The heavily fortified $2 billion center should be up and running in September 2013. Flowing through its servers and routers and stored in near-bottomless databases will be all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital "pocket litter."
http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1
I'm not sure which is more horrifying - the body of the article or the pro-government comments on it. I may have my tinfoil hat on, but I wouldn't be surprised if at least some of the pro-government commenters are being paid/ordered to post pro-government comments. The comments by the user "das" are particularly "interesting" in that regard. (If you click on the link in his username, you'll see his bio - he just so happens to work currently as an Information Warfare Officer in the US Navy.)
The keyboard is mightier than the gun.
Non parit potestas ipsius auctoritatem.
Voluntaryism Forum
Nah, even the government realizes that they would be stupid to post that information on the site ("he just so happens to work currently as an Information Warfare Officer in the US Navy.)").
That information isn't posted on Wired.com explicitly - it's on an external bio page of the commenter "das".
I've speculated on this subject before and I think this is symptomatic of the NSA's true strategy - weaken popular security practices and intercept en masse. They can't break the strongest encryption algorithms. Their solution is to lull the public into a false sense of security in storing and transmitting their data in the clear.
Hardcore cryptanalytic work is reserved exclusively for high-value, time-sensitive data. Cryptanalysis of legacy cryptographic algorithms moves at a slower pace and probably lags a couple decades. Potentially high-value, encrypted information is placed in cold storage until cryptanalytic methods and computational efficiency makes cryptanalysis feasible.
Strategic storage of encrypted data can also be combined with eavesdropping (electronic, digital, audible, infiltration etc.) to break very high-value, time-sensitive encrypted information. Follow path of least resistance.
And anyone who thinks that "government bureaucracy" will snarl up the NSA and keep it from efficiently collecting and breaking people's data is naive in the extreme. The State is the organization that uses war instead of exchange to secure revenues for itself and the NSA's job is the informational component of warfare.
Clayton -
Honesty, I didn't read the article. I just read and copied the post made on some other forum.
Have you read it yet? If not, I definitely suggest doing so.
Well I got through this huge article. Nothing here really surprised me. Didn't bother reading the comments. I think this part sums it up:
Sitting in a restaurant not far from NSA headquarters, the place where he spent nearly 40 years of his life, Binney held his thumb and forefinger close together. “We are, like, that far from a turnkey totalitarian state,"
Apparently there is a new type of war between the code breakers and code makers. The NSA won't admit defeat. The new datacenter is their answer.
Measured in practical terms, the code-breakers are winning. Sure, they've lost the mathematical battle but so what? They can still bypass most security and access most secrets they want to get ahold of. The true art of intelligence is the art of war... following the path of least-resistance, the path of greatest weakness.
I was quite surprised by the reaction to my post on the Utah Data Center being built for the National Security Agency. It appears the center will be a depository for complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital “pocket litter.” The reaction from many readers was one of unconcern, with the general thought being that it is too much data to look through. However, my concern is more with the ability to "look back" at conversations and emails of the past that you, at the time, thought were harmless. Consider this report about Goldman Sachs, today: [...]
@JJ: Precisely. Anyone who has been involved with a lawsuit understands that the phrase "anything you say can and will be used against you" isn't only used by the State. Records about your activities, thoughts, words, etc. can all be used against you in a court of law if they meet the rules of admissability and the plaintiff has found a way to make use of them. If the plaintiff is the State (likely a criminal case), the consequences could mean prison time, not just monetary awards. But, again, most people underestimate just how much risk they stand in of being hit with a crippling monetary award.
Every photo you post on facebook can potentially be used to establish your lifestyle, habits, specific locations, etc. It can be used to make facts you present about yourself seem less believable, thus rendering your claims moot even if you have evidence to back them up. And those are just the photos you choose to make public. Imagine you are falsely accused of sexual assault and the State has accessed your browser history. If you're like most men, there's almost certainly a history of porn websites that you've visited. So now you're a dirty pervert who watches porn and just one hour later you were at a bar where you are now accused of committing sexual assault. Who is the juror going to believe? The poor, sullied woman or the dirty, provably-porn-browsing pervert?
People's apathy never ceases to amaze me.
Also the USPS photocopies the front of every piece of delivered "snail" mail. So, to maintain privacy, you should write the return address on the back of the envelope.
The user "das" has a paper on his military credential on that page:
https://docs.google.com/viewer?url=www.public.navy.mil/bupers-npc/officer/Detailing/IDC_FAO/IW/Documents/1810_Community_Info_Sheet.doc&pli=1
Notice the only picture on the document covers up a crucial part of text in the "Mission" section (It could have a different title as well).
@Aristophanes: Ctl+C is your friend... :-P
Mission: IW officers create warfighting options for Fleet Commanders to fight and win in the information age. IWOs deliver and operate a reliable, secure and battle-ready global network, and lead in the development and integration of IO capabilities into the Fleet. Guiding Principles: (1) Warfare Competency: IWOs lead Navy Information Warfare (IW) missions by employing a thorough understanding of the tenets of IO, sensor/weapons, national systems’ capabilities and limitations, and know how to optimally use all IO resources to for “effects- based” warfare. IWOs develop tactics, techniques and procedures to realize tactical, strategic and business advantages afloat and ashore.
(Obscured text bolded)
Some old news - "Library of Congress to house Twitter data":
http://www.bizjournals.com/sanfrancisco/stories/2010/04/12/daily46.html
From my blog, Sunday, January 2, 2011:
WSREP - Widespread Surveillance Resistant Email Protocol
I had an idea while showering today. I was thinking of how hashcash forces would-be spammers to expend considerable computation effort if they want to spam email servers that use hashcash. This imposes a dollars-and-cents barrier on spamming. This got me to thinking about the fact that, even today, the vast majority of email communications are sent in the clear. If the NSA or Mossad or fill-in-the-blank intelligence agency wants to engage in widespread, ECHELON-style surveillance of emails, the fact that they are sent in unmasked text is a great assistance to the would-be eavesdroppers.
Ideally, people might encrypt all communications but it turns out that encryption has a lot of overhead problems. The most significant problem with encryption is key management. If you send me an email and I've lost or misplaced the key, I can't read it. And this brings me to WSREP - Widespread Surveillance-Resistant Email Protocol!
Basically, WSREP is implemented by encrypting emails and sending almost all of the key along with the email. The WSREP email reader then makes repeated, blind guesses at the missing bits of the key until it gets it right and then decrypts the email into plaintext on the client end. The obvious choice of encryption algorithm would be AES, since that is the new "official" encryption standard.
Let's say Alice wants to send Bob an email. She first types it up, then her WSREP-compliant email client prepends a clever check-phrase like "4thamendment4eva", then chooses a random 128-bit key and encrypts the body of Alice's email. It then chops off, say, 20 bits of the key and transmits the email with the 108-bit key to Bob. Bob's WSREP-compliant email client receives the mail and then begins randomly guessing the missing 20 bits until it gets those bits right (as indicated by successfully decrypting the check-phrase). The number of bits which are dropped should be chosen such that this process takes significantly less than a second on an average computer, say, 250ms. After the key has been guessed, the client decrypts the email, removes the cheesy, clever check-phrase and then displays the email to Bob. If SMTP is extensible, you might be able to implement this protocol with zero changes to email servers.
Now, let's say you're the NSA and you want to read everyone's email without exception. Granted, WSREP-masked emails are logically equivalent to plaintext since they're being transmitted with almost all of the key. The difference, however, is that the NSA must expend the same computational effort as anybody else to guess the missing bits, even if the NSA has "broken" the encryption algorithm in use. This puts a nice dollars-and-cents limit on the number of emails which the NSA can open and read, all while avoiding the nasty complexities of key management and the other difficulties of traditional encryption.
I thought it was a good idea. Hopefully someone out there who knows something about email clients sees this and agrees.
WSREP would automatically provide anti-spam filtering since spammers will be loathe to expend the computational time and power required to encrypt their spam mails.
Link to your blog please. :)
Wibee:Link to your blog please. :)
See here.