.

morbo
Complete Your Transaction
join:2002-01-22
00000

morbo to danclan

Member

to danclan
Google email isn't encrypted. It is unencrypted despite using encryption transport technologies like SSL. Unless you and your communication partner both use encryption systems and techniques, everything is clearly available for the government to view provided they fill out the proper forms, pay the processing fee, etc. Google isn't alone in this sense. All providers (AT&T, Verizon, Sprint, Comcast, etc.) will give the authorities access to your information stored on their systems if requested by a law enforcement agency and the proper steps are followed.

Privacy is an illusion unless you create your own privacy.

Snakeoil
Ignore Button. The coward's feature.
Premium Member
join:2000-08-05
united state

Snakeoil to danclan

Premium Member

to danclan
quote:
Does Google et. al. just let government entities just capture and decode their encrypted data? Sorry, but call me skeptical of these claims and allegations.

Back doors are built into these programs and the key is given to the feds. No hacking needed. The fed enters the "master key' and everything is easy to read.
19579823 (banned)
An Awesome Dude
join:2003-08-04

19579823 (banned) to danclan

Member

to danclan
quote:
So then encryption means nothing?
I dont see how they can read that,and THIS!!! (this message) on demand like that........

lordfly
join:2000-10-12
Homestead, FL

lordfly

Member

Backups

Considering this vast amount of data, I figure they will have to forego standard backup procedures. About the best they could do is do real cloning between centers. I don't want to do the math, but a Petabyte storage device would fill up rather quickly. I can see drive space manufacturers making a ton of dough from this little adventure. Maybe new technology will come out of this.

We shall see how far this goes. It is dangerous to store that much information.
Killersaurus
join:2012-09-17

Killersaurus

Member

Look at Petraeus

If what happened to the director of the CIA wasn't a wakeup call to everyone, then they're going to stay asleep. The FBI cracked his gmail account with obviously no effort and without there being any evidence of an actual crime taking place. There was no legal support for what they did and yet they were able to get full access to not only his personal account, but to his mistress's. I may have read one article about the implications of this ability shown off by the FBI, but everyone else was too interested in the sex scandal to even notice.
Wilsdom
join:2009-08-06

Wilsdom

Member

Re: Look at Petraeus

And that was the FBI, which needs to at least appear to be following procedures and regulations when it wants to build a case for court. The NSA does not need to worry about oversight

KrK
Heavy Artillery For The Little Guy
Premium Member
join:2000-01-17
Tulsa, OK
Netgear WNDR3700v2
Zoom 5341J

KrK to Killersaurus

Premium Member

to Killersaurus
said by Killersaurus:

The FBI cracked his gmail account with obviously no effort and without there being any evidence of an actual crime taking place.

All that is perfectly legal now.
MTU
Premium Member
join:2005-02-15
San Luis Obispo, CA

MTU

Premium Member

Privacy

When 'amateurs' can crack it easily....

»arstechnica.com/security ··· 6-hours/

danclan
join:2005-11-01
Midlothian, VA

2 edits

danclan

Member

Re: Privacy

said by MTU:

When 'amateurs' can crack it easily....

»arstechnica.com/security ··· 6-hours/

This has nothing to do with data streams but with offline hash attacks......e.g. someone hacked and stole user account data and and wants to brute force attack.

1024/2048bit key encryption is far harder and as yet have not been broken. The minimum bit length today is 2048 for keys.

Your data can also be easily protected if you use AES-256 to encrypt and send anything as I don't believe its been shown to be broken yet either.

The complicated issue regarding warrants and searches is somewhat addressed here:
»www.reuters.com/article/ ··· 20121117

pende_tim
Premium Member
join:2004-01-04
Selbyville, DE

1 recommendation

pende_tim

Premium Member

So Who..

So who should I contact to get back that e-mail is mistakenly deleted yesterday?
Wilsdom
join:2009-08-06

1 recommendation

Wilsdom

Member

Re: So Who..

Sorry, you don't have the security clearance to access your email.

Twaddle
@sbcglobal.net

Twaddle

Anon

NO Privacy

No American citizen has complete privacy If you have a cell phone, use the internet pay taxes have credit or been arrested or a host of other tie-ins. If the Federal or State govt wants information they will get it, with or without a warrant, the Constitution means nothing if you have generated enough concern or interest. That's not to say you can't escape but it's hard.
My brother lived basically undetected for years (Evidently the Feds wanted him for something) but had to use alias no credit cards, no bank accounts but died a penniless pauper and would have been buried in public mass burial if he hadn't revealed who he was before he died. Death is about the only way you will get any true privacy.

Packeteers
Premium Member
join:2005-06-18
Forest Hills, NY
Asus RT-AC3100
(Software) Asuswrt-Merlin

Packeteers

Premium Member

do non-USA outlet VPNs defeat this?

if you are on a VPN that outlets to Europe using an OpenVPN client and keep SSL intact during browsing, would that prevent the US government from accumulating all your online activity? sure that outlet country could have it (and find you if they could get the vpn provider to give them your mac address), but it seems only USA is still post-9/11 hysterical enough to bother.

anondude
@centurytel.net

anondude

Anon

Re: do non-USA outlet VPNs defeat this?

said by Packeteers:

if you are on a VPN that outlets to Europe using an OpenVPN client and keep SSL intact during browsing, would that prevent the US government from accumulating all your online activity? sure that outlet country could have it (and find you if they could get the vpn provider to give them your mac address), but it seems only USA is still post-9/11 hysterical enough to bother.

VPN cant save you from the government cause they can setup a honey pot. People like to think they have security and everything's private but really you cant hide behind tor or VPN if the government is REALLY looking for you.

Packeteers
Premium Member
join:2005-06-18
Forest Hills, NY
Asus RT-AC3100
(Software) Asuswrt-Merlin

Packeteers

Premium Member

Re: do non-USA outlet VPNs defeat this?

that really was not my point.

the question is - does a non-usa outlet vpn circumvent the usa from accumulating all your usual data traffic, since they can still capture all your data packets coming off your mac address, but it will be SSL encrypted AND vpn encrypt jacketed jibberish, not something they could easially keyword search or catalog about you.

not - does it prevent a determined security agency from finding you out.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS to Packeteers

MVM

to Packeteers
said by Packeteers:

if you are on a VPN that outlets to Europe using an OpenVPN client and keep SSL intact during browsing, would that prevent the US government from accumulating all your online activity?

Bits is bits, encrypted, or not. If the bits traverse U.S. carrier networks, they get scarfed up.

danclan
join:2005-11-01
Midlothian, VA

danclan

Member

Re: do non-USA outlet VPNs defeat this?

said by NormanS:

said by Packeteers:

if you are on a VPN that outlets to Europe using an OpenVPN client and keep SSL intact during browsing, would that prevent the US government from accumulating all your online activity?

Bits is bits, encrypted, or not. If the bits traverse U.S. carrier networks, they get scarfed up.

getting scarfed up being able to read. They would have gigabits of encrypted traffic that they would have to decrypt somehow and right quick if they want anything useful in a meaningful time frame to be able to act on it....

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS

MVM

Re: do non-USA outlet VPNs defeat this?

said by danclan:

getting scarfed up being able to read.

How do you figure? (My first read put an, "is" in your comment; made more sense that way. Not sure, on re-read, what you are saying.)

They would have gigabits of encrypted traffic that they would have to decrypt somehow and right quick if they want anything useful in a meaningful time frame to be able to act on it....

Doesn't stop them from collecting, and storing, the bits. The bits might not be intelligible, but they've got bits by the petabyte.
axus
join:2001-06-18
Washington, DC

axus

Member

The lack of transparency / illegality bothers me more

The potential loss of privacy is bad. This should be guaranteed by 4th amendment rights. What bothers me even more, is how this happens without any law passed. It's a bypass of democracy, to violate our rights, with no accountability. W Bush approved it, and Obama did not fix it. There are a few senators who tried to do something, but not enough people are on our side.

It doesn't matter if the intent is good now. It's only a matter of time before this illegal power is used to control the political process as well.

WiseOldBear
Laissez les bons temps rouler!
Premium Member
join:2001-11-25
Litchfield Park, AZ
Motorola MB8600
Synology RT2600ac

WiseOldBear

Premium Member

And the answer is

This is why as a total population we need to be including some derogatory drivel in each phone conversation/email/whatever. Flood the data files with comments on our "leaders" dress, eating habits, bad habits, propensity to engage in disgusting practices and so on. If nothing else we can feel good about the "last great gesture of defiance" towards those who misuse their power under the guise of "protecting" we the citizens. In this case, lets grind the bastards down!

MrPrivacy
@sterlingstudents.net

MrPrivacy

Anon

Attaining online privacy is inconvenient

That's one of the primary reasons that the average individual does not have it. I launched a site in '09 that provides end-to-end encryption of threaded messages and files. I believed that there was an unsatisfied demand for electronic communication protection. I was wrong. Although many say they want it, most are not willing to do anything different to get it. They want all the free stuff they use to change instead. ThreadThat dot com is still available today. It is ad-free and cost-free and I continue to support it because I believe you should have a choice.

meeeeeeeeee
join:2003-07-13
Newburgh, NY

1 edit

meeeeeeeeee

Member

Re: Attaining online privacy is inconvenient

Hey! Mr. P. How long you been with NSA now? Almost ready to retire no? JUST KIDDING. People just don't CARE about privacy, and they really haven't HAD any for a long long time. "Your Rights" and "Your Freedoms" have all been nothing but a joke for decades.

Many, many, MANY years ago when I was in my early-mid 20's and dinosaurs walked the Earth... before PC's were even thought of, I responded for a job at a 3 letter agency that was advertised in the New York Times. It was NOT a spook job... just a Computer Center Supervisor for said agency. I knew I'd have to get a clearance and knew how crazy that could be because my elder brother already had gone through that (almost got evicted from his apartment because the Feds that came to his landlady to ask about him "forgot" to say it was for a security clearance)... but what the heck.

I arrived at the INTERVIEW to be greeted by a man sitting behind a desk on which there was a 5 inch thick file. I was in my 20's... had gone to school, not very political at all....was a geek, and yet this agency had a 5 inch thick file ON ME!!! They knew WHO I got SNAIL MAIL FROM!!! THEY HAD DATES!!!

OK, perhaps at the age of 16 I had brought SOME of this on myself. I used to be into short wave radio and send away to stations for QSL cards, a nice postcard that stations around the world would send you if you sent them information about their programming at a certain time and some technical info. I wallpapered my room with them, so I got routine mail from Radio Havana, Radio Moscow and Radio Peking, because as an American, once they got your name, they NEVER LET GO.

So people, "your rights", "your freedoms", disappeared LONG before all the Presidents you speak of. I doubt that they were much more than the "Party Line", propaganda for longer than any of us has walked this Earth. People now have just been trained to be too stupid to CARE, to understand the implications. If you really THINK there is a "GOOD GUY", you're delusional.

JohnInSJ
Premium Member
join:2003-09-22
Aptos, CA

JohnInSJ

Premium Member

no need for the online modifier

You can always check out of society and live in a hut somewhere. They you can have privacy. Otherwise, not so much.

Camaro
Question everything
Premium Member
join:2008-04-05
Westfield, MA

Camaro

Premium Member

We still have privacy

It's called 2 tin cans and a string.
hgraul
join:2005-12-04
Saint Louisville, OH

hgraul

Member

Hey! It's on TV

And people think "Person of Interest" is made up. Maybe a bit over blown, but I'm thinking not made up.
15444104 (banned)
join:2012-06-11

1 recommendation

15444104 (banned)

Member

Dems or Reps, same difference..NO difference!

The fact is that BOTH major US political parties are nothing more than shills for special interests, especially Israeli interests...
Most of the significant information gathering outfits that collect data from the US telephone cos are located or HQ'd in "Israel" or are owned by partisan jewish interests.

The only person freedom and liberty loving American should have voted for is Virgil Goode, the Constitutional Party candidate.

Problem is that the elections are rigged.
HeadSpinning
MNSi Internet
join:2005-05-29
Windsor, ON

HeadSpinning

Member

Re: Dems or Reps, same difference..NO difference!

Serious tin foil hat. the "data collection" companies you're talking about are outsourced billing providers. The telephone companies choose to use them.

Brendan
Warr Guitar
join:2000-07-14
Portland, OR

Brendan

Member

Privacy

Privacy has been dead since the commercialization of the telephone.
cog_biz_user
i ruin threads apparently
join:2011-04-19

cog_biz_user

Member

copyright infringment?

I wonder, if they're storing everyone's internet data, that must mean they're also storing pirated content... Someone should alert the MPAA.

EGeezer
Premium Member
join:2002-08-04
Midwest

EGeezer

Premium Member

Dichotomy

It seems they don't have the money to build out internet to under-served areas, but have plenty of money to build 10GB lines to dump and store our data.